[Nix-dev] Importing a .nix.gpg file?
Arnold Krille
arnold at arnoldarts.de
Mon Jun 13 22:10:44 CEST 2016
On Sun, 12 Jun 2016 12:34:21 +0200 Michal Rus <m at michalrus.com> wrote:
> in my nixos-config, I’ve got wifi-passwords.nix.gpg (the rest of the
> config is publicly available), and what I’d like to do is:
>
> import ./wifi-passwords.nix.gpg;
>
> Or:
>
> imports = [ ./wifi-passwords.nix.gpg ];
>
> … somewhere in configuration.nix. And when issuing `nixos-rebuild
> switch`, GnuPG would be used to decrypt the file.
>
> How can I achieve that? Was this discussed before (I can’t find any
> mentions)? May I post a feature request in an issue or will it be
> rejected?
>
> This seems like a useful feature and I have quite a few other uses for
> it besides Wi-Fi passwords. Currently, I’m using gpg manually, though,
> and that’s asking for errors.
I will be doing similar stuff soon, until now my config(1) has no
secrets. But once it gets, I will be using git-crypt(2). Only have to
deal with what happens when the import is not working due to encrypted
contents…
But having the encryption in nix itself and maybe even encryption in
the nix store would certainly be desirable.
- Arnold
(1) https://github.com/kampfschlaefer/nixconfig
(2) https://github.com/AGWA/git-crypt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160613/3108f766/attachment.sig>
More information about the nix-dev
mailing list