aboutsummaryrefslogtreecommitdiff
path: root/modules/private/system.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/private/system.nix')
-rw-r--r--modules/private/system.nix9
1 files changed, 9 insertions, 0 deletions
diff --git a/modules/private/system.nix b/modules/private/system.nix
index c7e277c..8be7368 100644
--- a/modules/private/system.nix
+++ b/modules/private/system.nix
@@ -1,6 +1,14 @@
1{ pkgs, lib, config, name, nodes, ... }: 1{ pkgs, lib, config, name, nodes, ... }:
2{ 2{
3 config = { 3 config = {
4 deployment.secrets."secret_vars.yml" = {
5 source = builtins.toString ../../nixops/secrets/vars.yml;
6 destination = config.secrets.secretsVars;
7 owner.user = "root";
8 owner.group = "root";
9 permissions = "0400";
10 };
11
4 networking.extraHosts = builtins.concatStringsSep "\n" 12 networking.extraHosts = builtins.concatStringsSep "\n"
5 (lib.mapAttrsToList (n: v: "${v.config.hostEnv.ips.main.ip4} ${n}") nodes); 13 (lib.mapAttrsToList (n: v: "${v.config.hostEnv.ips.main.ip4} ${n}") nodes);
6 14
@@ -9,6 +17,7 @@
9 secrets.gpgKeys = [ 17 secrets.gpgKeys = [
10 ../../nixops/public_keys/Immae.pub 18 ../../nixops/public_keys/Immae.pub
11 ]; 19 ];
20 secrets.secretsVars = "/run/keys/vars.yml";
12 21
13 services.openssh.enable = true; 22 services.openssh.enable = true;
14 23
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-11 17:19:18 +0000