Colmena - Public Room Timeline - Matrix Static

	Colmena	280 Members
	A simple, stateless NixOS deployment tool - https://github.com/zhaofengli/colmena	96 Servers

Load older messages

Sender	Message	Time
17 Jun 2025
Khalil Santana	How can I benchmark/profile what is causing `colmena` to be significantly slower than `nixos-rebuild switch --flake`? Two back-to-back executions below, no changes in between runs: Colmena: khalil:~/Documentos/NixOS % time colmena apply --on=andromeda [INFO ] Using flake: git+file:///home/khalil/Documentos/NixOS [INFO ] Enumerating nodes... [INFO ] Selected 1 out of 4 hosts. ✅ 25s All done! andromeda ✅ 19s Evaluated andromeda andromeda ✅ 1s Built "/nix/store/yjscnkx6xy87s4z7x649dfz8b205j6nv-nixos-system-andromeda-25. andromeda ✅ 1s Pushed system closure andromeda ✅ 5s Activation successful colmena apply --on=andromeda 10,13s user 5,66s system 42% cpu 37,122 total khalil:~/Documentos/NixOS % time colmena apply --on=andromeda [INFO ] Using flake: git+file:///home/khalil/Documentos/NixOS [INFO ] Enumerating nodes... [INFO ] Selected 1 out of 4 hosts. ✅ 25s All done! andromeda ✅ 19s Evaluated andromeda andromeda ✅ 1s Built "/nix/store/yjscnkx6xy87s4z7x649dfz8b205j6nv-nixos-system-andromeda-25. andromeda ✅ 1s Pushed system closure andromeda ✅ 5s Activation successful colmena apply --on=andromeda 10,15s user 5,48s system 42% cpu 36,854 total khalil:~/Documentos/NixOS % Nixos-rebuild switch --flake: khalil:~/Documentos/NixOS % time nixos-rebuild switch --flake .#andromeda --target-host root@andromeda.host.ksantana.net building the system configuration... copying 0 paths... Shared connection to andromeda.host.ksantana.net closed. Shared connection to andromeda.host.ksantana.net closed. stopping the following units: accounts-daemon.service, proc-sys-fs-binfmt_misc.automount, proc-sys-fs-binfmt_misc.mount, systemd-binfmt.service, systemd-tmpfiles-resetup.service activating the configuration... [agenix] creating new generation in /run/agenix.d/7 [agenix] decrypting secrets... decrypting '/nix/store/maqzlgf99r1sf65xx2jiwzsmdm7jnzws-keepassxc.age' to '/run/agenix.d/7/keepassxc'... decrypting '/nix/store/xlrhprsclp2l23mvm1bppsw6za819imn-restic-backup-edna.age' to '/run/agenix.d/7/restic-backup-edna'... decrypting '/nix/store/ggr2z8ylnzl4wld7zb32nghn3qg9v82c-restic-backup-edna-remote.age' to '/run/agenix.d/7/restic-backup-edna-remote'... decrypting '/nix/store/gp4clfixjmkhfvqmkcms6a4pb1jhxlc1-restic-backup-home-khalil.age' to '/run/agenix.d/7/restic-backup-home-khalil'... decrypting '/nix/store/1wdan709p9lsx2jn9hzkf9sdapi20i1a-restic-backup-home-khalil-remote.age' to '/run/agenix.d/7/restic-backup-home-khalil-remote'... decrypting '/nix/store/km4clf3936mji6b4h30yj5ccqcn1600x-tailscale.age' to '/run/agenix.d/7/tailscale'... decrypting '/nix/store/2l8p93vz8jz4kc7z5339mrxjibpz46lj-users_khalil_passwd.age' to '/run/agenix.d/7/users_khalil_passwd'... [agenix] symlinking new secrets to /run/agenix (generation 7)... [agenix] removing old secrets (generation 6)... [agenix] chowning... setting up /etc... reloading user units for khalil... reloading user units for root... restarting sysinit-reactivation.target reloading the following units: dbus.service restarting the following units: nix-daemon.service, polkit.service starting the following units: accounts-daemon.service, systemd-tmpfiles-resetup.service the following new units were started: systemd-localed.service Shared connection to andromeda.host.ksantana.net closed. Done. The new configuration is /nix/store/wzik0pvb0647gdnqfjlrp3j8dvm9mjh4-nixos-system-andromeda-25.11.20250527.4faa5f5 nixos-rebuild switch --flake .