Work on hydra config, fix tor relay config, prepare web-public-2 host

2023-07-18 17:23:46 +02:00 · 2023-07-18 17:23:46 +02:00 · c6f4780ccd
commit c6f4780ccd
parent 64d9dbd4b0
15 changed files with 176 additions and 9 deletions
--- a/hosts/hydra/secrets.nix
+++ b/hosts/hydra/secrets.nix
@ -0,0 +1,11 @@
+{ ... }:
+{
+  deployment.keys."signing-key.secret" = {
+    keyCommand = [ "env" "GNUPGHOME=/home/yuri/.passinfra_gnupg" "PASSWORD_STORE_DIR=/home/yuri/pass/infra" "pass" "hydra/signing-key" ];
+    destDir = "/secrets";
+    user = "root";
+    group = "root";
+    permissions = "0640";
+    uploadAt = "pre-activation";
+  };
+}