From 3ed86c1165d3c97383d76903f5bd4e2668271a37 Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Wed, 26 Jul 2023 21:45:22 -0700
Subject: [PATCH] Generate secret keys

---
 mastodon-container.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/mastodon-container.nix b/mastodon-container.nix
index fff3418..eed1097 100644
--- a/mastodon-container.nix
+++ b/mastodon-container.nix
@@ -16,6 +16,13 @@ let
     (pkgs.lib.passwd.stablerandom-passwd-file "mastodon-db-passwd"
       config.instance.build-seed);
 
+  secretKeyBase = readFile
+    (pkgs.lib.passwd.stablerandom-passwd-file "mastodon-secret-key-base"
+      config.instance.build-seed);
+
+  otpSecret = readFile (pkgs.lib.passwd.stablerandom-passwd-file "mastodon-otp"
+    config.instance.build-seed);
+
   proxyConf = pkgs.writeText "mastodon-nginx.conf" ''
     events {
       worker_connections 1024;
@@ -220,6 +227,8 @@ in {
           SMTP_SERVER = cfg.smtp.server;
           SMTP_PORT = toString cfg.smtp.port;
           SMTP_FROM_ADDRESS = "noreply@${cfg.web-domain}";
+          SECRET_KEY_BASE = secretKeyBase;
+          OTP_SECRET = otpSecret;
         };
         target-file = "/run/mastodon/common.env";
       };