]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - virtual/modules/websites/tools/mastodon/mastodon.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove use of environment variables
[perso/Immae/Config/Nix.git] / virtual / modules / websites / tools / mastodon / mastodon.nix
diff --git a/virtual/modules/websites/tools/mastodon/mastodon.nix b/virtual/modules/websites/tools/mastodon/mastodon.nix
index e948852bec98c5a50902fb625c3fa3339687f3e1..463de1cce883f7215816cb262fe02e332df0ac76 100644 (file)
--- a/virtual/modules/websites/tools/mastodon/mastodon.nix
+++ b/virtual/modules/websites/tools/mastodon/mastodon.nix
@@ -1,4 +1,4 @@
-{ checkEnv, fetchedGithub, stdenv, writeText, pkgs, cacert }:
+{ env, fetchedGithub, stdenv, writeText, pkgs, cacert }:
 let
   varDir = "/var/lib/mastodon_immae";
   socketsDir = "/run/mastodon";
@@ -21,35 +21,26 @@ let
       jemalloc which postgresql python3 cacert
     ];
   });
-  config =
-      assert checkEnv "NIXOPS_MASTODON_DB_PASS";
-      assert checkEnv "NIXOPS_MASTODON_PAPERCLIP_SECRET";
-      assert checkEnv "NIXOPS_MASTODON_SECRET_KEY_BASE";
-      assert checkEnv "NIXOPS_MASTODON_OTP_SECRET";
-      assert checkEnv "NIXOPS_MASTODON_VAPID_PRIVATE_KEY";
-      assert checkEnv "NIXOPS_MASTODON_VAPID_PUBLIC_KEY";
-      assert checkEnv "NIXOPS_MASTODON_OTP_SECRET";
-      assert checkEnv "NIXOPS_MASTODON_LDAP_PASSWORD";
-      writeText "mastodon_environment" ''
+  config = writeText "mastodon_environment" ''
     REDIS_HOST=localhost
     REDIS_PORT=6379
     REDIS_DB=13
     DB_HOST=/run/postgresql
     DB_USER=mastodon
     DB_NAME=mastodon
-    DB_PASS=${builtins.getEnv "NIXOPS_MASTODON_DB_PASS"}
+    DB_PASS=${env.postgresql.password}
     DB_PORT=5432
 
     LOCAL_DOMAIN=mastodon.immae.eu
     LOCAL_HTTPS=true
     ALTERNATE_DOMAINS=immae.eu
 
-    PAPERCLIP_SECRET=${builtins.getEnv "NIXOPS_MASTODON_PAPERCLIP_SECRET"}
-    SECRET_KEY_BASE=${builtins.getEnv "NIXOPS_MASTODON_SECRET_KEY_BASE"}
-    OTP_SECRET=${builtins.getEnv "NIXOPS_MASTODON_OTP_SECRET"}
+    PAPERCLIP_SECRET=${env.paperclip_secret}
+    SECRET_KEY_BASE=${env.secret_key_base}
+    OTP_SECRET=${env.otp_secret}
 
-    VAPID_PRIVATE_KEY=${builtins.getEnv "NIXOPS_MASTODON_VAPID_PRIVATE_KEY"}
-    VAPID_PUBLIC_KEY=${builtins.getEnv "NIXOPS_MASTODON_VAPID_PUBLIC_KEY"}
+    VAPID_PRIVATE_KEY=${env.vapid.private}
+    VAPID_PUBLIC_KEY=${env.vapid.public}
 
     SMTP_SERVER=mail.immae.eu
     SMTP_PORT=587
@@ -66,7 +57,7 @@ let
     LDAP_METHOD=simple_tls
     LDAP_BASE="dc=immae,dc=eu"
     LDAP_BIND_DN="cn=mastodon,ou=services,dc=immae,dc=eu"
-    LDAP_PASSWORD="${builtins.getEnv "NIXOPS_MASTODON_LDAP_PASSWORD"}"
+    LDAP_PASSWORD="${env.ldap.password}"
     LDAP_UID="uid"
     LDAP_SEARCH_FILTER="(&(%{uid}=%{email})(memberOf=cn=users,cn=mastodon,ou=services,dc=immae,dc=eu))"
     '';
My infrastructure configuration