Переглядів 1,252
Part 2 of 3 in my series on secrets management in NixOS using sops-nix as a part of a nix-config. The series covers information about sops, generating keys, storing secrets, programmatic access, and storing secrets in private repository separate from your main, nix-config repo.
OUTLINE
00:10 sops.nix
2:08 extracting msmtp credentials
3:11 extracting a user password
4:40 home-level ssh private key extraction
5:30 side note on managing public ssh keys in my nix-config
6:30 building the config
7:13 confirming secrets extraction
8:04 how to handle sops-nix.service failure during home-manager switch
8:55 managing access keys
OTHER VIDEOS IN THIS SERIES
Part 1: • NixOS Secrets Manageme...
Part 3: • NixOS Secrets Manageme...
ADDITIONAL MATERIAL
- My nix-config on GitHub: github.com/EmergentMind/nix-c...
- A related article on my website Unmoved Centre: unmovedcentre.com/technology/...
CONNECT
- Subscribe to this UKposts channel
- My website: www.unmovedcentre.com
- X / Twitter: / emergent_mind
- GitHub: github.com/EmergentMind
- GitLab: gitlab.com/emergentmind
EXTERNAL REFERENCES
- sops-nix: github.com/Mic92/sops-nix
- age file encryption: github.com/FiloSottile/age
Note: I discovered after recording audio that "age" in this case is the Italian word for needles is pronounced with a hard "g". translate.google.com/?sl=it&t...