| 26 Feb 2023 |
 michaelsmitth | Error: Permission denied (os error 13)
[ Did rage not do what you expected? Could an error be more useful? ]
[ Tell us: https://str4d.xyz/rage/report
| 19:27:51 |
 ryantm | Try using -v to see what is failing | 19:28:56 |
| michaelsmitth | The output is quite cryptic | 19:29:47 |
| michaelsmitth | When I run with sudo:
/nix/store/smy2vqg1mg2nfwmcx2yqyr7af82cfdac-agenix-0.13.0/bin/agenix: line 162: EDITOR: unbound variable
| 19:30:42 |
| michaelsmitth | So that seems to work, but the EDITOR environment variable causes some trouble | 19:32:12 |
 cole-h | Try `sudo -E` | 19:33:02 |
| michaelsmitth | $HOME ('/home/user') is not owned by you, falling back to the one defined in the 'passwd' file ('/root')
Do i need chown 777?
| 19:33:44 |
| michaelsmitth | but weird that it is not owned by me | 19:34:16 |
| michaelsmitth |
- without capital
E it works. -e
| 19:36:20 |
| michaelsmitth | So it seems like I can edit all the files like this ryantm:
sudo -e nix run github:ryantm/agenix -- -e mainserver-user-password.age -i /etc/ssh/ssh_host_ed25519_key
| 19:37:47 |
| ryantm | Nice. I'm glad this edge case works somehow. | 19:38:46 |
| michaelsmitth | I just wonder how I am able to edit the ones from the mainserver | 19:39:03 |
| michaelsmitth | because:
let
mainpc = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6Tk94ilarqQZZ36ZWEi5U14nQwS/bqHkkTt7BOWxX0 root@mainpc";
mainserver = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHugugwi3IeKQ74mNbP50YrU9gfspmhgUWF7WDTCrjo3 root@mainserver";
systems = [ mainpc mainserver ];
in
{
"mainpc-root-password.age".publicKeys = [ mainpc ];
"mainpc-user-password.age".publicKeys = [ mainpc ];
"mainserver-root-password.age".publicKeys = [ mainserver ];
"mainserver-user-password.age".publicKeys = [ mainserver ];
"mainserver-postgres-password.age".publicKeys = [ mainserver ];
}
because I did not give permission
| 19:40:07 |
| michaelsmitth | * because:
let
mainpc = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL6Tk94ilarqQZZ36ZWEi5U14nQwS/bqHkkTt7BOWxX0 root@mainpc";
mainserver = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHugugwi3IeKQ74mNbP50YrU9gfspmhgUWF7WDTCrjo3 root@mainserver";
systems = [ mainpc mainserver ];
in
{
"mainpc-root-password.age".publicKeys = [ mainpc ];
"mainpc-user-password.age".publicKeys = [ mainpc ];
"mainserver-root-password.age".publicKeys = [ mainserver ];
"mainserver-user-password.age".publicKeys = [ mainserver ];
"mainserver-postgres-password.age".publicKeys = [ mainserver ];
}
I did not give mainpc permission to do that
| 19:40:26 |
| ryantm | If you look at the .age file in a text editor you can see what identities can decrypt the file. | 19:41:43 |
| michaelsmitth | I think there is something wrong with the command above. Because when executing it, all I see is the OpenSSH private key. Not the real contents | 19:42:45 |
| michaelsmitth | * I think there is something wrong with the command above. Because when executing it, all I see is my OpenSSH private key. Not the real contents | 19:42:58 |
| michaelsmitth | * I think there is something wrong with the command above. Because when executing it, all I see is my OpenSSH private key. Not the real contents of the .age file | 19:43:07 |
| michaelsmitth | In reply to @cole-h:matrix.org
Try `sudo -E` Okay, this works. | 19:44:14 |
| michaelsmitth | Only for the permitted ones | 19:44:25 |
| michaelsmitth | Well now when I add the user again, rekey and enter my passphrase I get the error: No matching keys found | 19:54:55 |
 johndoe1308 | In reply to @ryantm:matrix.org
I feel you. The docs and set up are built up on an understanding of how SSH keys are distributed and if you don't come with that knowledge it is going to be hard mode! I should try to write a from scratch tutorial. I think you should definitely do that. I personally also had a really hard time to understand it and get up and running for multiple machines. The docs kind of assume that you have a lot of prior knowledge. That is how i personally felt about it. And it seems like I am not the only one | 21:03:54 |
| 1 Mar 2023 |
|  Fabián Heredia changed their display name from fabianhjr to Fabián Heredia. | 06:05:27 |
|  Dom H joined the room. | 09:25:26 |
| 2 Mar 2023 |
|  Robert Michael removed their profile picture. | 13:16:54 |
| 4 Mar 2023 |
| ryantm | I'm considering dropping the github readme in favor of this for the docs https://ryantm.github.io/agenix/#introduction any feedback would be helpful. | 22:48:42 |
 Ilan Joselevich (Kranzes) | I don't like the idea of getting rid of the github readme | 23:34:55 |
| ryantm | I should probably say my reason for doing it. I feel like the readme file is getting too big and I want to add a new tutorial to it. | 23:38:51 |
| Ilan Joselevich (Kranzes) | add hyperlinks to other readme's inside the repo | 23:45:04 |
| Ilan Joselevich (Kranzes) | tutorials | 23:45:53 |
