nix-1p
vaultenv
Our great sponsors
nix-1p | vaultenv | |
---|---|---|
7 | 2 | |
846 | 432 | |
- | 0.7% | |
5.9 | 4.7 | |
3 months ago | 7 days ago | |
Nix | Haskell | |
- | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nix-1p
- Nix – A One Pager
-
pellets: manage your packages with a configuration file
Fair enough. I've also had a couple of programs which weren't packaged already, fortunately it's quite easy to do so most of the time (or to just fall back to a distrobox container or flatpak in the worst case). If you decide to try it out, nix-1p and Nix Pills were great resources for me to get familiar with Nix and NixOS in a short time-span.
-
Why the Windows Registry sucks technically (2010)
Wouldn't say there's a steep learning curve for the language itself, it's pretty easy to get a grasp around it imo. Here's a helpful page I used to quickly get familiar with the language: https://github.com/tazjin/nix-1p
What's rather messy about Nix is nixpkgs with its helper functions all over the place alongside pretty shallow / non-existent documentation (which is unrelated to the language). Thankfully they've started to work on that recently: https://discourse.nixos.org/t/documentation-team-flattening-...
-
Nix is the ultimate DevOps toolkit
I wrote a language tutorial for only the language a while back, and have gotten the feedback that it has helped a lot of people - maybe it'd clear something up for you: https://github.com/tazjin/nix-1p
-
Getting help is hard
For Nix language things I really like this page: https://github.com/tazjin/nix-1p
vaultenv
-
Using secrets in kube prom stack helm chart
Having secrets in an external system (like Hashicorp Vault) and then using [vaultenv](https://github.com/channable/vaultenv) to inject these during `helm install/upgrade`. So you end up with something like `vaultenv ... -- helm install --set config.myvar=${VAULTENV_INJECTED_ENV_VALUE}` (or similar). Point is I use vaultenv to run helm with secrets injected as env vars only during the helm run, and use helm's `--set` flag to set individual secrets. This can get tedious if you have many secrets as you have to specify each of them individually with --set. Usually I wrap this in a Makefile or a shell script for easier invoking.
-
Nix is the ultimate DevOps toolkit
> Also, regarding DevOps, the tooling around Nix makes it a little brittle for anything event based--rapidly changing configurations on the fly due to network conditions (Consul, Ansible, etc). This is where configuration management is heading, and due to the static nature of Nix, delegating dynamic changes is hard/anti pattern.
Channable uses Consul, Vault, etc. for dynamic configuration and it works with Nix just fine.
You don't have to use static configuration files with Nix. Either fetch dynamic stuff using the Consul, Vault, etc. APIs at runtime or use a tool like vaultenv [1] or similar if you don't want this logic in your application code.
Put those tools in your systemd service before launching your app, and you're good to go.
(NB: I was DevOps teamlead at Channable while a part of this work was being done. Sad that I won't be able to see the final picture.)
What are some alternatives?
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
rfcs - The Nix community RFCs
nixos - My NixOS Configurations
haskell-nix - Nix and Haskell in production
nickel - Better configuration for less
nixos - NixOS Configuration
aptly - aptly - Debian repository management tool
nix-home - Nix + HM = <3
rclcpp - rclcpp (ROS Client Library for C++)