I'm a software and security engineer with a broad interest in many topics that somehow all end up leading me to Nix.
We should manage secrets the systemd way!
Systemd 250 introduced a way to manage encrypted "credentials" (secrets, reallly) in a way that I think NixOS could benefit from. We're not using it anywhere yet, but we should. This describes briefly how systemd wants to manage credentials and how to integrate that in a NixOS setup.
Main track (Gym)