about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2022-07-20 17:41:25 -0700
committerFranck Cuny <franck@fcuny.net>2022-07-20 17:49:05 -0700
commit0c05fb49b4ae7379807251c0282a71a27f34f09a (patch)
tree55bada240924352954eeccca60b734eb1e1b6ce1
parentfix(modules/secrets): set correctly all possible attributes (diff)
downloadworld-0c05fb49b4ae7379807251c0282a71a27f34f09a.tar.gz
docs(gerrit): how to edit the secrets
Change-Id: Ibc81727971cfbd7b05c383a1c58ca02b907683f7
Reviewed-on: https://cl.fcuny.net/c/world/+/661
Tested-by: CI
Reviewed-by: Franck Cuny <franck@fcuny.net>
-rw-r--r--docs/gerrit.org4
1 files changed, 3 insertions, 1 deletions
diff --git a/docs/gerrit.org b/docs/gerrit.org
index bee0509..28ab95f 100644
--- a/docs/gerrit.org
+++ b/docs/gerrit.org
@@ -6,7 +6,7 @@ A gerrit instance is running at [[https://cl.fcuny.net][cl.fcuny.net]].
 - branches other than main can be pushed to the server
 - the main branch can only be modified by gerrit
 * Secure configuration
-The file =/var/lib/gerrit/etc/secure.config= is managed by nix. The file contains:
+The file =/var/lib/gerrit/etc/secure.config= is managed by nix and is encrypted with age. The file contains the following settings:
 #+begin_src ini
 [auth]
   registerEmailPrivateKey = <redacted>
@@ -16,6 +16,8 @@ The file =/var/lib/gerrit/etc/secure.config= is managed by nix. The file contain
 [plugin "gerrit-oauth-provider-google-oauth"]
   client-secret = <google oauth secret>
 #+end_src
+
+From the directory =hosts/tahoe/secrets= you can run =nix run github:ryantm/agenix -- -e gerrit/secure-config.age= to edit the secrets.
 * Notes
 The [[https://gerrit.googlesource.com/plugins/reviewnotes/][review notes]] plugin is enabled. The plugin stores into the notes the information about the reviews.