Agenix can be used to encrypt secrets so that they are not readable in plain text in the nix store, and allows specifying options such as user passwords in your configuration relatively safely (it's always safest to keep these things private even if encrypted)
Agenix can be used to encrypt secrets so that they are not readable in plain text in the nix store, and allows specifying options such as user passwords in your configuration relatively safely (it's always safest to keep these things private even if encrypted)
My secrets config is available here, but the setup is a bit more complicated https://github.com/different-name/nix-files/blob/476767bfe232914b0b302f3dc348ba3c564b9356/secrets/secrets.nix