diff options
Diffstat (limited to 'hosts/tahoe/secrets')
-rw-r--r-- | hosts/tahoe/secrets/secrets.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/hosts/tahoe/secrets/secrets.nix b/hosts/tahoe/secrets/secrets.nix index 8776e6a..79273b8 100644 --- a/hosts/tahoe/secrets/secrets.nix +++ b/hosts/tahoe/secrets/secrets.nix @@ -21,9 +21,13 @@ in { mode = "0440"; }; + # the owner is gerrit, but we also want the builders to access this + # configuration. "gerrit/hooks.age" = { publicKeys = all; owner = "git"; + group = "buildkite-agents"; + mode = "0440"; }; "syncthing/key.age" = { |