dotfiles

wanderer/dotfiles

Fork 0

Commit Graph

Author	SHA1	Message	Date
leo	4b4d93888c	secrets: update infra-vars	2023-07-03 15:21:40 +02:00
leo	beeff9db75	homeage: add secrets * infra backend * infra vars * general envs this way, secrets are only ever stored on the system (including the nix store) in an encrypted form in ${XDG_RUNTIME_DIR}.	2023-06-27 22:29:00 +02:00
surtur	62518f7ad7	home-manager: start using homeage, sops the workflow is as follows: * age is used to manually encrypt e.g the sops keys file so it can securely be stored in git * homeage decrypts the file and symlinks it where sops expects it to be present. decrypted, which it will be, but it will in fact be residing in $XDG_RUNTIME_DIR (which should be tmpfs) and only be symlinked to $HOME/... * sops can from then on be used to manage arbitrary secrets as usual	2022-09-10 21:19:32 +02:00

Author

SHA1

Message

Date

leo

4b4d93888c

secrets: update infra-vars

2023-07-03 15:21:40 +02:00

leo

beeff9db75

homeage: add secrets

* infra backend
* infra vars
* general envs

this way, secrets are only ever stored on the system (including the nix
store) in an encrypted form in ${XDG_RUNTIME_DIR}.

2023-06-27 22:29:00 +02:00

surtur

62518f7ad7

home-manager: start using homeage, sops

the workflow is as follows:
  * age is used to manually encrypt e.g the sops keys file so it can
    securely be stored in git
  * homeage decrypts the file and symlinks it where sops expects it to
    be present. decrypted, which it will be, but it will in fact be
    residing in $XDG_RUNTIME_DIR (which *should* be tmpfs) and only be
    symlinked to $HOME/...
  * sops can from then on be used to manage arbitrary secrets as usual

2022-09-10 21:19:32 +02:00

3 Commits