There are a lot of different secret management technologies around nixos, like sops-nix, agenix, etc. All of them still require to manually generate and encrypt secrets though. So we are happy to announce the missing piece to have full declarative services with zero user interaction: NixOS vars (name will maybe change :))
