about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-03-06 19:39:56 -0800
committerFranck Cuny <franck@fcuny.net>2023-03-10 18:18:40 -0800
commitb18af2146a9110ae3a47cc490bbbad39a94351a6 (patch)
tree12245338ff29dae7af7a1d90cc29a9d347510fe6
parenthome/git: diff the content for age encrypted files (diff)
downloadworld-b18af2146a9110ae3a47cc490bbbad39a94351a6.tar.gz
modules/secrets: use age keys for agenix' identity
I'll re-key all my secrets with age keys instead of using ssh keys. This
change is to specify the path for the identities when agenix decrypts
the secrets.
-rw-r--r--modules/secrets/default.nix7
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix
index 2d8998a..f0befea 100644
--- a/modules/secrets/default.nix
+++ b/modules/secrets/default.nix
@@ -38,7 +38,10 @@ in
           (import secretsFile)
       else
         { };
-    identityPaths = options.age.identityPaths.default ++ (filter pathExists
-      [ "${config.users.users.fcuny.home}/.ssh/id_ed25519" ]);
+
+    identityPaths = [
+      "/root/.age/key.txt"
+      "${config.users.users.fcuny.home}/.age/key.txt"
+    ];
   };
 }