Hi all,

For my sins I've been attempting to build my nix configuration on my build server and subsequently push it into a binary cache.

I'm having an issue where the build is currently failing with the following error

error: home directory '/homeless-shelter' exists; please remove it to assure purity of builds without sandboxing

The build is being run on a docker image node:20-bullseye to be precise with the following command.

nix build .#nixosConfigurations.${{ matrix.machine.host }}.config.system.build.toplevel

Any thoughts would be greatly appreciated.

Edit.

Should have mentioned I've ran up the image with docker run and the directory didn't exist

Edit 2.

This is also about 23 minutes into the build when it throws this error; after having built a lot of packages and derivations already. I'm also using cachix/nix-install-action to get nix on the running container.

Edit 3.

Finally got it building this morning, I haven't dug into it but switching from the cachix/nix-install-action to manually installing the determinate systems nix installer (action didn't work for a strange reason).

Hi All,
I'm still very new to Nix but trying to daily-drive NixOS.

What I'm currently stuck on is injecting Python packages into a Jupyterlab service. What I have at the moment in the home-manager.home portion of my system flake is the following:

  systemd.user.services.jupyter = let
    jupyter = pkgs.jupyter-all.override {
      python3 = pkgs.python311.withPackages (python-pkgs: with python-pkgs; [
        numpy
        matplotlib
      ]);
    };
  in {
    Service = {
      Type = "simple";
      WorkingDirectory = "${home.homeDirectory}/notebooks";
      ExecStart = "${jupyter}/bin/jupyter-lab --no-browser";
    };
  };

This fires up a JupyterLab process that I can connect to and which runs fine, but numpy etc. can't be imported. From a devshell, I see that the python.withPackages mechanism seems to rely on $PYTHONPATH to pass in a python3-3.11.8-env package that contains a lib/python3.11/site-packages. I'm guessing that the systemd service just needs to have an Environment key, but where do I get the python3-3.11.8-env path from?

The Jupiter executable is in a /nix/store/#-python3-3.11.8-env/bin location, but the site-packages only include the modules for Jupyter so I assume there's another python3-3.11.8-env in the nix-store that does have the python packages I'm trying to get. Trying things like jupyter.env gives errors like *** Python 'env' attributes are intended for interactive nix-shell sessions, not for building! *** but I'm just taking a stab in the dark here.

I'd appreciate any pointers on this. I see there are helpers like JupyEnv, but these seem focused on setting up ephemeral devshells, not running a service for long-term notes and seem like overkill for what I want.

cross-posted from: https://programming.dev/post/12228684

April fool's!

Basically the title. I have Nixos running on a server that runs completely headless and while playing around today, I noticed that the rebuild takes longer than expected and apparently that's because firefox gets compiled.

Now, I don't have any GUI installed, and even if I had, I don't see a reason to compile FF from source.

My packages are just Jellyfin, Samba, Gitea, Nextcloud, virt-manager. None of these should depend on FF.

I have found those options for setting up iscsi, but since I am new to nixos (started yesterday) I don't have any idea how to configure the configuration.nix file to setup iscsi.

I already installed open-iscsi but it doesn't work on nixos it seems

Hi! It's my first day with nixos. I tried to compile a rust project. To do so, I used a nix-shell with the content from here: https://nixos.wiki/wiki/Rust with the "Installation via rustup" option.

Unfortunately the compilation fails:

$ cargo check
   Compiling libc v0.2.151
   Compiling proc-macro2 v1.0.73
   Compiling serde v1.0.193
    Checking once_cell v1.19.0
   Compiling thiserror v1.0.53
error: linker `aarch64-linux-gnu-gcc` not found
  |
  = note: No such file or directory (os error 2)

error: could not compile `proc-macro2` (build script) due to 1 previous error
warning: build failed, waiting for other jobs to finish...
error: could not compile `serde` (build script) due to 1 previous error
error: could not compile `libc` (build script) due to 1 previous error
error: could not compile `thiserror` (build script) due to 1 previous error

I run NixOS 23.11 stable on a VM on a Macbook with M1 (arm64) CPU.

