Hi Oliver, > One option is to introduce these credentials as parameters to your network > evaluation: > > { secretCertificate }: > { > web = { ... } : ... > } > > Then you will need to set this parameter when you do deployments in order to > evaluate the network expression and perform deployments.
I am sorry if I'm missing something terribly obvious, but I wonder how that helps getting the secret onto the deployed machines without having it added to the Nix store? You cannot say something to the effect of "store that information in /etc/my-secret" without going through a Nix derivation somewhere, can you? Best regards, Peter _______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev