diff options
author | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-06-14 01:22:31 +0900 |
---|---|---|
committer | Nguyễn Gia Phong <mcsinyx@disroot.org> | 2022-06-14 01:22:31 +0900 |
commit | 266e0aaca33ab96758ebb3ded4dc2cd825b1089e (patch) | |
tree | 5a5121858c7f618c83b739d793c0da460b68d642 | |
parent | 94c4044b75ba799658c98949b0d6c144a39d8774 (diff) | |
download | nixos-conf-266e0aaca33ab96758ebb3ded4dc2cd825b1089e.tar.gz |
Prevent PGP private key from mode 644
-rw-r--r-- | sourcehut.nix | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/sourcehut.nix b/sourcehut.nix index 20a248f..6d0f2ac 100644 --- a/sourcehut.nix +++ b/sourcehut.nix @@ -17,7 +17,12 @@ # along with loang configuration. If not, see <https://www.gnu.org/licenses/>. { config, lib, ... }: -let domain = config.networking.domain; +let + domain = config.networking.domain; + common = { + enable = true; + group = "srht"; + }; in { services = { nginx.virtualHosts."hub.${domain}".serverAliases = lib.mkForce [ ]; @@ -29,14 +34,11 @@ in { sourcehut = { enable = true; - git = { - enable = true; - port = 5200; # 5001 used by IPFS - }; - hub.enable = true; - lists.enable = true; - man.enable = true; - meta.enable = true; + git = common // { port = 5200; }; # 5001 used by IPFS + hub = common; + lists = common; + man = common; + meta = common; nginx = { enable = true; @@ -92,7 +94,7 @@ in { webhooks.private-key = "/var/lib/sourcehut/webhook.key"; }; - todo.enable = true; + todo = common; }; }; } |