47 lines
1.4 KiB
Nix
47 lines
1.4 KiB
Nix
{...}: {
|
|
services.secrets = {
|
|
enable = true;
|
|
secrets = {
|
|
usb_encryption_passphrase = {
|
|
manual = true;
|
|
};
|
|
|
|
music_stream_password = {
|
|
user = "chaos";
|
|
group = "users";
|
|
fetchScript = ''
|
|
simple_get "/api-keys/music-stream" .password > "$secretFile"
|
|
'';
|
|
};
|
|
|
|
# Required for home.apps.manualBackupApps
|
|
restic_music_env = {
|
|
user = "chaos";
|
|
fetchScript = ''
|
|
api_username=restic
|
|
api_password=$(simple_get "/api-keys/storage/restic/Music" ".$api_username")
|
|
restic_password=$(simple_get "/private-public-keys/restic/Music" .password)
|
|
|
|
echo > "$secretFile"
|
|
echo "RESTIC_REPOSITORY=rest:https://$api_username:$api_password@storage-restic.owo.monster/Music" >> "$secretFile"
|
|
echo "RESTIC_PASSWORD=''${restic_password}" >> "$secretFile"
|
|
'';
|
|
};
|
|
|
|
#restic_backups_password = {
|
|
# fetchScript = ''
|
|
# simple_get "/private-public-keys/restic/Lappy-Surface" .password > "$secretFile"
|
|
# '';
|
|
#};
|
|
|
|
#restic_backups_repository_file = {
|
|
# fetchScript = ''
|
|
# api_username=restic
|
|
# api_password=$(simple_get "/api-keys/storage/restic/Lappy-Surface" ".$api_username")
|
|
# echo "rest:https://$api_username:$api_password@storage-restic.owo.monster/Lappy-Surface" > "$secretFile"
|
|
# '';
|
|
#};
|
|
};
|
|
};
|
|
}
|