fix: agenix failed to decrypt secrets when booting

secrets/nixos.nix

@@ -17,7 +17,9 @@
 
   # if you changed this key, you need to regenerate all encrypt files from the decrypt contents!
   age.identityPaths = [
-    "/home/${username}/.ssh/juliet-age" # Linux
+    # To decrypt secrets on boot, this key should exists when the system is booting,
+    # so we should use the real key file path(prefixed by `/persistent/`) here, instead of the path mounted by impermanence.
+    "/persistent/home/${username}/.ssh/juliet-age" # Linux
   ];
 
   # Used only by NixOS Modules