Closed WillPower3309 closed 1 year ago
If a user has a secrets.nix that uses builtins.readFile to set the value of a key, as such:
secrets.nix
builtins.readFile
let system = builtins.readFile ../hosts/server/ssh_host_ed25519_key.pub; in { "rootPassword.age".publicKeys = [ system ]; }
an error occurs:
❯ nix-instantiate --eval --json secrets.nix error: … message for the trace at /home/will/Projects/nixos-config/secrets/secrets.nix:10:3: 9| { 10| "rootPassword.age".publicKeys = system; | ^ 11| } error: cannot convert a thunk to JSON at /home/will/Projects/nixos-config/secrets/secrets.nix:10:3: 9| { 10| "rootPassword.age".publicKeys = system; | ^ 11| }
adding --strict fixes this
--strict
This would probably happen for any kind of doing "computation" in the bindings, not only for builtins.readFile.
If a user has a
secrets.nix
that usesbuiltins.readFile
to set the value of a key, as such:an error occurs:
adding
--strict
fixes this