Great video as always! To me, the difficulty with nix has always been that there are too many ways of doing the same thing, so when I try to do something, I can look at the documentation, the source code, other peoples configs, etc. everyone do the same things in different ways. This means that having your bite-size videos are extremely useful, as you make them very modular, so even though my config is already a sprawling mess of nix files, imports etc., I can always just add your stuff without any problems!

I need a bit more explanations than this like a more traditional tutorial, but this is the only video about secrets management on nix 😅

YOUR VIDEOS ARE GOLD

what if I want to just use my password to decrypt secrets?

Just today I was beginning to setup sops-nix, this timing couldnt be any better! Thank you!!

@2:02 sops: command not found. again a broken tutorial

Just FYI: age is pronounced "ah-gay", because the name comes from Latin. "Age" in Latin is a command spoken to another person to "act"/"go". Here's a good example: kzbin.info/www/bejne/fYqqiYyPhNVnl9U

Thank you - great video!! I have a question regarding t=96s where you add sops.age.keyFile to configuration.nix... If I am creating a configuration.nix to be shared and ultimately deployed on a different server/machine, the reference to the keyfile will be public (which should be fine). However, I do not believe it is discussed how the target server/machine is to get the keyfile (private age key} so that it can decript the details. Do you mind sharing or pointing me in the right direction of how you would do this?

I was just looking at this yesterday. Thx for the vid.

This is gold! Thank you! 🙌

Your channel covers amazing topics and has good production quality. But still from all the videos I have seen over the years yours are some of the most difficult to follow, learn from, or reproduce. I am not sure if it's your presentation style or if I just don't know enough about the Nix language yet.

This video is still my go-to way to have a refresher on sops-nix! way clearer than the documentation on that project lol

If you are using a new microphone, it sounds great!

The production quality sure is improving really fast!

Why not agenix?

The only thing I haven't been able to do with sops is to define hosts file. networking.hosts (not sure about the name, writing from a phone) requires a list and there's no any other way like "hostsFile" or something like we have for ssh-config, for example. Simply setting a path for sops secret to /etc/hosts doesn't work for me. Any ideas on how to implement this?

great conrent

Is there a way to have a secret with multiple lines? In my case, I'm trying to make an environment file with multiple environment variables. If I do a YAML multi-line string, Sops seems to replace the newlines with spaces when it decodes the secret.

Love it. I just followed these instructions to store my VPN credentials and deploy them into an OpenVPN configuration.

At 2:02 you run sops command. Which at that point is not yet available. Should that be just added to systemPackages or just work just with rest of the configuration being done first? Also at 2:44 you are using "inputs" already inside "inputs"? For me this just generates building error: `"sops-nix" is a thunk while a ....` but ommiting it works though.

I was just looking into this! Thanks

I don't know what I am doing wrong but I can't get past creating the secrets file at the 2 minutes point. when I run sops secrets.yaml and try to save the file I get the error "No master keys were provided, so sops can't encrypt the file. Press a key to return to the editor, or Ctrl+C to exit."

How scaleable are secrets? For example, if i have 10 programs which require user and password details, can i use secrets on all of them to save me having to authenticate each one? or do you need to rely on each program creating an api for the secret?

Are you going to cover other methods of secret management with Nix?

Awesome!!!

За червоно-чорну великодку окремий лайк :) Взагалі дуже дякую за контент, Ваш канал був основною причиною перейти на NixOS, і я ні граму не пожалів! Бажаю каналу розвитку і процвітання, нехай все буде тільки добре! Як буду мати фінансову можливість закину пару гривників на якусь каву або щось поміцніше :)

❤

Make one complete setup of hyprland with necessary packages on nixos