| 1 Dec 2022 |
 @linus:schreibt.jetzt | but that's completely orthogonal to whether you deploy via SSH or locally | 09:57:57 |
|  hexa changed their display name from hexa to hexa (22.11 now). | 13:08:59 |
 roshan | byteio.in 🌷 | 
Download image.png | 14:07:16 |
| roshan | byteio.in 🌷 | why my userge container get stops in 1-2 seconds | 14:07:47 |
| roshan | byteio.in 🌷 | running through command line working find | 14:08:05 |
| roshan | byteio.in 🌷 | * running through command line working fine | 14:08:07 |
| roshan | byteio.in 🌷 | 
Download image.png | 14:08:27 |
| roshan | byteio.in 🌷 | 
Download image.png | 14:22:10 |
| @linus:schreibt.jetzt | That doesn't seem like a colmena-specific question, maybe try #nix:nixos.org | 14:22:59 |
| roshan | byteio.in 🌷 | im using colmena to deploy my docker container | 14:25:27 |
| @linus:schreibt.jetzt | the nixos host containing the container right? | 14:25:45 |
| roshan | byteio.in 🌷 | docker container workiing fine in local | 14:25:53 |
| roshan | byteio.in 🌷 | In reply to @linus:schreibt.jetzt
the nixos host containing the container right? yes | 14:26:00 |
| @linus:schreibt.jetzt | yeah this doesn't look like an issue with the deployment (which is colmena's job), but with the configuration | 14:26:39 |
| hexa changed their display name from hexa (22.11 now) to hexa. | 14:38:47 |
 @ask-yourself:matrix.org | In reply to @linus:schreibt.jetzt
if you set deployment.buildOnTarget for a machine, or pass --build-on-target on the command line, it will instead build directly on the host that's being deployed (though in the case of your workstation it will still end up being built on your workstation because that's what's being deployed) Ok, yes I see. This makes a lot of sense, thank you. | 16:57:29 |
 Wanja Hentze | how are you folks coping with long NixOS eval times when using colmena? | 17:40:42 |
| Wanja Hentze | any practical tricks I can pull to make my hive eval faster? | 17:40:55 |
 Zhaofeng Li | Have you tried `--evaluator streaming`? It makes evaluation actually parallel using nix-eval-jobs. It's not the default yet but may be soon | 17:54:22 |
| @ask-yourself:matrix.org | I'm trying to switch to use doas instead of sudo, but I'm getting this:
.dotfiles on î‚ main [!+] ⊥ doas colmena apply-local
error: getting the HEAD of the Git tree '/home/isaac/.dotfiles' failed with exit code 1:
error: executing 'git': No such file or directory
(use '--show-trace' to show detailed location information)
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ChildFailure { exit_code: 1 }', src/command/apply_local.rs:95:55
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
I've tried adding deployment.privilegeEscalationCommand = ["doas"]; but still same result.
| 18:54:45 |
| @linus:schreibt.jetzt | In reply to @zhaofeng:zhaofeng.li
Have you tried `--evaluator streaming`? It makes evaluation actually parallel using nix-eval-jobs. It's not the default yet but may be soon has the eval-node-limit heuristic improved? Without an explicit limit it at least used to completely blow my laptop up | 18:56:02 |
| @linus:schreibt.jetzt | In reply to @ask-yourself:matrix.org
I'm trying to switch to use doas instead of sudo, but I'm getting this:
.dotfiles on î‚ main [!+] ⊥ doas colmena apply-local
error: getting the HEAD of the Git tree '/home/isaac/.dotfiles' failed with exit code 1:
error: executing 'git': No such file or directory
(use '--show-trace' to show detailed location information)
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ChildFailure { exit_code: 1 }', src/command/apply_local.rs:95:55
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
I've tried adding deployment.privilegeEscalationCommand = ["doas"]; but still same result.
This is because nix tries to call git as part of the flake evaluation, and presumably it's not on PATH for root when using doas (maybe it is with sudo?) | 18:57:05 |
| @linus:schreibt.jetzt | does just colmena apply-local work now? | 18:57:42 |
| @linus:schreibt.jetzt | Because running the evaluation as your user makes sense | 18:57:50 |
| @linus:schreibt.jetzt | In reply to @linus:schreibt.jetzt
does just colmena apply-local work now? as in, I think setting privilegeEscalationCommand should make it work | 18:58:16 |
| @ask-yourself:matrix.org | I never use colmena apply-local. I always need to do sudo colmena-apply local (I thought this was normal!). Yes, sudo colmena-apply local currently works, yes. | 18:59:52 |
| @ask-yourself:matrix.org | Also this is current doas conf:
{user, ...}: {
security = {
doas = {
enable = true;
extraRules = [
{
keepEnv = true;
noPass = true;
users = ["${user}"];
}
];
};
sudo.enable = true;
};
}
| 19:00:22 |
| @linus:schreibt.jetzt | with privilegeEscalationCommand set, it should work without sudo or doas, and colmena should invoke whichever it is | 19:00:49 |
| @linus:schreibt.jetzt | and not evaluate or build as root, which is good because that's not necessary | 19:01:01 |
| @ask-yourself:matrix.org | deployment.privilegeEscalationCommand = ["doas"]; is also set. | 19:01:03 |
