From 3418988c830aa68d63778e78e35d049151f3aabc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= <raphael@numbus.eu>
Date: Fri, 2 Jan 2026 20:41:37 +0100
Subject: [PATCH] typo on boot*.nix and debugging disk unlocking

---
 deploy.sh                             | 13 ++++++-------
 templates/nix-config/disks/boot-2.nix |  3 ++-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index b8791b3..6dc3671 100644
--- a/deploy.sh
+++ b/deploy.sh
@@ -474,7 +474,6 @@ EOF
   echo -e "\n\n✅  Generating disko configuration from templates..."
   local TEMPLATE_FILE="templates/nix-config/disks/boot-${#BOOT_DISKS_ID[@]}.nix"
   (envsubst < "$TEMPLATE_FILE") > final-nix-config/etc/nixos/disks/disko.nix
-
   # Striped configuration
   if [[ "$CONTENT_DISK_NUMBER" -eq 1 && "$PARITY_DISK_NUMBER" -eq 0 ]]; then
     export j="1"
@@ -536,28 +535,28 @@ EOF
 
 ### --> Generate unlock keys
   for i in $(seq 1 "${#BOOT_DISKS_ID[@]}"); do
-    PASS="$(xkcdpass -d "-")"
+    PASS="$(xkcdpass -n 1)"
     echo -n "$PASS" > "final-nix-config/etc/secrets/disks/boot-disk-${i}"
     chmod 600 "final-nix-config/etc/secrets/disks/boot-disk-${i}"
     ssh_to_host 'bash -s' << EOF
 echo "$REMOTE_PASS" | sudo -S mkdir -p /etc/secrets/disks/
-echo "$REMOTE_PASS" | sudo -S bash -c "echo '$PASS' > /etc/secrets/disks/boot-disk-${i}"
+echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/boot-disk-${i}"
 EOF
   done
   for i in $(seq 1 "$CONTENT_DISK_NUMBER"); do
-    PASS="$(xkcdpass -d "-")"
+    PASS="$(xkcdpass -n 1)"
     echo -n "$PASS" > "final-nix-config/etc/secrets/disks/content-disk-${i}"
     chmod 600 "final-nix-config/etc/secrets/disks/content-disk-${i}"
     ssh_to_host 'bash -s' << EOF
-echo "$REMOTE_PASS" | sudo -S bash -c "echo '$PASS' > /etc/secrets/disks/content-disk-${i}"
+echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/content-disk-${i}"
 EOF
   done
   for i in $(seq 1 "$PARITY_DISK_NUMBER"); do
-    PASS="$(xkcdpass -d "-")"
+    PASS="$(xkcdpass -n 1)"
     echo -n "$PASS" > "final-nix-config/etc/secrets/disks/parity-disk-${i}"
     chmod 600 "final-nix-config/etc/secrets/disks/parity-disk-${i}"
       ssh_to_host 'bash -s' << EOF
-echo "$REMOTE_PASS" | sudo -S bash -c "echo '$PASS' > /etc/secrets/disks/parity-disk-${i}"
+echo "$REMOTE_PASS" | sudo -S bash -c "printf '%s' '$PASS' > /etc/secrets/disks/parity-disk-${i}"
 EOF
   done
 
diff --git a/templates/nix-config/disks/boot-2.nix b/templates/nix-config/disks/boot-2.nix
index 58ef827..f6e7402 100644
--- a/templates/nix-config/disks/boot-2.nix
+++ b/templates/nix-config/disks/boot-2.nix
@@ -24,7 +24,7 @@
                 type = "luks";
                 name = "crypted-boot-1";
                 settings = {
-                  keyFile = "/etc/secrets/disks/boot-disk-2";
+                  keyFile = "/etc/secrets/disks/boot-disk-1";
                   allowDiscards = true;
                 };
               };
@@ -44,6 +44,7 @@
                 type = "luks";
                 name = "crypted-boot-2";
                 settings = {
+                  keyFile = "/etc/secrets/disks/boot-disk-2";
                   allowDiscards = true;
                 };
                 content = {