On Sun, 12 Jun 2016 12:34:21 +0200 Michal Rus <[email protected]> wrote: > in my nixos-config, I’ve got wifi-passwords.nix.gpg (the rest of the > config is publicly available), and what I’d like to do is: > > import ./wifi-passwords.nix.gpg; > > Or: > > imports = [ ./wifi-passwords.nix.gpg ]; > > … somewhere in configuration.nix. And when issuing `nixos-rebuild > switch`, GnuPG would be used to decrypt the file. > > How can I achieve that? Was this discussed before (I can’t find any > mentions)? May I post a feature request in an issue or will it be > rejected? > > This seems like a useful feature and I have quite a few other uses for > it besides Wi-Fi passwords. Currently, I’m using gpg manually, though, > and that’s asking for errors.
I will be doing similar stuff soon, until now my config(1) has no secrets. But once it gets, I will be using git-crypt(2). Only have to deal with what happens when the import is not working due to encrypted contents… But having the encryption in nix itself and maybe even encryption in the nix store would certainly be desirable. - Arnold (1) https://github.com/kampfschlaefer/nixconfig (2) https://github.com/AGWA/git-crypt
signature.asc
Description: PGP signature
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
