I wrote a guide on deploying Nix to EC2 with Terraform. Compared to other resources on this topic, this is more of a nuts-and-bolts approach. The goal is to use as few third-party tools as possible, and instead give users an idea of how to make their own deployment pipeline from the ground up.
Comments/questions are welcome!
I’ve read your excellent guide and some questions arise to me. As you say in 4.1.8 Inverting the dependency I may have the ability to make derivations that depend on Terraform resources. I’m interfacing using nixos-anywhere module, but I’m struggling to get some terraform data into nix derivations (actually into config.build.system.toplevel hehe).
I have come to the conclusion that I can manage two types of Terraform resources into NixOS:
a) load out-of-band credentials/files using own nixos-anywhere extra-files mechanism (bootstrap stage).
b) export terraform outputs as json and read it from nix using builtins.readFile + builtins.fromJSON (live-config stage).
Can you share with me what other interface do you imagine?
Regards, and thanks again for your guide, it gives a lot of light to the topic!