forked from fi/nix-infra
37 lines
1.2 KiB
Nix
37 lines
1.2 KiB
Nix
{ keyCommandEnv, ... }:
|
|
{
|
|
deployment.keys = {
|
|
"metrics-nekomesh-grafana-admin-password.secret" = {
|
|
keyCommand = keyCommandEnv ++ [ "pass" "metrics-nekomesh/grafana/admin-password" ];
|
|
destDir = "/secrets";
|
|
user = "grafana";
|
|
group = "grafana";
|
|
permissions = "0640";
|
|
uploadAt = "pre-activation";
|
|
};
|
|
"metrics-nekomesh-grafana-keycloak-client-secret.secret" = {
|
|
keyCommand = keyCommandEnv ++ [ "pass" "metrics-nekomesh/grafana/keycloak-client-secret" ];
|
|
destDir = "/secrets";
|
|
user = "grafana";
|
|
group = "grafana";
|
|
permissions = "0640";
|
|
uploadAt = "pre-activation";
|
|
};
|
|
"metrics-nekomesh-grafana-secret-key.secret" = {
|
|
keyCommand = keyCommandEnv ++ [ "pass" "metrics-nekomesh/grafana/secret-key" ];
|
|
destDir = "/secrets";
|
|
user = "grafana";
|
|
group = "grafana";
|
|
permissions = "0640";
|
|
uploadAt = "pre-activation";
|
|
};
|
|
"mail-nekomesh-nekover-se.secret" = {
|
|
keyCommand = keyCommandEnv ++ [ "pass" "mail/nekomesh-nekover-se" ];
|
|
destDir = "/secrets";
|
|
user = "grafana";
|
|
group = "grafana";
|
|
permissions = "0640";
|
|
uploadAt = "pre-activation";
|
|
};
|
|
};
|
|
}
|