How do you include environment variables in your nix configurations when the application runs? Let’s take the Heroku CLI client as an example.

The Heroku CLI normally updates itself. An important feature, but not so on nix. Nix wants to be reproducible and declarative. A version change needs to be explicit. Fortunately, Heroku has a method to prevent automatic updates through an environment variable. Add HEROKU_DISABLE_AUTOUPDATE=1 before running the Heroku CLI and all is good. Nice, but how do we add this to our nix configuration? We don’t want to specify the variable manually each time we run the client.

makeWrapper

Nix has a solution: wrapper scripts. Add the “makeWrapper” function to your build inputs, and use the “wrapProgram” function to replace the binary with a script that adds the variable before calling the real application.

nativeBuildInputs = [ pkgs.makeWrapper ];
postInstall = ''
  wrapProgram $out/bin/heroku --set HEROKU_DISABLE_AUTOUPDATE 1
'';

For non-flake declarations, you will also have to include the “makeWrapper” function on the first line.

On building the package and inspecting the overall result, you will recognize the Heroku script is exporting the variable as foreseen before invoking the wrapped version.

$ cat result/bin/heroku
#! /nix/store/xxx-bash-5.1-p16/bin/bash -e
export HEROKU_DISABLE_AUTOUPDATE='1'
exec -a "$0" "/nix/store/xxx-heroku-7.66.4/bin/.heroku-wrapped"  "$@"