diff options
| author | Franck Cuny <franck@fcuny.net> | 2023-03-06 19:39:56 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2023-03-10 18:18:40 -0800 |
| commit | b18af2146a9110ae3a47cc490bbbad39a94351a6 (patch) | |
| tree | 12245338ff29dae7af7a1d90cc29a9d347510fe6 /modules | |
| parent | home/git: diff the content for age encrypted files (diff) | |
| download | world-b18af2146a9110ae3a47cc490bbbad39a94351a6.tar.gz | |
modules/secrets: use age keys for agenix' identity
I'll re-key all my secrets with age keys instead of using ssh keys. This change is to specify the path for the identities when agenix decrypts the secrets.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/secrets/default.nix | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index 2d8998a..f0befea 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -38,7 +38,10 @@ in (import secretsFile) else { }; - identityPaths = options.age.identityPaths.default ++ (filter pathExists - [ "${config.users.users.fcuny.home}/.ssh/id_ed25519" ]); + + identityPaths = [ + "/root/.age/key.txt" + "${config.users.users.fcuny.home}/.age/key.txt" + ]; }; } |