modules/wg-clerie: migrate to age secrets

2023-06-20 18:36:28 +02:00 · 2023-06-20 18:36:28 +02:00 · 11a5a520d8
commit 11a5a520d8
parent f07dbd3c53
2 changed files with 3 additions and 3 deletions
--- a/hosts/astatine/secrets/wg-clerie.age
+++ b/hosts/astatine/secrets/wg-clerie.age
--- a/modules/wg-clerie/default.nix
+++ b/modules/wg-clerie/default.nix
@ -11,8 +11,8 @@ in
    services.wg-clerie = {
      enable = mkEnableOption "VPN for public static IP";
      privateKeyFile = mkOption {
-        type = types.str;
-        default = "/var/src/secrets/wireguard/wg-clerie";
+        type = with types; nullOr str;
+        default = null;
        description = "Path to file containing private key for wireguard interface";
      };
      ipv6s = mkOption {
@ -49,7 +49,7 @@ in
    networking.wireguard.enable = true;
    networking.wireguard.interfaces = {
      wg-clerie = {
-        inherit (cfg) privateKeyFile;
+        privateKeyFile = if cfg.privateKeyFile == null then config.age.secrets.wg-clerie.path else cfg.privateKeyFile;
        ips = cfg.ipv6s ++ cfg.ipv4s;
        table = "wg-clerie";
        peers = [