Add persist key

README.md

@@ -20,7 +20,7 @@ rbw get sops > /mnt/var/lib/sops-nix/key.txt
 sudo nixos-install --root /mnt --no-root-passwd --flake .#$(hostname)
 sudo mkdir -p /mnt/persist/var/lib/sops-nix
 sudo cp -r /mnt/var/lib/nixos/* /mnt/persist/var/lib/nixos/
-sudo cp -r /mnt/etc/ssh/* /mnt/persist/etc/ssh/
+sudo cp -r /mnt/etc/ssh/ssh_host* /mnt/persist/etc/ssh/
 sudo cp {/mnt,/mnt/persist}/var/lib/sops-nix/key.txt
 sudo cp {/mnt,/mnt/persist}/etc/machine-id
 ```

modules/home/sops/default.nix

@@ -3,7 +3,7 @@ let cfg = config.mods;
 in with lib; {
   imports = [ inputs.sops-nix.homeManagerModules.sops ];
   sops = {
-    age.keyFile = "/var/lib/sops-nix/key.txt";
+    age.keyFile = "/persist/var/lib/sops-nix/key.txt";
     defaultSopsFile = ./secrets.yaml;
     secrets.zipline-auth = { };
   };

modules/nixos/sops/default.nix

@@ -3,7 +3,7 @@ let cfg = config.mods;
 in with lib; {
   imports = [ inputs.sops-nix.nixosModules.sops ];
   sops = {
-    age.keyFile = "/var/lib/sops-nix/key.txt";
+    age.keyFile = "/persist/var/lib/sops-nix/key.txt";
     defaultSopsFile = ./secrets.yaml;
     secrets.muon-password.neededForUsers = true;
     secrets.zipline-secret = mkIf cfg.server.share.enable {