Colmena - Public Room Timeline

	Colmena	322 Members
	A simple, stateless NixOS deployment tool - https://github.com/zhaofengli/colmena	110 Servers

Load older messages

Sender	Message	Time
1 Dec 2022
@ask-yourself:matrix.org	I never use `colmena apply-local`. I always need to do `sudo colmena-apply local` (I thought this was normal!). Yes, `sudo colmena-apply local` currently works, yes.	18:59:52
@ask-yourself:matrix.org	Also this is current doas conf: `{user, ...}: { security = { doas = { enable = true; extraRules = [ { keepEnv = true; noPass = true; users = ["${user}"]; } ]; }; sudo.enable = true; }; }`	19:00:22
Linux Hackerman	with privilegeEscalationCommand set, it should work without sudo or doas, and colmena should invoke whichever it is	19:00:49
Linux Hackerman	and not evaluate or build as root, which is good because that's not necessary	19:01:01
@ask-yourself:matrix.org	`deployment.privilegeEscalationCommand = ["doas"];` is also set.	19:01:03
Linux Hackerman	right, then try plain `colmena apply-local`	19:01:17
Zhaofeng Li	In reply to @linus:schreibt.jetzt has the eval-node-limit heuristic improved? Without an explicit limit it at least used to completely blow my laptop up There hasn't been any change to the heuristic which assumes a constant memory size for each node. We can probably make the number bigger if people keep running into things like this. It's bit difficult to estimate the memory usage to evaluate a "typical" condig	19:01:31
Zhaofeng Li	In reply to @ask-yourself:matrix.org `deployment.privilegeEscalationCommand = ["doas"];` is also set. `colmena apply-local --sudo` should work	19:01:40
@ask-yourself:matrix.org	The output of `colmena apply-local` is: .dotfiles on  main [!+] ⊥ colmena apply-local [WARN ] Colmena was not started by root. This is probably not going to work. [WARN ] Hint: Add the --sudo flag. warning: Git tree '/home/isaac/.dotfiles' is dirty [INFO ] Using flake: git+file:///home/isaac/.dotfiles warning: Git tree '/home/isaac/.dotfiles' is dirty warning: Git tree '/home/isaac/.dotfiles' is dirty 🕖 7s 2 succeeded desktop ✅ 6s Evaluated desktop ❌ 7s Failed: Child process exited with error code: 1 desktop ✅ 6s Evaluated desktop desktop ✅ 0s Built "/nix/store/cagxgr77kc1ip1f31fx9y1f5xq23mk68-nixos-system-desktop-23.05pre-git" desktop ✅ 0s Pushed system closure desktop ❌ 0s Activation failed: Child process exited with error code: 1 [ERROR] Failed to deploy to desktop - Last 3 lines of logs: [ERROR] created) [ERROR] state) Running [ERROR] failure) Child process exited with error code: 1 [ERROR] Failed to complete requested operation - Last 1 lines of logs: [ERROR] failure) Child process exited with error code: 1 [ERROR] ----- [ERROR] Operation failed with error: Child process exited with error code: 1	19:01:54
Linux Hackerman	oops, never mind what I said then	19:01:56
@ask-yourself:matrix.org	In reply to @zhaofeng:zhaofeng.li `colmena apply-local --sudo` should work This should work even after I turn of `sudo` for this machine?	19:02:29
@ask-yourself:matrix.org	(And yes it does work, thank you.)	19:02:50
Zhaofeng Li	It uses the privilegeEscalationCommand configured in the config	19:02:52
Zhaofeng Li	`apply-local` doesn't run the escalation command by default. It seems a bit rude to do so, given that sudo cache exists and Colmena may end up doing dangerous things without prompt. Better make it explicit I guess.	19:03:36
Linux Hackerman	gosh frick, I wanted to test if the problem still exists and yes it very much does lol	19:04:00
Zhaofeng Li	* There hasn't been any change to the heuristic which assumes a constant memory size for each node. We can probably make the number bigger if people keep running into things like this. It's bit difficult to estimate the memory usage to evaluate a "typical" config	19:05:19
