services.oncall.secretFile

A YAML file containing secrets such as database or user passwords. Some variables that can be considered secrets are:

• db.conn.kwargs.password: Password used to authenticate to the database.

• session.encrypt_key: Key for encrypting/signing session cookies. Change to random long values in production.

• session.sign_key: Key for encrypting/signing session cookies. Change to random long values in production.

Type

absolute path not in the Nix store

Example

"/run/keys/oncall-dbpassword"

Declared

<nixpkgs/nixos/modules/services/web-apps/oncall.nix>