#andromeda --target-host 8,03s user 1,13s system 34% cpu 26,367 total khalil:~/Documentos/NixOS % time nixos-rebuild switch --flake .#andromeda --target-host root@andromeda.host.ksantana.net building the system configuration... copying 0 paths... Shared connection to andromeda.host.ksantana.net closed. Shared connection to andromeda.host.ksantana.net closed. activating the configuration... [agenix] creating new generation in /run/agenix.d/8 [agenix] decrypting secrets... decrypting '/nix/store/maqzlgf99r1sf65xx2jiwzsmdm7jnzws-keepassxc.age' to '/run/agenix.d/8/keepassxc'... decrypting '/nix/store/xlrhprsclp2l23mvm1bppsw6za819imn-restic-backup-edna.age' to '/run/agenix.d/8/restic-backup-edna'... decrypting '/nix/store/ggr2z8ylnzl4wld7zb32nghn3qg9v82c-restic-backup-edna-remote.age' to '/run/agenix.d/8/restic-backup-edna-remote'... decrypting '/nix/store/gp4clfixjmkhfvqmkcms6a4pb1jhxlc1-restic-backup-home-khalil.age' to '/run/agenix.d/8/restic-backup-home-khalil'... decrypting '/nix/store/1wdan709p9lsx2jn9hzkf9sdapi20i1a-restic-backup-home-khalil-remote.age' to '/run/agenix.d/8/restic-backup-home-khalil-remote'... decrypting '/nix/store/km4clf3936mji6b4h30yj5ccqcn1600x-tailscale.age' to '/run/agenix.d/8/tailscale'... decrypting '/nix/store/2l8p93vz8jz4kc7z5339mrxjibpz46lj-users_khalil_passwd.age' to '/run/agenix.d/8/users_khalil_passwd'... [agenix] symlinking new secrets to /run/agenix (generation 8)... [agenix] removing old secrets (generation 7)... [agenix] chowning... setting up /etc... reloading user units for khalil... reloading user units for root... restarting sysinit-reactivation.target Shared connection to andromeda.host.ksantana.net closed. Done. The new configuration is /nix/store/wzik0pvb0647gdnqfjlrp3j8dvm9mjh4-nixos-system-andromeda-25.11.20250527.4faa5f5 nixos-rebuild switch --flake .#andromeda --target-host 0,12s user 0,07s system 3% cpu 4,908 total My flake.nix: { description = "KhalilSantana's NixOS configuration"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-staging-next.url = "path:/mnt/data/@src-code/nixpkgs"; pre-commit-hooks.url = "github:cachix/git-hooks.nix"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; nix-flatpak.url = "github:gmodena/nix-flatpak"; # unstable branch. Use github:gmodena/nix-flatpak/?ref=<tag> to pin releases. agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; # use the same nixpkgs as the main flake inputs.darwin.follows = ""; # optionally choose not to download darwin deps (saves some resources on Linux) }; }; outputs = { self, nixpkgs, nixpkgs-staging-next, nix-flatpak, home-manager, agenix, pre-commit-hooks, ... }: let supportedSystems = [ "x86_64-linux" "aarch64-linux" ]; forAllSystems = nixpkgs.lib.genAttrs supportedSystems; # Common function to create a host configuration mkHost = { hostName, system, extraModules ? [ ], extraSpecialArgs ? { }, }: nixpkgs.lib.nixosSystem { inherit system; modules = [ ./hosts/${hostName}/default.nix agenix.nixosModules.default nix-flatpak.nixosModules.nix-flatpak home-manager.nixosModules.home-manager { home-manager = { useGlobalPkgs = true; useUserPackages = true; users.khalil = ./home.nix; }; } ] ++ extraModules; specialArgs = { stagingNextPkgs = import nixpkgs-staging-next { system = "aarch64-linux"; }; } // extraSpecialArgs; }; # Common function to create a colmena host mkColmenaHost = { hostName, system, extraModules ? [ ], extraSpecialArgs ? { }, }: { imports = [ ./hosts/${hostName}/default.nix agenix.nixosModules.default nix-flatpak.nixosModules.nix-flatpak home-manager.nixosModules.home-manager { home-manager = { useGlobalPkgs = true; useUserPackages = true; users.khalil = ./home.nix; }; } ] ++ extraModules; nixpkgs.system = system; deployment.targetHost = "${hostName}.host.ksantana.net"; _module.args = { stagingNextPkgs = import nixpkgs-staging-next { system = "aarch64-linux"; }; } // extraSpecialArgs; }; in { formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style); # https://github.com/cachix/git-hooks.nix checks = forAllSystems ( system: let pkgs = import nixpkgs { inherit system; }; in { pre-commit-check = pre-commit-hooks.lib.${system}.run { src = ./.; hooks = { nixfmt-rfc-style.enable = true; statix.enable = true; flake-checker.enable = true; deadnix.enable = true; gitleaks = { enable = true; name = "Gitleaks secrets scan"; entry = "${pkgs.gitleaks}/bin/gitleaks git --staged --baseline-path gitleaks-report.json -v --no-color --no-banner"; language = "system"; pass_filenames = false; stages = [ "pre-commit" ]; }; }; }; } ); devShells = forAllSystems (system: { default = nixpkgs.legacyPackages.${system}.mkShell { inherit (self.checks.${system}.pre-commit-check) shellHook; buildInputs = self.checks.${system}.pre-commit-check.enabledPackages; }; }); colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; overlays = [ ]; }; nodeSpecialArgs = { stagingNextPkgs = import nixpkgs-staging-next { system = "aarch64-linux"; }; }; }; "andromeda" = mkColmenaHost { hostName = "andromeda"; system = "x86_64-linux"; extraModules = [ { boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; } ]; }; "umbrella" = mkColmenaHost { hostName = "umbrella"; system = "x86_64-linux"; extraModules = [ { boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; } ]; }; "ocloud-ks" = mkColmenaHost { hostName = "ocloud-ks"; system = "aarch64-linux"; }; "littlesombrero" = mkColmenaHost { hostName = "littlesombrero"; system = "aarch64-linux"; }; }; nixosConfigurations = { andromeda = mkHost { hostName = "andromeda"; system = "x86_64-linux"; }; umbrella = mkHost { hostName = "umbrella"; system = "x86_64-linux"; }; ocloud-ks = mkHost { hostName = "ocloud-ks"; system = "aarch64-linux"; }; littlesombrero = mkHost { hostName = "littlesombrero"; system = "aarch64-linux"; }; }; }; } (I don't feel too confortable sharing the full git repo, but I can probably produce a shallow version of it if required, with minimal sensitive info)	01:46:09
	Johann Wagner joined the room.	07:46:25
Zhaofeng Li	Admittedly it's not easy to do directly, and in this specific case I think `nixos-rebuild` used the evaluation cache whereas Colmena cannot (you can test the raw evaluation speed by changing a file or passing `--option eval-cache false` to nixos-rebuild).	15:45:17
Zhaofeng Li	I wrote up what Colmena does to evaluate a configuration here: https://github.com/zhaofengli/colmena/issues/235	15:45:22
Zhaofeng Li	(cc: Khalil Santana)	15:46:55
Khalil Santana	Thank you! I'll test this and answer back with results	15:48:04
Khalil Santana	That seems to get `nixos-rebuild --flake` performance closer to colmena's, but there's still a significant difference (if I'm reading the output of `zsh`s `time` correctly, that is). `colmena apply --on=andromeda --nix-option eval-cache false 9,84s user 5,36s system 41% cpu 36,341 total nixos-rebuild switch --flake .#andromeda --target-host --option eval-cache 7,88s user 1,11s system 58% cpu 15,299 total`	15:54:11
Khalil Santana	I was trying to setup profiling in nix using this[1] to figure out why colmena is slower, but didn't quite succeed (I think I got a -ENOSPC or something due to `/tmp/` as tmpfs or something). Do you think something like this would be useful to debug this performance behaviour? [1] - https://github.com/crabdancing/nix-flamegraph	15:59:54
Khalil Santana	(cc: Zhaofeng Li )	16:03:25
