Move /secrets to /etc/secrets

e2949176 · Jens Nolte · 6e3cd3de · e2949176 · e2949176 · e2949176
Commit e2949176 authored 5 years ago by Jens Nolte
--- a/bin/install
+++ b/bin/install
@@ -90,11 +90,11 @@ nix copy --file "$nixos_system_file" --argstr hostname "$hostname" --to ssh://ro
 nixos_config_path=$(realpath "$local_temp_dir/nixos-config-$hostname")
 ssh root@$via_host "nixos-install --system $nixos_config_path && sync"
-ssh root@$via_host mkdir --mode u=rwx,g=,o= --parents /mnt/secrets/passwords
+ssh root@$via_host mkdir --mode u=rwx,g=,o= --parents /mnt/etc/secrets/passwords
 # TODO: get host-specific password
-#scp -r notThePassword root@$via_host:/mnt/secrets/passwords/root
+#scp -r notThePassword root@$via_host:/mnt/etc/secrets/passwords/root
-#scp -r notThePassword root@$via_host:/mnt/secrets/passwords/jens
+#scp -r notThePassword root@$via_host:/mnt/etc/secrets/passwords/jens
 ssh root@$via_host sync

--- a/bin/install-mounted
+++ b/bin/install-mounted
@@ -45,11 +45,11 @@ nix copy --file "$nixos_system_file" --argstr hostname "$hostname" --to ssh://ro
 nixos_config_path=$(realpath "$local_temp_dir/nixos-config-$hostname")
 ssh root@$via_host "nixos-install --system $nixos_config_path && sync"
-ssh root@$via_host mkdir --mode u=rwx,g=,o= --parents /mnt/secrets/passwords
+ssh root@$via_host mkdir --mode u=rwx,g=,o= --parents /mnt/etc/secrets/passwords
 # TODO: get host-specific password
-#scp -r notThePassword root@$via_host:/mnt/secrets/passwords/root
+#scp -r notThePassword root@$via_host:/mnt/etc/secrets/passwords/root
-#scp -r notThePassword root@$via_host:/mnt/secrets/passwords/jens
+#scp -r notThePassword root@$via_host:/mnt/etc/secrets/passwords/jens
 ssh root@$via_host sync

--- a/nixos/layers/base.nix
+++ b/nixos/layers/base.nix
@@ -77,12 +77,12 @@
    mutableUsers = false;
    defaultUserShell = pkgs.zsh;
    users.root = {
-      passwordFile = "/secrets/passwords/root";
+      passwordFile = "/etc/secrets/passwords/root";
    };
    users.jens = {
      uid = 1000;
      isNormalUser = true;
-      passwordFile = "/secrets/passwords/jens";
+      passwordFile = "/etc/secrets/passwords/jens";
      extraGroups = [ "wheel" "audio" "dialout" ];
    };
  };

--- a/nixos/layers/steam.nix
+++ b/nixos/layers/steam.nix
@@ -16,7 +16,7 @@ in
  users.users.steam = {
    isNormalUser = true;
    uid = 1100;
-    passwordFile = "/secrets/passwords/steam";
+    passwordFile = "/etc/secrets/passwords/steam";
    extraGroups = [ "audio" "input" ];
    packages = [
      customSteam