Move tools to new secrets location

[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / yourls.nix

diff --git a/nixops/modules/websites/tools/tools/yourls.nix b/nixops/modules/websites/tools/tools/yourls.nix
index 390dabe081e82ccf8a9c45311d82ead0e3eb0782..470fb7bd6e4db2f03380a55445b77c8cbbbfa45f 100644 (file)
--- a/nixops/modules/websites/tools/tools/yourls.nix
+++ b/nixops/modules/websites/tools/tools/yourls.nix
@@ -13,8 +13,8 @@ let
     activationScript = ''
       install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/yourls
     '';
-    keys.tools-yourls = {
-      destDir = "/run/keys/webapps";
+    keys = [{
+      dest = "webapps/tools-yourls";
       user = apache.user;
       group = apache.group;
       permissions = "0400";
@@ -46,13 +46,13 @@ let
 
         define( 'LDAPAUTH_USERCACHE_TYPE', 0);
       '';
-    };
+    }];
     webRoot = stdenv.mkDerivation (fetchedGithub ./yourls.json // rec {
       installPhase = ''
         mkdir -p $out
         cp -a */ *.php $out/
         cp sample-robots.txt $out/robots.txt
-        ln -sf /run/keys/webapps/tools-yourls $out/includes/config.php
+        ln -sf /var/secrets/webapps/tools-yourls $out/includes/config.php
         ${builtins.concatStringsSep "\n" (
           lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/user/plugins/${name}") plugins
         )}
@@ -85,9 +85,9 @@ let
         '';
     };
     phpFpm = rec {
-      serviceDeps = [ "mysql.service" "openldap.service" "tools-yourls-key.service" ];
+      serviceDeps = [ "mysql.service" "openldap.service" ];
       basedir = builtins.concatStringsSep ":" (
-        [ webRoot "/run/keys/webapps/tools-yourls" ]
+        [ webRoot "/var/secrets/webapps/tools-yourls" ]
         ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
       socket = "/var/run/phpfpm/yourls.sock";
       pool = ''