From f2f06c4eae584005fec6fd881276e9acec1e29b9 Mon Sep 17 00:00:00 2001
From: dadada <dadada@dadada.li>
Date: Sun, 4 Jun 2023 03:13:48 +0200
Subject: [PATCH] ninurta: Update path to key

---
 nixos/ninurta/configuration.nix | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/nixos/ninurta/configuration.nix b/nixos/ninurta/configuration.nix
index ebf0007..4078389 100644
--- a/nixos/ninurta/configuration.nix
+++ b/nixos/ninurta/configuration.nix
@@ -10,7 +10,7 @@ let
   wgHydraPrivKey = "pruflas-wg-hydra-key";
   wg0PresharedKey = "pruflas-wg0-preshared-key";
   hydraGitHubAuth = "hydra-github-authorization";
-  initrdSshKey = "ninurta-initrd-ssh-key";
+  initrdSshKey = "/etc/ssh/ssh_initrd_ed25519_key";
 in
 {
   imports = [
@@ -44,7 +44,7 @@ in
         enable = true;
         port = 2222;
         authorizedKeys = config.dadada.admin.users.dadada.keys;
-        hostKeys = [ config.age.secrets.${initrdSshKey}.path ];
+        hostKeys = [ initrdSshKey ];
       };
     };
     # Kinda does not work?
@@ -151,10 +151,12 @@ in
   age.secrets.${wg0PrivKey}.file = "${secretsPath}/${wg0PrivKey}.age";
   age.secrets.${wg0PresharedKey}.file = "${secretsPath}/${wg0PresharedKey}.age";
   age.secrets.${wgHydraPrivKey}.file = "${secretsPath}/${wgHydraPrivKey}.age";
-  age.secrets.${initrdSshKey} = {
-    file = "${secretsPath}/${initrdSshKey}.age";
-    mode = "700";
-  };
+
+  # This does not work, since the key is needed earlier than run-agenix.mount.
+  # age.secrets.${initrdSshKey} = {
+  #   file = "${secretsPath}/${initrdSshKey}.age";
+  #   mode = "700";
+  # };
 
   services.snapper = {
     cleanupInterval = "1d";