-
Notifications
You must be signed in to change notification settings - Fork 119
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User-specific secrets not working with erase-your-darlings configuration #263
Comments
How have you configured |
I've not made any modifications to that setting. I have both fileSystems = {
"/home" = {
device = old;
fsType = "btrfs";
options = [ "subvol=home" ] ++ commonOptions;
};
"/etc/ssh" = {
device = main;
fsType = "btrfs";
options = [ "subvol=ssh" ] ++ commonOptions;
neededForBoot = true;
};
# ...
}; Would I still need to change |
Host keys are default identities; if you need something else, you have to configure it. |
i have this error too, the first time i'm trying to push configs into a brand new vm. I know that my ssh keys are correct. |
Hi!
I'm having problems doing
nixos-rebuild switch
when I have a secret that is encrypted for a specific user. This is on my system with erase-your-darlings enabled. I get the following error when tryingsudo nixos-rebuild switch --flake .
:I've tried exactly the same on another system, without erase-your-darlings, and there it works fine. The error also goes away if I add the system itself to
secrets.nix
(in addition to the user).I have tried adding
neededForBoot = true;
to my/home
filesystem, so that it will be available "early enough", but it doesn't make a difference.Does anyone know how I can solve this, or how I can enable more debug logs to maybe get better clues? Is the error happening because agenix cannot find the private key for the user?
The text was updated successfully, but these errors were encountered: