Colmena - Public Room Timeline

	Colmena	311 Members
	A simple, stateless NixOS deployment tool - https://github.com/zhaofengli/colmena	104 Servers

Load older messages

Sender	Message	Time
28 Nov 2022
roshan \| byteio.in 🌷	[INFO ] Using flake: git+file:///mnt/drive/src/github.com/pycluster/infra [INFO ] Enumerating nodes... [INFO ] Selected 1 out of 3 hosts. theDev \| Evaluating theDev theDev \| trace: warning: The option `nix.trustedUsers' defined in `/nix/store/xsvx3qva09l2kq7zvaws5gvbyzchm0si-source/common/users' has been renamed to `nix.settings.trusted-users'. theDev \| trace: warning: The option `nix.autoOptimiseStore' defined in `/nix/store/xsvx3qva09l2kq7zvaws5gvbyzchm0si-source/common/users' has been renamed to `nix.settings.auto-optimise-store'. theDev \| Evaluated theDev theDev \| Building theDev theDev \| copying 0 paths... theDev \| /nix/store/8yv3a6c6vs26f74m57av4i3kv9dv30y9-nixos-system-theDev-22.11pre-git theDev \| Built "/nix/store/8yv3a6c6vs26f74m57av4i3kv9dv30y9-nixos-system-theDev-22.11pre-git" on target node theDev \| No pre-activation keys to upload theDev \| Activating system profile theDev \| would stop swap device: /dev/zram0 theDev \| stopping the following units: -.mount, audit.service, digitalocean-metadata.service, do-agent.service, firewall.service, kmod-static-nodes.service, logrotate-checkconf.service, mount-pstore.service, network-local-commands.service, network-setup.service, nscd.service, reload-systemd-vconsole-setup.service, resolvconf.service, sshd.service, sys-kernel-config.mount, systemd-journald-audit.socket, systemd-modules-load.service, systemd-oomd.service, systemd-oomd.socket, systemd-sysctl.service, systemd-timesyncd.service, systemd-tmpfiles-setup-dev.service, systemd-udev-trigger.service, systemd-udevd-control.socket, systemd-udevd-kernel.socket, systemd-udevd.service, zram-init-zram0.service, zram-reloader.service theDev \| Failed to stop -.mount: Job type stop is not applicable for unit -.mount. theDev \| NOT restarting the following changed units: getty@tty1.service, serial-getty@ttyS0.service, systemd-journal-flush.service, systemd-logind.service, systemd-random-seed.service, systemd-remount-fs.service, systemd-tmpfiles-setup.service, systemd-update-utmp.service, systemd-user-sessions.service, user-runtime-dir@1000.service, user@1000.service theDev \| activating the configuration... theDev \| setting up /etc... theDev \| reviving group 'podman' with GID 994 theDev \| removing group ‘systemd-timesync’ theDev \| reviving user 'roshan' with UID 1001 theDev \| removing user ‘systemd-timesync’ theDev \| removing obsolete symlink ‘/etc/vconsole.conf’... theDev \| removing obsolete symlink ‘/etc/kbd’... theDev \| removing obsolete symlink ‘/etc/tmpfiles.d/portables.conf’... theDev \| removing obsolete symlink ‘/etc/tmpfiles.d/lvm2.conf’... theDev \| removing obsolete symlink ‘/etc/systemd/timesyncd.conf’... theDev \| removing obsolete symlink ‘/etc/modprobe.d/ubuntu.conf’... theDev \| removing obsolete symlink ‘/etc/modprobe.d/systemd.conf’... theDev \| removing obsolete symlink ‘/etc/modprobe.d/nixos.conf’... theDev \| removing obsolete symlink ‘/etc/modprobe.d/firmware.conf’... theDev \| removing obsolete symlink ‘/etc/modprobe.d/debian.conf’... theDev \| removing obsolete symlink ‘/etc/modules-load.d/nixos.conf’... theDev \| removing obsolete symlink ‘/etc/udev/hwdb.bin’... theDev \| removing obsolete symlink ‘/etc/udev/rules.d’... theDev \| restarting systemd... theDev \| reloading user units for nix... theDev \| setting up tmpfiles theDev \| reloading the following units: dbus.service theDev \| restarting the following units: dhcpcd.service, nix-daemon.service, systemd-journald.service theDev \| starting the following units: audit.service, kmod-static-nodes.service, logrotate-checkconf.service, mount-pstore.service, network-local-commands.service, nscd.service, systemd-modules-load.service, systemd-oomd.socket, systemd-sysctl.service, systemd-tmpfiles-setup-dev.service, systemd-udevd-control.socket, systemd-udevd-kernel.socket theDev \| A dependency job for local-fs.target failed. See 'journalctl -xe' for details. theDev \| Job for nscd.service canceled. theDev \| Job for basic.target canceled. theDev \| Job for sysinit.target canceled. theDev \| Job for multi-user.target canceled. theDev \| Job for network-local-commands.service canceled. theDev \| Job for logrotate-checkconf.service canceled.	07:18:13
Zhaofeng Li	In reply to @ronixx:matrix.org not able to ssh to. Restarting my server from panel From the VPS panel? Is it a container? If not, you shouldn't have `boot.isContainer = true;` there. Also you need to import your `hardware-configuration.nix`.	07:18:51
roshan \| byteio.in 🌷	Download image.png	07:19:20
roshan \| byteio.in 🌷	I have first genereated custom image for DigitalOcean with nixos-generators	07:19:47
Zhaofeng Li	In reply to @ronixx:matrix.org I have first genereated custom image for DigitalOcean with nixos-generators Then you need to import `digital-ocean-image.nix` like what nixos-generator doe	07:22:32
Zhaofeng Li	In reply to @ronixx:matrix.org I have first genereated custom image for DigitalOcean with nixos-generators * Then you need to import `digital-ocean-image.nix` like what nixos-generator does	07:22:34
roshan \| byteio.in 🌷	Download image.png	08:58:20
roshan \| byteio.in 🌷	Download image.png	08:58:40
roshan \| byteio.in 🌷	same issue event after adding do image nix file	08:59:08
roshan \| byteio.in 🌷	In reply to @zhaofeng:zhaofeng.li Admittedly deploying as non-root isn't the best experience right now 😐️ right. Unable to read key from other user	13:24:42
roshan \| byteio.in 🌷	In reply to @zhaofeng:zhaofeng.li Admittedly deploying as non-root isn't the best experience right now 😐️ * right. Unable to read key from /run/keys/ in outher user acc	13:25:07
roshan \| byteio.in 🌷	Download image.png	13:52:13
roshan \| byteio.in 🌷	can i change ownership of /run/keys folder ? in Colmena	13:52:31
roshan \| byteio.in 🌷	i have user account named nix but Nix Unabel to acces keys folder	13:52:56
roshan \| byteio.in 🌷	but secret file owner is nix user acc	13:53:10
@linus:schreibt.jetzt	usually what you do is add the group `keys` to the service or whatever it is that needs to access them	13:53:10
@linus:schreibt.jetzt	since the `keys` group can read `/run/keys`	13:53:34
roshan \| byteio.in 🌷	Download image.png	13:53:33
roshan \| byteio.in 🌷	Download image.png	13:54:18
roshan \| byteio.in 🌷	is this correct way to add keys to nix acc ?	13:54:37
@linus:schreibt.jetzt	yes, but freshrss shouldn't be running as the `nix` user unless you added extra config for it	13:55:01
@linus:schreibt.jetzt	try adding `users.users.freshrss.extraGroups = ["keys"]`	13:55:59
@linus:schreibt.jetzt	since it runs as the `freshrss` user	13:56:08
roshan \| byteio.in 🌷	services.<name> name is same for group	13:57:24
@linus:schreibt.jetzt	not always	13:57:33
@linus:schreibt.jetzt	you generally have to check the module implementation	13:57:43
@linus:schreibt.jetzt	often services will use systemd's `DynamicUser` feature to avoid actually creating a "permanent" user, in which case you have to set `serviceConfig.SupplementaryGroups = ["keys"]` on the systemd service in question	13:58:37
roshan \| byteio.in 🌷	Download image.png	14:02:21
roshan \| byteio.in 🌷	Finally its working after 6 hours of trying	14:02:48
roshan \| byteio.in 🌷	thank you Linux Hackerman 🥰	14:03:12

Show newer messages

Back to Room ListRoom Version: 6