I want to remind all #NixOS users of the existence of this thread: https://discourse.nixos.org/t/accessibility-and-obstacles-to-community-contribution/32845
If you've experienced any sort of obstacles or difficulties in contributing to (any part of) NixOS, please post them there! This includes disability-related issues.
No solutions are expected, no questioning is allowed, it is just a place to leave a record of your personal frustrations without any further commitment.
(This is a thread in the same vein as the earlier papercuts thread; there is no deadline to it and no immediate action is planned, rather it serves as a long-term reference for the people trying to solve accessibility issues, a sort of public survey)
Traceback (most recent call last):
File "/nix/store/s57dhgxybrd3xgpc3hwv7lkqa3331acf-python3.10-trezor_agent-0.12.0/bin/.trezor-agent-wrapped", line 6, in <module>
from trezor_agent import ssh_agent
File "/nix/store/s57dhgxybrd3xgpc3hwv7lkqa3331acf-python3.10-trezor_agent-0.12.0/bin/trezor_agent.py", line 1, in <module>
from libagent import age, signify, gpg, ssh
File "/nix/store/644c91qc2r854ra3h3h1fa137madvp8p-python3.10-libagent-0.14.5/lib/python3.10/site-packages/libagent/age/__init__.py", line 22, in <module>
from cryptography.exceptions import InvalidTag
File "/nix/store/vlxsmdydfqysz65c1nfjb7cifxfr20m6-python3.11-cryptography-41.0.3/lib/python3.11/site-packages/cryptography/exceptions.py", line 9, in <module>
from cryptography.hazmat.bindings._rust import exceptions as rust_exceptions
ImportError: /nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6: version `GLIBC_2.38' not found (required by /nix/store/k3d7ny5h682kixy91iw7sm653kxyqr8d-openssl-3.0.12/lib/libcrypto.so.3)
#NixOS 23.11 is scheduled for release today 🎉
If you've used any of my NixOS starter templates for #WSL, cloud VMs or Bare Metal servers, I'll be posting some videos this week going through the (painless!) upgrade process from 23.05 to 23.11 🚀
I'll be posting links to them here on the #Fediverse of course, but if you're interested I'd appreciate if you could sub to the channel too ♥️
We are at 855 subs now, so close to 1000! 😱
It seems git log's --exclude isn't working at all for me on Manjaro. It doesn't exclude anything. On NixOS git v2.40.1 does it properly. I tried different git versions on Manjaro (compiled from git-git pkg), even via nix-shell and all of them completely ignore the --exclude option.
Use case: pretty&short git log without the git-annex branch cluttering everything:
❯ git log --decorate --exclude='*/git-annex' --all --color --graph --date-order --oneline
Your GitHub Actions workflows, upgraded: KVM acceleration ⚡️ by default. #NixOS tests are faster with the Determinate Nix Installer action for open-source projects & large runners. Pair with the Magic #Nix Cache 🚀 to go even faster. On the blog:
@wiredfire check out Bismuth and Polonium which can turn Plasma into tilling window manager if you're into keyboard-focused control. Kwin (Plasma's window manager) is really powerful too.
I couldn't build my own #nixos package for Polonium yet (it's a bit of a learning curve) but Bismuth is pretty much full feature drop-in twm with sane defaults for Plasma which is awesome!
#NixOS folk... what's the difference between
my hot take about #Docker for years has been that it operates at a bad/wrong level of abstraction. `RUN apt-get install ...` is an abomination. if you tried to build a tool like Dependabot or Snyk on top of a series of `npm install` commands in a shell script (or on the resulting `node_modules` directory) you'd be laughed out of the room, but this is exactly how every existing Docker "security scanning" tool works. you really want something like a #NixOS or #Guix package manifest.
even hotter take: the on-the-wire image format doesn't make much sense either. it's stupid that I have to think about layer ordering causing slower downloads when #OSTree exists and makes deltas Just Work™.
