[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Deferring evaluation of a get-secret procedure so -L doesn't evaluat
From: |
Tomas Volf |
Subject: |
Re: Deferring evaluation of a get-secret procedure so -L doesn't evaluate it unless needed for build |
Date: |
Fri, 5 Jan 2024 13:17:32 +0100 |
Hi,
I cannot help you with your question, but completely unsolicited feedback
regarding this snippet:
On 2024-01-04 12:28:28 -0500, Richard Sent wrote:
> --8<---------------cut here---------------start------------->8---
> (define wireguard-lan-secret-service
> (service
> (wireguard-configuration
> ...
> (private-key
> (plain-file "private.key"
> (get-secret*
> "System/WireGuard/LAN/private.key"))))))
> --8<---------------cut here---------------end--------------->8---
Storing secret keys in the store might not be the best idea, since they will be
world readable.
Have a nice day,
Tomas Volf
--
There are only two hard things in Computer Science:
cache invalidation, naming things and off-by-one errors.
signature.asc
Description: PGP signature