@ask-yourself:matrix.org	Zhaofeng Li: `colmena apply-local --sudo` doesn't work once `sudo` is turned off though, and I want to turn `sudo` off.	19:05:42
Linux Hackerman	Hm, would it be appropriate to set the OOM score adjustment for the nix-eval-jobs process to avoid this kind of thing?	19:06:28
Zhaofeng Li	Hmm, it should be using the `deployment.privilegeEscalationCommand`. Let me check	19:06:41
@ask-yourself:matrix.org	Wait. I had that commented out.	19:06:59
@ask-yourself:matrix.org	Don't waste your time checking yet, probably my error.	19:07:09
Linux Hackerman	also, the heuristic results in 52 workers for me which... I think is deep into inappropriate territory for 32G of RAM :D	19:09:04
Zhaofeng Li	Argh, I keep forgetting Element Android has Markdown turned off by default. Another thing to set for each new client	19:09:10
@ask-yourself:matrix.org	Ok yeah, `colmena apply-locall --sudo` does not work with `sudo` turned off, even with `deployment.privilegeEscalationCommand = ["doas"];`.	19:10:44
@ask-yourself:matrix.org	* Ok yeah, `colmena apply-local --sudo` does not work with `sudo` turned off, even with `deployment.privilegeEscalationCommand = ["doas"];`.	19:10:51
Zhaofeng Li	Interesting, and it says something like `sudo: command not found`?	19:12:38
Zhaofeng Li	Just confirming, is the `deployment.privilegeEscalationCommand` set inside the host config? If it's outside, you may have inadvertently created a `deployment` node instead	19:14:14
Zhaofeng Li	In reply to @linus:schreibt.jetzt also, the heuristic results in 52 workers for me which... I think is deep into inappropriate territory for 32G of RAM :D Well yeah, currently it assumes each node takes 512MB to evaluate 😅 Or `(remaining_ram - 1024MB) / 512MB` nodes	19:16:48
@ask-yourself:matrix.org	In reply to @zhaofeng:zhaofeng.li Interesting, and it says something like `sudo: command not found`? This is the output for both commands: .dotfiles on  main [!+] λ colmena apply-local --sudo thread 'main' panicked at 'Failed to run sudo to escalate privileges: Os { code: 2, kind: NotFound, message: "No such file or directory" }', src/command/apply_local.rs:162:10 note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace .dotfiles on  main [!+] ⊥ colmena apply-local [WARN ] Colmena was not started by root. This is probably not going to work. [WARN ] Hint: Add the --sudo flag. warning: Git tree '/home/isaac/.dotfiles' is dirty [INFO ] Using flake: git+file:///home/isaac/.dotfiles warning: Git tree '/home/isaac/.dotfiles' is dirty warning: Git tree '/home/isaac/.dotfiles' is dirty 🕔 7s 2 succeeded desktop ✅ 6s Evaluated desktop ❌ 7s Failed: Child process exited with error code: 1 desktop ✅ 6s Evaluated desktop desktop ✅ 0s Built "/nix/store/pm7h842lz8c1jwx3crwj1hmwxn9hphr5-nixos-system-desktop-23.05pre-git" desktop ✅ 0s Pushed system closure desktop ❌ 0s Activation failed: Child process exited with error code: 1 [ERROR] Failed to deploy to desktop - Last 3 lines of logs: [ERROR] created) [ERROR] state) Running [ERROR] failure) Child process exited with error code: 1 [ERROR] Failed to complete requested operation - Last 1 lines of logs: [ERROR] failure) Child process exited with error code: 1 [ERROR] ----- [ERROR] Operation failed with error: Child process exited with error code: 1	19:23:20
@ask-yourself:matrix.org	In reply to @zhaofeng:zhaofeng.li Just confirming, is the `deployment.privilegeEscalationCommand` set inside the host config? If it's outside, you may have inadvertently created a `deployment` node instead I think so, if you wanna see where I've set it up in full context, it's here: https://gitlab.com/IsaacBrown92/dotfiles/-/blob/main/nixos/desktop/security.nix	19:27:30

Show newer messages

Back to Room ListRoom Version: 6