mynix/agenix
1
0
Fork 0
mirror of https://github.com/ryantm/agenix.git synced 2024-11-22 09:40:47 +03:00
Code Issues Projects Releases Packages Wiki Activity

add notice about root-owned secrets

Browse source
This commit is contained in:
Ryan Mulligan 2020-12-18 10:09:17 -08:00
parent 0650e51720
commit fbd9e29ac9
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -17,6 +17,10 @@ All files in the Nix store are readable by any system user, so it is not a suita
* Very little code, so it should be easy for you to audit
* Encrypted secrets are stored in the Nix store, so a separate distribution mechanism is not necessary
## Notices
* If you want to manage user's hashed passwords, you must use a version of NixOS with [commit e6b8587](https://github.com/NixOS/nixpkgs/commit/e6b8587b25a19528695c5c270e6ff1c209705c31), so the root-owned secrets can be decrypted before the user activation script runs. Currently only available on `unstable`.
## Installation
Choose one of the following methods: