forked from Fediversity/Fediversity
Nicolas “Niols” Jeannerod
78a85b27ff
...but not everywhere, there remains some FIXMEs where ultimately the secrets do get into the store.
42 lines
916 B
Nix
42 lines
916 B
Nix
## NOTE: Not a module, but a helper function to create options for Fediversity
|
|
## services, as they tend to require the same ones.
|
|
|
|
{
|
|
config,
|
|
lib,
|
|
serviceName,
|
|
serviceDocName,
|
|
}:
|
|
|
|
let
|
|
inherit (lib) mkOption mkEnableOption;
|
|
inherit (lib.types) types;
|
|
|
|
in
|
|
{
|
|
enable = mkEnableOption "Enable a ${serviceDocName} server on the machine";
|
|
|
|
s3AccessKeyFile = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
S3 access key for ${serviceDocName}'s bucket/s
|
|
|
|
In AWS CLI, this would be AWS_ACCESS_KEY_ID.
|
|
'';
|
|
};
|
|
|
|
s3SecretKeyFile = mkOption {
|
|
type = types.path;
|
|
description = ''
|
|
S3 secret key for ${serviceDocName}'s bucket/s
|
|
|
|
In AWS CLI, this would be AWS_SECRET_ACCESS_KEY.
|
|
'';
|
|
};
|
|
|
|
domain = mkOption {
|
|
type = types.str;
|
|
description = "Internal option — change at your own risk";
|
|
default = "${serviceName}.${config.fediversity.domain}";
|
|
};
|
|
}
|