The issue with activation script is the order is alphabetical, meaning the order the script is assembled is not really set in stone.
Here, because the script had a name starting with restic, it was ran before the sops secret generation script. And since the restic script was trying to use the secrets, it failed.
And if the activation script fails, you get a kernel panic.
The issue with activation script is the order is alphabetical, meaning the order the script is assembled is not really set in stone.
Here, because the script had a name starting with
restic, it was ran before thesopssecret generation script. And since the restic script was trying to use the secrets, it failed.And if the activation script fails, you get a kernel panic.