Started data Local (original) foo.html:120:11
Finished data locality test run in 8.6800 ± 1.3095 ms. foo.html:144:11
Started data Non-local (original) foo.html:120:11
Finished data locality test run in 38.9400 ± 1.6195 ms. foo.html:144:11
Started data Local foo.html:120:11
Finished data locality test run in 6.6600 ± 1.1390 ms. foo.html:144:11
Started data Non-local foo.html:120:11
Finished data locality test run in 38.6400 ± 1.5861 ms. foo.html:144:11
Started data Non-local (sorted) foo.html:120:11
Finished data locality test run in 12.1800 ± 1.8334 ms. foo.html:144:11
Started data Local (object) foo.html:120:11
Finished data locality test run in 14.4500 ± 1.1492 ms. foo.html:144:11
Started data Non-local (object) foo.html:120:11
Finished data locality test run in 49.0000 ± 1.6576 ms. foo.html:144:11
Started data Non-local (sorted array of indices) foo.html:120:11
Finished data locality test run in 53.8500 ± 2.9725 ms.
I opened a bug against the devtools console of Firefox:
https://bugzilla.mozilla.org/show_bug.cgi?id=1647276
NixOS let you build the abstraction you want, and mix them with abstractions provided by others, and this single line illustrates this point extremely well as `sops` is not yet part of NixOS.
Secret management would likely come in NixOS in the future, but in the mean time you can add either use https://github.com/Mic92/sops-nix or https://github.com/ryantm/agenix to make it possible to manage files which have content that should not be public.
Other package managers also provide some abstraction over the packages, and would likely see the same systemd configuration abstracted the same way in post-install scripts. Yet, the encrypted file for `rclone.conf` would come as a static path in `/etc`.
You could resume NixOS as having moved the post-install script logic before the installation, yet this tiny detail gives you additional abilities to mix the post-install scripts and assert consistency ahead of making changes to the system.