TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-02-27 14:42:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

migrate secrets to new structure

Browse source
This commit is contained in:
TheWanderingCrow 2025-11-02 11:10:45 -05:00
parent 957225dd0d
commit ca8a707ae2
7 changed files with 124 additions and 96 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/services/frigate/default.nix
View file

@ -3,11 +3,13 @@ let
in
{
pkgs,
inputs,
lib,
config,
...
}:
let
sopsFolder = builtins.toString inputs.nix-secrets + "/sops";
frigateConfig = pkgs.writeText "config.yaml" (
lib.generators.toYAML { } {
auth.reset_admin_password = true; # roll the admin password every restart, depend on user accounts for long-lived access
@ -200,7 +202,9 @@ in
FRIGATE_JWT_SECRET=${config.sops.placeholder."frigate/jwt"}
'';
secrets = {
"frigate/jwt" = { };
"frigate/jwt" = {
sopsFile = "${sopsFolder}/services.yaml";
};
};
};
systemd.tmpfiles.rules = [