| 8 Dec 2025 |
 Aijokey | no | 07:55:23 |
| Aijokey | https://github.com/Aijokey/nix_configs# | 07:58:41 |
 raitobezarius | you can build without the daemon the system | 09:23:41 |
| Aijokey | In reply to @raitobezarius:matrix.org
you can build without the daemon the system How? | 09:24:02 |
| raitobezarius | NIX_REMOTE=local <your command that rebuilds your system> if that respects environment variables | 09:24:18 |
| raitobezarius | but i'm more concerned that you are reaching open files limit with the daemon | 09:24:30 |
| raitobezarius | what does systemctl cat nix-daemon show? | 09:24:38 |
| Aijokey | In reply to @raitobezarius:matrix.org
what does systemctl cat nix-daemon show? For now I can't access pc, no electricity | 09:25:13 |
| raitobezarius | No problem, let us know when you can access it again | 09:25:31 |
| Aijokey | OK | 09:25:40 |
 crop | i am on lix 2.93.3 and tried to setup a remote builder following https://docs.lix.systems/manual/lix/stable/advanced-topics/distributed-builds.html and https://nix.dev/tutorials/nixos/distributed-builds-setup but it failes with this message in the systemd log of nix-daemon
Dec 08 03:27:33 silent nix-daemon[20189]: error: error processing connection: user 'nixremote' is not allowed to connect to the Nix daemon | 11:11:49 |
| raitobezarius | can you do nix show-config on the remote system? | 11:18:49 |
| raitobezarius | * can you do nix config show on the remote system? | 11:18:59 |
 zitrone | yep i had auto-allocate-uids enabled | 11:23:16 |
| crop | accept-flake-config = ask
access-tokens =
allow-dirty = true
allow-import-from-derivation = true
allow-symlinked-store = false
allow-unsafe-native-code-during-evaluation = false
allowed-impure-host-deps =
allowed-uris =
allowed-users = @users nixremote
always-allow-substitutes = false
auto-allocate-uids = false
auto-optimise-store = true
bash-prompt =
bash-prompt-prefix =
bash-prompt-suffix =
build-dir = /nix/var/nix/builds
build-hook = /nix/store/kg6pv5f01vj5w6k7scy2zfvnkcgbifcw-lix-2.93.3/bin/nix __build-remote
build-poll-interval = 5
build-users-group =
builders =
builders-use-substitutes = true
commit-lockfile-summary =
compress-build-log = true
connect-timeout = 5
cores = 0
debugger-on-trace = false
deprecated-features =
diff-hook =
download-attempts = 5
download-speed = 0
enable-core-dumps = false
eval-cache = true
eval-system =
experimental-features = flakes nix-command
extra-platforms = aarch64-linux i686-linux
fallback = false
flake-registry = vendored
fsync-metadata = true
gc-reserved-space = 8388608
hashed-mirrors =
http-connections = 25
http2 = true
id-count = 8388608
ignore-try = false
ignored-acls = security.csm security.selinux system.nfs4_acl
impersonate-linux-26 = false
keep-build-log = true
keep-derivations = true
keep-env-derivations = false
keep-failed = false
keep-going = false
keep-outputs = false
log-lines = 25
max-build-log-size = 0
max-call-depth = 10000
max-free = 9223372036854775807
max-jobs = 20
max-silent-time = 0
max-substitution-jobs = 16
min-free = 0
min-free-check-interval = 5
nar-buffer-size = 33554432
narinfo-cache-negative-ttl = 3600
narinfo-cache-positive-ttl = 2592000
netrc-file = /etc/nix/netrc
nix-path = nixpkgs=/nix/store/vlnf0dq8nw13qyq3g6niiagw3nsgach1-qlvj3hhq8gl8cr62ryc906lbkmgsr0gl-source nixos-config=//dotfiles/root-silent.nix nixpkgs-overlays=//dotfiles/nixpkgs/overlays.nix
pasta-path = /nix/store/2ffwz6yskvpjvg1rih36va4g3gaaq9yh-passt-2025_09_19.623dbf6/bin/pasta
plugin-files =
post-build-hook =
pre-build-hook =
preallocate-contents = false
print-missing = true
pure-eval = true
repl-overlays =
require-drop-supplementary-groups = false
require-sigs = true
restrict-eval = false
run-diff-hook = false
sandbox = true
sandbox-build-dir = /build
sandbox-dev-shm-size = 50%
sandbox-fallback = false
sandbox-paths = /bin/sh=/nix/store/9v6zfa4ws3llr0k6njl6gd03rwpn644b-busybox-1.36.1/bin/busybox /nix/store/cmd2ga70ar0wpyji7yafi0cxj1v6wvm5-qemu-aarch64-binfmt-P /run/binfmt
secret-key-files =
show-trace = false
