I'm getting Failed to upload keys: I/O Error: No such file or directory (os error 2) when I try to upload keys. The key block is:

          deployment = {
            keys."myservice.secret" = {
              keyFile = /full/path/to/secrets/myservice.secret;
              uploadAt = "pre-activation";
            };
          };

Am I doing something obviously stupid? File is in the ./secrets dir by the flake, and owned by the same user

In reply to @zhaofeng:zhaofeng.li
Yeah, on non-NixOS hosts the Nix binaries aren't in the PATH set up by sshd/pam. It's a long-standing issue: https://github.com/NixOS/nix/issues/1078

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines

• surface-configuration.nix
• surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };

In reply to @sivertism:matrix.org

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines

• surface-configuration.nix
• surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines

• surface-configuration.nix
• surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };
outputs = {nixpkgs, ...} : {
  colmena = {
    meta = // default from examples
    
  surface = {name, nodes, pkgs, ... } : {
    deployment = { targetHost = name; targetUser="nixos"; };
    networking.hostName = name;
    imports = [
      <nixos-hardware/microsoft/surface-pro/3>
      ./machines/surface-configuration.nix
    ]
  };
};

And machines/surface-configuration.nix is the /etc/nixos/configuration.nix file copied from the surface after a fresh install. It, in turn, imports machines/surface-hardware-configuration.nix, which I've also left as default.

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines

• surface-configuration.nix
• surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };
outputs = {nixpkgs, ...} : {
  colmena = {
    meta = // default from examples
    
  surface = {name, nodes, pkgs, ... } : {
    deployment = { targetHost = name; targetUser="nixos"; };
    networking.hostName = name;
    imports = [
      <nixos-hardware/microsoft/surface-pro/3>
      ./machines/surface-configuration.nix
    ]
  };
};

And machines/surface-configuration.nix is the /etc/nixos/configuration.nix file copied from the surface after a fresh install. It, in turn, imports machines/surface-hardware-configuration.nix, which I've also left as default.

From this, I first get an error error: cannot look up '<nixos-hardware/microsoft/surface-pro/3>' in pure evaluation mode (use '--impure' to override), so I use --impure, but then get error: file 'nixos-hardware/microsoft/surface-pro/3' was not found in the Nix search path (add it using $NIX_PATH or -I. I should probably add it the proper way with a url to nixos-hardware as shown in the nixos-hardware section on flakes, but I'm not sure where to stick in those modules ref: (nixos-hardware#flakes)[https://github.com/NixOS/nixos-hardware#using-nix-flakes-support].

Does anyone know how I should proceed?

In reply to @sivertism:matrix.org

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines

• surface-configuration.nix
• surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };

hit enter too soon... hold on

Done :)

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines
    /surface-configuration.nix
    /surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };
outputs = {nixpkgs, ...} : {
  colmena = {
    meta = // default from examples
    
  surface = {name, nodes, pkgs, ... } : {
    deployment = { targetHost = name; targetUser="nixos"; };
    networking.hostName = name;
    imports = [
      <nixos-hardware/microsoft/surface-pro/3>
      ./machines/surface-configuration.nix
    ]
  };
};

And machines/surface-configuration.nix is the /etc/nixos/configuration.nix file copied from the surface after a fresh install. It, in turn, imports machines/surface-hardware-configuration.nix, which I've also left as default.

From this, I first get an error error: cannot look up '<nixos-hardware/microsoft/surface-pro/3>' in pure evaluation mode (use '--impure' to override), so I use --impure, but then get error: file 'nixos-hardware/microsoft/surface-pro/3' was not found in the Nix search path (add it using $NIX_PATH or -I. I should probably add it the proper way with a url to nixos-hardware as shown in the nixos-hardware section on flakes, but I'm not sure where to stick in those modules ref: (nixos-hardware#flakes)[https://github.com/NixOS/nixos-hardware#using-nix-flakes-support].

Does anyone know how I should proceed?

In reply to @sivertism:matrix.org

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines
    /surface-configuration.nix
    /surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };
outputs = {nixpkgs, ...} : {
  colmena = {
    meta = // default from examples
    
  surface = {name, nodes, pkgs, ... } : {
    deployment = { targetHost = name; targetUser="nixos"; };
    networking.hostName = name;
    imports = [
      <nixos-hardware/microsoft/surface-pro/3>
      ./machines/surface-configuration.nix
    ]
  };
};

And machines/surface-configuration.nix is the /etc/nixos/configuration.nix file copied from the surface after a fresh install. It, in turn, imports machines/surface-hardware-configuration.nix, which I've also left as default.

From this, I first get an error error: cannot look up '<nixos-hardware/microsoft/surface-pro/3>' in pure evaluation mode (use '--impure' to override), so I use --impure, but then get error: file 'nixos-hardware/microsoft/surface-pro/3' was not found in the Nix search path (add it using $NIX_PATH or -I. I should probably add it the proper way with a url to nixos-hardware as shown in the nixos-hardware section on flakes, but I'm not sure where to stick in those modules ref: (nixos-hardware#flakes)[https://github.com/NixOS/nixos-hardware#using-nix-flakes-support].

Does anyone know how I should proceed?

