diff options
| author | Vincent Ambo <mail@tazj.in> | 2021-12-10T06·58+0300 |
|---|---|---|
| committer | Vincent Ambo <mail@tazj.in> | 2021-12-10T07·32+0300 |
| commit | 78744c00f5df97d45b2c1b865cf8756edec0c5a3 (patch) | |
| tree | 791368a0cdd21400dbda9f202be21a697dfb1afe /ops/machines/whitby/default.nix | |
| parent | 496d8994287f27f93f08ac847e430a6f2dfc94bd (diff) | |
refactor(ops): Move clbot secret into agenix r/3174
Relates to b/161 Change-Id: I7badf22ff93bb4e8b06e4dd4a8bf880b0bd48f09
Diffstat (limited to 'ops/machines/whitby/default.nix')
| -rw-r--r-- | ops/machines/whitby/default.nix | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 82b3bc37cf..1f146c923e 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -203,9 +203,13 @@ in { }; # Configure secrets for services that need them. - age.secrets = { - gerrit-queue.file = depot.path.origSrc + "/ops/secrets/gerrit-queue.age"; - }; + age.secrets = + let + secretFile = name: "${depot.path.origSrc}/ops/secrets/${name}.age"; + in { + clbot.file = secretFile "clbot"; + gerrit-queue.file = secretFile "gerrit-queue"; + }; # Automatically collect garbage from the Nix store. services.depot.automatic-gc = { |