You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I encountered an issue where agenix-home-manager-mount-secrets would not run.
I did 2 things to update my secrets. I'm doing sortof recursive secrets deployment via bootstrap and configuring ephemeral secrets at runtime. (my ssh key is encrypted and only available while im logged in, decrypted by an age key I pull from a secrets vault - vaultwarden)
I removed the ssh key from it's typical location, added it to agenix and did a switch.
issue 1
removed ssh key which was previously being used to mount secrets, this caused agenix not to be able to find this secret, but it SHOULD have still found the age.key file to decrypt.
issue 2
agenix-home-manager-mount-secrets not in systemd-daemon. despite the systemd user service being updated. the daemon was not so it was still using the old config. this meant that it was not looking for the age.key and because I removed id_ed25519 it was failing to run.
resolution:
I had to systemctl daemon-reload --user
It would be a good idea to in the activation for agenix to daemon-reload in the home-manager module
The text was updated successfully, but these errors were encountered:
I encountered an issue where agenix-home-manager-mount-secrets would not run.
I did 2 things to update my secrets. I'm doing sortof recursive secrets deployment via bootstrap and configuring ephemeral secrets at runtime. (my ssh key is encrypted and only available while im logged in, decrypted by an age key I pull from a secrets vault - vaultwarden)
I removed the ssh key from it's typical location, added it to agenix and did a switch.
issue 1
removed ssh key which was previously being used to mount secrets, this caused agenix not to be able to find this secret, but it SHOULD have still found the age.key file to decrypt.
issue 2
agenix-home-manager-mount-secrets not in systemd-daemon. despite the systemd user service being updated. the daemon was not so it was still using the old config. this meant that it was not looking for the age.key and because I removed id_ed25519 it was failing to run.
resolution:
I had to systemctl daemon-reload --user
It would be a good idea to in the activation for agenix to daemon-reload in the home-manager module
The text was updated successfully, but these errors were encountered: