I got nix-sops working in my setup, but I would like to be able to use these secrets in a text config file.
Is there a templating function in Nix?
I found nix-mustache-templates but can’t work out how to get that function integrated into my setup.
My configs are not currently in a public repo, but they are based off network/modules/profiles at 9f7a4607d97b84ce175c47da7fa73fbbe2d9cbfd · disassembler/network · GitHub
sops-nix links to GitHub - polygon/scalpel: Minimally invasive safe secret provisioning to Nix-generated service config files, which apparently can do what you’re looking for. I haven’t used it personally, however.
The simplest way of doing “templating” may be to use substituteAll.
Thanks for the mustache link. This looks interesting. I’ve previously thought about possibly integrating Jinja2 somehow, possibly making use of structured variables.
Edit: never mind, I guess this won’t help you since with sops, since you don’t have the secrets available at evaluation time. Sorry about the confusion.