set env var specific to deployed setting

2025-04-16 17:52:48 +02:00 · 2025-04-16 17:52:48 +02:00 · e4c1a77353
commit e4c1a77353
parent 393e92ffe0
2 changed files with 8 additions and 4 deletions
--- a/infra/machines/fedi201/fedipanel.nix
+++ b/infra/machines/fedi201/fedipanel.nix
@ -55,9 +55,9 @@ in
        COMPRESS_OFFLINE = true;
        LIBSASS_OUTPUT_STYLE = "compressed";
      };
-    # environment = {
-    #   SSH_PRIVATE_KEY_FILE = config.age.secrets.panel-ssh-key.path;
-    # };
+    environment = {
+      SSH_PRIVATE_KEY_FILE = config.age.secrets.panel-ssh-key.path;
+    };
    secrets = {
      SECRET_KEY = config.age.secrets.panel-secret-key.path;
    };
--- a/panel/nix/configuration.nix
+++ b/panel/nix/configuration.nix
@ -130,6 +130,10 @@ in
        Contents will be appended to the definitions in `settings`.
      '';
    };
+    environment = mkOption {
+      type = types.attrs;
+      default = {};
+    };
    secrets = mkOption {
      type = types.attrsOf types.path;
      default = { };
@ -208,7 +212,7 @@ in
      #       - manipulation should be straightforward in both places; e.g. dumping secrets to a directory that is not git-tracked and adding values to an attrset otherwise
      #       - error detection and correction; it should be clear where and why one messed up so it can be fixed immediately
      #     We may also want to test the development environment in CI in order to make sure that we don't break it inadvertently, because misconfiguration due to multiplpe sources of truth wastes a lot of time.
-      inherit environment;
+      environment = environment // cfg.environment;
    };

    networking.firewall.allowedTCPPorts = [