Fix secret permission

linux/nebula/jellyfin.nix

@@ -1,8 +1,4 @@
-{
-  config,
-  pkgs,
-  ...
-}:
+{config, ...}:
 with config.constants; {
   hardware.graphics.enable = true;
 

linux/singularity/caddy.nix

@@ -21,10 +21,10 @@ with config.constants; {
             };
           })
           fqdns);
-      portStr = builtins.mapAttrs (n: v: toString v) port;
       homeSrv = s: "nebula:${portStr.${s}}";
       localSrv = s: "${localhost}:${portStr.${s}}";
       mtfqdn = "matrix.${domain}";
+      portStr = builtins.mapAttrs (n: v: toString v) port;
       wn = s: "/.well-known/${s}";
     in
       {

linux/singularity/coturn.nix

@@ -1,8 +1,9 @@
-{config, ...}: {
-  services.coturn = with config.constants; let
-    acmeDir = config.security.acme.certs.${coturn-realm}.directory;
-    coturn-realm = "turn.${domain}";
-  in {
+{config, ...}:
+with config.constants; let
+  acmeDir = config.security.acme.certs.${coturn-realm}.directory;
+  coturn-realm = "turn.${domain}";
+in {
+  services.coturn = {
     enable = true;
     cert = "${acmeDir}/fullchain.pem";
     listening-port = port.coturn;
@@ -15,5 +16,5 @@
     use-auth-secret = true;
   };
 
-  sops.secrets.coturn = {};
+  sops.secrets.coturn.owner = "turnserver";
 }