diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-10-18 22:13:18 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-10-18 22:13:18 +0200 |
| commit | ed51e818c1995f57b710327957c1d179980e4deb (patch) | |
| tree | 51f002f947677a3cb0f74ab47d8fc0d6b0a52711 /modules/by-name/se/serverphone/module.currently_ignored.nix | |
| parent | refactor(modules/legacy/conf/lf): Move to new `by-name` dir (diff) | |
| download | nixos-config-ed51e818c1995f57b710327957c1d179980e4deb.tar.gz nixos-config-ed51e818c1995f57b710327957c1d179980e4deb.zip | |
refactor(modules/secrets): Split into the modules, that need the secrets
Storing the secrets in the module that actually needs them, is a cleaner solution.
Diffstat (limited to 'modules/by-name/se/serverphone/module.currently_ignored.nix')
| -rw-r--r-- | modules/by-name/se/serverphone/module.currently_ignored.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/modules/by-name/se/serverphone/module.currently_ignored.nix b/modules/by-name/se/serverphone/module.currently_ignored.nix index 20125a75..2ffb062b 100644 --- a/modules/by-name/se/serverphone/module.currently_ignored.nix +++ b/modules/by-name/se/serverphone/module.currently_ignored.nix @@ -5,7 +5,25 @@ lib, ... }: { +# FIXME: Reactive this module, when serverphone is working again <2024-05-11> + config = lib.mkIf config.soispha.secrets.enable { + age.secrets = { + serverphoneCa = { + file = ./private_keys/ca.key; + mode = "700"; + owner = "serverphone"; + group = "serverphone"; + }; + serverphoneServer = { + file = ./private_keys/server.key; + mode = "700"; + owner = "serverphone"; + group = "serverphone"; + }; + }; + }; + services.serverphone = { package = "${serverphone.packages.${system}.default}"; enable = true; |