hydra: start signing paths

This commit is contained in:
Pierre Bourdon 2024-07-10 17:34:57 +02:00
parent 70e608a8f7
commit f74d1ca0f6
Signed by untrusted user: delroth
GPG key ID: 6FB80DCD84DA0F1C
3 changed files with 5 additions and 1 deletions

View file

@ -5,6 +5,7 @@ let
secrets = with keys; { secrets = with keys; {
hydra-s3-credentials = [ machines.bagel-box ]; hydra-s3-credentials = [ machines.bagel-box ];
hydra-signing-priv = [ machines.bagel-box ];
hydra-ssh-key-priv = [ machines.bagel-box ]; hydra-ssh-key-priv = [ machines.bagel-box ];
netbox-environment = [ machines.meta01 ]; netbox-environment = [ machines.meta01 ];
mimir-environment = [ machines.meta01 ]; mimir-environment = [ machines.meta01 ];

Binary file not shown.

View file

@ -48,6 +48,9 @@ in {
age.secrets.hydra-s3-credentials.file = ../../secrets/hydra-s3-credentials.age; age.secrets.hydra-s3-credentials.file = ../../secrets/hydra-s3-credentials.age;
age.secrets.hydra-signing-priv.owner = "hydra-queue-runner";
age.secrets.hydra-signing-priv.file = ../../secrets/hydra-signing-priv.age;
age.secrets.hydra-ssh-key-priv.owner = "hydra-queue-runner"; age.secrets.hydra-ssh-key-priv.owner = "hydra-queue-runner";
age.secrets.hydra-ssh-key-priv.file = ../../secrets/hydra-ssh-key-priv.age; age.secrets.hydra-ssh-key-priv.file = ../../secrets/hydra-ssh-key-priv.age;
@ -90,7 +93,7 @@ in {
endpoint = "s3.delroth.net"; endpoint = "s3.delroth.net";
region = "garage"; region = "garage";
#secret-key = "TODO"; secret-key = config.age.secrets.hydra-signing-priv.path;
compression = "zstd"; compression = "zstd";
log-compression = "br"; log-compression = "br";