agenix icon indicating copy to clipboard operation
agenix copied to clipboard

Published 20 hours ago verified publisher icon ryantm

the cli is broken when using agenix via Flakes

Open ChrisOboe opened this issue 3 years ago • 3 comments

In the readme is stated that you don't need to install agenix to use the cli via Flakes. But that doesn't seem to work properly since the paths get messed up completely.

e.g when running nix run github:ryantm/agenix -- -e test.age you first get the message that there is no ./secrets.nix (even if its there). And if you workarround it by setting the absolute path via RULES env var. You get the editor to write down the secret, but the secret file is written to somewere!? (at least not to the directory where you would expect it).

when agenix is installed it works just fine as expected.

ChrisOboe avatar Jan 07 '22 17:01 ChrisOboe

That command just worked for me. What version of Nix are you using?

$ nix-info
system: "x86_64-linux", multi-user?: yes, version: nix-env (Nix) 2.5pre20211126_55275fc, channels(root): "agenix, nixos-20.09.4407.1c1f5649bb9", channels(ryantm): "master", nixpkgs: /nix/store/vbd5vlmzqr00wfd13ivvyrfzkyzz21zn-source

ryantm avatar Jan 07 '22 17:01 ryantm

nix-info doesn't work properly on a pure flake system (when no channel is set at all)

i'm using nix (Nix) 2.6.0pre20211217_6e6e998 my system is a x86_64-linux built from nixos-unstable (today) my configs are here: https://github.com/ChrisOboe/nixConfigs (chump was the system were i tested this)

ChrisOboe avatar Jan 07 '22 17:01 ChrisOboe

@ChrisOboe Have you tried setting the RULES environment variable to an absolute path pointing to your desired working directory (e.g. your flake root)?

You may have already tried this, and you may have already found a solution, but I've run into similar issues with paths and flakes in the past. And even the present – I made a change recently which re-introduced the issue, so I figured I might as well post some suggestions here.

Because flakes are pure by default, the value can't be a relative path pointing within your flake – even if you convert the path to a string. A lot of the advice out there suggesting that toString ./relative/path will get you an absolute path on your system does account for flakes/pure eval.

See https://github.com/nix-community/home-manager/issues/2660#issuecomment-1019568311 for a succinct summary of the nuances behind path handling in flakes.

Disclaimer: I have not verified the following examples, especially because the results of testing directly in a nix repl don't give the same results as these operations would inside a flake configuration.

# modules/some-module.nix

# Works: absolute path to your working directory
# You could also point this to some user-specific directory
# if that's where you're keeping your flake source.
environment.variables.RULES = "/etc/nixos"; 

# Breaks in pure evaluation mode (the default):
environment.variables.RULES = ../.;

# Breaks in pure evaluation mode with flakes because
# upon converting a path to a string, the result will
# point to the Nix store.
# 
# It should work if you run `nixos-rebuild` with the `--impure` flag...
environment.variables.RULES = builtins.toString ../.;

Edit: I mistakenly had been referencing the AGENIX_ROOT environment variable, which actually comes from https://github.com/cole-h/agenix-cli

montchr avatar Apr 23 '22 20:04 montchr