| 14 Apr 2023 |
|  Ambroisie joined the room. | 16:37:16 |
| 15 Apr 2023 |
|  Herman left the room. | 20:53:01 |
| 16 Apr 2023 |
|  ian luo joined the room. | 02:27:57 |
|  motiejus joined the room. | 20:40:18 |
| motiejus | hi folks. I am using an agenix secret in boot.initrd.network.ssh.hostKeys, which is then picked up when generating initrd. However, initrd seems to be generated before the secrets are placed, erroring the build. Is there a way to place secrets before creating the initrd? I was looking for an "activation dependency" (TIL), but nixpkgs/nixos/modules/system/activation/top-level.nix seems to not allow such flexibility. Has anyone observed this before? | 20:45:50 |
| motiejus | or in other words, has anyone used any agenix secret in boot.initrd.*? How? | 20:46:27 |
 ryantm | https://github.com/ryantm/agenix/blob/e64961977f60388dd0b49572bb0fc453b871f896/modules/age.nix#LL256C7-L256C45
If you learn which activation scripts set up the initrd. perhaps you can add a dep to them on agenixInstall | 21:07:13 |
| ryantm | There might be some issue with the specialfs dep. Have to make sure you don't have a circular dependency | 21:07:59 |
| 17 Apr 2023 |
|  GenericNerdyUsername joined the room. | 22:56:42 |
| 18 Apr 2023 |
|  jeroen changed their display name from Jeroen Simonetti to jeroen. | 12:54:04 |
| jeroen left the room. | 15:27:15 |
| jeroen joined the room. | 16:04:35 |
| 19 Apr 2023 |
|  @pawning-cornmeal:matrix.org left the room. | 17:52:25 |
| 20 Apr 2023 |
|  Federico Damián Schonborn changed their display name from Federico Damián Schonborn to Federico Schonborn. | 01:02:34 |
| 21 Apr 2023 |
 Wanja Hentze | hey, my PR https://github.com/ryantm/agenix/pull/175 is still open, could somebody give it a look? | 11:15:01 |
| Wanja Hentze | I didn't end up finding a way to regression test it, but I'd like the fix merged anyway. Is that alright? | 11:15:27 |
|  mlyx left the room. | 13:05:57 |
| ryantm | Merged! Thanks | 14:29:24 |
| Ambroisie | Is there a way I can contribute to https://github.com/ryantm/agenix/pull/109 or would I have to create a new PR? | 18:29:26 |
| Ambroisie | I want to update it to fix some issues with it and try to get it merged | 18:29:45 |
 cole-h | You can ask them if they would give you push access to their repo, or you can ask if they would mind you opening a new PR based on their work. | 18:35:33 |
| 23 Apr 2023 |
| Ambroisie | Ended up making a new PR from scratch, as my approach diverged too much from the original PRs for home-manager integration | 16:08:11 |
| 24 Apr 2023 |
| Ambroisie | In reply to @ambroisie:belanyi.fr
Ended up making a new PR from scratch, as my approach diverged too much from the original PRs for home-manager integration Let me link to it in case people want to test drive it and/or review it | 19:18:31 |
| Ambroisie | https://github.com/ryantm/agenix/pull/180 | 19:21:44 |
| 25 Apr 2023 |
 @duponin:alternativebit.fr | 
Download ima_9063442.jpeg | 15:25:56 |
| GenericNerdyUsername | idk if this is more of a question for https://matrix.to/#/#tpm:nixos.org, but is it possible to store the agenix key in a tpm? | 21:38:30 |
| GenericNerdyUsername | Maybe encrypt the keyfile using a separate key stored on the tpm? | 21:39:03 |
| ryantm | This might be possible, but we don't have any specific support for it. | 22:38:27 |
| GenericNerdyUsername | is there some pre-activation hook i can use? | 22:38:55 |
| ryantm | If you add an activationHook to system.activationScripts.agenixNewGeneration.deps then it should run before any agenix module code runs. | 22:40:00 |
