]>
Git — Sourcephile - sourcephile-nix.git/blob - private/hosts/encrypt.sh
9 mkdir -p "$dir/$host/credentials/${hostkey%/*}"
11 sudo unshare
--mount sh
-xc "
12 mount --bind $dir/$host/root/credential.secret /var/lib/systemd/credential.secret &&
13 mount --bind $dir/$host/root/machine-id /etc/machine-id &&
14 systemd-creds encrypt --with-key=host --name '${hostkey##*/}' - - |
15 install -m 400 -o $USER -g users /dev/stdin '$dir/$host/credentials/$hostkey.cred'