Torjus Håkestad
aedccbd9a0
Some checks failed
Run nix flake check / flake-check (push) Failing after 1s
All secrets are now managed by OpenBao (Vault). Remove the legacy sops-nix infrastructure that is no longer in use. Removed: - sops-nix flake input - system/sops.nix module - .sops.yaml configuration file - Age key generation from template prepare-host scripts Updated: - flake.nix - removed sops-nix references from all hosts - flake.lock - removed sops-nix input - scripts/create-host/ - removed sops references - CLAUDE.md - removed SOPS documentation Note: secrets/ directory should be manually removed by the user. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
31 lines
691 B
Nix
31 lines
691 B
Nix
{ pkgs, ... }:
|
|
let
|
|
prepare-host-script = pkgs.writeShellApplication {
|
|
name = "prepare-host.sh";
|
|
text = ''
|
|
echo "Removing machine-id"
|
|
rm -f /etc/machine-id || true
|
|
|
|
echo "Removing SSH host keys"
|
|
rm -f /etc/ssh/ssh_host_* || true
|
|
|
|
echo "Restarting SSH"
|
|
systemctl restart sshd
|
|
|
|
echo "Removing temporary files"
|
|
rm -rf /tmp/* || true
|
|
|
|
echo "Removing logs"
|
|
journalctl --rotate || true
|
|
journalctl --vacuum-time=1s || true
|
|
|
|
echo "Removing cache"
|
|
rm -rf /var/cache/* || true
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
environment.systemPackages = [ prepare-host-script ];
|
|
users.motd = "Prepare host by running 'prepare-host.sh'.";
|
|
}
|