Zhaofeng Li	In reply to @khalil:ksantana.net I was trying to setup profiling in nix using this[1] to figure out why colmena is slower, but didn't quite succeed (I think I got a -ENOSPC or something due to `/tmp/` as tmpfs or something). Do you think something like this would be useful to debug this performance behaviour? [1] - https://github.com/crabdancing/nix-flamegraph Yeah, I think something like this is useful in general, not just for colmena but for nixpkgs slowness as well	16:04:20
Zhaofeng Li	Also the issue I linked above has a list of commands that correspond to what Colmena actually evaluates underneath, so you can manually invoke the same evaluation in the profiler	16:04:25
Khalil Santana	Heh, it seems that plotting the flamegraph it is not quite possible in my system with 32GB of RAM.: khalil:~/Documentos/NixOS % nix run github:crabdancing/nix-flamegraph -- --target .#colmenaHive.toplevel.andromeda Started `nix eval` against target... Done. Running `stack-collapse`... Done. Running `inferno-flamegraph`... Error: Io(Kind(OutOfMemory)) nix run github:crabdancing/nix-flamegraph -- --target 655,34s user 224,26s system 97% cpu 14:59,05 total `[ 3404.188809] __vm_enough_memory: pid: 43928, comm: inferno-flamegr, bytes: 104871428096 not enough memory for the allocation [ 3404.188815] __vm_enough_memory: pid: 43928, comm: inferno-flamegr, bytes: 104871497728 not enough memory for the allocation [ 3404.188817] __vm_enough_memory: pid: 43928, comm: inferno-flamegr, bytes: 104871563264 not enough memory for the allocation`	17:28:21
19 Jun 2025
marshmallow	Am i crazy or did the makeHive change and the flake output being renamed not receive a changelog note?	05:41:10
hexa	it didn't even make a release, sooo	05:42:07
hexa	It's been long overdue, but Colmena 0.4.0 is finally here:	05:42:15
hexa	I't s been long overdue, again	05:42:21
	marshmallow changed their profile picture.	05:52:57
marshmallow	Oh, maybe I shouldn't be using main and assuming its stable. But the nixpkgs version appears to always break for me :(	05:58:03
	lgcl (she/they) changed their display name from lgcl (they/them) to lgcl (she/they).	18:08:04
20 Jun 2025
	LARPing tech Simps like Hacker News users changed their display name from SS Bullshit Dreams to Corporate Cute.	22:58:17
25 Jun 2025
	@freexploit:trafkin.com joined the room.	16:29:20
@freexploit:trafkin.com	Redacted or Malformed Event	16:30:02
prroet	In reply to @freexploit:trafkin.com I just want to say thank you 😄 for now I've been using colmena for more than a year to manage my home lab and it has been great Same here	16:35:29
27 Jun 2025
	R̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝ changed their display name from Redstone to R̴̨͕͇͍̞̮̐̅͆̌̀̉̐͋̈́̃̀͒́̎̅̚̚̚͠͝Ĕ̵̡̛͖͖̟̙̫̱͈̘̞̭͍͍͑̌̄͑̓̋̓̀̈̏̈́͊̇͊͆̉͂̏̀̃̚͘͝͝ͅͅD̶̡̢͔̱̖̮͙͉̘̺͓͍̩̮͈͍͗̃̀̏͌͘͜ͅŚ̸̬̭̯̬͙͇͓̬̩̳̤͚͓̤̩̺͉͖̉͛̓̿̎͊̿̆́̐͂̇͌̄̇̓͘ͅͅT̴̞̫̘̝͇͔̟̪̪̦͂̔̎̀̎ͅŎ̷̡̬̹̪͈̭̣͈̭̭͉̦̖̝̘̪͖͔̥̦̘̻̳Ṋ̶̛̫͈̳̘͚̜̔̋͆̅̈́͊̑͊̉̌̈́̾͑̈́̚ͅË̸̡̨̨̛͇̜̖͔͖̻̟̗̠̙͓̘̗̥͉͇̜͑͆͊͑͑̀̓͒͜͝͝.	00:56:43
28 Jun 2025
	tebriel joined the room.	21:14:16
29 Jun 2025
	Jonathan Tremesaygues joined the room.	13:29:44
30 Jun 2025
tebriel	is there an equivalent of `nix flake check` for the colmena hive configurations? like flake check evaluates `nixosConfigurations.<name>.config.system.build.toplevel`	00:20:58
	felschr joined the room.	22:01:32
4 Jul 2025
	Emanuel Johnson Godin joined the room.	22:48:54
Emanuel Johnson Godin	I'm looking to switch from deploy-rs to colmena. But colmena's module feels strange. Why do I put host configuration inside `outputs.colmena`? Shouldn't `outputs.colmena` consume `nixosConfiguration`s?	22:51:18

Show newer messages

Back to Room ListRoom Version: 6