From 702cd972ab55d3bc95641ae8a460cf7e2f4d2adb Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <hg@lukegb.com>
Date: Thu, 17 Mar 2022 12:27:10 +0000
Subject: [PATCH] nixos/vault-agent: should care about /var/lib/vault-agent
 instead

---
 ops/nixos/lib/vault-agent.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ops/nixos/lib/vault-agent.nix b/ops/nixos/lib/vault-agent.nix
index 925fee316f..326c4ad913 100644
--- a/ops/nixos/lib/vault-agent.nix
+++ b/ops/nixos/lib/vault-agent.nix
@@ -89,10 +89,10 @@ in
       };
 
       mounts = lib.optional (config.my.vault.bindMountStateTo != null) {
-        unitConfig.RequiresMountsFor = "${config.my.vault.bindMountStateTo} /var/lib/private/vault-agent";
+        unitConfig.RequiresMountsFor = "${config.my.vault.bindMountStateTo} /var/lib";
         options = "bind";
         what = config.my.vault.bindMountStateTo;
-        where = "/var/lib/private/vault-agent";
+        where = "/var/lib/vault-agent";
         requiredBy = [ "vault-agent.service" ];
         before = [ "vault-agent.service" ];
         wantedBy = [ "vault-agent.service" ];