From 1a559b36e5cc85b7dc8b32c9c54d330422fbd161 Mon Sep 17 00:00:00 2001
From: Astro <astro@spaceboyz.net>
Date: Fri, 5 Mar 2021 01:16:57 +0100
Subject: [PATCH] freifunk: obtain flaky secrets

---
 flake.lock                            |  8 ++++----
 flake.nix                             | 10 ++++++++--
 hosts/containers/freifunk/default.nix | 15 +++------------
 3 files changed, 15 insertions(+), 18 deletions(-)

diff --git a/flake.lock b/flake.lock
index 07f8963d..4caf0cd9 100644
--- a/flake.lock
+++ b/flake.lock
@@ -39,11 +39,11 @@
     },
     "secrets": {
       "locked": {
-        "lastModified": 1614812093,
-        "narHash": "sha256-ca+4c4t4ALcXhlmrBGLZ+odG8QWGcJTMiyLZUe8gSkY=",
+        "lastModified": 1614901575,
+        "narHash": "sha256-aGKpOBH/3REMxsyGddq7Jd+uhCAj5hfHIFr3otJUZXo=",
         "ref": "master",
-        "rev": "169bddfd0cfea16ad74dc95187ca7c3ac40b6a11",
-        "revCount": 78,
+        "rev": "990543b60319b1d09d13c3e7506188a69f690c8e",
+        "revCount": 79,
         "type": "git",
         "url": "ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git"
       },
diff --git a/flake.nix b/flake.nix
index 2b2799c8..8592cd58 100644
--- a/flake.nix
+++ b/flake.nix
@@ -89,8 +89,14 @@
         };
 
         freifunk = nixosSystem' {
-          modules =
-            [ (import ./hosts/containers/freifunk { inherit secrets; }) ];
+          modules = [
+            ./hosts/containers/freifunk
+            ({ ... }: {
+              nixpkgs.overlays = with secrets.overlays; [
+                freifunk ospf
+              ];
+            })
+          ];
           system = "x86_64-linux";
         };
 
diff --git a/hosts/containers/freifunk/default.nix b/hosts/containers/freifunk/default.nix
index a8f8040d..27e2a189 100644
--- a/hosts/containers/freifunk/default.nix
+++ b/hosts/containers/freifunk/default.nix
@@ -1,4 +1,3 @@
-{ secrets }:
 { config, pkgs, lib, modulesPath, hostRegistry, ... }:
 
 let
@@ -7,8 +6,7 @@ let
   meshInterface = "bmx";
   meshLoopback = "bmx_prime";
   ddmeshRegisterUrl = "https://register.freifunk-dresden.de/bot.php";
-  secrets' = import "${secrets}/hosts/freifunk";
-  ddmeshRegisterKey = secrets'.ddmeshRegisterKey;
+  ddmeshRegisterKey = pkgs.c3d2-freifunk.ddmeshRegisterKey;
   ddmeshNode = 51073;
   ddmeshAddrPart = "200.74";
   rt_table = 7;
@@ -198,9 +196,7 @@ in {
           stubnet 10.200.0.0/15;
           interface "core" {
             authentication cryptographic;
-            password "${
-              import "${secrets}/shared/ospf/message-digest-key.nix"
-            }";
+            password "${pkgs.zentralwerk-ospf-message-digest-key}";
           };
         };
       }
@@ -212,12 +208,7 @@ in {
             2a02:8106:208:5200::/56;
             2a02:8106:211:e900::/56;
           };
-          interface "core" {
-            #authentication cryptographic;
-            #password "${
-              import "${secrets}/shared/ospf/message-digest-key.nix"
-            }";
-          };
+          interface "core" {};
         };
       }