sourcephile / git / sourcephile-nix.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 3f1c5f1)
systemd-crypt: fix decrypt.sh
authorJulien Moutinho <julm+sourcephile-nix@sourcephile.fr>
Thu, 18 Aug 2022 13:13:19 +0000 (15:13 +0200)
committerJulien Moutinho <julm+sourcephile-nix@sourcephile.fr>
Thu, 18 Aug 2022 13:13:19 +0000 (15:13 +0200)
private/hosts/decrypt.sh patch | blob | history

diff --git a/private/hosts/decrypt.sh b/private/hosts/decrypt.sh
index d4db51f9aee9bc25bbcf70c72a261fa98b4d76a9..eb19a50d704891d375710e0fd256b074c5bdb020 100755 (executable)
--- a/private/hosts/decrypt.sh
+++ b/private/hosts/decrypt.sh
@@ -2,9 +2,12 @@
 set -eu
 dir=${0%/*}
 key=$1
+host=${key##*hosts/}
+host=${host%%/*}
 name=${key##*/}
 name=${name%.secret}
 sudo unshare --mount sh -xc "
-  mount --bind '$dir'/credential.secret /var/lib/systemd/credential.secret &&
+  mount --bind $dir/$host/root/credential.secret /var/lib/systemd/credential.secret &&
+  mount --bind $dir/$host/root/machine-id /etc/machine-id &&
   systemd-creds decrypt --with-key=host --name '$name' '$key' -
 "
NixOS configurations for Sourcephile's infrastructure