I'm glad #nixos is gluten free, otherwise I wouldn't be able to use it. #linux #nix @matthewcroughan
#nixos
102 posts81 participants10 posts today
@publicvoit@graz.social@janl The purpose is to warn bystanders to invest in technological #complexity that seems to be very attractive for its advanced features without acknowledging the risks or efforts associated.
Its learning curve doesn't even allow for an easy start.
As with so many awesome tools, this is something for specific experts and not for new/occasional/advanced users.
BTDT and I've had my fair share of bad experiences.
Current pain in my setup: #NixOS. Instead of providing an abstraction layer to keep away certain OS setup & maintenance problems for good, I got into so many little & bigger troubles that I try to tell people only to use it when they are ready to invest its required learning effort all the way.
From my point of view, this also holds true for "advanced" file systems like #ZFS, #XFS, ... YMMV.
hmm this #nixOs update is taking a while, let me look at what it's doing
"Running phase: buildPhase
no Makefile or custom buildPhase, doing nothing"
Ahh ok, take your time I guess
@praetor@mstdn.socialLord Thor is treating me to a lovely rainstorm, and I'm working more on #nixos I'm loving impermanance. I mean, I'm a #foss hippy, and have to try every new thing that comes out. I'm following this guys configs, which is cool because I can modify the disk layout and shit because I have terrible #wanderlust .Add places for VMs, whatever. It's slick #linux https://haseebmajid.dev/posts/2024-07-30-how-i-setup-btrfs-and-luks-on-nixos-using-disko/
Haseeb Majid · How I Set up BTRFS and LUKS on NixOS Using Disko | Haseeb Majid
In this post, I will show you how you can declaratively partition our drives using Nix(OS).
TL;DR; We can use a tool called disko to partition our drives declaratively and combine it with NixOS anywhere for a remote install. Showing an example setting up LUKS encryption with BTRFS file system. Background If you’re like me, then when you started playing with NixOS, You found yourself constantly reinstalling it and starting again.
@TheDragon@hachyderm.io@peter_mcarthur totally agree!
I'm certainly no lawyer, and have no personal experience/knowledge of the software or it's authors - I purely saw a link, opened it and was surprised that visually it looks so like the official #NixOS website.
Hopefully someone at @nixos_org is already on this?
@TheDragon@hachyderm.ioJust stumbled over this....
Is it just me, or does the branding not seem somewhat ... problematic?
Despite it's appearance (inc use of the logo) looking incredibly similar to the official website, and as far as I can tell - it doesn't have any "official" affiliation with #NixOS
That's without touching on the fact this is entirely AI oriented - which is a very "marmite" like product to put it mildly...
MCP-NixOSMCP-NixOS | Model Context Protocol for NixOSMCP resources and tools for NixOS packages, system options, Home Manager configuration, and nix-darwin macOS configuration.
I have to say traditional LTS distros. After doing big manual server upgrades for some decade, no more LTS expiration dread!
Next to go will be my arch desktop as I find #nixos fits my desktop and server needs way better.
A disclaimer would be that NixOS is non standard. Documentation is lacking and knowledge of the Nix language is required for advanced configuration.
A new module is available: 'programs.smug'. Session manager and task runner for tmux written in Go. See https://github.com/ivaaaan/smug for more information.
#NixOS #Nix #HomeManager
GitHubGitHub - ivaaaan/smug: Session manager and task runner for tmux. Start your development environment within one command.Session manager and task runner for tmux. Start your development environment within one command. - ivaaaan/smug
@codemonkeymike@fosstodon.orgOk #linux and #nixos peeps, I have a puzzle.
I want this systemd service to run ONLY WHEN a user is logged in, and they're connected to the internet.
Is this possible?
This is what I have so far but when I restart the computer, the systemd service shows as failed because it's trying to send the notification when no one is logged into the system.
