Comments (5)
There is no home-manager module right now, but I would accept pull requests if they also come with a NixOS test for regression testing.
from sops-nix.
How would this look? I believe most home-manager modules are implemented in home-manager itself, rather than downstream.
A flakes implementation would probably need to output something like a homeManagerModule
, but that's not an official output spec, and it'd be the first such. Home manager itself currently is also just starting to support flakes, so I'm not sure how happy upstream would be to support something like that.
I'd like to see some code sharing between this and a potential home manager module, and I'm interested in implementing it, I'm just not sure how it would best fit. Is it maybe better to start this discussion upstream?
from sops-nix.
How would this look? I believe most home-manager modules are implemented in home-manager itself, rather than downstream.
A flakes implementation would probably need to output something like a
homeManagerModule
, but that's not an official output spec, and it'd be the first such. Home manager itself currently is also just starting to support flakes, so I'm not sure how happy upstream would be to support something like that.
I am aware of one flake-based home-manager module: https://github.com/vlaci/nix-doom-emacs#getting-started I would open an issue within the home-manager project to specify what flake attribute. Ideally this would be document somewhere in the README/documentation to manifest a standard.
I'd like to see some code sharing between this and a potential home manager module, and I'm interested in implementing it, I'm just not sure how it would best fit. Is it maybe better to start this discussion upstream?
I think home-manager also has activation scripts that can be hooked. One can obviously not use the host ssh key because it won't be readable to the user. However one can specify alternative ssh key directories i.e. $HOME/.ssh/id_rsa if it does not have password protection or a gnupg directory. For integration tests the home-assistant module could be added to a nixos configuration and tested in a nixos test.
from sops-nix.
I think the issue opened by @berbiche answers my question then :)
I agree on $HOME/.ssh/id_rsa
(with a configuration option), since this is a home configuration after all, those should be represented by the user ssh keys.
from sops-nix.
I think the issue opened by @berbiche answers my question then :)
I agree on
$HOME/.ssh/id_rsa
(with a configuration option), since this is a home configuration after all, those should be represented by the user ssh keys.
Many people will have a password for this file so, which we don't support. Hence I would force the user to make a decision which key to use, so they could do a different key in theory. Also using gnupg becomes more attractive again since the user running the activation and the owner of the gnupg directory should match in this case.
from sops-nix.
Related Issues (20)
- Sops nix as a home-manager module does not create a symlink HOT 22
- Is there a technical reason why yaml aliases are expanded at encryption time? HOT 1
- encrypted yaml with lists sops nixos HOT 2
- [Feature?] Use from devShell flake with direnv HOT 3
- support encrypting plain passwords for hashedPasswordFiles HOT 5
- Binary data embedded in yaml secret file causes template rendering error
- error: attribute 'placeholder' missing HOT 3
- Bug: Failed to set user authorized SSH key file from secret HOT 4
- setting owner and group seems not to work for ids HOT 8
- How to have secrets accessible to multiple services? HOT 1
- hangs on boot when GPG key missing HOT 2
- Activation fails with "not a directory" if a file becomes a directory
- close
- README: example links to removed file HOT 1
- sops-nix failing to switch Home Manager configuration on NixOS 23.11 HOT 23
- sops-nix systemd user unit is failing to start HOT 1
- Can't generate age.keyFile if age.generateKey = true for HM module
- Need help with the config in home-manager HOT 1
- Encryption subkey
- error: attribute 'hasStorePathPrefix' missing HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sops-nix.