From cfaefc153643c612b41e0e131097afe6e79d5487 Mon Sep 17 00:00:00 2001
From: zuckerberg <5-zuckerberg@users.noreply.git.neet.dev>
Date: Tue, 22 Jun 2021 21:12:42 -0400
Subject: [PATCH] load pia secret for container

---
 machines/mitty/configuration.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/machines/mitty/configuration.nix b/machines/mitty/configuration.nix
index b9d7a11..8341003 100644
--- a/machines/mitty/configuration.nix
+++ b/machines/mitty/configuration.nix
@@ -35,6 +35,12 @@
         isReadOnly = false;
       };
     };
+    bindMounts = {
+      "/run/secrets" = {
+        hostPath = "/run/secrets";
+        isReadOnly = true;
+      };
+    };
     enableTun = true;
     privateNetwork = true;
     hostAddress = "172.16.100.1";
@@ -105,6 +111,8 @@
       proxyPass = "http://172.16.100.2:9117";
     };
   };
+  # load the secret on behalf of the container
+  age.secrets."pia-login.conf".file = ../../secrets/pia-login.conf;
 
   networking.nat.enable = true;
   networking.nat.internalInterfaces = [ "ve-jellyfin" ];