In reply to @sivertism:matrix.org

Hi! I'm new to NixOS, but want to try out Colmena as a means to set up some computers in my home. One of them is a Microsoft Surface Pro 3, which needs <nixos-hardware/microsoft/surface-pro/3> to function properly. However, I'm struggling to use that with Colmena.

What I have now is something like this:

flake.nix
machines
    /surface-configuration.nix
    /surface-hardware-configuration.nix

In flake.nix:

inputs = { nixpkg.s.url = ... };
outputs = {nixpkgs, ...} : {
  colmena = {
    meta = // default from examples
    
  surface = {name, nodes, pkgs, ... } : {
    deployment = { targetHost = name; targetUser="nixos"; };
    networking.hostName = name;
    imports = [
      <nixos-hardware/microsoft/surface-pro/3>
      ./machines/surface-configuration.nix
    ]
  };
};

And machines/surface-configuration.nix is the /etc/nixos/configuration.nix file copied from the surface after a fresh install. It, in turn, imports machines/surface-hardware-configuration.nix, which I've also left as default.

From this, I first get an error error: cannot look up '<nixos-hardware/microsoft/surface-pro/3>' in pure evaluation mode (use '--impure' to override), so I use --impure, but then get error: file 'nixos-hardware/microsoft/surface-pro/3' was not found in the Nix search path (add it using $NIX_PATH or -I. I should probably add it the proper way with a url to nixos-hardware as shown in the nixos-hardware section on flakes, but I'm not sure where to stick in those modules ref: (nixos-hardware#flakes)[https://github.com/NixOS/nixos-hardware#using-nix-flakes-support].

Does anyone know how I should proceed?

I wouldn’t use the impure mode here. The syntax with brackets is not what you want with flakes. You will need to add nixos-hardware as a flake input instead.

If that doesn’t make sense I can give a more complete example when I’m back at my computer. 

I was eventually able to create a flake wrapper around my existing config, which seems to work. At least nix build .#nixosConfigurations.surface.config.system.build.toplevel succeeds.

So I think it's now just about importing that into the Colmena flake? I've tried a few variations of the below colmena flake, but to no avail.

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    surface.url = "/home/sivert/work/nixos-surface";
  };
 
  outputs = {nixpkgs, surface, ...}: {
    colmena = {
      meta = {
          nixpkgs = import nixpkgs {
            system = "x86_64-linux";
          };
      };
 
      surface = { name, ...}: {
 
        deployment = {
          targetHost = "surface";
          targetUser = "nixos";
        };
        
        networking.hostName = "surface";
 
        imports = [
          surface #.nixosConfigurations.surface.config.system.build.toplevel
          ];
      };
    };
  };
}

Turn's out the answer was (yet again) in ibizaman 's blog! https://blog.tiserbox.com/posts/2023-11-08-switch-to-colmena-for-local-deploys.html

Just had to remove the flake wrapper and set up the colmena flake like this:

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
  };

  outputs = inputs@{nixpkgs, nixos-hardware, ...}: {
    colmena = {
      meta = {
          nixpkgs = import inputs.nixpkgs {
            system = "x86_64-linux";
          };
          specialArgs=inputs;
      };

      surface = { name, ...}: {

        deployment = {
          targetHost = "surface";
          targetUser = "nixos";
        };

        networking.hostName = "surface";

        imports = [
          inputs.nixos-hardware.nixosModules.microsoft-surface-pro-3
          ./machines/surface/configuration.nix
          ];
      };
    };
  };
}

Now I'm running into some security error though (see the above screenshot)

Turn's out the answer was (yet again) in ibizaman 's blog! https://blog.tiserbox.com/posts/2023-11-08-switch-to-colmena-for-local-deploys.html

Just had to remove the flake wrapper and set up the colmena flake like this:

{
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
  };

  outputs = inputs@{nixpkgs, nixos-hardware, ...}: {
    colmena = {
      meta = {
          nixpkgs = import inputs.nixpkgs {
            system = "x86_64-linux";
          };
          specialArgs=inputs;
      };

      surface = { name, ...}: {

        deployment = {
          targetHost = "surface";
          targetUser = "nixos";
        };

        networking.hostName = "surface";

        imports = [
          inputs.nixos-hardware.nixosModules.microsoft-surface-pro-3
          ./machines/surface/configuration.nix
          ];
      };
    };
  };
}

Now I'm running into some security error though (see the above screenshot)
[ERROR] stderr) error: cannot add path '/nix/store/00yiiplzcqzmqaw10cghbxlb4l4xibc0-i3lock-color.pam' because it lacks a signature by a trusted key

Sivert the following is what I understand but I’m not confident in my understanding of this. I think the trusted issue is due to the user used to deploy not being root. It falls after having copied the nix derivations to the target machine when it tries to add them to the nix store. The fix should be adding that user nixos  to the nix.settings.trusted-users option.

That being said, it never worked the first time for me. I think for it to work you must first deploy a change with just the trusted-user change and then you can deploy the rest.  

Sivert the following is what I understand but I’m not confident in my understanding of this. I think the trusted issue is due to the user used to deploy not being root. It fails after having copied the nix derivations to the target machine when it tries to add them to the nix store. The fix should be adding that user nixos  to the nix.settings.trusted-users option.

That being said, it never worked the first time for me. I think for it to work you must first deploy a change with just the trusted-user change and then you can deploy the rest.