It's also like being in a cult (high-demand religion, if the c-word is too spicy), where it becomes the lens through which you view the world and you're always on the lookout for new converts. And you feel pressured to pretend like everything is always great, because otherwise people say "I told you so". But the relationship analogy is more fun and less revealing, so let's stick with that. #nixos
switching to NixOS is like being in a relationship where you're willing to learn a hard foreign language, put up with some insane idiosyncrasies, live with a lack of transparency, and listen to unoriginal puns about her name all day long, because you're so glad there's none of the toxic chaos you had with your ex and the good parts are really good.
Did you know that LunarVim is now available as a package on nixpkgs-unstable? No more having to run a curl-bash script to install it on #NixOS! ❄️
Today I show the migration to the new package, clean up some dependencies no longer needed for the curl-bash install, and show how to set up some directory creation prerequisites in a declarative way 🎉
We're at 876 subs now, can we hit 1000 before 2024? 🙏
Documented a patch to enable electronic invoicing support for the #InvoicePlane web app & #NixOS module 📫 https://nixos.wiki/wiki/Invoiceplane#Electronic_invoice #ZUGFeRD
Differences between Nix channels
If I were to switch from Ubuntu (which bugs me in numerous ways but are otherwise comfortable and smooth), to a distribution based on reproducible builds, what would be "better", NixOS or Guix?
Please elaborate in comments ❤️
(transphobes and other fascists are not welcome to interact)
#NixOS, per se, wasn’t the problem, but the complicated state of the graphics ecosystem, the runtime configuration that graphical apps do, and the weirdness of NixOS combined to make things not work out of the box.
In NixOS, we have to include the libraries in LD_LIBRARY_PATH. On Debian and Fedora, the app finds the libraries automatically.
Depending on which graphics system we’re running, we only need one set of libraries, but we have to include both for our users. This error also happens if $DISPLAY or $WAYLAND_DISPLAY are not set correctly, but that would be a window manager snafu.
In today's live programming video I track down some more concurrency bugs and walk through some common mutli-threading optimizations for komorebi's new animation feature 🚀
Right now we have 867 out of the 1000 subs required to apply to join the YouTube Partner Program for ad revenue sharing, I would appreciate it a lot if you could hit subscribe ♥️ My channel has lots of #Rust and #NixOS content!
Wait for wlroots™.
Non-logind TTY switching should work then
#sway #wayland #nwgshell
a single issue is capable of delaying my #nixos boot by minutes
having your runtime directory set up at login using something like dumb_runtime_dir.
NixOS feels so awesome and horrific at the same time.
From now on I might refer to it as SchrödingerOS.
I've had a Macbook Air M2 for a few days and adapted my Nix :nixos: Home Manager configuration to be macOS-compatible. It is so good! 💖 macOS, Nix and Lima are realistically all I need to be productive, but...
#NixOS :nixos: Apple :apple_inc: Silicon :asahi: is my next stop 😁
And this bloody setting was switched to off - the second one - Desktop and Document Folders, and when you switch it on the files and folders reappear on my desktop but I never asked them not to be. Even the time machine shows me they were there yesterday. This is why #nixos is better. No-one messes with my configuration.nix
It might actually simply be a finder setting toggle set here - showing the files where they actually are but the words used to describe the options make no sense. pants.
@chrism I asked here about #nixos #rollback
and rolled back using usb image and using latest configuration.nix from usb stick
all seems well again.
I will not run --upgrade #upgrade unless I have a system where all apps work fine and will keep nixos images on usb sticks to be able to revert the kernel.
A rollback of kernel option would be fab.
On my way to the second day of the #NixOS Zero Hydra Failure hackathon. Today starts with lightning talks:
There is one on forming a Nixpkgs Geospatial team, and then I'll briefly lobby for defining attractive and sustainable investment paths for Nix that avoid reshaping and disequilibrating the community in bad 🤑 ways.
