You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 lines
694 B
Nix
30 lines
694 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
systemd-vaultd = pkgs.callPackage ../../default.nix {};
|
|
in {
|
|
systemd.sockets.systemd-vaultd = {
|
|
description = "systemd-vaultd socket";
|
|
wantedBy = ["sockets.target"];
|
|
|
|
socketConfig = {
|
|
ListenStream = "/run/systemd-vaultd/sock";
|
|
SocketUser = "root";
|
|
SocketMode = "0600";
|
|
};
|
|
};
|
|
systemd.services.systemd-vaultd = {
|
|
description = "systemd-vaultd daemon";
|
|
requires = ["systemd-vaultd.socket"];
|
|
after = ["systemd-vaultd.socket"];
|
|
# Restarting can break services waiting for secrets
|
|
stopIfChanged = false;
|
|
serviceConfig = {
|
|
ExecStart = "${systemd-vaultd}/bin/systemd-vaultd";
|
|
};
|
|
};
|
|
}
|