muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2025-12-06 08:07:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix sops persist

Browse source
This commit is contained in:
muon 2025-07-31 22:18:40 +00:00
parent 9f197645c4
commit bc97a4ab04
2 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -14,9 +14,12 @@ rbw login
sudo mkdir -p /mnt/var/lib/sops-nix
sudo chown muon:users /mnt/var/lib/sops-nix -R
rbw get sops > /mnt/var/lib/sops-nix/key.txt
nix-shell -p jq --run "rbw get --raw sopsssh | jq -r '.data.password'" > /etc/ssh/ssh_host_ed25519_key.pub
nix-shell -p jq --run "rbw get --raw sopsssh | jq -r '.notes'" > /etc/ssh/ssh_host_ed25519_key
sudo nixos-install --root /mnt --no-root-passwd --flake .#$(hostname)
sudo mkdir -p /mnt/persist/var/lib/sops-nix
sudo cp -r /mnt/var/lib/nixos/* /mnt/persist/var/lib/nixos/
sudo cp -r /mnt/var/etc/ssh/* /mnt/persist/etc/ssh/
sudo cp {/mnt,/mnt/persist}/var/lib/sops-nix/key.txt
sudo cp {/mnt,/mnt/persist}/etc/machine-id
```

2
modules/nixos/impermanence.nix
View file

@ -4,7 +4,7 @@ with lib; {
config = mkIf config.mods.impermanence.enable {
environment.persistence."/persist" = {
directories = [ "/var/lib/nixos" "/var/lib/systemd/coredump" ];
directories = [ "/var/lib/nixos" "/var/lib/systemd/coredump" "/etc/ssh" ];
files = [ "/var/lib/sops-nix/key.txt" "/etc/machine-id" ];
};