1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00

feat: switch to local agenix-rekey storage mode

This commit is contained in:
oddlama 2024-02-26 16:45:32 +01:00
parent 124e1c289f
commit 040c2177bc
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
146 changed files with 794 additions and 11 deletions

View file

@ -21,12 +21,10 @@
extraEncryptionPubkeys
;
# This is technically impure, but intended. We need to rekey on the
# current system due to yubikey availability.
forceRekeyOnSystem = builtins.extraBuiltins.unsafeCurrentSystem;
hostPubkey = config.node.secretsDir + "/host.pub";
storageMode = "local";
generatedSecretsDir = inputs.self.outPath + "/secrets/generated/${config.node.name}";
cacheDir = "/var/tmp/agenix-rekey/\"$UID\"";
localStorageDir = inputs.self.outPath + "/secrets/rekeyed/${config.node.name}";
};
age.generators.basic-auth = {