@Sridhar Ratnakumar to that discussion about secrets in NixOS configuration - I've ended up creating local.nix, which contains configuration done during installation. It is generated using script - cloned repo contains local.nix with empty module to make flake "evaluable", and inside the script I use nix eval to get normal users (<user>.isNormalUser == true) from .#nixosConfigurations.<hostname>.config.users.users.<user>.name, where for every user I ask for password and save it under corresponding hashedPassword field. This way, once I pick specific configuration, script can "magically" ask for passwords of users actually present in it.
@Sridhar Ratnakumar to that discussion about secrets in NixOS configuration - I've ended up creating
local.nix, which contains configuration done during installation. It is generated using script - cloned repo containslocal.nixwith empty module to make flake "evaluable", and inside the script I usenix evalto get normal users (<user>.isNormalUser == true) from.#nixosConfigurations.<hostname>.config.users.users.<user>.name, where for every user I ask for password and save it under correspondinghashedPasswordfield. This way, once I pick specific configuration, script can "magically" ask for passwords of users actually present in it.I now have VM with configuration for testing, and I LOVE IT - no more time wasted replicating configuration on new Arch installation :big_smile:
I only have a VM for postgres when testing, but it's so much nicer than using docker
Relevant? https://github.com/ryantm/agenix