titaniumtown/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

phase 5: add git-crypt-key-nixos agenix entry (additive)

Browse Source 
The two legacy entries git-crypt-key-{dotfiles,server-config} stay until
muffin has deployed this config at least once and the new CI pipeline is
green. Phase 6 removes them after cutover.
This commit is contained in:
primary
2026-04-18 01:14:09 -04:00
parent efa1fb0c07
commit c7712e57ff
2 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
modules/age-secrets.nix
View File

@@ -167,6 +167,16 @@
owner = "gitea-runner";
group = "gitea-runner";
};
# Git-crypt symmetric key for the unified nixos repo.
# Added additively in Phase 5 — the two legacy entries above stay until
# muffin has deployed this config at least once and the new CI pipeline
# is green end-to-end. Phase 6 removes them.
git-crypt-key-nixos = {
file = ../secrets/server/git-crypt-key-nixos.age;
mode = "0400";
owner = "gitea-runner";
group = "gitea-runner";
};
# Gitea Actions runner registration token
gitea-runner-token = {

BIN
secrets/server/git-crypt-key-nixos.age Normal file
View File

Binary file not shown.