Require secrets file also when on metal
This commit is contained in:
parent
8e03b4b34e
commit
4f8ba4bf3c
|
@ -40,6 +40,11 @@ in {
|
||||||
description = "number of cores; should be obtained from NixOps4";
|
description = "number of cores; should be obtained from NixOps4";
|
||||||
type = types.int;
|
type = types.int;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
peertubeSecretsFile = mkOption {
|
||||||
|
description = "should it be provided by NixOps4? or maybe we should just ask for a main secret from which to derive all the others?";
|
||||||
|
type = types.path;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -61,6 +61,8 @@ lib.mkIf (config.fediversity.enable && config.fediversity.peertube.enable) {
|
||||||
database.createLocally = true;
|
database.createLocally = true;
|
||||||
configureNginx = true;
|
configureNginx = true;
|
||||||
|
|
||||||
|
secrets.secretsFile = config.fediversity.temp.peertubeSecretsFile;
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
object_storage = {
|
object_storage = {
|
||||||
enabled = true;
|
enabled = true;
|
||||||
|
|
|
@ -8,10 +8,6 @@
|
||||||
listen.hostname = "0.0.0.0";
|
listen.hostname = "0.0.0.0";
|
||||||
instance.name = "PeerTube Test VM";
|
instance.name = "PeerTube Test VM";
|
||||||
};
|
};
|
||||||
# TODO: use agenix
|
|
||||||
secrets.secretsFile = pkgs.writeText "secret" ''
|
|
||||||
574e093907d1157ac0f8e760a6deb1035402003af5763135bae9cbd6abe32b24
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualisation.forwardPorts = [
|
virtualisation.forwardPorts = [
|
||||||
|
|
Reference in a new issue