You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

36 lines
800 B
Nix

{
2 years ago
config,
lib,
pkgs,
...
}: let
systemd-vaultd = pkgs.callPackage ../../default.nix {};
in {
imports = [
./vault-secrets.nix
];
systemd.package = pkgs.callPackage ../pkgs/systemd.nix {};
systemd.sockets.systemd-vaultd = {
description = "systemd-vaultd socket";
2 years ago
wantedBy = ["sockets.target"];
socketConfig = {
ListenStream = "/run/systemd-vaultd/sock";
SocketUser = "root";
SocketMode = "0600";
};
};
systemd.services.systemd-vaultd = {
description = "systemd-vaultd daemon";
2 years ago
requires = ["systemd-vaultd.socket"];
after = ["systemd-vaultd.socket"];
# Restarting can break services waiting for secrets
stopIfChanged = false;
serviceConfig = {
ExecStart = "${systemd-vaultd}/bin/systemd-vaultd";
};
};
}