Nix / NixOS

Basically the title. I have Nixos running on a server that runs completely headless and while playing around today, I noticed that the rebuild takes longer than expected and apparently that's because firefox gets compiled.

Now, I don't have any GUI installed, and even if I had, I don't see a reason to compile FF from source.

My packages are just Jellyfin, Samba, Gitea, Nextcloud, virt-manager. None of these should depend on FF.

I have found those options for setting up iscsi, but since I am new to nixos (started yesterday) I don't have any idea how to configure the configuration.nix file to setup iscsi.

I already installed open-iscsi but it doesn't work on nixos it seems

Hi! It's my first day with nixos. I tried to compile a rust project. To do so, I used a nix-shell with the content from here: https://nixos.wiki/wiki/Rust with the "Installation via rustup" option.

Unfortunately the compilation fails:

$ cargo check
   Compiling libc v0.2.151
   Compiling proc-macro2 v1.0.73
   Compiling serde v1.0.193
    Checking once_cell v1.19.0
   Compiling thiserror v1.0.53
error: linker `aarch64-linux-gnu-gcc` not found
  |
  = note: No such file or directory (os error 2)

error: could not compile `proc-macro2` (build script) due to 1 previous error
warning: build failed, waiting for other jobs to finish...
error: could not compile `serde` (build script) due to 1 previous error
error: could not compile `libc` (build script) due to 1 previous error
error: could not compile `thiserror` (build script) due to 1 previous error

I run NixOS 23.11 stable on a VM on a Macbook with M1 (arm64) CPU.

Any ideas how to fix that?

It took me some time to work out how to get my ssh agent set up in Niri so I though I would share what I did. I'm using NixOS and Home Manager. I put this in my Home Manager config:

services.gnome-keyring = {
  enable = true;
  components = [ "pkcs11" "secrets" "ssh" ];
};
home.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/keyring/ssh";

I'm using GDM according to NixOS' default configuration which I think runs gnome-keyring (I thought I saw it in the process list before I set up the user unit), and I think that configuration is automatically unlocking gnome-keyring when I log in via PAM integration. But apparently I need to run gnome-keyring again in my window manager session. Home Manager's services.gnome-keyring adds a systemd user unit that does that.

After learning how to add an unstable overlay to nixpkgs, being able to override individual service modules from unstable was something that I still struggled with until fairly recently. Hopefully this helps someone else looking to do common-but-not-very-obvious operation.

just realized that one thing that NixOS could use is an update changelog of what packages were updated after running sudo nixos-rebuild switch --upgrade

tbh maybe there's a verbose option that I haven't discovered yet

Wow! Didn't know it'd be that simple.

• https://nixos.wiki/wiki/Creating_a_NixOS_live_CD

cross-posted from: https://mander.xyz/post/10671711

Hi, I am a beginner on NixOS and I am confused how to setup fonts on it. I have home-manager working properly and nerd-fonts installed. Now how to setup System,GTK,emoji and Indic fonts.

Any article or part of config please.

I have always been exposed to windows active directory with server controlled logins, server based "home" directories, etc. With the nature of NixOS it seems like it might be easy to deploy something similar by just setting up the configuration.nix as some sort of symlink to one stored on a central server. The only issue would possibly be how to not create home directories on the local machine and instead store them on server. You might be able to make a central passwd file that gets read, but i am not sure just how secure that would be. Thoughts?

How easy would it be to flakify the Lemmy repo to add a fourth build option for those of us in the Nix world?

I had the (perhaps foolishly ambitious) idea of creating a rolling fork of Lemmy with the intent of modifying the codebase for use in an open source pub sub implementation of retail inventory. But I have to get standard Lemmy working first...and I like to use Nix for everything I do in the dev world (where feasible).

So, I forked the repo and was immediately brought into dev environment hell.

They only offer a choice between:

A.) Docker B.) Ansible C.) Building from scratch.

Two hours of fighting with the scratch build instructions and I eventually had to admit defeat due to some vague dependencies (and general malaise). Though I have completely flakified my Purescript and Haskell dev environments, I have found Rust to be a lot more challenging even on simple projects.

