simplify ssh key management

author: Franck Cuny <franck@fcuny.net> 2026-01-12 08:20:05 -0800
committer: Franck Cuny <franck@fcuny.net> 2026-01-12 08:20:24 -0800
commit: ce0066436d14efbc8a3592f504efcb409f14333b (patch)
tree: 4eb6192e066335fe0a0e186f0394aaf1923d5749 /profiles/git-server.nix
parent: don't use agenix from home manager (diff)
download: infra-ce0066436d14efbc8a3592f504efcb409f14333b.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/profiles/git-server.nix b/profiles/git-server.nix
index 504027a..d162a8e 100644
--- a/profiles/git-server.nix
+++ b/profiles/git-server.nix
@@ -1,4 +1,9 @@
-{ pkgs, lib, ... }:
+{
+  pkgs,
+  lib,
+  adminUser,
+  ...
+}:
 let
   cgit-org2html = pkgs.writeShellScriptBin "org2html" ''
     ${pkgs.pandoc}/bin/pandoc \
@@ -27,7 +32,7 @@ in
 {
   services.gitolite = {
     enable = true;
-    adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi";
+    adminPubkey = adminUser.userinfo.sshPublicKeys."yubikey-personal-nano";
     user = "git";
     group = "git";
     extraGitoliteRc = ''
author	Franck Cuny <franck@fcuny.net>	2026-01-12 08:20:05 -0800
committer	Franck Cuny <franck@fcuny.net>	2026-01-12 08:20:24 -0800
commit	ce0066436d14efbc8a3592f504efcb409f14333b (patch)
tree	4eb6192e066335fe0a0e186f0394aaf1923d5749 /profiles/git-server.nix
parent	don't use agenix from home manager (diff)
download	infra-ce0066436d14efbc8a3592f504efcb409f14333b.tar.gz