swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 00:57:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add private secrets flake for flake purity

Browse source
This commit is contained in:
Swarsel 2024-12-10 18:23:37 +01:00
parent 437bc79968
commit 040fce3174
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
3 changed files with 28 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

13
profiles/server/common/nixos/navidrome.nix
View file

@ -1,4 +1,7 @@
{ pkgs, lib, config, ... }:
{ pkgs, lib, inputs, config, ... }:
let
secretsDirectory = builtins.toString inputs.nix-secrets;
in
{
config = lib.mkIf config.swarselsystems.server.navidrome {
environment.systemPackages = with pkgs; [
@ -55,10 +58,10 @@
};
# Switch using --impure as these credential files are not stored within the flake
# sops-nix is not supported for these which is why we need to resort to these
LastFM.ApiKey = builtins.readFile /home/swarsel/api/lastfm-secret;
LastFM.Secret = builtins.readFile /home/swarsel/api/lastfm-key;
Spotify.ID = builtins.readFile /home/swarsel/api/spotify-id;
Spotify.Secret = builtins.readFile /home/swarsel/api/spotify-secret;
LastFM.ApiKey = builtins.readFile "${secretsDirectory}/navidrome/lastfm-secret";
LastFM.Secret = builtins.readFile "${secretsDirectory}/navidrome/lastfm-key";
Spotify.ID = builtins.readFile "${secretsDirectory}/navidrome/spotify-id";
Spotify.Secret = builtins.readFile "${secretsDirectory}/navidrome/spotify-secret";
UILoginBackgroundUrl = "https://i.imgur.com/OMLxi7l.png";
UIWelcomeMessage = "~SwarselSound~";
};