diff options
author | Vincent Ambo <mail@tazj.in> | 2023-06-18T12·25+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2023-06-18T12·43+0000 |
commit | 507cd852646b7b6427fd56dd4657154e2661e93c (patch) | |
tree | 7fc6b4654aa5924cbf0f3c795dfde1d5364b1c18 /users/tazjin/nixos/koptevo/default.nix | |
parent | 332a821100be288863ad0bac5f655ed512e4fd19 (diff) |
feat(tazjin/koptevo): deploy tgsa r/6328
The main instance is still running on polyanka, but things are moving in this direction. Change-Id: Idfa9e508023c05148003ac4621ae01dceb284c66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8827 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
Diffstat (limited to 'users/tazjin/nixos/koptevo/default.nix')
-rw-r--r-- | users/tazjin/nixos/koptevo/default.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix index 41bf04448712..162b43cd3cf9 100644 --- a/users/tazjin/nixos/koptevo/default.nix +++ b/users/tazjin/nixos/koptevo/default.nix @@ -13,6 +13,8 @@ in (mod "www/base.nix") (mod "www/tazj.in.nix") (usermod "predlozhnik.nix") + (usermod "tgsa.nix") + (depot.third_party.agenix.src + "/modules/age.nix") ]; boot = { @@ -79,6 +81,14 @@ in openssh.authorizedKeys.keys = depot.users.tazjin.keys.all; }; + age.secrets = + let + secretFile = name: depot.users.tazjin.secrets."${name}.age"; + in + { + tgsa-yandex.file = secretFile "tgsa-yandex"; + }; + security.sudo.wheelNeedsPassword = false; services.openssh.enable = true; |