From 7412d355acc2eae4a0b9857d94393a0e12e1b4ed Mon Sep 17 00:00:00 2001 From: Emile Date: Mon, 25 Mar 2024 15:33:18 +0100 Subject: description for the secret bootstraping problem --- secrets.nix | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'secrets.nix') diff --git a/secrets.nix b/secrets.nix index 1a625d3..67bf9b9 100644 --- a/secrets.nix +++ b/secrets.nix @@ -5,6 +5,12 @@ # nix eval --impure --expr 'import ./secrets.nix' +# As we're generating the secret.nix, we have a bootstrapping problem: +# agenix assumes that the to be generated secret is present in the +# secret.nix file, but we've not created it yet. +# Due to this, we've got a "new" file in the secrets directory that can be used +# and renamed afterwards + let pubkeysFor = directory: let -- cgit 1.4.1