diff options
| author | Franck Cuny <franck@fcuny.net> | 2023-03-06 19:39:56 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2023-03-10 18:18:40 -0800 |
| commit | b18af2146a9110ae3a47cc490bbbad39a94351a6 (patch) | |
| tree | 12245338ff29dae7af7a1d90cc29a9d347510fe6 | |
| parent | home/git: diff the content for age encrypted files (diff) | |
| download | infra-b18af2146a9110ae3a47cc490bbbad39a94351a6.tar.gz | |
modules/secrets: use age keys for agenix' identity
I'll re-key all my secrets with age keys instead of using ssh keys. This
change is to specify the path for the identities when agenix decrypts
the secrets.
| -rw-r--r-- | modules/secrets/default.nix | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/modules/secrets/default.nix b/modules/secrets/default.nix index 2d8998a..f0befea 100644 --- a/modules/secrets/default.nix +++ b/modules/secrets/default.nix @@ -38,7 +38,10 @@ in (import secretsFile) else { }; - identityPaths = options.age.identityPaths.default ++ (filter pathExists - [ "${config.users.users.fcuny.home}/.ssh/id_ed25519" ]); + + identityPaths = [ + "/root/.age/key.txt" + "${config.users.users.fcuny.home}/.age/key.txt" + ]; }; } |