docs: Tweak location of private key in age onetime passphrase how-to

twpayne · Aug 30, 2023 · a89e0e0 · a89e0e0
1 parent 154e3e9
commit a89e0e0
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/assets/chezmoi.io/docs/user-guide/frequently-asked-questions/encryption.md b/assets/chezmoi.io/docs/user-guide/frequently-asked-questions/encryption.md
@@ -43,8 +43,9 @@ Configure chezmoi to decrypt the passphrase-encrypted private key if needed:
 $ cat > run_once_before_decrypt-private-key.sh.tmpl <<EOF
 #!/bin/sh
 
-if [ ! -f "${HOME}/key.txt" ]; then
-    chezmoi age decrypt --output "${HOME}/key.txt" --passphrase "{{ .chezmoi.sourceDir }}/key.txt.age"
+if [ ! -f "${HOME}/.config/chezmoi/key.txt" ]; then
+    mkdir -p "${HOME}/.config/chezmoi"
+    chezmoi age decrypt --output "${HOME}/.config/chezmoi/key.txt" --passphrase "{{ .chezmoi.sourceDir }}/key.txt.age"
     chmod 600 "${HOME}/key.txt"
 fi
 EOF
@@ -56,7 +57,7 @@ Configure chezmoi to use the public and private key for encryption:
 $ cat >> .chezmoi.toml.tmpl <<EOF
 encryption = "age"
 [age]
-    identity = "~/key.txt"
+    identity = "~/.config/chezmoi/key.txt"
     recipient = "age193wd0hfuhtjfsunlq3c83s8m93pde442dkcn7lmj3lspeekm9g7stwutrl"
 EOF
 ```
@@ -98,4 +99,4 @@ $ chezmoi add --encrypt ~/.ssh/id_rsa
 
 When you run `chezmoi init` on a new machine you will be prompted to enter your
 passphrase once to decrypt `key.txt.age`. Your decrypted private key will be
-stored in `~/key.txt`.
+stored in `~/.config/chezmoi/key.txt`.