Hi – thanks to both of you for your creation and maintenance of darwin.linux-builder; I’ve found it incredibly useful! If this type of Q would be better as an issue or if you’d prefer I reach out on e.g. Matrix please let me know.
One minor hangup I’ve had is the requirement for elevated privileges to for install-credentails. The default behavior is to simply use nixpkgs’ existing ssh_host_ed25519_key, which is public information (and readable from the nix store); the additional requirement for authentication and installing this to /etc/nix/ doesn’t seem to make much sense in this default case, when one could just reference the private key from the nix store.
Additionally, sudo is not packaged for MacOS, and this uses sudo without its full path, so this portion fails if run in a --pure context.
I can see that in the bigger picture the install-credentials script and KEYS variable seem to be set up to facilitate users using non-default SSH keys (I think by overriding virtualisation.environment.etc."ssh/ssh_host_ed25519_key" in the VM), but I’m wondering if the default could be made a little easier by avoiding the need for elevated privileges to run.
I’m happy to work on a PR if this seems reasonable but didn’t want to launch into the effort without asking about glaring oversights on my part – thanks for your time and thoughts.