install: cleanup key and secrets handling

install.sh

@@ -30,12 +30,12 @@ trap cleanup EXIT
 
 # Decrypt secureboot keys using the key in the repo
 echo "Decrypting secureboot keys..."
-if [[ ! -f "$FLAKE_DIR/usb-secrets/usb-secrets/usb-secrets-key" ]]; then
-    echo "Error: usb-secrets-key not found at $FLAKE_DIR/usb-secrets/usb-secrets/usb-secrets-key"
+if [[ ! -f "$FLAKE_DIR/usb-secrets/usb-secrets-key" ]]; then
+    echo "Error: usb-secrets-key not found at $FLAKE_DIR/usb-secrets/usb-secrets-key"
     exit 1
 fi
 
-nix-shell -p age --run "age -d -i '$FLAKE_DIR/usb-secrets/usb-secrets/usb-secrets-key' '$FLAKE_DIR/secrets/secureboot.tar.age'" | \
+nix-shell -p age --run "age -d -i '$FLAKE_DIR/usb-secrets/usb-secrets-key' '$FLAKE_DIR/secrets/secureboot.tar.age'" | \
     tar -x -C /tmp/secureboot
 
 echo "Secureboot keys extracted"
@@ -56,4 +56,4 @@ sudo $DISKO_INSTALL \
     --flake "$FLAKE_DIR#muffin" \
     --disk main "$DISK" \
     --extra-files /tmp/secureboot /etc/secureboot \
-    --extra-files "$FLAKE_DIR/usb-secrets/usb-secrets" /mnt/usb-secrets
+    --extra-files "$FLAKE_DIR/usb-secrets/usb-secrets-key" /mnt/usb-secrets/usb-secrets-key