In reply to @otanaut:matrix.org
Hey, when using colmena with nixosConfigurations, as suggested in this Issus:https://github.com/zhaofengli/colmena/issues/60, where do i put the `deploment.targetUser` and `targetHost` properties?

      colmena = {
        meta = {
          # Figure out the default nixpkgs to use for each node.
          nixpkgs = import inputs.nixpkgs {
            system = "x86_64-linux";
            config.permittedInsecurePackages = insecure-packages;
          };

Hi, I am overriding package version via overrideAttrs. colmena build works fine, however applying the build throws this error:

error: cannot add path '/nix/store/dpxhgkc31n0yh7mv7a47x5p9j4rmk3gz-foundationdb73' because it lacks a signature by a trusted key

Is there a way to bypass the check?

In reply to @dmoonfire:matrix.org
I tried putting it in the package and it doesn't seem to be picking it up.

      colmena = {
        meta = {
          # Figure out the default nixpkgs to use for each node.
          nixpkgs = import inputs.nixpkgs {
            system = "x86_64-linux";
            config.permittedInsecurePackages = insecure-packages;
          };

Putting it as config. in various places get the error where you can't configure a setting and a service in the same (unknown boot or services depending on where).

get the error where you can't configure a setting and a service in the same (unknown boot or services depending on where).

I'm not sure what that means

In reply to@justinas:nixos.dev

get the error where you can't configure a setting and a service in the same (unknown boot or services depending on where).

I'm not sure what that means

config.permittedInsecurePackages = ["dotnet-sdk-6.0.428"];

       error: Module `:anon-1766:anon-1' has an unsupported attribute `boot'. This is caused by introducing a top-level `config' or `options' attribute. Add configuration attributes immediately on the top level instead, or move all of them (namely: boot deployment environment networking services sops system time) into the explicit `config' attribute.

nixpkgs.config.permittedInsecurePackages = ["dotnet-sdk-6.0.428"];

Alright, I see. The This is caused by introducing a top-level config' or options' attribute. issue is because you misunderstood me, I'll try to be a bit more clear.

When you're importing / calling nixpkgs explicitly, its options are under an argument called config. In full, import nixpkgs { config = { permittedInsecurePackages = ... } };.

However, when you're configuring nixpkgs in a modular way through the NixOS machine config, then that same thing is nested under nixpkgs, e.g. the option to set is nixpkgs.config. In full, nixpkgs.config.permittedInsecurePackages = { ... }. https://search.nixos.org/options?channel=24.11&show=nixpkgs.config&from=0&size=50&sort=relevance&type=packages&query=nixpkgs.config

In the context of a NixOS configuration module, config refers to the system configuration itself.

Alright, I see. The This is caused by introducing a top-level config' or options' attribute. issue is because you misunderstood me, I'll try to be a bit more clear.

When you're importing / calling nixpkgs explicitly, its options are under an argument called config. In full, import nixpkgs { config = { permittedInsecurePackages = ... } };.

However, when you're configuring nixpkgs in a modular way through the NixOS machine config, then that same thing is nested under nixpkgs, e.g. the option to set is nixpkgs.config. In full, nixpkgs.config.permittedInsecurePackages = [ ... ]. https://search.nixos.org/options?channel=24.11&show=nixpkgs.config&from=0&size=50&sort=relevance&type=packages&query=nixpkgs.config

In the context of a NixOS configuration module, config refers to the system configuration itself.

      colmena = {
        meta = {
          nixpkgs = import inputs.nixpkgs {
            system = "x86_64-linux";
            config = { permittedInsecurePackages = [ "dotnet-sdk-6.0.428" ]; };
          };

paruk |        Known issues:
paruk |         - Dotnet SDK 6.0.428 is EOL, please use 8.0 (LTS) or 9.0 (Current)
paruk | 
paruk |        You can install it anyway by allowing this package, using the
paruk |        following methods:
paruk | 
paruk |        a) To temporarily allow all insecure packages, you can use an environment
paruk |           variable for a single invocation of the nix tools:
paruk | 
paruk |             $ export NIXPKGS_ALLOW_INSECURE=1
paruk | 
paruk |           Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake,
paruk |                 then pass `--impure` in order to allow use of environment variables.
paruk | 
paruk |        b) for `nixos-rebuild` you can add ‘dotnet-sdk-6.0.428’ to
paruk |           `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
paruk |           like so:
paruk | 
paruk |             {
paruk |               nixpkgs.config.permittedInsecurePackages = [
paruk |                 "dotnet-sdk-6.0.428"
paruk |               ];
paruk |             }
paruk | 
paruk |        c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
paruk |           ‘dotnet-sdk-6.0.428’ to `permittedInsecurePackages` in
paruk |           ~/.config/nixpkgs/config.nix, like so:
paruk | 
paruk |             {
paruk |               permittedInsecurePackages = [
paruk |                 "dotnet-sdk-6.0.428"
paruk |               ];
paruk |             }
paruk | Evaluation failed

That is the package, but I tried to include those Sonarr ones since sonarr is on that server.

In reply to @justinas:nixos.dev
Okay. Please see my gist, it is a very simple config that you can verify works in isolation. I also use the same nixpkgs.config from the gist in a personal machine with 24.11 and it works.