| 6 Jul 2025 |
|  @travltux:matrix.org joined the room. | 14:57:14 |
| @travltux:matrix.org left the room. | 14:59:17 |
|  Cathal changed their display name from CJ to Cathal. | 17:17:37 |
| 7 Jul 2025 |
|  OpalBolt joined the room. | 06:04:51 |
|  colemickens 🏳️🌈 left the room. | 21:51:22 |
| 9 Jul 2025 |
|  jonhermansen left the room. | 01:05:54 |
| jonhermansen joined the room. | 01:15:17 |
|  ZeroEcks joined the room. | 01:58:29 |
|  William Sewell joined the room. | 17:51:41 |
| 10 Jul 2025 |
|  Justinas joined the room. | 23:00:49 |
| 11 Jul 2025 |
|  @felix.schroeter:scs.ems.host joined the room. | 17:01:39 |
|  felschr joined the room. | 17:01:48 |
| 12 Jul 2025 |
|  plan9better joined the room. | 11:05:14 |
| 13 Jul 2025 |
|  n4ch723hr3r joined the room. | 08:46:06 |
|  Marie changed their profile picture. | 20:12:19 |
| 15 Jul 2025 |
 Daniel Ramos | Hello!
Is anyone managing Kubernetes with Nix?
I’m looking into the simplest and most secure way to handle secrets. I tried using AgeNix to deploy them, but it isn’t working for me. I also suspect this might not be best practice, since during evaluation the secret could end up embedded in the derivation generated by Nix.
What do you use to manage cluster secrets?
Thanks!
| 15:54:08 |
 magic_rb | I use openbao-agent and vault | 15:55:02 |
| magic_rb | Its hacky but it works until i put kubernetes down | 15:55:12 |
| Daniel Ramos | I'm seeing sops being used for declaring secrets: https://discourse.nixos.org/t/k3s-clusters-and-deployments-in-pure-nix/61794#p-205785-deploy-secrets-6
Then.. can I suppose that my approach with agenix is safe?
| 16:59:37 |
