pub fn secret_init(
source: Option<Utf8PathBuf>,
comment: Option<String>,
) -> Result<()>Expand description
yui secret init [--comment TEXT] β generate an age X25519
keypair on this machine, write the secret to the configured
identity path, and append the public key to
$DOTFILES/config.local.toml [secrets] recipients.
config.local.toml is the right place because itβs
machine-local and gitignored β committing per-machine recipient
keys to the public repo is fine in principle (recipients are
public information) but the convention has the keys live in
the local file alongside other host-specific config.