Tools, scripts, and configurations for my machines. * Secret management with =agenix= We use =agenix= to manipulate our secrets. ** Create a new secret To create a new secret: #+begin_src sh cd ../secrets agenix -e .age #+end_src ** Manage the secrets In [[file+sys:../secrets/secrets.nix][secrets.nix]] you need to add the secret and who need to have access to it. In the configuration for one of the host, you'll then need to add: #+begin_src nix age.secrets.restic = { file = ../../../secrets/restic-backups.age; owner = "root"; group = "root"; path = "/etc/restic/secret"; mode = "600"; }; #+end_src ** Edit secrets This is the easiest command to work with 1password: #+begin_src sh agenix -e restic-backups.age -i (op read "op://Personal/nixos/private key?ssh-format=openssh"|psub) #+end_src * Services ** ddns-updater This service runs on =vm-synology=. There's a web UI accessible at http://vm-synology:8000