Merge pull request #395 from pub-solar/refactor/remove-git-crypt

Remove git crypt, update docs
This commit is contained in:
Timothy DeHerrera 2021-11-13 14:09:09 -07:00 committed by GitHub
commit fca9289eec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 1 additions and 13 deletions

View file

@ -1,11 +1,8 @@
# Secrets
Secrets are managed using [git-crypt][git-crypt] and [agenix][agenix]
Secrets are managed using [agenix][agenix]
so you can keep your flake in a public repository like GitHub without
exposing your password or other sensitive data.
By default, everything in the secrets folder is automatically encrypted. Just
be sure to run `git-crypt init` before putting anything in here.
## Agenix
Currently, there is [no mechanism][secrets-issue] in nix itself to deploy secrets
within the nix store because it is world-readable.
@ -104,7 +101,6 @@ secrets get decrypted. You can learn about them by looking at the
> You can take a look at the [agenix repository][agenix] for more information
> about the tool.
[git-crypt]: https://github.com/AGWA/git-crypt
[agenix]: https://github.com/ryantm/agenix
[age module]: https://github.com/ryantm/agenix/blob/master/modules/age.nix
[secrets-issue]: https://github.com/NixOS/nix/issues/8

View file

@ -1,4 +0,0 @@
* filter=git-crypt diff=git-crypt
.gitattributes !filter !diff
secrets.nix !filter !diff
README.md !filter !diff

View file

@ -30,10 +30,6 @@ in
unset _PATH
'');
packages = with pkgs; [
git-crypt
];
commands = with pkgs; [
(devos nixUnstable)
(devos agenix)