| 18 Dec 2022 |
 dasj19 | do you want to take a look? i can post on pastebin or something | 22:30:38 |
 ryantm | Looks like there is some json file that gets made https://github.com/NixOS/nixpkgs/blob/ba46d30d1f9a636f46fb7877008140984f5e7b75/nixos/modules/config/update-users-groups.pl#LL88C12-L88C45 | 22:30:42 |
| ryantm | That the Perl script reads. | 22:30:48 |
| ryantm | It would be interesting to know if that script contains the /run/agenix/... path | 22:31:09 |
| dasj19 | in the perl script? | 22:32:25 |
| ryantm | It's called users-groups.json. Maybe you can find it with ls /nix/store/*users-groups.json | 22:33:02 |
| ryantm | {"autoSubUidGidRange":true,"createHome":true,"description":"Ryan Mulligan","group":"users","hashedPassword":null,"home":"/home/ryantm","homeMode":"700","initialHashedPassword":null,"initialPassword":null,"isSystemUser":false,"name":"ryantm","password":null,"passwordFile":"/run/agenix/passwordfile-ryantm","shell":"/run/current-system/sw/bin/bash","subGidRanges":[],"subUidRanges":[],"uid":null} | 22:34:07 |
| dasj19 | yes, found it... and it has: {"autoSubUidGidRange":true,"createHome":true,"description":"Daniel AAA","group":"users","hashedPassword":null,"home":"/home/daniel","homeMode":"700","initialHashedPassword":null,"initialPassword":null,"isSystemUser":false,"name":"daniel","password":null,"passwordFile":"/run/agenix/daniel-password","shell":"/run/current-system/sw/bin/bash","subGidRanges":[],"subUidRanges":[],"uid":null} | 22:34:31 |
| ryantm | looks the same as mine. bizarre. | 22:35:18 |
| dasj19 | i'll try one more thing .. I run on nixpkgs from 5. of december... i can try to update on a newer version | 22:36:28 |
| dasj19 | i run on the unstable branch | 22:36:39 |
| ryantm | system.activationScripts.debug.{ text = "set -x; echo "DEBUG PASSWORDFILE";cat /run/agenix/daniel-password"; deps = "agenixInstall"; }
system.activationScripts.users.deps = [ "debug" ];
| 22:37:58 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo "DEBUG PASSWORDFILE";cat /run/agenix/daniel-password"; deps = "agenixInstall"; }
system.activationScripts.users.deps = [ "debug" ];
| 22:38:12 |
| dasj19 | ok, i'll give that a try | 22:38:23 |
| ryantm | That should cat your password file after agenix installs it but before the users script runs. | 22:38:39 |
| dasj19 | had to fix a semicolon and change quotes to single quotes:
but still get: error: A definition for option system.activationScripts.debug.deps' is not of type list of string'. Definition values:
- In `/etc/nixos/configuration.nix': "agenixInstall" | 22:41:38 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo 'DEBUG PASSWORDFILE';cat /run/agenix/daniel-password"; deps = [ "agenixInstall" ]; }
system.activationScripts.users.deps = [ "debug" ];
| 22:42:12 |
| ryantm | Thanks, I fixed it above too. | 22:42:18 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo 'DEBUG PASSWORDFILE';cat /run/agenix/daniel-password"; deps = [ "agenixInstall" ]; };
system.activationScripts.users.deps = [ "debug" ];
| 22:42:30 |
| dasj19 | this is in the result:
- echo 'DEBUG PASSWORDFILE'
DEBUG PASSWORDFILE
- cat /run/agenix/daniel-password
$6$HgyUnbDcnnfRn4Ox$Ttzd6kxqrt2ZoutO.kfEXWzc4zCDCXYwHKN5X4NyB/scHOrWKoYbHQhuxtjI1tq8BRHn5Avxcgim5FHoNv90R1+ (( _localstatus > 0 ))
| 22:43:59 |
| dasj19 | so the secret gets decrypted correctly but does not end in the /etc/shadow | 22:45:13 |
| dasj19 | I am doing a system update and see if the issue persists | 22:47:08 |
| ryantm | ok, seems like everything is working... | 22:47:26 |
| dasj19 | system update did not help, i'll try on another system tomorrow, can't think of anything else i can try | 22:51:14 |
| ryantm | dasj19: aside from editing the perl script, me neither. | 22:51:37 |
| dasj19 | ok, but you can confirm that the current way of doing it is the right approach | 22:52:44 |
| dasj19 | thanks a lot for assistance, i have to go to bed soon | 22:53:58 |
| ryantm | Yes. | 22:58:49 |
| ryantm | Of course I can't see your whole configuration files, so there might be something obviously bad lurking. | 22:59:13 |
| 19 Dec 2022 |
|  lgcl (they/them) changed their profile picture. | 13:45:44 |
