Journal 2023-04-01
<!-- Morning -->Nix configuration with nix-sops
I needed to configured nix access-tokens with nix-sops. The configuration file
is stored in the /etc/nix directory.
The solution I settled on this solution:
- Configure the
nix.confto include (if present) theaccess-tokens.conffile. - In the nix-sops I then link the
access-tokens.conffile to the/etc/nix/access-tokens.conffile using thesops.secrets.nix_access_tokens.pathoption.
{
nix.extraOptions = ''
!include access-tokens.conf
'';
sops.secrets.nix_access_tokens.path = "/etc/nix/access-tokens.conf";
}
The file will be then sourced by nix. If it doesn’t exist, nix will not throw
an error thanks to the !include directive.
The file needs to be readable by the client if you want the access-token work
with nix flake ... when run by your user, so you’ll need to configure the
owner to be the correct group.
One example is to create a user-keys group, different from the keys sops
group, and add your user to it.
Next.js app directory
The last canary of next js supports to export to static html files with the app directory.
I think the app directory is a better structure for a next.js app. I made the
transition to the new directory some time ago. But could never use it since I
relay to the next export command to generate the static html files for GitHub
pages.
Today I migrated to next@canary and its seem to work.