`age.identityPaths` still up to date?

Question

`age.identityPaths` still up to date?

TornaxO7 opened this issue a year ago · 4 comments

Hi!
The section about age.identityPaths says:

(...) The list items should be strings ("/path/to/id_rsa"), not nix paths (../path/to/id_rsa), as the latter would copy your private key to the nix store, which is the exact situation agenix is designed to avoid. (...)

but I'm getting the following error message with:

    age.identityPaths = [ "test" ];

error:
       … while checking flake output 'nixosConfigurations'

         at /nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/flake.nix:45:7:

           44|     {
           45|       nixosConfigurations = {
             |       ^
           46|         pc = init_system {

       … while checking the NixOS configuration 'nixosConfigurations.pc'

         at /nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/flake.nix:46:9:

           45|       nixosConfigurations = {
           46|         pc = init_system {
             |         ^
           47|           configuration = ./nixos-configurations/pc/default.nix;

       (stack trace truncated; use '--show-trace' to show the full trace)

       error: A definition for option `age.identityPaths."[definition 1-entry 1]"' is not of type `path'. Definition values:
       - In `/nix/store/74dsgrd4mw8vzwsria2zvcpd1l5cirxd-source/secrets/default.nix': "test"

Answer 1 · 2023-11-14T17:27:23.000Z

IIRC the path type checks if the string starts with a leading /. So "/test" should work.

Answer 2 · 2023-11-23T01:21:22.000Z

hm... but does that mean that I have to use absolute paths?

Answer 3 · 2023-11-23T08:04:25.000Z

Well yes, otherwise what are your paths relative to?

Answer 4 · 2023-11-23T11:59:52.000Z

hm... ok, maybe I can create an absolute with the help of self.

Thank you for the information! :)