Hi Kevin, I'm very curious how you setup sensitive information using deployment.keys This still seems like the best option to do this, but I failed to get it working..
Could you be so kind to post a small example, showing how you define the keys and use them in functions that generate eg. a config file? Kind regards, Erik On Thu, Jun 9, 2016 at 4:30 PM Kevin Cox <[email protected]> wrote: > On 09/06/16 10:21, 4levels wrote: > > Hi Nix Devs, > > > > I've tried using the deployment.keys but that seems to be only there for > > user accounts and not for custom configurations. As I need multiple > > keys for each platform (eg. symfony, wordpress - cipher, key, database > > password, admin user password etc etc) it seems that deployment.keys > > will not work for this purpose. > > > > I don't know what you mean by "only there for user accounts". I use > deployment.keys for most of the things you describe and it works fine. > > > I'm now resorting to using builtins.readFile and creating separate files > > for the passwords in a folder I can then encrypt with git-crypt. > > This way I'm also able to use conflicting nix characters in the > > passwords as well. > > This seems like a different issue. Are you talking about keeping the > keys private in the configuration or on the server (or both)? > > Although for keeping the keys private in the config I use git-crypt as > well. I have a directory called "secrets" that I store the files in. > Some I keep as text files and read using `builtins.readFile` and some I > leave as nix expressions and simply import them. > > > > > As a last question here I was wondering if there's a way to strip > > trailing newlines when reading files with builtins.readFile as my IDE > > keeps adding a newline at the end of each file when saving. I'll post a > > new message here for this request as this is not relevant in this topic > > > > Text files have newlines at the end 😉 > > You can use lib.removeSuffix to drop that newline if it's a problem. > > Hope that helps, Kevin > >
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
