From ed51e818c1995f57b710327957c1d179980e4deb Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Fri, 18 Oct 2024 22:13:18 +0200
Subject: refactor(modules/secrets): Split into the modules, that need the
 secrets

Storing the secrets in the module that actually needs them, is a cleaner
solution.
---
 .../se/serverphone/module.currently_ignored.nix        | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'modules/by-name/se/serverphone/module.currently_ignored.nix')

diff --git a/modules/by-name/se/serverphone/module.currently_ignored.nix b/modules/by-name/se/serverphone/module.currently_ignored.nix
index 20125a75..2ffb062b 100644
--- a/modules/by-name/se/serverphone/module.currently_ignored.nix
+++ b/modules/by-name/se/serverphone/module.currently_ignored.nix
@@ -5,7 +5,25 @@
   lib,
   ...
 }: {
+# FIXME: Reactive this module, when serverphone is working again <2024-05-11>
+
   config = lib.mkIf config.soispha.secrets.enable {
+    age.secrets = {
+        serverphoneCa = {
+          file = ./private_keys/ca.key;
+          mode = "700";
+          owner = "serverphone";
+          group = "serverphone";
+        };
+        serverphoneServer = {
+          file = ./private_keys/server.key;
+          mode = "700";
+          owner = "serverphone";
+          group = "serverphone";
+        };
+      };
+    };
+
     services.serverphone = {
       package = "${serverphone.packages.${system}.default}";
       enable = true;
-- 
cgit 1.4.1