secrets: read all files from dir

this enforces 1:1 mapping between the filename and the attribute name
2020-01-12 13:53:27 +01:00 · 2020-01-12 13:53:27 +01:00 · 3e2ae4a579
commit 3e2ae4a579
parent 51257488aa
3 changed files with 3 additions and 3 deletions
--- a/build01/buildkite.nix
+++ b/build01/buildkite.nix
@ -5,7 +5,7 @@
    enable = true;
    tokenPath = "/run/keys/buildkite-token";
    openssh.privateKeyPath = builtins.toPath "/run/keys/buildkite-agent-key";
-    openssh.publicKeyPath = builtins.toPath "/run/keys/buildkite-agent-key-pub";
+    openssh.publicKeyPath = builtins.toPath "/run/keys/buildkite-agent-key.pub";

    runtimePackages = [
      pkgs.gnutar
--- a/deployment.nix
+++ b/deployment.nix
@ -27,8 +27,8 @@ in {
        permissions = "0600";
      };

-      deployment.keys.buildkite-agent-key-pub = {
-        text = secrets.buildkite-agent-key-pub;
+      deployment.keys."buildkite-agent-key.pub" = {
+        text = secrets."buildkite-agent-key.pub";
        user = "buildkite-agent";
        permissions = "0600";
      };
--- a/secrets/default.nix
+++ b/secrets/default.nix