diff options
| author | makefu <github@syntax-fehler.de> | 2023-07-02 22:55:08 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2023-07-02 22:55:08 +0200 |
| commit | a0d1fc42c27df13043319c864f05741fad9693bf (patch) | |
| tree | 5e8a6865186355f3ca2da87c4d5bfa52edb3ad1d | |
| parent | b92ab6b0dcf3a843670d315a893a207c30c1f1d9 (diff) | |
gum: ensure to deploy the correct ssh keys
| -rw-r--r-- | 1systems/gum/config.nix | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/1systems/gum/config.nix b/1systems/gum/config.nix index 8d6acf63c..b6a8a21d4 100644 --- a/1systems/gum/config.nix +++ b/1systems/gum/config.nix @@ -26,6 +26,8 @@ in { ]; }; } + ../../2configs + ../../2configs/nur.nix ../../2configs/support-nixos.nix ../../2configs/nix-community/supervision.nix @@ -222,9 +224,12 @@ in { # makefu.dl-dir = "/var/download"; makefu.dl-dir = "/media/cloud/download/finished"; + sops.secrets."ssh_host_rsa_key" = {}; + sops.secrets."ssh_host_ed25519_key" = {}; services.openssh.hostKeys = lib.mkForce [ - { bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; } - { path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ]; + { bits = 4096; path = (config.sops.secrets."ssh_host_rsa_key".path); type = "rsa"; } + { path = config.sops.secrets."ssh_host_ed25519_key".path; type = "ed25519"; } ]; + ###### stable security.acme.certs."cgit.euer.krebsco.de" = { email = "letsencrypt@syntax-fehler.de"; |