26 Dec 2024 |
| elikoga changed their display name from elikoga (@38c3 📞448{0,1} to elikoga (@38c3 📞448{0,1}). | 15:26:03 |
| elikoga changed their display name from elikoga (@38c3 📞448{0,1}) to elikoga (@38c3 📞488{0,1}). | 15:26:44 |
| Tommy changed their display name from Tommy to Tommy (3841). | 16:06:54 |
27 Dec 2024 |
| Jeff joined the room. | 21:16:19 |
28 Dec 2024 |
| 0xcharly joined the room. | 15:20:06 |
29 Dec 2024 |
| elikoga changed their display name from elikoga (@38c3 📞488{0,1}) to elikoga (@38c3 📞488{0,1,9}). | 11:03:10 |
30 Dec 2024 |
| Tommy changed their display name from Tommy (3841) to Tommy. | 19:25:55 |
1 Jan 2025 |
| xored joined the room. | 00:51:27 |
xored | hey guys i've a question, when using age to define a secret inside a home manager module, is there anything extra I need to do to have the secret available under the home agenix path? i have something like this in my home manager config:
programs.atuin = {
enable = true;
key_path = config.age.secrets.atuinKey.path;
}
age.secrets.atuinKey.file = inputs.self + /secrets/atuinKey.age;
| 00:55:24 |
xored | when I inspect $XDG_RUNTIME_DIR/agenix.d i don't see it there | 00:56:09 |
xored | if it helps my OS level secrets are working fine (under /run/agenix) | 00:58:36 |
xored | oh it turns out that's just my setup, i don't have my keys on home, they're saved on 1password, so the home module didn't seem to be able to decrypt the file | 01:28:10 |
| NixOS Moderation Botchanged room power levels. | 14:26:34 |
3 Jan 2025 |
| elikoga changed their display name from elikoga (@38c3 📞488{0,1,9}) to elikoga. | 10:28:09 |
willmckinnon | Hey all! Interesting question here - how many private keys would need to be known to be able to determine what the other keys that a secret is encrypted with are? Lets say I had a secret encrypted to 3 different hosts' private keys, with the public keys of those hosts known. If someone figured out one of my host's private keys, could they then determine my other hosts' private keys given the knowledge of the secret and the public keys of those hosts? | 21:36:56 |
K900 ⚡️ | In reply to@willpower3309:matrix.org Hey all! Interesting question here - how many private keys would need to be known to be able to determine what the other keys that a secret is encrypted with are? Lets say I had a secret encrypted to 3 different hosts' private keys, with the public keys of those hosts known. If someone figured out one of my host's private keys, could they then determine my other hosts' private keys given the knowledge of the secret and the public keys of those hosts? No | 21:52:16 |
4 Jan 2025 |
| philt3r joined the room. | 16:05:14 |
6 Jan 2025 |
| jeroen left the room. | 16:40:02 |
12 Jan 2025 |
| @strutztm:strutztm.de joined the room. | 00:22:06 |
19 Jan 2025 |
| Waldemar Tomme (they/them) changed their display name from Waldemar Tomme to Waldemar Tomme (they/them). | 08:17:06 |
25 Jan 2025 |
| fwam changed their profile picture. | 04:32:11 |
28 Jan 2025 |
| fwam changed their profile picture. | 17:15:04 |
| Thomas m changed their display name from howlymowly to Thomas m. | 19:26:50 |
3 Feb 2025 |
| cameronraysmith joined the room. | 05:06:26 |
| Gus joined the room. | 06:05:32 |
Gus | Anyone have good patterns for decrypting "secrets" for eval-time configuration? E.g. I want to set services.caddy.virtualHosts.foo.hostName = "foo.${myTailnet}" . I don't care about myTailnet being in the nix store but I would prefer that it's not plaintext in my git repo | 06:13:21 |
Gus | I saw that maybe scalpel can solve this? | 06:13:42 |
Gus | wondering if there is a straightforward way that people recommend :) | 06:14:03 |
9 Feb 2025 |
LordKekz | Nix doesn't have eval-time secrets. But if you just want to avoid putting some variables in a public repo, you can make a separate private repo on your git forge of choice and add it as a flake input. You will then need to provide credentials to the private repo, e.g. via ~/.config/nix/nix.conf . | 22:21:01 |
Alexandros Liarokapis | Redacted or Malformed Event | 23:23:30 |