diff options
| author | tv <tv@krebsco.de> | 2023-09-11 15:31:13 +0200 |
|---|---|---|
| committer | tv <tv@krebsco.de> | 2023-09-11 16:10:41 +0200 |
| commit | 5370e0485788224126861e076110ac705013d2de (patch) | |
| tree | 15838192c1ebf685733cbf39b3f3e37fd1ebd639 /kartei | |
| parent | 8fc162ee3d9525a2b45346a1ca8f34ccb5ef971b (diff) | |
treewide: don't reference <secrets> explicitly
Diffstat (limited to 'kartei')
| -rw-r--r-- | kartei/makefu/default.nix | 2 | ||||
| -rw-r--r-- | kartei/tv/default.nix | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index e6c296c7..f215f1fc 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -51,7 +51,7 @@ ssh.pubkey = readFile pubkey-path; # We assume that if the sshd pubkey exits then there must be a privkey in # the screts store as well - ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + ssh.privkey.path = "${config.krebs.secret.directory}/ssh_host_ed25519_key"; }) host ]; diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix index 2f23324c..e81bdd32 100644 --- a/kartei/tv/default.nix +++ b/kartei/tv/default.nix @@ -43,7 +43,7 @@ in { }) (host: mkIf (host.config.ssh.pubkey != null) { ssh.privkey = mapAttrs (const mkDefault) { - path = config.krebs.secret.file "ssh.id_${host.config.ssh.privkey.type}"; + path = "${config.krebs.secret.directory}/ssh.id_${host.config.ssh.privkey.type}"; type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey)); }; }) |