From fb55a120cee2d92cadbe13c62b9e6b533a1f2229 Mon Sep 17 00:00:00 2001
From: Jean-Paul Calderone <exarkun@twistedmatrix.com>
Date: Wed, 30 Jun 2021 16:09:18 -0400
Subject: [PATCH] Add the local grid deploy key (public and private!)
Use convention to find the file from which the public key can be read.
---
morph/grid/local/grid.nix | 2 +-
morph/grid/local/private-keys/deploy_key | 7 +++++++
morph/grid/local/public-keys/deploy_key.pub | 1 +
3 files changed, 9 insertions(+), 1 deletion(-)
create mode 100644 morph/grid/local/private-keys/deploy_key
create mode 100644 morph/grid/local/public-keys/deploy_key.pub
diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index ae80a2af..18556775 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -15,7 +15,7 @@ let
# Configure deployment management authorization for all systems in the grid.
deployment = {
services.private-storage.deployment = {
- authorizedKey = config.deployKey;
+ authorizedKey = builtins.readFile "${config.publicKeyPath}/deploy_key.pub";
gridName = "local";
};
};
diff --git a/morph/grid/local/private-keys/deploy_key b/morph/grid/local/private-keys/deploy_key
new file mode 100644
index 00000000..5c880790
--- /dev/null
+++ b/morph/grid/local/private-keys/deploy_key
@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACADU1IBThyH0blWBG8afIA/h/bmVdUQkFAuAIQgAWE+ewAAAJjsA+8c7APv
+HAAAAAtzc2gtZWQyNTUxOQAAACADU1IBThyH0blWBG8afIA/h/bmVdUQkFAuAIQgAWE+ew
+AAAED6aLiQi/K2qG8sLsvV8Xar9PjJeFxKfb+GUvmseu8TqQNTUgFOHIfRuVYEbxp8gD+H
+9uZV1RCQUC4AhCABYT57AAAADmV4YXJrdW5AYmFyeW9uAQIDBAUGBw==
+-----END OPENSSH PRIVATE KEY-----
diff --git a/morph/grid/local/public-keys/deploy_key.pub b/morph/grid/local/public-keys/deploy_key.pub
new file mode 100644
index 00000000..15d38cef
--- /dev/null
+++ b/morph/grid/local/public-keys/deploy_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANTUgFOHIfRuVYEbxp8gD+H9uZV1RCQUC4AhCABYT57 exarkun@baryon
--
GitLab