From 46fd15a3665a4dc3094c51bb5390bdf77ca06e04 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Sun, 21 Jul 2024 18:21:37 +0200
Subject: [PATCH] also fix user-password with password-store

---
 clanModules/root-password/default.nix | 6 +++---
 clanModules/user-password/default.nix | 6 +++++-
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/clanModules/root-password/default.nix b/clanModules/root-password/default.nix
index 9c901f30e..a340730e3 100644
--- a/clanModules/root-password/default.nix
+++ b/clanModules/root-password/default.nix
@@ -9,9 +9,9 @@
   users.users.root.hashedPasswordFile =
     config.clan.core.facts.services.root-password.secret.password-hash.path;
 
-  sops.secrets."${config.clan.core.machineName}-password-hash".neededForUsers = lib.mkIf (
-    config.clan.core.facts.secretStore == "sops"
-  ) true;
+  sops.secrets = lib.mkIf (config.clan.core.facts.secretStore == "sops") {
+    "${config.clan.core.machineName}-password-hash".neededForUsers = true;
+  };
 
   clan.core.facts.services.root-password = {
     secret.password = { };
diff --git a/clanModules/user-password/default.nix b/clanModules/user-password/default.nix
index f76c7f397..14b1f0177 100644
--- a/clanModules/user-password/default.nix
+++ b/clanModules/user-password/default.nix
@@ -23,7 +23,11 @@
     users.mutableUsers = false;
     users.users.${config.clan.user-password.user}.hashedPasswordFile =
       config.clan.core.facts.services.user-password.secret.user-password-hash.path;
-    sops.secrets."${config.clan.core.machineName}-user-password-hash".neededForUsers = true;
+
+    sops.secrets = lib.mkIf (config.clan.core.facts.secretStore == "sops") {
+      "${config.clan.core.machineName}-user-password-hash".neededForUsers = true;
+    };
+
     clan.core.facts.services.user-password = {
       secret.user-password = { };
       secret.user-password-hash = { };