diff --git a/morph/grid/local/config.json b/morph/grid/local/config.json index b0bd66f3932ed95d06ac5eebce5a371db0b25ea1..0f44cd7028ab8bb9043fd03c8e0bd91947a972e2 100644 --- a/morph/grid/local/config.json +++ b/morph/grid/local/config.json @@ -1,7 +1,7 @@ { "publicStoragePort": 8898 , "ristrettoSigningKeyPath": "../../PrivateStorageSecrets/ristretto.signing-key" , "stripeSecretKeyPath": "../../PrivateStorageSecrets/privatestorageio-testing-stripe.secret" -, "monitoringvpnSecretKeyPath": "../../PrivateStorageSecrets/monitoringvpn/server.key" +, "monitoringvpnSecretKeyDir": "../../PrivateStorageSecrets/monitoringvpn/" , "monitoringvpnPresharedKeyPath" : "../../PrivateStorageSecrets/monitoringvpn/preshared.key" , "passValue": 1000000 , "issuerDomain": "payments.localdev" diff --git a/morph/lib/make-issuer.nix b/morph/lib/make-issuer.nix index 82b194840db0d2387b10d435dfbc0e1dd8066b26..f6899fe8d7e640a9cb213cef8f557ee3858cccb5 100644 --- a/morph/lib/make-issuer.nix +++ b/morph/lib/make-issuer.nix @@ -1,7 +1,7 @@ { hardware , ristrettoSigningKeyPath , stripeSecretKeyPath -, monitoringvpnSecretKeyPath +, monitoringvpnSecretKeyDir , monitoringvpnPresharedKeyPath , issuerDomain , letsEncryptAdminEmail @@ -33,7 +33,7 @@ action = ["sudo" "systemctl" "restart" "zkapissuer.service"]; }; "monitoringvpn-secret-key" = { - source = monitoringvpnSecretKeyPath; + source = monitoringvpnSecretKeyDir + "/${monitoringvpnIPv4}.key"; destination = "/run/keys/monitoringvpn/client.key"; owner.user = "root"; owner.group = "root"; diff --git a/morph/lib/make-monitoring.nix b/morph/lib/make-monitoring.nix index 19e1dcbeded9fcaab7dc64752761d2cbfe9f504e..9a0f297b3deb5aa9fe02e45aa78adfc66d3665d2 100644 --- a/morph/lib/make-monitoring.nix +++ b/morph/lib/make-monitoring.nix @@ -2,7 +2,7 @@ , hardware , publicStoragePort , ristrettoSigningKeyPath -, monitoringvpnSecretKeyPath +, monitoringvpnSecretKeyDir , monitoringvpnPresharedKeyPath , passValue , sshUsers @@ -16,7 +16,7 @@ secrets = { "monitoringvpn-private-key" = { - source = monitoringvpnSecretKeyPath; + source = monitoringvpnSecretKeyDir + "/server.key"; destination = "/run/keys/monitoringvpn/server.key"; owner.user = "root"; owner.group = "root"; diff --git a/morph/lib/make-testing.nix b/morph/lib/make-testing.nix index 7cd3c80aa0e237d003f07e9f95ee5eac211a5ca5..35c70f8f789633489b431e57a23b4259102df5da 100644 --- a/morph/lib/make-testing.nix +++ b/morph/lib/make-testing.nix @@ -2,7 +2,7 @@ , hardware , publicStoragePort , ristrettoSigningKeyPath -, monitoringvpnSecretKeyPath +, monitoringvpnSecretKeyDir , monitoringvpnPresharedKeyPath , passValue , sshUsers @@ -26,7 +26,7 @@ action = ["sudo" "systemctl" "restart" "tahoe.storage.service"]; }; "monitoringvpn-secret-key" = { - source = monitoringvpnSecretKeyPath; + source = monitoringvpnSecretKeyDir + "/${monitoringvpnIPv4}.key"; destination = "/run/keys/monitoringvpn/client.key"; owner.user = "root"; owner.group = "root";