From 3fb9324c82b02fa6dfd7c293f2fd8a4a054acdf0 Mon Sep 17 00:00:00 2001
From: William Carroll <wpcarro@gmail.com>
Date: Tue, 1 Sep 2020 12:17:16 +0100
Subject: [PATCH] Delete comment monzo_ynab deployment

I haven't used this since I wrote it months ago...
---
 nixos/socrates/default.nix | 22 ----------------------
 1 file changed, 22 deletions(-)

diff --git a/nixos/socrates/default.nix b/nixos/socrates/default.nix
index ec0bf3a73..8b762a56d 100644
--- a/nixos/socrates/default.nix
+++ b/nixos/socrates/default.nix
@@ -1,8 +1,6 @@
 let
   briefcase = import <briefcase> {};
   pkgs = briefcase.third_party.pkgs;
-  trimNewline = x: pkgs.lib.removeSuffix "\n" x;
-  readSecret = x: trimNewline (builtins.readFile ("/etc/secrets/" + x));
 in {
   imports = [ ./hardware.nix ];
 
@@ -116,26 +114,6 @@ in {
     };
   };
 
-  # systemd.services.monzo-token-server = {
-  #   enable = true;
-  #   description = "Ensure my Monzo access token is valid";
-  #   script = "${briefcase.tools.monzo_ynab.tokens}/bin/token-server";
-  #   # TODO(wpcarro): I'm unsure of the size of this security risk, but if a
-  #   # non-root user runs `systemctl cat monzo-token-server`, they could read the
-  #   # following, sensitive environment variables.
-  #   environment = {
-  #     store_path = "/var/cache/monzo_ynab";
-  #     monzo_client_id = readSecret "monzo-client-id";
-  #     monzo_client_secret = readSecret "monzo-client-secret";
-  #     ynab_personal_access_token = readSecret "ynab-personal-access-token";
-  #     ynab_account_id = readSecret "ynab-account-id";
-  #     ynab_budget_id = readSecret "ynab-budget-id";
-  #   };
-  #   serviceConfig = {
-  #     Type = "simple";
-  #   };
-  # };
-
   systemd.services.zoo = {
     enable = true;
     description = "Run my monoserver";