From 55dbf93bfc2977bd99149abacae84da34f9b4b36 Mon Sep 17 00:00:00 2001
From: Aaron Bieber <aaron@bolddaemon.com>
Date: Thu, 1 Sep 2022 12:42:47 -0600
Subject: [PATCH] europa/stan: make peerix private key owner dynamic

---
 hosts/europa/default.nix | 9 +++++++--
 hosts/stan/default.nix   | 8 ++++++--
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/hosts/europa/default.nix b/hosts/europa/default.nix
index dd10256..735b273 100644
--- a/hosts/europa/default.nix
+++ b/hosts/europa/default.nix
@@ -1,5 +1,10 @@
 { config, pkgs, lib, modulesPath, ... }:
-let myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+let
+  myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  peerixUser = if builtins.hasAttr "peerix" config.users.users then
+    config.users.users.peerix.name
+  else
+    "root";
 in {
   _module.args.isUnstable = true;
 
@@ -31,7 +36,7 @@ in {
     };
     peerix_private_key = {
       sopsFile = config.xin-secrets.europa.peerix;
-      owner = "peerix";
+      owner = "${peerixUser}";
       group = "wheel";
       mode = "400";
     };
diff --git a/hosts/stan/default.nix b/hosts/stan/default.nix
index c59f0c3..fe56ec3 100644
--- a/hosts/stan/default.nix
+++ b/hosts/stan/default.nix
@@ -7,6 +7,10 @@ let
 
   userBase = { openssh.authorizedKeys.keys = pubKeys; };
   myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  peerixUser = if builtins.hasAttr "peerix" config.users.users then
+    config.users.users.peerix.name
+  else
+    "root";
 in {
   _module.args.isUnstable = true;
   imports = [ ./hardware-configuration.nix ../../overlays/default.nix ];
@@ -62,8 +66,8 @@ in {
     };
     peerix_private_key = {
       sopsFile = config.xin-secrets.stan.peerix;
-      owner = "peerix";
-      group = "peerix";
+      owner = "${peerixUser}";
+      group = "wheel";
       mode = "400";
     };
   };