From ac5fd7f4724b0690caa0464a3e72fbdee90b3cf6 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 25 Sep 2021 12:59:24 +0200 Subject: [PATCH] modules: services: miniflux: use 'credentialsFiles' In preparation for the migration to agenix. --- machines/porthos/services.nix | 5 ++++- modules/services/miniflux.nix | 22 ++++++---------------- 2 files changed, 10 insertions(+), 17 deletions(-) diff --git a/machines/porthos/services.nix b/machines/porthos/services.nix index 4c9ca7d..e5d5eed 100644 --- a/machines/porthos/services.nix +++ b/machines/porthos/services.nix @@ -70,7 +70,10 @@ in }; miniflux = { enable = true; - password = my.secrets.miniflux.password; + credentialsFiles = builtins.toFile "miniflux-creds.txt" '' + ADMIN_USERNAME=Ambroisie + ADMIN_PASSWORD=${my.secrets.miniflux.password} + ''; }; # Various monitoring dashboards monitoring = { diff --git a/modules/services/miniflux.nix b/modules/services/miniflux.nix index d223850..6d9ffc8 100644 --- a/modules/services/miniflux.nix +++ b/modules/services/miniflux.nix @@ -7,17 +7,12 @@ in options.my.services.miniflux = with lib; { enable = mkEnableOption "Miniflux feed reader"; - username = mkOption { + credentialsFiles = mkOption { type = types.str; - default = "Ambroisie"; - example = "username"; - description = "Name of the admin user"; - }; - - password = mkOption { - type = types.str; - example = "password"; - description = "Password of the admin user"; + example = "/var/lib/miniflux/creds.env"; + description = '' + Credential file as an 'EnvironmentFile' (see `systemd.exec(5)`) + ''; }; port = mkOption { @@ -33,12 +28,7 @@ in services.miniflux = { enable = true; - adminCredentialsFile = - # Insecure, I don't care. - builtins.toFile "credentials.env" '' - ADMIN_USERNAME=${cfg.username} - ADMIN_PASSWORD=${cfg.password} - ''; + adminCredentialsFile = cfg.credentialsFiles; config = { # Virtual hosts settings