| 22 Sep 2023 |
|  K900 ⚡️ joined the room. | 09:47:56 |
| 24 Sep 2023 |
|  t4ccer joined the room. | 06:08:48 |
|  mib 🥐 changed their profile picture. | 12:20:58 |
| 25 Sep 2023 |
 willmckinnon | hey agenix people, got another question for ya | 05:29:53 |
| willmckinnon |
| 05:29:55 |
| willmckinnon | * ❯ agenix -e willPrivateKey.age
cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory
Error: Invalid recipient '' | 05:30:00 |
| willmckinnon | * ❯ agenix -e willPrivateKey.age
cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory
Error: Invalid recipient ''
| 05:30:05 |
| willmckinnon | let
systemDesktop = builtins.readFile ../hosts/desktop/ssh_host_ed25519_key.pub;
systemSurface = builtins.readFile ../hosts/surface/ssh_host_ed25519_key.pub;
systemServer = builtins.readFile ../hosts/server/ssh_host_ed25519_key.pub;
systems = [ systemDesktop systemSurface systemServer ];
userWill = builtins.readFile ../home/id_ed25519.pub;
editors = [ userWill ];
in
{
# hashed user passwords (can be generated with `mkpasswd -m sha-512`)
"hashedRootPassword.age".publicKeys = systems ++ editors;
"hashedWillPassword.age".publicKeys = [ systemDesktop systemSurface ] ++ editors;
"willPrivateKey.age".publicKeys = [ systemDesktop systemSurface ];
}
Anyone know whats up with that error? couldn't find any related issues on github
| 05:30:33 |
| willmckinnon | the cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory appears for other secrets too, but the Error: Invalid recipient '' is new | 05:32:09 |
| willmckinnon | looks like one of my keys bad a newline that broke it, problem solved! | 05:35:17 |
| 27 Sep 2023 |
| mib 🥐 changed their display name from mib to mib 🥐. | 05:53:08 |
| 30 Sep 2023 |
|  Andreas Fjärrwall joined the room. | 21:06:14 |
| 4 Oct 2023 |
|  rickbonavigo joined the room. | 16:14:03 |
| 5 Oct 2023 |
|  pvsr joined the room. | 04:01:39 |
| 6 Oct 2023 |
|  aur3l14no joined the room. | 14:53:35 |
| aur3l14no | Hi, has anyone bumped into this error?
nix run github:ryantm/agenix -- -e nix-access-tokens.age
Error: failed to fill whole buffer
[ Did rage not do what you expected? Could an error be more useful? ]
[ Tell us: https://str4d.xyz/rage/report ]
| 14:54:44 |
| aur3l14no | In reply to @aur3l14no:matrix.org
Hi, has anyone bumped into this error?
nix run github:ryantm/agenix -- -e nix-access-tokens.age
Error: failed to fill whole buffer
[ Did rage not do what you expected? Could an error be more useful? ]
[ Tell us: https://str4d.xyz/rage/report ]
Oh... it's because I'm editing an existing empty file. The error message is a bit unhelpful. | 14:57:09 |
| 7 Oct 2023 |
|  ollijh joined the room. | 11:25:30 |
| 10 Oct 2023 |
|  daniel joined the room. | 08:18:47 |
|  Evy joined the room. | 09:53:54 |
|  fea (she/they) changed their display name from feathecutie to feathecutie (she/they). | 14:10:34 |
|  luzifer2222 joined the room. | 17:12:08 |
|  Brian Hechinger joined the room. | 20:40:45 |
| 12 Oct 2023 |
|  Edmund Miller joined the room. | 02:43:57 |
| 13 Oct 2023 |
| luzifer2222 | Hi, I have a problem to use agenix. Maybe cause I am new to all this stuff.
