From f004598a1c5b3863de0e67360817c9304ef81998 Mon Sep 17 00:00:00 2001
From: Gene Liverman <gene@technicalissues.us>
Date: Sun, 25 Jan 2026 23:40:23 -0500
Subject: [PATCH] Setup Pocket ID bits in Dawarich

---
 modules/hosts/nixos/hetznix01/post-install/default.nix | 7 +++++++
 modules/hosts/nixos/hetznix01/secrets.yaml             | 7 ++++---
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/modules/hosts/nixos/hetznix01/post-install/default.nix b/modules/hosts/nixos/hetznix01/post-install/default.nix
index 9ab581b..8741d3f 100644
--- a/modules/hosts/nixos/hetznix01/post-install/default.nix
+++ b/modules/hosts/nixos/hetznix01/post-install/default.nix
@@ -63,6 +63,9 @@ in {
         NOMINATIM_API_HOST = "nominatim.home.technicalissues.us";
         NOMINATIM_API_USE_HTTPS = "true";
       };
+      extraEnvFiles = [
+        "${config.sops.secrets.dawarich_env.path}"
+      ];
       localDomain = "location.technicalissues.us";
       smtp = {
         fromAddress = "location@hetznix01.technicalissues.us";
@@ -170,6 +173,10 @@ in {
         owner = "${username}";
         path = "${config.users.users.${username}.home}/.private-env";
       };
+      dawarich_env = {
+        owner = config.services.dawarich.user;
+        restartUnits = [ "dawarich-web.service" ];
+      };
       matrix_secrets_yaml = {
         owner = config.users.users.matrix-synapse.name;
         restartUnits = ["matrix-synapse.service"];
diff --git a/modules/hosts/nixos/hetznix01/secrets.yaml b/modules/hosts/nixos/hetznix01/secrets.yaml
index e1117b6..a5a7dfa 100644
--- a/modules/hosts/nixos/hetznix01/secrets.yaml
+++ b/modules/hosts/nixos/hetznix01/secrets.yaml
@@ -1,6 +1,7 @@
 local_git_config: ENC[AES256_GCM,data:BulcGoJ85+BA3maqbMewUdaNOl3feaJMq/4yZL8Y8SLOHqzmA/DUO7k=,iv:V7wpSiEQpt7AhKd+MUyGqTsO6YZovpkj+AaqpLnfRM0=,tag:7f3fFzQX3bpjokVPnUKDPQ==,type:str]
 local_private_env: ENC[AES256_GCM,data:OFcCaE9/hpd6JIoUTTxg0pEFL3rkUE3G+JzP/wjFXpa/AJa2Rr0Kv42Pu+iwgPMWgcpp50ChjVxGvbceNQ==,iv:I2LyWwvdMdE4wKLb3udLVMu3jFsvYR1ruZvaVt9GG7c=,tag:tBPmlNr0iNdLRU1GIRV2mg==,type:str]
 emqx_env: ENC[AES256_GCM,data:NGGMGAtY1s8ojVjMYahS80ichwBFGWrQI3qn2zc3bKr3wdQrcx5p9O0fMPqff6rH3w==,iv:OFEkDybGFnUQXzVJAJ3tTAShfeUvzwE4bLecUQ/YPjQ=,tag:XynNkgXxdga8DmiXZ7Sy9Q==,type:str]