Added a second example to the #NixOS wiki page on how to build a custom insallation media using Nix Flakes 💿 https://nixos.wiki/wiki/Creating_a_NixOS_live_CD#Building
to come clean - my real issue was obtaining the privilege to mount /proc from a container i m building by spawning from host - systemd
but it is a very early stage , so fomo
ie i am not doing everything that i am posting about, i am learning as much as i can about the related issues which might crop in as i build and deploy from my isolated app , persistent home in container at prod
what i ve tried yet is bypassing host init\bash sequence , changing pid and proot
my system here is #nixos which gives me the nerve :D
also, i think you are right about dropping setuid
#Gentoo is the 1st distro do to from-source compile (according to my research on repology) of #PowerShell 7.4.0 BUT I hit a problem with test needing additional source-generated csharp files. We will have to revise how we do our pwsh distribution tarball.
In #nixos I have managed to identify by trial and error that my bitwarden and auth apps work in Kernel version 6.1.61 but not 6.1.62 and above. How to I remove all derivations from the boot menu listing except the CURRENT one - but the old one I have booted on and am now using e.g. the one as highlighted below that I am now running? Is there a "keep this live one and purge the rest"
Please note that we do not ship proprietary userspace software by default. You must explicitly opt into this. The only proprietary component on a NixOS system is firmware that is sadly required to run a modern computer.
Prebuilt packages with FOSS license also exist where packaging is otherwise unreasonable (patches welcome) but their source type is marked as such.
We are in #rapperswil, about 30-40min by local train from Zurich Hbf. It's a very nice venue with view on Lake Zurich (pic attached). We are about 30ppl now but there is space for many more. Little downside, I stay in Zürich (required for another event), and only later realized that a one way ticket to #rapperswil costs about 18 Franks/EUR per way.
@EC_NGI some trivia about the Zero Hydra Failure meetup (also for non-Nixers):
The main objective is to work collectively on driving "Hydra Failures" down before an upcoming release of #nixos (23.11 codename tapir), basically errors of the main Nix CI that builds all packages in the main package collection called #nixpkgs. The contribution flow is just being presented and attached in the image below.
Arrived a bit late but now sitting in the intro to the #NixOS #UX workshop. Looks very nice. A structured approach to UX is just way superior to random hacking on it. I'm still surprised how many see design and UX as second class in software engineering. Probably a result of how we get artificially educated to be split in either the tech person (="guy") or the creative.
Yesterday at the #NixOS weekly meeting at @chaospott i was (re-)inroduced to #rbw (i had simply forgotten about it).
Its library does exactly what i was working on for the last 2 weeks for my bitwarden #gtk #LinuxMobile client.
Lazy as i am (and a fresh father with no time) i did not have to think twice: I will piggy back on rbw. Thanks in advance to the authors, it looked pretty slim and clean, yet feature-complete (?).
When I roll back #nixos to an earlier build I not only do not have a #firefox #crash problem but also problems with #authy and #bitwarden apps seem to go away. Problem is I do not want to roll back my configuration.nix - that would lose software installs, right?? #newbie question: is the #nixosconfiguration in configuration.nix preserved (latest version kept) when on rolls back ? Or do I reinstall #nixos from image (boot from usb image) and use the latest backup of my configuration.nix file?
#firefox on completely newly installed #nixos using default #configuratoin .nix file file on (Acer) laptop does not crash initially; after doing #upgrade
sudo nixos-rebuild switch --upgrade
however #firefox crashes i.e. shuts down completely with error message #mozilla #crash reporter #mozillacrashreporter for example when clicking photos in posts in this fosstodon instance or trying to perform online payments. Is there an error in the current #nixosrepo ? I have the same problem on my #T480
@determinatesystems made a graphical nix installer! We're getting closer and closer to giving normal users the power of Nix without requiring them to learn the command line and all of the quirks of the Nix commands!
Is there a smart way to store browser #bookmarks (internet addresses) that is completely independent of the browser used to access those addresses? The use case is in #nixos when #firefox is broken but I have stored my bookmarks on-line with them to make them available on any device I log into with my firefox account. Can one set up a cloud or home NAS or server bookmarks service that stores the addresses & makes them seamlessly available in #librewolf #brave etc. when logged in to that server?
🚂 On my way to the #NIXOS Zero Hydra Failures meet-up in #Zürich. I will share some of my experience from the last years on how money flows into the upstream ecosystem from different types of actors with different interests. I hope we can get some thoughts and ideas how this money can be used and investments encouraged without throwing the community off balance.
I will run an event microreport below 👇
Just went through my second #NixOS upgrade (to 23.11 beta) and... It was a non-event once again. Updated my flake repo URL, triggered a dry-build which told me about some deprecated/renamed config items. Fixing them took a few minutes, then rebuild & reboot and I was in a new release. All the while knowing I can go back at any time.
I am sure I'll find some quirks/bugs but so far things work fine.
#Linux doesn't have Jails, but they are roughly equivalent to system containers (e.g. #NixOS containers). This scenario is also handled by the hidepid option since it restricts users view of the process table to only processes they own (including containers).
nosuid, noexec, and nodev are the defaults on /proc, so there is likely a more idiomatic way to express this
While trying to upgrade https://fantastic.earth to #Mastodon 4.2.1 today, I accidentally ended up upgrading the #Bookwyrm service as well because both of them were using the same #NixOS pinned channel. Mastodon upgrade worked fine but Bookwyrm refused to build because of some Python packaging issues.
So I just copied the previously working channel for Bookwyrm and changed its config to use the same, upgrading only Mastodon.
Doing these kind of things would be so cumbersome if I had not been using NixOS.
I also managed to wipe out the whole Nix store while trying to figure out the Bookwrym build issue (by running garbage collection). But no problem, I just ran the build again, and everything was back to how it was.
So, the point I'm trying to make here is, use NixOS for setting up your servers. The isolation and reproducibility (and composability) is worth learning the complex #Nix language.
If anyone has successfully gotten Peertube working on NixOS with Caddy, please message me. I've tried both Podman and the official NixOS packaging of it, and the farthest I've gotten is OAuth bitching about the externyal domain not being identical to the internyal IP. (If I configure the instance domain to be vcr.sbargv2.com, it throws a tantrum that it's not 192.168.86.38. If I set the instance domain to be 192.168.86.38, it throws a tantrum that it's not vcr.sbargv2.com)
#caddy #nixos #peertube #selfhosted #askfedi
Earse your darlings
was one the earliest good things i read about and did , when began with #nixos and til the impermanence modules and env.persistence , when i actually want to isolate my apps with containers , which goes on from orthogonality of ps namespace to bindmount of udev to tmpfs in #linux , when you do it with containers
One goal made me read it and make it work
another which may randomly occur in time made me figure out , how and why it actually works
thats pretty much how my learning works for most such things
Beauty of system under these circumstances is that motivation remained alive, between the two goals , its rare in my case
All state is persisted to /nix/state (again /nix is ZFS with atime=off for speed), and important files are all stored in /data. You can find the complete configuration for it here and the partition script here. This is done using the extremely handy impermanence Module
I used to use TMPFS / + BTRFS Subvolumes as well, but switched to ZFS because of it's far superior capabilities as well as to save the memory used by the TMPFS Partition (if interested, the configuration for that can be found here). Both of the layouts have automatic snapshots enabled
I also have been using an ephemeral /home since quite recently (configuration can be found at first link) after impermanence#70 (which added support to manager user files to the nixosModule as the home-manager module was a little janky and didn't work well), and it works fantastically well, although it is a little difficult trying to find out exactly where applications store their state (in case you want a granular control, by manually specifying all files and directories to persist)
I very often have to 'rm -rf ~/.cache/nix' so I can continue working with 'nix flake ...'. Either it's weird errors that some path in /nix/store/... is not found or it does not use the updated flake from the specified url but uses an old version.
