diff options
-rw-r--r-- | ops/machines/whitby/default.nix | 7 | ||||
-rw-r--r-- | ops/secrets/gerrit-secrets.age | 15 | ||||
-rw-r--r-- | ops/secrets/secrets.nix | 1 |
3 files changed, 23 insertions, 0 deletions
diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 045e037fda5e..63d14be19898 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -239,6 +239,13 @@ in { owner = "git"; }; + gerrit-secrets = { + file = secretFile "gerrit-secrets"; + path = "/var/lib/gerrit/etc/secure.config"; + owner = "git"; + mode = "0400"; + }; + clbot-ssh = { file = secretFile "clbot-ssh"; owner = "clbot"; diff --git a/ops/secrets/gerrit-secrets.age b/ops/secrets/gerrit-secrets.age new file mode 100644 index 000000000000..077f33f060b3 --- /dev/null +++ b/ops/secrets/gerrit-secrets.age @@ -0,0 +1,15 @@ +age-encryption.org/v1 +-> ssh-ed25519 dcsaLw Bw9waqFGuEfRZ+T4Tal4zD/qeKXmbzeHKq1DedTJawU +9F/yABuX8Z4gv0LIJK1hFpoWEuYbVDGeH7CczxHcGO4 +-> ssh-ed25519 CpJBgQ DMfduPdf94CtostSTGvf96fSpqfkG8+3XIwq9GZyy24 +DJhILoNXS3neZT1o0PMmnidAaHJqXc58B7OzsLim4Hw +-> ssh-ed25519 aXKGcg OWb2IzlRgzVYa2UJTsaAYc438NZ+caXze1ZjUGwnDAA +Cm2ldnOJEJXjD7yHV179v63cdASRmog7p6a/20SkOLY +-> ssh-ed25519 OkGqLg 9YZDxC3bXKhlMd8glsou1o906htYA2HLx2NQnL4IMnE +v+G4u38p7fc9yZoLvT3xnnUO1qEKrVpvS86d7NlrqfQ +-> &ra-grease Cm_tn }E 4X=NQ +P8JOzsAd/9LKrfFmhQOUkfMVuDxNTG1fKh+6OMelYOTVx01HrG4Ef6BP0+/MFYbD +wgaooG5RXHhtDOp7zQA +--- 7f+r07jnglWxYdKKU7A78xcdkljUCXy77Z1MhLs6lN4 +�ZT�r̒�jP{��u\�,\���u�sނ�s�u�:`���(�@~Q�,�]��T J����ǵ7������rk�#[ֳ�PX'r��S��l�ij|x�B��^�0fF@<���'�r�?����zl[��p"y�6�vBM +D�v�|v��C�z�t?l�jl��d���>�:Q'�V���a��e�B���'p��J�)-�6#gj�� \ No newline at end of file diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix index 57cd6598f5dc..e1101645468d 100644 --- a/ops/secrets/secrets.nix +++ b/ops/secrets/secrets.nix @@ -22,6 +22,7 @@ in { "clbot-ssh.age" = default; "clbot.age" = default; "gerrit-queue.age" = default; + "gerrit-secrets.age" = default; "grafana.age" = default; "irccat.age" = default; "keycloak-db.age" = default; |