.chezmoiignore not behaving as expected

[ckt114]

What exactly are you trying to do?

I'm using gpg to encrypt files from different machines and using .chezmoiignore to manage it on different machine but it kept on trying to manage the ignored file on the machine that it's not suppose to manage.

1. I've added and encrypted a file on my work machine using chezmoi add --encrypt ~/.keys/work.asc.key
2. Added below code to ~/.local/share/chezmoi/.chezmoiignore. I do have .work in my data b/c I use it in other templates and they are working as expected

   {{ if not .work }}
   .keys/work.asc.key
   {{ end }}

3. On my personal machine when I do chezmoi apply -v it throws the error below.

   gpg: encrypted with RSA key, ID 13961E73C7D4A6BE
   gpg: encrypted with RSA key, ID 208C9DCB4A1A87CD
   gpg: public key decryption failed: No secret key
   gpg: decryption failed: No secret key
   chezmoi: exit status 2

What have you tried so far?

Tried different patterns but none works.

Where else have you checked for solutions?

• [x] I have read chezmoi's user guide, and not found the answer.
• [x] I have searched chezmoi's reference guide, and not found the answer.
• [ ] Other, please give details.

Output of any commands you've tried with --verbose flag

$ chezmoi --verbose apply

Output of chezmoi doctor

```console $ chezmoi doctor RESULT CHECK MESSAGE warning version v2.33.6, built by nixpkgs warning latest-version v2.34.2 ok os-arch linux/amd64 (NixOS 23.05 (Stoat)) ok uname Linux hx90 6.1.34 #1-NixOS SMP PREEMPT_DYNAMIC Wed Jun 14 09:15:34 UTC 2023 x86_64 GNU/Linux ok go-version go1.20.4 (gc) ok executable /nix/store/87q8ggvqgq7r9bsyy1xh4s9h4hf4b4i7-chezmoi-2.33.6/bin/chezmoi ok upgrade-method sudo-upgrade-package ok config-file ~/.config/chezmoi/chezmoi.yaml, last modified 2023-06-28T21:22:43-04:00 ok source-dir ~/.local/share/chezmoi is a git working tree (clean) ok suspicious-entries no suspicious entries ok working-tree ~/.local/share/chezmoi is a git working tree (clean) ok dest-dir ~ is a directory ok umask 022 ok cd-command found /run/current-system/sw/bin/zsh ok cd-args /run/current-system/sw/bin/zsh info diff-command not set ok edit-command found /run/current-system/sw/bin/nvim ok edit-args /run/current-system/sw/bin/nvim ok git-command found /run/current-system/sw/bin/git, version 2.40.1 ok merge-command found /run/current-system/sw/bin/vimdiff ok shell-command found /run/current-system/sw/bin/zsh ok shell-args /run/current-system/sw/bin/zsh info age-command age not found in $PATH ok gpg-command found /run/current-system/sw/bin/gpg, version 2.4.0 info pinentry-command not set info 1password-command op not found in $PATH info bitwarden-command bw not found in $PATH info dashlane-command dcli not found in $PATH info gopass-command gopass not found in $PATH info keepassxc-command keepassxc-cli not found in $PATH info keepassxc-db not set info keeper-command keeper not found in $PATH info lastpass-command lpass not found in $PATH info pass-command pass not found in $PATH info passhole-command ph not found in $PATH info rbw-command rbw not found in $PATH info vault-command vault not found in $PATH info secret-command not set ```

Additional context

That file shouldn't be managed on my personal machine so chezmoi shouldn't try to talk to pgp.

[twpayne]

What is the output of the following commands or each machine?

chezmoi ignored

chezmoi managed | grep key

chezmoi apply --debug ~/.keys/work.asc.key

[ckt114]

Thanks for the pointer, @twpayne. I had .chezmoiroot with home so that's why it didn't work. Putting .chezmoiignore into home works.

[twpayne]

Fantastic! Glad this is solved :)