about summary refs log tree commit diff
path: root/ops/nixos/panettone.nix
diff options
context:
space:
mode:
Diffstat (limited to 'ops/nixos/panettone.nix')
-rw-r--r--ops/nixos/panettone.nix15
1 files changed, 12 insertions, 3 deletions
diff --git a/ops/nixos/panettone.nix b/ops/nixos/panettone.nix
index 3d31d79caf50..c95fb7ffde65 100644
--- a/ops/nixos/panettone.nix
+++ b/ops/nixos/panettone.nix
@@ -15,21 +15,29 @@ in {
 
     dbHost = mkOption {
       description = "Postgresql host to connect to for Panettone";
-      type = types.string;
+      type = types.str;
       default = "localhost";
     };
 
     dbName = mkOption {
       description = "Name of the database for Panettone";
-      type = types.string;
+      type = types.str;
       default = "panettone";
     };
 
     dbUser = mkOption {
       description = "Name of the database user for Panettone";
-      type = types.string;
+      type = types.str;
       default = "panettone";
     };
+
+    secretsFile = mkOption {
+      description = ''
+        Path to a file containing secrets, in the format accepted
+        by systemd's EnvironmentFile
+      '';
+      type = types.str;
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -63,6 +71,7 @@ in {
         DynamicUser = true;
         Restart = "always";
         StateDirectory = "panettone";
+        EnvironmentFile = cfg.secretsFile;
       };
 
       environment = {