| 18 Dec 2022 |
 dasj19 | i run on the unstable branch | 22:36:39 |
 ryantm | system.activationScripts.debug.{ text = "set -x; echo "DEBUG PASSWORDFILE";cat /run/agenix/daniel-password"; deps = "agenixInstall"; }
system.activationScripts.users.deps = [ "debug" ];
| 22:37:58 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo "DEBUG PASSWORDFILE";cat /run/agenix/daniel-password"; deps = "agenixInstall"; }
system.activationScripts.users.deps = [ "debug" ];
| 22:38:12 |
| dasj19 | ok, i'll give that a try | 22:38:23 |
| ryantm | That should cat your password file after agenix installs it but before the users script runs. | 22:38:39 |
| dasj19 | had to fix a semicolon and change quotes to single quotes:
but still get: error: A definition for option system.activationScripts.debug.deps' is not of type list of string'. Definition values:
- In `/etc/nixos/configuration.nix': "agenixInstall" | 22:41:38 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo 'DEBUG PASSWORDFILE';cat /run/agenix/daniel-password"; deps = [ "agenixInstall" ]; }
system.activationScripts.users.deps = [ "debug" ];
| 22:42:12 |
| ryantm | Thanks, I fixed it above too. | 22:42:18 |
| ryantm | * system.activationScripts.debug = { text = "set -x; echo 'DEBUG PASSWORDFILE';cat /run/agenix/daniel-password"; deps = [ "agenixInstall" ]; };
system.activationScripts.users.deps = [ "debug" ];
| 22:42:30 |
| dasj19 | this is in the result:
- echo 'DEBUG PASSWORDFILE'
DEBUG PASSWORDFILE
- cat /run/agenix/daniel-password
$6$HgyUnbDcnnfRn4Ox$Ttzd6kxqrt2ZoutO.kfEXWzc4zCDCXYwHKN5X4NyB/scHOrWKoYbHQhuxtjI1tq8BRHn5Avxcgim5FHoNv90R1+ (( _localstatus > 0 ))
| 22:43:59 |
| dasj19 | so the secret gets decrypted correctly but does not end in the /etc/shadow | 22:45:13 |
| dasj19 | I am doing a system update and see if the issue persists | 22:47:08 |
| ryantm | ok, seems like everything is working... | 22:47:26 |
| dasj19 | system update did not help, i'll try on another system tomorrow, can't think of anything else i can try | 22:51:14 |
| ryantm | dasj19: aside from editing the perl script, me neither. | 22:51:37 |
| dasj19 | ok, but you can confirm that the current way of doing it is the right approach | 22:52:44 |
| dasj19 | thanks a lot for assistance, i have to go to bed soon | 22:53:58 |
| ryantm | Yes. | 22:58:49 |
| ryantm | Of course I can't see your whole configuration files, so there might be something obviously bad lurking. | 22:59:13 |
| 19 Dec 2022 |
|  lgcl (they/them) changed their profile picture. | 13:45:44 |
| 20 Dec 2022 |
| dasj19 | ryantm: I have spinned up a virtual machine with latest nixos unstable and followed the readme file present on the github project and I end up in the same situation. So it can't just be my old config that is wrong, it must be something I do or something in the unstable branch | 22:14:05 |
| 21 Dec 2022 |
 gador | Did you try it without agenix and a plain test file with the password in it? Just to rule out an agenix problem here? | 05:08:58 |
| ryantm | ☝️dasj19 | 18:16:02 |
| 22 Dec 2022 |
|  null_radix joined the room. | 08:48:08 |
| null_radix | hello, I have a directory with 100+ files that each contain a secret. Is it possible just to encrypt the entire dir, instead of each individual file? | 08:49:28 |
| ryantm | null_radix: you could first tar it the encrypt that | 13:30:27 |
| ryantm | * null_radix: you could first tar it then encrypt that | 13:30:44 |
| dasj19 | ryantm: I ended up deleting my user entry in /etc/shadow and then rebuilt, and everything looks normal now. Got inspired from: https://github.com/NixOS/nixpkgs/issues/99433 . So it wasnt a specific agenix issue but rather a issue with the user update script | 13:59:43 |
| null_radix | In reply to @ryantm:matrix.org
null_radix: you could first tar it then encrypt that how would you untar them? would you use system.activationScripts? | 17:15:37 |
| null_radix | its for a service so maybe a systemd service makes more sense | 17:16:03 |
