Commit graph

300 commits

Author SHA1 Message Date
Ellis Gibbons
2c1d1fb134
fix: allow for newlines in keys 2024-04-12 17:50:07 -04:00
Cole Helbling
1381a759b2
Merge pull request #254 from oluceps/fix-doc
doc: fix wrong `ssh-keyscan` usage
2024-04-02 10:31:00 -07:00
oluceps
3fd98a2c3b
doc: fix wrong ssh-keyscan usage 2024-04-03 01:00:02 +08:00
Ryan Mulligan
8cb01a0e71
Merge pull request #244 from kraem/fix/rage_to_age_docs
fix: update docs for 5c1198a
2024-02-13 05:27:47 -08:00
kraem
1f62cef426 fix: update docs for 5c1198a 2024-02-07 08:48:49 +01:00
Ryan Mulligan
417caa847f
Merge pull request #232 from ryantm/rtm-12-23-test
dev: reland add direct tests for agenix
2023-12-24 08:04:03 -08:00
Ryan Mulligan
a23aa271be dev: reland add direct tests for agenix
Why
===
* We'd like some tests for the CLI
* Last time we tried it failed on macos

What changed
===
* This time, we try to create the temp diretory in a way that works
with macos too
2023-12-23 14:47:15 -08:00
Ryan Mulligan
bc24f2e510 Revert "Revert "contrib: add direct tests for agenix ""
This reverts commit 08dc5068e6.
2023-12-23 14:43:03 -08:00
Ryan Mulligan
457669db42
Merge pull request #230 from ryantm/rtm-12-20-age
feat: switch from rage to age
2023-12-23 14:40:41 -08:00
Nathan Henrie
6ce42cc768 Fix CI for darwin
nix-darwin is detecting `/etc/nix/nix.conf` from the
cachix/install-nix-action and refusing to overwrite it, failing the
nix-darwin activation and therefore the rest of CI.

This commit `mv`s the existing `nix.conf` to avoid the above, and then
adds support for new-style nix commands and flakes to the nix-darwin
configuration to allow their subsequent use in CI.

It also removes the nix config from the `cachix/install-nix-action`
step, which was duplicated effort since we are blowing it away with
nix-darwin anyway.

Relevant:

- https://github.com/LnL7/nix-darwin/issues/149
2023-12-23 14:10:44 -08:00
Ryan Mulligan
23d4d5d291 maybe this fixes darwin checks? 2023-12-23 14:10:06 -08:00
Ryan Mulligan
b6aa6180db test removing installer 2023-12-23 14:10:06 -08:00
Ryan Mulligan
58017c0c93 update inputs 2023-12-23 14:10:06 -08:00
Ryan Mulligan
bd86c06961 fix doc build 2023-12-23 14:10:02 -08:00
Ryan Mulligan
eb3b5cf4fd update nixpkgs 2023-12-23 14:09:16 -08:00
Ryan Mulligan
5c1198a352 feat: switch from rage to age
Why
===
* Someone said age works better with password protected keys,
requiring entering the password less often.
* We switched to rage from age in
07ce686870
because it was limiting recipients to 20. This was fixed
https://github.com/FiloSottile/age/issues/139

What changed
===
* Switch from rage back to age (the reference implementation) in all
the spots
* Update the docs to show how to switch back to Rage
* Skip keys that are empty files, which fixes the integration test.
2023-12-23 14:09:16 -08:00
Ryan Mulligan
9bc80dc4ce
Merge pull request #229 from ryantm/rtm-12-20-flake
dev: remove i686 support; simplify flake
2023-12-23 14:08:24 -08:00
Ryan Mulligan
d0d4ad5be6
Merge pull request #231 from ryantm/revert-163-rtm-2-21-recursive-nix
Revert "contrib: add direct tests for agenix "
2023-12-22 07:48:36 -08:00
Ryan Mulligan
08dc5068e6
Revert "contrib: add direct tests for agenix " 2023-12-22 07:48:06 -08:00
Ryan Mulligan
17090d105a
Merge pull request #163 from ryantm/rtm-2-21-recursive-nix
contrib: add direct tests for agenix
2023-12-20 13:19:59 -08:00
Ryan Mulligan
097aa18b59 contrib: add direct tests for agenix
These tests are MUCH faster than the NixOS tests.
2023-12-20 13:06:57 -08:00
Ryan Mulligan
344f985526 dev: remove i686 support; simplify flake
Why
===
* flake.nix had a lot of almost redundant lines in it.
* i686 support is probably being dropped soon in nixpkgs
https://github.com/NixOS/nixpkgs/pull/266164

