hydra: fix ownership of the sops ssh keys

2023-01-10 22:21:27 +01:00 · 2023-01-10 22:21:27 +01:00 · 837c185c05
parent d52b1cc385
commit 837c185c05
1 changed files with 6 additions and 2 deletions
--- a/hosts/hydra/default.nix
+++ b/hosts/hydra/default.nix
@ -276,20 +276,24 @@ in
        inherit (config.users.users.hydra-queue-runner) group;
      };
      "ssh-keys/hydra/private" = {
+        owner = "hydra";
        mode = "400";
        path = "/var/lib/hydra/.ssh/id_ed25519";
      };
      "ssh-keys/hydra/public" = {
+        owner = "hydra";
        mode = "440";
        path = "/var/lib/hydra/.ssh/id_ed25519.pub";
      };
      "ssh-keys/root/private" = {
+        owner = "hydra-queue-runner";
        mode = "400";
-        path = "/root/.ssh/id_ed25519";
+        path = "/var/lib/hydra/queue-runner/.ssh/id_ed25519";
      };
      "ssh-keys/root/public" = {
+        owner = "hydra-queue-runner";
        mode = "440";
-        path = "/root/.ssh/id_ed25519.pub";
+        path = "/var/lib/hydra/queue-runner/.ssh/id_ed25519.pub";
      };
      "ssh-keys/updater/private" = {
        owner = "updater";