I'm sure there is a better way than manually nuking the cache? 🤔
small steps to for #QubesOS
2. app isolation 1 , as Currently, #NixOS containers are not perfectly isolated from the host system. This means that a user with root access to the container can do things that affect the host. So you should not give container root access to untrusted users.
- Qubes step 1 donehttps://jjjollyjim.github.io/arewehackersyet/index.htmlhttps://github.com/JJJollyjim/arewehackersyet#nix security toolboxhttps://fabaff.github.io/nix-security-box/
We have a date! Together with Stefan Machmeier of the Engineering Mathematics and Computing Lab at @uniheidelberg, we're organizing our first @nixos_org and @rust meetup in Heidelberg on Tuesday, December 19. If you have something interesting to present about Nix or Rust, feel free to contact me directly or send an email to firstname.lastname@example.org.
I've been on fedi for over a year now so it's about time for an #introduction I think.
My name is Hertog. I am a Dutch programmer/game-developer/sysadmin (I'm trying to find out where I fit in (spoiler it is all three in different amounts on different days)).
I am studying Game Development and Design at the Grafisch Lyceum Utrecht (I currently intern at DIVD in Den Haag).
My posts on here are all over the place but usually CW'd based on whats what and if not please tell me.
I do mostly post about #NixOS though, it's the way I combine my various puter endeavors, my homeserver runs it (where I host my website, blog, etc (hermitcollective.net) and I use nix flake shells to work on my programming projects.
For #gamedev I am using C++ with SFML or Rust with BevyEngine (not really sure which I'll end up using allot both are cool)
As for politics I am #AnarchoCommunist not of the everyone needs to agree with me kind more of the what if we made everything not suck kind (not very fond of capitalism)
#NixOS 23.11 beta is now available! The corresponding channels should be available soon as well
As with every tutorial in this series, there is a starter template on GitHub for you to follow along with 🚀
I've been looking for a way to run integration tests for my NixOS packages on a real NixOS machine, and since Github recently made KVM available in Github Actions, it turns out you can do this efficiently using a NixOS VM!
Take a look at the machinery here: https://github.com/jnsgruk/crafts-flake/commit/40201fd9e3e100196ce75aca7690e0ed9a80b5ca
And wiring up to Github Actions here: https://github.com/jnsgruk/crafts-flake/commit/5c4cb58203741881914e949a23cd8c4aa85030c3
And a successful run here: https://github.com/jnsgruk/crafts-flake/actions/runs/6945653474/job/18895567511?pr=21
$ sudo nixos-rebuild switch
building the system configuration...
- To use Flatpak you must enable XDG Desktop Portals with xdg.portal.enable.
(use '--show-trace' to show detailed location information)
I promise I have something novel and rusty in the works but in the mean time, While Arch has been pretty stable for me, I switch to NixOS officially.
Went in cold. Never used Nix before, just backed up documents and installed.
So far I'm sold. Coming from a Devops dev background, declarative configuration/deployment is everything.
I feel like I have full control over my system. Some things I'm missing but it's not the end of the world.
The #NixOS 23.11 branch-off process is planned to start at around 7 pm UTC on Monday (2023-11-20), and the beta would soon be available!
And then I thought: why do I do all these painful toot concatenations if activitypub is clearly not limited to 500 characters.
Apparently, it's rather trivial to patch mastodon to have longer toots, it's just not trivial to do that in nix given how the mastodon build is arranged. I just went on and fixed it, though (https://github.com/NixOS/nixpkgs/pull/268551), and now I'm a happy owner of a mastodon instance that allows me to write down some thoughts without being forced to scatter them across a series of individual messages. Technology is amazing.
I have almost 100 new subscribers on #youtube since getting laid off last week
If you want to learn more about writing practical #Rust code in a real world open source application with 10s of thousands of users, or learn how #NixOS works by provisioning and building servers, you should come and join me at https://youtube.com/@LGUG2Z 🚀