[halostatue]

I've bounced off Nix every time I tried it, before I even started trying something like Home Manager.

I've been using (and contributing to) chezmoi for ~6 years now. Given that it has first-class integration with secrets managers, I suspect that it does things that Home Manager can't.

[linsomniac]

>I've bounced off Nix every time I tried it, before I even started trying something like Home Manager.

I did too. Until I tried configuring it with Claude Code. I'll give you my money back guarantee on it.

[bronson]

Vibed infrastructure? That sounds like it undoes a lot of Nix's advantages.

[redog]

> it has first-class integration with secrets managers

Meow?

[halostatue]

No slight involved.

The chezmoi integration with 1Password is excellent; for those who prefer Bitwarden, it supports both the default CLI (which has some inexcusable behaviours for a security product, IMO) and `rbw` (which is infinitely better than the default CLI). It supports `pass`, `gopass`, `passage`, AWS Secrets Manager, KeePass, and several other approaches.

It was the work of a couple of minutes to enable a secret for a Claude Code API token to be mounted in a VM where I'm running Claude for a project where the value is pulled from 1Password and I can regenerate it and reapply without fear.

If one doesn't have to worry about secrets in one's dotfiles, I'm sure that other dotfile managers including Nix with Home Manager will suffice. I do, so they won't.