colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

sops: decrypt secrets AFTER /nix/ssh has been mounted

Browse Source
This commit is contained in:
colin
2022-06-30 01:30:58 -07:00
parent 1098c66e8d
commit 9123c98595
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/impermanence.nix
View File

@@ -102,6 +102,13 @@ in
# { file = "/home/test2"; persistentStoragePath = "/nix/persist"; } # { file = "/home/test2"; persistentStoragePath = "/nix/persist"; }
]; ];
}; };
systemd.services.sane-sops = {
description = "sops relies on /etc/ssh being available, so re-run its activation AFTER fs-local";
script = config.system.activationScripts.setupSecrets.text;
after = [ "fs-local.target" ];
wantedBy = [ "multi-user.target" ];
};
}; };
} }