fix up services

hosts/gerg-desktop/secrets.yaml

@@ -1,4 +1,4 @@
-cloudflare: ENC[AES256_GCM,data:yoP4ypD6gD6ZBbuFIzT9nJxgwky1ev1jpaOOyEVMpeShQa3/zR4GCA==,iv:Vx6sHF/k0gkIf8S7hGtHPPM8gOBJKg30QbqZgQ0tvHg=,tag:vh8v8Fu7wMs1Opw7dZvkrg==,type:str]
+cloudflare: ENC[AES256_GCM,data:RZ+Smjn1nvnkxYAF56fEcBsFvO3YY+FWJ8wb0c72sxQleRjy9tVp7yDr9gRfUg3G,iv:mGaFxKFLrIouNhyqq/nBKaKub1WfekcCeHVLASQpBCs=,tag:xKl5EHR9g7d4pJkt49BLyw==,type:str]
 discordenv: ENC[AES256_GCM,data:dzl1FaBUPiiGR8hOmUVDulGnS9wBwX0ddYYV/euilrrHGO8GiktfENSLLIPpqNm1jSoO8zIs10/tTeQLGPtN5yUhF5lYhcjupows20Cd/Nn0OwDuLfXZmO3dAbN4hvsbGnJpnDOEB2EvqRZSQPxH8eLc0Do0hryjnrIYuKpN,iv:uWGY3XAbgFg1ZyI7J1/Q+UOdc5mReYvVq9uLFqfmadw=,tag:+ZlVbJ5ZyahaG1V3H+MVpQ==,type:str]
 searxngenv: ENC[AES256_GCM,data:HtH4KxXWoQEJp88Bgfhfj5Y4Up+inHu8mnVtay64XvCRpVKHF/kceC3XwT9C3IdXpQ==,iv:iXK8hOFoEnM5wFUZhC8IOdHzPhwPDHtTL8MmS5FSlns=,tag:TZHTB7ia5Qq2f2fETJOpEA==,type:str]
 minifluxenv: ENC[AES256_GCM,data:wgz6sxSbbjXrgBAak0Q0TlvG78+JHPpiPtcbqGo9HpSF3qY78edECCDB3qqIaynxdhI4,iv:mbsr+OG8fE5MggmC+TNkLmhhDNGvJo+uelNRo/rMLoo=,tag:xN+FbNHZIVCruQh23aMt5g==,type:str]
@@ -24,8 +24,8 @@ sops:
             dGhDRXRTWE9xSGtxQU80RVpuL1A5MkEKxAxC/wDkq+6hM8eXkWd/RBDNIUtGYnPy
             MvVxB6dkj+S11oRcMpdFqiM9jSzz/gYecB2tfuDgj+UX/VAzSkvPxA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-09-29T03:41:47Z"
-    mac: ENC[AES256_GCM,data:l8NkKfp3NCn7zOX4HT56kA2PHAPdaMOCPAw+jsiIFaUMeO80KgpdjOfzluOgL+vrp9xm3FQsbwMyr106WkOU5pSIigi1nvXRKnLeuxpjBI6lppeNl9vj6JhJkECHqAdoy5XWmQmRopu89OP2cdlIiU+eykZ9eXSexEp2zGl16U4=,iv:9dXbt8Qi2gqY6M5ySFuxqZbvjPkls0Gbrzdm1j+IyAA=,tag:bgMXWdIQbYiq6GwJwpxkqA==,type:str]
+    lastmodified: "2023-10-23T22:08:14Z"
+    mac: ENC[AES256_GCM,data:DPRroMke8bs2Mvd7tCw+Yh35D5IuZM1IIP/h9sgvx49wadEAQViKXgJksIttZ+HtPO9MrKm+T3Aczg0piC+eDVY0tK+k4qQ0EDVXVddUP89Iw+KxmABqH9u8+293salandcnC1NSPAYs2ojajoU/3ioReeZREFAiN3ohOOS1Nx0=,iv:rhugs11hOqhTVUYO+2H4BS65sIwaarbhv3e2x8mYOm4=,tag:d/2PQ9qplas3+zrzbdAHWw==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.8.0
+    version: 3.8.1

hosts/gerg-desktop/services/ddns.nix

@@ -17,7 +17,7 @@ _:
     startAt = "*:0/30";
 
     serviceConfig = {
-      LoadCredential = "token:${config.sops.secrets.cloudflare.path}";
+      EnvironmentFile = config.sops.secrets.cloudflare.path;
       DynamicUser = true;
     };
 
@@ -33,8 +33,6 @@ _:
         exit 0
       fi
 
-      AUTH="$(cat "$CREDENTIALS_DIRECTORY/token")"
-
       IP=$(grep -oP '^((?!fe80).).{22}ffee.{5}' /proc/net/if_inet6 | sed -E 's/(.{4})/\1:/g; s/.$//')
 
       func () {
@@ -69,15 +67,15 @@ _:
           --url "https://api.cloudflare.com/client/v4/zones/$ZONE/dns_records/$ID" \
           --header "Authorization: Bearer $AUTH" \
           --header "Content-Type: application/json" \
-          --data "{
-          \"content\": \"$IP\",
-          \"name\": \"$RECORD\",
-          \"proxied\": $PROXY,
-          \"type\": \"AAAA\",
-          \"comment\": \"\",
-          \"tags\": [],
-          \"ttl\":  1
-        }"
+          --data '{
+          "content": "'"$IP"'",
+          "name": "'"$RECORD"'",
+          "proxied": '"$PROXY"',
+          "type": "AAAA",
+          "comment": "",
+          "tags": [],
+          "ttl":  1
+        }'
       }
 
       func "*.gerg-l.com" "8f76f071c5edbc0f947a5c5f9c5df9f8"

hosts/gerg-desktop/services/miniflux.nix

@@ -6,7 +6,7 @@ _:
   ...
 }:
 {
-  sops.secrets.minifluxenv.owner = "miniflux";
+  sops.secrets.minifluxenv = { };
 
   systemd.services = {
     miniflux = {

hosts/gerg-desktop/services/searxng.nix

@@ -1,18 +1,11 @@
 _:
 { config, pkgs, ... }:
 {
-  sops.secrets.searxngenv = {
-    owner = "searx";
-    group = "searx";
-  };
+  sops.secrets.searxngenv = { };
   users.users.${config.services.nginx.user}.extraGroups = [ "searx" ];
   services.searx = {
     enable = true;
     package = pkgs.searxng;
-    #Later
-    /* redisCreateLocally = true;
-       limiterSettings = {};
-    */
     runInUwsgi = true;
     uwsgiConfig = {
       socket = "/run/searx/searx.sock";