From a0d1fc42c27df13043319c864f05741fad9693bf Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 2 Jul 2023 22:55:08 +0200
Subject: gum: ensure to deploy the correct ssh keys

---
 1systems/gum/config.nix | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/1systems/gum/config.nix b/1systems/gum/config.nix
index 8d6acf63c..b6a8a21d4 100644
--- a/1systems/gum/config.nix
+++ b/1systems/gum/config.nix
@@ -26,6 +26,8 @@ in {
           ];
         };
       }
+      ../../2configs
+
       ../../2configs/nur.nix
       ../../2configs/support-nixos.nix
       ../../2configs/nix-community/supervision.nix
@@ -222,9 +224,12 @@ in {
   # makefu.dl-dir = "/var/download";
   makefu.dl-dir = "/media/cloud/download/finished";
 
+  sops.secrets."ssh_host_rsa_key" = {};
+  sops.secrets."ssh_host_ed25519_key" = {};
   services.openssh.hostKeys = lib.mkForce [
-    { bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }
-    { path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ];
+    { bits = 4096; path = (config.sops.secrets."ssh_host_rsa_key".path); type = "rsa"; }
+    { path = config.sops.secrets."ssh_host_ed25519_key".path; type = "ed25519"; } ];
+
   ###### stable
   security.acme.certs."cgit.euer.krebsco.de" = {
     email = "letsencrypt@syntax-fehler.de";
-- 
cgit v1.2.3