1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2024-12-14 11:57:52 +00:00
Commit graph

877 commits

Author SHA1 Message Date
Jeremy Fleischman
eee831aadb Do not render templates when decrypting neededForUsers secrets
This fixes https://github.com/Mic92/sops-nix/issues/659

In https://github.com/Mic92/sops-nix/pull/649, we started rendering
templates twice:

1. When rendering `neededForUsers` secrets (if there are any
   `neededForUsers` secrets).
2. When decrypting "regular" secrets.

This alone was weird and wrong, but didn't cause issues
for people until https://github.com/Mic92/sops-nix/pull/655, which
triggered https://github.com/Mic92/sops-nix/issues/659. The cause is not
super obvious:

1. When rendering `neededForUsers` secrets, we'd generate templates in
   `/run/secrets-for-users/rendered`.
2. However, the `path` for these templates is in
   `/run/secrets/rendered`, which is not inside of the
   `/run/secrets-for-users` directory we're dealing with, so we'd
   generate a symlink from `/run/secrets/rendered/<foo>` to
   `/run/secrets-for-users/rendered/<foo>`, which required making
   the parent directory of the symlink (`/run/secrets/rendered/`).
3. This breaks sops-nix's assumption that `/run/secrets` either doesn't
   exist, or is a symlink, and you get the symptoms described in
   <https://github.com/Mic92/sops-nix/issues/659>.

Reproducing this in a test was straightforward: just expand our existing
template test to also have a `neededForUsers` secret.

Fixing this was also straightforward: don't render templates during the
`neededForUsers` phase (if we want to add support for `neededForUsers`
templates in the future, that would be straightforward to do, but I
opted not do that here).
2024-11-17 06:19:41 +00:00
sops-nix-bot
47fc1d8c72
flake.lock: Update (#658)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53?narHash=sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z%2Bw%3D' (2024-10-30)
  → 'github:NixOS/nixpkgs/c69a9bffbecde46b4b939465422ddc59493d3e4d?narHash=sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk%3D' (2024-11-16)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c?narHash=sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY%3D' (2024-11-03)
  → 'github:NixOS/nixpkgs/e8c38b73aeb218e27163376a2d617e61a2ad9b59?narHash=sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g%3D' (2024-11-16)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-11-17 03:30:39 +00:00
Ian
d2bd7f433b Implement darwin module for sops-nix 2024-11-16 09:09:49 +00:00
dependabot[bot]
4c91d52db1
build(deps): bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#663)
* build(deps): bump golang.org/x/crypto from 0.28.0 to 0.29.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.28.0 to 0.29.0.
- [Commits](https://github.com/golang/crypto/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-11 22:38:28 +00:00
dependabot[bot]
e4f36d56eb
build(deps): bump github.com/ProtonMail/go-crypto from 1.1.0-beta.0-proton to 1.1.2 (#662)
* build(deps): bump github.com/ProtonMail/go-crypto

Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.1.0-beta.0-proton to 1.1.2.
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](https://github.com/ProtonMail/go-crypto/compare/v1.1.0-beta.0-proton...v1.1.2)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-11 22:28:15 +00:00
dependabot[bot]
58f41afcc7
build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0 (#661)
* build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/sys/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-11 22:13:55 +00:00
Wael Nasreddine
f1675e3b0e
home-manager: Add support for Split GPG on Qubes OS (#657)
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2024-11-10 05:32:29 +01:00
Jeremy Fleischman
60e1bce199 Add support for restartUnits and reloadUnits for templates
This fixes https://github.com/Mic92/sops-nix/issues/634
2024-11-08 06:34:20 +00:00
Jeremy Fleischman
c9f6b151cc fix: create template.path symlink
This fixes https://github.com/Mic92/sops-nix/issues/653.

