diff options
author | lassulus <lassulus@lassul.us> | 2021-12-07 17:43:00 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2021-12-07 17:43:00 +0100 |
commit | 8d2f6fba252d6885c458c55ba45de8cc8a828ee6 (patch) | |
tree | 697b70bb9740238b7be9ff3548c4c825e7b6a97c /lass/2configs/binary-cache/server.nix | |
parent | a479db862635872461d0db5ded693e6e13f3c62b (diff) |
l binary-cache server: use key without secret service
Diffstat (limited to 'lass/2configs/binary-cache/server.nix')
-rw-r--r-- | lass/2configs/binary-cache/server.nix | 17 |
1 files changed, 2 insertions, 15 deletions
diff --git a/lass/2configs/binary-cache/server.nix b/lass/2configs/binary-cache/server.nix index baa891821..1abf51ae6 100644 --- a/lass/2configs/binary-cache/server.nix +++ b/lass/2configs/binary-cache/server.nix @@ -1,27 +1,14 @@ -{ config, lib, pkgs, ...}: +{ config, lib, pkgs, stockholm, ...}: { # generate private key with: # nix-store --generate-binary-cache-key my-secret-key my-public-key services.nix-serve = { enable = true; - secretKeyFile = config.krebs.secret.files.nix-serve-key.path; + secretKeyFile = toString <secrets> + "/nix-serve.key"; port = 5005; }; - systemd.services.nix-serve = { - after = [ - config.krebs.secret.files.nix-serve-key.service - ]; - partOf = [ - config.krebs.secret.files.nix-serve-key.service - ]; - }; - krebs.secret.files.nix-serve-key = { - path = "/run/secret/nix-serve.key"; - owner.name = "nix-serve"; - source-path = toString <secrets> + "/nix-serve.key"; - }; services.nginx = { enable = true; virtualHosts.nix-serve = { |