fi/nix-infra
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nix-infra/config/hosts/mastodon/secrets.nix
fi 0b59452424 Update mastodon to v4.4.1
2025-07-19 01:20:55 +02:00

69 lines
2.3 KiB
Nix
Raw Blame History

{ keyCommandEnv, ... }:
{
deployment.keys = {
"mastodon-secret-key-base.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/secret-key-base" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-vapid-private-key.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/vapid-private-key" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-email-smtp-pass.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/email-smtp-pass" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-keycloak-client-secret.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/keycloak-client-secret" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-active-record-encryption-primary-key.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/active-record-encryption-primary-key" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-active-record-encryption-key-derivation-salt.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/active-record-encryption-key-derivation-salt" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-active-record-encryption-deterministic-key.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/active-record-encryption-deterministic-key" ];
destDir = "/secrets";
user = "mastodon";
group = "mastodon";
permissions = "0640";
uploadAt = "pre-activation";
};
"mastodon-fedifetcher-access-token.secret" = {
keyCommand = keyCommandEnv ++ [ "pass" "mastodon/fedifetcher-access-token" ];
destDir = "/secrets-fedifetcher";
user = "root";
group = "root";
permissions = "0640";
uploadAt = "pre-activation";
};
};
}
Reference in a new issue View git blame Copy permalink