V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

var/errors.var.sh

@@ -60,6 +60,7 @@ declare -girx ERR_VERIFY_LOGROTATE=213  # Error verification by 'logrotate'.
 declare -girx ERR_READ_AUTH_FILE=212    # Error reading the Luks Backup auth token file.
 declare -girx ERR_ACCOUNT_CREATE=211    # Error creating user accounts.
 declare -girx ERR_LUKS_HEADER_ENC=210   # Error encrypting LUKS Header backup.
+declare -girx ERR_DECRYPTION_SOPS=132   # An error occurred while decrypting SECRETS.yaml.
 declare -girx ERR_MISSING_AGE_BIN=130   # SOPS binary for decryption SECRETS.yaml missing.
 declare -girx ERR_MISSING_AGE_KEY=129   # AGE key for decryption SECRETS.yaml values missing.
 declare -girx ERR_GUARD_SOURCE=128      # Module tried to load twice.

var/global.var.sh

@@ -54,9 +54,9 @@ declare -grx VAR_SETUP_PART="${DIR_CNF}/partitioning.yaml"
 # shellcheck disable=SC2034
 declare -gA   CISS_SECRETS_MAP=()                           # YAML path (w/o '.value' and without 'secrets.') -> varname.
 # shellcheck disable=SC2034
-declare -g    CISS_SECRETS_AGE=""                           # AGE PRIVATE Keyfile to decrypt SOPS encrypted values.
+declare -g    CISS_SECRETS_AGE="/root/.config/sops/age/keys.txt" # AGE PRIVATE Keyfile to decrypt SOPS encrypted values.
 # shellcheck disable=SC2034
-declare -gr   CISS_SECRETS_SOURCE="${DIR_CNF}/SECRETS.yaml" # Effective YAML source used (plain or decrypted stream)
+declare -gr   CISS_SECRETS_SOURCE="${DIR_CNF}/SECRETS.yaml"      # Effective YAML source used (plain or decrypted stream)
 # shellcheck disable=SC2034
 declare -g    CISS_SECRETS_XFILES=""                        # Derived from SOPS presence heuristic.