What do you as a fail safe when there isnt a flake or nix package for what you need, and you don't have the time or ability to create it?

Here's my particular example. I need the beta version of OpenSCAD, which is only delivered as a flatpak in the beta flatpak channel, which I have tried but have been unsuccessful in doing. I havent even attempted building from source. Only the stable version is in nixpkgs. In this case, what would you do?

And in general, what do you do? Install things using a different package manager, like pip, npm, cargo, etc and manage at the user level? Do you run a VM? Docker? Let me know what your backup plan is on NixOS.

I recently followed https://www.arthurkoziel.com/installing-nixos-on-a-macbookpro/ to install NixOS on a macbookpro5,1 (from 2008). OSX hasn't supported that hardware since El Capitan and it was incredibly slow even then.

With Nix it works, but I'm frequently running into issues similar to https://askubuntu.com/questions/1114612/rcu-sched-self-detected-stall-on-cpu-watchdog-bug-soft-lockup-cpu3-stuck. The first 3 times I tried logging in after the install it hung after accepting the password. It was just logging the rcu stall error every few seconds, not responding to any keys. I was able to create a user account on the 4th boot, but still haven't installed anything extra on it.

It's also really slow to boot. A few minutes in stage 1 before it asks me for the decryption password and then another few minutes to get to the login prompt.

All of this is without any graphical environment. I was planning to go with a low resource desktop like xfce or cinnamon (are they still maintained?), but any tips on what to look at before I possibly introduce more instability?

gvolpe, the person I forked my NixOS config from wrote this excellent article. I feel like the least I could do is share this amazing blog post.

Remote builds enable interesting use cases and experiments. Besides building for different architectures, another use case that comes to mind would be having a low-resource machine building a derivation that would require heavy CPU usage (e.g. a Rust application) on the fly, without having to rely on CI builds or binary caches, effectively used as a development environment.

Earlier this month I mentioned on Mastodon that I was replacing a Docker-based local development environment at my day job with a Nix-based one, orchestrated with overmind and a justfile.

There was quite a lot of interest in particular in how overmind and just could be used to replace a container / compose-based local development.

While I can’t share the details of the significantly more complex migration I did at my day job (yet! - I’m working internally on trying to find a way that we can disseminate the learnings publicly), I can share a simplified real-world example that I use for developing Notado.

Let’s take a look at my shell.nix:

{pkgs ? import (fetchTarball "https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz") {}}:
with pkgs; let
  pkgs-2023_03_11 = import (builtins.fetchTarball {
    url = "https://github.com/NixOS/nixpkgs/archive/8ad5e8132c5dcf977e308e7bf5517cc6cc0bf7d8.tar.gz";
  }) {};
  meilisearch-1_0_2 = pkgs-2023_03_11.meilisearch;
in
  mkShell {
    name = "notado";
    MEILI_MASTER_KEY = "default";
    MEILI_DB_PATH = "data.ms";
    PGDATA = "data.pg";
    buildInputs = [
      alejandra
      bacon
      cargo-cache
      cargo-expand
      cargo-insta
      cargo-udeps
      diesel-cli
      go
      just
      meilisearch-1_0_2
      nodePackages.typescript
      nodePackages.web-ext
      nodejs
      openssl
      overmind
      pkg-config
      postgresql_15
      rustup
      terraform
      tmux
    ];
  }

This pulls in:

Packages for the two main data stores, PostgreSQL and Meilisearch Tooling related to the main languages used to write Notado (Rust, Go, Typescript) Orchestration tooling (just, overmind) While also setting some environment variables which ensure that the data directories for the data stores have recognizable names in the root directory of the monorepo.

overmind is used in the Notado local development environment to orchestrate data stores. Notado has three services related to the data stores: PostgreSQL, Meilisearch and a PostgreSQL -> Meilisearch listener which syncs data from the former to the latter.

Here is the Procfile used by overmind:

meilisearch: meilisearch

postgres: postgres -k /tmp

Meilisearch doesn’t really need in arguments in our case for local development, and PostgreSQL takes a single -k /tmp flag to set the Unix domain socket location. I don’t include the listener here because I don’t always need it running and if I’m working on it, I often have to recompile to see new changes, which doesn’t make it a good fit to live here.

Running overmind start brings up the processes defined in the Procfile for us, similarly to how docker-compose up might work if we were using a container-based local environment.

system      | Tmux socket name: overmind-notado-sqlAl1e6xKxH6K6Ayr3sU
system      | Tmux session ID: notado
system      | Listening at ./.overmind.sock
postgres    | Started with pid 2073401...
meilisearch | Started with pid 2073398...
postgres    | postgres -k /tmp
meilisearch | meilisearch
meilisearch | 
meilisearch | 888b     d888          d8b 888 d8b                                            888
meilisearch | 8888b   d8888          Y8P 888 Y8P                                            888
meilisearch | 88888b.d88888              888                                                888
meilisearch | 888Y88888P888  .d88b.  888 888 888 .d8888b   .d88b.   8888b.  888d888 .d8888b 88888b.
meilisearch | 888 Y888P 888 d8P  Y8b 888 888 888 88K      d8P  Y8b     "88b 888P"  d88P"    888 "88b
meilisearch | 888  Y8P  888 88888888 888 888 888 "Y8888b. 88888888 .d888888 888    888      888  888
meilisearch | 888   "   888 Y8b.     888 888 888      X88 Y8b.     888  888 888    Y88b.    888  888
meilisearch | 888       888  "Y8888  888 888 888  88888P'  "Y8888  "Y888888 888     "Y8888P 888  888
meilisearch | 
meilisearch | Config file path: "none"
meilisearch | Database path:            "data.ms"
meilisearch | Server listening on:      "http://localhost:7700"
meilisearch | Environment:              "development"
meilisearch | Commit SHA:               "unknown"
meilisearch | Commit date:              "unknown"
meilisearch | Package version:  "1.0.2"
meilisearch | 
meilisearch | A master key has been set. Requests to Meilisearch won't be authorized unless you provide an authentication key.
meilisearch | 
meilisearch | 
meilisearch |  Meilisearch started with a master key considered unsafe for use in a production environment.
meilisearch | 
meilisearch |  A master key of at least 16 bytes will be required when switching to a production environment.
meilisearch | 
meilisearch | 
meilisearch | We generated a new secure master key for you (you can safely use this token):
meilisearch | 
meilisearch | >> --master-key YYzxDVu7YNEHyozuGU2itFVW-vnkvAzQVbCMCeOxZzI <<
meilisearch | 
meilisearch | Restart Meilisearch with the argument above to use this new and secure master key.
meilisearch | 
meilisearch | Documentation:            https://docs.meilisearch.com
meilisearch | Source code:              https://github.com/meilisearch/meilisearch
meilisearch | Contact:          https://docs.meilisearch.com/resources/contact.html
meilisearch | 
postgres    | 2023-07-21 19:30:20.552 UTC [2073407] LOG:  starting PostgreSQL 15.2 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 12.2.0, 64-bit
postgres    | 2023-07-21 19:30:20.554 UTC [2073407] LOG:  listening on IPv6 address "::1", port 5432
postgres    | 2023-07-21 19:30:20.554 UTC [2073407] LOG:  listening on IPv4 address "127.0.0.1", port 5432
meilisearch | [2023-07-21T19:30:20Z INFO  actix_server::builder] Starting 12 workers
meilisearch | [2023-07-21T19:30:20Z INFO  actix_server::server] Actix runtime found; starting in Actix runtime
postgres    | 2023-07-21 19:30:20.560 UTC [2073407] LOG:  listening on Unix socket "/tmp/.s.PGSQL.5432"
postgres    | 2023-07-21 19:30:20.570 UTC [2073433] LOG:  database system was shut down at 2023-07-21 01:33:23 UTC
postgres    | 2023-07-21 19:30:20.585 UTC [2073407] LOG:  database system is ready to accept connections

These processes will keep chugging along. You can also have them running in detached mode if you prefer.

The last thing that pulls this together is a justfile, which consists of commands that I run either as one-offs, or for services that I stop and start regularly during development:

initdb:
    initdb -D data.pg -U postgres
migrate:
    cd rust && diesel migration run
revert:
    cd rust && diesel migration revert
revert-all:
    cd rust && diesel migration revert --all
listener:
    cd go/listener && go run main.go
notado:
    cd rust/notado && cargo run

• initdb is a one-off that is run to initialize a fresh PostgreSQL database, which I need to do whenever I nuke the data.pg directory
• migrate, revert, and revert-all are database migration commands
• listener starts the PostgreSQL -> Meilisearch listener which syncs data
• notado starts the web server That’s it, the whole local development environment! Simple, elegant, portable and best of all, no containers!

While I initially used Docker containers to deploy Notado, first to a Kubernetes cluster, and then later to Fly.io, I now deploy the binaries built by Nix directly to a server running NixOS and manage the services with systemd.

If you have any questions you can reach out to me on Mastodon and Twitter.

If you’re interested in what I read to come up with solutions like this one, you can subscribe to my Software Development RSS feed.

If you’d like to watch me writing code while explaining what I’m doing, you can also subscribe to my YouTube channel.

Edit: There has been a lot of great discussion going on over at Tildes about why you might want to do something like this, which is also worth reading!

