From 1e99a5aff9ecc421f1ebdce3a3dd53e94d7a1655 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Mon, 7 Jul 2025 15:38:48 -0500
Subject: [PATCH] feat: opencloud test

---
 modules/nixos/services/opencloud/default.nix | 18 +++---------------
 1 file changed, 3 insertions(+), 15 deletions(-)

diff --git a/modules/nixos/services/opencloud/default.nix b/modules/nixos/services/opencloud/default.nix
index e372188..8ec1976 100644
--- a/modules/nixos/services/opencloud/default.nix
+++ b/modules/nixos/services/opencloud/default.nix
@@ -1,22 +1,10 @@
-{
-  config,
-  flake,
-  pkgs,
-  ...
-}:
+{ config, flake, ... }:
 let
   inherit (flake.config.machines.devices) ceres;
   inherit (flake.config.services.instances) opencloud web;
   service = opencloud;
   localhost = web.localhost.address1;
   host = service.domains.url0;
-
-  secretValue = builtins.readFile config.sops.secrets."${service.name}-pass".path;
-
-  envFile = pkgs.writeText "${service.sops.path0}/opencloud.env" ''
-    ADMIN_PASSWORD=${secretValue}
-    OC_INSECURE=true
-  '';
 in
 {
   services = {
@@ -26,7 +14,7 @@ in
       port = service.ports.port0;
       address = localhost;
       stateDir = "/var/lib/${service.name}";
-      environmentFile = envFile;
+      environmentFile = config.sops.secrets."${service.name}-pass".path;
     };
     caddy = {
       virtualHosts = {
@@ -45,7 +33,7 @@ in
     let
       sopsPath = secret: {
         path = "${service.sops.path0}/${service.name}-${secret}";
-        owner = "root";
+        owner = service.name;
         mode = "600";
       };
     in