Squash changes containing private information

[perso/Immae/Config/Nix.git] / systems / eldiron / databases / default.nix

diff --git a/modules/private/databases/default.nix b/systems/eldiron/databases/default.nix
similarity index 82%
rename from modules/private/databases/default.nix
rename to systems/eldiron/databases/default.nix
index 1241658a18574846a057ca06b68d444a42db25f3..d8d3048787b64bd76d1551e07f7e16aaf876d58e 100644 (file)
--- a/modules/private/databases/default.nix
+++ b/systems/eldiron/databases/default.nix
@@ -1,16 +1,15 @@
-{ lib, config, nodes, ... }:
+{ lib, config, secrets, ... }:
 let
   cfg = config.myServices.databases;
 in
 {
   options.myServices = {
     databases.enable = lib.mkEnableOption "my databases service";
-    databasesCerts = lib.mkOption {
-      description = "Default databases configurations for certificates as accepted by acme";
-    };
   };
 
+  config.myServices.dns.zones."immae.eu".subdomains.db-1 = lib.mkIf cfg.enable (with config.myServices.dns.helpers; ips servers.eldiron.ips.main);
   config.myServices.databases = lib.mkIf cfg.enable {
+
     mariadb = {
       enable = true;
       ldapConfig = {
@@ -25,7 +24,7 @@ in
     };
 
     openldap = {
-      accessFile = ../../../nixops/secrets/ldap.conf;
+      accessFile = secrets.ldap-conf;
       baseDn = config.myEnv.ldap.base;
       rootDn = config.myEnv.ldap.root_dn;
       rootPw = config.myEnv.ldap.root_pw;
@@ -45,7 +44,7 @@ in
       };
       replicationHosts = {
         backup-2 = {
-          ip4 = [config.myEnv.servers.backup-2.ips.main.ip4];
+          ip4 = config.myEnv.servers.backup-2.ips.main.ip4;
           ip6 = config.myEnv.servers.backup-2.ips.main.ip6;
         };
       };