• she/her

Principal engineer at Mercury. I've authored the Dhall configuration language, the Haskell for all blog, and countless packages and keynote presentations.

I'm a midwife to the hidden beauty in everything.

💖 @wiredaemon


discord
Gabriella439
discord server
discord.gg/XS5ZDZ8nnp
location
bay area
private page
cohost.org/newmoon

So while doing research for the next chapter of my NixOS book I was curious about whether or not a nix.conf option could read in a file's contents

The reason I was curious about this is because the Nix manual mentions that the builders option's default value is the file @/etc/nix/machines (which we're supposed to read as the contents of the file /etc/nix/machines being read in to determine the full set of builders)1

However, it's not clear from reading the manual whether or not a nix.conf option can actually read in the contents of a file or not. Specifically:

  • It's not clear if the @ syntax actually works for the builders option

    In other words, maybe that @ syntax is just documentation pseudocode that the interpreter will read in a file, but the @ symbol might not actually work for specifying to read in the builders from a separate file.

  • It's not clear if the @ syntax works for other nix.conf options

    Maybe it only works for the builders option?

So I did some spelunking through the nix codebase and the conclusion is that the @ symbol does work, but only for the builders option. There's a special codepath just for that one nix.conf option.

However, nix.conf does support an include/!include keyword that you can use to read sets of options from another file (albeit not the value for an individual option like @ does). In other words, you can't do something like this:

access-tokens = @/run/secrets.d/access-token

… but you can do something like this:

!include @/run/secrets.d/access-token

… and then /run/secrets.d/access-token can have an option like:

access-tokens = github.com=…

  1. At the time of this writing it looks like there is a bug where the manual says it's derived from @/dummy/machines but usually the manual says that the default value is @/etc/nix/machines (which is the correct value).


You must log in to comment.

in reply to @fullmoon's post: