environmentFiles are generally a good and reasonable idea
This commit is contained in:
parent
0686807690
commit
052e1ac126
1 changed files with 4 additions and 1 deletions
|
@ -58,9 +58,11 @@
|
||||||
authorizationURL = "https://login.infra4future.de/oauth2/authorize";
|
authorizationURL = "https://login.infra4future.de/oauth2/authorize";
|
||||||
tokenURL = "https://login.infra4future.de/oauth2/token";
|
tokenURL = "https://login.infra4future.de/oauth2/token";
|
||||||
clientID = "hedgedoc";
|
clientID = "hedgedoc";
|
||||||
clientSecret = "1a730af1-4d6e-4c1d-8f7e-72375c9b8d62";
|
# must be set to make the NixOS module happy, but env var takes precedence
|
||||||
|
clientSecret = "lol nope";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
environmentFile = "/persist/secrets.env";
|
||||||
};
|
};
|
||||||
systemd.services.hedgedoc.environment = {
|
systemd.services.hedgedoc.environment = {
|
||||||
"CMD_LOGLEVEL" = "warn";
|
"CMD_LOGLEVEL" = "warn";
|
||||||
|
@ -70,6 +72,7 @@
|
||||||
"CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR" = "email";
|
"CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR" = "email";
|
||||||
"CMD_OAUTH2_PROVIDERNAME" = "Infra4Future";
|
"CMD_OAUTH2_PROVIDERNAME" = "Infra4Future";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ensureDatabases = [ "codimd" ];
|
ensureDatabases = [ "codimd" ];
|
||||||
|
|
Loading…
Reference in a new issue