Commit graph

8 commits

Author SHA1 Message Date
tea
2e80d9ddd1 fix: fix _agenix_generation being empty if readlink fails 2024-09-11 11:18:49 +02:00
Jacob Hrbek
e3413992fb age-home: Use curly-brackets for XDG_RUNTIME_DIR
To avoid having to do 4fd99eae63/nixos/secrets.nix (L25C9-L29C116) while using agenix in user services.
2024-08-10 05:05:53 +02:00
oddlama
08ed896eb6
fix: always treat link destinations as files to ensure error when destination is a directory.
This can happen if for example a secret is used in the initrd, which
materializes it as a directory, which then causes agenix to silently
create an incorrect link when switching to stage2. This ensures that
agenix will abort with an error.
2024-05-21 15:08:15 +02:00
Ryan Mulligan
5c1198a352 feat: switch from rage to age
Why
===
* Someone said age works better with password protected keys,
requiring entering the password less often.
* We switched to rage from age in
07ce686870
because it was limiting recipients to 20. This was fixed
https://github.com/FiloSottile/age/issues/139

What changed
===
* Switch from rage back to age (the reference implementation) in all
the spots
* Update the docs to show how to switch back to Rage
* Skip keys that are empty files, which fixes the integration test.
2023-12-23 14:09:16 -08:00
Nicolas Lenz
fe4f564f13
fix(home): shellcheck failure for fixed secretsDir 2023-09-09 16:46:53 +02:00
Lin Jian
0d94960783
doc: fix defaultText by adding literalExpression
I also remove an unnecessary defaultText and fix a typo.
2023-06-27 00:06:39 +08:00
Sefa Eyeoglu
758cdc98f4
Disable shellcheck warning about impossible comparison
This shellcheck warning occurs when setting a path for a secret using
the home-manager module.

Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2023-05-12 20:15:30 +02:00
Bruno BELANYI
9274b82816 Add home-manager module
This is to update and fix the issues I saw in [1] and [2].

Using a service definition instead of an activation script should
resolve the issue about the secrets disappearing after rebooting.

Removed the `user` and `group` option as they do not make sense to me
for a home-manager module, which should target a single user. They can
always be added back if somebody comes screaming.

This is somewhat modeled after sops-nix's own module [3].

[1]: https://github.com/ryantm/agenix/pull/58/
[2]: https://github.com/ryantm/agenix/pull/109
[3]: https://github.com/Mic92/sops-nix/blob/master/modules/home-manager/sops.nix
2023-05-06 14:18:17 +01:00