From 2329d67d166274656cc855d5b2e73c3b6af3564c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Geoffrey=20=E2=80=9CFrogeye=E2=80=9D=20Preud=27homme?= Date: Fri, 12 Jul 2024 23:05:44 +0200 Subject: [PATCH] password: Don't delete hashes immediately --- os/password/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/os/password/default.nix b/os/password/default.nix index 4cfa97e..79ef330 100644 --- a/os/password/default.nix +++ b/os/password/default.nix @@ -120,12 +120,14 @@ in ${lib.strings.concatLines (builtins.map syncPasswordStore passwords)} - comm -23 <(sudo find ${passwordStoreDir} -type f | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file + comm -23 <(sudo find ${passwordStoreDir} -type f -ctime +60 | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file do echo Removing "$file" from password store sudo rm "$file" done ''; + # -ctime +60 is so it is possible to boot from previous nixpkgs without missing transform hashes + # TODO Find a better mechanism, maybe à la bootspec, or something compatible with cross-arch })} $out/bin/ ''; };