mirror of
https://github.com/ryantm/agenix.git
synced 2024-11-22 17:50:48 +03:00
Merge pull request #34 from edrex/patch-1
Extend the tutorial to describe location of decrypted secrets
This commit is contained in:
commit
c12ac8b6f3
1 changed files with 3 additions and 0 deletions
|
@ -161,8 +161,11 @@ but, if you want to (change the system based on your system):
|
||||||
```nix
|
```nix
|
||||||
age.secrets.secret1.file = ../secrets/secret1.age;
|
age.secrets.secret1.file = ../secrets/secret1.age;
|
||||||
```
|
```
|
||||||
|
|
||||||
5. NixOS rebuild or use your deployment tool like usual.
|
5. NixOS rebuild or use your deployment tool like usual.
|
||||||
|
|
||||||
|
The secret will be decrypted to the value of `age.secrets.secret1.path` (`/run/secrets/secret1` by default). For per-secret options controlling ownership etc, see [modules/age.nix](modules/age.nix).
|
||||||
|
|
||||||
## Rekeying
|
## Rekeying
|
||||||
|
|
||||||
If you change the public keys in `secrets.nix`, you should rekey your
|
If you change the public keys in `secrets.nix`, you should rekey your
|
||||||
|
|
Loading…
Reference in a new issue