Merge branch 'fix-sops-age-keyfile'
This commit is contained in:
commit
07042daa14
GPG key ID:
0FA60884F75520A9
1 changed files with 8 additions and 0 deletions
8
tide.nix
8
tide.nix
|
|
@ -20,6 +20,14 @@
|
|||
# the file is absent, which is the right place for that failure.
|
||||
sops.validateSopsFiles = false;
|
||||
|
||||
# Use the host's age key generated with age-keygen, not the
|
||||
# SSH-host-key-derived identity sops-nix falls back to by default.
|
||||
# The encrypted file's recipient is the public key paired with
|
||||
# this private key.
|
||||
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
|
||||
sops.age.sshKeyPaths = [ ];
|
||||
sops.gnupg.sshKeyPaths = [ ];
|
||||
|
||||
sops.secrets."tide-env" = {
|
||||
sopsFile = ./secrets/tide.yaml;
|
||||
# phpfpm reads this via EnvironmentFile, which runs as root
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue