Move websites to new secrets

[perso/Immae/Config/Nix.git] / nixops / modules / websites / chloe / chloe.nix

diff --git a/nixops/modules/websites/chloe/chloe.nix b/nixops/modules/websites/chloe/chloe.nix
index 0861cdf69c326b51b176c59c06fed63bcc89b703..e2381d83e92ba44f932b42b81c315c7fc913f2e8 100644 (file)
--- a/nixops/modules/websites/chloe/chloe.nix
+++ b/nixops/modules/websites/chloe/chloe.nix
@@ -3,7 +3,7 @@ let
   chloe = { config }: rec {
     environment = config.environment;
     phpFpm = rec {
-      serviceDeps = [ "mysql.service" "${environment}-chloe-key.service" ];
+      serviceDeps = [ "mysql.service" ];
       socket = "/var/run/phpfpm/chloe-${environment}.sock";
       pool = ''
         listen = ${socket}
@@ -28,8 +28,8 @@ let
         pm.max_spare_servers = 3
         ''}'';
     };
-    keys."${environment}-chloe" = {
-      destDir = "/run/keys/webapps";
+    keys = [{
+      dest = "webapps/${environment}-chloe";
       user = apache.user;
       group = apache.group;
       permissions = "0400";
@@ -48,7 +48,7 @@ let
         SetEnv SPIP_MYSQL_USER     "${config.mysql.user}"
         SetEnv SPIP_MYSQL_PASSWORD "${config.mysql.password}"
       '';
-    };
+    }];
     apache = rec {
       user = "wwwrun";
       group = "wwwrun";
@@ -56,7 +56,7 @@ let
       webappName = "chloe_${environment}";
       root = "/run/current-system/webapps/${webappName}";
       vhostConf = ''
-        Include /run/keys/webapps/${environment}-chloe
+        Include /var/secrets/webapps/${environment}-chloe
 
         RewriteEngine On
         ${if environment == "prod" then ''