This talk will describe our experience shipping a product as a NixOS appliance that supports site-specific customization after deployment.
NixOS' declarative model is a good match when one can write down the complete system configuration. How can we handle dynamic aspects of the configuration? That is, anything we expect to vary such that we cannot specify it fully at build time.
We will share the mechanisms used to achieve this and our assessment of the trade-offs involved.
Examples of site-specific variations:
* time server
* network share
* SSL/TLS certificate