Any ideas how to fix that?

It took me some time to work out how to get my ssh agent set up in Niri so I though I would share what I did. I'm using NixOS and Home Manager. I put this in my Home Manager config:

services.gnome-keyring = {
  enable = true;
  components = [ "pkcs11" "secrets" "ssh" ];
};
home.sessionVariables.SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/keyring/ssh";

I'm using GDM according to NixOS' default configuration which I think runs gnome-keyring (I thought I saw it in the process list before I set up the user unit), and I think that configuration is automatically unlocking gnome-keyring when I log in via PAM integration. But apparently I need to run gnome-keyring again in my window manager session. Home Manager's services.gnome-keyring adds a systemd user unit that does that.

After learning how to add an unstable overlay to nixpkgs, being able to override individual service modules from unstable was something that I still struggled with until fairly recently. Hopefully this helps someone else looking to do common-but-not-very-obvious operation.

just realized that one thing that NixOS could use is an update changelog of what packages were updated after running sudo nixos-rebuild switch --upgrade

tbh maybe there's a verbose option that I haven't discovered yet

Wow! Didn't know it'd be that simple.

• https://nixos.wiki/wiki/Creating_a_NixOS_live_CD

cross-posted from: https://mander.xyz/post/10671711

Hi, I am a beginner on NixOS and I am confused how to setup fonts on it. I have home-manager working properly and nerd-fonts installed. Now how to setup System,GTK,emoji and Indic fonts.

Any article or part of config please.

I have always been exposed to windows active directory with server controlled logins, server based "home" directories, etc. With the nature of NixOS it seems like it might be easy to deploy something similar by just setting up the configuration.nix as some sort of symlink to one stored on a central server. The only issue would possibly be how to not create home directories on the local machine and instead store them on server. You might be able to make a central passwd file that gets read, but i am not sure just how secure that would be. Thoughts?

How easy would it be to flakify the Lemmy repo to add a fourth build option for those of us in the Nix world?

I had the (perhaps foolishly ambitious) idea of creating a rolling fork of Lemmy with the intent of modifying the codebase for use in an open source pub sub implementation of retail inventory. But I have to get standard Lemmy working first...and I like to use Nix for everything I do in the dev world (where feasible).

So, I forked the repo and was immediately brought into dev environment hell.

They only offer a choice between:

A.) Docker B.) Ansible C.) Building from scratch.

Two hours of fighting with the scratch build instructions and I eventually had to admit defeat due to some vague dependencies (and general malaise). Though I have completely flakified my Purescript and Haskell dev environments, I have found Rust to be a lot more challenging even on simple projects.

Anyway, I decided to come here to ask: **How easy would it be to flakify the Lemmy repo to add a fourth build option for those of us in the Nix world? **

Can I reference the build instructions from nixpkgs to get close to my intended goal? I need all of the help I can get. Be as pedantic or defeatist as you will. I currently have no skin in this game and merely want to help the Lemmy devs welcome people that are more nixy like myself (if nothing else).

edit: here's a naive attempt. I haven't tested anything other than it being a valid flake. Here's the link to my rolling flakification fork.

{
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    flake-parts.url = "github:hercules-ci/flake-parts";
    systems.url = "github:nix-systems/default";

    # Dev tools
    treefmt-nix.url = "github:numtide/treefmt-nix";
  };

  outputs = inputs:
    inputs.flake-parts.lib.mkFlake { inherit inputs; } {
      systems = import inputs.systems;
      imports = [
        inputs.treefmt-nix.flakeModule
      ];
      perSystem = { config, self', pkgs, lib, system, ... }:
        let
          cargoToml = builtins.fromTOML (builtins.readFile ./Cargo.toml);
          nonRustDeps = [
            pkgs.libiconv
            # Derived from Documentation on Dev installation for Linux
            pkgs.cacert
            pkgs.postgresql
            pkgs.openssl
            pkgs.pkg-config
            pkgs.libpqxx
          ];
          rust-toolchain = pkgs.symlinkJoin {
            name = "rust-toolchain";
            paths = [ pkgs.rustc pkgs.cargo pkgs.cargo-watch pkgs.rust-analyzer pkgs.rustPlatform.rustcSrc pkgs.cacert pkgs.postgresql pkgs.openssl pkgs.pkg-config pkgs.libpqxx ];
          };
        in
        {
          # Rust package
          packages.default = pkgs.rustPlatform.buildRustPackage {
            inherit (cargoToml.package) name version;
            src = ./.;
            cargoLock.lockFile = ./Cargo.lock;
          };

