terraform/all-in-one: fix zfs decrypt example

2024-08-16 11:50:24 +03:00 · 2024-05-31 07:29:42 +02:00 · 2024-05-31 07:29:42 +02:00 · 1fdbe4cdcd
commit 1fdbe4cdcd
parent 8b907bb53c
1 changed files with 3 additions and 3 deletions
--- a/terraform/all-in-one.md
+++ b/terraform/all-in-one.md
@ -48,7 +48,7 @@ mkdir -p etc/ssh var/lib/secrets
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 umask 0177
-sops --extract '["initrd_ssh_key"]' -d "$SCRIPT_DIR/secrets.yaml" >./var/lib/secrets/initrd_ssh_key
+sops --extract '["initrd_ssh_key"]' --decrypt "$SCRIPT_DIR/secrets.yaml" >./var/lib/secrets/initrd_ssh_key
 # restore umask
 umask 0022
@ -59,7 +59,7 @@ for keyname in ssh_host_rsa_key ssh_host_rsa_key.pub ssh_host_ed25519_key ssh_ho
  else
    umask 0177
  fi
-  sops --extract '["'$keyname'"]' -d "$SCRIPT_DIR/secrets.yaml" >"./etc/ssh/$keyname"
+  sops --extract '["'$keyname'"]' --decrypt "$SCRIPT_DIR/secrets.yaml" >"./etc/ssh/$keyname"
 done
 ```
@ -72,7 +72,7 @@ set -euo pipefail
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 cd "$SCRIPT_DIR"
-sops --extract '["zfs-key"]' -d "$SCRIPT_DIR/secrets.yaml" >"./etc/ssh/$keyname"
+sops --extract '["zfs-key"]' --decrypt "$SCRIPT_DIR/secrets.yaml"
 ```
 ## See also