move age keys to /etc

closes #33
This commit is contained in:
Pim Kunis 2024-01-08 20:47:12 +01:00
parent aba16d3fd1
commit 0d150b3236
2 changed files with 4 additions and 4 deletions

View file

@ -34,12 +34,12 @@ trap cleanup EXIT
# Create directory where age key will go.
# Nixos-anwhere creates a kind of overlay and retains this structure on the final file system.
mkdir "$temp/root"
mkdir "$temp/etc"
secret-tool lookup age-identity "$servername" > "$temp/root/age_ed25519"
secret-tool lookup age-identity "$servername" > "$temp/etc/age_ed25519"
# Set the correct permissions
chmod 600 "$temp/root/age_ed25519"
chmod 600 "$temp/etc/age_ed25519"
# Install NixOS to the host system with our age identity
nix run github:numtide/nixos-anywhere -- --extra-files "$temp" --flake ".#${servername}" "root@${hostname}"

View file

@ -117,7 +117,7 @@
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
age.identityPaths = [ "/root/age_ed25519" ];
age.identityPaths = [ "/etc/age_ed25519" ];
virtualisation.libvirtd.enable = true;