From 990d315d7b7ecf08a0783900b34cf00aa283e1bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charlotte=20=F0=9F=A6=9D=20Delenk?= <lotte@chir.rs>
Date: Sun, 1 Dec 2024 14:35:12 +0100
Subject: [PATCH] add appropriate secrets

---
 config/services/hydra.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/config/services/hydra.nix b/config/services/hydra.nix
index f2726166..e907ff84 100644
--- a/config/services/hydra.nix
+++ b/config/services/hydra.nix
@@ -185,6 +185,12 @@ in
     };
   };
   nix.settings.trusted-users = [ "@hydra" ];
+  sops.secrets."hydra-evaluator/ssh/builder_id_ed25519" = {
+    sopsFile = ../../secrets/shared.yaml;
+    owner = "hydra";
+    key = "ssh/builder_id_ed25519";
+    path = "/var/lib/hydra/.ssh/builder_id_ed25519";
+  };
   sops.secrets."hydra/ssh/builder_id_ed25519" = {
     sopsFile = ../../secrets/shared.yaml;
     owner = "hydra-queue-runner";
@@ -195,6 +201,9 @@ in
     mkdir -p /var/lib/hydra/queue-runner/.ssh/
     chown -Rv hydra-queue-runner /var/lib/hydra/queue-runner
     ln -svf ${sshConfig} /var/lib/hydra/queue-runner/.ssh/config
+    mkdir -p /var/lib/hydra/.ssh/
+    chown -Rv hydra /var/lib/hydra/.ssh
+    ln -svf ${sshConfig} /var/lib/hydra/.ssh/config
   '';
   sops.secrets."attic/config.toml" = {
     owner = "hydra-queue-runner";