nixos/common: make the EnvironmentFile optional to avoid... problems
In general, it's better for us to fail to pass credentials to the Nix daemon than it is for the Nix daemon to fail to start up entirely. We will restart the daemon once the secrets have been delivered anyway.
This commit is contained in:
parent
c9ffb4ed3e
commit
829d179d37
1 changed files with 2 additions and 1 deletions
|
@ -283,7 +283,8 @@ in
|
||||||
group = "root";
|
group = "root";
|
||||||
reloadOrRestartUnits = [ "nix-daemon.service" ];
|
reloadOrRestartUnits = [ "nix-daemon.service" ];
|
||||||
};
|
};
|
||||||
systemd.services.nix-daemon.serviceConfig.EnvironmentFile = config.my.vault.secrets.nix-daemon.path;
|
# - prefix to make the file existing optional.
|
||||||
|
systemd.services.nix-daemon.serviceConfig.EnvironmentFile = "-${config.my.vault.secrets.nix-daemon.path}";
|
||||||
|
|
||||||
services.fwupd.enable = true;
|
services.fwupd.enable = true;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue