Remove redundant secret injection for oink

configuration.nix

@@ -210,6 +210,11 @@ with pkgs;
       owner = "inadyn";
       group = "inadyn";
     };
+    secrets.inadyn-porkbun-secret = {
+      file = secrets/inadyn-porkbun-secret.age;
+      owner = "inadyn";
+      group = "inadyn";
+    };
     secrets.acme-duckdns = {
       file = secrets/acme-duckdns.age;
       owner = "acme";

modules/networking.nix

@@ -47,11 +47,9 @@ in
   # NOTE Temporary workaround until Inadyn fixes the Porkbun module
   services.oink = {
     enable = true;
-    settings = {
+    apiKeyFile = config.age.secrets.inadyn-porkbun.path;
-      apiKey = "PLACEHOLDER";
+    secretApiKeyFile = config.age.secrets.inadyn-porkbun-secret.path;
-      secretApiKey = "PLACEHOLDER";
+    settings.interval = 1800;
-      interval = 1800;
-    };
     domains = [
       {
         domain = "psydnd.org";
@@ -59,8 +57,6 @@ in
       }
     ];
   };
-  # NOTE Load credentials using environment variables
-  systemd.services.oink.serviceConfig.EnvironmentFile = config.age.secrets.inadyn-porkbun.path;
 
   # Firewall configuration
   networking.firewall = {

secrets/inadyn-porkbun-secret.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 iUaRGg paS5BxWWicriSLAZyCBKd2xylLAp4/LcHmogO7me8yQ
+MWW/Pkvn+4G4YeYXY9ZPXC92TbcFXQMyHJ2ltFzXpZs
+--- ZdFfQ7tHfEo+u/0MmigCNh6OIxkd2bimRN30rMUs1ks
+<EFBFBD>9<EFBFBD>7Y<EFBFBD>$B<>sX<0E>ʽb<CABD>O'J<><4A>S
'<27>5!<21><>UMʯ-v<>m<EFBFBD><6D><EFBFBD><EFBFBD><EFBFBD>8%|R,<2C>~I<><14><>G<EFBFBD><47>VQE<0E>0D<30>:Qv<<1E><>)<29><0B><>%fc<66><63>XZչ 7+yB

secrets/secrets.nix

@@ -17,6 +17,7 @@ in
   "signal.age".publicKeys = [ zion ];
   "inadyn-duckdns.age".publicKeys = [ zion ];
   "inadyn-porkbun.age".publicKeys = [ zion ];
+  "inadyn-porkbun-secret.age".publicKeys = [ zion ];
   "acme-duckdns.age".publicKeys = [ zion ];
   "acme-porkbun.age".publicKeys = [ zion ];
   "microbin.age".publicKeys = [ zion ];