This website requires JavaScript.
Explore
Help
Sign In
payas
/
nixos
Archived
Watch
1
Star
0
Fork
You've already forked nixos
0
Code
Issues
1
Pull requests
Projects
Releases
Packages
Wiki
Activity
This repository has been archived on
2024-03-26
. You can view files and clone it, but cannot push or open issues or pull requests.
13bdffe9fd
nixos
/
.gitignore
2 lines
13 B
Text
Raw
Normal View
History
Unescape
Escape
Setup secrets management using agenix agenix uses age (a utility + standard) that encrypts secrets using ssh key. This simplifies secrets management quite a bit compared to GPG (my attempts for which have failed so far). Changes included: - Encrypt all current keys (mail, backups) using age, configured via agenix - All encrypted keys are committed to git repo and decrypted during boot - None of the keys are used anywhere just yet. They will replace file paths in future commit after testing - Decrypted keys are available after boot under user name with read-only permissions at default agenix location (as of this commit) - The Nix variable path is provided by agenix and can be used instead of having to recreate - multiple keys can be specified for single key, but for now I am only using one For now, the code is dirty and can definitely use improvements. It is just at a place where it is all working right now. TODO: Get age + agenix in environment packages available at runtime in NixOS Links: - https://github.com/ryantm/agenix - https://github.com/hlissner/dotfiles
2022-02-22 03:01:29 +05:30
**/secrets/*
Reference in a new issue
Copy permalink