| 7 Sep 2024 |
 K900 | That's not really an agenix thing | 14:00:31 |
| K900 | It's a flakes thing | 14:00:37 |
 /madonius[er|he] | understood, first time I stumble over it | 14:00:50 |
| 9 Sep 2024 |
|  @beat_link:matrix.org left the room. | 18:44:02 |
| 11 Sep 2024 |
|  @pascal.dietrich:mintux.de left the room. | 20:21:00 |
| 12 Sep 2024 |
|  goodlander joined the room. | 02:40:18 |
| goodlander | Hi all! Question: can I use agenix to encrypt arbitrary data? Say I want to encrypt a wallpaper of a family photo that I want to include with my flake bu would rather not upload to Github in the clear. | 04:02:10 |
| K900 | Yes | 04:05:44 |
| goodlander | How is this done? | 04:15:28 |
| K900 | Oh yeah I guess it's kinda tricky with the CLI | 04:16:03 |
| K900 | You can encrypt it yourself with raw age | 04:16:09 |
| goodlander | ok let me see if I can figure that out | 04:20:08 |
 eyJhb | agenix -e somefile.age <<< mywallpaper.jpg | 07:01:42 |
| eyJhb | ? | 07:01:43 |
| eyJhb | goodlander: tagging you in case you don't get notifications. Might work. :) | 07:21:39 |
| goodlander | In reply to @eyjhb:eyjhb.dk
goodlander: tagging you in case you don't get notifications. Might work. :) This just encrypted the string "mywallpaper.jpg" however this did appear to work:
cat mywallpaper.jpg | agenix -e somefile.age | 15:26:59 |
| eyJhb | Eh, I guess I fucked my brackets up. Thought I would be cool with my <<< :D Glad it worked out however. | 15:40:59 |
| goodlander | Now that I'm trying to do a rebuild I get this:
error: access to absolute path '/run/agenix/mywallpaper' is forbidden in pure eval mode (use '--impure' to override) | 18:56:59 |
|  @thedragon44:matrix.org joined the room. | 23:14:56 |
| 13 Sep 2024 |
 ryantm | Sounds like you're using the path as a file as the input to some builder. You should only use it as a string. | 00:57:24 |
|  @42398234iuodfhjkdsfjdsfsdffgs:matrix.org joined the room. | 09:28:37 |
|  Alper Çelik joined the room. | 14:20:58 |
| Alper Çelik | hello is it fine to store encrypted secrets on a public github repo ? | 14:22:51 |
| K900 | Yes | 14:36:58 |
| ryantm | Depends on your threat model. | 14:49:27 |
| 14 Sep 2024 |
|  Mahmoud changed their profile picture. | 11:30:48 |
| 15 Sep 2024 |
| eyJhb | Surely I'll not be the first one to do this. I have an existing setup of gpg keys, that I have backed up various places. I would like to use my gpg keys w/ agenix, in case I loose my ssh key. So, my thinking is to generate a age key, encrypt that with my gpg key, and place inside the repo. So in case I fuck something up, I can always decrypt it, and get access to my secrets. Does this sound 100% idiotic? Am I missing something? | 10:42:49 |
| eyJhb | * Surely I'll not be the first one to do this. I have an existing setup of gpg keys, that I have backed up various places. I would like to use my gpg keys w/ agenix, in case I lose my ssh key. So, my thinking is to generate a age key, encrypt that with my gpg key, and place inside the repo. So in case I fuck something up, I can always decrypt it, and get access to my secrets. Does this sound 100% idiotic? Am I missing something? | 10:45:51 |
| K900 | I don't think that sounds completely insane but also yuck | 10:46:19 |
| eyJhb | Perfect, that's just what I was going for. | 10:47:23 |
