24 lines
459 B
Nix
24 lines
459 B
Nix
build-timestamp: hostname:
|
|
|
|
{ config, lib, ... }:
|
|
|
|
with lib;
|
|
{
|
|
config = {
|
|
instance = {
|
|
inherit build-timestamp;
|
|
};
|
|
|
|
deployment = let
|
|
fs-keys = config.fudo.secrets.files.host-filesystem-keys;
|
|
in {
|
|
keys = if (hasAttr hostname fs-keys) then
|
|
mapAttrs (secret: secret-file: {
|
|
keyFile = secret-file;
|
|
user = "root";
|
|
permissions = "0400";
|
|
}) fs-keys.${hostname} else {};
|
|
};
|
|
};
|
|
}
|