mynix/agenix
1
0
Fork 0
mirror of https://github.com/ryantm/agenix.git synced 2024-11-22 17:50:48 +03:00
Code Issues Projects Releases Packages Wiki Activity
275 commits 4 branches 12 tags 604 KiB
Commit graph

275 commits

This branch
This branch
All branches
Author SHA1 Message Date
Luís Fonseca
9316abd9f5
Add default NixOS module to flake 
This adds a “default” NixOS module in flake.nix. This makes using this in flakes a little less verbose and repetitive.

Before this change:

```nix
nixpkgs.lib.nixosSystem {
  modules = [
    ./configuration.nix
    agenix.nixosModules.age
  ];
}
After this change:

```nix
nixpkgs.lib.nixosSystem {
  modules = [
    ./configuration.nix
    agenix.nixosModule
  ];
}
```
 2022-02-28 17:38:21 +00:00
Ryan Mulligan
b4ab630f19
Merge pull request #103 from Pacman99/configure-secretsDir 
modules/age: add option for secrets directory
 2022-02-22 13:42:35 -08:00
Parthiv Seetharaman
85bd9d01ad modules/age: add option for secrets directory 2022-02-21 15:20:05 -08:00
Ryan Mulligan
a17d1f3055
Merge pull request #98 from nixinator/nixinator-just-spelling 
correct readme spelling thats all
 2022-02-02 14:42:37 -08:00
nixinator
3fbac9275f correct readme spelling thats all 2022-02-02 21:53:46 +00:00
Ryan Mulligan
08b9c96878
Merge pull request #93 from jtojnar/create-run 
Ensure /run is created before mounting secrets
 2022-01-07 09:24:25 -08:00
Jan Tojnar
35ecba5704 Do not try to create /run/agenix in when installing secrets 
That is a job for agenixMountSecrets, which should have already
created a symlink there so the directory creation attempt would
fail anyway.
 2022-01-06 22:55:10 +01:00
Jan Tojnar
26edd03a5a Ensure /run is created before mounting secrets 
Otherwise /run/agenix might disappear if specialfs is toposorted
between agenixMountSecrets and agenixRoot.

Fixes: https://github.com/ryantm/agenix/issues/92
 2022-01-06 22:50:56 +01:00
Ryan Mulligan
c5558c88b2 doc: fix niv CLI installation instructions 2021-12-29 10:20:00 -08:00
Ryan Mulligan
c882982544
Merge pull request #88 from ryantm/readme 
doc: table of contents and better installation instructions
 2021-12-29 10:18:18 -08:00
Ryan Mulligan
d00ce39997 doc: remove old NixOS version compatibility notice 2021-12-29 10:17:14 -08:00
Ryan Mulligan
81ebe4f1f4 doc: table of contents and better installation instructions 2021-12-29 10:15:09 -08:00
Ryan Mulligan
57806bf7e3
Merge pull request #82 from ryantm/identitypaths 
feature: rename age.sshKeyPaths to age.identityPaths
 2021-12-06 16:37:36 -08:00
Felix Scheinost
42a250cafa Add package for aarch64-darwin 
flake.lock previously included a "indirect" reference to nixpkgs.

I am not sure what this means but I added `inputs.nixpkgs` and updated nixpkgs because this old version of nixpkgs didn't have any support for aarch64-darwin at all.

Now on a aarch64-darwin I can type `nix build` and get a working version of agenix.
 2021-12-06 09:11:34 +01:00
Ryan Mulligan
dfb2e7e591 feature: rename age.sshKeyPaths to age.identityPaths 
implements #66
 2021-12-05 16:05:06 -08:00
Ryan Mulligan
c53ac31e44
Merge pull request #81 from chuangzhu/agebin 
Allow customizing ageBin
 2021-12-05 15:53:34 -08:00
Chuang Zhu
d85abe9f12
update README 2021-12-06 07:18:47 +08:00
Chuang Zhu
c2f6bd077c
allow customizing ageBin 2021-12-06 07:08:18 +08:00
Ryan Mulligan
52ea2f8c32
Merge pull request #78 from mausch/patch-1 
Fix reference to module in docs
 2021-11-30 16:38:58 -08:00
Mauricio Scheffer
4625cd526f
Fix reference to module in docs 2021-11-30 23:08:57 +00:00
Ryan Mulligan
f85eea0e29
Merge pull request #77 from Sohalt/main 
update option descriptions
 2021-11-24 14:43:10 -08:00
sohalt
ed0d9ef01a update option descriptions 2021-11-24 18:00:28 +01:00
Ryan Mulligan
a0e9ca505c
Merge pull request #73 from ymarkus/readme 
README: clarify that 'config' has to be prefixed
