From b72b1d321bf324386aa8aec83a9e7585efb68095 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Mon, 29 Apr 2024 11:03:17 -0500
Subject: [PATCH] Update nested secrets.

---
 nixos/telperion/configuration.nix | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/nixos/telperion/configuration.nix b/nixos/telperion/configuration.nix
index 71df91f..dfd589f 100644
--- a/nixos/telperion/configuration.nix
+++ b/nixos/telperion/configuration.nix
@@ -14,8 +14,14 @@
     # Mounts unencrypted sops values at /run/secrets/rndc_keys accessible by root only by default.
     secrets = {
       "rndc_keys" = {
-        owner = config.users.users.named.name;
-        inherit (config.users.users.named) group;
+        "main" = {
+          owner = config.users.users.named.name;
+          inherit (config.users.users.named) group;
+        };
+        "externaldns" = {
+          owner = config.users.users.named.name;
+          inherit (config.users.users.named) group;
+        };
       };
     };
   };