From 02ab2c3aecdf95de9824f79f3afd3dbaf614f98b Mon Sep 17 00:00:00 2001
From: pigeonmoelleux <pigeonmoelleux@crans.org>
Date: Wed, 25 Jun 2025 17:37:21 +0200
Subject: [PATCH] Correction secrets.nix

---
 secrets.nix | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/secrets.nix b/secrets.nix
index 7957792..702bf51 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -62,7 +62,7 @@ let
   # Secrets
 
   commonSecrets = (listFilesRelative ./secrets/common) ++ [
-    "./secrets/restic/client_env"
+    "./secrets/restic/client_env.age"
   ];
 
   acmeSecrets = listFilesRelative ./secrets/acme;
@@ -74,21 +74,21 @@ in
 # Secrets pour ACME
 // (genAttrs acmeSecrets acme)
 # Secrets pour restic
-// builtins.foldl' (
-  acc: name:
-  acc
-  // (
-    let
-      key = hosts.${name};
-    in
-    genAttrs
-      [
-        "./secrets/restic/${name}/base-repo"
-        "./secrets/restic/${name}/base-password"
-      ]
-      [ key ]
-  )
-) { } (lists.remove "thot" hostnames)
+// attrsets.foldlAttrs (
+  outacc: host: key:
+  let
+    secrets = listFilesRelative (path.append ./secrets/restic host);
+  in
+  outacc
+  // builtins.foldl' (
+    acc: secret:
+    acc
+    // {
+      "${secret}".publicKeys = [ key ] ++ nounous;
+    }
+  ) { } secrets
+) { } (lib.filterAttrs (host: _: host != "thot" && host != "cephiroth") hosts)
+# Secrets spécifiques à chaque VM
 // attrsets.foldlAttrs (
   outacc: host: key:
   let