Make service name for secrets available

2021-12-10 23:40:25 -08:00 · 2021-12-10 23:40:25 -08:00 · aa39f039aa
parent 1edfcad643
commit aa39f039aa
2 changed files with 13 additions and 1 deletions
--- a/lib/fudo/jabber.nix
+++ b/lib/fudo/jabber.nix
@ -183,6 +183,12 @@ in {
      description = "Environment variables to set for the ejabberd daemon.";
      default = {};
    };
+
+    required-services = mkOption {
+      type = listOf str;
+      description = "List of services that must start before ejabberd.";
+      default = [];
+    };
  };
  
  config = mkIf cfg.enable {
--- a/lib/fudo/secrets.nix
+++ b/lib/fudo/secrets.nix
@ -84,6 +84,12 @@ let
        description = "Arbitrary metadata associated with this secret.";
        default = {};
      };
+
+      service = mkOption {
+        type = str;
+        description = "Host-side name of the service decrypting this secret.";
+        default = "fudo-secret-${name}.service";
+      };
    };
  };

@ -175,7 +181,7 @@ in {
        { };

      host-secret-services = mapAttrs' (secret: secretOpts:
-        (nameValuePair "fudo-secret-${hostname}-${secret}"
+        (nameValuePair secretOpts.service
          (secret-service hostname secret secretOpts))) host-secrets;

      trace-all = obj: builtins.trace obj obj;