From 754f8d2d0beb3e6ab732de57af265ca1e2eded72 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Fri, 14 May 2021 13:52:53 -0400
Subject: [PATCH] Avoid repetition of the secret destination paths in issuer
 config

---
 morph/lib/make-issuer.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix
index 7510b6b8..9f37d640 100644
--- a/morph/lib/make-issuer.nix
+++ b/morph/lib/make-issuer.nix
@@ -8,7 +8,7 @@
 , stateVersion
 , publicIPv4
 , ...
-}: {
+}: rec {
   deployment = {
     targetHost = publicIPv4;
 
@@ -41,8 +41,8 @@
   services.private-storage-issuer = {
     enable = true;
     tls = true;
-    ristrettoSigningKeyPath = "/var/secrets/ristretto.signing-key";
-    stripeSecretKeyPath = "/var/secrets/stripe.secret-key";
+    ristrettoSigningKeyPath = deployment.secrets.ristretto-signing-key.destination;
+    stripeSecretKeyPath = deployment.secrets.stripe-secret-key.destination;
     database = "SQLite3";
     databasePath = "/var/db/vouchers.sqlite3";
     inherit letsEncryptAdminEmail;
-- 
GitLab