rycee changed the topic of #home-manager to: Support and discussion around the Home Manager project (https://github.com/rycee/home-manager) | Logs: https://logs.nix.samueldr.com/home-manager
mexisme has joined #home-manager
mexisme has quit [Ping timeout: 248 seconds]
MmeQuignon has quit [Ping timeout: 265 seconds]
johnw has quit [Remote host closed the connection]
mexisme has joined #home-manager
johnw has joined #home-manager
mexisme has quit [Ping timeout: 260 seconds]
mexisme has joined #home-manager
mexisme has quit [Ping timeout: 245 seconds]
__monty__ has joined #home-manager
spacekookie has quit [Quit: **agressive swooshing**]
spacekookie has joined #home-manager
Synthetica has joined #home-manager
asymmetric has joined #home-manager
<asymmetric> does anyone have tips for how to handle secrets in hm?
MmeQuignon has joined #home-manager
<hpfr> asymmetric: not sure on how secure you need, but builtins.readFile seems to be a general option if the module doesn't provide a way to specify a path in a string
<hpfr> there is a lot more discussion here https://github.com/NixOS/nixpkgs/issues/24288
<{^_^}> nixpkgs#24288 (by basvandijk, 2 years ago, open): Provide options for storing secrets outside the Nix store
<maralorn[m]> key.
<maralorn[m]> asymmetric: It depends on how secret you need it and for what you need the secret. I use git-crypt to have secrets in my repo which is public. Some of them land in /nix/store when used in an nix expression but it‘s a calculated risk some of them get loaded at runtime because they are referenced by absolute path and I have secrets in my password manager which get retrieved at runtime via a call to `pass` and my gpg
<hpfr> nixos-unstable updated today, readline option still doesn't exist
hpfr has quit [Ping timeout: 260 seconds]
__monty__ has quit [Quit: leaving]
hpfr has joined #home-manager
Synthetica has quit [Quit: Connection closed for inactivity]