move secret stuff in own dir

2024-09-01 17:38:06 +02:00 · 2024-09-01 17:38:06 +02:00 · 0b8bd0acc1
parent f640e44fd5
commit 0b8bd0acc1
3 changed files with 4 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
 /secret/
-*.secret
+
--- a/share/common.nix
+++ b/share/common.nix
@ -488,7 +488,7 @@ in
    mode = "0400";
  };
  environment.etc."mail/secrets" = {
-    text = builtins.readFile "/nix/data/nixos/mail.secret";
+    text = builtins.readFile "/nix/data/nixos/secret/mail.secret";
    mode = "0400";
  };
--- a/share/users.nix
+++ b/share/users.nix
@ -23,10 +23,10 @@ in
    users.root = {
      # init password
-      hashedPassword = builtins.readFile "/nix/data/nixos/password.secret";
+      hashedPassword = builtins.readFile "/nix/data/nixos/secret/password.secret";
      # use fixed auth keys
-      openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/nix/data/nixos/authorized_keys.secret");
+      openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/nix/data/nixos/secret/authorized_keys.secret");
    };
    #