tahoe: set owner for secret related to ACME

author: Franck Cuny <franck@fcuny.net> 2022-04-13 13:49:36 -0700
committer: Franck Cuny <franck@fcuny.net> 2022-04-13 13:49:36 -0700
commit: 80356830e3eb1b2a7fc07b47a42c0ce65a20db9d (patch)
tree: 7b4eff7dc132e3e871fcf713d7d21475a65cb1ab /hosts/tahoe/secrets
parent: secrets: we can specify which user owns it (diff)
download: infra-80356830e3eb1b2a7fc07b47a42c0ce65a20db9d.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix
index ce1fd4b..d9ca4d9 100644
--- a/hosts/tahoe/secrets/secrets.nix
+++ b/hosts/tahoe/secrets/secrets.nix
@@ -8,7 +8,10 @@ in {
   "wireguard_privatekey.age".publicKeys = all;
 
   "acme/credentials.age".publicKeys = all;
-  "acme/gcp_service_account.json.age".publicKeys = all;
+  "acme/gcp_service_account.json.age" = {
+    publicKeys = all;
+    owner = "acme";
+  };
 
   "unifi/unifi-poller.age".publicKeys = all;
author	Franck Cuny <franck@fcuny.net>	2022-04-13 13:49:36 -0700
committer	Franck Cuny <franck@fcuny.net>	2022-04-13 13:49:36 -0700
commit	80356830e3eb1b2a7fc07b47a42c0ce65a20db9d (patch)
tree	7b4eff7dc132e3e871fcf713d7d21475a65cb1ab /hosts/tahoe/secrets
parent	secrets: we can specify which user owns it (diff)
download	infra-80356830e3eb1b2a7fc07b47a42c0ce65a20db9d.tar.gz