feat(garage): Use environmentFile for secrets

This commit is contained in:
Tom Hubrecht 2023-09-24 13:27:14 +02:00
parent c937a56e4f
commit f08259134a
3 changed files with 6 additions and 8 deletions

View file

@ -1,4 +1,4 @@
_:
{ config, ... }:
let
host = "s3.dgnum.eu";
@ -18,8 +18,6 @@ in {
rpc_bind_addr = "[::]:3901";
rpc_public_addr = "127.0.0.1:3901";
rpc_secret =
"a79e86c6fc0e0a02ff71fd3c6127887b6e029ea6e8ade6c3de1a0b7b09ad2873";
s3_api = {
s3_region = "garage";
@ -33,13 +31,12 @@ in {
index = "index.html";
};
k2v_api = { api_bind_addr = "[::]:3904"; };
k2v_api.api_bind_addr = "[::]:3904";
admin = {
api_bind_addr = "0.0.0.0:3903";
admin_token = "KVGyC6SNrIwT4o9alxg7T1SWFs29vjev0AzLBwqchjo=";
};
admin.api_bind_addr = "0.0.0.0:3903";
};
environmentFile = config.age.secrets."garage-environment_file".path;
};
systemd.services.garage.serviceConfig = {

Binary file not shown.

View file

@ -5,6 +5,7 @@ in
lib.setDefault { inherit publicKeys; } [
"forgejo-database_password_file"
"garage-environment_file"
"lychee-environment_file"
"peertube-secrets_file"
"peertube-service_environment_file"