<rss xmlns:atom="http://www.w3.org/2005/Atom" version="2.0"><channel><title>Age - vo.rs</title><link>https://vo.rs/tags/age/</link><description>Latest from the Age desk at vo.rs.</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.</copyright><lastBuildDate>Fri, 11 Jul 2025 13:50:00 +0000</lastBuildDate><atom:link href="https://vo.rs/tags/age/" rel="self" type="application/rss+xml"/><item><title>Secrets Management With SOPS and age</title><link>https://vo.rs/story/secrets-management-with-sops-and-age/</link><description>&lt;p&gt;The moment you commit to managing your homelab as code, you hit the secrets problem within the hour. Your git repo describes every service beautifully — the compose files, the reverse-proxy config, the whole declarative lovely thing — and then one service needs a database password and the illusion cracks. You cannot commit the password to git, because git remembers forever and repos leak. You cannot leave it out, because then the repo doesn&amp;rsquo;t actually describe a working system. People solve this badly for years: passwords in a &lt;code&gt;.env&lt;/code&gt; file that is gitignored and therefore backed up nowhere, or worse, committed &amp;ldquo;temporarily&amp;rdquo; and never scrubbed from history.&lt;/p&gt;</description><pubDate>Fri, 11 Jul 2025 13:50:00 +0000</pubDate></item></channel></rss>