Anyway, I decided to come here to ask: **How easy would it be to flakify the Lemmy repo to add a fourth build option for those of us in the Nix world? **

Can I reference the build instructions from nixpkgs to get close to my intended goal? I need all of the help I can get. Be as pedantic or defeatist as you will. I currently have no skin in this game and merely want to help the Lemmy devs welcome people that are more nixy like myself (if nothing else).

edit: here's a naive attempt. I haven't tested anything other than it being a valid flake. Here's the link to my rolling flakification fork.

{
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    flake-parts.url = "github:hercules-ci/flake-parts";
    systems.url = "github:nix-systems/default";

    # Dev tools
    treefmt-nix.url = "github:numtide/treefmt-nix";
  };

  outputs = inputs:
    inputs.flake-parts.lib.mkFlake { inherit inputs; } {
      systems = import inputs.systems;
      imports = [
        inputs.treefmt-nix.flakeModule
      ];
      perSystem = { config, self', pkgs, lib, system, ... }:
        let
          cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml);
          nonRustDeps = [
            pkgs.libiconv
            # Derived from Documentation on Dev installation for Linux
            pkgs.cacert
            pkgs.postgresql
            pkgs.openssl
            pkgs.pkg-config
            pkgs.libpqxx
          ];
          rust-toolchain = pkgs.symlinkJoin {
            name = "rust-toolchain";
            paths = [ pkgs.rustc pkgs.cargo pkgs.cargo-watch pkgs.rust-analyzer pkgs.rustPlatform.rustcSrc pkgs.cacert pkgs.postgresql pkgs.openssl pkgs.pkg-config pkgs.libpqxx ];
          };
        in
        {
          # Rust package
          packages.default = pkgs.rustPlatform.buildRustPackage {
            inherit (cargoToml.package) name version;
            src = ./.;
            cargoLock.lockFile = ./Cargo.lock;
          };

          # Rust dev environment
          devShells.default = pkgs.mkShell {
            inputsFrom = [
              config.treefmt.build.devShell
            ];
            shellHook = ''
              # For rust-analyzer 'hover' tooltips to work.
              export RUST_SRC_PATH=${pkgs.rustPlatform.rustLibSrc}
              export CARGO_PROFILE_DEV_BUILD_OVERRIDE_DEBUG=true

              echo
              echo "🍎🍎 Run 'just <recipe>' to get started"
              just
            '';
            buildInputs = nonRustDeps;
            nativeBuildInputs = with pkgs; [
              just
              rust-toolchain
            ];
            RUST_BACKTRACE = 1;
          };

          # Add your auto-formatters here.
          # cf. https://numtide.github.io/treefmt/
          treefmt.config = {
            projectRootFile = "flake.nix";
            programs = {
              nixpkgs-fmt.enable = true;
              rustfmt.enable = true;
            };
          };
        };
    };
}

and here's the lemmy-ui flake (which, judging by past forays into tsc with nix last summer, should be a lot easier to create and work with than the Rust library):

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    systems.url = "github:nix-systems/default";
  };

  outputs = {
    systems,
    nixpkgs,
    ...
  } @ inputs: let
    eachSystem = f:
      nixpkgs.lib.genAttrs (import systems) (
        system:
          f nixpkgs.legacyPackages.${system}
      );
  in {
    devShells = eachSystem (pkgs: {
      default = pkgs.mkShell {
        buildInputs = [
          pkgs.nodejs
          # You can set the major version of Node.js to a specific one instead
          # of the default version
          # pkgs.nodejs-19_x

          # You can choose pnpm, yarn, or none (npm).
          pkgs.nodePackages.pnpm
          # pkgs.yarn

          pkgs.nodePackages.typescript
          pkgs.nodePackages.typescript-language-server
        ];
      };
    });
  };
}

Creating infrastructure for supporting Bazel remote execution with rules_nixpkgs

I'm happy to finally release this flake; it's been on my plate for months but bigger things kept getting in the way.

Let me know here or @[email protected] if you successfully run any interpreter on any system besides amd64 Linux.

