nix
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Secrets on procul

This commit is contained in:
root 2021-09-22 22:30:32 -07:00
parent 1041a63ec3
commit 9b4b68935b
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/host-config/procul.nix
View File

@ -99,12 +99,6 @@ in {
target-file = "/srv/gitea/secure/database.passwd"; target-file = "/srv/gitea/secure/database.passwd";
user = config.fudo.git.user; user = config.fudo.git.user;
}; };
# host-keytab = {
# source-file = /state/secrets/kerberos/procul.keytab;
# target-file = "/etc/krb5.keytab";
# user = "root";
# };
}; };
client.dns = { client.dns = {

6
config/host-config/socrates.nix
View File

@ -22,6 +22,12 @@ in {
}; };
}; };
fudo.secrets = {
secret-group = "fudo-secrets";
secret-users = [ "niten" ];
secret-paths = [ "/state/secrets" ];
};
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"L /root/.gnupg - - - - /state/root/gnupg" "L /root/.gnupg - - - - /state/root/gnupg"
"L /root/.ssh/id_rsa - - - - /state/root/ssh/id_rsa" "L /root/.ssh/id_rsa - - - - /state/root/ssh/id_rsa"