diff --git a/build02/nixpkgs-update.nix b/build02/nixpkgs-update.nix index 4114e74..0f834ae 100644 --- a/build02/nixpkgs-update.nix +++ b/build02/nixpkgs-update.nix @@ -183,7 +183,7 @@ in sops.secrets.nix-community-cachix = { path = "/home/r-ryantm/.config/cachix/cachix.dhall"; - sopsFile = ../roles/nix-community-cache.yaml; + sopsFile = ../roles/nix-community-cache/secrets.yaml; owner = "r-ryantm"; group = "r-ryantm"; }; diff --git a/roles/nix-community-cache.yaml b/roles/nix-community-cache/secrets.yaml similarity index 100% rename from roles/nix-community-cache.yaml rename to roles/nix-community-cache/secrets.yaml diff --git a/services/hydra/default.nix b/services/hydra/default.nix index 3103ded..dc5c0e6 100644 --- a/services/hydra/default.nix +++ b/services/hydra/default.nix @@ -60,7 +60,7 @@ in { ]; }; - sops.secrets.nix-community-cachix.sopsFile = ../../roles/nix-community-cache.yaml; + sops.secrets.nix-community-cachix.sopsFile = ../../roles/nix-community-cache/secrets.yaml; sops.secrets.id_buildfarm = {}; services.hydra = { diff --git a/tasks.py b/tasks.py index 840465e..c8274d4 100644 --- a/tasks.py +++ b/tasks.py @@ -97,13 +97,9 @@ def update_sops_files(c): c.run( """ find . \ - -not -path "./.github/*" \ - -not -path "./.mergify.yml" \ - -not -path "./_config.yml" \ -type f \ - \( -iname '*.enc.json' -o -iname '*.yaml' \) \ - -print0 | \ - xargs -0 -n1 sops updatekeys --yes + \( -iname '*.enc.json' -o -iname 'secrets.yaml' \) \ + -exec sops updatekeys --yes {} \; """ )