| 8 Jun 2024 |
 conr | In reply to @ryantm:matrix.org
Secrets are files. Not strings. You can save json to a file. It sounds like maybe you're trying to use secrets at eval time which is not how this works. When does it evaluate them, on build? | 00:56:07 |
 ryantm | At evaluation time you can access the file path they will be decrypted to upon activation. | 01:06:48 |
| conr | In reply to @ryantm:matrix.org
At evaluation time you can access the file path they will be decrypted to upon activation. if i wanted to store multiple secrets in one file and encrypt to import to the configuration.nix, would i need to save it as a .nix file before encrypting it? | 19:47:46 |
 @r522:matrix.org | In reply to @conr:mozilla.org
if i wanted to store multiple secrets in one file and encrypt to import to the configuration.nix, would i need to save it as a .nix file before encrypting it? don't store multiple secrets in one file | 19:59:00 |
| @r522:matrix.org | make a file per secret | 19:59:05 |
| @r522:matrix.org | it's decrypted after your system is built
as in, when it boots it's decrypted, not when it's built | 19:59:32 |
| @r522:matrix.org | so .nix doesn't exist at that point | 19:59:39 |
| conr | In reply to @r522:matrix.org
make a file per secret so everytime i want to import a secret to a configuration, i need to make a file? like wireguard private key or a port number? just one string per file? | 20:01:26 |
| @r522:matrix.org | string per file, yes
(port number isn't a secret but i assume that was just an example) | 20:02:08 |
| conr | In reply to @r522:matrix.org
string per file, yes
(port number isn't a secret but i assume that was just an example) well if i want to have a unique port for my wireguard configuration, how would i not show it in my public github repo? | 20:03:29 |
| @r522:matrix.org | i mean there's only 2^16 port numbers
someone knowing your wireguard port number isn't security relevant | 20:04:31 |
| @r522:matrix.org | that's offtopic tho mb | 20:04:49 |
| conr | or public IP? | 20:05:14 |
| conr | * ok, how about a public IP? | 20:05:24 |
| 10 Jun 2024 |
 [0x4A6F] | Better example would be PII data. | 18:58:19 |
| [0x4A6F] | You could try some ways mentioned in https://pad.lassul.us/NixOS-secrets | 19:02:20 |
| 13 Jun 2024 |
|  @errornointernet:envs.net left the room. | 09:32:39 |
| 14 Jun 2024 |
 hexa | ran into https://github.com/ryantm/agenix/pull/187 with another fresh user, that wants initrd ssh | 12:13:06 |
| hexa | ryantm: can you say whether you will have spoons to look into that, or whether you'll defer to nathan's review | 12:13:39 |
| ryantm | Merged it. Thanks! | 13:18:22 |
| hexa | appreciated! | 13:18:38 |
| 16 Jun 2024 |
|  Secirian set a profile picture. | 07:46:43 |
| 17 Jun 2024 |
| Secirian changed their profile picture. | 09:20:02 |
| 19 Jun 2024 |
|  Zach joined the room. | 21:24:20 |
| 22 Jun 2024 |
|  parasew | CDC changed their display name from parasew | CDC ☎️ 7549 to parasew | CDC. | 15:07:43 |
| 23 Jun 2024 |
|  redbeardymcgee joined the room. | 09:44:39 |
| 24 Jun 2024 |
|  @dclmatrix:matrix.org removed their profile picture. | 05:28:22 |
| @dclmatrix:matrix.org removed their display name blu3. | 05:28:28 |
| @dclmatrix:matrix.org left the room. | 05:28:33 |
| 26 Jun 2024 |
|  roshan | byteio.in 🌷 changed their display name from theDev.one 🌷 to roshan | byteio.in 🌷. | 15:32:10 |
