| 4 Jan 2024 |
 hacker1024 | In reply to @rick:matrix.ciphernetics.nl
You may be able to change the module to support that use-case, but I'm not deep enough in it to be sure I've added a postStart section to the hydra-init service to replace the link to the config file with a copy concatenated with my secret file. This seems to be working well for now. | 23:40:34 |
| 5 Jan 2024 |
 cransom | way back when, yeah, i did something similar for secrets. | 16:01:03 |
 @arcayr:rascals.net | In reply to @hacker1024:matrix.org
Is there any way to read a value from another file or environment variable in the Hydra configuration? I've set up sops-nix for all my secrets, but Hydra requires GitLab tokens to be put in the configuration file itself. The NixOS module generates the entire configuration file during evaluation, so there's no way to put secrets inside it. hydra doesn't have a configFile / environmentFile attr? | 16:02:15 |
 ma27 | I usually do Include foo in hydra.conf and ln -sf ${config.sops.foo.path} /var/lib/hydra/foo in e.g. the poststart. | 16:02:33 |
| ma27 | IIRC the config file format supports inclusions, but not from arbitrary locations, hence the symlink. | 16:02:52 |
