TL;DR: Is there a flag like nix flake check --just-behave
that makes it eat files behind git smudge filters?
It’s already known that flakes don’t like files behind git smudge filters such as git lfs, git-crypt, git-annex, the list goes on…
Some references:
- open issue: flakes: git-crypt is now broken · Issue #5260 · NixOS/nix · GitHub
- Yann Büchau :nixos:: "@musicmatze@social.linux.pizza You cannot referen…" - Fosstodon
- Yann Büchau :nixos:: "It seems that in #nix flakes one still can't use …" - Fosstodon
(Yes, you can store things that are not secrets and may very well be world-readable in e.g. git-lfs, git-crypt, git-annex such as assets you want to have deployed. Or some settings you want to conceal in your public nix config git repo. Let’s not discuss the usefulness of these tools but instead focus on a solution to keep using them, thank you)
A workaround is to make the tree dirty (temporarily removing/editing any file), this makes nix flake check
or nixos-rebuild --flake ...
or whatever work again. According to this post by @roberth, this workaround is a bug. Which would be unfortunate, because without this I cannot use flakes.
Now, keeping the tree dirty is mostly fine, I edit the config, run sudo nixos-rebuild --flake .#myhost switch
and then commit the changes. But it’s still annoying and I’d like a way to just get the behavior as if the tree was dirty. nix
definitely sees this dirty state (warning: Git tree '/home/yann/code/nixconfig' is dirty
) and behaves differently. --impure
is not it, it doesn’t help.
Does anyone know anything on this topic?