don't copy secret files to store during nixops deployment

network/network.nix

@@ -44,28 +44,28 @@ let
     permissions = "0440";
   };
   nginx_key = {
-    keyFile = ../secrets/nginx.key;
+    keyFile = toString ../../secrets/nginx.key;
     destDir = "/secrets/";
     user = "nginx";
     group = "root";
     permissions = "0440";
   };
   nginx_cert = {
-    keyFile = ../secrets/nginx.cert;
+    keyFile = toString ../../secrets/nginx.cert;
     destDir = "/secrets/";
     user = "nginx";
     group = "root";
     permissions = "0440";
   };
   lnd_key = {
-    keyFile = ../secrets/lnd.key;
+    keyFile = toString ../../secrets/lnd.key;
     destDir = "/secrets/";
     user = "lnd";
     group = "lnd";
     permissions = "0440";
   };
   lnd_cert = {
-    keyFile = ../secrets/lnd.cert;
+    keyFile = toString ../../secrets/lnd.cert;
     destDir = "/secrets/";
     user = "lnd";
     group = "lnd";

pkgs/nixops/release.nix.patch

@@ -32,3 +32,14 @@
 
 
        # For "nix-build --run-env".
+
+--- a/nixops/backends/__init__.py
++++ b/nixops/backends/__init__.py
+@@ -24,6 +24,7 @@ class MachineDefinition(nixops.resources.ResourceDefinition):
+             opts = {}
+             for (key, xmlType) in (('text',        'string'),
+                                    ('keyFile',     'path'),
++                                   ('keyFile',     'string'),
+                                    ('destDir',     'string'),
+                                    ('user',        'string'),
+                                    ('group',       'string'),