From be7bad2c1221f57f4600f732ba31349e8e872a50 Mon Sep 17 00:00:00 2001
From: Ryan Mulligan <ryan@ryantm.com>
Date: Fri, 18 Dec 2020 19:23:47 -0800
Subject: [PATCH] use only ~/.ssh/id_rsa and ~/.ssh/id_ed25519 for decryption

fixes #5
---
 pkgs/agenix.nix | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/pkgs/agenix.nix b/pkgs/agenix.nix
index cae142a..ec4bcd8 100644
--- a/pkgs/agenix.nix
+++ b/pkgs/agenix.nix
@@ -105,10 +105,12 @@ function edit {
     if [ -f "$FILE" ]
     then
         DECRYPT=("''${DEFAULT_DECRYPT[@]}")
-        while IFS= read -r key
-        do
-            DECRYPT+=(--identity "$key")
-        done <<<"$((find ~/.ssh -maxdepth 1 -type f -not -name "*pub" -not -name "config" -not -name "authorized_keys" -not -name "known_hosts") || exit 1)"
+        if [ -f "$HOME/.ssh/id_rsa" ]; then
+            DECRYPT+=(--identity "$HOME/.ssh/id_rsa")
+        fi
+        if [ -f "$HOME/.ssh/id_ed25519" ]; then
+            DECRYPT+=(--identity "$HOME/.ssh/id_ed25519")
+        fi
         DECRYPT+=(-o "$CLEARTEXT_FILE" "$FILE")
         ${ageBin} "''${DECRYPT[@]}" || exit 1
         cp "$CLEARTEXT_FILE" "$CLEARTEXT_FILE.before"