From 5e99d8f499a1372155aa824faf1eb4be3ec36071 Mon Sep 17 00:00:00 2001 From: Florian Sesser <florian@privatestorage.io> Date: Sat, 29 May 2021 18:35:58 +0000 Subject: [PATCH] Assume preshared key to reside where the other keys are Less (SLOC) is more --- morph/grid/local/config.json | 1 - morph/lib/make-issuer.nix | 3 +-- morph/lib/make-monitoring.nix | 3 +-- morph/lib/make-testing.nix | 3 +-- 4 files changed, 3 insertions(+), 7 deletions(-) diff --git a/morph/grid/local/config.json b/morph/grid/local/config.json index 197ffd69..7c4b95a5 100644 --- a/morph/grid/local/config.json +++ b/morph/grid/local/config.json @@ -2,7 +2,6 @@ , "ristrettoSigningKeyPath": "../../PrivateStorageSecrets/ristretto.signing-key" , "stripeSecretKeyPath": "../../PrivateStorageSecrets/privatestorageio-testing-stripe.secret" , "monitoringvpnSecretKeyDir": "../../PrivateStorageSecrets/monitoringvpn" -, "monitoringvpnPresharedKeyPath" : "../../PrivateStorageSecrets/monitoringvpn/preshared.key" , "passValue": 1000000 , "issuerDomain": "payments.localdev" , "letsEncryptAdminEmail": "florian@privatestorage.io" diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix index f6899fe8..912b0224 100644 --- a/morph/lib/make-issuer.nix +++ b/morph/lib/make-issuer.nix @@ -2,7 +2,6 @@ , ristrettoSigningKeyPath , stripeSecretKeyPath , monitoringvpnSecretKeyDir -, monitoringvpnPresharedKeyPath , issuerDomain , letsEncryptAdminEmail , allowedChargeOrigins @@ -41,7 +40,7 @@ action = ["sudo" "systemctl" "restart" "wireguard-monitoringvpn.service"]; }; "monitoringvpn-preshared-key" = { - source = monitoringvpnPresharedKeyPath; + source = monitoringvpnSecretKeyDir + "/preshared.key"; destination = "/run/keys/monitoringvpn/preshared.key"; owner.user = "root"; owner.group = "root"; diff --git a/morph/lib/make-monitoring.nix b/morph/lib/make-monitoring.nix index 9a0f297b..c557e270 100644 --- a/morph/lib/make-monitoring.nix +++ b/morph/lib/make-monitoring.nix @@ -3,7 +3,6 @@ , publicStoragePort , ristrettoSigningKeyPath , monitoringvpnSecretKeyDir -, monitoringvpnPresharedKeyPath , passValue , sshUsers , stateVersion @@ -24,7 +23,7 @@ action = ["sudo" "systemctl" "restart" "wireguard-monitoringvpn.service"]; }; "monitoringvpn-preshared-key" = { - source = monitoringvpnPresharedKeyPath; + source = monitoringvpnSecretKeyDir + "/preshared.key"; destination = "/run/keys/monitoringvpn/preshared.key"; owner.user = "root"; owner.group = "root"; diff --git a/morph/lib/make-testing.nix b/morph/lib/make-testing.nix index 35c70f8f..050c4399 100644 --- a/morph/lib/make-testing.nix +++ b/morph/lib/make-testing.nix @@ -3,7 +3,6 @@ , publicStoragePort , ristrettoSigningKeyPath , monitoringvpnSecretKeyDir -, monitoringvpnPresharedKeyPath , passValue , sshUsers , stateVersion @@ -34,7 +33,7 @@ action = ["sudo" "systemctl" "restart" "wireguard-monitoringvpn.service"]; }; "monitoringvpn-preshared-key" = { - source = monitoringvpnPresharedKeyPath; + source = monitoringvpnSecretKeyDir + "/preshared.key"; destination = "/run/keys/monitoringvpn/preshared.key"; owner.user = "root"; owner.group = "root"; -- GitLab