christoph/flake-nixinator
1
Fork 0
Code Activity

Services: Update heidi and kopia to use agenix secrets

Browse Source
This commit is contained in:
Christoph Urlacher
2025-07-09 03:30:37 +02:00
parent 4f6a4dea3e
commit 697bb0dd8b
3 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
home/modules/neovim/default.nix
View File

@ -1475,6 +1475,7 @@ in {
}; };
}; };
# TODO: Replace with neo-tree (or figure out how to multiselect and cut/paste)
explorer = { explorer = {
enabled = true; enabled = true;
replace_netrw = false; # Use yazi for that replace_netrw = false; # Use yazi for that

4
system/services/heidi.nix
View File

@ -19,7 +19,9 @@
]; ];
environment = { environment = {
DISCORD_TOKEN = (builtins.readFile ./heidi.discord_token); # TODO: I can't do this because readFile obviously doesn't
# read at runtime but at buildtime, duh...
DISCORD_TOKEN = builtins.readFile config.age.secrets.heidi-discord-token.path;
DOCKER = "True"; DOCKER = "True";
}; };

6
system/services/kopia.nix
View File

@ -56,7 +56,7 @@
environment = { environment = {
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
USER = "christoph"; USER = "christoph";
KOPIA_PASSWORD = (builtins.readFile ./kopia.password); KOPIA_PASSWORD = builtins.readFile config.age.secrets.kopia-user-password.path;
}; };
entrypoint = "/bin/kopia"; entrypoint = "/bin/kopia";
@ -67,8 +67,8 @@
"--disable-csrf-token-checks" "--disable-csrf-token-checks"
"--insecure" "--insecure"
"--address=0.0.0.0:51515" "--address=0.0.0.0:51515"
"--server-username=christoph" "--server-username=${builtins.readFile config.age.secrets.kopia-server-username.path}"
"--server-password=kopia" "--server-password=${builtins.readFile config.age.secrets.kopia-server-password.path}"
]; ];
extraOptions = [ extraOptions = [