Commit 10dbae7b authored by Valentin Reis's avatar Valentin Reis

fix ssh ids

parent 22c574c2
Pipeline #3696 canceled with stage
No preview for this file type
......@@ -5,6 +5,7 @@ let
keys = [ (pkgs.lib.readFile keys/id_rsa_vrg.pub) ];
argopkgs = import ../pkgs {};
hydraSrc = builtins.fetchTarball https://github.com/nixos/hydra/archive/master.tar.gz;
argomodules = import ../modules/module-list.nix;
in
{
network.description = "argo-ci";
......@@ -13,11 +14,14 @@ in
main =
{ config, ... }:
{
require=argomodules;
imports = [
./providers/openstack-tacc.nix
"${hydraSrc}/hydra-module.nix"
];
environment.argo.known_hosts.enable=true;
networking = {
firewall = {
allowedTCPPorts=[ 22 config.services.hydra.port ];
......@@ -134,6 +138,7 @@ in
slave1 =
{ ... }:
{
require=argomodules;
imports = [
./providers/openstack-tacc.nix
];
......
{ config, lib, pkgs, ... }:
with lib;
let
cfg=config.environment.argo.known_hosts;
in
{
options.environment.argo.known_hosts = {
enable = mkEnableOption "argo_knownhosts";
};
config = mkIf config.environment.argo.known_hosts.enable {
programs.ssh.knownHosts = [
{ hostNames = [ "github.com" ]; publicKey = builtins.readFile ./github.com.pub; }
{ hostNames = [ "xgitlab.cels.anl.gov" ]; publicKey = builtins.readFile ./xgitlab.cels.anl.gov.pub; }
{ hostNames = [ "gitlab.inria.fr" ]; publicKey = builtins.readFile ./gitlab.inria.fr.pub; }
];
};
}
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAFldY2ft1ReZjFYPpe/wa5Vhl4YJfYz6IJOZaZxL924R44jrGWiR2/Misrug75NBsQB+UWs1iIyWZPk0AN45Sk=
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA7gDbqn6Qw0bP3+DdSvSRxqme5nmakR7Nu8e7bcmXVD8YWWSh0Fl3cwPnrc2mSKMBAbJxOAf78NnGSJ7gtJLfZ+PwDbPAoQyTvLEElCuDgrkyNu/1QZpZaMYFqS2sMBi1Bmmr0ENLb+RRwrEPXkW3ji4lb5XXIWKchDzIgMQMfAtMxo5Y6pQQ2royBw4k34IeVGopgdXtc+hoDI4j5uFM5OX4jvtMIZFQDJTOTyq07gbfYcK9iFhesxvUYXw5qVBUHedelqgUUBqoEZNcb1I2rlcUp197JEDcu+VLLVwfPyeM9+o119PKgrZV9IC88kWH4uNpVxjF5KAIAxiYyXK5HQ==
[
./known-hosts
]
{stdenv, fetchgit, fetchgitPrivate}:
let
gitpin = f: fetchgit {inherit (stdenv.lib.importJSON f) url sha256;};
gitpinpriv = f: fetchgitPrivate {inherit (stdenv.lib.importJSON f) url sha256;};
gitpin = f: fetchgit {inherit (stdenv.lib.importJSON f) url sha256 rev fetchSubmodules;};
gitpinpriv = f: fetchgitPrivate {inherit (stdenv.lib.importJSON f) url sha256 rev fetchSubmodules;};
in {
nrm = {
bandit = gitpin ./nrm/bandit.json;
master = gitpin ./nrm/master.json;
bandit = gitpinpriv ./nrm/bandit.json;
master = gitpinpriv ./nrm/master.json;
};
containers = {
nix = gitpin ./containers/nix.json;
master = gitpin ./containers/master.json;
nix = gitpinpriv ./containers/nix.json;
master = gitpinpriv ./containers/master.json;
};
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment