RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-29 19:17:45 +00:00
Code Issues Activity

fix

Browse source
This commit is contained in:
RGBCube 2025-02-26 03:00:12 +03:00
parent 366eb26758
commit 34d9e30529
Signed by: RGBCube
SSH key fingerprint: SHA256:CzqbPcfwt+GxFYNnFVCqoN5Itn4YFrshg1TrnACpA5M
1 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/best/hercules/default.nix
View file

@ -1,11 +1,10 @@
{ self, config, lib, ... }: let { self, config, lib, ... }: let
inherit (lib) enabled genAttrs removeAttrs; inherit (lib) enabled removeAttrs;
in { in {
secrets.awsCredentials = { secrets.herculesCredentials = {
file = ./credentials.age; file = ./credentials.age;
owner = "hercules-ci-agent"; owner = "hercules-ci-agent";
}; };
secrets.herculesCaches = { secrets.herculesCaches = {
file = ./caches.age; file = ./caches.age;
owner = "hercules-ci-agent"; owner = "hercules-ci-agent";
@ -19,11 +18,12 @@ in {
owner = "hercules-ci-agent"; owner = "hercules-ci-agent";
}; };
home-manager.users = genAttrs [ "hercules-ci-agent" "root" ] (_: homeArgs: let systemd.services.hercules-ci-agent.environment = {
homeLib = homeArgs.config.lib; AWS_SHARED_CREDENTIALS_FILE = config.secrets.herculesCredentials.path;
in {
home.file.".aws/credentials".source = homeLib.file.mkOutOfStoreSymlink config.secrets.awsCredentials.path; # AWS SDK is incredibly gay and will continuously try to contact 169.254.169.254 for EC2 metadata.
}); AWS_EC2_METADATA_DISABLED = "true";
};
services.hercules-ci-agent = enabled { services.hercules-ci-agent = enabled {
settings = { settings = {