fix various agenix things

2025-10-17 23:12:18 -04:00 · 2025-10-17 23:12:18 -04:00 · e8aafda386
commit e8aafda386
parent 1ddcccd1c2
4 changed files with 7 additions and 19 deletions
--- a/services/caddy.nix
+++ b/services/caddy.nix
@ -65,12 +65,6 @@ in
    };
  };

-  # Add agenix dependency for caddy service
-  systemd.services.caddy = {
-    after = [ "agenix.service" ];
-    requires = [ "agenix.service" ];
-  };
-
  systemd.tmpfiles.rules = [
    "d ${config.services.caddy.dataDir} 700 ${config.services.caddy.user} ${config.services.caddy.group}"
  ];
--- a/services/soulseek.nix
+++ b/services/soulseek.nix
@ -67,12 +67,6 @@ in
  users.users.${config.services.jellyfin.user}.extraGroups = [ "music" ];
  users.users.${username}.extraGroups = [ "music" ];

-  # Add agenix dependencies for slskd service
-  systemd.services.slskd = {
-    after = [ "agenix.service" ];
-    requires = [ "agenix.service" ];
-  };
-
  systemd.tmpfiles.rules = [
    "Z ${service_configs.music_dir} 0750 ${username} music"
    "Z ${service_configs.slskd.base} 0750 ${config.services.slskd.user} ${config.services.slskd.group}"
--- a/services/wg.nix
+++ b/services/wg.nix
@ -21,9 +21,7 @@
      "network.target"
      "jellyfin.service"
      "qbittorrent.service"
-      "agenix.service"
    ];
-    requires = [ "agenix.service" ];
    wantedBy = [ "multi-user.target" ];

    serviceConfig = {
--- a/usb-secrets.nix
+++ b/usb-secrets.nix
@ -9,12 +9,14 @@
  fileSystems."/mnt/usb-secrets" = {
    device = "/dev/disk/by-label/SECRETS";
    fsType = "vfat";
-    options = [ "noauto" "user" "rw" ];
+    options = [
+      "ro"
+      "uid=root"
+      "gid=root"
+      "umask=377"
+    ];
+    neededForBoot = true;
  };

  age.identityPaths = [ "/mnt/usb-secrets/usb-secrets-key" ];
-
-  systemd.tmpfiles.rules = [
-    "d /mnt/usb-secrets 0755 root root -"
-  ];
 }