{^_^} has quit [Remote host closed the connection]
{^_^} has joined #nixops
kalbasit_ has joined #nixops
manveru_ has joined #nixops
manveru has quit [Ping timeout: 256 seconds]
grfn has quit [Ping timeout: 256 seconds]
grfn has joined #nixops
kalbasit has quit [Ping timeout: 256 seconds]
manveru_ is now known as manveru
kalbasit has joined #nixops
kalbasit has quit [Ping timeout: 256 seconds]
kalbasit has joined #nixops
kalbasit_ has quit [Ping timeout: 256 seconds]
kalbasit_ has joined #nixops
kalbasit_ has quit [Ping timeout: 260 seconds]
kalbasit_ has joined #nixops
kalbasit_ has quit [Ping timeout: 264 seconds]
kalbasit has quit [Ping timeout: 260 seconds]
grfn` has joined #nixops
grfn has quit [Ping timeout: 256 seconds]
grfn` is now known as grfn
cole-h has quit [Ping timeout: 272 seconds]
teto has quit [Ping timeout: 264 seconds]
teto has joined #nixops
<srk>
hmm, I'm trying dev env with nixops and nixops-libvirtd. nix-shell in nixops-libvirtd using modified pyproject.toml with nixops = {path = "/localcheckout/" } and it seems to pick it up when doing poetry lock, poetry install, poetry shell but not update it in virtualenv afterwards
<madonius[m]>
How are you people managing the secrets that you use in nixops? I kinda want to avoid having them in the git-repo
<srk>
have them somewhere on filesystem, like /secrets
<srk>
for one deployment we were using git-crypt, then it was switched to /secrets since there's only one machine that deploys the cluster. the one I'm working on currently uses git-crypt again
<madonius[m]>
do you version them?
<srk>
downside is you cannot deploy without decrypting
<srk>
yes
<madonius[m]>
I see
<srk>
they are opaque binary blobs until decrypted, it's a little weird. there's also nix-sops and ... w8 a sec
<srk>
git diffs are working properly when unlocked
<madonius[m]>
I did have a look into sops. But to be honest it does not make the best impression in terms of maturity ^^'