The author explores different approaches to install NixOS on an Azure VM image.
Creating a custom image is resource intensive, so the author decides to use nixos-infect and nixos-anywhere.
However, this approach requires Nix to be running on the source system, which isn't always feasible.
The author settles on injecting NixOS using nixos-anywhere with Azure Container Instances (ACI), which allows them to keep a limit set of tools/dependencies.
The author provides scripts to create a VM, inject NixOS, and configure the system.
Sensitive information such as SSH keys are obtained from 1Password CLI in a centralized keystore.
The author's LFlaked NixOS configuration repository is pulled from GitHub and installed on the VM.
The ACI container is created with the file share mounted to /root/work and relevant parameters passed as secure-environment-variables.
Finally, the NixOS installation is customized with additional configuration files such as nix-config/configuration.nix and nix-config/disk-config.nix.
The author ends up with an Azure VM configured with their own Nix Flake configuration, without a VM image dangling somewhere.