From d714b3cdaec0c8624f391ca780cef798c29acfd1 Mon Sep 17 00:00:00 2001
From: notohh <github@notohh.dev>
Date: Sun, 14 May 2023 23:03:38 -0400
Subject: [PATCH] sops: move secrets to specific services

---
 modules/services/foundryvtt.nix | 4 +++-
 modules/services/traefik.nix    | 2 +-
 modules/sops.nix                | 5 +----
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/modules/services/foundryvtt.nix b/modules/services/foundryvtt.nix
index e9542fd..14a5daf 100644
--- a/modules/services/foundryvtt.nix
+++ b/modules/services/foundryvtt.nix
@@ -1,4 +1,6 @@
-{config, ...}: {
+{...}: {
+  sops.secrets.foundry-username = {};
+  sops.secrets.foundry-password = {};
   virtualisation.oci-containers.containers.foundryvtt = {
     image = "felddy/foundryvtt:release";
     volumes = [
diff --git a/modules/services/traefik.nix b/modules/services/traefik.nix
index 1ab0cf2..741484c 100644
--- a/modules/services/traefik.nix
+++ b/modules/services/traefik.nix
@@ -1,6 +1,6 @@
 {config, ...}: {
+  sops.secrets.cloudflare-api-key = {};
   networking.firewall.allowedTCPPorts = [80 443 8080];
-
   systemd.user.services.traefik.after = ["docker.service"];
   systemd.services.traefik = {
     environment = {
diff --git a/modules/sops.nix b/modules/sops.nix
index 29d8d5f..684e9fe 100644
--- a/modules/sops.nix
+++ b/modules/sops.nix
@@ -1,9 +1,6 @@
-{config, ...}: {
+{...}: {
   sops = {
     defaultSopsFile = ../secrets/secrets.yaml;
     age.keyFile = "/home/notoh/.config/sops/age/keys.txt";
-    secrets.foundry-username = {};
-    secrets.foundry-password = {};
-    secrets.cloudflare-api-key = {};
   };
 }