gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixed sops not decrypting at boot

Browse source
This commit is contained in:
Gerg-L 2023-03-12 18:01:35 -04:00
parent ca82a01644
commit 04f7e566b4
2 changed files with 4 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/sops.nix
View file

@ -2,7 +2,6 @@
pkgs, pkgs,
self, self,
config, config,
lib,
... ...
}: { }: {
imports = [ imports = [
@ -13,6 +12,6 @@
]; ];
sops = { sops = {
defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml"; defaultSopsFile = "${self}/systems/${config.networking.hostName}/secrets.yaml";
age.sshKeyPaths = lib.mkForce ["/etc/ssh/ssh_host_ed25519_key"]; age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
}; };
} }

9
systems/gerg-desktop/erase-your-darlings.nix
View file

@ -6,13 +6,10 @@ _: {lib, ...}: {
"L+ /etc/nixos - - - - /persist/nixos" "L+ /etc/nixos - - - - /persist/nixos"
]; ];
boot.initrd.postDeviceCommands = lib.mkAfter '' boot.initrd.postDeviceCommands = lib.mkAfter ''
zfs snapshot destroy rpool/root@prev
zfs snapshot destroy rpool/var@prev
zfs snapshot create rpool/root@prev
zfs snapshot create rpool/var@prev
zfs rollback -r rpool/root@empty zfs rollback -r rpool/root@empty
zfs rollback -r rpool/var@empty zfs rollback -r rpool/var@empty
''; '';
#make sure the sopskey is found
sops.age.sshKeyPaths = lib.mkForce ["/persist/ssh/ssh_host_ed25519_key"];
fileSystems."/persist".neededForBoot = true;
} }