From 04f7e566b4c14345055cc83e3b279bdf8dfc2f29 Mon Sep 17 00:00:00 2001 From: Gerg-L Date: Sun, 12 Mar 2023 18:01:35 -0400 Subject: [PATCH] fixed sops not decrypting at boot --- modules/sops.nix | 3 +-- systems/gerg-desktop/erase-your-darlings.nix | 9 +++------ 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/modules/sops.nix b/modules/sops.nix index b583293..8219f67 100644 --- a/modules/sops.nix +++ b/modules/sops.nix @@ -2,7 +2,6 @@ pkgs, self, config, - lib, ... }: { imports = [ @@ -13,6 +12,6 @@ ]; sops = { defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml"; - age.sshKeyPaths = lib.mkForce ["/etc/ssh/ssh_host_ed25519_key"]; + age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; }; } diff --git a/systems/gerg-desktop/erase-your-darlings.nix b/systems/gerg-desktop/erase-your-darlings.nix index 5007634..6ff59f6 100644 --- a/systems/gerg-desktop/erase-your-darlings.nix +++ b/systems/gerg-desktop/erase-your-darlings.nix @@ -6,13 +6,10 @@ _: {lib, ...}: { "L+ /etc/nixos - - - - /persist/nixos" ]; boot.initrd.postDeviceCommands = lib.mkAfter '' - zfs snapshot destroy rpool/root@prev - zfs snapshot destroy rpool/var@prev - - zfs snapshot create rpool/root@prev - zfs snapshot create rpool/var@prev - zfs rollback -r rpool/root@empty zfs rollback -r rpool/var@empty ''; + #make sure the sopskey is found + sops.age.sshKeyPaths = lib.mkForce ["/persist/ssh/ssh_host_ed25519_key"]; + fileSystems."/persist".neededForBoot = true; }