diff --git a/machines/read/configuration.nix b/machines/read/configuration.nix index ab10cef..062e627 100644 --- a/machines/read/configuration.nix +++ b/machines/read/configuration.nix @@ -96,10 +96,7 @@ sops.defaultSopsFile = ./secrets.yaml; sops.secrets = { caddy-env = { }; - miniflux-admin-user = { }; - miniflux-admin-password = { }; - miniflux-oidc-client-id = { }; - miniflux-oidc-client-secret = { }; + miniflux-env = { }; }; system.stateVersion = "24.11"; diff --git a/machines/read/miniflux/default.nix b/machines/read/miniflux/default.nix index 862a64a..a5de249 100644 --- a/machines/read/miniflux/default.nix +++ b/machines/read/miniflux/default.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: +{ config, ... }: { services.miniflux = { enable = true; @@ -7,14 +7,10 @@ LISTEN_ADDR = "/run/miniflux/miniflux.sock"; POLLING_SCHEDULER = "entry_frequency"; OAUTH2_PROVIDER = "oidc"; - OAUTH2_CLIENT_ID_FILE = config.sops.secrets.miniflux-oidc-client-id.path; - OAUTH2_CLIENT_SECRET_FILE = config.sops.secrets.miniflux-oidc-client-secret.path; OAUTH2_REDIRCT_URL = "https://read.datarift.nl/oauth2/oidc/callback"; OAUTH2_OIDC_DISCOVERY_ENDPOINT = "https://id.datarift.nl/realms/datarift/"; - ADMIN_USERNAME_FILE = config.sops.secrets.miniflux-admin-user.path; - ADMIN_PASSWORD_FILE = config.sops.secrets.miniflux-admin-password.path; WEBAUTHN = 1; }; - adminCredentialsFile = pkgs.writeText "miniflux-dummy-admin-credentials" ""; + adminCredentialsFile = config.sops.secrets.miniflux-env.path; }; } diff --git a/machines/read/secrets.yaml b/machines/read/secrets.yaml index df96740..4334a48 100644 --- a/machines/read/secrets.yaml +++ b/machines/read/secrets.yaml @@ -1,8 +1,5 @@ caddy-env: ENC[AES256_GCM,data:gw+QSN+c2Lp2F4wNzhTXklq9sUrDT389KLAh2YRpZbqxWpodx4LPJ1uIUsMC1TdeYmq+lkI+,iv:iXjLwOfQo9wEa9bBlE5HYUKDNriJgcm7hxPsBys62hk=,tag:DbutFgWz5ZqHE1/aP4+7Ag==,type:str] -miniflux-admin-user: ENC[AES256_GCM,data:G0JD/iI=,iv:CPVSFIr5TzOGmyAt1zkz37Zld1lfPrnDxdOoJ8oGivQ=,tag:2RmlqB5zNyTBVSPv3zankA==,type:str] -miniflux-admin-password: ENC[AES256_GCM,data:kIxW0Ybz5ZNCBaKiwg==,iv:HMbW6vfid8r9ZDpzlWGYJwALF1wz7NuVvEKtGW27twk=,tag:TXsYzDmIXSsACxe62F15sQ==,type:str] -miniflux-oidc-client-id: ENC[AES256_GCM,data:yCIEu1PBGAA=,iv:YpOU0lfzXNMlwb5jI8LO1WV58j3QwidbxbT5OJu2Vtw=,tag:MrnFlwxcg6wV9bG93XKyVg==,type:str] -miniflux-oidc-client-secret: ENC[AES256_GCM,data:0wVAofr4H7juq3QrqO0fH6lWpdxKbSbUjqo7GtVcnns=,iv:rnePz45XaTkshZ/0YsnmW6VVfJI3FIw4n+SN+2lVrcs=,tag:Mk7IVkrmDsF2sjszhbgf4A==,type:str] +miniflux-env: ENC[AES256_GCM,data:5H+/yRuPW6BodnHaq3E7bcqD7xSRLHwle6BdSpsyFPUY9lw7JT4445lnQlV/uliGJJTu0H9N3G5KhsDQbvvU8vw+5yQvX4EgYQnJfYMyEn8LmQE+ErGz5Lpx3A6sjFuy0KHCqbFJwf5jjfZwuxvNdTKv34gnR2u9+4Vyg5qjwAP4jw==,iv:HfLie5OUOkEKjSmm7rBfOtVhkIq9GA3NRfwDg5AD7MQ=,tag:1ysgjaklV6twaLPe5na+hw==,type:str] sops: kms: [] gcp_kms: [] @@ -36,8 +33,8 @@ sops: alprbldiMEtZQ29DaUJzaEZlWmxXTmMKPYHIg4fMR5fbCoCAyHHuL/WGfn4D6mXJ yulfOqthMxvvWr+9sOBeAWIWSCcc0DBmDjvUTaDqVA7pnhZE+hQ2mw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-15T21:34:14Z" - mac: ENC[AES256_GCM,data:NZ/kdtM1XFePRz6mbNhU1TZHsBSnQRU6k39dxYaXsDIS/oHM0Cy68qsCaniV309YmYSDmTFPJ9S9QAE3mVa7BbZvuYOcWkdMCRNC5gYKwvM2iP/gpu3XCm64emwDKm+bLL/kDFc69iCyyajPP/KhqvMoEgXrPCAnCWxzhER9LiI=,iv:UdFEQLegd7s0KUUt1BmRakFtEVE91L3M/pa59mjeKPc=,tag:iu8jzwYza7oa9a0lH1puaw==,type:str] + lastmodified: "2024-07-15T22:03:26Z" + mac: ENC[AES256_GCM,data:T4BUMEd6lxXtndOH52M2SGqMm08kW6tG4VDcpaBv5De+DmSaXX2cojM2MIOVBnQjNxCT6534RZAvnG4cQkUiIgaqP+PDyb1w0cYnv+zfgE/yHQ/AkBXlnr4jblJLYtU/04HpFm5OGvjYxqXDrrcWu/tZD6lZgiDcqLO5R+V0Azg=,iv:/WNzbV8YJpdVD7nF+AFQz/why5QFKGYidIgh1V8VLGA=,tag:RyyZRIsF7kyg+ZgDD+7DhQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0