From ad39c91168362a396df9e9c206aac650db28d8f6 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@dgnum.eu>
Date: Mon, 19 Feb 2024 14:47:27 +0100
Subject: [PATCH] chore(infra): Switch to age-secrets.autoMatch

---
 machines/compute01/ds-fr/default.nix                |   6 ++----
 machines/compute01/k-radius/default.nix             |   4 +---
 machines/compute01/mastodon.nix                     |   4 +---
 machines/compute01/nextcloud.nix                    |   4 +---
 machines/compute01/outline.nix                      |   4 +---
 machines/compute01/satosa/default.nix               |   4 +---
 .../{ds_fr-secret_file => ds-fr-secret_file}        | Bin
 machines/compute01/secrets/secrets.nix              |   2 +-
 machines/compute01/zammad.nix                       |   4 +---
 machines/storage01/netbird/default.nix              |   2 +-
 machines/storage01/peertube.nix                     |   4 +---
 machines/web01/matterbridge.nix                     |   4 +---
 12 files changed, 12 insertions(+), 30 deletions(-)
 rename machines/compute01/secrets/{ds_fr-secret_file => ds-fr-secret_file} (100%)

diff --git a/machines/compute01/ds-fr/default.nix b/machines/compute01/ds-fr/default.nix
index 06bd035..43f57a2 100644
--- a/machines/compute01/ds-fr/default.nix
+++ b/machines/compute01/ds-fr/default.nix
@@ -9,7 +9,7 @@ in
   services.demarches-simplifiees = {
     enable = true;
 
-    secretFile = config.age.secrets.ds_fr-secret_file.path;
+    secretFile = config.age.secrets."ds-fr-secret_file".path;
 
     initialDeploymentDate = "20230923";
 
@@ -64,7 +64,5 @@ in
     };
   };
 
-  age-secrets.matches."^ds_fr-.*$" = {
-    owner = "ds-fr";
-  };
+  age-secrets.autoMatch = [ "ds-fr" ];
 }
diff --git a/machines/compute01/k-radius/default.nix b/machines/compute01/k-radius/default.nix
index 7c16ece..1bf5ec4 100644
--- a/machines/compute01/k-radius/default.nix
+++ b/machines/compute01/k-radius/default.nix
@@ -54,9 +54,7 @@
     radiusClients = { };
   };
 
-  age-secrets.matches."^radius-.*$" = {
-    owner = "radius";
-  };
+  age-secrets.autoMatch = [ "radius" ];
 
   networking.firewall.allowedTCPPorts = [ 1812 ];
   networking.firewall.allowedUDPPorts = [ 1812 ];
diff --git a/machines/compute01/mastodon.nix b/machines/compute01/mastodon.nix
index 5919e8c..943381b 100644
--- a/machines/compute01/mastodon.nix
+++ b/machines/compute01/mastodon.nix
@@ -39,7 +39,5 @@ in
     extraEnvFiles = [ config.age.secrets."mastodon-extra_env_file".path ];
   };
 
-  age-secrets.matches."^mastodon-.*$" = {
-    owner = "mastodon";
-  };
+  age-secrets.autoMatch = [ "mastodon" ];
 }
diff --git a/machines/compute01/nextcloud.nix b/machines/compute01/nextcloud.nix
index 64a7983..51ac118 100644
--- a/machines/compute01/nextcloud.nix
+++ b/machines/compute01/nextcloud.nix
@@ -199,9 +199,7 @@ in
     "129.199.146.148" = [ "s3.dgnum.eu" ];
   };
 
-  age-secrets.matches."^nextcloud-.*$" = {
-    owner = "nextcloud";
-  };
+  age-secrets.autoMatch = [ "nextcloud" ];
 
   system.activationScripts = {
     restart-nextcloud.text = ''
diff --git a/machines/compute01/outline.nix b/machines/compute01/outline.nix
index 8dec2ed..c53e6ae 100644
--- a/machines/compute01/outline.nix
+++ b/machines/compute01/outline.nix
@@ -52,7 +52,5 @@ in
     };
   };
 
-  age-secrets.matches."^outline-.*$" = {
-    owner = "outline";
-  };
+  age-secrets.autoMatch = [ "outline" ];
 }
diff --git a/machines/compute01/satosa/default.nix b/machines/compute01/satosa/default.nix
index d35d705..9855d5a 100644
--- a/machines/compute01/satosa/default.nix
+++ b/machines/compute01/satosa/default.nix
@@ -153,7 +153,5 @@ in
     forceSSL = true;
   };
 
-  age-secrets.matches."^satosa-.*$" = {
-    owner = "satosa";
-  };
+  age-secrets.autoMatch = [ "satosa" ];
 }
diff --git a/machines/compute01/secrets/ds_fr-secret_file b/machines/compute01/secrets/ds-fr-secret_file
similarity index 100%
rename from machines/compute01/secrets/ds_fr-secret_file
rename to machines/compute01/secrets/ds-fr-secret_file
diff --git a/machines/compute01/secrets/secrets.nix b/machines/compute01/secrets/secrets.nix
index 9e7ad18..5f3982d 100644
--- a/machines/compute01/secrets/secrets.nix
+++ b/machines/compute01/secrets/secrets.nix
@@ -4,7 +4,7 @@ let
 in
 
 lib.setDefault { inherit publicKeys; } [
-  "ds_fr-secret_file"
+  "ds-fr-secret_file"
   "grafana-smtp_password_file"
   "grafana-oauth_client_secret_file"
   "hedgedoc-environment_file"
diff --git a/machines/compute01/zammad.nix b/machines/compute01/zammad.nix
index 7dd42ee..369cc25 100644
--- a/machines/compute01/zammad.nix
+++ b/machines/compute01/zammad.nix
@@ -51,7 +51,5 @@ in
     };
   };
 
-  age-secrets.matches."^zammad-.*$" = {
-    owner = "zammad";
-  };
+  age-secrets.autoMatch = [ "zammad" ];
 }
diff --git a/machines/storage01/netbird/default.nix b/machines/storage01/netbird/default.nix
index 4634663..736deb0 100644
--- a/machines/storage01/netbird/default.nix
+++ b/machines/storage01/netbird/default.nix
@@ -43,5 +43,5 @@ in
     };
   };
 
-  # age-secrets.matches."^netbird-.*$" = { owner = "netbird"; };
+  # age-secrets.autoMatch = [ "netbird" ];
 }
diff --git a/machines/storage01/peertube.nix b/machines/storage01/peertube.nix
index ceefd56..0382f1a 100644
--- a/machines/storage01/peertube.nix
+++ b/machines/storage01/peertube.nix
@@ -64,7 +64,5 @@ in
     forceSSL = true;
   };
 
-  age-secrets.matches."^peertube-.*$" = {
-    owner = "peertube";
-  };
+  age-secrets.autoMatch = [ "peertube" ];
 }
diff --git a/machines/web01/matterbridge.nix b/machines/web01/matterbridge.nix
index 67411b4..430fa74 100644
--- a/machines/web01/matterbridge.nix
+++ b/machines/web01/matterbridge.nix
@@ -6,7 +6,5 @@
     configPath = config.age.secrets."matterbridge-config_file".path;
   };
 
-  age-secrets.matches."^matterbridge-.*$" = {
-    owner = "matterbridge";
-  };
+  age-secrets.autoMatch = [ "matterbridge" ];
 }