X-Git-Url: http://git.scottworley.com/auto-upgrade-with-pinch/blobdiff_plain/4acf153c79292b2e2e7c8f2cafdbdd0d076b97a3..9d0c0d71309239cfdc6c19996d2b730fdf06a692:/modules/auto-upgrade.nix

diff --git a/modules/auto-upgrade.nix b/modules/auto-upgrade.nix
index 8bf21aa..66d857f 100644
--- a/modules/auto-upgrade.nix
+++ b/modules/auto-upgrade.nix
@@ -28,7 +28,7 @@ let
         # Update channels
         (
           cd /etc/nixos
-          ${pkgs.keyedgit cfg.key}/bin/git pull --ff-only --verify-signatures
+          ${pkgs.keyedgit cfg.keys}/bin/git pull --ff-only --verify-signatures
           ${pkgs.pinch}/bin/pinch update channels
         )
 
@@ -71,11 +71,12 @@ in {
         '';
       };
 
-      key = mkOption {
+      keys = mkOption {
         type = types.path;
         description = ''
-          GPG key that signs updates.  Updates are only merged if the commit
-          at the tip of the remote branch is signed with this key.
+          File containing GPG keys that sign updates.  Updates are only merged
+          if the commit at the tip of the remote branch is signed with one of
+          these keys.
         '';
       };