Skip to content
Snippets Groups Projects
Commit 9347bd64 authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Configure the production grid with a deploy key

parent 8fde995d
No related branches found
No related tags found
3 merge requests!140Merge staging into production,!122Merge develop into staging,!115Continuous deployment for the grid systems
Pipeline #811 passed
Stage: build
Stage: test
Hide whitespace changes
Inline Side-by-side
morph/grid/production/grid.nix
+ 13
0
View file @ 9347bd64
......@@ -13,6 +13,14 @@ let
privateKeyPath = toString ./. + "/${rawConfig.privateKeyPath}";
};
# Configure deployment management authorization for all systems in the grid.
deployment = {
services.private-storage.deployment = {
authorizedKey = builtins.readFile "${config.publicKeyPath}/deploy_key.pub";
gridName = "production";
};
};
payments = {
imports = [
gridlib.issuer
......@@ -20,6 +28,7 @@ let
(gridlib.customize-issuer (config // {
monitoringvpnIPv4 = "172.23.23.11";
}))
deployment
];
};
......@@ -33,6 +42,7 @@ let
monitoringvpnIPv4 = "172.23.23.1";
stateVersion = "19.09";
})
deployment
];
};
......@@ -58,6 +68,9 @@ let
monitoringvpnIPv4 = vpnIP;
inherit stateVersion;
}))
# Also configure deployment management authorization
deployment
];
# And supply configuration for those hardware / network / bootloader
......
morph/grid/production/public-keys/deploy_key.pub 0 → 100644
+ 1
0
View file @ 9347bd64
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK50RwXncelNB4JAazoXEhCxXbJZ79qWcQMAWeX14H+W exarkun@baryon
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment