From 3bab7ede2d658f28fa9f4b160419fd5ba3f1cfdb Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 15 Oct 2020 13:22:18 +0000 Subject: [PATCH] totoro: add secretsync --- ops/nixos/totoro/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ops/nixos/totoro/default.nix b/ops/nixos/totoro/default.nix index e195edfa10..0fe86bb696 100644 --- a/ops/nixos/totoro/default.nix +++ b/ops/nixos/totoro/default.nix @@ -44,6 +44,14 @@ in { # Extra packages. environment.systemPackages = with pkgs; [ oven-media-engine + (depot.nix.pkgs.secretsync.configure { + workingDir = "/home/lukegb/depot"; + gitlabAccessToken = secrets.deployer.gitlabAccessToken; + manifestVariable = "SECRETS_MANIFEST"; + variablesToFile = { + "OPS_SECRETS_DEFAULT_NIX" = "ops/secrets/default.nix"; + }; + }) ]; # Networking!