mirror of
https://git.sr.ht/~magic_rb/cluster
synced 2024-11-29 03:26:14 +01:00
getmail move secrets out of rc files
Signed-off-by: Magic_RB <magic_rb@redalder.org>
This commit is contained in:
parent
84d26be719
commit
d0df99be7f
|
@ -62,7 +62,7 @@ nglib.makeSystem {
|
|||
shutdownOnExit = true;
|
||||
script = pkgs.writeShellScript "getmail-run"
|
||||
''
|
||||
export PATH=${with pkgs; lib.makeBinPath [ busybox runit bash getmail6-fixed maildrop-fixed ]}:${pkgs.opensmtpd}/libexec/opensmtpd:$PATH
|
||||
export PATH=${with pkgs; lib.makeBinPath [ jq busybox runit bash getmail6-fixed maildrop-fixed ]}:${pkgs.opensmtpd}/libexec/opensmtpd:$PATH
|
||||
|
||||
chown vmail:vmail -R /getmail.d
|
||||
|
||||
|
|
|
@ -68,7 +68,16 @@ job "email" {
|
|||
entrypoint = [ "init" ]
|
||||
}
|
||||
|
||||
env {
|
||||
vault {
|
||||
policies = ["getmail-policy"]
|
||||
}
|
||||
|
||||
template {
|
||||
data = <<EOF
|
||||
{{ secret "kv/data/getmail" | toJSON }}
|
||||
EOF
|
||||
destination = "secrets/getmail.passwd"
|
||||
change_mode = "restart"
|
||||
}
|
||||
|
||||
resources {
|
||||
|
|
Loading…
Reference in a new issue