dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos/containers: Fix agenix being broken with no dev key

Browse Source
This commit is contained in:
Jack O'Sullivan 2022-06-11 01:33:56 +01:00
parent 106698b53e
commit 58b2c6d8c5
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
nixos/modules/containers.nix
View File

@ -265,6 +265,7 @@ in
}; };
# age requires all keys to at least exist, even if they're not going to be used # age requires all keys to at least exist, even if they're not going to be used
agenixMountSecrets.deps = [ "ensureDevKey" ];
ensureDevKey.text = ensureDevKey.text =
'' ''
[ ! -e "${devVMKeyPath}" ] && touch "${devVMKeyPath}" [ ! -e "${devVMKeyPath}" ] && touch "${devVMKeyPath}"

2
nixos/modules/secrets.nix
View File

@ -26,7 +26,7 @@ in
# Use the persit dir to grab the keys instead, otherwise they might not be ready. We can't really make # Use the persit dir to grab the keys instead, otherwise they might not be ready. We can't really make
# agenix depend on impermanence, since users depends on agenix (to decrypt passwords) and impermanence # agenix depend on impermanence, since users depends on agenix (to decrypt passwords) and impermanence
# depends on users # depends on users
(e: let pDir = config.my.tmproot.persistence.dir; in if pDir != null then "${pDir}/${e.path}" else e.path) (e: let pDir = config.my.tmproot.persistence.dir; in if pDir != null then "${pDir}${e.path}" else e.path)
(lib.filter (e: e.type == "rsa" || e.type == "ed25519") config.services.openssh.hostKeys)); (lib.filter (e: e.type == "rsa" || e.type == "ed25519") config.services.openssh.hostKeys));
}; };
} }