| 20 Sep 2024 |
 /madonius[er|he] | Cheers, how would you go about encrypting a binary file with agenix? | 19:45:54 |
 eyJhb | In reply to @madonius:entropia.de
Cheers, how would you go about encrypting a binary file with agenix? cat mywallpaper.jpg | agenix -e somefile.age | 19:49:38 |
| 22 Sep 2024 |
|  rane [they/them] joined the room. | 09:51:31 |
|  @rayne:spooky.computer left the room. | 10:24:46 |
| 23 Sep 2024 |
|  elikoga joined the room. | 15:30:12 |
| 26 Sep 2024 |
|  Fabián Heredia set a profile picture. | 01:16:08 |
| 27 Sep 2024 |
| elikoga set a profile picture. | 16:27:22 |
| 1 Oct 2024 |
|  -_o joined the room. | 21:02:32 |
| 4 Oct 2024 |
 Ilan Joselevich (Kranzes) | https://github.com/ryantm/agenix/pull/255 | 21:59:42 |
| Ilan Joselevich (Kranzes) | Can we get this merged? | 21:59:48 |
|  @dminca:matrix.org left the room. | 22:09:45 |
| 5 Oct 2024 |
 martijn | Hey there, does someone have a working git submodule for secrets? I'm trying to have my secrets in a private Github repository but with flakes the directory in the store doesn't include the submodule | 10:13:54 |
| martijn | So it'll complain about not finding /secrets in /nix/store/{hash}-source. I've tried using sudo nixos-rebuild switch --flake '.?submodules=1#host' but it gives the same error | 10:17:58 |
| 7 Oct 2024 |
|  @memegames99:matrix.org removed their profile picture. | 00:05:37 |
| @memegames99:matrix.org removed their display name memegames99. | 00:05:48 |
| @memegames99:matrix.org left the room. | 00:06:04 |
|  Sam Lehman changed their profile picture. | 14:24:17 |
| 8 Oct 2024 |
|  @reese:cyberia.club left the room. | 00:38:37 |
| 9 Oct 2024 |
|  john joined the room. | 01:20:36 |
| 10 Oct 2024 |
|  p4cmanus3r joined the room. | 13:25:03 |
| 13 Oct 2024 |
| martijn changed their profile picture. | 11:24:04 |
| martijn changed their profile picture. | 11:24:20 |
| 15 Oct 2024 |
|  dish [Fox/It/She] changed their display name from Pyrox [ It/She/They/Xem ] to dish [Fox/It/She]. | 03:20:53 |
| 17 Oct 2024 |
 goodlander | So if I'm deploying on a new machine, can I seed that machine with a host key before even installing? How do people handle this? | 16:40:15 |
| 19 Oct 2024 |
 uep | How are you installing? SSH host keys are generated on server start if they don't already exist, so you can just generate one first. Say, in the /mnt/etc/ssh directory after you've prepared filesystems, before running nixos-install. | 23:03:38 |
| uep | * How are you installing? SSH host keys are generated on server start if they don't already exist, so you can just generate one first. Say, in the /mnt/etc/ssh directory after you've prepared filesystems, before running nixos-install, from the installer live-cd/usb boot | 23:04:01 |
| uep | Or you can generate it elsewhere even earlier, but I don't really recommend that because you have to handle the secret, rather than just generate it on the host where it belongs as private state | 23:06:12 |
| 21 Oct 2024 |
| goodlander | I'm open to an opinionated setup that makes things easier but for my first time spreading my flake to a second host I just connected the nvme drive to my nixos laptop with a usb controller. I thought I could partition the drive, setup luks, setup btrfs and swap, generate the config, generate a new host key in /etc/ssh, parse for the correct public key and uuid info and then nixos-install --flake /path/to/flake#host | 20:54:52 |
| goodlander | I ended up generating the config and doing a basic install though and then rebuilding to my flake once the drive was in the new machine | 20:55:54 |
| goodlander | would love to be able to get the one step install going though | 20:56:54 |
