From 2dcdd2fb796a25e914c93ac8cc23e8ca5b52806f Mon Sep 17 00:00:00 2001
From: zackartz <zackmyers@lavabit.com>
Date: Sun, 5 May 2024 21:34:58 -0400
Subject: [PATCH] configure access

---
 hosts/pluto/services/gitlab.nix | 32 +++++++++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 5 deletions(-)

diff --git a/hosts/pluto/services/gitlab.nix b/hosts/pluto/services/gitlab.nix
index e9e0d62..421b528 100644
--- a/hosts/pluto/services/gitlab.nix
+++ b/hosts/pluto/services/gitlab.nix
@@ -4,13 +4,35 @@
   ...
 }: let
   sec = config.age.secrets;
+  user = config.services.gitlab.user;
+  group = config.services.gitlab.group;
 in {
   age.secrets = {
-    gitlab_db.file = ../../../sec/gitlab_db.age;
-    gitlab_initpw.file = ../../../sec/gitlab_initpw.age;
-    gitlab_otp.file = ../../../sec/gitlab_otp.age;
-    gitlab_pw.file = ../../../sec/gitlab_pw.age;
-    gitlab_sec.file = ../../../sec/gitlab_sec.age;
+    gitlab_db = {
+      file = ../../../sec/gitlab_db.age;
+      owner = user;
+      group = group;
+    };
+    gitlab_initpw = {
+      file = ../../../sec/gitlab_initpw.age;
+      owner = user;
+      group = group;
+    };
+    gitlab_otp = {
+      file = ../../../sec/gitlab_otp.age;
+      owner = user;
+      group = group;
+    };
+    gitlab_pw = {
+      file = ../../../sec/gitlab_pw.age;
+      owner = user;
+      group = group;
+    };
+    gitlab_sec = {
+      file = ../../../sec/gitlab_sec.age;
+      owner = user;
+      group = group;
+    };
   };
 
   services.gitlab = {