Note: `main.go` has been slowly accumulating shared logic between vanilla
"secrets" and "templates". It feels to me like we could DRY up some of
the logic in here by creating some shared "interface" that they both
implement. I opted not to try to tackle that here, though.
2024-11-08 06:07:13 +00:00
Jeremy Fleischman
fe63071416 Improve activation messages about rendered templates
This fixes https://github.com/Mic92/sops-nix/issues/652
2024-11-07 19:49:39 +00:00
Jeremy Fleischman
33f18b404e Rework restart-and-reload to assert more strictly on the activation output
I've reworked the test to assert on the entire output. This allows us to
detect unexpected output without having to write weird "i expect this
random string to *not* show up assertions", which aren't great at
preventing regressions.

I did have to change the code under test a little bit to make it
behavior deterministically (by sorting the files it outputs).

tl;dr: this demonstrates <https://github.com/Mic92/sops-nix/issues/652>
but does not fix it. I will fix it in a subsequent commit.
2024-11-07 19:49:39 +00:00
liyangau
c5ae1e214f fix missing lib in mkOption 2024-11-06 09:50:27 +01:00
thomaslepoix
f21c31dadf Emit plain file when key is empty
Co-Authored-By: Slaier <slaier@users.noreply.github.com>
2024-11-06 05:57:58 +00:00
Jeremy Fleischman
aa5caa129b rebase, complete implementation 2024-11-06 04:55:41 +00:00
Jörg Thalheim
bb7d636211 template refactoring 2024-11-06 04:55:41 +00:00
Sandro Jäckel
59d6988329 Fix module declarations 2024-11-04 18:49:22 +00:00
sops-nix-bot
e9b5eef9b5
flake.lock: Update (#646)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/4e0eec54db79d4d0909f45a88037210ff8eaffee?narHash=sha256-bpb6r3GjzhNW8l%2BmWtRtLNg5PhJIae041sPyqcFNGb4%3D' (2024-10-26)
  → 'github:NixOS/nixpkgs/2d2a9ddbe3f2c00747398f3dc9b05f7f2ebb0f53?narHash=sha256-B5WRZYsRlJgwVHIV6DvidFN7VX7Fg9uuwkRW9Ha8z%2Bw%3D' (2024-10-30)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950?narHash=sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk%3D' (2024-10-26)
  → 'github:NixOS/nixpkgs/3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c?narHash=sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY%3D' (2024-11-03)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-11-03 03:49:44 +00:00
sops-nix-bot
1666d16426
flake.lock: Update (#644)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/ccc0c2126893dd20963580b6478d1a10a4512185?narHash=sha256-4HQI%2B6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo%3D' (2024-10-18)
  → 'github:NixOS/nixpkgs/4e0eec54db79d4d0909f45a88037210ff8eaffee?narHash=sha256-bpb6r3GjzhNW8l%2BmWtRtLNg5PhJIae041sPyqcFNGb4%3D' (2024-10-26)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22?narHash=sha256-66RHecx%2BzohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4%3D' (2024-10-19)
  → 'github:NixOS/nixpkgs/cd3e8833d70618c4eea8df06f95b364b016d4950?narHash=sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk%3D' (2024-10-26)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-10-27 03:28:01 +00:00
Sizhe Zhao
b2211d1a53 fix(home-manager/sops): fix setting unit env
The Environment option should be set in Service section.
2024-10-26 08:38:45 +00:00
Sizhe Zhao
78a0e634fc fix(home-manager/sops): fix setting systemd unit environment 2024-10-24 13:07:55 +00:00
Mark Sisson
d089e742fb feat(home-manager/sops): add environment variable configuration
Added support for configuring environment variables before calling
`sops-install-secrets`. Introduced a new `environment` option which
allows specifying environment variables. Modified systemd service
and launchd agent to use the specified environment variables.
2024-10-23 14:55:20 +00:00
Martijn de Munnik
a4c33bfecb Allow to set uid and gid instead of owner and group. No checks will be performed when uid and gid are set.
```
sops.secrets = {
  sslCertificate = {
    sopsFile = ./secrets.yaml;
    owner = "";
    group = "";
    uid = config.containers."nginx".config.users.users."nginx".uid;
    gid = config.containers."nginx".config.users.groups."nginx".gid;
  };
  sslCertificateKey = {
    sopsFile = ./secrets.yaml;
    owner = "";
    group = "";
    uid = config.containers."nginx".config.users.users."nginx".uid;
    gid = config.containers."nginx".config.users.groups."nginx".gid;
  };
};
```