I am using agenix in a nix-darwin home-manager module.
flake.nix:
darwinConfigurations."macdb" = darwin.lib.darwinSystem rec {
system = "aarch64-darwin";
modules = [
{
nixpkgs.overlays = [
inputs.nixpkgs-firefox-darwin.overlay
inputs.nur.overlay
];
}
./hosts/macdb.nix
# home manager
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {inherit inputs system;};
home-manager.users."danielvonessen" = import ./home/default.nix;
}
];
specialArgs = {
inherit inputs;
};
};
inside ./home.default I import home-secrets.nix which looks like:
{config, pkgs, inputs, system,... }: {
# if you changed this key, you need to regenerate all encrypt files from the decrypt contents!
home.packages = [inputs.agenix.packages.${system}.default];
age.identityPaths = [
"/Users/danielvonessen/.ssh/dvonessen"
];
age.secrets.mysecret.file = ../secrets/secret.age;
}
I triy to use mysecret here:
{config, ...}: {
programs.git = {
enable = true;
userName = "Daniel von Eßen";
userEmail = "daniel@vonessen.eu";
extraConfig = builtins.readFile config.age.secrets.mysecret.path;
includes = [
{
contents = {
user.email = "daniel.von-essen@deutschebahn.com";
user.name = "Daniel von Eßen";
};
condition = "gitdir:~/git/dbsystel/**";
}
{
contents = {
user.email = "daniel.von-essen@deutschebahn.com";
user.name = "Daniel von Eßen";
};
condition = "gitdir:~/git/gitlab/dbsystel/**";
}
];
lfs.enable = true;
diff-so-fancy.enable = true;
};
}
But i am getting error: string '$(getconf DARWIN_USER_TEMP_DIR)/agenix/mysecret' doesn't represent an absolute path
Thank you!
| 10:59:25 |
| luzifer2222 | * Hi, I have a problem to use agenix. Maybe cause I am new to all this stuff.
I am using agenix in a nix-darwin home-manager module.
flake.nix:
darwinConfigurations."macdb" = darwin.lib.darwinSystem rec {
system = "aarch64-darwin";
modules = [
{
nixpkgs.overlays = [
inputs.nixpkgs-firefox-darwin.overlay
inputs.nur.overlay
];
}
./hosts/macdb.nix
# home manager
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {inherit inputs system;};
home-manager.users."MYUSER" = import ./home/default.nix;
}
];
specialArgs = {
inherit inputs;
};
};
inside ./home.default I import home-secrets.nix which looks like:
{config, pkgs, inputs, system,... }: {
# if you changed this key, you need to regenerate all encrypt files from the decrypt contents!
home.packages = [inputs.agenix.packages.${system}.default];
age.identityPaths = [
"/Users/MYUSER/.ssh/dvonessen"
];
age.secrets.mysecret.file = ../secrets/secret.age;
}
I triy to use mysecret here:
{config, ...}: {
programs.git = {
enable = true;
userName = "MYUSER";
userEmail = "MYUSER@MAIL";
extraConfig = builtins.readFile config.age.secrets.mysecret.path;
includes = [
{
contents = {
user.email = "RANDOM MAIL";
user.name = "RANDOM USER";
};
condition = "gitdir:~/git/dir/**";
}
{
contents = {
user.email = "Random";
user.name = "RANDOM";
};
condition = "gitdir:~/git/gitlab/dir/**";
}
];
lfs.enable = true;
diff-so-fancy.enable = true;
};
}
But i am getting error: string '$(getconf DARWIN_USER_TEMP_DIR)/agenix/mysecret' doesn't represent an absolute path
Thank you!
| 11:00:43 |
| aur3l14no left the room. | 13:15:39 |
 ryantm | luzifer2222: You're doing the readFile anti-pattern https://github.com/ryantm/agenix#builtinsreadfile-anti-pattern | 22:20:48 |
| Evy left the room. | 22:24:24 |
| 14 Oct 2023 |
| luzifer2222 | ryantm yes, I know. As far as I did understand, that would "copy" the decrypted file into the nix store.
That is not a problem at all. I want to use agenix to encrypt some parts of my configuration just to be able to upload them to github/gitlab.
But I also get the error message, if i try home.file."foobar.txt".source = config.age.secrets.mysecret.path.
Maybe I have a wrong understanding of agenix's functionality. | 04:50:43 |
