Document sops usage in Readme
This commit is contained in:
19
Readme.org
19
Readme.org
@ -12,3 +12,22 @@ The structure is managed by [[https://snowfall.org/guides/lib/quickstart/][Snowf
|
|||||||
and [[file:flake.nix]] was symlinked to file:~/.config/home-manager/flake.nix
|
and [[file:flake.nix]] was symlinked to file:~/.config/home-manager/flake.nix
|
||||||
|
|
||||||
For deployment!!
|
For deployment!!
|
||||||
|
|
||||||
|
* Secrets management with sops
|
||||||
|
Full documentation here: https://github.com/Mic92/sops-nix
|
||||||
|
|
||||||
|
** Edit secrets
|
||||||
|
#+begin_src sh
|
||||||
|
sops edit secrets/secrets.yaml
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
** Authorize new device
|
||||||
|
- Generate public key from ssh -> Private age key generation not needed
|
||||||
|
#+begin_src sh
|
||||||
|
ssh-to-age < /etc/ssh/ssh_host_ed25519_key
|
||||||
|
#+end_src
|
||||||
|
- Add age public key to file:.sops.yaml
|
||||||
|
- Update keys
|
||||||
|
#+begin_src sh
|
||||||
|
sops updatekeys secrets/*
|
||||||
|
#+end_src
|
||||||
|
|||||||
Reference in New Issue
Block a user