Probably some function from https://github.com/NixOS/nixpkgs/blob/master/lib/attrsets.nix could be useful to merge them.
2016-06-09 11:19 GMT+01:00 zimbatm <[email protected]>: > @dario: that doesn’t work recursively. { a = { x = 3; } } // { a = { y = > 4; } produces { a = { y = 4 }; } > > > On Thu, 9 Jun 2016 at 10:44 Dario Bertini <[email protected]> wrote: > >> {a=1;}// {b=2;} >> Yields >> {a=1; b=2;} >> >> Is this enough to help you? >> >> On 9 June 2016 10:31:07 BST, 4levels <[email protected]> wrote: >> >Hi, >> > >> >thank you for your swift reply! >> >I'd like to avoid to literally mention all sensitive config params in >> >the >> >network.nix config. >> > >> >What would be the "normal" procedure to recursively merge 2 attribute >> >sets? >> > >> > >> >So if I have in one file >> >servers.nix: { >> > vm01 = { >> > services.symfony.platforms = { >> > database = { >> > username = "www"; >> > }; >> > }; >> > }; >> >} >> > >> >and in the other >> >keys.nix: { >> > vm01 = { >> > services.symfony.platforms = { >> > database = { >> > password = "12345678"; >> > }; >> > }; >> > }; >> >} >> > >> >So they become one when building: >> >{ >> > vm01 = { >> > services.symfony.platforms = { >> > database = { >> > username = "www"; >> > password = "12345678"; >> > }; >> > }; >> > }; >> >} >> > >> >Kind regards, >> > >> >Erik >> > >> >On Thu, Jun 9, 2016 at 11:23 AM zimbatm <[email protected]> wrote: >> > >> >> Hi, >> >> >> >> I don’t know where you are getting this error. All I can do is >> >suggest a >> >> workaround: >> >> >> >> In keys.nix: >> >> >> >> { >> >> database_password = "12345678"; >> >> } >> >> >> >> In network.nix: >> >> >> >> let >> >> secrets = import ./keys.nix {};in; >> >> { >> >> vm01 = { >> >> { config, pkgs, ... }: >> >> { >> >> services.symfony.platforms.database.password = >> >secrets.database_password; >> >> >> >> .. >> >> } >> >> } >> >> } >> >> >> >> >> >> >> >> On Thu, 9 Jun 2016 at 07:54 4levels <[email protected]> wrote: >> >> >> >>> Hi Nix Devs, >> >>> >> >>> I'm having some difficulties separating sensitive information from a >> >nix >> >>> expression used by NixOps. >> >>> >> >>> I keep the server config in a separate file, servers.nix: >> >>> { >> >>> vm01 = >> >>> { config, pkgs, nodes, ... }: >> >>> { >> >>> deployment = { >> >>> targetHost = "192.168.121.50"; >> >>> }; >> >>> ... >> >>> } >> >>> } >> >>> >> >>> Currently I have all relevant software config for each server in a >> >nix >> >>> expression platforms.nix as follows (where vm01 is the hostname): >> >>> { >> >>> vm01 = >> >>> { config, pkgs, ... }: >> >>> { >> >>> services.symfony.platforms = { >> >>> database = { >> >>> username = "www"; >> >>> /* password = "1234567" -> moved to keys.nix */ >> >>> }; >> >>> ... >> >>> } >> >>> } >> >>> >> >>> I want to remove the sensitive info from this file and put it in a >> >>> separate nix expression, eg. keys.nix, maintaining the same >> >structure so >> >>> the files can be merged. >> >>> >> >>> In keys.nix I currently have >> >>> { >> >>> vm01 = { >> >>> { config, pkgs, ... }: >> >>> { >> >>> services.symfony.platforms.database.password = "12345678"; >> >>> .. >> >>> } >> >>> } >> >>> } >> >>> >> >>> I've modified my nixops deploy to have keys.nix loaded after the >> >>> servers.nix and platforms.nix files, but I keep getting errors like >> >"the >> >>> attribute password does not exist" >> >>> >> >>> I must be overlooking something obvious as all the other files I >> >define >> >>> in my deploy are being merged correctly. >> >>> >> >>> Can anyone advise me on how to achieve this? >> >>> >> >>> The underlying reason is that I'm using git-crypt to encrypt the >> >>> platforms.nix file, but this makes it impossible to work with >> >branches (or >> >>> git logs) etc. as the whole file is encrypted and git cannot merge >> >binary >> >>> files (it simply replaces them). >> >>> >> >>> Kind regards! >> >>> >> >>> Erik aka 4levels >> >>> >> >> _______________________________________________ >> >>> nix-dev mailing list >> >>> [email protected] >> >>> http://lists.science.uu.nl/mailman/listinfo/nix-dev >> >>> >> >> >> > >> > >> >------------------------------------------------------------------------ >> > >> >_______________________________________________ >> >nix-dev mailing list >> >[email protected] >> >http://lists.science.uu.nl/mailman/listinfo/nix-dev >> >> -- >> Sent from mobile. Please excuse my brevity. >> _______________________________________________ >> nix-dev mailing list >> [email protected] >> http://lists.science.uu.nl/mailman/listinfo/nix-dev >> > > _______________________________________________ > nix-dev mailing list > [email protected] > http://lists.science.uu.nl/mailman/listinfo/nix-dev > > -- Tomasz Czyż
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
