Move secrets to flakes

[perso/Immae/Config/Nix.git] / modules / private / websites / tools / tools / wallabag.nix

diff --git a/modules/private/websites/tools/tools/wallabag.nix b/modules/private/websites/tools/tools/wallabag.nix
index 1cb064551af9f77d54d614b3ff82540789433546..1a604c7e766f1777acb12e2375937f6819f8b60c 100644 (file)
--- a/modules/private/websites/tools/tools/wallabag.nix
+++ b/modules/private/websites/tools/tools/wallabag.nix
@@ -1,4 +1,4 @@
-{ env, wallabag, mylibs }:
+{ env, wallabag, mylibs, config }:
 rec {
   backups = {
     rootDir = varDir;
@@ -69,7 +69,7 @@ rec {
               arguments: ['/run/wrappers/bin/sendmail -bs']
       '';
   }];
-  webappDir = wallabag.override { ldap = true; wallabag_config = "/var/secrets/webapps/tools-wallabag"; };
+  webappDir = wallabag.override { ldap = true; wallabag_config = config.secrets.fullPaths."webapps/tools-wallabag"; };
   activationScript = ''
     install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
       ${varDir}/var ${varDir}/data/db ${varDir}/assets/images
@@ -125,11 +125,11 @@ rec {
         /run/wrappers/bin/sudo -u wwwrun ./bin/console --env=prod doctrine:migrations:migrate --no-interaction
         popd > /dev/null
         echo -n "${webappDir}" > ${varDir}/currentWebappDir
-        sha512sum /var/secrets/webapps/tools-wallabag > ${varDir}/currentKey
+        sha512sum ${config.secrets.fullPaths."webapps/tools-wallabag"} > ${varDir}/currentKey
       fi
     '';
     serviceDeps = [ "postgresql.service" "openldap.service" ];
-    basedir = builtins.concatStringsSep ":" [ webappDir "/var/secrets/webapps/tools-wallabag" varDir ];
+    basedir = builtins.concatStringsSep ":" [ webappDir config.secrets.fullPaths."webapps/tools-wallabag" varDir ];
     pool = {
       "listen.owner" = apache.user;
       "listen.group" = apache.group;