From 4c4652aabf2cb3ac8b40f2856eca07a1df9c27e0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Sat, 16 Oct 2021 17:40:07 +0200
Subject: Use attrs for secrets instead of lists

---
 modules/private/databases/openldap/default.nix | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

(limited to 'modules/private/databases/openldap/default.nix')

diff --git a/modules/private/databases/openldap/default.nix b/modules/private/databases/openldap/default.nix
index f4851b5..d35aca0 100644
--- a/modules/private/databases/openldap/default.nix
+++ b/modules/private/databases/openldap/default.nix
@@ -85,29 +85,26 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    secrets.keys = [
-       {
-        dest = "ldap/password";
+    secrets.keys = {
+       "ldap/password" = {
         permissions = "0400";
         user = "openldap";
         group = "openldap";
         text = "rootpw          ${cfg.rootPw}";
-      }
-      {
-        dest = "ldap/access";
+      };
+      "ldap/access" = {
         permissions = "0400";
         user = "openldap";
         group = "openldap";
         text = builtins.readFile cfg.accessFile;
-      }
-      {
-        dest = "ldap";
+      };
+      "ldap" = {
         permissions = "0500";
         user = "openldap";
         group = "openldap";
         isDir = true;
-      }
-    ];
+      };
+    };
     users.users.openldap.extraGroups = [ "keys" ];
     networking.firewall.allowedTCPPorts = [ 636 389 ];
 
-- 
cgit v1.2.3