20 Sep 2024 |
/madonius[er|he] | Cheers, how would you go about encrypting a binary file with agenix? | 19:45:54 |
eyJhb | In reply to @madonius:entropia.de Cheers, how would you go about encrypting a binary file with agenix? cat mywallpaper.jpg | agenix -e somefile.age | 19:49:38 |
22 Sep 2024 |
| rane [they/them] joined the room. | 09:51:31 |
| @rayne:spooky.computer left the room. | 10:24:46 |
23 Sep 2024 |
| elikoga joined the room. | 15:30:12 |
26 Sep 2024 |
| Fabián Heredia set a profile picture. | 01:16:08 |
27 Sep 2024 |
| elikoga set a profile picture. | 16:27:22 |
1 Oct 2024 |
| -_o joined the room. | 21:02:32 |
4 Oct 2024 |
Ilan Joselevich (Kranzes) | https://github.com/ryantm/agenix/pull/255 | 21:59:42 |
Ilan Joselevich (Kranzes) | Can we get this merged? | 21:59:48 |
| @dminca:matrix.org left the room. | 22:09:45 |
5 Oct 2024 |
martijn | Hey there, does someone have a working git submodule for secrets? I'm trying to have my secrets in a private Github repository but with flakes the directory in the store doesn't include the submodule | 10:13:54 |
martijn | So it'll complain about not finding /secrets in /nix/store/{hash}-source . I've tried using sudo nixos-rebuild switch --flake '.?submodules=1#host' but it gives the same error | 10:17:58 |
7 Oct 2024 |
| @memegames99:matrix.org removed their profile picture. | 00:05:37 |
| @memegames99:matrix.org removed their display name memegames99. | 00:05:48 |
| @memegames99:matrix.org left the room. | 00:06:04 |
| Sam Lehman changed their profile picture. | 14:24:17 |
8 Oct 2024 |
| @reese:cyberia.club left the room. | 00:38:37 |
9 Oct 2024 |
| john joined the room. | 01:20:36 |
10 Oct 2024 |
| p4cmanus3r joined the room. | 13:25:03 |
13 Oct 2024 |
| martijn changed their profile picture. | 11:24:04 |
| martijn changed their profile picture. | 11:24:20 |
15 Oct 2024 |
| dish [Fox/It/She] changed their display name from Pyrox [ It/She/They/Xem ] to dish [Fox/It/She]. | 03:20:53 |
17 Oct 2024 |
goodlander | So if I'm deploying on a new machine, can I seed that machine with a host key before even installing? How do people handle this? | 16:40:15 |
19 Oct 2024 |
uep | How are you installing? SSH host keys are generated on server start if they don't already exist, so you can just generate one first. Say, in the /mnt/etc/ssh directory after you've prepared filesystems, before running nixos-install . | 23:03:38 |
uep | * How are you installing? SSH host keys are generated on server start if they don't already exist, so you can just generate one first. Say, in the /mnt/etc/ssh directory after you've prepared filesystems, before running nixos-install , from the installer live-cd/usb boot | 23:04:01 |
uep | Or you can generate it elsewhere even earlier, but I don't really recommend that because you have to handle the secret, rather than just generate it on the host where it belongs as private state | 23:06:12 |
21 Oct 2024 |
goodlander | I'm open to an opinionated setup that makes things easier but for my first time spreading my flake to a second host I just connected the nvme drive to my nixos laptop with a usb controller. I thought I could partition the drive, setup luks, setup btrfs and swap, generate the config, generate a new host key in /etc/ssh, parse for the correct public key and uuid info and then nixos-install --flake /path/to/flake#host | 20:54:52 |
goodlander | I ended up generating the config and doing a basic install though and then rebuilding to my flake once the drive was in the new machine | 20:55:54 |
goodlander | would love to be able to get the one step install going though | 20:56:54 |