Agenix: Difference between revisions
imported>Onny Add see also section |
imported>Onny mNo edit summary |
||
| Line 76: | Line 76: | ||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
age.secrets.nextcloud | age.secrets.nextcloud = { | ||
file = /etc/nixos/secrets/secret1.age; | |||
owner = "nextcloud"; | |||
group = "nextcloud"; | |||
}; | |||
services.nextcloud = { | services.nextcloud = { | ||
enable = true; | enable = true; | ||
| Line 85: | Line 89: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Here, the service [[Nextcloud]] requires a password for the administrator account. In this case, the password is stored in an age-encrypted file, so no plaintext passwords will be copied into your world-readable Nix-store. | Here, the service [[Nextcloud]] requires a password for the administrator account. In this case, the password is stored in an age-encrypted file, so no plaintext passwords will be copied into your world-readable Nix-store. We configure <code>owner</code> and <code>group</code> names to <code>nextcloud</code> so that the webservice has the permissions to read the password wile. | ||
== See also == | == See also == | ||