25 lines
615 B
Nix
25 lines
615 B
Nix
{config, ...}: let
|
|
currentHostName = config.networking.hostName;
|
|
in {
|
|
services.secrets = {
|
|
enable = true;
|
|
|
|
requiredVaultPaths = [
|
|
"private-public-keys/data/wireguard/chaos-internal/${currentHostName}"
|
|
];
|
|
|
|
secrets = {
|
|
wg_public = {
|
|
fetchScript = ''
|
|
simple_get "/private-public-keys/wireguard/chaos-internal/${currentHostName}" .public > "$secretFile"
|
|
'';
|
|
};
|
|
wg_private = {
|
|
fetchScript = ''
|
|
simple_get "/private-public-keys/wireguard/chaos-internal/${currentHostName}" .private > "$secretFile"
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
}
|