lets try this

2025-03-04 02:05:17 +03:00 · 2025-03-04 02:05:17 +03:00 · 7d7e2eec37
commit 7d7e2eec37
parent c9015f6879
1 changed files with 1 additions and 12 deletions
--- a/modules/caddy.nix
+++ b/modules/caddy.nix
@ -35,18 +35,7 @@
      ];

      systemd.services.caddy.serviceConfig = {
-        LoadCredential = "CLOUDFLARE_API_TOKEN:${config.age.secrets.cloudflare.path}";
-        EnvironmentFile = "-%t/caddy/secrets.env";
-        RuntimeDirectory = "caddy";
-        ExecStartPre = [
-          ((pkgs.writeShellApplication {
-              name = "caddy-secrets";
-              text = "echo \"CLOUDFLARE_API_TOKEN=\\\"$(<\"$CREDENTIALS_DIRECTORY/CLOUDFLARE_API_TOKEN\")\\\"\" > \"$RUNTIME_DIRECTORY/secrets.env\"";
-            })
-            + "/bin/caddy-secrets")
-        ];
-        AmbientCapabilities = "cap_net_bind_service";
-        CapabilityBoundingSet = "cap_net_bind_service";
+        EnvironmentFile = "/etc/caddy/.env";
      };
    })
  ];