Am 10.08.23 um 14:12 schrieb wolf:
I guess you could have a script that would use the existence of the key itself
as a marker. In that case you would likely want to recreate it if the marker
(key) got deleted,
No! The key must not be recreated. The key is expected to be replaced by
a new one when the box will become a machine. Thus, using the key as a
marker is not possible, as the would recreate the insecure key on next
reboot. The key must never ever be put into back into place.
I do not have much experience with Vagrant, but I assumed the general idea for
these kind of systems declarative systems is to just recreate the when updates
are required. Is it expected to actually run guix reconfigure inside the VM?
This depends on how one uses the virtual machines :-)
And even if it is not expected to run guix reconfigure on it: If one
does, this but open a front door to the system - which is not what one
wants.
Anyhow, thanks for sharing thoughts,
--
Regards
Hartmut Goebel
| Hartmut Goebel | h.goe...@crazy-compilers.com |
| www.crazy-compilers.com | compilers which you thought are impossible |