ssl-cert-file = /etc/ssl/certs/ca-certificates.crt
stalled-download-timeout = 300
start-id = 872415232
store = auto
substitute = true
substituters = https://cache.nixos.org/
sync-before-registering = false
system = x86_64-linux
system-features = benchmark big-parallel kvm nixos-test
tarball-ttl = 3600
temp-dir =
timeout = 0
trace-function-calls = false
trace-verbose = false
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
trusted-substituters =
trusted-users = root nixremote
use-case-hack = false
use-cgroups = false
use-registries = true
use-sqlite-wal = true
use-xdg-base-directories = false
user-agent-suffix =
warn-dirty = true | 11:32:50 |
| raitobezarius | This is the remote builder system, right? Not the local system? Because you have clearly nixremote listed there so I am confused as to how you can get that error | 11:38:29 |
 Rutile (Commentator2.0) feel free to ping | i think i actually had that error too somewhen, but fixed it by just making the user trusted, which works in my case but very much shouldn't be the solution
cc piegames | 11:41:04 |
| crop | yes i only have that user on the remote system. | 11:50:02 |
| crop | which user? and making it trusted by a setting that is not just changing the nix.conf to something like trusted-users = root nixremote ? | 11:51:27 |
| raitobezarius | it's already listed trusted user | 11:52:05 |
| crop | this is the error on the client side:
this derivation will be built:
/nix/store/73mm7rw8wcl5sm306sxxrflcs8rxcgha-foo.drv
building '/nix/store/73mm7rw8wcl5sm306sxxrflcs8rxcgha-foo.drv' on 'ssh://nixremote@silent'...
error: cannot open connection to remote store 'daemon': error: reading from file: Connection reset by peer
error: unexpected end-of-file
| 11:53:16 |
| crop | i found the problem the nixremote user was in the nixbld group ... and somehow this broke stuff ... i am currious why this is the case. | 11:58:03 |
| zitrone | i added a comment to the relevant issue in the lix bugtracker | 11:59:26 |
| zitrone | * i added a comment to the relevant issue in the lix bugtracker | 12:00:17 |
 aloisw | Ah right this is builder chown, I confused it with the one after failed builds. I think your analysis is correct and indeed that's another failure mode of auto-allocate-uids. | 12:06:26 |
| raitobezarius | oh that's very VERY spicy | 12:55:38 |
| raitobezarius | can you open an issue with that? | 12:55:43 |
| Aijokey | what does `# /etc/systemd/system/nix-daemon.service
[Unit]
Description=Nix Daemon
Documentation=man:nix-daemon https://docs.lix.systems/manual/lix/stable
RequiresMountsFor=/nix/store
RequiresMountsFor=/nix/var
RequiresMountsFor=/nix/var/nix/db
ConditionPathIsReadWrite=/nix/var/nix/daemon-socket
[Service]
ExecStart=@/nix/store/xm1wr0cf6kpcdfwpi0arknlr5iljy751-lix-2.91.3/bin/nix-daemon nix-daemon --daem>
KillMode=process
LimitNOFILE=1048576
TasksMax=1048576
[Install]
WantedBy=multi-user.target
# /nix/store/8vy438q5bss25g7rfp2d523jlrhf3a3l-system-units/nix-daemon.service.d/overrides.conf
[Unit]
RequiresMountsFor=/nix/store
X-Restart-Triggers=/nix/store/mibs0601bwifchsgvlpnj6wnz01fnjf5-X-Restart-Triggers-nix-daemon
[Service]
Environment="CURL_CA_BUNDLE=/nix/store/pxg9a4a39ms2312i2k2wx1hvigid718d-nss-cacert-3.111/etc/ssl/c>
Environment="LOCALE_ARCHIVE=/nix/store/fkl44anqjswxsp6jpmb229jqz79r7d4g-glibc-locales-2.40-66/lib/>
Environment="PATH=/nix/store/xm1wr0cf6kpcdfwpi0arknlr5iljy751-lix-2.91.3/bin:/nix/store/m10ngkbjxb>
Environment="TZDIR=/nix/store/g9fkd8j29j0dmln6xinp3mk7qcpwfizz-tzdata-2025b/share/zoneinfo"
X-StopIfChanged=false
CPUSchedulingPolicy=other
Delegate=yes
IOSchedulingClass=best-effort
IOSchedulingPriority=4
LimitNOFILE=1048576
systemctl cat nix-daemon` show? | 14:47:37 |
| raitobezarius | you have a large enough open files limit but you are running a very old lix which is not supported anymore, i think you should try to update your system via NIX_REMOTE=local to latest stable | 14:48:45 |
| Aijokey | https://github.com/Aijokey/nix_configs/blob/main/configuration.nix | 14:50:15 |
