| 25 Apr 2025 |
 @mynacol:mynacol.xyz | Hello everyone, I just tried to create a secret where the filename starts with a dash (-) for reasons, but that unfortunately doesn't work. The relevant error message is basename: invalid option -- 'd'. Is there a known workaround? | 20:19:14 |
 eyJhb | In reply to @mynacol:mynacol.xyz
Hello everyone, I just tried to create a secret where the filename starts with a dash (-) for reasons, but that unfortunately doesn't work. The relevant error message is basename: invalid option -- 'd'. Is there a known workaround? Making a file without a dash at the start! /s - But most likely its something that should be fixed in the code/module. It shouldn't treat filenames with dashes at the start like arguments. Can you create an issue for it? | 21:07:44 |
| @mynacol:mynacol.xyz | I actually got to the bottom of it: https://github.com/ryantm/agenix/issues/325 | 21:25:56 |
| eyJhb | I think most of these places should just have e.g. basename -- "$FILE" instead, and it would be solved. Still no clue why you want files to begin with a dash :p | 21:27:44 |
| @mynacol:mynacol.xyz | Basename explicitly does not seem to allow this syntax XD | 21:29:32 |
| @mynacol:mynacol.xyz | The reason was I did a bit nix foo to make two rather complex attrsets based on a single string and this string should now also be empty, leaving a leading dash in the generated age file path | 21:30:53 |
| 26 Apr 2025 |
 mmkaram | would anyone know how to access an agenix decrypted file in home manager, for things in my configuration.nix file I use config.age.secrets.whatever but I've been told I shouldn't pass config into my home.nix file
| 06:58:20 |
 K900 | You use the agenix HM module | 07:00:30 |
| K900 | And then use HM's config | 07:00:36 |
| mmkaram | so use
age.secrets = {};
in my home.nix?
| 07:01:24 |
| mmkaram | how would I access those variables in other parts of my home.nix
| 07:01:54 |
| mmkaram | again I'm used to the config.age.secrets syntax
| 07:02:11 |
| K900 | You use config.age.secrets | 07:05:47 |
| K900 | Where config is passed down from HM | 07:05:54 |
| K900 | You don't need to do that explicitly | 07:06:11 |
| mmkaram | seriously? my lsp says it can't find config which checks out because it's not an input to the home function
| 07:07:01 |
| K900 | You add it as an argument | 07:07:15 |
| mmkaram | okaaaay, and I can access the path from that I think, config.age.secrets.whatever.path
| 07:11:33 |
| mmkaram | how would I get what's actually in the value | 07:11:51 |
| mmkaram | builtins.readFile?
| 07:11:56 |
| K900 | That would entirely break the security model of agenix | 07:12:22 |
| mmkaram | right yeah that makes sense | 07:12:35 |
| K900 | The whole point of agenix is that your secrets are never visible at eval time | 07:12:36 |
| mmkaram | realized that after I wrote that message | 07:12:59 |
| mmkaram | how do most people go about reading the value | 07:13:08 |
| K900 | You don't | 07:13:12 |
| K900 | You need the application to read that file at runtime | 07:13:20 |
| K900 | Somehow | 07:13:26 |
| K900 | How exactly depends on the application | 07:13:34 |
| mmkaram | interesting | 07:14:31 |
