harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-15 21:03:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

secrets

Browse source
This commit is contained in:
Harivansh Rathi 2026-03-15 14:09:37 -04:00
parent ba0f284dba
commit ff77053297
5 changed files with 183 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
docs/secrets.md
View file

@ -20,8 +20,10 @@ secret values.
`~/.config/secrets/shell.zsh` when present
- [scripts/render-bw-shell-secrets.sh](/Users/rathi/Documents/GitHub/nix/scripts/render-bw-shell-secrets.sh)
renders that file from Bitwarden vault items
- [scripts/restore-bw-files.sh](/Users/rathi/Documents/GitHub/nix/scripts/restore-bw-files.sh)
restores file-based credentials and SSH material from Bitwarden vault items
- [justfile](/Users/rathi/Documents/GitHub/nix/justfile) exposes this as
`just secrets-sync`
`just secrets-sync` and `just secrets-restore-files`
## Daily Shell Flow
@ -60,7 +62,7 @@ For a fresh sandbox or new machine, the clean bootstrap is:
1. `darwin-rebuild switch` or Home Manager activation
2. authenticate `bw`
3. `just secrets-sync`
4. restore any file-based credentials you actually need from Bitwarden
4. `just secrets-restore-files`
That gives you a usable dev shell quickly without committing any secret values
into the repo.