secrets: migrate forgejo runner to sops

2026-02-15 03:29:38 -03:00 · 2026-02-15 03:29:38 -03:00 · ed510001fd
commit ed510001fd
parent 48e40c47e4
4 changed files with 1 additions and 3 deletions
--- a/secrets/monolith-forgejo-runner-token.age
+++ b/secrets/monolith-forgejo-runner-token.age
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -2,7 +2,6 @@ let
  main_ssh_public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCxR/w+38b2lX90yNBqhq3mUmkn1WGu6GAPhN1tVp2ZjYRJNV/+5gWCnTtOWYtDx35HmK/spQ2Qy8X9ttkzORa24fysNx1Iqn/TiXhD7eIJjbGPnrOpIKTkW5/uB3SD/P5NBSa06//BaqJU4sBlG79hoXRpod052hQtdpTVDiMCIV+iboWPKqopmJJfWdBtVnHXs9rep0htPRExxGslImFk7Z6xjcaHyCpIQZPlOGf+sGsmUU7jRqzvZFV8ucIdbnAlMHrU4pepNFhuraESyZVTa/bi9sw0iozXp5Q5+5thMebEslmT1Z771kI4sieDy+O4r8c0Sx2/VY1UAzcpq1faggc3YB01MTh+tiEC6xdMvZLrQGL1NBWjHleMyL53GU5ERluC0vXJF3Hv3BGGBDfXWbrEm5n06DHr2apRVJGC0LwiQ7Woud1X4V4X1pKSusxCVMjT2lmcOwV6YhKhB2sowJc1OdMx4+tL0UWE+YKSZgBHfolwk6ml0F4EO9nnUHc= lelgenio@i15";
 in
 {
-  "monolith-forgejo-runner-token.age".publicKeys = [ main_ssh_public_key ];
  "monolith-nix-serve-privkey.age".publicKeys = [ main_ssh_public_key ];
  "factorio-settings.age".publicKeys = [ main_ssh_public_key ];
  "phantom-nextcloud.age".publicKeys = [ main_ssh_public_key ];
--- a/system/monolith-forgejo-runner.nix
+++ b/system/monolith-forgejo-runner.nix
@ -6,7 +6,7 @@
      enable = true;
      name = "monolith";
      url = "https://git.lelgenio.com";
-      tokenFile = config.age.secrets.monolith-forgejo-runner-token.path;
+      tokenFile = config.sops.secrets."forgejo-runners/git.lelgenio.com-default".path;
      labels = [
        # provide a debian base with nodejs for actions
        "debian-latest:docker://node:18-bullseye"
--- a/system/secrets.nix
+++ b/system/secrets.nix
@ -2,7 +2,6 @@
 {
  age = {
    identityPaths = [ "/root/.ssh/id_rsa" ];
-    secrets.monolith-forgejo-runner-token.file = ../secrets/monolith-forgejo-runner-token.age;
    secrets.monolith-nix-serve-privkey.file = ../secrets/monolith-nix-serve-privkey.age;
  };
 }