From 428b1d4e3a8955f0c93ec2c49b40c88db517b177 Mon Sep 17 00:00:00 2001
From: Kiara Grouwstra <kiara@procolix.eu>
Date: Thu, 17 Apr 2025 13:52:46 +0200
Subject: [PATCH] more comments

---
 launch/options.nix  | 1 +
 launch/resource.nix | 5 ++---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/launch/options.nix b/launch/options.nix
index c090b372..4ae70b6e 100644
--- a/launch/options.nix
+++ b/launch/options.nix
@@ -1,3 +1,4 @@
+# TODO: could (part of) this be generated somehow?
 {
   lib,
   ...
diff --git a/launch/resource.nix b/launch/resource.nix
index 7ae3f99f..41839e8c 100644
--- a/launch/resource.nix
+++ b/launch/resource.nix
@@ -10,7 +10,7 @@ let
   inherit (lib.strings) removeSuffix;
 
   secretsPrefix = ../secrets;
-  secrets = import (secretsPrefix + "/secrets.nix");
+  secrets = import "${secretsPrefix}/secrets.nix";
   keys = import ../keys;
 
 in
@@ -35,8 +35,7 @@ in
     }
   ) secrets;
 
-  ## FIXME: Remove direct root authentication once the NixOps4 NixOS provider
-  ## supports users with password-less sudo.
+  ## FIXME: switch root authentication to users with password-less sudo, see #24
   users.users.root.openssh.authorizedKeys.keys = attrValues keys.contributors ++ [
     # allow our panel vm access to the test machines
     keys.panel