diff --git a/morph/grid/production/config.json b/morph/grid/production/config.json index 21e080d587ae2713a73f756b2b7e078d843b2a95..092e4dff7b4c026c816afdd85b2a454089204141 100644 --- a/morph/grid/production/config.json +++ b/morph/grid/production/config.json @@ -1,8 +1,7 @@ { "domain": "private.storage" , "publicStoragePort": 8898 -, "ristrettoSigningKeyPath": "./secrets/ristretto.signing-key" -, "stripeSecretKeyPath": "./secrets/stripe.secret" -, "monitoringvpnKeyDir": "./secrets/monitoringvpn" +, "privateKeyPath": "./private-keys" +, "publicKeyPath": "./public-keys" , "monitoringvpnEndpoint": "monitoring.private.storage:51820" , "passValue": 1000000 , "issuerDomains": [ diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix index ae51174b4f15a72ca0c1d1798b067ecb1db64bb3..fb680338a08b0006e166b13066199d20f6836e44 100644 --- a/morph/grid/production/grid.nix +++ b/morph/grid/production/grid.nix @@ -5,10 +5,12 @@ let gridlib = import ../../lib; rawConfig = pkgs.lib.trivial.importJSON ./config.json; config = rawConfig // { - sshUsers = import ./secrets/users.nix; + sshUsers = import ./public-keys/users.nix; - # Get absolute vpn key directory path, as a string: - monitoringvpnKeyDir = toString ./. + "/${rawConfig.monitoringvpnKeyDir}"; + # Convert relative paths to absolute so library code can resolve names + # correctly. + publicKeyPath = toString ./. + "/${rawConfig.publicKeyPath}"; + privateKeyPath = toString ./. + "/${rawConfig.privateKeyPath}"; }; payments = { @@ -27,7 +29,7 @@ let gridlib.hardware-aws (gridlib.customize-monitoring { inherit hostsMap vpnClientIPs nodeExporterTargets; - inherit (config) domain monitoringvpnKeyDir; + inherit (config) domain publicKeyPath privateKeyPath; monitoringvpnIPv4 = "172.23.23.1"; stateVersion = "19.09"; })