Meaning, VMs with Xen and hardware virtualization support

The system VM/Qube for USBs is isolated, the Network VM/Qube is separate and isolated, the windowing system and OS housing the qubes is isolated....

And being able to configure all of those with Nix would be a wet dream come true

cross-posted from: https://discuss.tchncs.de/post/22577290

> Self-hosted photo and video management solution

cross-posted from: https://discuss.tchncs.de/post/22480304

cross-posted from: https://discuss.tchncs.de/post/22424459

cross-posted from: https://discuss.tchncs.de/post/22424275

NixOS Facter aims to be an alternative to projects such as NixOS Hardware and nixos-generate-config. It solves the problem of bootstrapping NixOS configurations by deferring decisions about hardware and other aspects of the target platform to NixOS modules.

cross-posted from: https://infosec.pub/post/15780978

> > Am I out of touch? > > > > No, it's the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong. >

Had a lot of headaches the last week or two trying to optimize star citizen as well as fix a vulkan RHI bug which was affecting unreal engine games.

Apparently rolling release schedules (like NixOS23.05, 23.11, 24.05...) are better for servers since they're less prone to change, where as nightlies like for the unstable Branch are better for gaming since those latest drivers are likely the current ones for a newly released game

This idea is inspired by nixos-mailserver. It was so easy to spin up the mailserver after changing some DNS records and putting in some settings. I thought it might be a good idea to do the same for services that need public, decentralized infrastructure to support. Some ideas include

• Tor relay, or exit node
• Encrypted messaging nodes. It looks like SimpleX chat relies on SMP servers to relay communication
• Crypto miners (I know, I know, but you understand how it fits the "public contribution" usecase)
• Search engines like searxng (I currently use a public instance)
• Libredirect services, like proxy clients for social media

Maybe federated services, but those require more than just the software running on the public internet. Those require moderation and long term maintenance. Ideally, the services in this config would be ephemeral.

Does this sound like a good idea? Would you spin one of these up on a $10 VPS? I understand that this is the NixOS community, not necessarily the privacy community, but I figured thered be overlap.

What other services do you think would be applicable?

Went through the pain of packaging a python project on Nixos. Here's some issues I hit, and how I got lucky resolving them. I feel the most reliable way of doing this in the future is to use docker and just imperatively build.

Here's how I got web drivers, AI dependencies, gpu dependencies, and an api dependency bundled together into an ephemeral shell for python development, on NixOS 23.11

0. Enable Flakes

1. Start with setting up poetry2nix

2. Get the template flake by running nix flake init --template github:nix-community/poetry2nix

3. in the flake.nix, sometimes changing projectDir = self to projectDir = ./. fixed some issues

4. in your terminal, run nix develop . to build the poetry app with python packages described in pyproject.toml

5. By default, just poetry and python latest should be installed. the dependencies for the project (which gets reflected in the pyproject.toml) are updated with poetry add, such as poetry add numpy selenium scikit-learn

6. Exit out of the ephemeral shell from nix develop ., and rerun to have poetry2nix rebuild and link the newly declared packages

Poetry2nix has worked pretty well for the more obscure python packages, but failed in others. For example, sentence-transformers would depend on maturin, which would fail to link setuptools. If poetry doesn't work, you can try and get the package from nixpkgs, or specify sha256s from pypi.org

Here's an example of what I added to my flake.nix to get gpu acceleration, sentence-transfomers, firefox drivers for selenium, and other packages poetry failed to setup:

packages = [ pkgs.poetry pkgs.python311Packages.sentence-transformers pkgs.firefox pkgs.python311Packages.openai pkgs.python311Packages.yt-dlp pkgs.python311Packages.pyopencl ];

was added to this flake.nix, as in,

```nix { description = "Application packaged using poetry2nix";

inputs = { flake-utils.url = "github:numtide/flake-utils"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; poetry2nix = { url = "github:nix-community/poetry2nix"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, nixpkgs, flake-utils, poetry2nix }: flake-utils.lib.eachDefaultSystem (system: let # see https://github.com/nix-community/poetry2nix/tree/master#api for more functions and examples. pkgs = nixpkgs.legacyPackages.${system}; inherit (poetry2nix.lib.mkPoetry2Nix { inherit pkgs; }) mkPoetryApplication; in { packages = { myapp = mkPoetryApplication { projectDir = ./.; }; default = self.packages.${system}.myapp; }; devShells.default = pkgs.mkShell { inputsFrom = [ self.packages.${system}.myapp ]; packages = [ pkgs.poetry pkgs.python311Packages.sentence-transformers pkgs.firefox pkgs.python311Packages.openai pkgs.python311Packages.yt-dlp pkgs.python311Packages.pyopencl ]; nativeBuildInputs = [( pkgs.python311Packages.buildPythonPackage rec { pname = "serpapi"; version = "0.1.5"; src = pkgs.python311Packages.fetchPypi { inherit pname version; sha256 = "b9707ed54750fdd2f62dc3a17c6a3fb7fa421dc37902fd65b2263c0ac765a1a5"; }; } )]; }; }); } ```

There was one package (serpapi), which was not in nixpkgs, and poetry failed as well. Adding this to native build inputs got serpapi installed

nativeBuildInputs = [( pkgs.python311Packages.buildPythonPackage rec { pname = "serpapi"; version = "0.1.5"; src = pkgs.python311Packages.fetchPypi { inherit pname version; sha256 = "b9707ed54750fdd2f62dc3a17c6a3fb7fa421dc37902fd65b2263c0ac765a1a5"; }; } )];

All in all, it works, and I have no doubt I've made a reproducible environment. What attracts me is I've never had an easier time setting up cuda/cudnn/tensorrt/... system drivers have been near effortless, and much faster to setup than on debian. Tools like sentence-transformers and torch default to packages which leverage the GPU.

What pushes me away, is I've had failures in each of the three methods for specifying package dependencies, even though one of the three eventually was the fix for integrating the dependencies into my shell. For now, I'll stick with it, but it's hard for me to suggest to a team we use this in development

So I tried to follow some tutorial about flakes, but it seems these are extra-experimental still.

I am using NixOS 23.11 with Nix 2.18.1 in a VM (those are the most recent stable versions, right?).

Trying around I already found out that instead of eg. nix flake update I have to use --extra-experimental-features two times to get this simple command: nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update Searching the web I found several different things that people put into their /etc/nixos/configuration.nix to enable this globally, but none of those worked for me. I assume there is still a way to do this - can someone please tell me the correct syntax for Nix 2.18.1?

What makes things worse is that I cannot start playing around with home-manager and flakes, because home-manager switch flake . seems to use nix flake internally, which leads to errors instead of results.

I heard a lot about the concepts of nix and NixOS and I'd love to try it.

After installing the VirtualBox demo, I keep getting stuck with every tiny step I take, though.

So I was wondering if there are any tutorials for beginners that you can recommend?

I couldn't find anything on the internet - everything that looks like a tutorial presumes a lot of things everybody seems to know about nix, so no need to explain those.

Where can I find those explanations to make the first baby steps with NixOS?

To put it in other words: Where is NixOS for dummies?

cross-posted from: https://infosec.pub/post/9428674

I had the (perhaps foolishly ambitious) idea of creating a rolling fork of Lemmy with the intent of modifying the codebase for use in an open source pub sub implementation of retail inventory. But I have to get standard Lemmy working first...and I like to use Nix for everything I do in the dev world (where feasible).

So, I forked the repo and was immediately brought into dev environment hell.

They only offer a choice between:

A.) Docker B.) Ansible C.) Building from scratch.

Two hours of fighting with the scratch build instructions and I eventually had to admit defeat due to some vague dependencies (and general malaise). Though I have completely flakified my Purescript and Haskell dev environments, I have found Rust to be a lot more challenging even on simple projects.

Anyway, I decided to come here to ask: **How easy would it be to flakify the Lemmy repo to add a fourth build option for those of us in the Nix world? **

Can I reference the build instructions from nixpkgs to get close to my intended goal? I need all of the help I can get. Be as pedantic or defeatist as you will. I currently have no skin in this game and merely want to help the Lemmy devs welcome people that are more nixy like myself (if nothing else).

I setup a next.js project with pkgs.mkshell, and used nix develop to automatically build the project. However, when I leave the shell, the files persist. How should/can(?) I setup my shell.nix so that files in the directory it drops down into are automatically removed when leaving the ephemeral shell?

Hey guys, I'm pretty new to Nix and NixOS and one of the reasons I installed it is because I know there's some way to install the KDE 6 Beta before the official stable release. I wanted to use the kde2nix overlay, but appearantely KDE 6 has been merged into the official nixpkgs repository. How do I switch from Plasma 5 to 6? I'm already on the unstable channel if that matters.

Thanks in advance.

