| 25 Feb 2025 |
|  @horigome:matrix.org joined the room. | 19:26:36 |
| @horigome:matrix.org | I'm so lost... have been using agenix for couple of years no problem. Now none of my secrets are decrypted, e.g., when running darwin-rebuild... | 19:31:39 |
| @horigome:matrix.org | When running darwin-rebuild I always noticed the decryption step but now it's gone | 19:33:32 |
| @horigome:matrix.org | no error or warning or nothing | 19:33:38 |
| @horigome:matrix.org | works fine on my nixos machines | 19:34:53 |
| @horigome:matrix.org | how can i debug this | 19:35:32 |
| @horigome:matrix.org | would it fail if it is unable to decrypt? | 19:37:57 |
| @horigome:matrix.org | e.g., in the activation stage | 19:38:11 |
| @horigome:matrix.org | 🤦 | 20:05:13 |
| @horigome:matrix.org | Figured it out. | 20:05:19 |
| @horigome:matrix.org | Just some permission bs | 20:05:28 |
| 26 Feb 2025 |
|  Daniel RodrÃguez Rivero joined the room. | 19:13:42 |
| Daniel RodrÃguez Rivero | Hello everyone. I want to start managing my dotfile secrets with agenix, but I don't want to be tied to host specific keys. Is there any way I can do an initial bootstrap using a passphrase that sets the required infrastructure and then do the normal agenix flow? | 19:31:13 |
| 1 Mar 2025 |
|  Valodim joined the room. | 16:10:47 |
| 3 Mar 2025 |
|  Bonus joined the room. | 22:50:52 |
| 6 Mar 2025 |
|  alarsyo joined the room. | 02:33:24 |
|  @frankingfish45:matrix.org joined the room. | 04:48:43 |
| @frankingfish45:matrix.org removed their display name frankingfish45. | 08:07:56 |
| @frankingfish45:matrix.org left the room. | 08:08:38 |
| 7 Mar 2025 |
|  Qyriad changed their display name from Qyriad to qyriad. | 16:58:25 |
| 8 Mar 2025 |
 laurent | Hi there, Im new to the nixos ecosystem. I asked a question on the agenix discussion page https://github.com/ryantm/agenix/discussions/312, regarding agenix asking for my passkey passphrase on boot, with no timeout.nixos logo will spin forever unless i press esc at the right time(otherwise if i press too late, boot sequence is basically frozen). Any tip on how to avoid this without having a private key without a passphrase? | 06:08:59 |
 K900 | That's not really the intended use cass | 06:19:48 |
| K900 | You probably want full disk encryption | 06:20:00 |
| laurent | In reply to @k900:0upti.me
That's not really the intended use cass What do you mean? What is the intended use case? My understanding is just to encrypt password, tokens... with my private ssh key so that i can put my nixos config on github | 06:23:43 |
| K900 | Yes, but it's not really designed to be used interactively | 06:41:00 |
| K900 | The way you're trying to use it | 06:41:04 |
| K900 | If you want that kind of thing, you should encrypt to a secret like your machine's SSH host key | 06:41:21 |
| K900 | That is stored on an encrypted disk | 06:41:29 |
| @horigome:matrix.org left the room. | 06:57:30 |
| laurent | In reply to @k900:0upti.me
If you want that kind of thing, you should encrypt to a secret like your machine's SSH host key Hum I think I wasnt clear sorry. I dont want the boot sequence to be interactive and asking for my ssh host key password. Maybe i didnt set up my ssh key good enough with nix? | 07:06:43 |
