I want to create a cicd workflow which will build the NixOS and deploy it for me when I push any changes to the configuration. This is the configuration I have right now, and I am deploying with a single command
It is working ok, but I cannot deploy in cicd, because I have hidden my ip in a flake in my local.
How should I deal with this kind of private configuration? I have thought of using
.gitignore to ignore those private/secret files inside my current deploy flake, but it won’t work because flake tries to be pure and only takes in files from
inputs or something that would be committed to git.
For dealing with runtime secret(like password or secret key), I am using
agenix with is working ok. I hope I am explaining myself clearly so that you understand my issue.