The default value for clanDir did not make sense, as it pointed to the directory of the module definition
Also, we should not have a default at this level as all.
Home should not always be set by default.
In the UI we can suggest it, but it catches a lot of state you might not
want to back up.
The default has been moved to be automatically set by vm's in `vm.nix`.
This filters the secrets to only include the secrets managed under `per-machine` and `shared`,
otherwise new deployments will fail, when using the vars module for multiple machines:
```
[vyr] /nix/store/[…]sops-install-secrets: failed to decrypt '/nix/store/[…]/sops/vars/per-machine/draper/garage/admin_token/secret': Error getting data key: 0 successful groups required, got 0
```
This doesn't fix all the edge cases with this approach.
We get a similar error if we deploy shared vars that are not
encrypted for our machine key. This needs to be addressed when
implementing the shared vars functionality.
This reverts commit afbd4a984d.
The old configuration cannot be updated like this:
eve] error:
[eve] … while calling the 'head' builtin
[eve] at /nix/store/5b0hl2dnvr1sawqlkwmsnaiyqz00d34h-source/lib/attrsets.nix:1575:11:
[eve] 1574| || pred here (elemAt values 1) (head values) then
[eve] 1575| head values
[eve] | ^
[eve] 1576| else
[eve]
[eve] … while evaluating the attribute 'value'
[eve] at /nix/store/5b0hl2dnvr1sawqlkwmsnaiyqz00d34h-source/lib/modules.nix:809:9:
[eve] 808| in warnDeprecation opt //
[eve] 809| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
[eve] | ^
[eve] 810| inherit (res.defsFinal') highestPrio;
[eve]
[eve] … while evaluating the option `system.build.toplevel':
[eve]
[eve] … while evaluating definitions from `/nix/store/5b0hl2dnvr1sawqlkwmsnaiyqz00d34h-source/nixos/modules/system/activation/top-level.nix':
[eve]
[eve] … while evaluating the option `assertions':
[eve]
[eve] … while evaluating definitions from `/nix/store/5b0hl2dnvr1sawqlkwmsnaiyqz00d34h-source/nixos/modules/system/boot/systemd.nix':
[eve]
[eve] … while evaluating the option `systemd.services':
[eve]
[eve] … while evaluating definitions from `/nix/store/kpzcdgndym0qm1w490mjvk9c2qmz03h5-source/nixosModules/clanCore/zerotier':
[eve]
[eve] … while evaluating the option `clan.core.networking.zerotier.networkId':
[eve]
[eve] (stack trace truncated; use '--show-trace' to show the full, detailed trace)
[eve]
[eve] error: A definition for option `clan.core.networking.zerotier.networkId' is not of type `null or string'. Definition values:
[eve] - In `/nix/store/kpzcdgndym0qm1w490mjvk9c2qmz03h5-source/nixosModules/clanCore/networking.nix':
[eve] {
[eve] _type = "override";
[eve] content = "267efd4a15b69623";
[eve] priorit
If we have no sandbox enabled or on macos with sandbox enabled, /etc
contains a lot more files than we actually want.
Instead of copying some random files, we now just create those files
ourself.
