Rob: thank you!
This might be what I'm looking for, I'll try that.
2016-05-12 15:45 GMT+01:00 Tomasz Czyż :
> Igor posted some solution to have persistant keys few days back:
> https://www.mail-archive.com/nix-dev@lists.science.uu.nl/msg18995.html
>
> Worth to adding to
Igor posted some solution to have persistant keys few days back:
https://www.mail-archive.com/nix-dev@lists.science.uu.nl/msg18995.html
Worth to adding to docs?
2016-05-12 15:31 GMT+01:00 Graham Christensen :
>
>
> On Thu, May 12, 2016 at 4:43 AM, Rob Vermaas
On Thu, May 12, 2016 at 4:43 AM, Rob Vermaas wrote:
>
> Note
> that this is a location on a tmpfs, so if you want to have it on a
> persistent disk, you'll need to copy it to a location of your
> choosing.
>
This seems like a good candidate note to have in the
Hi Tomasz,
> I wanted to deploy some secrets/certificates to machines and I'm not sure
> how to do that. I would like to avoid storing those in nix store. Is there
> any way to deploy secrets to machines and not use nix store?
>
> I know there is solution to deploy disk encryption keys which is
You're right! I didn't entirely think that one through, shouldn't reply to
emails before my morning cup of coffee ;)
Ollie
On Thu, May 12, 2016 at 9:48 AM Peter Simons wrote:
> Hi Oliver,
>
> > One option is to introduce these credentials as parameters to your
> network
Hi Oliver,
> One option is to introduce these credentials as parameters to your network
> evaluation:
>
> { secretCertificate }:
> {
> web = { ... } : ...
> }
>
> Then you will need to set this parameter when you do deployments in order to
> evaluate the network expression and perform
Hi Tomasz,
One option is to introduce these credentials as parameters to your network
evaluation:
{ secretCertificate }:
{
web = { ... } : ...
}
Then you will need to set this parameter when you do deployments in order
to evaluate the network expression and perform deployments. You could
Hi all NixOps users and devs.
I wanted to deploy some secrets/certificates to machines and I'm not sure
how to do that. I would like to avoid storing those in nix store. Is there
any way to deploy secrets to machines and not use nix store?
I know there is solution to deploy disk encryption keys