fix issues

flakes/common/hm_modules/ssh.nix

@@ -4,11 +4,10 @@
   ...
 }:
 let
-  inherit (osConfig) age;
   hasSecret =
     secret:
     let
-      secrets = age.secrets or { };
+      secrets = osConfig.age.secrets or { };
     in
     secrets ? ${secret} && secrets.${secret} != null;
 in
@@ -39,39 +38,39 @@ in
 
       # EXTERNAL
       "github.com" = lib.mkIf (hasSecret "nix2github") {
-        identityFile = age.secrets.nix2github.path;
+        identityFile = osConfig.age.secrets.nix2github.path;
       };
       "bitbucket.org" = lib.mkIf (hasSecret "nix2bitbucket") {
-        identityFile = age.secrets.nix2bitbucket.path;
+        identityFile = osConfig.age.secrets.nix2bitbucket.path;
       };
       "git.joshuabell.xyz" = {
-        identityFile = lib.mkIf (hasSecret "nix2gitforgejo") age.secrets.nix2gitforgejo.path;
+        identityFile = lib.mkIf (hasSecret "nix2gitforgejo") osConfig.age.secrets.nix2gitforgejo.path;
         user = "git";
       };
       # PERSONAL DEVICES
       "lio" = {
-        identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
+        identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path;
         user = "josh";
       };
       "lio_" = {
-        identityFile = lib.mkIf (hasSecret "nix2lio") age.secrets.nix2lio.path;
+        identityFile = lib.mkIf (hasSecret "nix2lio") osConfig.age.secrets.nix2lio.path;
         hostname = "10.12.14.116";
         user = "josh";
       };
       "oren" = {
-        identityFile = lib.mkIf (hasSecret "nix2oren") age.secrets.nix2oren.path;
+        identityFile = lib.mkIf (hasSecret "nix2oren") osConfig.age.secrets.nix2oren.path;
         user = "josh";
       };
       "juni" = {
-        identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
+        identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
         user = "josh";
       };
       "gp3" = {
-        identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") age.secrets.nix2gpdPocket3.path;
+        identityFile = lib.mkIf (hasSecret "nix2gpdPocket3") osConfig.age.secrets.nix2gpdPocket3.path;
         user = "josh";
       };
       "t" = {
-        identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
+        identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path;
         user = "joshua.bell";
         localForwards = [
           {
@@ -85,7 +84,7 @@ in
         };
       };
       "t_" = {
-        identityFile = lib.mkIf (hasSecret "nix2t") age.secrets.nix2t.path;
+        identityFile = lib.mkIf (hasSecret "nix2t") osConfig.age.secrets.nix2t.path;
         hostname = "10.12.14.181";
         user = "joshua.bell";
         localForwards = [
@@ -101,54 +100,54 @@ in
       };
       # HOME SERVERS
       "h001" = {
-        identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
+        identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path;
         user = "luser";
       };
       "h001_" = {
-        identityFile = lib.mkIf (hasSecret "nix2h001") age.secrets.nix2h001.path;
+        identityFile = lib.mkIf (hasSecret "nix2h001") osConfig.age.secrets.nix2h001.path;
         hostname = "10.12.14.10";
         user = "luser";
       };
       "h002" = {
-        identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
+        identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
         user = "luser";
       };
       "h002_" = {
-        identityFile = lib.mkIf (hasSecret "nix2nix") age.secrets.nix2nix.path;
+        identityFile = lib.mkIf (hasSecret "nix2nix") osConfig.age.secrets.nix2nix.path;
         hostname = "10.12.14.183";
         user = "luser";
       };
       "h003" = {
-        identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
+        identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path;
         hostname = "10.12.14.1";
         user = "luser";
       };
       "h003_" = {
-        identityFile = lib.mkIf (hasSecret "nix2h003") age.secrets.nix2h003.path;
+        identityFile = lib.mkIf (hasSecret "nix2h003") osConfig.age.secrets.nix2h003.path;
         user = "luser";
       };
       # LINODE SERVERS
       "l001" = {
-        identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
+        identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
         hostname = "172.236.111.33"; # Not on the tailscale network it is the primary host
         user = "root";
       };
       "l002_" = {
-        identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
+        identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
         hostname = "172.234.26.141";
         user = "root";
       };
       "l002" = {
-        identityFile = lib.mkIf (hasSecret "nix2linode") age.secrets.nix2linode.path;
+        identityFile = lib.mkIf (hasSecret "nix2linode") osConfig.age.secrets.nix2linode.path;
         user = "root";
       };
       # ORACLE SERVERS
       "o001" = {
-        identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
+        identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path;
         user = "root";
       };
       "o001_" = {
-        identityFile = lib.mkIf (hasSecret "nix2oracle") age.secrets.nix2oracle.path;
+        identityFile = lib.mkIf (hasSecret "nix2oracle") osConfig.age.secrets.nix2oracle.path;
         hostname = "64.181.210.7";
         user = "root";
       };

