From c4877fff20470b7a16c093473aa77c408ac165e6 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Thu, 7 Nov 2019 11:35:07 -0500
Subject: [PATCH] accept stripe secret key config and pass it along

---
 nixos/modules/issuer.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/issuer.nix b/nixos/modules/issuer.nix
index fc0d2355..b22cb07f 100644
--- a/nixos/modules/issuer.nix
+++ b/nixos/modules/issuer.nix
@@ -49,6 +49,13 @@ in {
         ``Ristretto``.
       '';
     };
+    services.private-storage-issuer.stripeSecretKeyPath = lib.mkOption {
+      type = lib.types.path;
+      description = ''
+        The path to a file containing a Stripe secret key to use for charge
+        and payment management.
+      '';
+    };
     services.private-storage-issuer.database = lib.mkOption {
       default = "Memory";
       type = lib.types.enum [ "Memory" "SQLite3" ];
@@ -124,8 +131,9 @@ in {
             else
               # Only for automated testing.
               "--http-port 80";
+          stripeArgs = "--stripe-key ${builtins.readFile cfg.stripeSecretKeyPath}";
         in
-          "${cfg.package}/bin/PaymentServer-exe ${issuerArgs} ${databaseArgs} ${httpsArgs}";
+          "${cfg.package}/bin/PaymentServer-exe ${issuerArgs} ${databaseArgs} ${httpsArgs} ${stripeArgs}";
     };
 
     # Certificate renewal.  We must declare that we *require* it in our
-- 
GitLab