diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix index e372188..8ec1976 100644 --- a/modules/nixos/services/opencloud/default.nix +++ b/modules/nixos/services/opencloud/default.nix @@ -1,22 +1,10 @@ -{ - config, - flake, - pkgs, - ... -}: +{ config, flake, ... }: let inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) opencloud web; service = opencloud; localhost = web.localhost.address1; host = service.domains.url0; - - secretValue = builtins.readFile config.sops.secrets."${service.name}-pass".path; - - envFile = pkgs.writeText "${service.sops.path0}/opencloud.env" '' - ADMIN_PASSWORD=${secretValue} - OC_INSECURE=true - ''; in { services = { @@ -26,7 +14,7 @@ in port = service.ports.port0; address = localhost; stateDir = "/var/lib/${service.name}"; - environmentFile = envFile; + environmentFile = config.sops.secrets."${service.name}-pass".path; }; caddy = { virtualHosts = { @@ -45,7 +33,7 @@ in let sopsPath = secret: { path = "${service.sops.path0}/${service.name}-${secret}"; - owner = "root"; + owner = service.name; mode = "600"; }; in