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2024-10-23 07:38:42 +00:00
Sandro Jäckel
26642e8f19 Add some missing literalExpression 2024-10-22 09:03:27 +00:00
sops-nix-bot
c504fd7ac9
flake.lock: Update (#635)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e2f08f4d8b3ecb5cf5c9fd9cb2d53bb3c71807da?narHash=sha256-CAZF2NRuHmqTtRTNAruWpHA43Gg2UvuCNEIzabP0l6M%3D' (2024-10-05)
  → 'github:NixOS/nixpkgs/ccc0c2126893dd20963580b6478d1a10a4512185?narHash=sha256-4HQI%2B6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo%3D' (2024-10-18)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/17ae88b569bb15590549ff478bab6494dde4a907?narHash=sha256-uogSvuAp%2B1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss%3D' (2024-10-05)
  → 'github:NixOS/nixpkgs/bb8c2cf7ea0dd2e18a52746b2c3a5b0c73b93c22?narHash=sha256-66RHecx%2BzohbZwJVEPF7uuwHeqf8rykZTMCTqIrOew4%3D' (2024-10-19)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-10-20 03:29:32 +00:00
dependabot[bot]
06535d0e3d
build(deps): bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.5-proton to 1.1.0-beta.0-proton (#633)
* build(deps): bump github.com/ProtonMail/go-crypto

Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.1.0-alpha.5-proton to 1.1.0-beta.0-proton.
- [Release notes](https://github.com/ProtonMail/go-crypto/releases)
- [Commits](https://github.com/ProtonMail/go-crypto/compare/v1.1.0-alpha.5-proton...v1.1.0-beta.0-proton)

---
updated-dependencies:
- dependency-name: github.com/ProtonMail/go-crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-08 00:01:50 +00:00
dependabot[bot]
715dd6cbd0
build(deps): bump golang.org/x/crypto from 0.27.0 to 0.28.0 (#631)
* build(deps): bump golang.org/x/crypto from 0.27.0 to 0.28.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.27.0 to 0.28.0.
- [Commits](https://github.com/golang/crypto/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2024-10-07 23:20:07 +00:00
dependabot[bot]
84d006846f
build(deps): bump cachix/install-nix-action from 29 to 30 (#630)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 29 to 30.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v29...v30)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 23:14:23 +00:00
Jörg Thalheim
2750ed784e nixos-tests: enable system switch again 2024-10-06 16:02:18 +00:00
github-actions[bot]
135e6a2ba1 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9bb1e7571aadf31ddb4af77fc64b2d59580f9a39?narHash=sha256-Yd0FK9SkWy%2BZPuNqUgmVPXokxDgMJoGuNpMEtkfcf84%3D' (2024-09-05)
  → 'github:NixOS/nixpkgs/e2f08f4d8b3ecb5cf5c9fd9cb2d53bb3c71807da?narHash=sha256-CAZF2NRuHmqTtRTNAruWpHA43Gg2UvuCNEIzabP0l6M%3D' (2024-10-05)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/dc454045f5b5d814e5862a6d057e7bb5c29edc05?narHash=sha256-vNv%2BaJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8%3D' (2024-09-08)
  → 'github:NixOS/nixpkgs/17ae88b569bb15590549ff478bab6494dde4a907?narHash=sha256-uogSvuAp%2B1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss%3D' (2024-10-05)
2024-10-06 16:02:18 +00:00
dependabot[bot]
3198a242e5
build(deps): bump cachix/install-nix-action from V28 to 29 (#628)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V28 to 29. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V28...v29)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-30 22:15:13 +00:00
Lin Yinfeng
127a96f49d modules/sops/templates: support systemd activation 2024-09-27 07:43:29 +00:00
Aadniz
3176c11112 Minor fix for binary example in README.md
`sops -e krb5.keytab` does not encrypt the file, rather it outputs the encrypted data in the console.
`>` should be used here to send the data to the file.
2024-09-27 09:36:43 +02:00
A. Manzer
5876a12ff6 Allow sops-nix to be restarted when systemd is degraded
If Systemd is running, but with even a single failed unit, it'll enter Degraded state.  Restart sops-nix anyway.
2024-09-27 09:35:55 +02:00
dependabot[bot]
e2d404a7ea
build(deps): bump cachix/install-nix-action from V27 to 28 (#623)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V27 to 28. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V27...V28)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-16 22:10:47 +00:00
Jörg Thalheim
f30b1bac19 ci(Mergify): configuration update
Signed-off-by: Jörg Thalheim <null>
2024-09-13 11:13:27 +02:00
dependabot[bot]
cede1a0803
build(deps): bump golang.org/x/crypto from 0.26.0 to 0.27.0 (#618)
* build(deps): bump golang.org/x/crypto from 0.26.0 to 0.27.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/crypto/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-09 22:54:08 +00:00
dependabot[bot]
5ca8208431
build(deps): bump golang.org/x/sys from 0.24.0 to 0.25.0 (#617)
* build(deps): bump golang.org/x/sys from 0.24.0 to 0.25.0

