]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - nixops/modules/task/default.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Move etherpad mastodon mediagoblin task and peertube to new secrets
[perso/Immae/Config/Nix.git] / nixops / modules / task / default.nix
diff --git a/nixops/modules/task/default.nix b/nixops/modules/task/default.nix
index 2001eaa7d1ed34e640d0f4c9c0047ee7d650f568..9671725b7f9f4d38f08a0ad35e134562ad0ad6ae 100644 (file)
--- a/nixops/modules/task/default.nix
+++ b/nixops/modules/task/default.nix
@@ -87,8 +87,8 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    deployment.keys.tools-taskwarrior-web = {
-      destDir = "/run/keys/webapps";
+    mySecrets.keys = [{
+      dest = "webapps/tools-taskwarrior-web";
       user = "wwwrun";
       group = "wwwrun";
       permissions = "0400";
@@ -101,7 +101,7 @@ in {
           SetEnv TASKD_LDAP_BASE     "${env.ldap.base}"
           SetEnv TASKD_LDAP_FILTER   "${env.ldap.search}"
         '';
-    };
+    }];
     security.acme.certs."eldiron".extraDomains.${fqdn} = null;
     services.myWebsites.tools.modules = [ "proxy_fcgi" "sed" ];
     services.myWebsites.tools.vhostConfs.task = {
@@ -116,7 +116,7 @@ in {
           <FilesMatch "\.php$">
             SetHandler "proxy:unix:/var/run/phpfpm/task.sock|fcgi://localhost"
           </FilesMatch>
-          Include /run/keys/webapps/tools-taskwarrior-web
+          Include /var/secrets/webapps/tools-taskwarrior-web
         </Directory>
         ''
         ''
My infrastructure configuration