Nixops deploying secrets and symlink

I’m using nixops and on the machine I am deploying to, I want to mount a webdav share via davfs2.

To get the secret on the machine I use:

deployment.keys.storage-box-pass.text = builtins.readFile ./storage-box-pass.key;

But davfs2 expects the secret to be in /etc/davfs2/secrets. I can symlink these two location and it works, but can I declare a symlink in my configuration or is there a better way to do this?

Oof. I typed a bunch of stuff before realizing that it only loads from that specific path for the server.

You could try:

environment.etc."davfs2/secrets".target = deployment.keys.storage-box-pass.path;
1 Like

at this is working great, just two things:

I had to use environment.etc."davfs2/secrets".source not target

and I can’t seem to use deployment.keys.storage-box-pass.path; so I just typed it out manually, but how do I access this? I tried to set rec, but that also didn’t help, I just get: attribute 'path' missing

So my current solution is:

deployment.keys.storage-box-pass.text = builtins.readFile ./storage-box-pass.key;
environment.etc."davfs2/secrets".source = "/run/keys/storage-box-pass";