diff options
| author | Vincent Ambo <mail@tazj.in> | 2021-12-25T21·03+0300 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2021-12-25T21·15+0000 |
| commit | e4d20cdaeca9b237bc716e198ae61d91f303acbc (patch) | |
| tree | 8965f62b37c2294526ec5027280f036a30622a6a /ops/machines/whitby/default.nix | |
| parent | d8a1802b3ed804fb26c50a6f23036aede1ac1182 (diff) | |
refactor(ops/whitby): Move Gerrit secrets into agenix r/3402
Gerrit has OAuth2 and email related secrets which now live in agenix instead of a random file on disk. Change-Id: I6220fbb7a2e2ec0102a900b4bcf6150b8b4d32ef Reviewed-on: https://cl.tvl.fyi/c/depot/+/4612 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi>
Diffstat (limited to 'ops/machines/whitby/default.nix')
| -rw-r--r-- | ops/machines/whitby/default.nix | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 045e037fda..63d14be198 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -239,6 +239,13 @@ in { owner = "git"; }; + gerrit-secrets = { + file = secretFile "gerrit-secrets"; + path = "/var/lib/gerrit/etc/secure.config"; + owner = "git"; + mode = "0400"; + }; + clbot-ssh = { file = secretFile "clbot-ssh"; owner = "clbot"; |