From 052e1ac1264f135da22c0675eb7aaa366387c3ad Mon Sep 17 00:00:00 2001 From: stuebinm Date: Fri, 11 Nov 2022 16:28:50 +0100 Subject: [PATCH] environmentFiles are generally a good and reasonable idea --- services/hedgedoc-hacc.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/services/hedgedoc-hacc.nix b/services/hedgedoc-hacc.nix index 77b2c8e..d88a411 100644 --- a/services/hedgedoc-hacc.nix +++ b/services/hedgedoc-hacc.nix @@ -58,9 +58,11 @@ authorizationURL = "https://login.infra4future.de/oauth2/authorize"; tokenURL = "https://login.infra4future.de/oauth2/token"; clientID = "hedgedoc"; - clientSecret = "1a730af1-4d6e-4c1d-8f7e-72375c9b8d62"; + # must be set to make the NixOS module happy, but env var takes precedence + clientSecret = "lol nope"; }; }; + environmentFile = "/persist/secrets.env"; }; systemd.services.hedgedoc.environment = { "CMD_LOGLEVEL" = "warn"; @@ -70,6 +72,7 @@ "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR" = "email"; "CMD_OAUTH2_PROVIDERNAME" = "Infra4Future"; }; + services.postgresql = { enable = true; ensureDatabases = [ "codimd" ];