Clarity as to where sops looks for files

This commit is contained in:
Lillian Violet 2024-02-22 14:56:45 +01:00
parent a824b3c1a4
commit cd29e813f3

View file

@ -7,11 +7,12 @@ The configuration of different NixOS hosts using flakes and home-manager. It is
## Building and deploying the configuration ## Building and deploying the configuration
If you do not have my private age key, the first step is to add your age keyfile to the /var/secrets folder with the name "keys.txt", in my case an age private key. If you don't have have an age private key you can generate one with the command If you do not have my private age key, the first step is to add your age keyfile to the /var/secrets folder with the name "keys.txt", in my case an age private key. If you don't have have an age private key you can generate one with the command
``age-keygen -o /var/secrets/keys.txt``
``age-keygen -o ~/.config/sops/age/keys.txt`` and copying this file to ``/var/secrets/``
**Note: make sure this key is not readable by normal users, I made it owned by root, and gave the file 400 (read only for user) permissions. eg: ``chown 400 /var/secrets/keys.txt``** **Note: make sure this key is not readable by normal users, I made it owned by root, and gave the file 400 (read only for user) permissions. eg: ``chown 400 /var/secrets/keys.txt``**
if you don't want to use sops remove the import from the configuration files; the import can be found under if you don't want to use [Sops](https://github.com/Mic92/sops-nix) secret management remove the import from the configuration files; the import can be found under
``hosts/shared/default.nix`` ``hosts/shared/default.nix``
Upon any of the above changes; also remove/replace the secret files, they can be found under the host configuration folders in Upon any of the above changes; also remove/replace the secret files, they can be found under the host configuration folders in