From 62a9709ff5093fb47382105cc238cba8a2ecd898 Mon Sep 17 00:00:00 2001
From: Alexander Heldt <me@alexanderheldt.se>
Date: Sun, 18 May 2025 15:07:00 +0000
Subject: [PATCH] manatee: Use secrets for `syncthing` cert/key

---
 hosts/manatee/modules/syncthing/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/hosts/manatee/modules/syncthing/default.nix b/hosts/manatee/modules/syncthing/default.nix
index e597cb4..bbd0e2e 100644
--- a/hosts/manatee/modules/syncthing/default.nix
+++ b/hosts/manatee/modules/syncthing/default.nix
@@ -13,6 +13,9 @@ in
     services.syncthing = {
       enable = true;
 
+      cert = config.age.secrets.syncthing-cert.path;
+      key = config.age.secrets.syncthing-key.path;
+
       user = "storage";
       group = "storage";
 
@@ -32,5 +35,12 @@ in
         folders = { };
       };
     };
+
+    age = {
+      secrets = {
+        "syncthing-cert".file = ../../../../secrets/manatee/syncthing-cert.age;
+        "syncthing-key".file = ../../../../secrets/manatee/syncthing-key.age;
+      };
+    };
   };
 }