How to work with private github repos?

[aanderse]

While working with a flakes enabled nix binary I have several inputs which are private github repositories. Some of these private github repositories are already flakes, though not all. Following the advice in https://github.com/NixOS/nix/issues/3991#issuecomment-972882303 I have my personal access token included in ~/.config/nix/nix.conf and everything works well.

Due to complex compatibility/migration reasons I'm in a position where flake-compat is required. Consider the following example flake.nix:

{
  inputs = {
    private-repo = {
      url = "github:a/b/main";
      flake = false;
    };
    flake-compat = {
      url = "github:edolstra/flake-compat";
      flake = false;
    };
  };

  outputs = { self, private-repo, flake-compat }: { packages.x86_64-linux.foo = ...references some nix expressions from private-repo...; };
}

My default.nix is a pretty standard implementation of the flake-compat example. When I try to install foo, the package provided by flake.nix, via nix-env I see a permission issue:

$ nix-env -if . outputs.packages.x86_64-linux.foo
error: unable to download 'https://api.github.com/repos/...': HTTP error 404

       response body:

       {
         "message": "Not Found",
         "documentation_url": "https://docs.github.com/rest/reference/repos#download-a-repository-archive"
       }
(use '--show-trace' to show detailed location information)

Given I have an appropriate ~/.config/nix/nix.conf in place I was expecting this to work.

Any advice or help is greatly appreciated :bowing_man:

---

Note that if I run nix --extra-experimental-features flakes --extra-experimental-features nix-command flake show before running nix-env this pulls enough into my nix store that nix-env subsequently works. This is not a viable workaround for me, though :disappointed:

[aanderse]

After some digging I found out that using netrc files which include credentials for api.github.com is the solution to this problem.