diff options
author | tv <tv@krebsco.de> | 2023-09-11 14:55:04 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2023-09-11 14:55:04 +0200 |
commit | 8fc162ee3d9525a2b45346a1ca8f34ccb5ef971b (patch) | |
tree | aa37724dd0452860d4b9b033332587c8832629e3 /krebs/3modules | |
parent | 90b1515dcd5b67a85cd92901fb211764b1fa5f83 (diff) | |
parent | 083229d0211096daec08673f743ccc45b1d8a0ac (diff) |
Merge remote-tracking branch 'orange/master'
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/exim-smarthost.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/fetchWallpaper.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/github/hosts-sync.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/iptables.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/power-action.nix | 6 | ||||
-rw-r--r-- | krebs/3modules/repo-sync.nix | 2 | ||||
-rw-r--r-- | krebs/3modules/retiolum-bootstrap.nix | 4 | ||||
-rw-r--r-- | krebs/3modules/tinc.nix | 4 |
8 files changed, 13 insertions, 13 deletions
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix index 093ae203..4e42ce72 100644 --- a/krebs/3modules/exim-smarthost.nix +++ b/krebs/3modules/exim-smarthost.nix @@ -20,14 +20,14 @@ let }; dkim = mkOption { - type = types.listOf (types.submodule ({ config, ... }: { + type = types.listOf (types.submodule (dkim: { options = { domain = mkOption { type = types.str; }; private_key = mkOption { type = types.absolute-pathname; - default = toString <secrets> + "/${config.domain}.dkim.priv"; + default = "${config.krebs.secret.directory}/${dkim.config.domain}.dkim.priv"; defaultText = "‹secrets/‹domain›.dkim.priv›"; }; selector = mkOption { diff --git a/krebs/3modules/fetchWallpaper.nix b/krebs/3modules/fetchWallpaper.nix index 79187adf..0d67120f 100644 --- a/krebs/3modules/fetchWallpaper.nix +++ b/krebs/3modules/fetchWallpaper.nix @@ -40,7 +40,7 @@ let }; }; - fetchWallpaperScript = pkgs.writeDash "fetchWallpaper" '' + fetchWallpaperScript = pkgs.writers.writeDash "fetchWallpaper" '' set -euf mkdir -p ${cfg.stateDir} diff --git a/krebs/3modules/github/hosts-sync.nix b/krebs/3modules/github/hosts-sync.nix index 6f9aee0c..2f373f9b 100644 --- a/krebs/3modules/github/hosts-sync.nix +++ b/krebs/3modules/github/hosts-sync.nix @@ -22,7 +22,7 @@ let }; ssh-identity-file = mkOption { type = types.suffixed-str [".ssh.id_ed25519" ".ssh.id_rsa"]; - default = toString <secrets/github-hosts-sync.ssh.id_ed25519>; + default = "${config.krebs.secret.directory}/github-hosts-sync.ssh.id_ed25519"; defaultText = "‹secrets/github-hosts-sync.ssh.id_ed25519›"; }; url = mkOption { diff --git a/krebs/3modules/iptables.nix b/krebs/3modules/iptables.nix index c1c5b68c..32a5273a 100644 --- a/krebs/3modules/iptables.nix +++ b/krebs/3modules/iptables.nix @@ -177,7 +177,7 @@ let ${buildTables iptables-version cfg.tables} ''; - startScript = pkgs.writeDash "krebs-iptables_start" '' + startScript = pkgs.writers.writeDash "krebs-iptables_start" '' set -euf iptables-restore < ${rules "v4"} ip6tables-restore < ${rules "v6"} diff --git a/krebs/3modules/power-action.nix b/krebs/3modules/power-action.nix index 71e2b541..a9ed24d3 100644 --- a/krebs/3modules/power-action.nix +++ b/krebs/3modules/power-action.nix @@ -60,7 +60,7 @@ let }; }; - startScript = pkgs.writeDash "power-action" '' + startScript = pkgs.writers.writeDash "power-action" '' set -euf power="$(${powerlvl})" @@ -77,11 +77,11 @@ let writeRule = _: plan: "if [ $power -ge ${toString plan.lowerLimit} ] && [ $power -le ${toString plan.upperLimit} ] ${charging_check plan}; then ${plan.action}; fi"; - powerlvl = pkgs.writeDash "powerlvl" '' + powerlvl = pkgs.writers.writeDash "powerlvl" '' cat /sys/class/power_supply/${cfg.battery}/capacity ''; - state = pkgs.writeDash "state" '' + state = pkgs.writers.writeDash "state" '' if [ "$(cat /sys/class/power_supply/${cfg.battery}/status)" = "Discharging" ] then echo "false" else echo "true" diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index a6de3f3f..5208d91a 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -123,7 +123,7 @@ let privateKeyFile = mkOption { type = types.absolute-pathname; - default = toString <secrets> + "/repo-sync.ssh.key"; + default = "${config.krebs.secret.directory}/repo-sync.ssh.key"; defaultText = "‹secrets/repo-sync.ssh.key›"; }; diff --git a/krebs/3modules/retiolum-bootstrap.nix b/krebs/3modules/retiolum-bootstrap.nix index c9ea8a61..bd7e7c5f 100644 --- a/krebs/3modules/retiolum-bootstrap.nix +++ b/krebs/3modules/retiolum-bootstrap.nix @@ -14,12 +14,12 @@ in sslCertificate = mkOption { type = types.str; description = "Certificate file to use for ssl"; - default = "${toString <secrets>}/tinc.krebsco.de.crt" ; + default = "${config.krebs.secret.directory}/tinc.krebsco.de.crt" ; }; sslCertificateKey = mkOption { type = types.str; description = "Certificate key to use for ssl"; - default = "${toString <secrets>}/tinc.krebsco.de.key"; + default = "${config.krebs.secret.directory}/tinc.krebsco.de.key"; }; # in use: # <secrets/tinc.krebsco.de.crt> diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index 2f9efad4..9df368cf 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -149,7 +149,7 @@ with import ../../lib/pure.nix { inherit lib; }; { privkey = mkOption { type = types.absolute-pathname; - default = toString <secrets> + "/${tinc.config.netname}.rsa_key.priv"; + default = "${config.krebs.secret.directory}/${tinc.config.netname}.rsa_key.priv"; defaultText = "‹secrets/‹netname›.rsa_key.priv›"; }; @@ -158,7 +158,7 @@ with import ../../lib/pure.nix { inherit lib; }; { default = if tinc.config.host.nets.${netname}.tinc.pubkey_ed25519 == null then null - else toString <secrets> + "/${tinc.config.netname}.ed25519_key.priv"; + else "${config.krebs.secret.directory}/${tinc.config.netname}.ed25519_key.priv"; defaultText = "‹secrets/‹netname›.ed25519_key.priv›"; }; |