| 1 Dec 2022 |
 @ask-yourself:matrix.org | Ok I see. | 19:53:44 |
| @ask-yourself:matrix.org | Thank you very much. | 19:53:47 |
| @ask-yourself:matrix.org | Sry spoke too soon. That actually does not seem to resolve the issue:
.dotfiles on main [!] λ colmena apply-local --sudo-command=doas
[WARN ] Colmena was not started by root. This is probably not going to work.
[WARN ] Hint: Add the --sudo flag.
warning: Git tree '/home/isaac/.dotfiles' is dirty
[INFO ] Using flake: git+file:///home/isaac/.dotfiles
warning: Git tree '/home/isaac/.dotfiles' is dirty
warning: Git tree '/home/isaac/.dotfiles' is dirty
🕕 7s 2 succeeded
desktop ✅ 6s Evaluated desktop
❌ 7s Failed: Child process exited with error code: 1
desktop ✅ 6s Evaluated desktop
desktop ✅ 0s Built "/nix/store/7xj0j1acvhf7avnkkc746nc04a920qri-nixos-system-desktop-23.05pre-git"
desktop ✅ 0s Pushed system closure
desktop ❌ 0s Activation failed: Child process exited with error code: 1
[ERROR] Failed to complete requested operation - Last 1 lines of logs:
[ERROR] failure) Child process exited with error code: 1
[ERROR] Failed to deploy to desktop - Last 3 lines of logs:
[ERROR] created)
[ERROR] state) Running
[ERROR] failure) Child process exited with error code: 1
[ERROR] -----
[ERROR] Operation failed with error: Child process exited with error code: 1
| 19:56:08 |
 Zhaofeng Li | Oops, you need both --sudo and --sudo-command=doas | 20:43:24 |
| @ask-yourself:matrix.org | It still seems to complain in the same way:
.dotfiles on main [!+] λ colmena apply-local --sudo --sudo-command=doas
error: getting the HEAD of the Git tree '/home/isaac/.dotfiles' failed with exit code 1:
error: executing 'git': No such file or directory
(use '--show-trace' to show detailed location information)
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ChildFailure { exit_code: 1 }', src/command/apply_local.rs:95:55
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
| 20:46:55 |
| Zhaofeng Li | Yeah, because the whole deployment process is relaunched as root and Nix depends on git in the PATH for flakes, you would need to add it to the global (or root's) environment. | 20:48:07 |
| @ask-yourself:matrix.org | Don't I do that with keepEnv? | 20:48:46 |
| @ask-yourself:matrix.org | {user, ...}: {
# deployment.privilegeEscalationCommand = ["doas"];
security = {
doas = {
enable = true;
extraRules = [
{
keepEnv = true;
noPass = true;
users = ["${user}"];
}
];
};
sudo.enable = true ;
};
}
| 20:48:51 |
| Zhaofeng Li | Does doas git work? | 20:49:51 |
| @ask-yourself:matrix.org | Yup. | 20:50:02 |
| Zhaofeng Li | Hmm, this is very weird indeed. | 20:52:00 |
| Zhaofeng Li | And the weirdness is part of the reason I changed it to only escalate during activation. Permissions can also be easily messed up if you interact with the flake as another user. | 20:52:18 |
| @ask-yourself:matrix.org | I can deinitely switch to unstable. | 20:52:58 |
| @ask-yourself:matrix.org | I was just a bit confused how to do that. | 20:53:04 |
| Zhaofeng Li | nix shell github:zhaofengli/colmena should get you in a shell that has the unstable colmena. To add it to your config, add inputs.colmena.url = "github:zhaofengli/colmena"; and insert colmena.packages.${system}.colmena to devShell/systemPackages. | 20:55:36 |
| @ask-yourself:matrix.org | Ok doing this now. And then once I'm unstable the command is just colmena apply-local? | 20:56:26 |
| Zhaofeng Li | colmena apply --sudo with deployment.privilegeEscalationCommand set in the config. | 20:56:59 |
| @ask-yourself:matrix.org | Ahhh, ok right. | 20:57:09 |
| @ask-yourself:matrix.org | Sorry lots of parts.. :P | 20:57:15 |
| @ask-yourself:matrix.org | I'll try this out. | 20:57:24 |
| @ask-yourself:matrix.org | Ok, now it's working perfectly. Thank you. :) | 22:50:00 |
 Linux Hackerman | In reply to @zhaofeng:zhaofeng.li
Does doas git work? I suspect in such a case doas will do PATH resolution? | 22:51:12 |
| @ask-yourself:matrix.org | In reply to @linus:schreibt.jetzt
I suspect in such a case doas will do PATH resolution? Yes. | 22:51:48 |
| Linux Hackerman | so doas sh -c git might be a better test | 22:52:02 |
| @ask-yourself:matrix.org | ~/Test λ doas sh -c git
sh: line 1: git: command not found
| 22:52:40 |
| Zhaofeng Li | In reply to @linus:schreibt.jetzt
I suspect in such a case doas will do PATH resolution? Aha, TIL | 22:56:45 |
| 2 Dec 2022 |
| @ask-yourself:matrix.org | For some reason my current config will build locally (on any of my machines) but will not push to my remote machine. It complains about lacking valid signatures. This is the line causing the issue (if I remove it I can push config to any machine): https://gitlab.com/IsaacBrown92/dotfiles/-/blob/main/modules/rofi/default.nix#L18 | 12:43:43 |
| @ask-yourself:matrix.org | inherit (config.lib.formats.rasi) mkLiteral;
| 12:44:06 |
| @ask-yourself:matrix.org | Could anybody clarify why this is happening? | 12:44:21 |
| @ask-yourself:matrix.org | In the NixOS server the had me run nix store verify --all, which outputted:
.dotfiles on main [!?] ⊥ nix store verify --all
path '/nix/store/4nhcx0ndfa374cgvi6x9sg73prmxmc04-publicsuffix-list-2021-09-03' is untrusted
path '/nix/store/y1hybm8h1kln0hg06c42m4g1wsblc0ig-freefont-ttf-20120503' is untrusted
path '/nix/store/ah9gyp7rxak9ig2q829myn6172jn302f-hack-font-3.003' is untrusted
path '/nix/store/dbn507rrsmgmdxwknhb3554nmkl0kvgi-gyre-fonts-2.005' is untrusted
path '/nix/store/jcqky5xbknabz7wn5p90qk0g9s031yzb-nixos-22.05.2764.0ba2543f8c8' is untrusted
| 12:44:46 |
