Rupert, burp server: Use password files as well

hosts/Rupert.nix

@@ -47,7 +47,8 @@ in
 
     services.burp.client = {
         enable = true;
-        password = config.services.burp.server.clients."${config.networking.hostName}".password;
+        passwordFile = "/secrets/burp_client_passwords/${config.networking.hostName}";
+        sslKeyPasswordFile = "/secrets/burp_client_ssl_key_password";
     };
 
     # Flatpak

hosts/burp-server.nix

@@ -1,32 +1,24 @@
 { config, lib, ... }:
-let
-    definedInPersonalDotNix = lib.mkDefault (throw "Configuration option missing from personal.nix");
-in
 {
     services.burp.server = {
         enable = true;
         dataDirectory = "/data/burp";
-        sslKeyPassword = definedInPersonalDotNix;
+        sslKeyPasswordFile = "/secrets/burp_server_ssl_key_password";
         workingDirRecoveryMethod = "resume";
         maxResumeAttempts = 3;
         keep = [ 14 4 6 2 ];
-        clients = {
-            ${config.networking.hostName} = {
-                password = definedInPersonalDotNix;
+        clients = lib.listToAttrs (map (client: {
+            name = client;
+            value = {
+                passwordFile = "/secrets/burp_client_passwords/${client}";
             };
-            Pullach = {
-                password = definedInPersonalDotNix;
-            };
-            Disco = {
-                password = definedInPersonalDotNix;
-            };
-            Berthold = {
-                password = definedInPersonalDotNix;
-            };
-            Ernesto = {
-                password = definedInPersonalDotNix;
-            };
-        };
+        }) [
+            config.networking.hostName
+            "Pullach"
+            "Disco"
+            "Berthold"
+            "Ernesto"
+        ]);
         superClients = [
             config.networking.hostName
         ];