System/Servenix+Thinknix: Fix sops key issue, they key location assumed an impermanent setup

Changed the default location to /home/${username}/.secrets/age/age.key, impermanent systems have to override this.
2025-07-25 23:33:48 +02:00
parent e677a74c41
commit 3c93a7e549
3 changed files with 5 additions and 5 deletions
--- a/system/modules/sops-nix/default.nix
+++ b/system/modules/sops-nix/default.nix
@ -26,9 +26,7 @@ in {
      defaultSopsFile = ./secrets.yaml;

      age = {
-        # NOTE: Sops needs the keys before impermanence kicks in
-        #       so we have to link to /persist directly...
-        keyFile = "/persist/home/${username}/.secrets/age/age.key";
+        keyFile = lib.mkDefault "/home/${username}/.secrets/age/age.key";
        generateKey = false;
        sshKeyPaths = [];
      };