unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / Atom feed
* How to store secrets when using guix deploy?
@ 2021-02-14 15:27 Lee Fallat
  2021-02-14 16:54 ` Joshua Branson
  0 siblings, 1 reply; 4+ messages in thread
From: Lee Fallat @ 2021-02-14 15:27 UTC (permalink / raw)
  To: guix-devel

Hey!

As the title says, I was wondering how people are storing secrets when
using guix deploy?

Thanks!

-- Lee



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: How to store secrets when using guix deploy?
  2021-02-14 15:27 How to store secrets when using guix deploy? Lee Fallat
@ 2021-02-14 16:54 ` Joshua Branson
  0 siblings, 0 replies; 4+ messages in thread
From: Joshua Branson @ 2021-02-14 16:54 UTC (permalink / raw)
  To: Lee Fallat; +Cc: guix-devel

Lee Fallat <inbox@leefallat.ca> writes:

> Hey!
>
> As the title says, I was wondering how people are storing secrets when
> using guix deploy?

I would love to know how to do that too!  Also Lee, this kind of
question is best asked in help-guix@gnu.org.

Thanks!

Joshua

--
Joshua Branson (joshuaBPMan in #guix)
Sent from Emacs and Gnus
  https://gnucode.me
  https://video.hardlimit.com/accounts/joshua_branson/video-channels
  https://propernaming.org
  "You can have whatever you want, as long as you help
enough other people get what they want." - Zig Ziglar


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: How to store secrets when using guix deploy?
  2021-02-14 20:51 Leo Prikler
@ 2021-02-18 17:56 ` Ludovic Courtès
  0 siblings, 0 replies; 4+ messages in thread
From: Ludovic Courtès @ 2021-02-18 17:56 UTC (permalink / raw)
  To: Leo Prikler; +Cc: guix-devel, inbox

Hi!

Leo Prikler <leo.prikler@student.tugraz.at> skribis:

> That's the status quo as far as I understand.  How it *should* handle
> secrets remains an open question if I recall correctly.

Yeah that’s mostly true, though ‘secret-service-type’ in (gnu services
virtualization) shows a simple solution for VMs hosted by Guix System
(childhurds in this case).

Ludo’.


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: How to store secrets when using guix deploy?
@ 2021-02-14 20:51 Leo Prikler
  2021-02-18 17:56 ` Ludovic Courtès
  0 siblings, 1 reply; 4+ messages in thread
From: Leo Prikler @ 2021-02-14 20:51 UTC (permalink / raw)
  To: jbranso, inbox; +Cc: guix-devel

Hello,

Guix itself does not handle any secrets yet -- at best you could
consider the password field of the user-account structure to be one,
and that is not particularly kept a secret either (it shows up as
plaintext).  Depending on your use-case, there might also be services
like the letsencrypt-service-type to generate X.509 certificates. 
Other than that, you may be able to send some already encrypted file to
your machine, but you'll have to manually set up decryption through
other means unless you want plaintext in your store again.

That's the status quo as far as I understand.  How it *should* handle
secrets remains an open question if I recall correctly.

Regards,
Leo



^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-02-18 17:57 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-14 15:27 How to store secrets when using guix deploy? Lee Fallat
2021-02-14 16:54 ` Joshua Branson
2021-02-14 20:51 Leo Prikler
2021-02-18 17:56 ` Ludovic Courtès

unofficial mirror of guix-devel@gnu.org 

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://yhetil.org/guix-devel/0 guix-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 guix-devel guix-devel/ https://yhetil.org/guix-devel \
		guix-devel@gnu.org
	public-inbox-index guix-devel

Example config snippet for mirrors.
Newsgroups are available over NNTP:
	nntp://news.yhetil.org/yhetil.gnu.guix.devel
	nntp://news.gmane.io/gmane.comp.gnu.guix.devel


AGPL code for this site: git clone http://ou63pmih66umazou.onion/public-inbox.git