Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →
Sops-nix Alternatives
Similar projects and alternatives to sops-nix
-
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
-
-
nix-starter-configs
Simple and documented config templates to help you get started with NixOS + home-manager + flakes. All the boilerplate you need!
-
impermanence
Modules to help you handle persistent state on systems with ephemeral root storage [maintainer=@talyz]
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
-
-
-
-
-
-
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better sops-nix alternative or higher similarity.
sops-nix discussion
sops-nix reviews and mentions
Posts with mentions or reviews of sops-nix.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-02-21.
-
NixOS. Managing secrets with sops-nix
Hi! Here are some notes about how to use secrets in NixOS configuration securely. As of now I use sops-nix with simple age keys (not generated from ssh keys).
-
Inject NixOS into an Azure VM with nixos-anywhere and Azure Container Intances
From that these keys are injected either in the Nix configuration files to set directly over SSH on the target system. To keep it simple I did not trouble myself with adapting a secret handler like sops-nix.
-
NixOS Is Not Reproducible
Mostly private use, I have 2 servers and a laptop configured with this: https://github.com/matrss/nixfiles. The servers host a bunch of different services from Nextcloud to a DoT-to-ODoH proxy.
I've also introduced some light NixOS usage at work (3 hosts, one is an uptime-kuma instance, two are Forgejo Actions runners). For that I had to get some proprietary scanner software to run on it, which I could by just putting the extracted deb package in an emulated FHS environment.
Even for interfacing with legacy systems and unusual stacks I don't think you will need the escape hatch. Anything that is buildable on and above the abstraction-level of "ensure a file is present at some path with some content" should be doable declaratively, and that includes setting up an unusual software stack and running it in systemd services to communicate with some other legacy system or whatever.
The escape hatch is there to modify how NixOS itself behaves, and modifying that should only be necessary to extend NixOS' core functionality. A quick search revealed that impermanence (https://github.com/nix-community/impermanence) and in some cases sops-nix (https://github.com/Mic92/sops-nix) use it, but those fundamentally extend NixOS with ephemeral root storage support and secrets management, respectively.
-
Managing NixOS Secrets via SOPS, sops-nix and opsops
The sops-nix module decrypts secrets at activation time and provides them as individual files under the secret store, usually /run/secrets. The file tree under the secret store is the same as the key tree in the encrypted file: Each encrypted value is the content of the file, its key is the file name, and its parent directories are the path to the key:
-
Archiving PostgreSQL Backups on NixOS
In my actual setups, I use sops-nix (along with my opsops) to produce the GPG key and rclone configuration files. This way, I can manage the secrets in a secure and comfortable way.
-
Show me the way to cloud infra
For applications, I think environment variables are great. Especially if you adopt nomad because you could also use vault to populate secrets in. For machines that won't work so you'll need something else like https://github.com/Mic92/sops-nix
-
how to store secrets needed at install time
I've heard good things about and seen sops-nix used on a few really solid configs. Others tend to use Age or Homeage.
-
Nix way to recreate environments including authentication, configuration, etc?
You can use something like sops-nix if you're on NixOS https://github.com/Mic92/sops-nix.
-
Building a highly optimized home environment with Nix
Yeah, I don't know how to manage secrets yet. I've read about sops-nix, but I don't have the slightest clue how to integrate it into my own nix-config.
-
What would make NixOS more secure?
I use sops-nix for that. Secrets are stored encrypted in the store, and decrypted at runtime.
-
A note from our sponsor - CodeRabbit
coderabbit.ai | 25 Mar 2025
Stats
Basic sops-nix repo stats
14
1,895
9.2
6 days ago
Mic92/sops-nix is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of sops-nix is Nix.
Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai