password: Don't delete hashes immediately
This commit is contained in:
parent
f664b51c85
commit
2329d67d16
|
@ -120,12 +120,14 @@ in
|
||||||
|
|
||||||
${lib.strings.concatLines (builtins.map syncPasswordStore passwords)}
|
${lib.strings.concatLines (builtins.map syncPasswordStore passwords)}
|
||||||
|
|
||||||
comm -23 <(sudo find ${passwordStoreDir} -type f | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file
|
comm -23 <(sudo find ${passwordStoreDir} -type f -ctime +60 | sort) <(echo ${lib.strings.escapeShellArg (lib.strings.concatLines allFilenames)} | sort) | while read -r file
|
||||||
do
|
do
|
||||||
echo Removing "$file" from password store
|
echo Removing "$file" from password store
|
||||||
sudo rm "$file"
|
sudo rm "$file"
|
||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
|
# -ctime +60 is so it is possible to boot from previous nixpkgs without missing transform hashes
|
||||||
|
# TODO Find a better mechanism, maybe à la bootspec, or something compatible with cross-arch
|
||||||
})} $out/bin/
|
})} $out/bin/
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue