Combining Nix with Terraform for better DevOps

With nixpkgs-terraform, a project designed to make your Terraform environment management a breeze, you can say goodbye to documentation hassles and manual interventions. The installation and management become declarative and reproducible, thanks to Nix and its unique capabilities.

Why should you care?

  • Consistency: Ensure the same version across different environments effortlessly.
  • Ease of Use: No need for deep Nix knowledge. Just use our templates for a reproducible, declarative, and portable development environment.
  • Fine-grained control: Inspired by nixpkgs-python and nixpkgs-ruby, we’ve paved the way for more control over different Terraform versions.

Learn more here

Drop your comments, questions, and insights below.

13 Likes

Does it work with OpenTofu?

2 Likes

Hi there! While OpenTofu and Terraform have many similarities, we do not intend to add OpenTofu support to nixpkgs-terraform directly because this project was originally designed to handle Terraform packages. For the time being, we believe it is best to handle OpenTofu as a separate project.

One technical challenge we discovered with OpenTofu is that, compared to Terraform, nixpkgs does not expose the builder function directly:

3 Likes

Hi, my first question with these types of projects is “Why this and not X?”. I have used terranix with some success. Presumably y’all evaluated it and decided to build your own? Do you speak to this somewhere? If not, I’d suggest it could be valuable for attracting users/contributors.

6 Likes

This is just terraform packages, which can be used together with terranix or standalone. It could be used to pin the terraform package to a specific version.

This together with:

Could be used to fully lock down the terraform and provider versions with the flexibility disconnected from nixpkgs.

I have my own small contribution to this, that I haven’t used widely yet, but it based on previous work I used for many years.
Generate terraform versions and lock files based on the versions provided by Nix:

Generate a terraform derivation containing an immutable terraform root module (in nix store) that can self-execute terraform commands, via bin wrappers.

1 Like

As @terlar mentioned, I believe this project could be used in conjunction with Terranix; the main advantage is that as a user, you don’t have to navigate through different commits in nixpkgs to find a specific Terraform version because nixpkgs-terraform provides a collection of Terraform versions from which users can select the desired one. On the other hand, I believe that projects like nixpkgs-terraform and nixpkgs-python work well with tools like devenv to provide reproducible development environments because it preserves the reproducibility benefits of Nix while providing more fine grain control over the version of a specific package that you want to use.

3 Likes

It might even be worth cross-linking or merging both projects.

1 Like

Updates to nixpkgs-terraform have been made: