Move secrets to flakes

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / ldap.nix

diff --git a/modules/private/websites/tools/tools/ldap.nix b/modules/private/websites/tools/tools/ldap.nix
index 0c1a21f9a0c768fb4f9500a7ed2ca4722056e1b4..cb90edc5f54f40bcd010eff6fef1f4617384e575 100644 (file)
--- a/modules/private/websites/tools/tools/ldap.nix
+++ b/modules/private/websites/tools/tools/ldap.nix
@@ -1,4 +1,4 @@
-{ lib, php, env, writeText, phpldapadmin }:
+{ lib, php, env, writeText, phpldapadmin, config }:
 rec {
   activationScript = {
     deps = [ "httpd" ];
@@ -32,7 +32,7 @@ rec {
       $servers->setValue('login','fallback_dn',true);
       '';
   }];
-  webRoot = phpldapadmin.override { config = "/var/secrets/webapps/tools-ldap"; };
+  webRoot = phpldapadmin.override { config = config.secrets.fullPaths."webapps/tools-ldap"; };
   apache = rec {
     user = "wwwrun";
     group = "wwwrun";
@@ -54,7 +54,7 @@ rec {
   };
   phpFpm = rec {
     serviceDeps = [ "openldap.service" ];
-    basedir = builtins.concatStringsSep ":" [ webRoot "/var/secrets/webapps/tools-ldap" ];
+    basedir = builtins.concatStringsSep ":" [ webRoot config.secrets.fullPaths."webapps/tools-ldap" ];
     pool = {
       "listen.owner" = apache.user;
       "listen.group" = apache.group;