yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

vars: allow setting files as needed for activation

Browse Source
This commit is contained in:
lassulus
2024-12-18 15:09:20 +01:00
parent 695ec0b71c
commit 70ff7fcc2f
9 changed files with 50 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/site/manual/secrets.md
View File

@@ -23,12 +23,12 @@ clan secrets list
A NixOS machine will automatically import all secrets that are encrypted for the
current machine. At runtime it will use the host key to decrypt all secrets into
an in-memory, non-persistent filesystem using [sops-nix](https://github.com/Mic92/sops-nix).
an in-memory, non-persistent filesystem using [sops-nix](https://github.com/Mic92/sops-nix).
In your nixos configuration you can get a path to secrets like this `config.sops.secrets.<name>.path`. For example:
```nix
{ config, ...}: {
sops.secrets.my-password.neededForUsers = true;
sops.secrets.my-password.neededFor = "users";
users.users.mic92 = {
isNormalUser = true;