Closed ambroisie closed 1 year ago
I'm curious if anyone has tried this on a machine where they have both system wide secrets and user level secrets. I can't make agenix.nixosModules.age
and agenix.homeManagerModules.age
work together. I'm not sure why.
@happysalada I believe this is done in the tests IIRC? I haven't checked though.
nixos tests only test for one user on the home-manager tests it seems https://github.com/ryantm/agenix/blob/main/test/integration.nix#L49
Well yes, but that is testing systemd-wide secrets and user-level secrets on the same host.
Anecdotally, it works on my machine ™️.
This is to update and fix the issues I saw in 1 and 2.
Using a service definition instead of an activation script should resolve the issue about the secrets disappearing after rebooting.
Removed the
user
andgroup
option as they do not make sense to me for a home-manager module, which should target a single user. They can always be added back if somebody comes screaming.This is somewhat modeled after sops-nix's own module 3.