services: move all secrets into /media/secrets
moves all secrets into one centralised location in /media/secrets and uses systemd-tmpfiles to set the appropriate permissions for them
This commit is contained in:
parent
0dc8c93281
commit
93f912d548
SSH key fingerprint:
SHA256:XuacYOrGqRxC3jVFjfLROn1CSvLz85Dec6N7O9Gwu/0
6 changed files with 35 additions and 5 deletions
|
|
@ -9,6 +9,15 @@
|
|||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /media/secrets/uptime-kuma 0700 root root"
|
||||
];
|
||||
|
||||
fileSystems."/var/lib/private/uptime-kuma" = {
|
||||
device = "/media/apps/uptime-kuma";
|
||||
options = [ "bind" ];
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."status.${config.homelab.domain}" = {
|
||||
useACMEHost = config.homelab.domain;
|
||||
extraConfig = ''
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue