privatevoid.net/depot
1
1
Fork 0
Code Issues 18 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/hercules-ci-multi-agent: configure HCI effects secrets for private-void

Browse source
This commit is contained in:
Max Headroom 2023-03-23 19:43:44 +01:00
parent b6dcf3ee7a
commit 1b22ad2c01
3 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
cluster/services/hercules-ci-multi-agent/orgs/private-void.nix
View file

@ -1,11 +1,17 @@
{ config, lib, depot, pkgs, ... }:
{
age.secrets.hci-effects-secrets-private-void = {
file = ../secrets/hci-effects-secrets-private-void.age;
owner = "hci-private-void";
group = "hci-private-void";
};
services.hercules-ci-agents.private-void = {
package = lib.mkForce depot.packages.hercules-ci-agent;
settings = {
clusterJoinTokenPath = config.age.secrets.hci-token-private-void.path;
binaryCachesPath = config.age.secrets.hci-cache-config-private-void.path;
secretsJsonPath = config.age.secrets.hci-effects-secrets-private-void.path;
};
};
}

14
cluster/services/hercules-ci-multi-agent/secrets/hci-effects-secrets-private-void.age Normal file
View file

@ -0,0 +1,14 @@
age-encryption.org/v1
-> ssh-ed25519 NO562A gOWRJt7yClHd0WsUQif3igMEo/BpTlh7zKhpiFtkfHc
HjYN4YV3rXFfSUFDPx57ImUQeZsSjx1DtuhsxQrY2K0
-> ssh-ed25519 5/zT0w p1QDByG5Eq8UOEYt1y0Bwg9wgJYxIns+gewK2dJBciQ
4UzwpHPvP95yU8CvvG4ZNh1lDyI6FAiwgc2J4m4PInc
-> ssh-ed25519 d3WGuA XDKPmDdsuCrSsHhk+glsdFOsM2Q1qf51890WVXrr8Wo
KZFjIVKgfs+RC1wNxK51BeLS6mfH+BlFjjjHdDUSqlw
-> ssh-ed25519 6YMlxg xgcZHUyMUqnW2ikweVZ10fBML7Y9VTd6gudtVpbdRjY
csOSA1YQEcvdL2D93dvQoOvwhm2qm230DDhWcyE2gyU
-> Q-0l3-grease vxz
PKGEIUK1LVWFRGaExjPboXQUDG9caG4qYjc/0t3HiGHc4opBAirxhNEPzd+NBd7y
Rg
--- 8AmCRXHkVLyEl2+dUTDcCOm3yU9tFCNvFQ6HBkKrlYk
cfƒé55ÒˆX0{5ÞÑ7­š.=x# ÆÙXÅ÷‡0ä¥

1
secrets.nix
View file

@ -13,6 +13,7 @@ in with hosts;
"cluster/services/hercules-ci-multi-agent/secrets/hci-cache-config.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-cache-credentials-prophet.age".publicKeys = max ++ map systemKeys [ prophet ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-cache-credentials-VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-effects-secrets-private-void.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-token-max-VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-token-max-prophet.age".publicKeys = max ++ map systemKeys [ prophet ];
"cluster/services/hercules-ci-multi-agent/secrets/hci-token-nixpak-VEGAS.age".publicKeys = max ++ map systemKeys [ VEGAS ];