refactor(impermanence,battleship-mk2): save /var/keys directory instead of individual files

2026-03-19 15:41:18 -03:00
parent 4d39c7e444
commit 8ce54a8197
1 changed files with 2 additions and 5 deletions
--- a/hosts/battleship-mk2/impermanence.nix
+++ b/hosts/battleship-mk2/impermanence.nix
@@ -16,6 +16,7 @@
      "/etc/NetworkManager/system-connections"
      "/etc/secureboot"
      "/var/db/sudo"
+      "/var/keys"
      "/var/log"
      "/var/lib/bluetooth"
      "/var/lib/nixos"
@@ -29,10 +30,6 @@
    ];
    files = [
      "/etc/machine-id"
-      {
-        file = "/var/keys/secret_file";
-        parentDirectory = {mode = "u=rwx,g=,o=";};
-      }
    ];
  };

@@ -41,7 +38,7 @@
    script = pkgs.writeShellScriptBin "rollback" ''
      mkdir -p /btrfs_tmp

-      mount -o subvol=/ /dev/mapper/enc /btrfs_tmp
+      mount -o subvol=/ /dev/mapper/cryptroot /btrfs_tmp

      if [[ -e /btrfs_tmp/root ]]; then
        mkdir -p /btrfs_tmp/old_roots