Commit Graph

3 Commits

Author SHA1 Message Date
leo
4b4d93888c
secrets: update infra-vars 2023-07-03 15:21:40 +02:00
leo
beeff9db75
homeage: add secrets
* infra backend
* infra vars
* general envs

this way, secrets are only ever stored on the system (including the nix
store) in an encrypted form in ${XDG_RUNTIME_DIR}.
2023-06-27 22:29:00 +02:00
62518f7ad7
home-manager: start using homeage, sops
the workflow is as follows:
  * age is used to manually encrypt e.g the sops keys file so it can
    securely be stored in git
  * homeage decrypts the file and symlinks it where sops expects it to
    be present. decrypted, which it will be, but it will in fact be
    residing in $XDG_RUNTIME_DIR (which *should* be tmpfs) and only be
    symlinked to $HOME/...
  * sops can from then on be used to manage arbitrary secrets as usual
2022-09-10 21:19:32 +02:00