about summary refs log tree commit diff
path: root/modules
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-03-06 19:39:56 -0800
committerFranck Cuny <franck@fcuny.net>2023-03-10 18:18:40 -0800
commitb18af2146a9110ae3a47cc490bbbad39a94351a6 (patch)
tree12245338ff29dae7af7a1d90cc29a9d347510fe6 /modules
parenthome/git: diff the content for age encrypted files (diff)
downloadworld-b18af2146a9110ae3a47cc490bbbad39a94351a6.tar.gz
modules/secrets: use age keys for agenix' identity
I'll re-key all my secrets with age keys instead of using ssh keys. This
change is to specify the path for the identities when agenix decrypts
the secrets.
Diffstat (limited to '')
-rw-r--r--modules/secrets/default.nix7
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix
index 2d8998a..f0befea 100644
--- a/modules/secrets/default.nix
+++ b/modules/secrets/default.nix
@@ -38,7 +38,10 @@ in
           (import secretsFile)
       else
         { };
-    identityPaths = options.age.identityPaths.default ++ (filter pathExists
-      [ "${config.users.users.fcuny.home}/.ssh/id_ed25519" ]);
+
+    identityPaths = [
+      "/root/.age/key.txt"
+      "${config.users.users.fcuny.home}/.age/key.txt"
+    ];
   };
 }