Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Hi all! Excited to introduce my first biggish contribution to the nix community, homeage. It is a home-manager module that allows you to declare encrypted age files (so any secret file you want, whether its json or jpeg) in your home manager repository. On build the encrypted files are stored in the nix store. The files are decrypted during runtime to /run/user/$UID/secrets and can be symlinked across your file system to put your secrets in the right spot. It doesn't require root and is per-user.
I built this because I try to keep as much as possible outside of my system config but all of the secret managers I found were system only. I had no idea how to solve this until I found RaitoBezarius' awesome pull request to agenix where it all clicked. It also exposed me to the inner workings of home-manager which has definitely made me appreciate it more! I kept this separate from agenix because I am interested only in a module rather than a CLI and thus see it as having a different fit.