 2021-11-22 16:06:15 -08:00
Yannick Markus
8bf3896818
README: clarify that 'config' has to be prefixed 2021-11-21 15:13:56 +01:00
Ryan Mulligan
4a93de2beb
readme: master -> main 2021-11-20 17:30:45 -08:00
Ryan Mulligan
cb0fe60ff1
Merge pull request #72 from oslerw/patch-1 
Install instructions: master -> main
 2021-11-20 17:12:49 -08:00
William Osler
fc8272d31c
master -> main 
Fix installation instructions for channel installation, now that the default branch name has changed.
 2021-11-20 16:29:27 -08:00
Ryan Mulligan
4fefd7cfff
Merge pull request #71 from ryantm/fix-non-root-secrets 
fix: make non-root secrets accessible again
 2021-11-20 12:23:07 -08:00
Ryan Mulligan
5ff75b48b4 fix: make non-root secrets accessible again 
fixes #69
 2021-11-20 12:19:52 -08:00
Ryan Mulligan
b8e873bc23 ci: split linux and macos 
That wasn't how you do it.
 2021-11-20 11:39:24 -08:00
Ryan Mulligan
12e5225c9c ci: fix NixOS tests, try macos 2021-11-20 11:37:06 -08:00
Ryan Mulligan
c7906a8021 ci: run nix *flake* check 2021-11-20 11:31:38 -08:00
Ryan Mulligan
b12f117555 ci: run nix check 2021-11-20 11:30:40 -08:00
Cole Helbling
7bb0b5d7f1 modules/age: add option to disable symlinking 
There are some cases where it may be better or even required to have the
secret be a file that is not a symlink. Setting

    age.secrets.some-secret.symlink = false;

will disable the default functionality of symlinking secrets and instead
just forcibly move them to their `path`.
 2021-11-15 21:39:32 -08:00
Cole Helbling
e538664435 modules/age: /run/secrets -> /run/agenix 2021-11-15 21:39:32 -08:00
Cole Helbling
111754b894 modules/age: remove old secrets generations 2021-11-15 21:39:32 -08:00
Cole Helbling
f816a0d5df modules/age: symlink files into place 
This follows sops-nix's implementation, where it creates a
`/run/secrets.d` ramfs mountpoint and a "generation" each time
the activation script runs, and then symlinks `/run/secrets` to
`/run/secrets.d/[generation]`.
 2021-11-15 21:39:32 -08:00
Ryan Mulligan
53aa91b417
Merge pull request #62 from yaymukund/document-overlay-usage 
Document how to install the binary in a `nix-channel` install.
 2021-10-16 10:07:08 -07:00
Mukund Lakshman
b5cb1a07c0 Document how to install the binary in a nix-channel install. 2021-10-16 12:04:16 -04:00
Ryan Mulligan
daf1d77398
Merge pull request #59 from ryantm/workaround54 
fix: remove workaround for #54
 2021-09-17 09:31:09 -07:00
Ryan Mulligan
6d9fdcbd70 fix: remove workaround for #54 
https://github.com/NixOS/nixpkgs/pull/137508 should remove the need
for this.
 2021-09-16 15:39:38 -07:00
Ryan Mulligan
5c5bc28256
Merge pull request #57 from ryantm/workaround54 
fix: workaround for #54
 2021-09-10 19:04:24 -07:00
Ryan Mulligan
375a33cd97 fix: workaround for #54 2021-09-10 16:30:05 -07:00
Ryan Mulligan
e6752e7b85
Merge pull request #52 from gabysbrain/patch-1 
add .nix extensions
 2021-08-01 05:56:27 -07:00
Tom Torsney-Weir
1a09f60c3a
add .nix extensions 
on my system (21.05.1759.91903ceb294 (Okapi)) I needed to add the .nix extensions on age to get nixos-rebuild to find the module. This seems to be inline with the modules directory structure:
`modules/age/nix`
rather than
`modules/age/default.nix`
but I'm not an expert on nix's file naming conventions
 2021-08-01 13:26:50 +02:00
Ryan Mulligan
6e5ca0926e
Merge pull request #49 from ngkz/master 
run activation scripts after /run mount
 2021-07-30 15:54:13 -07:00
Ryan Mulligan
fb00f178b3
Merge pull request #51 from michaeladler/fix/diff-command-not-found 
Make 'diff' an explicit dependency
 2021-07-22 06:27:35 -07:00
Michael Adler
5c1fbaabc2 Make 'diff' an explicit dependency 2021-07-22 13:58:29 +02:00
Ryan Mulligan
85da8b7366 add meta.description 
closes #47
closes #48
 2021-07-20 08:50:08 -07:00
Kazutoshi Noguchi
8bad14fe08 run activation scripts after /run mount 2021-07-01 14:13:44 +09:00