pyrox.dev / nix
My Nix Configuration
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

[marvin] move service secrets to mkServiceSecrets

dish 0bc63463 50bad37b

+41 -29
+41 -29
hosts/marvin/services/git.nix
··· 125 125 }; 126 126 }; 127 127 }; 128 - age.secrets = lib.mkIf config.services.forgejo.enable { 129 - forgejo-db-pw = forgejoSecret // { 130 - file = ./secrets/forgejo/db-pw.age; 131 - }; 132 - forgejo-mail-pw = forgejoSecret // { 133 - file = ./secrets/forgejo/mail-pw.age; 134 - }; 135 - forgejo-aux-docs-runner-token = forgejoSecret // { 136 - file = ./secrets/forgejo/aux-docs-runner-token.age; 137 - }; 138 - forgejo-default-runner-token = forgejoSecret // { 139 - file = ./secrets/forgejo/default-runner-token.age; 140 - }; 141 - forgejo-gitgay-runner-token = forgejoSecret // { 142 - file = ./secrets/forgejo/gitgay-runner-token.age; 143 - }; 144 - forgejo-internal-token = forgejoSecret // { 145 - file = ./secrets/forgejo/internal-token.age; 146 - }; 147 - forgejo-oauth2-jwt-secret = forgejoSecret // { 148 - file = ./secrets/forgejo/oauth2-jwt-secret.age; 149 - }; 150 - forgejo-lfs-jwt-secret = forgejoSecret // { 151 - file = ./secrets/forgejo/lfs-jwt-secret.age; 152 - }; 153 - forgejo-secret-key = forgejoSecret // { 154 - file = ./secrets/forgejo/secret-key.age; 155 - }; 156 - }; 128 + age.secrets = self.lib.secrets.mkServiceSecrets "forgejo" true ./secrets [ 129 + "oidc-secret" 130 + "db-pw" 131 + "mail-pw" 132 + "aux-docs-runner-token" 133 + "default-runner-token" 134 + "gitgay-runner-token" 135 + "internal-token" 136 + "oauth2-jwt-secret" 137 + "lfs-jwt-secret" 138 + "secret-key" 139 + ]; 140 + # age.secrets = lib.mkIf config.services.forgejo.enable { 141 + # forgejo-db-pw = forgejoSecret // { 142 + # file = ./secrets/forgejo/db-pw.age; 143 + # }; 144 + # forgejo-mail-pw = forgejoSecret // { 145 + # file = ./secrets/forgejo/mail-pw.age; 146 + # }; 147 + # forgejo-aux-docs-runner-token = forgejoSecret // { 148 + # file = ./secrets/forgejo/aux-docs-runner-token.age; 149 + # }; 150 + # forgejo-default-runner-token = forgejoSecret // { 151 + # file = ./secrets/forgejo/default-runner-token.age; 152 + # }; 153 + # forgejo-gitgay-runner-token = forgejoSecret // { 154 + # file = ./secrets/forgejo/gitgay-runner-token.age; 155 + # }; 156 + # forgejo-internal-token = forgejoSecret // { 157 + # file = ./secrets/forgejo/internal-token.age; 158 + # }; 159 + # forgejo-oauth2-jwt-secret = forgejoSecret // { 160 + # file = ./secrets/forgejo/oauth2-jwt-secret.age; 161 + # }; 162 + # forgejo-lfs-jwt-secret = forgejoSecret // { 163 + # file = ./secrets/forgejo/lfs-jwt-secret.age; 164 + # }; 165 + # forgejo-secret-key = forgejoSecret // { 166 + # file = ./secrets/forgejo/secret-key.age; 167 + # }; 168 + # }; 157 169 services.anubis.instances.forgejo = lib.mkIf config.services.forgejo.enable { 158 170 settings = { 159 171 BIND = ":${toString d.anubis}";