RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-29 02:57:44 +00:00
Code Issues Activity

fix

Browse source
This commit is contained in:
RGBCube 2025-02-26 03:00:12 +03:00
parent 366eb26758
commit 34d9e30529
Signed by: RGBCube
SSH key fingerprint: SHA256:CzqbPcfwt+GxFYNnFVCqoN5Itn4YFrshg1TrnACpA5M
1 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/best/hercules/default.nix
View file

@ -1,11 +1,10 @@
{ self, config, lib, ... }: let
inherit (lib) enabled genAttrs removeAttrs;
inherit (lib) enabled removeAttrs;
in {
secrets.awsCredentials = {
secrets.herculesCredentials = {
file = ./credentials.age;
owner = "hercules-ci-agent";
};
secrets.herculesCaches = {
file = ./caches.age;
owner = "hercules-ci-agent";
@ -19,11 +18,12 @@ in {
owner = "hercules-ci-agent";
};
home-manager.users = genAttrs [ "hercules-ci-agent" "root" ] (_: homeArgs: let
homeLib = homeArgs.config.lib;
in {
home.file.".aws/credentials".source = homeLib.file.mkOutOfStoreSymlink config.secrets.awsCredentials.path;
});
systemd.services.hercules-ci-agent.environment = {
AWS_SHARED_CREDENTIALS_FILE = config.secrets.herculesCredentials.path;
# AWS SDK is incredibly gay and will continuously try to contact 169.254.169.254 for EC2 metadata.
AWS_EC2_METADATA_DISABLED = "true";
};
services.hercules-ci-agent = enabled {
settings = {