So I've been looking into Nix and it seems like a pretty cool way of managing machines. However, I'm curious about how well it can manage user authentication. Theoretically one should be able to setup the equivalent of roaming profiles with rsync and some sort of authentication server but I haven't seen a lot of information on this topic.

Anyone used Nix in a group or company setting? If so, how did it work?

I want to start a new project, and I want to try to handle all the reproducibility / "containerization" in nix instead of dockerfiles. I see some examples online but I think they're including more uncommon procedures and/or don't do things the "nix" way.

What's the right way to manage a simple python project? Should I just make a derivation.nix for use in nix-shell -p and have the ephemeral shell be my container? Can/should I do it with nix flakes instead? What would a simple nix flake look like that:

pulls an initial python repo from github

possibly executes whatever build instructions might be included

extends other system packages or other versions of the same python package,

has local area network access,

and GPU access

cross-posted from: https://feddit.de/post/7895009 >I'm a semi-recent NixOS user and one thing that bothers me since the beginning is that when I change the Gnome theme (between light and dark), Firefox doesn't adapt. The system theme in Firefox is enabled, but it always displays the light theme, no matter what theme is selected in Gnome. > > Internet search, including searching through NixOS discourse, packages, options and Nixpkgs repo surfaced a solution. > > Any ideas or tips how to achieve system theme integration for Firefox on NixOS? > > NixOS 23.11 / Gnome 45 / sway

Plenty of nix'd config, nix-colors theming for most applications. I've only been using linux for around 6 months, NixOS has really clicked with me.

My config might be sub-optimal in areas, but its gone through some heavy changes since its inception.

I've probably parsed dozens of pages now, including the "Dual boot NixOS and Windows" page on nixos.wiki, and not really sure what the best steps are since most seem to leverage the fact that everything is on a single partition. My windows lives on a physically separate drive than NixOS, so osprober does not detect the windows partition at all. I tried to go down the route of grub-mkconfig but that doesn't seem to be a nix package and I couldn't mount my Windows bootloader as it is NTFS. Is this even possible with this configuration?

My next step was going to be to physically disconnect each of my disks/NVME, nuke everything bit by bit, then only connect the disks I want and install each OS with it's specific disk connected.

cross-posted from: https://programming.dev/post/7531089

> 🗓️ Mark your calendars! NixCon North America 2024 is happening on March 14th and 15th in CA, USA. Submit your talk or workshop proposal before December 31, 2023, 11:59 PM PST. Be a part of this exciting event! More details at: https://discourse.nixos.org/t/nixcon-na-2024-call-for-proposals/36491 > > > !

I see you can delete everything older than some period of time, but what if I want some older than a year? Or should it be interpreted that: whatever build configuration was used, it is tested thoroughly at that point, and it would be better to rebuild from a nix configuration stored on git?

Edit: my issues came from copying source .nix configurations for the pig manager, not configurations that I would include on my computer. Finding how to include what where was much easier with search.nixos.org

Hi, I've finally cleansed my system of windows and switched fully into nix. I want to learn this OS the right way, but have ran into some noob troubles. Any help would be greatly appreciated. Ideally, these changes are things I would include in my configuration.nix

• How to install electrum wallet on nixos? I found this default.nix for electrum and thought it would be as easy as nix-build default.nix but was mistaken. It says " cannot evaluate a function that has an argument without a value ('fetchurl') Nix attempted to evaluate a function as a top level expression" but on a later line that value is inputted to the function (if I understand right)

> src = fetchurl { url = "https://download.electrum.org/${version}/Electrum-${version}.tar.gz"; sha256 = "sha256-BxxC1xVKToUjgBo4mEeK9Tdhbd/+doHcTTJsXDtaELg="; };

• How to install KVantum Theme Manager? I was following this guide and tried to add gcc/g++ and the x11 package dependencies but I get undefined variables for the x11 libraries. Some recommend using stdenv.mkDerivations but I haven't used that much nix before so I'm not certain if I should be going down that rabbit hole

Came across a new nix wiki attempt. The announcement post is made on discourse with high skepticism.

But I really like it for two reasons:

• For now, its incredibly informal and the barrier to entry is low. And because I can make edits directly in the web interface, it felt easy to contribute.
• The creator mentions wanting this to be like the Arch wiki. In other words, contain information useful to nix users, but not necessarily nix specifically.

I was able to contribute a new article about distrobox, a tool I discovered and made a post about here a month or so ago.

Maybe we don't "need" another wiki, but the opportunity to contribute really made this one stand out to me. In case you all might want to contribute or learn something, I thought I would share.

I'm conflicted on what should handle my login manager, desktop environment, and window manager. What are the pros and cons of doing it from a nixos configurations versus a home manager configuration?

I want to use Plasma-manager in my system. I have enabled flakes in configurations. Now what to do to use it. The output generated by tool rc2nix can be copied through terminal but when i put that in home.nix , it says that plasma is not available which is true but then how do I use this tool. flake file.