Commit b06148a2e121
Changed files (2)
modules
nix-flake-updater
systems
okinawa
modules/nix-flake-updater/default.nix
@@ -124,6 +124,13 @@ let
description = "Random delay in seconds before starting (0-value)";
};
+ sshKeyFile = mkOption {
+ type = types.str;
+ default = "/home/${config.user}/.ssh/id_ed25519";
+ example = "/home/user/.ssh/id_passage";
+ description = "Path to the SSH private key for git push (must be authorized on the remote)";
+ };
+
autoFix = {
enable = mkEnableOption "AI-powered auto-fix on build failure";
@@ -212,7 +219,7 @@ let
Type = "oneshot";
User = instanceCfg.user;
ExecStart = "${mkUpdateScript name instanceCfg}";
- Environment = ''"GIT_SSH_COMMAND=ssh -F /dev/null -o IdentitiesOnly=yes -i /home/${instanceCfg.user}/.ssh/id_ed25519 -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/home/${instanceCfg.user}/.ssh/known_hosts"'';
+ Environment = ''"GIT_SSH_COMMAND=ssh -F /dev/null -o IdentitiesOnly=yes -i ${instanceCfg.sshKeyFile} -o StrictHostKeyChecking=yes -o UserKnownHostsFile=/home/${instanceCfg.user}/.ssh/known_hosts"'';
# Don't fail if update fails (e.g., no changes, build failures)
SuccessExitStatus = "0 1";
systems/okinawa/extra.nix
@@ -158,6 +158,7 @@
biweekly = {
enable = true;
repoPath = "/home/vincent/src/home";
+ sshKeyFile = "/home/vincent/.ssh/id_passage";
# Build systems across both architectures for verification
buildSystems = [
@@ -216,6 +217,7 @@
daily = {
enable = true;
repoPath = "/home/vincent/src/home";
+ sshKeyFile = "/home/vincent/.ssh/id_passage";
# Update only personal repos
flakeInputs = [