Secrets Config 判断需要加上 webserver 和 storage #50

New Issue

Closed

opened 2025-12-28 23:19:02 +01:00 by adam · 1 comment

adam commented 2025-12-28 23:19:02 +01:00

Owner

Copy Link

Originally created by @LokiSharp on GitHub (Nov 16, 2024).

https://github.com/ryan4yin/nix-config/blob/main/secrets/nixos.nix

  config =
    mkIf (
      cfg.desktop.enable
      || cfg.server.application.enable
      || cfg.server.network.enable
      || cfg.server.operation.enable
      || cfg.server.kubernetes.enable
+++      || cfg.server.webserver.enable
+++      || cfg.server.storage.enable
    ) (mkMerge [
      {
        environment.systemPackages = [
          agenix.packages."${pkgs.system}".default
        ];

        # if you changed this key, you need to regenerate all encrypt files from the decrypt contents!
        age.identityPaths =
          if cfg.impermanence.enable
          then [
            # To decrypt secrets on boot, this key should exists when the system is booting,
            # so we should use the real key file path(prefixed by `/persistent/`) here, instead of the path mounted by impermanence.
            "/persistent/etc/ssh/ssh_host_ed25519_key" # Linux
          ]
          else [
            "/etc/ssh/ssh_host_ed25519_key"
          ];

Originally created by @LokiSharp on GitHub (Nov 16, 2024). https://github.com/ryan4yin/nix-config/blob/main/secrets/nixos.nix ```nix config = mkIf ( cfg.desktop.enable || cfg.server.application.enable || cfg.server.network.enable || cfg.server.operation.enable || cfg.server.kubernetes.enable +++ || cfg.server.webserver.enable +++ || cfg.server.storage.enable ) (mkMerge [ { environment.systemPackages = [ agenix.packages."${pkgs.system}".default ]; # if you changed this key, you need to regenerate all encrypt files from the decrypt contents! age.identityPaths = if cfg.impermanence.enable then [ # To decrypt secrets on boot, this key should exists when the system is booting, # so we should use the real key file path(prefixed by `/persistent/`) here, instead of the path mounted by impermanence. "/persistent/etc/ssh/ssh_host_ed25519_key" # Linux ] else [ "/etc/ssh/ssh_host_ed25519_key" ]; ```

adam closed this issue 2025-12-28 23:19:02 +01:00

adam commented 2025-12-28 23:19:02 +01:00

Author

Owner

Copy Link

@ryan4yin commented on GitHub (Nov 17, 2024):

确实有点问题，不过我这这些东西现在都跑在一台机器上所以没报过错，已修复。

@ryan4yin commented on GitHub (Nov 17, 2024): 确实有点问题，不过我这这些东西现在都跑在一台机器上所以没报过错，已修复。

adam referenced this issue 2025-12-28 23:19:13 +01:00

[PR #50] [MERGED] feat: remote desktop #85

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dma-shell

i3-kickstarter

v0.15.0

v0.14.0

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.0

v0.7.0

v0.6.0

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.1

v0.1.0

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels

bug

bug

documentation

enhancement

good first issue

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/nix-config#50