From ec64eebfd6c3b006b7ff5d5c3bda750cf04a5662 Mon Sep 17 00:00:00 2001
From: June <june@jsts.xyz>
Date: Tue, 29 Oct 2024 23:17:31 +0100
Subject: [PATCH] common: use pkgs.fetchgit and git commit hash for authorized
 keys repo

Do this to be in line with other places, where resources get fetched
using git and to hopefully avoid errors such as:
Cannot find Git revision 'da9d3ead9d97ce0fef7538638326264957e2f1b4' in ref 'trunk' of repository 'ssh://forgejo@git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys.git'! Please make sure that the rev exists on the ref you've specified or add allRefs = true; to fetchGit.
This issue was discovered while trying to make the new hydra work.
---
 config/common/users.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/common/users.nix b/config/common/users.nix
index ab29904..59682c4 100644
--- a/config/common/users.nix
+++ b/config/common/users.nix
@@ -9,10 +9,10 @@
 { config, pkgs, lib, ... }:
 
 let
-  authorizedKeysRepo = builtins.fetchGit {
-    url = "forgejo@git.hamburg.ccc.de:CCCHH/infrastructure-authorized-keys.git";
-    ref = "trunk";
-    rev = "da9d3ead9d97ce0fef7538638326264957e2f1b4";
+  authorizedKeysRepo = pkgs.fetchgit {
+    url = "https://git.hamburg.ccc.de/CCCHH/infrastructure-authorized-keys";
+    rev = "b6a29dc7af0a45a8c0b4904290c7cb0c5bc51413";
+    hash = "sha256-c0aH0wQeJtfXJG5wAbS6aO8yILLI1NNkFAHAeOm8RXA=";
   };
   authorizedKeys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
 in