From ed4197f387bb80be102e254ee4244b77a82a2cf5 Mon Sep 17 00:00:00 2001
From: Alexander Szczepanski <alexander@szczepan.ski>
Date: Sat, 31 Aug 2024 19:50:48 +0200
Subject: [PATCH] vps-arm-2024-08-31-19-50-48

---
 machine/vps-arm/configuration.nix | 19 ++++++++++++-------
 services/frigate.nix              |  2 +-
 services/gitea.nix                |  2 +-
 services/goaccess.nix             |  2 +-
 services/nextcloud.nix            |  2 +-
 5 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/machine/vps-arm/configuration.nix b/machine/vps-arm/configuration.nix
index a1885e8..a9e1958 100755
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@@ -47,21 +47,26 @@ in
         group = config.users.users.alex.group;
       };
 
-      # webdav-password = {
-      #   owner = config.users.users.alex.name;
-      #   group = config.users.users.alex.group;
-      # };
-
-      goaccess-password = {
+      goaccess-htpasswd = {
         owner = config.services.nginx.user;
         group = config.services.nginx.group;
       };
 
-      frigate-password = {
+      frigate-htpasswd = {
         owner = config.services.nginx.user;
         group = config.services.nginx.group;
       };
 
+      nextcloud-password = {
+        owner = "nextcloud";
+        group = "nextcloud";
+      };
+
+      gitea-password = {
+        owner = config.services.gitea.user;
+        group = config.services.gitea.group;
+      };
+
       hashedPassword = {
         neededForUsers = true;
         sopsFile = ../../secrets.yaml;
diff --git a/services/frigate.nix b/services/frigate.nix
index 30fe397..95235b8 100644
--- a/services/frigate.nix
+++ b/services/frigate.nix
@@ -9,7 +9,7 @@ in
         "frigate.szczepan.ski" = {
           forceSSL = true;
           enableACME = true;
-          basicAuthFile = config.sops.secrets.frigate-password.path;
+          basicAuthFile = config.sops.secrets.frigate-htpasswd.path;
         };
       };
     };
diff --git a/services/gitea.nix b/services/gitea.nix
index 74d0607..4da7317 100644
--- a/services/gitea.nix
+++ b/services/gitea.nix
@@ -29,7 +29,7 @@
       appName = "My awesome Gitea server"; # Give the site a name
       database = {
         type = "postgres";
-        password = "REMOVED_OLD_PASSWORD_FROM_HISTORY";
+        passwordFile = config.sops.secrets.gitea-password.path;
       };
       settings = {
         server = {
diff --git a/services/goaccess.nix b/services/goaccess.nix
index 5bd5adc..f2678ab 100644
--- a/services/goaccess.nix
+++ b/services/goaccess.nix
@@ -9,7 +9,7 @@ in
         "goaccess.szczepan.ski" = {
           forceSSL = true;
           enableACME = true;
-          basicAuthFile = config.sops.secrets.goaccess-password.path;
+          basicAuthFile = config.sops.secrets.goaccess-htpasswd.path;
           locations = {
             "/" = { root = "/var/www/goaccess"; };
             "/ws" = {
diff --git a/services/nextcloud.nix b/services/nextcloud.nix
index 892bb36..ab21d7f 100644
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@@ -92,7 +92,7 @@
       config = {
         dbtype = "pgsql";
         adminuser = "alex";
-        adminpassFile = "/var/nextcloud-admin-pass";
+        adminpassFile = config.sops.secrets.nextcloud-password.path;
       };
     };
   };