Relative paths in NixOps state

NixOS / nixops

NixOps is a tool for deploying to NixOS machines in a network or cloud.

https://nixos.org/nixops

GNU Lesser General Public License v3.0

1.77k stars 365 forks source link

Relative paths in NixOps state #997

Open ElvishJerricco opened 5 years ago

ElvishJerricco commented 5 years ago

I like to have a different state file for each deployment. It can be nice to just keep it in the same directory as the code. But it's annoying that if I e.g. rename the parent directory, everything breaks and I have to modify it. It'd be nice if it used paths relative to the state file.

yorickvP commented 5 years ago

You can use NIX_PATH in the paths. For example, set NIX_PATH=thing=$PWD in your wrapper script, then use '<thing/aws.nix>' as your file path.

ElvishJerricco commented 5 years ago

@yorickvP I don't see how that helps; we can already reference relative paths in Nix expressions with ./foo. The problem is the spec file paths are absolute in the state file.

yorickvP commented 5 years ago

export NIX_PATH=$NIX_PATH:exprs=$PWD
nixops create '<exprs/abc.nix>'

I've also heard that you can use -I during nixops create.

ElvishJerricco commented 5 years ago

@yorickvP those will get translated to absolute paths in the state file, and will not be recalculated in the event that files are moved.

yorickvP commented 5 years ago

$ nixops create -n test '<nixpkgs/test>'
created deployment ‘695339d7-b028-11e8-9fee-644bf01005f2’
695339d7-b028-11e8-9fee-644bf01005f2

$ nixops export -d test
{
  "695339d7-b028-11e8-9fee-644bf01005f2": {
    "name": "test", 
    "nixExprs": "[\"<nixpkgs/test>\"]", 
    "resources": {}
  }
}

ElvishJerricco commented 5 years ago

I stand corrected :) Still, having to manually set NIX_PATH to the correct path every time I use NixOps isn't exactly what I had in mind.

coretemp commented 5 years ago

What about deployment.ec2.privateKey? It only takes a string, not a path.

I.e. how can I point at a key without specifying a non-absolute path?

coretemp commented 5 years ago

Using -I during nixops create seems to work for me. I think this can be closed, but the real issue to be addressed is that NIX_PATH and nix.nixPath need to be documented.

Thanks @yorickvP.

ElvishJerricco commented 5 years ago

I think @yorickvP's solution is a workaround, not a solution to this issue. It should remain open unless it's decided that a proper solution will never be added.

coretemp commented 5 years ago

I am not opposed to leaving this open.

coretemp commented 5 years ago

I thought @yorickvP 's solution would work, but it doesn't, since full strings containing /home/coretemp end up in the nixops state file.

How can we get this issue resolved? I would like to see deployment.ec2.privateKey's type changed from types.str to types.path or alternatively expanded. Alternatively, how can I share nixops files in a team?

  deployment.ec2.privateKey = mkOption {
      default = "";
      example = "/home/alice/.ssh/id_rsa-my-keypair";
      type = types.str;
      description = ''
        Path of the SSH private key file corresponding with
        <option>deployment.ec2.keyPair</option>.  NixOps will use this
        private key if set; otherwise, the key must be findable by SSH
        through its normal mechanisms (e.g. it should be listed in
        <filename>~/.ssh/config</filename> or added to the
        <command>ssh-agent</command>).
      '';