From 16d25ab6e86ab301138a64d17fe906e414858415 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Sun, 21 Jul 2024 17:57:13 +0200
Subject: [PATCH] root-password: fix password-store support

---
 clanModules/root-password/default.nix | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/clanModules/root-password/default.nix b/clanModules/root-password/default.nix
index 38cc9f890..9c901f30e 100644
--- a/clanModules/root-password/default.nix
+++ b/clanModules/root-password/default.nix
@@ -1,9 +1,18 @@
-{ pkgs, config, ... }:
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
 {
   users.mutableUsers = false;
   users.users.root.hashedPasswordFile =
     config.clan.core.facts.services.root-password.secret.password-hash.path;
-  sops.secrets."${config.clan.core.machineName}-password-hash".neededForUsers = true;
+
+  sops.secrets."${config.clan.core.machineName}-password-hash".neededForUsers = lib.mkIf (
+    config.clan.core.facts.secretStore == "sops"
+  ) true;
+
   clan.core.facts.services.root-password = {
     secret.password = { };
     secret.password-hash = { };