From 3e2ae4a579460ec04ee793e6faba375f86274ee8 Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Sun, 12 Jan 2020 13:53:27 +0100
Subject: [PATCH] secrets: read all files from dir

this enforces 1:1 mapping between the filename and the attribute name
---
 build01/buildkite.nix |   2 +-
 deployment.nix        |   4 ++--
 secrets/default.nix   | Bin 527 -> 235 bytes
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/build01/buildkite.nix b/build01/buildkite.nix
index 05e37aa..b3205e9 100644
--- a/build01/buildkite.nix
+++ b/build01/buildkite.nix
@@ -5,7 +5,7 @@
     enable = true;
     tokenPath = "/run/keys/buildkite-token";
     openssh.privateKeyPath = builtins.toPath "/run/keys/buildkite-agent-key";
-    openssh.publicKeyPath = builtins.toPath "/run/keys/buildkite-agent-key-pub";
+    openssh.publicKeyPath = builtins.toPath "/run/keys/buildkite-agent-key.pub";
 
     runtimePackages = [
       pkgs.gnutar
diff --git a/deployment.nix b/deployment.nix
index f50a83c..1e81fe5 100644
--- a/deployment.nix
+++ b/deployment.nix
@@ -27,8 +27,8 @@ in {
         permissions = "0600";
       };
 
-      deployment.keys.buildkite-agent-key-pub = {
-        text = secrets.buildkite-agent-key-pub;
+      deployment.keys."buildkite-agent-key.pub" = {
+        text = secrets."buildkite-agent-key.pub";
         user = "buildkite-agent";
         permissions = "0600";
       };
diff --git a/secrets/default.nix b/secrets/default.nix
index 8ffdcec12beb3187b1305480283a99cd479f273e..f60a4f685b3eac2c2d24cd567a3380914c7c5a30 100644
GIT binary patch
literal 235
zcmV<H02KcKM@dveQdv+`0DM7&><A#9y-G)LI6HI#ka|=h9)?fqe0^d3i4p?kdNU(M
z`5?))t7Kzz+99Fdc1IKeVlrE(O>6qycOJP)8D{=r<pR8oP)TnZE$V`g=!M7zL^F4|
z2q*jt1*GdOxq6#JC|l5cuFqt779767lKdjZgTdxr14^4N_PV*-H+Nqoku^9X5)UY=
z7q^p{HTSi<{mGh_iOrqLYNM96I4NiT<{zl0V8Oqg_-@t6d{0qeO1%qso<x!Xly!~~
l2D^Y7$+EU80M@f{GW+5u$#159qfW3$WV^o_3i$|11F!b&Z6N>v

literal 527
zcmV+q0`UC+M@dveQdv+`0C9KVfpG6CJ|EyIRKV8WFBC`|!b7zg!bba{G_0MTgn7nx
zx!znMTHsH%A8`FsqMB|H=U$0Q07U|B9lo&94U=bD>@puE82N3VJoi>I7A?{6LKKW8
zH-B-uTd1}Q?w^V^R0&1z^B}APlc4@(^}tw71UhZwNQd3Z|6V=QDgv5Ju%~U%%jIxy
zZ~9)>VjD8UST%m}H7Tf+eLb@%KpaA}N~AbLECXkAC}cNcC=4Y$hD7joLa77xAdW~~
zm4*sAz06e}d|OZUA7`3!Yk($9#_o@C`W3e45}?3i<3nULyAJton{t-<#BBhU>PArK
z`MZG}IQfm#b@DZo`DNq~Rt_as2We(WqXb5eT&5!Y_w)M+RhhUt>iCR^ZiQoa!H9x;
zw)kOGGHe$tp#3wPs+6VazTbI*MLW<wi69~$ksdRO1%_S{Lu<O_PswkyG)Lpuwm3vY
zr5Mvz1#GlfgYjLI+pP-a?xMmjCBcuM#fT~IjTod_iDTe(p^UY;5F*TkFmLZE`}ii5
zYw~-!u0gFfk^GExVE9Af0;VqPjCL%-ski*k!A+*N!vhJeiU-*=QT_lZYSo$2`&NbI
z^;Qd}486E7{bP-9>19dORj}XwlwnT!oa7BmjDiBpXlf&+lDGc?^=eCv$6B*Emk;Ln
RDs;6gXN)+c80@7Uf3(?k0eJub