chore: updated sops secrets

modules/nixos/guests/firefly-iii/default.nix

@@ -40,8 +40,8 @@ in
             };
             settings = {
               APP_URL = "https://${host}";
-              APP_KEY_FILE = "/etc/firefly-secrets/pass";
+              APP_KEY_FILE = "/etc/firefly-secrets/${user0}-pass";
-              DB_PASSWORD_FILE = "/etc/firefly-secrets/data";
+              DB_PASSWORD_FILE = "/etc/firefly-secrets/${user0}-data";
               DB_CONNECTION = "pgsql";
               DB_HOST = "/run/postgresql";
               DB_DATABASE = "firefly-iii";
@@ -51,7 +51,7 @@ in
               MAIL_PORT = smtpCfg.ports.port0;
               MAIL_FROM = smtpCfg.email.address0;
               MAIL_USERNAME = smtpCfg.email.address0;
-              MAIL_PASSWORD_FILE = "/etc/firefly-secrets/smtp";
+              MAIL_PASSWORD_FILE = "/etc/firefly-secrets/${user0}-smtp";
               MAIL_ENCRYPTION = "tls";
               SITE_OWNER = email.address2;
             };
@@ -123,9 +123,9 @@ in
               };
               script = ''
                 mkdir -p /etc/firefly-secrets
-                cp /run/secrets/pass /etc/firefly-secrets/pass
+                cp /run/secrets/${user0}-pass /etc/firefly-secrets/${user0}-pass
-                cp /run/secrets/data /etc/firefly-secrets/data
+                cp /run/secrets/${user0}-data /etc/firefly-secrets/${user0}-data
-                cp /run/secrets/smtp /etc/firefly-secrets/smtp
+                cp /run/secrets/${user0}-smtp /etc/firefly-secrets/${user0}-smtp
                 chmod 755 /etc/firefly-secrets
                 chmod 644 /etc/firefly-secrets/*
               '';
@@ -219,7 +219,7 @@ in
     secrets = builtins.listToAttrs (
       map
         (secret: {
-          name = "${serviceCfg.name}/${secret}";
+          name = "${serviceCfg.name}/${user0}-${secret}";
           value = {
             owner = "root";
             group = "root";

modules/nixos/guests/mastodon/default.nix

@@ -32,36 +32,6 @@ let
       log-level = "INFO";
     }
   );
-
-  fedifetcherPython = pkgs.python3.withPackages (
-    ps: with ps; [
-      requests
-      pytz
-      beautifulsoup4
-      certifi
-      charset-normalizer
-      defusedxml
-      docutils
-      idna
-      iniconfig
-      packaging
-      pluggy
-      pytest
-      python-dateutil
-      requests
-      six
-      smmap
-      urllib3
-      xxhash
-    ]
-  );
-
-  fedifetcherSrc = pkgs.fetchFromGitHub {
-    owner = "nanos";
-    repo = "FediFetcher";
-    rev = "main";
-    hash = "sha256-/J7psV/mA7okuuO7/aXVVWS9p63eMncG2CEEGN38ip0=";
-  };
 in
 {
   # If you need to start fresh for some reason, run these to create the new Admin account:
@@ -343,7 +313,7 @@ in
                       done
 
                       export ACCESS_TOKEN=$(cat /etc/mastodon-secrets/fedifetcher-token)
-                      ${fedifetcherPython}/bin/python ${fedifetcherSrc}/find_posts.py \
+                      ${pkgs.fedifetcher}/bin/fedifetcher \
                         -c=${fedifetcherConfig} \
                         --access-token="$ACCESS_TOKEN"
                     '';
@@ -436,12 +406,6 @@ in
           ];
         };
 
-        environment.systemPackages = builtins.attrValues {
-          inherit
-            fedifetcherPython
-            ;
-        };
-
         microvm = {
           vcpu = 2;
           mem = 1024 * 6;

modules/nixos/guests/vaultwarden/default.nix

@@ -58,7 +58,7 @@ in
             };
 
             # Environment file with secrets (mounted from host)
-            environmentFile = "/run/secrets/env";
+            environmentFile = "/run/secrets/${user0}-env";
           };
           openssh = {
             enable = true;
@@ -185,7 +185,7 @@ in
   ];
 
   sops.secrets = {
-    "${serviceCfg.name}/env" = {
+    "${serviceCfg.name}/${user0}-env" = {
       owner = "root";
       mode = "0600";
     };