diff --git a/systems/ceres/config/comfyui.nix b/systems/ceres/config/comfyui.nix index 5c18767..18cb5b0 100755 --- a/systems/ceres/config/comfyui.nix +++ b/systems/ceres/config/comfyui.nix @@ -54,6 +54,20 @@ in }; }; + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}.env"; + owner = "caddy"; + mode = "0400"; + }; + in + { + secrets = { + "caddy/${service.name}-auth" = sopsPath "auth"; + }; + }; + systemd.tmpfiles.rules = [ "Z ${service.sops.path0} 755 caddy caddy -" ];