Welcome to the Functional Programming Zulip Chat Archive. You can join the chat here.
@Sridhar Ratnakumar to that discussion about secrets in NixOS configuration - I've ended up creating local.nix, which contains configuration done during installation. It is generated using script - cloned repo contains local.nix with empty module to make flake "evaluable", and inside the script I use nix eval to get normal users (<user>.isNormalUser == true) from .#nixosConfigurations.<hostname>.config.users.users.<user>.name, where for every user I ask for password and save it under corresponding hashedPassword field. This way, once I pick specific configuration, script can "magically" ask for passwords of users actually present in it.
<user>.isNormalUser == true
I now have VM with configuration for testing, and I LOVE IT - no more time wasted replicating configuration on new Arch installation :big_smile:
I only have a VM for postgres when testing, but it's so much nicer than using docker