chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity

add the ssh host key

Browse source
This commit is contained in:
chaos 2023-09-20 19:02:27 +01:00
parent bfbba966c6
commit 73cd331583
No known key found for this signature in database
1 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
hosts/hetzner-arm/secrets.nix
View file

@ -15,6 +15,8 @@
}; };
requiredVaultPaths = [ requiredVaultPaths = [
"private-public-keys/data/ssh/root@hetzner-arm-decrypt"
"api-keys/data/gitlab/gitlab_pages_serve" "api-keys/data/gitlab/gitlab_pages_serve"
]; ];
@ -23,6 +25,17 @@
manual = true; manual = true;
}; };
# this doesn't need to be a secret and can be generated at install time
# but it makes it easier to install.
# it's stored in /nix store anyway
ssh_host_ed25519_key = {
path = "/ssh_host_ed25519_key";
permissions = "600";
fetchScript = ''
simple_get "/private-public-keys/ssh/root@hetzner-arm-decrypt" .private | base64 -d > "$secretFile"
'';
};
# Used directly by server # Used directly by server
# for fetching gitlab static sites # for fetching gitlab static sites
gitlab_env = { gitlab_env = {