Use attrs for secrets instead of lists

1 files changed, 8 insertions, 11 deletions

diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix
index f4851b5..d35aca0 100644
--- a/modules/private/databases/openldap/default.nix
+++ b/modules/private/databases/openldap/default.nix
@@ -85,29 +85,26 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    secrets.keys = [
-       {
-        dest = "ldap/password";
+    secrets.keys = {
+       "ldap/password" = {
         permissions = "0400";
         user = "openldap";
         group = "openldap";
         text = "rootpw          ${cfg.rootPw}";
-      }
-      {
-        dest = "ldap/access";
+      };
+      "ldap/access" = {
         permissions = "0400";
         user = "openldap";
         group = "openldap";
         text = builtins.readFile cfg.accessFile;
-      }
-      {
-        dest = "ldap";
+      };
+      "ldap" = {
         permissions = "0500";
         user = "openldap";
         group = "openldap";
         isDir = true;
-      }
-    ];
+      };
+    };
     users.users.openldap.extraGroups = [ "keys" ];
     networking.firewall.allowedTCPPorts = [ 636 389 ];