What changed
==
* Add new input nix-systems/default which represents the default
systems typically used in the Nix community
* Define and use an eachSystem function that simplifies the flake.nix file
2023-12-20 08:56:05 -08:00
Ryan Mulligan
564595d0ad version 0.15.0 2023-12-20 08:33:16 -08:00
Ryan Mulligan
b7e0494b10
Merge pull request #224 from SamueleFacenda/SamueleFacenda-change-keys-functions
Update keys functions in agenix.sh
2023-12-20 08:17:38 -08:00
Samuele Facenda
9d3b37a117 fix: update keys functions in agenix.sh
The functions was always called with `$FILE` as first argument, but inside the argument is ignored. This change doesn' have any impact, but can solve problems caused by the keys function called with an argument different from `$FILE`
2023-12-20 08:08:56 -08:00
Ryan Mulligan
93cec0ce6e dev: add security label category 2023-12-20 08:03:06 -08:00
Ryan Mulligan
221a1f22e5 dev: add release-drafter 2023-12-20 07:52:23 -08:00
Ryan Mulligan
6cb7cd66c2
Merge pull request #221 from CobaltCause/edit-mkdir-p
create leading directories if they don't exist
2023-12-20 07:42:34 -08:00
Ryan Mulligan
13ac9ac6d6
Merge pull request #176 from shivak/patch-1
only backup cleartext file if it exists
2023-11-28 16:08:36 -08:00
Shiva Kaul
4c48606094 only backup cleartext file if it exists
Avoids complaints from `cp` about nonexistent files.
2023-11-28 16:05:48 -08:00
Charles Hall
65fe5959c3
create leading directories if they don't exist
This works for files without directories too because `dirname` prints
`.` in that case.
2023-11-03 15:25:24 -07:00
Charles Hall
05591973d7
use named variable instead of numbered one 2023-11-03 14:53:33 -07:00
Ryan Mulligan
daf42cb35b
Merge pull request #208 from ryantm/revert-206-feature/remove-trailing-newlines-from-keys
Revert "feat: remove empty newlines from jq query"
2023-10-08 07:32:09 -07:00
Ryan Mulligan
dbc533ddc2
Revert "feat: remove empty newlines from jq query" 2023-10-08 07:31:54 -07:00
Ryan Mulligan
e2f339274d
Merge pull request #206 from timhae/feature/remove-trailing-newlines-from-keys
feat: remove empty newlines from jq query
2023-10-08 05:25:24 -07:00
Tim Häring
b5fa96a90e
feat: remove empty newlines from jq query
When you do not have your pubkeys in your `secrets.nix` verbatim as
string but read them from file like this: `desktop1 = builtins.readFile
./desktop1.pub;`, you will end up with empty newlines in the resulting
list of keys, which will add `--recipient=''` arguments to your age
call, failing the call.
2023-10-08 14:18:54 +02:00
Ryan Mulligan
1f677b3e16
Merge pull request #202 from WillPower3309/main
fix: add --strict nix-instantiate to support builtins.readFile
2023-09-22 05:13:16 -07:00
William McKinnon
115e561054 fix: add --strict nix-instantiate to support builtins.readFile 2023-09-22 01:32:46 -04:00
Ryan Mulligan
7f9dfa309f
Merge pull request #148 from n8henrie/sed_vs_jq
contrib: use jq instead of sed
2023-09-21 16:33:52 -07:00
Nathan Henrie
da763b2c4b Don't need concatStringSep if using jq to parse json arrays 2023-09-15 16:22:30 -06:00
Nathan Henrie
eb1386f3b2 Use jq instead of sed 2023-09-15 11:56:22 -06:00
Ryan Mulligan
572baca9b0
Merge pull request #199 from n8henrie/fix-darwin-ci
fix: update cachix installer to fix darwin CI
2023-09-15 09:02:43 -07:00
Nathan Henrie
b76899f4c1 Update nix installer
Fixes https://github.com/ryantm/agenix/issues/198
2023-09-15 08:26:02 -06:00
Nathan Henrie
7f30f9b4b3 Revert "dev: try switching to determinate systems installer action"
This reverts commit 2ed2dc7582.
2023-09-15 07:53:36 -06:00
Nathan Henrie
da5d6f05f9
Merge pull request #195 from Eisfunke/fix-home-shellcheck
fix(home): shellcheck failure for fixed secretsDir
2023-09-15 07:40:28 -06:00
Ryan Mulligan
20deb735cc
Merge pull request #197 from ryantm/rtm-9-14-try-to-fix-ci
dev: try switching to determinate systems installer action
2023-09-14 16:42:44 -07:00
Ryan Mulligan
2ed2dc7582 dev: try switching to determinate systems installer action 2023-09-14 16:37:58 -07:00
Ryan Mulligan
54693c91d9 version 0.14.0 2023-09-14 16:20:33 -07:00
Ryan Mulligan
7d39a26d73
Merge pull request #196 from ryantm/ryantm-patch-1
Create flakehub-publish-tagged.yml
2023-09-14 16:19:55 -07:00
Ryan Mulligan
1698ed385d
Create flakehub-publish-tagged.yml 2023-09-14 16:19:37 -07:00