mirror of
https://github.com/divnix/digga.git
synced 2024-12-23 16:11:51 +03:00
deploy: 74ce47c69d
This commit is contained in:
parent
d18d72f7f5
commit
620deffdb9
@ -770,7 +770,7 @@ to easily setup those secret files declaratively.</p>
|
|||||||
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
|
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
|
||||||
Age files are encrypted with multiple ssh public keys, so any host or user with a
|
Age files are encrypted with multiple ssh public keys, so any host or user with a
|
||||||
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
|
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
|
||||||
encrypted files to the nix store and decrypt them on activation to <code>/run/secrets</code>.</p>
|
encrypted files to the nix store and decrypt them on activation to <code>/run/agenix</code>.</p>
|
||||||
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
|
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
|
||||||
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
|
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
|
||||||
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.
|
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.
|
||||||
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
@ -147,7 +147,7 @@ to easily setup those secret files declaratively.</p>
|
|||||||
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
|
<p><a href="https://github.com/ryantm/agenix">agenix</a> encrypts secrets and stores them as .age files in your repository.
|
||||||
Age files are encrypted with multiple ssh public keys, so any host or user with a
|
Age files are encrypted with multiple ssh public keys, so any host or user with a
|
||||||
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
|
matching ssh private key can read the data. The <a href="https://github.com/ryantm/agenix/blob/master/modules/age.nix">age module</a> will add those
|
||||||
encrypted files to the nix store and decrypt them on activation to <code>/run/secrets</code>.</p>
|
encrypted files to the nix store and decrypt them on activation to <code>/run/agenix</code>.</p>
|
||||||
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
|
<h3 id="setup"><a class="header" href="#setup">Setup</a></h3>
|
||||||
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
|
<p>All hosts must have openssh enabled, this is done by default in the core profile.</p>
|
||||||
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.
|
<p>You need to populate your <code>secrets/secrets.nix</code> with the proper ssh public keys.
|
||||||
|
Loading…
Reference in New Issue
Block a user