flakes/common/nix_modules/tailnet.nix

@@ -4,6 +4,14 @@
   lib,
   ...
 }:
+let
+  hasSecret =
+    secret:
+    let
+      secrets = config.age.secrets or { };
+    in
+    secrets ? ${secret} && secrets.${secret} != null;
+in
 {
   environment.systemPackages = with pkgs; [ tailscale ];
   boot.kernelModules = [ "tun" ];
@@ -12,7 +20,7 @@
     enable = true;
     openFirewall = true;
     useRoutingFeatures = "client";
-    authKeyFile = config.age.secrets.headscale_auth.path;
+    authKeyFile = lib.mkIf (hasSecret "headscale_auth") config.age.secrets.headscale_auth.path;
     extraUpFlags = [
       "--login-server=https://headscale.joshuabell.xyz"
     ];

hosts/juni/flake.lock

@@ -6,11 +6,11 @@
       },
       "locked": {
         "dir": "flakes/beszel",
-        "lastModified": 1767737541,
-        "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
+        "lastModified": 1767743368,
+        "narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
         "ref": "refs/heads/master",
-        "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
-        "revCount": 1078,
+        "rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
+        "revCount": 1086,
         "type": "git",
         "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
       },
@@ -38,20 +38,14 @@
     },
     "common": {
       "locked": {
-        "dir": "flakes/common",
-        "lastModified": 1767737953,
-        "narHash": "sha256-rHqjhsGc8iInvJ7tw3jqS6H3U0Z6TTYU6fMyiErNnNs=",
-        "ref": "refs/heads/master",
-        "rev": "8cd92aaba4d4db2d605f597eb68f501b9069efee",
-        "revCount": 1080,
-        "type": "git",
-        "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
+        "path": "../../flakes/common",
+        "type": "path"
       },
       "original": {
-        "dir": "flakes/common",
-        "type": "git",
-        "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
-      }
+        "path": "../../flakes/common",
+        "type": "path"
+      },
+      "parent": []
     },
     "de_plasma": {
       "inputs": {
@@ -73,11 +67,11 @@
       },
       "locked": {
         "dir": "flakes/flatpaks",
-        "lastModified": 1767737541,
-        "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
+        "lastModified": 1767743368,
+        "narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
         "ref": "refs/heads/master",
-        "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
-        "revCount": 1078,
+        "rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
+        "revCount": 1086,
         "type": "git",
         "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
       },
@@ -1141,11 +1135,11 @@
       },
       "locked": {
         "dir": "flakes/opencode",
-        "lastModified": 1767737541,
-        "narHash": "sha256-7e8xFdNxTJpP8X85gJ/l5czveU3qKw8VUK889BYHsP8=",
+        "lastModified": 1767743368,
+        "narHash": "sha256-mdCzyG8OHo7XNaqN9fKQjoZO8/w6/grgisexOsUcrKI=",
         "ref": "refs/heads/master",
-        "rev": "abf8f5381d683a3968239206d69b0a5ad6852799",
-        "revCount": 1078,
+        "rev": "c223dedb701601f1b19e1c347396d19ca7aeb418",
+        "revCount": 1086,
         "type": "git",
         "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
       },

hosts/juni/flake.nix

@@ -9,8 +9,8 @@
     impermanence.url = "github:nix-community/impermanence";
 
     # Use relative to get current version for testin
-    # common.url = "path:../../flakes/common";
-    common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
+    common.url = "path:../../flakes/common";
+    # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
     # secrets-bao.url = "path:../../flakes/secrets-bao";
     # NOTE: using an absolute path so this works before you commit/push.
     # After you add `flakes/secrets-bao` to the repo, switch to a git URL like your other flakes.