Hey, i currently try to learn the nix language and i have a question about recursion. This is my solution for Advent of Code 2015 day 4

let
    input = "abcdef";
    part1 = number:
        if (builtins.substring 0 5 (builtins.hashString "md5" "${input}${builtins.toString number}")) == "00000" then
            number
        else
            part1 (number + 1);
    part2 = "not implemented";

in {"Part 1" = part1 1; "Part 2" = part2;}

since i put the recursive call at the end of the function i assumed it would do some magic or tail call optimization stuff, but it results pretty fast in a stack overflow is there a way to get it working?

So i followed the instructions to install virtualbox and added myself to the vboxusers group, but i cant run VMs as a standard user. The GUI message says "VirtualBox kernel driver is not accessible, permission problem" the VM log says "ERROR [COM]: aRC=E ACCESSDENIED (0x80070005) aText={The console is not powered up}"

Someone on mastodon mentioned /dev/vboxdrv and that file is "crw-rw---- root vboxusers". There is also a file /dev/vboxdrvu which is "crw-rw-rw- root root" but changing that to root vboxusers with chown didnt work.

I can run VMs as root just fine. Any thoughts?

Edit: new to NixOS and really enjoying it so far

Edit 2: SOLVED: I had "virtualbox" as a package under "envoronment.systemPackages = with pkgs; [" and wasnt supposed too.

I just switched one of my systems over to NixOS from Arch and so far it seems interesting. One question I had is regarding the nix-shell. So I get the basic concept of it and that it allows creating a shell that has packages installed with that shell making ideal for dev environments. I've even seen talks where the suggest nix-shells over docker/podman, my question is how is persistent data (like databases) handled?

While updating home-manager I got a notice that freeimage-unstable-2021-11-01 is marked as unsafe.

Since chances are it's used by something I never use, I'd like to know what I'm using that depends on it... any idea how to do it?

Also.. any idea why I have 4 copies of the freeimage stuff in my /nix/store? (I just run nix-collect-garbage -d and the 4 seem to be actually different):

❱ md5sum /nix/store/*freeimage*/lib/libfreeimage.a
67a0ce1cb5dd562473e27d7c88e8a9bd  /nix/store/6gi6hm57zngqnxb6p5dnxhjjcbr96lrk-freeimage-unstable-2021-11-01/lib/libfreeimage.a
5995e0affbfa28b63da7e997cb4dbe63  /nix/store/09nwykzzksc0zknflsyxyah5b67c2rsn-freeimage-unstable-2021-11-01/lib/libfreeimage.a
67a0ce1cb5dd562473e27d7c88e8a9bd  /nix/store/ikfiv4gpmcpyir7lsj45by653qcnvgyx-freeimage-unstable-2021-11-01/lib/libfreeimage.a
213a408e3c1fbb5dfa4491deebe05984  /nix/store/q2sc85f2hclgwl8m3qdw8rpbs44gzmah-freeimage-unstable-2021-11-01/lib/libfreeimage.a

Hi,

how would one create a development environment for #xmonad contained within my nixos system configuration?

My flake for my system sets up xmonad with a custom config.hs and I'd like to get a suitable dev environment when editing the config.hs. Usually when developing for haskell, I'll use a flake and setup a devShell which then gets loaded by direnv.

• is there best practice?
• my config.hs is in a subdirectory

My first attempt would be to just provide a shell.nix next to my config.hs - but that wouldn't load the exact same xmonad as the system one, since it's separate from the flake.

Hi all Nix experts,

I recently started using nix to manage my dev environment on my immutable distro, and I need some help.

I was wondering if I am using a large package like TexLiveFull, how to make sure nix don't delete large packages after I close the shell? I also don't want this package to be available in my global environment, as I don't need to use it outside vscode.

Another question is how to keep my packages up-to-date. I don't do serious development work, thus I typically perfer my package and dev-tools to be on the latest version. I prefer to have a little management of this as possible. Ideally, every time I start up a nix shell, the package manager will grab the latest version of the package if possible without requiring additional interaction from me. Is this possible?

Finally, is there any way to bubblewrap programs installed by nix to only access the file within the starting path of the shell? I don't imagine this is possible, but it would definitely be nice if nix has some security feature like this.

Thanks in advance for your help! I understand parts of this post might be ridiculous. I am still new to nix. Please correct me if I am not using nix in the "correct" way.