From 0b8bd0acc1564faef4a300a59112821261c4c205 Mon Sep 17 00:00:00 2001 From: Christoph Cullmann Date: Sun, 1 Sep 2024 17:38:06 +0200 Subject: [PATCH] move secret stuff in own dir --- .gitignore | 2 +- share/common.nix | 2 +- share/users.nix | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index e8b50c9..b513e11 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ /secret/ -*.secret + diff --git a/share/common.nix b/share/common.nix index 3acde56..ad5ce15 100644 --- a/share/common.nix +++ b/share/common.nix @@ -488,7 +488,7 @@ in mode = "0400"; }; environment.etc."mail/secrets" = { - text = builtins.readFile "/nix/data/nixos/mail.secret"; + text = builtins.readFile "/nix/data/nixos/secret/mail.secret"; mode = "0400"; }; diff --git a/share/users.nix b/share/users.nix index 687f0f5..8deb5bf 100644 --- a/share/users.nix +++ b/share/users.nix @@ -23,10 +23,10 @@ in users.root = { # init password - hashedPassword = builtins.readFile "/nix/data/nixos/password.secret"; + hashedPassword = builtins.readFile "/nix/data/nixos/secret/password.secret"; # use fixed auth keys - openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/nix/data/nixos/authorized_keys.secret"); + openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/nix/data/nixos/secret/authorized_keys.secret"); }; #