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.24.0 to 0.25.0.
- [Commits](https://github.com/golang/sys/compare/v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update vendorHash

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-09 22:47:20 +00:00
dependabot[bot]
9517dcbedb
build(deps): bump DeterminateSystems/update-flake-lock from 23 to 24 (#616)
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 23 to 24.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v23...v24)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-09 22:04:44 +00:00
sops-nix-bot
b68757cd2c
flake.lock: Update (#603)
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/b833ff01a0d694b910daca6e2ff4a3f26dee478c?narHash=sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w%2BROpMfuw%3D' (2024-09-01)
  → 'github:NixOS/nixpkgs/9bb1e7571aadf31ddb4af77fc64b2d59580f9a39?narHash=sha256-Yd0FK9SkWy%2BZPuNqUgmVPXokxDgMJoGuNpMEtkfcf84%3D' (2024-09-05)
• Updated input 'nixpkgs-stable':
    'github:NixOS/nixpkgs/556533a23879fc7e5f98dd2e0b31a6911a213171?narHash=sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/dc454045f5b5d814e5862a6d057e7bb5c29edc05?narHash=sha256-vNv%2BaJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8%3D' (2024-09-08)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-09-08 03:12:43 +00:00
r-vdp
d9d781523a Support userborn 2024-09-05 12:42:46 +00:00
Ramses
5db5921e40
Reuse the existing nixpkgs instance for the tests instead of re-importing it (#611)
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
2024-09-01 14:30:42 +00:00
dependabot[bot]
2acfc17e8c update vendorHash 2024-09-01 16:13:04 +02:00
dependabot[bot]
855c42b2b8 build(deps): bump golang.org/x/sys from 0.23.0 to 0.24.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.23.0 to 0.24.0.
- [Commits](https://github.com/golang/sys/compare/v0.23.0...v0.24.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-01 16:13:04 +02:00
dependabot[bot]
be0eec2d27 update vendorHash 2024-08-12 22:18:46 +00:00
dependabot[bot]
4802909c79 build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.25.0 to 0.26.0.
- [Commits](https://github.com/golang/crypto/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 22:18:46 +00:00
Jörg Thalheim
ab2d1ffeb5 {nixos,home-manager}: shell escape age key paths 2024-08-12 09:20:04 +00:00
dependabot[bot]
8ae477955d update vendorHash 2024-08-05 22:39:32 +00:00
dependabot[bot]
5d647b0039 build(deps): bump golang.org/x/sys from 0.22.0 to 0.23.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/sys/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 22:39:32 +00:00
A Frederick Christensen
eb34eb5881 Minor corrections - README.md
- Extraneous redirect removed
- Sops has deprecated the "-o" flag
2024-07-27 23:13:23 +02:00
dependabot[bot]
aff2f88277 update vendorHash 2024-07-22 22:54:43 +00:00