Enhance zitadel-mint-jwt service: add restart, resolved, runtime dir

2026-01-04 23:26:13 -06:00 · 2026-01-04 23:26:13 -06:00 · 99852eb7b9
commit 99852eb7b9
parent 39e99de976
4 changed files with 29 additions and 16 deletions
--- a/hosts/juni/impermanence.nix
+++ b/hosts/juni/impermanence.nix
@ -22,14 +22,12 @@
    files = [
      "/machine-key.json"
      "/etc/machine-id"
-      "/etc/resolv.conf" # TODO describe
-      "/etc/shadow" # keep passwords
-      "/etc/group"
-      "/etc/passwd"
-      "/etc/sudoers"
-      "/etc/localtime"
-      "/etc/timezone"
-      "/etc/adjtime"
+      # NOTE: if you want mutable passwords across reboots, persist these,
+      # but you must do a one-time migration (see notes in chat).
+      # "/etc/shadow"
+      # "/etc/group"
+      # "/etc/passwd"
+      # "/etc/sudoers"
    ];
    users."${primaryUser}" = {
      directories = [