          # Rust dev environment
          devShells.default = pkgs.mkShell {
            inputsFrom = [
              config.treefmt.build.devShell
            ];
            shellHook = ''
              # For rust-analyzer 'hover' tooltips to work.
              export RUST_SRC_PATH=${pkgs.rustPlatform.rustLibSrc}
              export CARGO_PROFILE_DEV_BUILD_OVERRIDE_DEBUG=true

              echo
              echo "🍎🍎 Run 'just <recipe>' to get started"
              just
            '';
            buildInputs = nonRustDeps;
            nativeBuildInputs = with pkgs; [
              just
              rust-toolchain
            ];
            RUST_BACKTRACE = 1;
          };

          # Add your auto-formatters here.
          # cf. https://numtide.github.io/treefmt/
          treefmt.config = {
            projectRootFile = "flake.nix";
            programs = {
              nixpkgs-fmt.enable = true;
              rustfmt.enable = true;
            };
          };
        };
    };
}

and here's the lemmy-ui flake (which, judging by past forays into tsc with nix last summer, should be a lot easier to create and work with than the Rust library):

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    systems.url = "github:nix-systems/default";
  };

  outputs = {
    systems,
    nixpkgs,
    ...
  } @ inputs: let
    eachSystem = f:
      nixpkgs.lib.genAttrs (import systems) (
        system:
          f nixpkgs.legacyPackages.${system}
      );
  in {
    devShells = eachSystem (pkgs: {
      default = pkgs.mkShell {
        buildInputs = [
          pkgs.nodejs
          # You can set the major version of Node.js to a specific one instead
          # of the default version
          # pkgs.nodejs-19_x

          # You can choose pnpm, yarn, or none (npm).
          pkgs.nodePackages.pnpm
          # pkgs.yarn

          pkgs.nodePackages.typescript
          pkgs.nodePackages.typescript-language-server
        ];
      };
    });
  };
}

Creating infrastructure for supporting Bazel remote execution with rules_nixpkgs

I'm happy to finally release this flake; it's been on my plate for months but bigger things kept getting in the way.

Let me know here or @corbin@defcon.social if you successfully run any interpreter on any system besides amd64 Linux.

Hey, i currently try to learn the nix language and i have a question about recursion. This is my solution for Advent of Code 2015 day 4

let
    input = "abcdef";
    part1 = number:
        if (builtins.substring 0 5 (builtins.hashString "md5" "${input}${builtins.toString number}")) == "00000" then
            number
        else
            part1 (number + 1);
    part2 = "not implemented";

in {"Part 1" = part1 1; "Part 2" = part2;}

since i put the recursive call at the end of the function i assumed it would do some magic or tail call optimization stuff, but it results pretty fast in a stack overflow is there a way to get it working?

So i followed the instructions to install virtualbox and added myself to the vboxusers group, but i cant run VMs as a standard user. The GUI message says "VirtualBox kernel driver is not accessible, permission problem" the VM log says "ERROR [COM]: aRC=E ACCESSDENIED (0x80070005) aText={The console is not powered up}"

Someone on mastodon mentioned /dev/vboxdrv and that file is "crw-rw---- root vboxusers". There is also a file /dev/vboxdrvu which is "crw-rw-rw- root root" but changing that to root vboxusers with chown didnt work.

I can run VMs as root just fine. Any thoughts?

Edit: new to NixOS and really enjoying it so far

Edit 2: SOLVED: I had "virtualbox" as a package under "envoronment.systemPackages = with pkgs; [" and wasnt supposed too.