![systemd.services."auto-update-config" = {
script = ''
set -eu
notify_sessions() {
local title="$1"
local message="$2"
sessions=$(loginctl list-sessions --no-legend | ${pkgs.gawk}/bin/awk '{print $1}')
for session in $sessions; do
user=$(loginctl show-session "$session" -p Name | cut -d'=' -f2)
${pkgs.sudo}/bin/sudo -u "$user" "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u "$user")/bus" \
${pkgs.libnotify}/bin/notify-send "$title" "$message" 2>/dev/null
done
}
export GIT_SSH=${pkgs.openssh}/bin/ssh
export PATH=${pkgs.git}/bin:${pkgs.openssh}/bin:${pkgs.coreutils-full}/bin:${pkgs.util-linux}/bin:${pkgs.flatpak}/bin:$PATH
git_output=$(runuser -u mkelly -- ${pkgs.git}/bin/git -C /home/mkelly/Projects/nix pull --autostash 2>&1)
notify_sessions "Git Updated" "$git_output"
flatpak_output=$(${pkgs.coreutils-full}/bin/nice -n 19 ${pkgs.util-linux}/bin/ionice -c 3 ${pkgs.flatpak}/bin/flatpak update --noninteractive --assumeyes 2>&1)
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
after = [ "network-online.target" "systemd-user-sessions.service" "getty@tty1.service" ];
wants = [ "network-online.target" ];
wantedBy = [ "default.target" ]; # Ensure the service starts after rebuild
};](https://cdn.fosstodon.org/media_attachments/files/114/280/722/034/788/514/original/6ee09397a6a3395e.png)
Quick, someone talk me out of using #NixOS again. I lost so much time to dotfile config and window managers but Maybe It It Will Be Different This Time™?
Hey #NixOS #Cloudflare #ZeroTrust
I was trying to install cloudflared from unstable repo. It installed and works from 24.11, but when I ran the command to create the credentialsFile it complained about the older version and suggested upgrading to 2025.4.0 rather than the 2024.10.0 that is in nixos.
Unstable has 2025.2.1, which is better, but is not 2025.4.0. Two branching questions from here.
1 - the unstable package returned that error: Package ‘cloudflared-2025.2.1’ in /nix/store/vxwsnfg5mys9v1qrxvim13ddmnhd4z1g-unstable/unstable/pkgs/applications/networking/cloudflared/default.nix:97 is marked as broken, refusing to evaluate.
Conveniently, it included instructions for allowing packages marked broken through. Is that considered normal in dealing with Cloudflare on NixOS? Cause it reads to me like an outtake from "How To Get Your Website Pwned By L33t H4krz".
2 - considering that even if I allow the "broken" package in, I'm still not getting the version recommended by cloudflared's error message, perhaps there's a flake or something I should try, that would get the daily build or whatever?
I'm off to do more searches and maybe poke my head into one of the actual support forums, but this seems like a pretty common task for NixOS admins to be doing, so it's probably an easy answer that I just haven't found yet.
Probably been looking at nixos.wiki again or something.
@TheDragon@hachyderm.io@jpmens 
GPG agent forwarding with a Yubikey!
I've been using this method for a while now to control sudo authentication on my local machine, and all remote devices/VMs too. Allows me to leave an undesirably long/complex password for the user account in a password manager (as an escape hatch, but which I don't actually use).
With verification of presence via touch, and also the PIN on the Yubikey cached for only a short period of time, and it self destructing after 3 incorrect PIN entries...
End result is I have super convenient *and* secure local/remote two factor authentication and privelidge escalation.
I'm also using sudo-rs, which is a much more "minimal" implementation - just as I don't need the vast array of extra stuff that bundled into the traditional version.
I use #NixOS almost entirely, so only have need for Ansible in a few places...
That said, finding a way to utilize this for Ansible Vault has been on my to-do list for a while, so looks like you've solved that one for me!
Thank you 
Oh, the horror! Anduril Industries, purveyors of digital warfare, dared to recruit on the sacred #NixOS forums! 
NixOS users, valiantly defending their turf, strike a blow against corporate overlords with the power of passive-aggressive forum posts. 
https://discourse.nixos.org/t/anduril-industries-electromagnetic-warfare-team-is-hiring/62569 #AndurilIndustries #DigitalWarfare #ForumWarriors #CorporateOverlords #PassiveAggression #HackerNews #ngated
NixOS Discourse · Anduril Industries' Electromagnetic Warfare Team is HiringThe moderation team brought this thread to our attention as the latest example in an ongoing controversy in the community and they escalated the decision to us so that we can provide them clearer guidance for how to proceed going forward. Our moderation team has done an admirable job, but this controversy has escalated beyond the point where moderation actions alone can resolve this. To that end, the Steering Committee is banning Anduril from recruiting on Discourse. We will leave this specific...
Anduril Industries banned from recruiting on NixOS forums
https://discourse.nixos.org/t/anduril-industries-electromagnetic-warfare-team-is-hiring/62569
NixOS Discourse · Anduril Industries' Electromagnetic Warfare Team is HiringThe moderation team brought this thread to our attention as the latest example in an ongoing controversy in the community and they escalated the decision to us so that we can provide them clearer guidance for how to proceed going forward. Our moderation team has done an admirable job, but this controversy has escalated beyond the point where moderation actions alone can resolve this. To that end, the Steering Committee is banning Anduril from recruiting on Discourse. We will leave this specific...