Update gitea secret paths

Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-11-21 15:54:20 +01:00 · 2024-01-18 21:23:18 +01:00 · 2024-01-18 21:23:18 +01:00 · d7c2cfa959
parent 843047ea40
commit d7c2cfa959
2 changed files with 5 additions and 5 deletions
--- a/terranix/containers/gitea/default.nix
+++ b/terranix/containers/gitea/default.nix
@ -24,7 +24,7 @@ in
  resource."vault_policy"."gitea-policy" = {
    name = "gitea-policy";
    policy = ''
-      path "kv/data/gitea" {
+      path "kv/data/cluster/gitea/gitea" {
        capabilities = ["read"]
      }
    '';
--- a/terranix/containers/gitea/job.hcl
+++ b/terranix/containers/gitea/job.hcl
@ -109,28 +109,28 @@ job "gitea" {

      template {
        data = <<EOF
-{{ with secret "kv/data/gitea" }}{{ .Data.data.secret_key }}{{ end }}
+{{ with secret "kv/data/cluster/gitea/gitea" }}{{ .Data.data.secret_key }}{{ end }}
 EOF
        destination = "secrets/secret_key"
      }

      template {
        data = <<EOF
-{{ with secret "kv/data/gitea" }}{{ .Data.data.internal_token }}{{ end }}
+{{ with secret "kv/data/cluster/gitea/gitea" }}{{ .Data.data.internal_token }}{{ end }}
 EOF
        destination = "secrets/internal_token"
      }

      template {
        data = <<EOF
-{{ with secret "kv/data/gitea" }}{{ .Data.data.jwt_secret }}{{ end }}
+{{ with secret "kv/data/cluster/gitea/gitea" }}{{ .Data.data.jwt_secret }}{{ end }}
 EOF
        destination = "secrets/jwt_secret"
      }

      template {
        data = <<EOF
-{{ with secret "kv/data/gitea" }}{{ .Data.data.lfs_jwt_secret }}{{ end }}
+{{ with secret "kv/data/cluster/gitea/gitea" }}{{ .Data.data.lfs_jwt_secret }}{{ end }}
 EOF
        destination = "secrets/lfs_jwt_secret"
      }