Commit graph

160 commits

Author SHA1 Message Date
Ryan Mulligan
8652eb6cf3
doc: update readme notice 2021-05-02 18:27:44 -07:00
Vincent Haupert
a0e97fd8e7
flake.lock: Update
Flake input changes:

* Updated 'flake-utils': 'github:numtide/flake-utils/3cd06d3c1df6879c9e41cb2c33113df10566c760' -> 'github:numtide/flake-utils/eed214942bcfb3a8cc09eb3b28ca7d7221e44a94'
* Updated 'nixpkgs': 'github:NixOS/nixpkgs/7ff50a7f7b9a701228f870813fe58f01950f870b' -> 'path:/nix/store/z1rf17q0fxj935cmplzys4gg6nxj1as0-source?lastModified=1618628710&narHash=sha256-9xIoU+BrCpjs5nfWcd%2fGlU7XCVdnNKJPffoNTxgGfhs=&rev=7919518f0235106d050c77837df5e338fb94de5d'
2021-04-24 12:32:10 +02:00
Eric Drechsel
838c08e7b2
Update README.md
Co-authored-by: asymmetric <lorenzo@mailbox.org>
2021-04-08 17:03:08 -07:00
Eric Drechsel
a64940456c
Update README.md 2021-04-08 11:47:48 -07:00
Eric Drechsel
66374fb29e
Extend the tutorial to describe location of decrypted secrets 2021-04-08 11:43:54 -07:00
Ryan Mulligan
f30f0eeb11
Merge pull request #32 from felixscheinost/feature/fix-wrong-import
Fix relative path to `rage.nix`
2021-03-16 10:47:12 -07:00
Felix Scheinost
3f07139990 Fix relative path 2021-03-16 18:31:27 +01:00
Ryan Mulligan
9eb981eeb5
Merge pull request #30 from cole-h/cond-module
modules/age: build local rage if pkgs.rage is older than 0.5.0
2021-03-01 14:08:09 -08:00
Cole Helbling
ef7ec993e8
modules/age: build local rage if pkgs.rage is older than 0.5.0 2021-03-01 13:11:02 -08:00
Cole Helbling
9b8f6c01fe
modules/age: nixpkgs-fmt 2021-03-01 13:10:52 -08:00
Ryan Mulligan
ed7e69bff3
Merge pull request #28 from cole-h/locale
modules/age: set LANG
2021-02-25 17:25:31 -08:00
Cole Helbling
7ba959742e
modules/age: set LANG
rage has a localization crate as a dependency that whines when LANG
is unset.
2021-02-25 15:16:28 -08:00
Ryan Mulligan
a704a85cbd fix Darwin? 2021-02-13 09:46:33 -08:00
Ryan Mulligan
ddb81b8bda Merge branch 'rien/master' fix suppory for aarch64 2021-02-08 18:50:16 -08:00
Ryan Mulligan
c81f804195
Merge pull request #20 from felixscheinost/master
Need Foundation to build i18n-embed-fl on darwin
2021-02-08 18:46:27 -08:00
Felix Scheinost
cd916fad67 Need Foundation to build i18n-embed-fl on darwin 2021-02-04 21:21:23 +01:00
Rien Maertens
017422ed4c
Conditionally build rage if version is below 0.5.0 2021-01-31 22:39:30 +01:00
Rien Maertens
a678a8748c
Update rage to latest package definition 2021-01-31 22:39:25 +01:00
Ryan Mulligan
37b1d2aa3f
Merge pull request #12 from blaggacao/da-overlay
add overlay
2020-12-30 13:43:18 -08:00
David Arnold
56b1cb99da
Update overlay.nix
Co-authored-by: Ryan Mulligan <ryan@ryantm.com>
2020-12-30 16:18:38 -05:00
David Arnold
f477ca6041
add overlay 2020-12-28 22:39:16 -05:00
Ryan Mulligan
85fd85e318
Merge pull request #10 from AluisioASG/all-non-root-secrets
correctly list non-root secrets
2020-12-21 21:40:20 -08:00
Aluísio Augusto Silva Gonçalves
b0a48f587e
correctly list non-root secrets
Secrets that are only partly owned by root (i.e. either user or group
are not 'root') are now accounted for during activation.
2020-12-22 01:34:35 -03:00
Ryan Mulligan
553d1f5caa Merge branch 'flake-nixos-module' 2020-12-19 09:44:43 -08:00
Ryan Mulligan
920acdd8ff add verbose flag 2020-12-19 08:53:44 -08:00
Aluísio Augusto Silva Gonçalves
c1cbfe75b0
export module as system-independent flake output
Flake outputs are a mixture of system-dependent and system-independent
sets, and flake-utils doesn't do much to distinguish one from the other.
Because of that, the `age` NixOS module currently has to be acessed as
`agenix.nixosModules.${system}.age`, rather than the documented
`agenix.nixosModules.age`.

