derived-secrets: fix broken encoding

2023-07-08 11:20:00 +00:00 · 2023-07-08 11:20:00 +00:00 · 640d9be83d
commit 640d9be83d
parent db72f5e11f
2 changed files with 6 additions and 3 deletions
--- a/hosts/modules/derived-secrets/default.nix
+++ b/hosts/modules/derived-secrets/default.nix
@ -40,6 +40,7 @@ in
      generated.command = [
        "${hash-path-with-salt}/bin/hash-path-with-salt"
        path
+        c.encoding
      ];
      generated.acl.mode = "0600";
    }) cfg;
--- a/hosts/modules/derived-secrets/hash-path-with-salt
+++ b/hosts/modules/derived-secrets/hash-path-with-salt
@ -1,9 +1,11 @@
 #!/usr/bin/env nix-shell
 #!nix-shell -i bash
-echo "$1" | cat /dev/stdin /etc/ssh/host_keys/ssh_host_ed25519_key \
+file="$1"
+enc="$2"
+echo "$file" | cat /dev/stdin /etc/ssh/host_keys/ssh_host_ed25519_key \
  | sha512sum \
  | cut -c 1-${toString (c.len * 2)} \
  | tr a-z A-Z \
  | basenc -d --base16 \
-  | basenc --${c.encoding} \
-  > "$1"
+  | basenc "--$enc" \
+  > "$file"