From 233810ebd7d8365e8aca868fb29bd336e68d337b Mon Sep 17 00:00:00 2001
From: Jakob Lechner <mail@jalr.de>
Date: Wed, 22 Feb 2023 22:39:07 +0000
Subject: [PATCH] Add sops instructions

---
 README.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/README.md b/README.md
index 92142f9..15ccbb8 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,19 @@ This installs nixos on host `somehost`:
 nix-shell -p nixUnstable --run 'nixos-install --flake https://gitlab.jalr.de/jalr/nixos-configuration#somehost --no-channel-copy'
 ```
 
+### setting up sops
+Get the host key and convert it.
+```bash
+ssh-keyscan -t ed25519 $host | ssh-to-age
+```
+
+Then add the key to `.sops.yaml`
+
+If the key changed, you might want to run
+```bash
+sops updatekeys hosts/$host/secrets.yaml
+```
+
 ## nix repl
 start an interactive environment for evaluating Nix expressions