Move Aten and Connexionswing secrets to secure location

[perso/Immae/Config/Nix.git] / nixops / modules / websites / aten / default.nix

diff --git a/nixops/modules/websites/aten/default.nix b/nixops/modules/websites/aten/default.nix
index 41c22cec46790e419273a7976061b511a1b3bfd6..776a02e7e2c5caa1e26df5455af516c0ba0522b5 100644 (file)
--- a/nixops/modules/websites/aten/default.nix
+++ b/nixops/modules/websites/aten/default.nix
@@ -1,6 +1,6 @@
 { lib, pkgs, config, myconfig, mylibs, ... }:
 let
-    aten = pkgs.callPackage ./aten.nix { inherit (mylibs) fetchedGitPrivate; };
+    aten = pkgs.callPackage ./aten.nix { inherit (mylibs) fetchedGitPrivate yarn2nixPackage; };
     aten_dev  = aten {
       config = myconfig.env.websites.aten.integration;
     };
@@ -25,6 +25,7 @@ in {
 
   config = lib.mkMerge [
     (lib.mkIf cfg.production.enable {
+      deployment.keys = aten_prod.keys;
       services.myWebsites.commons.stats.enable = true;
       services.myWebsites.commons.stats.sites = [
         {
@@ -56,6 +57,7 @@ in {
       };
     })
     (lib.mkIf cfg.integration.enable {
+      deployment.keys = aten_dev.keys;
       security.acme.certs."eldiron".extraDomains."dev.aten.pro" = null;
       services.myPhpfpm.poolConfigs.aten_dev = aten_dev.phpFpm.pool;
       system.activationScripts.aten_dev = aten_dev.activationScript;