diff --git a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix index 1529666..d99f801 100755 --- a/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix +++ b/modules/nixos/guests/opencloud/ceresOpenCloud/default.nix @@ -30,7 +30,7 @@ in port = serviceCfg.ports.port0; address = localhost; stateDir = "/var/lib/${serviceCfg.name}"; - environmentFile = "/run/secrets/projectenv"; + environmentFile = "/etc/opencloud-secrets/env"; }; openssh = { @@ -53,24 +53,21 @@ in opencloud = { path = [ pkgs.inotify-tools ]; }; - # opencloud-copy-secrets = { - # description = "Copy secrets from virtiofs to local filesystem"; - # before = [ ".service" ]; - # requiredBy = [ ".service" ]; - - # serviceConfig = { - # Type = "oneshot"; - # RemainAfterExit = true; - # }; - - # script = '' - # mkdir -p /etc/opencloud-secrets - # cp /run/secrets/projectenv /etc/opencloud-secrets/env - # chmod 755 /etc/opencloud-secrets - # chmod 644 /etc/opencloud-secrets/* - # ''; - # }; - + opencloud-copy-secrets = { + description = "Copy secrets from virtiofs to local filesystem"; + before = [ "opencloud-init-config.service" ]; + requiredBy = [ "opencloud-init-config.service" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + }; + script = '' + mkdir -p /etc/opencloud-secrets + cp /run/secrets/projectenv /etc/opencloud-secrets/env + chmod 755 /etc/opencloud-secrets + chmod 644 /etc/opencloud-secrets/* + ''; + }; }; network = { enable = true;