X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fbuildbot%2Fdefault.nix;h=3ee1f8be3b46d1de9dfba9008b3ec811878071db;hb=bd0cb07b13aecd16a0782492655843a1b699611d;hp=e8d656b204e36fcc62b2cde919c881a950446eca;hpb=bc0f9fcf0d366e10c0046390e516e11d5b76b2f8;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/buildbot/default.nix b/modules/private/buildbot/default.nix
index e8d656b..3ee1f8b 100644
--- a/modules/private/buildbot/default.nix
+++ b/modules/private/buildbot/default.nix
@@ -124,7 +124,6 @@ in
               text = let
                 project_env = with lib.attrsets;
                   mapAttrs' (k: v: nameValuePair "BUILDBOT_${k}" (if builtins.isFunction v then v pkgs else v)) project.environment //
-                  mapAttrs' (k: v: nameValuePair "BUILDBOT_PATH_${k}" (v pkgs)) (attrByPath ["builderPaths"] {} project) //
                   {
                     BUILDBOT_PROJECT_DIR = ./projects + "/${project.name}";
                     BUILDBOT_WORKER_PORT = builtins.toString project.workerPort;
@@ -156,6 +155,16 @@ in
         group = "buildbot";
         text = config.myEnv.buildbot.ssh_key.private;
       };
+      "buildbot/ssh_known_hosts" = {
+        permissions = "0644";
+        user = "buildbot";
+        group = "buildbot";
+        text = ''
+          git.immae.eu          ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF
+          eldiron               ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFbhFTl2A2RJn5L51yxJM4XfCS2ZaiSX/jo9jFSdghF
+          phare.normalesup.org  ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN2GomItXICXpCtCFRMT2xuerqx2nLMO/3mNUuWyzFr1
+        '';
+      };
     };
 
     services.filesWatcher = lib.attrsets.mapAttrs' (k: project: lib.attrsets.nameValuePair "buildbot-${project.name}" {
@@ -222,6 +231,7 @@ in
       ln -sf ${tac_file} ${varDir}/${project.name}/buildbot.tac
       # different buildbots may be trying that simultaneously, add the || true to avoid complaining in case of race
       install -Dm600 -o buildbot -g buildbot -T ${config.secrets.fullPaths."buildbot/ssh_key"} ${varDir}/buildbot_key || true
+      install -Dm600 -o buildbot -g buildbot -T ${config.secrets.fullPaths."buildbot/ssh_known_hosts"} ${varDir}/buildbot_hosts || true
       buildbot_secrets=${varDir}/${project.name}/secrets
       install -m 0700 -o buildbot -g buildbot -d $buildbot_secrets
       install -Dm600 -o buildbot -g buildbot -T ${config.secrets.fullPaths."buildbot/ldap"} $buildbot_secrets/ldap