From 6d9fdcbd70ff90c8c6f7dc9fa16f489a54f74304 Mon Sep 17 00:00:00 2001 From: Ryan Mulligan Date: Thu, 16 Sep 2021 15:39:38 -0700 Subject: [PATCH] fix: remove workaround for #54 https://github.com/NixOS/nixpkgs/pull/137508 should remove the need for this. --- modules/age.nix | 32 ++++++++++++-------------------- 1 file changed, 12 insertions(+), 20 deletions(-) diff --git a/modules/age.nix b/modules/age.nix index 4442c42..553e56f 100644 --- a/modules/age.nix +++ b/modules/age.nix @@ -103,29 +103,21 @@ in ''; }; }; - config = mkIf (cfg.secrets != { }) (mkMerge [ - { - assertions = [{ - assertion = cfg.sshKeyPaths != [ ]; - message = "age.sshKeyPaths must be set."; - }]; + config = mkIf (cfg.secrets != { }) { + assertions = [{ + assertion = cfg.sshKeyPaths != [ ]; + message = "age.sshKeyPaths must be set."; + }]; - # Secrets with root owner and group can be installed before users - # exist. This allows user password files to be encrypted. - system.activationScripts.agenixRoot = stringAfter [ "specialfs" ] installRootOwnedSecrets; - system.activationScripts.users.deps = [ "agenixRoot" ]; + # Secrets with root owner and group can be installed before users + # exist. This allows user password files to be encrypted. + system.activationScripts.agenixRoot = stringAfter [ "specialfs" ] installRootOwnedSecrets; + system.activationScripts.users.deps = [ "agenixRoot" ]; - # Other secrets need to wait for users and groups to exist. - system.activationScripts.agenix = stringAfter [ "users" "groups" "specialfs" ] installNonRootSecrets; + # Other secrets need to wait for users and groups to exist. + system.activationScripts.agenix = stringAfter [ "users" "groups" "specialfs" ] installNonRootSecrets; - } + }; - # workaround for #54 - (optionalAttrs (builtins.hasAttr "dryActivationScript" options.system) { - system.activationScripts.users.supportsDryActivation = mkForce false; - system.activationScripts.groups.supportsDryActivation = mkForce false; - }) - - ]); }