7314f6b2ff
For secrets not part of the nix store there is no other way in NixOS to restart a service after the secret is updated. One example is changing password in userborn, which doesn't run as a activation script but as a systemd service.
description = "Automatically generates and configures a password for the specified user account."
categories = ["System"]
features = ["inventory"]
If setting the option prompt to true, the user will be prompted to type in their desired password.
!!! Note
This module will set mutableUsers to false, meaning you can not manage user passwords through passwd anymore.
After the system was installed/deployed the following command can be used to display the user-password:
clan vars get [machine_name] root-password/root-password
See also: Vars
To regenerate the password run:
clan vars generate --regenerate [machine_name] --generator user-password