mirror of
https://github.com/oddlama/nix-config.git
synced 2025-10-11 07:10:39 +02:00
feat: switch to local agenix-rekey storage mode
This commit is contained in:
parent
124e1c289f
commit
040c2177bc
146 changed files with 794 additions and 11 deletions
|
@ -21,12 +21,10 @@
|
|||
extraEncryptionPubkeys
|
||||
;
|
||||
|
||||
# This is technically impure, but intended. We need to rekey on the
|
||||
# current system due to yubikey availability.
|
||||
forceRekeyOnSystem = builtins.extraBuiltins.unsafeCurrentSystem;
|
||||
hostPubkey = config.node.secretsDir + "/host.pub";
|
||||
storageMode = "local";
|
||||
generatedSecretsDir = inputs.self.outPath + "/secrets/generated/${config.node.name}";
|
||||
cacheDir = "/var/tmp/agenix-rekey/\"$UID\"";
|
||||
localStorageDir = inputs.self.outPath + "/secrets/rekeyed/${config.node.name}";
|
||||
};
|
||||
|
||||
age.generators.basic-auth = {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue