README.md: Add example usage of keyCommand

2021-02-10 18:12:28 -08:00 · 2021-02-10 18:12:28 -08:00 · 28b635a6e8
commit 28b635a6e8
parent 52622ecd27
1 changed files with 4 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -181,10 +181,10 @@ For example, to deploy DNS-01 credentials for use with `security.acme`:
  shared-box = {
    security.acme.certs."my-site.tld".credentialsFile = "/run/keys/acme-credentials.secret";
    deployment.keys."acme-credentials.secret" = {
-      text = ''
-        PDNS_API_URL=https://dns.provider
-        PDNS_API_KEY=top-secret-api-key
-      '';
+      # Alternatively, `text` (string) or `keyFile` (path to file)
+      # may be specified.
+      keyCommand = [ "vault" "read" "-field=env" "secret/dns01" ];
+
      destDir = "/run/keys"; # Default: /run/keys
      user = "acme";         # Default: root
      group = "nginx";       # Default: root