Some errors from video (not too bad): At 2:38 alternative to "dunst" is "mako"!!! pkgs.wl-clipboard, not pkgs.wl-copy

# Enabling hyprlnd on NixOS
programs.hyprland.enable = true;
programs.hyprland = {
  enable = true;
  nvidiaPatches = true;
  xwayland.enable = true;
};

environment.sessionVariables = {
  # If your cursor becomes invisible
  WLR_NO_HARDWARE_CURSORS = "1";
  # Hint electron apps to use wayland
  NIXOS_OZONE_WL = "1";
};

hardware = {
    # Opengl
    opengl.enable = true;

    # Most wayland compositors need this
    nvidia.modesetting.enable = true;
};

# waybar
(pkgs.waybar.overrideAttrs (oldAttrs: {
    mesonFlags = oldAttrs.mesonFlags ++ [ "-Dexperimental=true" ];
  })
)

# XDG portal
xdg.portal.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];

# Enable sound with pipewire.
sound.enable = true;
security.rtkit.enable = true;
services.pipewire = {
  enable = true;
  alsa.enable = true;
  alsa.support32Bit = true;
  pulse.enable = true;
  jack.enable = true;
};

# rofi keybind
bind = $mainMod, S, exec, rofi -show drun -show-icons

My understanding is like this. For multi-user computers, you'd manage packages with home manager. If you're developing a project or need some kind of specific built tool or dependency, define in it in a flake.nix or shell.nix or build.nix in the project folder. And for single user computers, or maybe admin accounts install at NixOS configuration.

Whats the intent for each location? The current question Im asking myself is "why install home manager when Im on a single user instance and can just update configuration.nix?"

Nixhub.io makes it easy to find and install over 400,000 package versions in the Nix Packages collection.

Lemmy

Contribute to OliverEvans96/rust-nix-gtk-hello-world development by creating an account on GitHub.

Features

UnixPorn at its core

PwNixOS places a strong emphasis on delivering a top-notch graphical experience by providing a visually appealing and productivity-focused interface.

Hacking Tools

PwNixOS offers a wide array of tools and utilities out of the box to support your hacking endeavors. From advanced network analysis and penetration testing tools to powerful scripting languages and development environments, PwNixOS equips you with the necessary arsenal to explore and manipulate computer systems to your heart's content.

Package Management with Nix

One of the standout features of NixOS is its unique package management system called Nix. With Nix, you can easily install, update, and manage software packages on your system. What makes Nix special is its ability to provide isolated and reproducible environments for each package, ensuring that software installations do not interfere with one another. This allows for painless experimentation and easy rollback to previous configurations.

Declarative Configuration

NixOS follows a declarative approach to system configuration. Instead of making changes directly to the system, you define the desired state of your system in a configuration file or flake (like this one). This configuration specifies all the packages, services, and settings you want, providing a clear and reproducible blueprint for your system. This declarative nature simplifies system administration, enables easy replication of configurations across multiple machines, and facilitates version control of your system setup.

Custom packages

This flake has custom hacking tools that are uploaded to the NUR. The purpose of these tools is to fill in the gaps that exist today in the official repositories and create a full arsenal of tools, with well-known tools such as BloodHound and lesser-known tools such as psudohash.

Just pasting this somewhere random in my configuration.nix gives me an error; where should I place it?

package in question: https://github.com/an-anime-team/an-anime-game-launcher/wiki/Installation#-nixos-nixpkg

Thank you for your time!

I want to learn and experiment with fully configuring a single user NixOS installation that is declarative. I've found quite a bit on the NixOS system-land side, but when I go into Home Manager user-land I'm not seeing very much around configuring the Desktop. I usually use XFCE but in trying to work with it I kept running across posts about how it wasn't well supported. So I tried KDE but found the same.What is the best supported Desktop with Home Manager? Or do folks just do the basics with nix stuff, and end up pulling in the rest of the config info into the home directory (like from a repo) as a work-around? Basically use nix stuff to retrieve files and put them into the correct destinations.

A quick 60 second video explaining NixOS.

This video has been bringing awareness of NixOS to a lot of new people!

Here is a link to the currently open github issues for the nixpkgs repository that are tagged "1.severity: security". Use this to browse around; some of them are simple package version update requests, some are pretty involved changes. If you're bored, why not pick one up? :-).

cross-posted from: https://lemmy.world/post/63788

Hi, I want to share with you the way I figured out to easily archive reddit content with ArchiveTeam Warrior on NixOS. You can set it up fully in nix config!

Okay, first of all, you'll need to enable docker or podman. I chose podman here:

virtualisation.podman = {
  enable = true;
  dockerCompat = true;

  defaultNetwork.settings.dns_enabled = true;
};

After that, all you have to do is run the docker image! Here's how I do it with podman:

virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers = {
  archive-team-warrior = {
    image = "atdr.meo.ws/archiveteam/reddit-grab";
    autoStart = true;
    cmd = ["YOUR_USERNAME_HERE_FOR_LEADERBOARD"];
    extraOptions = ["--network=host"];
  };
};

This doesn't start the full ArchiveTeam Warrior, but only the reddit grabber. That means you get no website to manage it at port 8001, and it just runs in the background, not disturbing you. I think it's worth it to add these 14 LOC to your system configuration, to help archive reddit.

The 23.05 release was made possible due to the efforts of 1867 contributors, who authored 36566 commits since the previous release. Our thanks go the contributors who also take care of the continued stability and security of our stable release.

NixOS is already known as the most up to date distribution while also being the distribution with the most packages. This release saw 16240 new packages and 13524 updated packages in Nixpkgs. We also removed 13466 packages in an effort to keep the package set maintainable and secure.