From 1992768157d7456748ec28e01c8952cf09b53fbf Mon Sep 17 00:00:00 2001 From: Cole Mickens Date: Fri, 27 Mar 2020 23:42:32 +0000 Subject: nixos/azure: clarify how users work in basic example --- nixos/maintainers/scripts/azure-new/README.md | 7 +++++++ nixos/maintainers/scripts/azure-new/examples/basic/system.nix | 3 +++ 2 files changed, 10 insertions(+) diff --git a/nixos/maintainers/scripts/azure-new/README.md b/nixos/maintainers/scripts/azure-new/README.md index ee1fc682534..20e81c44ce5 100644 --- a/nixos/maintainers/scripts/azure-new/README.md +++ b/nixos/maintainers/scripts/azure-new/README.md @@ -33,3 +33,10 @@ img="/subscriptions/.../..." # use output from last command ... => booted ``` + +## Future Work + +1. If the user specifies a hard-coded user, then the agent could be removed. + Probably has security benefits; definitely has closure-size benefits. + (It's likely the VM will need to be booted with a special flag. See: + https://github.com/Azure/azure-cli/issues/12775 for details.) diff --git a/nixos/maintainers/scripts/azure-new/examples/basic/system.nix b/nixos/maintainers/scripts/azure-new/examples/basic/system.nix index 5f98216d183..855bd3bab71 100644 --- a/nixos/maintainers/scripts/azure-new/examples/basic/system.nix +++ b/nixos/maintainers/scripts/azure-new/examples/basic/system.nix @@ -8,6 +8,9 @@ in "${modulesPath}/virtualisation/azure-image.nix" ]; + ## NOTE: This is just an example of how to hard-code a user. + ## The normal Azure agent IS included and DOES provision a user based + ## on the information passed at VM creation time. users.users."${username}" = { isNormalUser = true; home = "/home/${username}"; -- cgit 1.4.1