Merge pull request #395 from pub-solar/refactor/remove-git-crypt
Remove git crypt, update docs
This commit is contained in:
commit
fca9289eec
|
@ -1,11 +1,8 @@
|
|||
# Secrets
|
||||
Secrets are managed using [git-crypt][git-crypt] and [agenix][agenix]
|
||||
Secrets are managed using [agenix][agenix]
|
||||
so you can keep your flake in a public repository like GitHub without
|
||||
exposing your password or other sensitive data.
|
||||
|
||||
By default, everything in the secrets folder is automatically encrypted. Just
|
||||
be sure to run `git-crypt init` before putting anything in here.
|
||||
|
||||
## Agenix
|
||||
Currently, there is [no mechanism][secrets-issue] in nix itself to deploy secrets
|
||||
within the nix store because it is world-readable.
|
||||
|
@ -104,7 +101,6 @@ secrets get decrypted. You can learn about them by looking at the
|
|||
> You can take a look at the [agenix repository][agenix] for more information
|
||||
> about the tool.
|
||||
|
||||
[git-crypt]: https://github.com/AGWA/git-crypt
|
||||
[agenix]: https://github.com/ryantm/agenix
|
||||
[age module]: https://github.com/ryantm/agenix/blob/master/modules/age.nix
|
||||
[secrets-issue]: https://github.com/NixOS/nix/issues/8
|
||||
|
|
4
secrets/.gitattributes
vendored
4
secrets/.gitattributes
vendored
|
@ -1,4 +0,0 @@
|
|||
* filter=git-crypt diff=git-crypt
|
||||
.gitattributes !filter !diff
|
||||
secrets.nix !filter !diff
|
||||
README.md !filter !diff
|
|
@ -30,10 +30,6 @@ in
|
|||
unset _PATH
|
||||
'');
|
||||
|
||||
packages = with pkgs; [
|
||||
git-crypt
|
||||
];
|
||||
|
||||
commands = with pkgs; [
|
||||
(devos nixUnstable)
|
||||
(devos agenix)
|
||||
|
|
Loading…
Reference in a new issue