the-distro/infra
8
0
Fork 3
Code Issues 34 Pull requests 3 Packages Projects 1 Releases Wiki Activity

hydra: start signing paths

Browse source
This commit is contained in:
Pierre Bourdon 2024-07-10 17:34:57 +02:00
parent 70e608a8f7
commit f74d1ca0f6
Signed by: delroth
GPG key ID: 6FB80DCD84DA0F1C
3 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
secrets.nix
View file

@ -5,6 +5,7 @@ let
secrets = with keys; {
hydra-s3-credentials = [ machines.bagel-box ];
hydra-signing-priv = [ machines.bagel-box ];
hydra-ssh-key-priv = [ machines.bagel-box ];
netbox-environment = [ machines.meta01 ];
mimir-environment = [ machines.meta01 ];

BIN
secrets/hydra-signing-priv.age Normal file
View file

Binary file not shown.

5
services/hydra/default.nix
View file

@ -48,6 +48,9 @@ in {
age.secrets.hydra-s3-credentials.file = ../../secrets/hydra-s3-credentials.age;
age.secrets.hydra-signing-priv.owner = "hydra-queue-runner";
age.secrets.hydra-signing-priv.file = ../../secrets/hydra-signing-priv.age;
age.secrets.hydra-ssh-key-priv.owner = "hydra-queue-runner";
age.secrets.hydra-ssh-key-priv.file = ../../secrets/hydra-ssh-key-priv.age;
@ -90,7 +93,7 @@ in {
endpoint = "s3.delroth.net";
region = "garage";
#secret-key = "TODO";
secret-key = config.age.secrets.hydra-signing-priv.path;
compression = "zstd";
log-compression = "br";