| 2 Jul 2025 |
|  Kilian Mio joined the room. | 16:19:24 |
| Kilian Mio | Hello, everyone! I was wondering if anyone uses Nix to manage kubernetes clusters. | 16:20:07 |
| Kilian Mio | I am still internally debating whether I should use addonsManager or https://github.com/nix-community/nixhelm | 16:22:36 |
| Kilian Mio | * I am still internally debating whether I should use addonsManager or https://github.com/farcaller/cake | 16:24:43 |
| 3 Jul 2025 |
|  bob changed their display name from evilwitcher123 to bob. | 15:47:35 |
|  thilosch joined the room. | 20:47:15 |
| 4 Jul 2025 |
|  Majiir Paktu joined the room. | 21:27:41 |
|  choffmann joined the room. | 23:37:22 |
| 5 Jul 2025 |
|  kwiuu joined the room. | 20:43:02 |
| 6 Jul 2025 |
|  @nyxvectar:matrix.org changed their display name from Rtsingo Су. Nyxvectar to Nyxvectar. | 06:27:58 |
|  @travltux:matrix.org joined the room. | 14:57:14 |
| @travltux:matrix.org left the room. | 14:59:17 |
|  Cathal changed their display name from CJ to Cathal. | 17:17:37 |
| 7 Jul 2025 |
|  OpalBolt joined the room. | 06:04:51 |
|  colemickens 🏳️🌈 left the room. | 21:51:22 |
| 9 Jul 2025 |
|  jonhermansen left the room. | 01:05:54 |
| jonhermansen joined the room. | 01:15:17 |
|  ZeroEcks joined the room. | 01:58:29 |
|  William Sewell joined the room. | 17:51:41 |
| 10 Jul 2025 |
|  Justinas joined the room. | 23:00:49 |
| 11 Jul 2025 |
|  @felix.schroeter:scs.ems.host joined the room. | 17:01:39 |
|  felschr joined the room. | 17:01:48 |
| 12 Jul 2025 |
|  plan9better joined the room. | 11:05:14 |
| 13 Jul 2025 |
|  n4ch723hr3r joined the room. | 08:46:06 |
|  Marie changed their profile picture. | 20:12:19 |
| 15 Jul 2025 |
 Daniel Ramos | Hello!
Is anyone managing Kubernetes with Nix?
I’m looking into the simplest and most secure way to handle secrets. I tried using AgeNix to deploy them, but it isn’t working for me. I also suspect this might not be best practice, since during evaluation the secret could end up embedded in the derivation generated by Nix.
What do you use to manage cluster secrets?
Thanks!
| 15:54:08 |
 magic_rb | I use openbao-agent and vault | 15:55:02 |
| magic_rb | Its hacky but it works until i put kubernetes down | 15:55:12 |
| Daniel Ramos | I'm seeing sops being used for declaring secrets: https://discourse.nixos.org/t/k3s-clusters-and-deployments-in-pure-nix/61794#p-205785-deploy-secrets-6
Then.. can I suppose that my approach with agenix is safe?
| 16:59:37 |
| Daniel Ramos | * I'm seeing sops being used for declaring secrets at the docs: https://discourse.nixos.org/t/k3s-clusters-and-deployments-in-pure-nix/61794#p-205785-deploy-secrets-6
Then.. can I suppose that my approach with agenix is safe?
| 16:59:57 |
