Update Keycloak configuration to ensure proper handling of SOPS secrets and maintain consistency in secret file references

2025-12-10 02:41:10 -06:00
parent 616db8006e
commit b912aa82fa
1 changed files with 1 additions and 1 deletions
--- a/modules/servers/keycloak.nix
+++ b/modules/servers/keycloak.nix
@@ -11,11 +11,11 @@ in
 {
  options.my.servers.keycloak = setup.mkOptions "keycloak" "auth" 8090;
  config = lib.mkIf (cfg.enable && config.my.secureHost) {
+    sops.secrets.postgres-password.sopsFile = ../../secrets/secrets.yaml;
    sops.secrets.keycloak = {
      sopsFile = ../../secrets/env.yaml;
      restartUnits = [ "keycloak.service" ];
    };
-    sops.secrets.postgres-password.sopsFile = ../../secrets/secrets.yaml;
    services.keycloak = {
      inherit (cfg) enable;
      database = {