`age.identityPaths` still up to date?

TornaxO7 commented 8 months ago

Hi! The section about age.identityPaths says:

(...) The list items should be strings ("/path/to/id_rsa"), not nix paths (../path/to/id_rsa), as the latter would copy your private key to the nix store, which is the exact situation agenix is designed to avoid. (...)

but I'm getting the following error message with:

    age.identityPaths = [ "test" ];

error:
       … while checking flake output 'nixosConfigurations'

         at /nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/flake.nix:45:7:

           44|     {
           45|       nixosConfigurations = {
             |       ^
           46|         pc = init_system {

       … while checking the NixOS configuration 'nixosConfigurations.pc'

         at /nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/flake.nix:46:9:

           45|       nixosConfigurations = {
           46|         pc = init_system {
             |         ^
           47|           configuration = ./nixos-configurations/pc/default.nix;

       (stack trace truncated; use '--show-trace' to show the full trace)

       error: A definition for option `age.identityPaths."[definition 1-entry 1]"' is not of type `path'. Definition values:
       - In `/nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/secrets/default.nix': "test"

ambroisie commented 7 months ago

IIRC the path type checks if the string starts with a leading /. So "/test" should work.

TornaxO7 commented 7 months ago

hm... but does that mean that I have to use absolute paths?

ambroisie commented 7 months ago

Well yes, otherwise what are your paths relative to?

TornaxO7 commented 7 months ago

hm... ok, maybe I can create an absolute with the help of self.

Thank you for the information! :)

ryantm / agenix

`age.identityPaths` still up to date? #218