From dd8259ed85180d1e51ed05b1be2e6668c64d023a Mon Sep 17 00:00:00 2001
From: Ryan Yin <xiaoyin_c@qq.com>
Date: Tue, 12 Nov 2024 16:31:57 +0800
Subject: [PATCH] feat: troubleshooting agenix

---
 secrets/README.md  | 19 +++++++++++++++++++
 secrets/darwin.nix |  6 ++++++
 2 files changed, 25 insertions(+)

diff --git a/secrets/README.md b/secrets/README.md
index 253870ba..909cde75 100644
--- a/secrets/README.md
+++ b/secrets/README.md
@@ -176,6 +176,25 @@ the `age.secrets.<name>.path` argument, which defaults to `/etc/secrets`.
    1. Clone this repo and run `nixos-rebuild switch` to deploy it, all the secrets will be decrypted
       automatically via the host private key.
 
+## Troubleshooting
+
+### 1. Nix-Darwin Module
+
+Check logs:
+
+```bash
+tail -n 100 /Library/Logs/org.nixos.activate-agenix.stderr.log
+tail -n 100 /Library/Logs/org.nixos.activate-agenix.stdout.log
+```
+
+### 2. NixOS Module
+
+Check logs:
+
+```
+journalctl | grep -5 agenix
+```
+
 ## Other Replacements
 
 - [ragenix](https://github.com/yaxitech/ragenix): A Rust reimplementation of agenix.
diff --git a/secrets/darwin.nix b/secrets/darwin.nix
index f39275c2..ea67df81 100644
--- a/secrets/darwin.nix
+++ b/secrets/darwin.nix
@@ -10,6 +10,12 @@
     agenix.darwinModules.default
   ];
 
+  # enable logs for debugging
+  launchd.daemons."activate-agenix".serviceConfig = {
+    StandardErrorPath = "/Library/Logs/org.nixos.activate-agenix.stderr.log";
+    StandardOutPath = "/Library/Logs/org.nixos.activate-agenix.stdout.log";
+  };
+
   environment.systemPackages = [
     agenix.packages."${pkgs.system}".default
   ];