mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

docs: show how to setup nix-plugins

Browse source
This commit is contained in:
oddlama 2023-03-15 01:54:02 +01:00
parent b03c913349
commit 32e346be56
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

18
README.md
View file

@ -1,3 +1,17 @@
Infrastructure. This is my personal nix config.
Encrypt secrets using `rage -e -R secrets/recipients.txt plaintext > secret.age`. - Secrets can be created/edited by running `nix run .#edit-secret some/secret.age`
- Secrets can be rekeyed by running `nix run .#rekey` (you will be prompted to do so in an error message if neccessary)
To be able to decrypt the repository-wide secrets transparently on a host that
is _not_ managed by this config, you will need to <sub>(be me and)</sub> run
all commands using these extra parameters, or permanently add the following the system's `nix.conf`:
1. Get nix-plugins: `NIX_PLUGINS=$(nix build --print-out-paths --no-link nixpkgs#nix-plugins)`
2. Run all commands with `--option plugin-files "$NIX_PLUGINS"/lib/nix/plugins --option extra-builtins-file ./nix/extra-builtins.nix`
or permantently
```nix
plugin-files = <copy path from $NIX_PLUGINS>/lib/nix/plugins
extra-builtins-file = /path/to/nix-config/nix/extra-builtins.nix
```