diff options
author | lassulus <lass@blue.r> | 2018-09-18 15:47:03 +0200 |
---|---|---|
committer | lassulus <lass@blue.r> | 2018-09-18 15:47:03 +0200 |
commit | 245994cc7ace5a323c476ccc50fd4026b9353dc4 (patch) | |
tree | cf4a3d85c768bd1ca18913d17c67e07bcab95db7 /makefu/2configs/deployment/google-muell.nix | |
parent | 1466d3e86abc4d85af6efe5a964df788cf0e36cc (diff) | |
parent | 8a756c7333e0e7c4a0433d68775f8d7c1a53b8b0 (diff) |
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'makefu/2configs/deployment/google-muell.nix')
-rw-r--r-- | makefu/2configs/deployment/google-muell.nix | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/makefu/2configs/deployment/google-muell.nix b/makefu/2configs/deployment/google-muell.nix index f23789ee5..235cc1546 100644 --- a/makefu/2configs/deployment/google-muell.nix +++ b/makefu/2configs/deployment/google-muell.nix @@ -5,7 +5,10 @@ let home = "/var/lib/ampel"; sec = "${toString <secrets>}/google-muell.json"; ampelsec = "${home}/google-muell.json"; - esp = "192.168.1.23"; + cred = "${toString <secrets>}/google-muell-creds.json"; + # TODO: generate this credential file locally + ampelcred = "${home}/google-muell-creds.json"; + esp = "192.168.8.204"; sleepval = "1800"; in { users.users.ampel = { @@ -21,10 +24,10 @@ in { serviceConfig = { User = "ampel"; ExecStartPre = pkgs.writeDash "copy-ampel-secrets" '' - cp ${sec} ${ampelsec} - chown ampel ${ampelsec} + install -m600 -o ampel ${sec} ${ampelsec} + install -m600 -o ampel ${cred} ${ampelcred} ''; - ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${home}/google-muell-creds.json --sleepval=${sleepval}"; + ExecStart = "${pkg}/bin/google-muell --esp=${esp} --client-secrets=${ampelsec} --credential-path=${ampelcred} --sleepval=${sleepval}"; PermissionsStartOnly = true; Restart = "always"; RestartSec = 10; |