Make initialRootPassword overrideable in all virtualisation modules, not just virtualbox.

nixos/modules/virtualisation/amazon-image.nix

@@ -164,5 +164,5 @@ with pkgs.lib;
   # Prevent logging in as root without a password.  This doesn't really matter,
   # since the only PAM services that allow logging in with a null
   # password are local ones that are inaccessible on EC2 machines.
-  security.initialRootPassword = "!";
+  security.initialRootPassword = mkDefault "!";
 }

nixos/modules/virtualisation/containers.nix

@@ -55,7 +55,7 @@ with pkgs.lib;
                   modules =
                     let extraConfig =
                       { boot.isContainer = true;
-                        security.initialRootPassword = "!";
+                        security.initialRootPassword = mkDefault "!";
                         networking.hostName = mkDefault name;
                       };
                     in [ extraConfig config.config ];
@@ -134,4 +134,4 @@ with pkgs.lib;
       }) config.systemd.containers;
 
   };
-}
+}

nixos/modules/virtualisation/google-compute-image.nix

@@ -114,7 +114,7 @@ with pkgs.lib;
   # Prevent logging in as root without a password.  This doesn't really matter,
   # since the only PAM services that allow logging in with a null
   # password are local ones that are inaccessible on Google Compute machines.
-  security.initialRootPassword = "!";
+  security.initialRootPassword = mkDefault "!";
 
   # Configure default metadata hostnames
   networking.extraHosts = ''