1
1
mirror of https://github.com/divnix/digga.git synced 2024-12-23 16:11:51 +03:00
This commit is contained in:
Pacman99 2022-02-17 19:12:30 +00:00
parent d18d72f7f5
commit 620deffdb9
4 changed files with 4 additions and 4 deletions

View File

@ -770,7 +770,7 @@ to easily setup those secret files declaratively.</p>
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository. <p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
Age files are encrypted with multiple ssh public keys, so any host or user with a Age files are encrypted with multiple ssh public keys, so any host or user with a
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
encrypted files to the nix store and decrypt them on activation to <code>/run/secrets</code>.</p> encrypted files to the nix store and decrypt them on activation to <code>/run/agenix</code>.</p>
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3> <h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p> <p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys. <p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -147,7 +147,7 @@ to easily setup those secret files declaratively.</p>
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository. <p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
Age files are encrypted with multiple ssh public keys, so any host or user with a Age files are encrypted with multiple ssh public keys, so any host or user with a
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
encrypted files to the nix store and decrypt them on activation to <code>/run/secrets</code>.</p> encrypted files to the nix store and decrypt them on activation to <code>/run/agenix</code>.</p>
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3> <h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p> <p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys. <p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.