From 11a5a520d83bc38cfadba5b4acf5e56d15a806de Mon Sep 17 00:00:00 2001 From: clerie Date: Tue, 20 Jun 2023 18:36:28 +0200 Subject: [PATCH] modules/wg-clerie: migrate to age secrets --- hosts/astatine/secrets/wg-clerie.age | Bin 0 -> 485 bytes modules/wg-clerie/default.nix | 6 +++--- 2 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 hosts/astatine/secrets/wg-clerie.age diff --git a/hosts/astatine/secrets/wg-clerie.age b/hosts/astatine/secrets/wg-clerie.age new file mode 100644 index 0000000000000000000000000000000000000000..64acb96478bd463da242942a6a6954ec349017fc GIT binary patch literal 485 zcmZ9_J&%)M003YUU1Yhz!MJ$nEk=T+eDq*Bd*!pxh8C{0Ws(*S+822FCSVQm@hzD7jdc^j_s~2K zaL*+frpcj7X;4&&CX&O{#Tx7C||2Is|!>mL}iqJdcf-C2sPmzP1rgmw~ zp@5S1dwdKU5;)A{38pu|5bw; z^`-VuE^qGOe&#v3hZ=1(zP5Mwb{F-89*-8tQp75fa13$2hDLLo4g;2p4+t1m64~?J zi97OA9dnI25vQ6ePRf33(`oR%RE2cO`Ax)>EghN>J!RIg%YhYw<2b4@^n$5!%I2f6 zCQ{MXb1W$N?q)L3B1NcJrY3pdI|tzu`S|$yBSAj-@N@M1-s$U4=B4xBc9J9SLpir{;G1?C9;~C(p9*qImB6eYUWzr>{=lZQb~_wSD#Y{lf<@h%bKu Dh!Ur5 literal 0 HcmV?d00001 diff --git a/modules/wg-clerie/default.nix b/modules/wg-clerie/default.nix index 8a5d649..1aea196 100644 --- a/modules/wg-clerie/default.nix +++ b/modules/wg-clerie/default.nix @@ -11,8 +11,8 @@ in services.wg-clerie = { enable = mkEnableOption "VPN for public static IP"; privateKeyFile = mkOption { - type = types.str; - default = "/var/src/secrets/wireguard/wg-clerie"; + type = with types; nullOr str; + default = null; description = "Path to file containing private key for wireguard interface"; }; ipv6s = mkOption { @@ -49,7 +49,7 @@ in networking.wireguard.enable = true; networking.wireguard.interfaces = { wg-clerie = { - inherit (cfg) privateKeyFile; + privateKeyFile = if cfg.privateKeyFile == null then config.age.secrets.wg-clerie.path else cfg.privateKeyFile; ips = cfg.ipv6s ++ cfg.ipv4s; table = "wg-clerie"; peers = [