diff --git a/secrets/README.md b/secrets/README.md index 2edf53f9..1ffa7384 100644 --- a/secrets/README.md +++ b/secrets/README.md @@ -153,10 +153,10 @@ It will then symlink the secrets to the path defined by the `age.secrets.. 1. `cat` the sytem-level public key(`/etc/ssh/ssh_host_ed25519_key`) of the new host, and send it to an old host which has already been configured. 2. On the old host: - 1. Add the public key to `secrets.nix`, and rekey all the secrets via `sudo agenix -r -i /etc/ssh/ssh_host_ed25519_key`. - 2. Commit and push the changes to `nix-secrets`. + 1. Add the public key to `secrets.nix`, and rekey all the secrets via `sudo agenix -r -i /etc/ssh/ssh_host_ed25519_key`. + 2. Commit and push the changes to `nix-secrets`. 3. On the new host: - 1. Clone this repo and run `nixos-rebuild switch` to deploy it, all the secrets will be decrypted automatically via the host private key. + 1. Clone this repo and run `nixos-rebuild switch` to deploy it, all the secrets will be decrypted automatically via the host private key. ## Other Replacements