-
### Describe the bug
After bumping systemd from 253.6 to 254.3, a oneshot service using credentials no longer starts:
```
Oct 01 12:15:59 azazel systemd[1]: Starting Wallabag install service...…
-
It would be nice to be able to rekey a single secret -- just run across this while modifying the list of pubkeys that could access a single secret in a shared directory with other machines' secrets.
…
-
As a part of trying to make nixAccessToken via secret file working, I reverted to create ~/.config/nix/nix.conf via home-manager and moved the logic to home.nix. As soon as you add `agenix.homeManager…
-
**Feature Proposed**
Allow reading `token` and `local_private_key` from separate files.
**Use Case**
Currently users have to choose between either storing the whole config file securely or ass…
-
In example configuration where you e.g. want to set an SSHD for an onion service, but don't want the people to know the onion url:
```nix
{ config, ... }:
{
age.secrets.SYSTEM-onion = {
…
-
I was trying to use [age-plugin-yubikey](https://github.com/str4d/age-plugin-yubikey) with `rage` to create a key that doesn't live on my file system. This works, but not completely conveniently all t…
-
Lots of config options can be in a public GitHub repository but not everything.
For example, users and passwords for a Jellyfin config.
How do people handle automating secrets in NixOS?
-
I put my flake.nix under `/etc/nixos`, as this is where the `sudo nixos-rebuild switch` default to. However, when I try to update the flake inputs by `nh os switch --update`, it successfully pulls the…
-
Since `/etc/ssh/` is on the tmpfs, the VM generates a new ssh key-pair every time is gets rebooted.
I tried to create a virtiofsd share for `/etc/ssh` to keep the keys on the host system, but that ma…
-
When doing a rebuild that causes network connectivity to go down (temporarily), then the activationScript used by opnix will fail, causing the activation to fail.
This can be worked around by deployi…