europa/stan: make peerix private key owner dynamic

2022-09-01 12:42:47 -06:00 · 2022-09-01 12:42:47 -06:00 · 55dbf93bfc
commit 55dbf93bfc
parent 921a1f92f6
2 changed files with 13 additions and 4 deletions
--- a/hosts/europa/default.nix
+++ b/hosts/europa/default.nix
@ -1,5 +1,10 @@
 { config, pkgs, lib, modulesPath, ... }:
-let myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+let
+  myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  peerixUser = if builtins.hasAttr "peerix" config.users.users then
+    config.users.users.peerix.name
+  else
+    "root";
 in {
  _module.args.isUnstable = true;

@ -31,7 +36,7 @@ in {
    };
    peerix_private_key = {
      sopsFile = config.xin-secrets.europa.peerix;
-      owner = "peerix";
+      owner = "${peerixUser}";
      group = "wheel";
      mode = "400";
    };
--- a/hosts/stan/default.nix
+++ b/hosts/stan/default.nix
@ -7,6 +7,10 @@ let

  userBase = { openssh.authorizedKeys.keys = pubKeys; };
  myEmacs = pkgs.callPackage ../../configs/emacs.nix { };
+  peerixUser = if builtins.hasAttr "peerix" config.users.users then
+    config.users.users.peerix.name
+  else
+    "root";
 in {
  _module.args.isUnstable = true;
  imports = [ ./hardware-configuration.nix ../../overlays/default.nix ];
@ -62,8 +66,8 @@ in {
    };
    peerix_private_key = {
      sopsFile = config.xin-secrets.stan.peerix;
-      owner = "peerix";
-      group = "peerix";
+      owner = "${peerixUser}";
+      group = "wheel";
      mode = "400";
    };
  };