+dawarich_env: ENC[AES256_GCM,data:mS821nAHy+vt8gwex6ZxcYMl8cue8QTnv1tbjfyGIyYygB2U7cpilX7mHMkJ4LjXmkBDII0LB//cJQsJMvP6WwcduwWD3FcXLFg+FoRtWRTYAw9J6lnR8m8cDOQ9tdwQM4NaUjcF44hUpai3Z+CT23XvGj8v3hgfNfcn/C0AqLSZQWO036X8R88MU88CCAaLunlSzwxB8U/H4rhXvTRVJAUUezPw2kFxEbHYC2amd1a0Imxrc5MHMbFLMkYIGVTBbj5y6RR7TsBMYFz29oVcBCv0BilJ/hOj524u9Ijsr9/upWj8otF0KFA5TvagUBWJxlyH1DsSZxE=,iv:HWzA2jAPOq7wrMDaaD73k/v/KRCFQ+Qy2b19Dg7/Teo=,tag:sLrZqXUBk+sYqYsUOae7cg==,type:str]
 matrix_secrets_yaml: ENC[AES256_GCM,data:6DLtAZIYBlL7iQVS/FBeUEhHyAOFZ5JRNqFBqi59GVh7cP0Hp8RBWxKpWAH2eUPYqUqUGCKrSSH3sJqzV+vasSR62tcltV7+13+q+rZVCZNCEf21EwQ5aaxgR3yG4n3YUPqLsCQB6UnWn0tF5HO0ofjYkya0pQ/nX9TBiiqIcPcd4NovbTtf+S0G0VptqyXAuRvJoKCx42ft9IBfV9tF1QsXLemKYlI10hN5l/MgJHwVbwH5xXR2kLKvnlpAyIoST/uJhswQV9DyK9cnl09ZM9ztcXhveBzv6uDW+pme8lFL99SMtMJcbSzxYW/pt+GJgYd1NiaoPbayWM72jdpH0hf2zWchxnIJIyL3H6EzIjD8BE9GnMP7ujQwBZGNZITRSg==,iv:cDtuOhv2v6CZcwiMM3oqjmajIl7D8Im+LkfarcjTM/w=,tag:e7zRQBYslJqESOGN3c4/aw==,type:str]
 matrix_homeserver_signing_key: ENC[AES256_GCM,data:+RflNxFfS2w9LbavT7YnCQIhJWI49kN7pOa9/dH0BpDWxKQaLE4ZYBYq0ikAgcHaF3+rBL3f6KxUacw=,iv:6+nZzuxBUwjM74XHCD89YWfyuMRcoIwQlHLiNN4NWdc=,tag:91yigynRz6QdEd4rF7d/9g==,type:str]
 mosquitto_mountain_mesh: ENC[AES256_GCM,data:LczPsPtAgkTTGcG3KYXMkfeA67e81Q5zJ5Nb8JcSosvvUwJRUi6yDcV/0wsYbMxeWDMrE/p+2KFRI48BVcUbY/LXqyFu5iNbX5IJXxzrexXXSTnOLa2PEamESzQlWI0ZS+K0Q48/5v9ekNVOkPgNQQ==,iv:jfa0QKOp8fyieUYTbMnBJ18VZwPO2CVnYQECHLNCyPI=,tag:9YZU82XQUmLJAFK+AiZ/Vw==,type:str]
@@ -25,7 +26,7 @@ sops:
             WkI4ejBaODI0d0tjWHpTT3VWTXNyaXcKMDtvHN4gcZqBNslyC+NwYW05zgs8QuPV
             W6EktAz+xu6kx5BJbli5GkUFmj52AtEGIqZ1Sr4a0pKQACC87XcTQA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-09-30T01:05:21Z"
-    mac: ENC[AES256_GCM,data:JqLWrABSqRI5c2h0IE8G5+w7qBBOMflE2zVkcxPaZ8HgtjcStJFtrJu4p4PDkro/PCZ5fh1CgWteRw225xlTIGH9IN7Y+PV4tkgRM1r33ZolnFIfZZEKnEN1+Fyb6F70tfWgsj6lhxZvPUfoVHIOGXGYGTMEncT1VtH9mRghCRA=,iv:MbLd64qHie/8c5h03s3PPVLhJTpP3ZToRGxgsxErPOk=,tag:29oL10fXCvrUl7Myd48diA==,type:str]
+    lastmodified: "2026-01-26T04:52:54Z"
+    mac: ENC[AES256_GCM,data:1pDP/ENGdw+bp9euYeiq3V7FNg6/IO88mbBcaYoI+Zi2TCETmCJXGupMKPeyTQ+OJf9C5yHaBHcVISLyJbrDehLp4ndCvNxl0jboytub3YCn0s7QxOLmNI0guRO45EPpPKQekD9TTqv/8QxvKqTvfmIlpdb+Vfii2XTsY5fkNA0=,iv:n7UcVvOYVyvAu74IJUE506GboPTg7rOekgsgoyx8ig4=,tag:gkrV7H/OKAEldFbuD1VEfw==,type:str]
     unencrypted_suffix: _unencrypted
-    version: 3.10.2
+    version: 3.11.0