From a123b9e0a2a575816bab5b717a1d62b1966ac0a2 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Fri, 10 Dec 2021 10:24:49 +0300 Subject: refactor(ops): Move owothia secret into agenix Relates to b/161 Change-Id: I25445281b0dd3c3f3660f8bb0d8337506a1e427b --- ops/machines/whitby/default.nix | 1 + ops/modules/owothia.nix | 2 +- ops/secrets/owothia.age | Bin 0 -> 427 bytes ops/secrets/secrets.nix | 3 ++- 4 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 ops/secrets/owothia.age (limited to 'ops') diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 1f146c923e..d6d3004ffc 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -209,6 +209,7 @@ in { in { clbot.file = secretFile "clbot"; gerrit-queue.file = secretFile "gerrit-queue"; + owothia.file = secretFile "owothia"; }; # Automatically collect garbage from the Nix store. diff --git a/ops/modules/owothia.nix b/ops/modules/owothia.nix index 9094818737..b2a77cddc2 100644 --- a/ops/modules/owothia.nix +++ b/ops/modules/owothia.nix @@ -11,7 +11,7 @@ in { secretsFile = lib.mkOption { type = lib.types.str; description = "File path from which systemd should read secrets"; - default = "/etc/secrets/owothia"; + default = "/run/agenix/owothia"; }; owoChance = lib.mkOption { diff --git a/ops/secrets/owothia.age b/ops/secrets/owothia.age new file mode 100644 index 0000000000..57a00504c8 Binary files /dev/null and b/ops/secrets/owothia.age differ diff --git a/ops/secrets/secrets.nix b/ops/secrets/secrets.nix index ef359cd1cd..308893358d 100644 --- a/ops/secrets/secrets.nix +++ b/ops/secrets/secrets.nix @@ -9,6 +9,7 @@ let default.publicKeys = tazjin ++ [ whitby ]; in { "besadii.age" = default; - "gerrit-queue.age" = default; "clbot.age" = default; + "gerrit-queue.age" = default; + "owothia.age" = default; } -- cgit 1.4.1