To remedy that, (conceptually) split `outputs` in two, let flake-utils
handle the system-dependent half, and merge them to form the actual
outputs.  The names for the two halves were taken from [1].

[1]: https://github.com/NixOS/nix/issues/3843#issuecomment-661720562
2020-12-19 01:53:37 -03:00
Ryan Mulligan
092ba8b166
Merge pull request #7 from ryantm/issue5
use only ~/.ssh/id_rsa and ~/.ssh/id_ed25519 for decryption; friendlier error message when no identity
2020-12-18 20:07:22 -08:00
Ryan Mulligan
de625b5298 add friendlier error message in the event of no identity
fixes #6
2020-12-18 20:02:13 -08:00
Ryan Mulligan
be7bad2c12 use only ~/.ssh/id_rsa and ~/.ssh/id_ed25519 for decryption
fixes #5
2020-12-18 19:23:47 -08:00
Ryan Mulligan
8af97149b2 Add notice about password-protected ssh keys 2020-12-18 15:41:06 -08:00
Ryan Mulligan
d42ba6964b
Merge pull request #3 from bbigras/patch-1
fix typo in README
2020-12-18 11:48:49 -08:00
Bruno Bigras
2f2b526539
fix typo in README 2020-12-18 19:37:23 +00:00
Ryan Mulligan
fbd9e29ac9 add notice about root-owned secrets 2020-12-18 10:09:17 -08:00
Ryan Mulligan
0650e51720 update README 2020-12-18 09:49:50 -08:00
Ryan Mulligan
baf623214b Merge branch 'master' of github.com:ryantm/age-nix into master 2020-11-20 17:55:23 -08:00
Ryan Mulligan
fd34de02a2 more messages while activationscript run & make sure directory exists before decrypting 2020-11-20 16:28:37 -08:00
Ryan Mulligan
5fcb31e390 show age binary version and path in help message 2020-09-18 13:13:54 -07:00
Ryan Mulligan
07ce686870 use unstable verison of rage in place of age
* age limits the number of recipients to 20
* the latest release of rage (0.4.0) doesn't work with ssh-rsa keys
2020-09-18 12:42:20 -07:00
Ryan Mulligan
aecba55db6 install root owned secrets sooner 2020-09-09 20:44:45 -07:00
Ryan Mulligan
d2dc883f3a README rewording 2020-09-04 07:13:03 -07:00
Ryan Mulligan
c89ed72dc6 rename public_keys to publicKeys
more idiomatic
2020-09-03 21:13:10 -07:00
Ryan Mulligan
5e68735d26 README improvements 2020-09-03 21:12:02 -07:00
Ryan Mulligan
f38625001d exit of sub commands fail; don't re-encrypt if there is no diff; apply some shellcheck suggestions 2020-09-03 16:51:23 -07:00
Ryan Mulligan
b381af08ec use nix-instantiate instead of nix eval
it has a more stable API
2020-09-03 16:07:43 -07:00
Ryan Mulligan
ac8d259fb9 fix spacing 2020-09-03 15:19:30 -07:00
Ryan Mulligan
7957842d88 use Nix instead of YAML 2020-09-03 15:18:20 -07:00
Ryan Mulligan
91ff516ef6 fix description of secretType.path
It talked about symlinks which isn't a feature of this yet.
2020-09-03 13:41:45 -07:00
Ryan Mulligan
1f7893895f README wording 2020-09-03 13:35:15 -07:00
Ryan Mulligan
0865860e1c fix README syntax 2020-09-03 13:25:24 -07:00
Ryan Mulligan
2e495e5ab5 remove old script file 2020-09-03 13:21:43 -07:00