hydra: start signing paths
This commit is contained in:
parent
70e608a8f7
commit
f74d1ca0f6
|
@ -5,6 +5,7 @@ let
|
|||
|
||||
secrets = with keys; {
|
||||
hydra-s3-credentials = [ machines.bagel-box ];
|
||||
hydra-signing-priv = [ machines.bagel-box ];
|
||||
hydra-ssh-key-priv = [ machines.bagel-box ];
|
||||
netbox-environment = [ machines.meta01 ];
|
||||
mimir-environment = [ machines.meta01 ];
|
||||
|
|
BIN
secrets/hydra-signing-priv.age
Normal file
BIN
secrets/hydra-signing-priv.age
Normal file
Binary file not shown.
|
@ -48,6 +48,9 @@ in {
|
|||
|
||||
age.secrets.hydra-s3-credentials.file = ../../secrets/hydra-s3-credentials.age;
|
||||
|
||||
age.secrets.hydra-signing-priv.owner = "hydra-queue-runner";
|
||||
age.secrets.hydra-signing-priv.file = ../../secrets/hydra-signing-priv.age;
|
||||
|
||||
age.secrets.hydra-ssh-key-priv.owner = "hydra-queue-runner";
|
||||
age.secrets.hydra-ssh-key-priv.file = ../../secrets/hydra-ssh-key-priv.age;
|
||||
|
||||
|
@ -90,7 +93,7 @@ in {
|
|||
endpoint = "s3.delroth.net";
|
||||
region = "garage";
|
||||
|
||||
#secret-key = "TODO";
|
||||
secret-key = config.age.secrets.hydra-signing-priv.path;
|
||||
|
||||
compression = "zstd";
|
||||
log-compression = "br";
|
||||
|
|
Loading…
Reference in a new issue