Hi there, I was reading the wiki entry on agenix. Had a few quick questions for clarification.
- While there is a “workaround” to replace strings/secrets, does anyone know if there are plans to support this officially in Agenix? Or is there a better way to deal with this?
- what confuses me about the current replace method, how would this work if you are using home-manager, and your config files are symlinks?
- when creating the
/etc/nixos/secrets/secrets.nixfile and adding your pub keys, how does the system know about which private keys in~/.ssh? Even though the instructions show, you create the secret withagenix -e secret1.age, I assume you need to pass in the desired private key with the-iflag. - The instructions discuss using
ssh-keyscanto get your pub key. I assume I can justcatmy pub key in my~/.sshfolder and paste that in as well?
Maybe I am confused about the structures and behaviour here and am missing something. 
Thank you.