| 15 Sep 2024 |
 eyJhb | I looked into using sops-nix, as I could use my gpg key there, but it feels very complex compared to what I need. agenix is just very very KISS in that regards.
The only other thing I considered, was adding a age key to my yubikey, but then I would need to have N times age secrets to manage. | 10:48:31 |
| eyJhb | But granted, managing GPG keys is usually quite yuck. | 10:48:45 |
| eyJhb | In reply to @ryantm:matrix.org
Yes, you can use nix to read a directory's contents and use that as your secrets.nix output. I guess this would require you to touch the file first, maybe? | 12:16:04 |
| eyJhb | Because you can't edit a file, which does not exists. Or rather, when you do agenix -e somefile.age, it will try to find the file in the secrets.nix file, and THEN IF it is in there, you can edit it. Otherwise you get a "attribute missing" error. | 12:20:10 |
| 16 Sep 2024 |
|  silentlurker joined the room. | 19:56:14 |
| 17 Sep 2024 |
|  titaniumtown joined the room. | 02:46:19 |
| titaniumtown | hihihi, i am switching a ton of my stuff over to agenix. quick question though. How can I properly use a nix file as a secret. For instance. I have a wifi-passwords.nix, with declarations for each network and such. And I import it and such. But the thing is that I have to build my system, restart agenix. make sure the secret is there. and then uncomment the part referencing the secret. | 02:47:53 |
| titaniumtown | hihihi, i am switching a ton of my stuff over to agenix. quick question though. How can I properly use a nix file as a secret. For instance. I have a wifi-passwords.nix, with declarations for each network and such. And I import it and such. But the thing is that I have to build my system, restart agenix. make sure the secret is there. and then uncomment the part referencing the secret.
Is there a better way of doing this? | 02:48:00 |
| titaniumtown | hihihi, i am switching a ton of my stuff over to agenix. quick question though. How can I properly use a nix file as a secret. For instance. I have a wifi-passwords.nix, with declarations for each network and such. And I import it and such. But the thing is that I have to build my system, restart agenix. make sure the secret is there. and then uncomment the part referencing the secret.
Is there a better way of doing this?
There are some options that just require an actual string. not a file. I'm doing the best I can :( | 02:48:47 |
 K900 | You could just use git-crypt or something for those | 04:53:37 |
| K900 | Since you're doing impure anyway | 04:53:41 |
| K900 | Or just gitignore the file | 04:53:45 |
| titaniumtown | In reply to@k900:0upti.me
Or just gitignore the file yea I did that before, but then i have to copy around that nix file which is annoying, instead of having it in my dotfiles repo | 13:35:08 |
| titaniumtown | In reply to@k900:0upti.me
You could just use git-crypt or something for those haven't heard of git-crypt before. ty for the tip! | 13:35:27 |
| titaniumtown | seems this exists too! https://github.com/vlaci/git-agecrypt | 13:36:42 |
| titaniumtown | cool stuff | 13:36:43 |
| titaniumtown | In reply to@titaniumtown:envs.net
seems this exists too! https://github.com/vlaci/git-agecrypt I'm gonna switch to this. ty for the suggestion @K900! | 13:41:53 |
|  Tom (deprecated) joined the room. | 21:06:23 |
| 18 Sep 2024 |
|  rcambrj joined the room. | 07:19:12 |
| eyJhb | Is it possible for agenix just to ignore files, when it doesn't have permission (the right keys) to decrypt them? I get this error chown: cannot access '/run/agenix.d/2/zrepl-chronos': No such file or directory | 16:44:56 |
| 19 Sep 2024 |
|  @memegames99:matrix.org joined the room. | 01:52:26 |
| @memegames99:matrix.org set a profile picture. | 02:02:29 |
|  @ugp:matrix.org left the room. | 06:28:11 |
| 20 Sep 2024 |
 /madonius[er|he] | Cheers, how would you go about encrypting a binary file with agenix? | 19:45:54 |
| eyJhb | In reply to @madonius:entropia.de
Cheers, how would you go about encrypting a binary file with agenix? cat mywallpaper.jpg | agenix -e somefile.age | 19:49:38 |
| 22 Sep 2024 |
|  rane [they/them] joined the room. | 09:51:31 |
|  @rayne:spooky.computer left the room. | 10:24:46 |
| 23 Sep 2024 |
|  elikoga joined the room. | 15:30:12 |
| 26 Sep 2024 |
|  Fabián Heredia set a profile picture. | 01:16:08 |
| 27 Sep 2024 |
| elikoga set a profile picture. | 16:27:22 |
