| 15 Jan 2025 |
 dantefromhell | Yeah this issue bugs me too...
AFAIU colmena runs ssh non-interactive hence anything that would require you to enter infos into an SSH session just fails.
There's `pam_ssh_agent` which can be configured to authorize sudo prompts via SSH keys & remotely by accessing the ssh agent on the client side.
https://www.teaparty.net/technotes/yubikey-sudo-ssh.html looks like a fairly decent write-up (minus the Yubikey which just gets added to the SSH agent).
Not sure if that's good enough for your scenario. | 14:47:13 |
|  pistache changed their profile picture. | 22:06:41 |
| pistache changed their profile picture. | 22:07:25 |
 lotallia | This is pretty much exactly what I was looking for! I've done something similar in the past so I think this could work I'll play around with it and see if it works in practice. | 22:48:51 |
| lotallia | You bring up a good point if I can't get the pam_ssh_agent to do it I'll likely relax my hangup with this one | 22:54:28 |
| 16 Jan 2025 |
| dantefromhell | In reply to @lotallia:matrix.org
This is pretty much exactly what I was looking for! I've done something similar in the past so I think this could work I'll play around with it and see if it works in practice. I'm also curious but dont have the time to investigate/ collaborate on it right now. Please report any results back if you can 🙏 | 15:15:01 |
| 17 Jan 2025 |
|  Frédéric Christ changed their display name from Frédéric Christ (DECT 5915) to Frédéric Christ. | 08:11:14 |
| lotallia | The last few days got super busy so I actually haven't had a chance to really look at this I plan on doing so later today but as I'm in the middle of a massive rewrite of my nix config any change means putting out several smaller fires first. I will report back once I have something to report :) | 18:05:39 |
| 20 Jan 2025 |
|  @oliverpool:envs.net joined the room. | 10:17:17 |
| @oliverpool:envs.net | For anyone interested, I just published a blog article regarding setting up Colmena, with passwordless reboot (with full-disk-encryption).
https://log.pfad.fr/2025/fde-nixos-colmena-passwordless-reboot/ | 11:15:15 |
| @oliverpool:envs.net | (I would be interested to know if the step scp -r user@remote: /etc/nixos/ ./host-a correct is for the setup. If yes, it would probably make sense to update the documentation) | 11:17:02 |
| @oliverpool:envs.net | (I would be interested to know if the step scp -r user@remote: /etc/nixos/ ./host-a is correct, for the initial setup. If yes, it would probably make sense to update the documentation) | 11:17:21 |
|  n0emis left the room. | 11:17:25 |
| @oliverpool:envs.net | (I would be interested to know if the step scp -r user@remote: /etc/nixos/ ./host-a is correct, for the initial setup. If yes, it would probably make sense to update the official documentation) | 11:17:29 |
|  @solomon:cofree.coffee left the room. | 17:44:52 |
| 21 Jan 2025 |
|  lanice joined the room. | 19:25:43 |
| 22 Jan 2025 |
|  marshmallow changed their profile picture. | 06:52:00 |
| 26 Jan 2025 |
|  @mel05saq:inphima.de joined the room. | 14:57:35 |
|  Quentin Le Guennec joined the room. | 17:27:16 |
| Quentin Le Guennec | Hello, I can't get my remote builder to work with colmena. I added "ssh://quentin@xxx x86_64-linux ~/.ssh/quentin-offen" to my machinesFile but colmena still complains about not being able to build linux things:
error: a 'x86_64-linux' with features {} is required to build '/nix/store/zszyc30901qn2b7kqx6wwp0hxbwm9kzl-haskell-generic-builder-test-wrapper.sh.drv', but I am a 'aarch64-darwin' with features {apple-virt, benchmark, big-parallel, nixos-test}
| 17:29:00 |
| 27 Jan 2025 |
|  Florian joined the room. | 11:17:24 |
| 28 Jan 2025 |
 grw00 | Quentin Le Guennec: does the following work? ie, does not prompt for password or to accept key fingerprint
sudo su
ssh quentin@xxx
| 08:54:15 |
|  Thomas m changed their display name from howlymowly to Thomas m. | 19:26:43 |
| 8 Feb 2025 |
|  WYVERN joined the room. | 20:28:59 |
| WYVERN | Hi, does anyone have any working example of using colmena in a flake with disko? Passing inputs via specialArgs = {inherit inputs;}; results in error: The option inputs' does not exist.` the minute I use it within a config; even though I've found other users with it working the same way: https://discourse.nixos.org/t/colmena-how-to-push-a-flake-input-into-the-individual-nodes/36332
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko";
};
outputs = { nixpkgs, self, ... }@inputs: {
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
specialArgs = {inherit inputs;};
};
test = import ./disks.nix;
};
};
}
{ inputs, ...}:
{
inputs.disko.devices = {
disk = {
main = {
device = "/dev/disk/by-id/some-disk-id";
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}
| 20:40:29 |
| WYVERN | * Hi, does anyone have any working example of using colmena in a flake with disko? Passing inputs via specialArgs = {inherit inputs;}; results in error: The option "inputs" does not exist. the minute I use it within a config; even though I've found other users with it working the same way: https://discourse.nixos.org/t/colmena-how-to-push-a-flake-input-into-the-individual-nodes/36332
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko";
};
outputs = { nixpkgs, self, ... }@inputs: {
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
specialArgs = {inherit inputs;};
};
test = import ./disks.nix;
};
};
}
{ inputs, ...}:
{
inputs.disko.devices = {
disk = {
main = {
device = "/dev/disk/by-id/some-disk-id";
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}
| 20:40:52 |
| WYVERN | * Hi, does anyone have any working example of using colmena in a flake with disko? Passing inputs via specialArgs = {inherit inputs;}; results in error: The option "inputs" does not exist. the minute I use it within a config; even though I've found other users with it working the same way: https://discourse.nixos.org/t/colmena-how-to-push-a-flake-input-into-the-individual-nodes/36332
As a minimum config:
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko";
};
outputs = { nixpkgs, self, ... }@inputs: {
colmena = {
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
specialArgs = {inherit inputs;};
};
test = import ./disks.nix;
};
};
}
{ inputs, ...}:
{
inputs.disko.devices = {
disk = {
main = {
device = "/dev/disk/by-id/some-disk-id";
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}
| 20:41:47 |
| WYVERN | judging from others in this chat also using disko, I think at some point a template in the docs would be good, otherwise a point about incompatibility to save time | 20:42:32 |
| 9 Feb 2025 |
|  @tired:fairydust.space left the room. | 22:50:18 |
| 10 Feb 2025 |
|  PuercoPop joined the room. | 00:44:43 |
