summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2017-10-08 23:14:14 +0200
committermakefu <github@syntax-fehler.de>2017-10-08 23:15:48 +0200
commit903a1182b5c27cf0c07d267f136a0f2e5be3d89b (patch)
tree407b27371c4bea9476c0efa2ab7c837120916ca8 /makefu
parentf7f1d7a4462a801f23c3483fb1c3d2a4130a5240 (diff)
gum.r: disable privkey setting via krebs
manually configure the secrets instead
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/6tests/data/secrets/ssh_host_rsa_key0
2 files changed, 3 insertions, 1 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff01..e769b1e22 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
];
makefu.dl-dir = "/var/download";
-
+ services.openssh.hostKeys = [
+ { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+ { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
###### stable
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key