From b5b90b598430cfa876639d76dbbdc8d826ccb5c0 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 4 Aug 2020 20:28:04 +0200 Subject: types.secret-file: add service option --- krebs/3modules/repo-sync.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/repo-sync.nix') diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 45d9d81c..892f3404 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -166,7 +166,13 @@ let }); in nameValuePair "repo-sync-${name}" { description = "repo-sync"; - after = [ "network.target" "secret.service" ]; + after = [ + config.krebs.secret.files.repo-sync-key.service + "network.target" + ]; + requires = [ + config.krebs.secret.files.repo-sync-key.service + ]; environment = { GIT_SSH_COMMAND = "${pkgs.openssh}/bin/ssh -i ${cfg.stateDir}/ssh.priv"; -- cgit v1.2.3 From ec91d1b83cfad151033433159a04eb7b5381bc73 Mon Sep 17 00:00:00 2001 From: tv Date: Tue, 4 Aug 2020 22:22:43 +0200 Subject: krebs.secret: restart units on secret change --- krebs/3modules/repo-sync.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'krebs/3modules/repo-sync.nix') diff --git a/krebs/3modules/repo-sync.nix b/krebs/3modules/repo-sync.nix index 892f3404..91111f3e 100644 --- a/krebs/3modules/repo-sync.nix +++ b/krebs/3modules/repo-sync.nix @@ -124,6 +124,7 @@ let privateKeyFile = mkOption { type = types.secret-file; default = { + name = "repo-sync-key"; path = "${cfg.stateDir}/ssh.priv"; owner = cfg.user; source-path = toString + "/repo-sync.ssh.key"; @@ -170,7 +171,7 @@ let config.krebs.secret.files.repo-sync-key.service "network.target" ]; - requires = [ + partOf = [ config.krebs.secret.files.repo-sync-key.service ]; -- cgit v1.2.3