diff --git a/nixos/maintainers/scripts/azure-new/README.md b/nixos/maintainers/scripts/azure-new/README.md index ee1fc682534c..20e81c44ce5d 100644 --- a/nixos/maintainers/scripts/azure-new/README.md +++ b/nixos/maintainers/scripts/azure-new/README.md @@ -33,3 +33,10 @@ img="/subscriptions/.../..." # use output from last command ... => booted ``` + +## Future Work + +1. If the user specifies a hard-coded user, then the agent could be removed. + Probably has security benefits; definitely has closure-size benefits. + (It's likely the VM will need to be booted with a special flag. See: + https://github.com/Azure/azure-cli/issues/12775 for details.) diff --git a/nixos/maintainers/scripts/azure-new/examples/basic/system.nix b/nixos/maintainers/scripts/azure-new/examples/basic/system.nix index 5f98216d183d..855bd3bab719 100644 --- a/nixos/maintainers/scripts/azure-new/examples/basic/system.nix +++ b/nixos/maintainers/scripts/azure-new/examples/basic/system.nix @@ -8,6 +8,9 @@ in "${modulesPath}/virtualisation/azure-image.nix" ]; + ## NOTE: This is just an example of how to hard-code a user. + ## The normal Azure agent IS included and DOES provision a user based + ## on the information passed at VM creation time. users.users."${username}" = { isNormalUser = true; home = "/home/${username}";