| 16 Feb 2025 |
 Waldemar Tomme (they/them) | Well, as so often the case I found the answer/explanation. For anyone else interested in the future: https://github.com/str4d/age-plugin-yubikey/issues/179 | 19:05:30 |
| 17 Feb 2025 |
|  dgb joined the room. | 22:33:50 |
| 18 Feb 2025 |
|  @stites:matrix.org left the room. | 12:56:59 |
|  laurent joined the room. | 21:52:36 |
| 23 Feb 2025 |
|  Patrick joined the room. | 01:49:40 |
| Patrick changed their display name from Patrick Hütter to Patrick. | 01:50:23 |
| Patrick | Hi, i can't get agenix to working. Does somebody have an idea why my tailscale.age isn't get placed onto the host?
❯ nix run github:zhaofengli/colmena -- apply --experimental-flake-eval --on host-1 --show-trace
warning: ignoring untrusted substituter 'https://colmena.cachix.org', you are not a trusted user.
Run `man nix.conf` for more information on the `substituters` configuration option.
warning: ignoring the client-specified setting 'trusted-public-keys', because it is a restricted setting and you are not a trusted user
warning: Git tree '/Users/user/Workspace/project/infrastructure-as-code' is dirty
[INFO ] Using flake: git+file:///Users/user/Workspace/project/infrastructure-as-code?dir=nixos
warning: Git tree '/Users/user/Workspace/project/infrastructure-as-code' is dirty
warning: will not write lock file of flake 'path:/private/tmp/colmena-assets-r8xdrZ' because it has an unlocked input ('git+file:///Users/user/Workspace/project/infrastructure-as-code?dir=nixos')
[WARN ] Using direct flake evaluation (experimental)
[INFO ] Enumerating nodes...
warning: Git tree '/Users/user/Workspace/project/infrastructure-as-code' is dirty
warning: Git tree '/Users/user/Workspace/project/infrastructure-as-code' is dirty
warning: Git tree '/Users/user/Workspace/project/infrastructure-as-code' is dirty
[INFO ] Selected 1 out of 3 hosts.
❌ 3s Failed: Child process exited with error code: 1
host-1 ❌ 3s Evaluation failed: Child process exited with error code: 1
[ERROR] Failed to evaluate host-1 - Last 20 lines of logs:
[ERROR] stderr) 621| [{ inherit (module) file; inherit value; }]
[ERROR] stderr) | ^
[ERROR] stderr) 622| )
[ERROR] stderr)
[ERROR] stderr) … while calling the 'concatStringsSep' builtin
[ERROR] stderr) at /nix/store/glsqq1xn5al7d528hvlbm4hl3ladxmka-source/modules/age.nix:114:20:
[ERROR] stderr) 113|
[ERROR] stderr) 114| installSecrets = builtins.concatStringsSep "\n" (
[ERROR] stderr) | ^
[ERROR] stderr) 115| ["echo '[agenix] decrypting secrets...'"]
[ERROR] stderr)
[ERROR] stderr) … while calling 'installSecret'
[ERROR] stderr) at /nix/store/glsqq1xn5al7d528hvlbm4hl3ladxmka-source/modules/age.nix:64:19:
[ERROR] stderr) 63|
[ERROR] stderr) 64| installSecret = secretType: ''
[ERROR] stderr) | ^
[ERROR] stderr) 65| ${setTruePath secretType}
[ERROR] stderr)
[ERROR] stderr) error: path '/nix/store/lrfilxp20f920zgvm3bn71h6wsnp037y-source/nixos/secrets/tailscale.age' does not exist
[ERROR] failure) Child process exited with error code: 1
[ERROR] Failed to complete requested operation - Last 1 lines of logs:
[ERROR] failure) Child process exited with error code: 1
[ERROR] -----
[ERROR] Operation failed with error: Child process exited with error code: 1
Hint: Backtrace available - Use `RUST_BACKTRACE=1` environment variable to display a backtrace
| 14:12:08 |
 elikoga | Run git add . and try again | 15:19:40 |
| Patrick | elikoga: you are my hero! <3 This workend! So simple! I was search for this bug / problem a few hours, did setup a few machines again and again and couldn't fix this problem. Wow, so simple! | 19:28:56 |
| Patrick | * elikoga: you are my hero! <3 This worked! So simple! I was search for this bug / problem a few hours, did setup a few machines again and again and couldn't fix this problem. Wow, so simple! | 19:29:14 |
| elikoga | It's related to the fact that nix flakes in a git repository only copy git tracked files to the store | 19:29:34 |
| Patrick | elikoga: awesome and very important to know! I started with nix a few days ago, coming from normal linux distributions and ansible provisioning. So this will help me to understand more things within nixos-space :) | 19:30:43 |
| 25 Feb 2025 |
|  @horigome:matrix.org joined the room. | 19:26:36 |
| @horigome:matrix.org | I'm so lost... have been using agenix for couple of years no problem. Now none of my secrets are decrypted, e.g., when running darwin-rebuild... | 19:31:39 |
| @horigome:matrix.org | When running darwin-rebuild I always noticed the decryption step but now it's gone | 19:33:32 |
| @horigome:matrix.org | no error or warning or nothing | 19:33:38 |
| @horigome:matrix.org | works fine on my nixos machines | 19:34:53 |
| @horigome:matrix.org | how can i debug this | 19:35:32 |
| @horigome:matrix.org | would it fail if it is unable to decrypt? | 19:37:57 |
| @horigome:matrix.org | e.g., in the activation stage | 19:38:11 |
| @horigome:matrix.org | 🤦 | 20:05:13 |
| @horigome:matrix.org | Figured it out. | 20:05:19 |
| @horigome:matrix.org | Just some permission bs | 20:05:28 |
| 26 Feb 2025 |
|  Daniel Rodríguez Rivero joined the room. | 19:13:42 |
| Daniel Rodríguez Rivero | Hello everyone. I want to start managing my dotfile secrets with agenix, but I don't want to be tied to host specific keys. Is there any way I can do an initial bootstrap using a passphrase that sets the required infrastructure and then do the normal agenix flow? | 19:31:13 |
| 1 Mar 2025 |
|  Valodim joined the room. | 16:10:47 |
| 3 Mar 2025 |
|  Bonus joined the room. | 22:50:52 |
| 6 Mar 2025 |
|  alarsyo joined the room. | 02:33:24 |
|  @frankingfish45:matrix.org joined the room. | 04:48:43 |
| @frankingfish45:matrix.org removed their display name frankingfish45. | 08:07:56 |
