Did this work?

2024-12-26 20:22:43 +01:00 · 2024-12-26 20:22:43 +01:00 · 31adf4f3a6
parent 01f88e9051
commit 31adf4f3a6
2 changed files with 10 additions and 9 deletions
--- a/roles/traefik.nix
+++ b/roles/traefik.nix
@ -37,26 +37,26 @@
        in
        {
          sops.secrets = {
-            "traefik.acmeEmail" = {
+            "traefik/acmeEmail" = {
              owner = "traefik";
-              format = "dotenv";
+              # format = "dotenv";
            };
-            "traefik.CLOUDFLARE_EMAIL" = {
+            "traefik/CLOUDFLARE_EMAIL" = {
              owner = "traefik";
-              format = "dotenv";
+              # format = "dotenv";
            };
-            "traefik.CLOUDFLARE_DNS_API_TOKEN" = {
+            "traefik/CLOUDFLARE_DNS_API_TOKEN" = {
              owner = "traefik";
-              format = "dotenv";
+              # format = "dotenv";
            };
          };
          services.traefik = {
            enable = true;
            environmentFiles = [
-              config.sops.secrets."traefik.acmeEmail".path
+              config.sops.secrets."traefik/acmeEmail".path
-              config.sops.secrets."traefik.CLOUDFLARE_EMAIL".path
+              config.sops.secrets."traefik/CLOUDFLARE_EMAIL".path
-              config.sops.secrets."traefik.CLOUDFLARE_DNS_API_TOKEN".path
+              config.sops.secrets."traefik/CLOUDFLARE_DNS_API_TOKEN".path
            ];
            staticConfigOptions = {
--- a/utils.nix
+++ b/utils.nix
@ -26,6 +26,7 @@
          { ... }:
          {
            sops.defaultSopsFile = ./secrets + "/${hostConfig.hostname}.yaml";
            sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
            # Disable automatic pgp key generation based on ssh keys
            sops.gnupg.sshKeyPaths = [ ];