[prev in list] [next in list] [prev in thread] [next in thread]
List: nix-dev
Subject: Re: [Nix-dev] Importing a .nix.gpg file?
From: Arnold Krille <arnold () arnoldarts ! de>
Date: 2016-06-13 20:10:44
Message-ID: 20160613221044.25c29bf7 () xingu ! arnoldarts ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
On Sun, 12 Jun 2016 12:34:21 +0200 Michal Rus <m@michalrus.com> wrote:
> in my nixos-config, I've got wifi-passwords.nix.gpg (the rest of the
> config is publicly available), and what I'd like to do is:
>
> import ./wifi-passwords.nix.gpg;
>
> Or:
>
> imports = [ ./wifi-passwords.nix.gpg ];
>
> … somewhere in configuration.nix. And when issuing `nixos-rebuild
> switch`, GnuPG would be used to decrypt the file.
>
> How can I achieve that? Was this discussed before (I can't find any
> mentions)? May I post a feature request in an issue or will it be
> rejected?
>
> This seems like a useful feature and I have quite a few other uses for
> it besides Wi-Fi passwords. Currently, I'm using gpg manually, though,
> and that's asking for errors.
I will be doing similar stuff soon, until now my config(1) has no
secrets. But once it gets, I will be using git-crypt(2). Only have to
deal with what happens when the import is not working due to encrypted
contents…
But having the encryption in nix itself and maybe even encryption in
the nix store would certainly be desirable.
- Arnold
(1) https://github.com/kampfschlaefer/nixconfig
(2) https://github.com/AGWA/git-crypt
["signature.asc" (application/pgp-signature)]
_______________________________________________
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic