Refactor secrets

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2025-07-24 11:01:47 +01:00
parent ba55a766ec
commit 15bf209e8c
62 changed files with 214 additions and 158 deletions
--- a/hosts/jupiter/users/storm/configs/console/podman/gitea/default.nix
+++ b/hosts/jupiter/users/storm/configs/console/podman/gitea/default.nix
@@ -68,14 +68,14 @@ in
    {
      sops = {
        secrets = {
-          "gitea/postgresql".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/smtp".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/secretKey".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/internalToken".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/jwtSecret".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/lfsJwtSecret".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/authelia/password".sopsFile = ../../../../../../secrets/secrets.yaml;
-          "gitea/authelia/digest".sopsFile = ../../../../../../secrets/secrets.yaml;
+          "gitea/postgresql".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/smtp".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/secretKey".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/internalToken".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/jwtSecret".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/lfsJwtSecret".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/authelia/password".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
+          "gitea/authelia/digest".sopsFile = "${inputs.secrets}/hosts/jupiter/secrets.yaml";
        };

        templates = {