summaryrefslogtreecommitdiffstats
path: root/kartei
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2023-09-11 15:31:13 +0200
committertv <tv@krebsco.de>2023-09-11 16:10:41 +0200
commit5370e0485788224126861e076110ac705013d2de (patch)
tree15838192c1ebf685733cbf39b3f3e37fd1ebd639 /kartei
parent8fc162ee3d9525a2b45346a1ca8f34ccb5ef971b (diff)
treewide: don't reference <secrets> explicitly
Diffstat (limited to 'kartei')
-rw-r--r--kartei/makefu/default.nix2
-rw-r--r--kartei/tv/default.nix2
2 files changed, 2 insertions, 2 deletions
diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix
index e6c296c75..f215f1fcb 100644
--- a/kartei/makefu/default.nix
+++ b/kartei/makefu/default.nix
@@ -51,7 +51,7 @@
ssh.pubkey = readFile pubkey-path;
# We assume that if the sshd pubkey exits then there must be a privkey in
# the screts store as well
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ ssh.privkey.path = "${config.krebs.secret.directory}/ssh_host_ed25519_key";
})
host
];
diff --git a/kartei/tv/default.nix b/kartei/tv/default.nix
index 2f23324cc..e81bdd32b 100644
--- a/kartei/tv/default.nix
+++ b/kartei/tv/default.nix
@@ -43,7 +43,7 @@ in {
})
(host: mkIf (host.config.ssh.pubkey != null) {
ssh.privkey = mapAttrs (const mkDefault) {
- path = config.krebs.secret.file "ssh.id_${host.config.ssh.privkey.type}";
+ path = "${config.krebs.secret.directory}/ssh.id_${host.config.ssh.privkey.type}";
type = head (toList (builtins.match "ssh-([^ ]+) .*" host.config.ssh.pubkey));
};
})