Using sops-nix in development flake?

kiara · January 17, 2024, 3:42am

hi there,

i’m having a bit of trouble figuring out how to import a module.
in particular, i made a flake.nix as a dev project for terranix.
minimum repro:

# flake.nix
{
  inputs = {
    flake-utils.url = "github:numtide/flake-utils";
    nixpkgs.url = "github:nixos/nixpkgs";
    sops-nix.url = "github:mic92/sops-nix";
    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
    sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
    terranix.url = "github:terranix/terranix";
    terranix.inputs.nixpkgs.follows = "nixpkgs";
  };
  outputs = { flake-utils, terranix, sops-nix, ... }:
    flake-utils.lib.eachDefaultSystem (system:
      let tfConfig = terranix.lib.terranixConfiguration {
          inherit system; modules = [ sops-nix.nixosModules.sops ];
      }; in { defaultApp = { type = "app"; program = "ls ${tfConfig}"; }; });
}

running nix run, this would yield:

error: attribute 'services' missing

i tried swapping out the sops-nix.nixosModules.sops for sops-nix.homeManagerModules.sops, but this instead just got me a:

error: The option `assertions' does not exist

my points of confusion include:

is this even supposed to work? provided modules seem either for system or home-manager, but this flake is technically neither.
if so, which one to import?
did i pick the right place to import?

colemickens · January 17, 2024, 3:58am

You might try dropping this line:

    sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";

I would assume generally that if a flake has an extra nixpkgs input, that it is the case necessarily. You can add --show-trace to the build command to get more details that may or may not be helpful.

colemickens · January 17, 2024, 4:02am

Oh, actually I think this is an issue with your usage of terranix.

terranix expects “terranix modules” , not “nixos-modules”. You are passing, first a NixOS module, then a home-manager module. I suspect the error comes from when terranix’s module evaluate hits one of the config.services.... assignments inside the sops-nix module.

There are better resources than me, but the nixos module system is quite neat, and is used by many other projects now. Unfortunately, given it and Nix, there’s not really types enough to help us here.

https://terranix.org/documentation/modules.html