point deployed TF to panel ssh key

2025-04-10 11:12:39 +02:00 · 2025-04-10 11:12:39 +02:00 · 8f785d7582
commit 8f785d7582
parent 4f83f51e17
2 changed files with 4 additions and 2 deletions
--- a/infra/machines/fedi201/fedipanel.nix
+++ b/infra/machines/fedi201/fedipanel.nix
@ -1,6 +1,5 @@
 {
  config,
-  pkgs,
  ...
 }:
 let
@ -55,6 +54,9 @@ in
        CSRF_TRUSTED_ORIGINS = [ "https://${cfg.domain}" ];
        COMPRESS_OFFLINE = true;
        LIBSASS_OUTPUT_STYLE = "compressed";
+        ENV_VARS = {
+          ssh_private_key_file = config.age.secrets.panel-ssh-key.path;
+        };
      };
    secrets = {
      SECRET_KEY = config.age.secrets.panel-secret-key.path;
--- a/panel/src/panel/views.py
+++ b/panel/src/panel/views.py
@ -146,7 +146,7 @@ class DeploymentStatus(ConfigurationForm):
        } | {
            # pass in form info to our deployment
            # FIXME: ensure sensitive info is protected
-            f"TF_VAR_{k}": v if isinstance(v, str) else json.dumps(v) for k, v in deployment_params.items()
+            f"TF_VAR_{k}": v if isinstance(v, str) else json.dumps(v) for k, v in (settings.ENV_VARS | deployment_params).items()
        }
        cwd = f"{settings.repo_dir}/launch"
        cmd = [