| 22 Sep 2023 |
 uep | You can generate a host key (ssh or otherwise) and use that, without needing to have ssh service running all the time | 05:03:39 |
 willmckinnon | Yup! Thats what I had been doing, just hadnt realized we needed to explicity specify its location (and that it had to be used over a user key) | 05:04:30 |
| uep | good pickup that this is why the path doesn't exist (and there's probably not a system key to use at all yet) | 05:04:42 |
| willmckinnon | one more question, more about nix probably and less about agenix
let
systemServer = builtins.readFile ../hosts/server/ssh_host_ed25519_key.pub;
in
{
"rootPassword.age".publicKeys = [ systemServer ];
}
results in error: cannot convert a thunk to JSON. Where am I going wrong here? For organization I thought id store my public host keys in a folder along with the host config
| 05:05:36 |
| uep | you probably want to put that in a string context to make it evaluate … = [ "${systemServer}" ] | 05:07:25 |
| uep | but I'm not sure exacrl | 05:07:31 |
| uep | * but I'm not sure exactly | 05:07:34 |
| willmckinnon | hmm still getting the same error, maybe ill try in the nixos matrix room | 05:08:25 |
| willmckinnon | thanks anyway! | 05:08:28 |
 stelcodes | Is that text in a file called secrets.nix in the cwd? I don't see anything wrong with that code. | 05:21:26 |
| uep | likely answer has been found in the main channel, I'll let willmckinnon relay back here | 05:25:17 |
| uep | makes sense to me though | 05:25:32 |
| uep | as for the confusion about the purpose of adding user keys, I wonder if calling the variable editors rather than users in the example config would help ? | 05:28:09 |
| willmckinnon | fix here: https://github.com/ryantm/agenix/pull/202 | 05:35:40 |
| willmckinnon | In reply to @uep:matrix.org
as for the confusion about the purpose of adding user keys, I wonder if calling the variable editors rather than users in the example config would help ? I think that would be more clear | 05:35:57 |
|  K900 ⚡️ joined the room. | 09:47:56 |
| 24 Sep 2023 |
|  t4ccer joined the room. | 06:08:48 |
|  mib 🥐 changed their profile picture. | 12:20:58 |
| 25 Sep 2023 |
| willmckinnon | hey agenix people, got another question for ya | 05:29:53 |
| willmckinnon |
| 05:29:55 |
| willmckinnon | * ❯ agenix -e willPrivateKey.age
cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory
Error: Invalid recipient '' | 05:30:00 |
| willmckinnon | * ❯ agenix -e willPrivateKey.age
cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory
Error: Invalid recipient ''
| 05:30:05 |
| willmckinnon | let
systemDesktop = builtins.readFile ../hosts/desktop/ssh_host_ed25519_key.pub;
systemSurface = builtins.readFile ../hosts/surface/ssh_host_ed25519_key.pub;
systemServer = builtins.readFile ../hosts/server/ssh_host_ed25519_key.pub;
systems = [ systemDesktop systemSurface systemServer ];
userWill = builtins.readFile ../home/id_ed25519.pub;
editors = [ userWill ];
in
{
# hashed user passwords (can be generated with `mkpasswd -m sha-512`)
"hashedRootPassword.age".publicKeys = systems ++ editors;
"hashedWillPassword.age".publicKeys = [ systemDesktop systemSurface ] ++ editors;
"willPrivateKey.age".publicKeys = [ systemDesktop systemSurface ];
}
Anyone know whats up with that error? couldn't find any related issues on github
| 05:30:33 |
| willmckinnon | the cp: cannot stat '/tmp/tmp.EMmS36qdhI/willPrivateKey.age': No such file or directory appears for other secrets too, but the Error: Invalid recipient '' is new | 05:32:09 |
| willmckinnon | looks like one of my keys bad a newline that broke it, problem solved! | 05:35:17 |
| 27 Sep 2023 |
| mib 🥐 changed their display name from mib to mib 🥐. | 05:53:08 |
| 30 Sep 2023 |
|  Andreas Fjärrwall joined the room. | 21:06:14 |
| 4 Oct 2023 |
|  rickbonavigo joined the room. | 16:14:03 |
| 5 Oct 2023 |
|  pvsr joined the room. | 04:01:39 |
| 6 Oct 2023 |
|  aur3l14no joined the room. | 14:53:35 |
