From 18357e777990ea4a34844466f6474688ca7fd288 Mon Sep 17 00:00:00 2001
From: lelgenio <lelgenio@disroot.org>
Date: Wed, 25 Jan 2023 14:02:44 -0300
Subject: [PATCH] monolith: fix nix serve

---
 secrets/monolith-nix-serve-privkey.age | Bin 0 -> 839 bytes
 secrets/secrets.nix                    |   1 +
 switch-with-home-cache                 |   2 +-
 system/nix-serve.nix                   |   2 +-
 system/secrets.nix                     |   2 ++
 5 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 secrets/monolith-nix-serve-privkey.age

diff --git a/secrets/monolith-nix-serve-privkey.age b/secrets/monolith-nix-serve-privkey.age
new file mode 100644
index 0000000000000000000000000000000000000000..843b433a17ac22f123776655e7c58497c91c8879
GIT binary patch
literal 839
zcmWmC&CA<#0Kjoi>Vh}Hp<e1PBB4vuq-}a|EKQRpZPGMNUy`a|()^mVd3%~)erXaP
zp6$V-;859N3Z5K1H^CQBchCuso@C$)3}Fn$Bgjr7V|bbK@n86UzLpEBAX+BHUb>E>
z^Ks%58HrUdR3P-K3A8Gm-7XhhY(C>iwp_`s=jYwbUBLj-cFl3jM67u#;iPpcGKPhr
zAqme>f4a>O*YA5#$b(5QZMU$oZDirBD{x865S>&DM#3%)>ur9ftYvAiPG{v(vH8MW
zqxr;(ydLeb;fRjuJf)@!M#ju!(~DftsiU->OK~xv0WT0_vJp98t@BipO?|qG)nz9P
zGY*ukq}ka*JYW+E%5vGklms*zjg2`a3Z`EgY*O2Bgfh}L9`NimXt&de8>c}!vDGbW
z2E#JnZF{8=xN4ne<8_Gni|r%>6hF<!b;}1b1v;s1qypZ8&~A*md6IXi)^Kh6g*jOc
zc^_m`5z@IRw5d&*k1z&wP&?$zK{J}uh!`M^;W!IIH!?Dtcgj6}j1QT}T@f=Qrxdl;
zLeO6sDyfu=1xy_a>r1B9*p0n7f{tPbMlkCtZUYEJ!ET3)28Z1pvJ5ky^hrk9Ta==^
zK_jTZh=eNMATR=j(g2Ez=KGXz%GKOD>Cjeve}hgV1O{Dh1UX`nNDsuYZ0{1A>^Cf7
zq^CMvxX}pve~s4-ec#h3X4OrA1wqBurizL0SN0KxB0*kfQ7>9FofIg2idS2l@0;_f
zY$=1)B4Nk7)})t=WO8RVJJzV7Gg!4+tvF@FW7HVwB9j4J>meLT{A!D{8H)soEESR7
z?lDtCsA<?c&%I0D|D)3V`gnEk#`U}3UHSO<^0V)s`n~YBbmy}-uN|EA^lxw9{PF6g
z`@iY(xv>801LowohrjsbL2>mN>dWTir^J6gaF47vem}bK^W_g;K6&l=i-&&+#4mq7
z`lkEo6Fv1Pet7+d$A5z_-ufiEb@qm$GG7`0zWV*O^OtVxXYRtMKYHoPPwyR`DIT0V
Lk!~J-{>s6BPCqni

literal 0
HcmV?d00001

diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 7e17b73..cb4c4a0 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -5,4 +5,5 @@ in
   "rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [ main_ssh_public_key ];
   "monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age".publicKeys = [ main_ssh_public_key ];
   "lelgenio-cachix.age".publicKeys = [ main_ssh_public_key ];
+  "monolith-nix-serve-privkey.age".publicKeys = [ main_ssh_public_key ];
 }
diff --git a/switch-with-home-cache b/switch-with-home-cache
index 025d931..cff021a 100755
--- a/switch-with-home-cache
+++ b/switch-with-home-cache
@@ -2,5 +2,5 @@
 
 ./switch \
     --option extra-substituters "http://nixcache.lelgenio.1337.cx:5000" \
-    --option extra-trusted-public-keys "nixcache.lelgenio.1337.cx:zxCfx7S658llDgAUG0JVyNrlAdFVvPniSdDOkvfTPS8=" \
+    --option extra-trusted-public-keys "nixcache.lelgenio.1337.cx:HZCwDaM39BOF+MLuviMQTUrz3rBWLTLV9H+GV4zcxVI=" \
     "$@"
diff --git a/system/nix-serve.nix b/system/nix-serve.nix
index ccdccb1..0bd49c2 100644
--- a/system/nix-serve.nix
+++ b/system/nix-serve.nix
@@ -1,6 +1,6 @@
 { config, pkgs, lib, ... }: {
   services.nix-serve = {
     enable = true;
-    secretKeyFile = "/var/cache-priv-key.pem";
+    secretKeyFile = config.age.secrets.monolith-nix-serve-privkey.path;
   };
 }
diff --git a/system/secrets.nix b/system/secrets.nix
index 4725e85..437325c 100644
--- a/system/secrets.nix
+++ b/system/secrets.nix
@@ -6,5 +6,7 @@
       ../secrets/monolith-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
     secrets.rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.file =
       ../secrets/rainbow-gitlab-runner-thoreb-itinerario-registrationConfigFile.age;
+    secrets.monolith-nix-serve-privkey.file =
+      ../secrets/monolith-nix-serve-privkey.age;
   };
 }