mirror of
https://github.com/oddlama/nix-config.git
synced 2025-10-11 07:10:39 +02:00
feat: inherit lovesegfault's changes to host generation
This commit is contained in:
parent
2081ce6585
commit
7c6461d8e2
7 changed files with 18 additions and 29 deletions
|
@ -35,13 +35,12 @@ with lib; {
|
|||
hasGoodSuffix = x: strings.hasSuffix ".age" x || strings.hasSuffix ".pub" x;
|
||||
in
|
||||
# drv.drvPath doesn't force evaluation, which allows the warning to be displayed
|
||||
# before the error occurs
|
||||
# in case the derivation is not built before deploying
|
||||
optional (!pathExists (removeSuffix ".drv" drv.drvPath)) ''
|
||||
The secrets have not yet been rekeyed!
|
||||
The secrets for host ${config.networking.hostName} have not yet been rekeyed!
|
||||
Be sure to run `nix run ".#rekey"` after changing your secrets!
|
||||
''
|
||||
++ optional (!all hasGoodSuffix config.rekey.masterIdentityPaths)
|
||||
''
|
||||
++ optional (!all hasGoodSuffix config.rekey.masterIdentityPaths) ''
|
||||
It seems like at least one of your rekey.masterIdentityPaths contains an
|
||||
unencrypted age identity. These files will be copied to the nix store, so
|
||||
make sure they don't contain any secret information!
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue