From 2f6152042984b7578e86b15892b093f0a8301c97 Mon Sep 17 00:00:00 2001
From: Caroline Larimore <caroline@larimo.re>
Date: Mon, 22 Jul 2024 19:02:31 -0700
Subject: Use /secrets

---
 hosts/c-pc/configuration.nix          | 4 ++--
 hosts/c-pc/hardware-configuration.nix | 1 +
 hosts/copenhagen/configuration.nix    | 3 ++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/hosts/c-pc/configuration.nix b/hosts/c-pc/configuration.nix
index 9d11121..367349c 100644
--- a/hosts/c-pc/configuration.nix
+++ b/hosts/c-pc/configuration.nix
@@ -36,11 +36,11 @@
   time.timeZone = "America/Los_Angeles";
 
   users.users = {
-    root.hashedPasswordFile = "/persist/secrets/passwords/root";
+    root.hashedPasswordFile = "/secrets/passwords/root";
 
     "c" = {
       isNormalUser = true;
-      hashedPasswordFile = "/persist/secrets/passwords/c";
+      hashedPasswordFile = "/secrets/passwords/c";
       extraGroups = [ "wheel" ];
     };
   };
diff --git a/hosts/c-pc/hardware-configuration.nix b/hosts/c-pc/hardware-configuration.nix
index c268ff8..dee425a 100644
--- a/hosts/c-pc/hardware-configuration.nix
+++ b/hosts/c-pc/hardware-configuration.nix
@@ -36,6 +36,7 @@
     "/"        = { fsType = "zfs"; device = "zpool/root"; };
     "/home"    = { fsType = "zfs"; device = "zpool/home"; };
     "/persist" = { fsType = "zfs"; device = "zpool/persist"; };
+    "/secrets" = { fsType = "zfs"; device = "zpool/secrets"; };
     "/nix"     = { fsType = "zfs"; device = "zpool/nix"; };
 
     "/boot"    = { fsType = "vfat"; device = "/dev/disk/by-uuid/12CE-A600"; };
diff --git a/hosts/copenhagen/configuration.nix b/hosts/copenhagen/configuration.nix
index a8728f3..9f3b721 100644
--- a/hosts/copenhagen/configuration.nix
+++ b/hosts/copenhagen/configuration.nix
@@ -38,10 +38,11 @@
   time.timeZone = "America/Los_Angeles";
 
   users.users = {
-    root.password = "password";
+    root.hashedPasswordFile = "/secrets/passwords/root";
 
     "c" = {
       isNormalUser = true;
+      hashedPasswordFile = "/secrets/passwords/c";
       extraGroups = [ "wheel" "minecraft" ];
       openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDO8JxqS7B2n3YlNtlVMZGARi+GG/z7wLiiyl52qSZc caroline@larimo.re" ];
     };
-- 
cgit v1.2.3