| 1 Dec 2022 |
 Zhaofeng Li | Oops, you need both --sudo and --sudo-command=doas | 20:43:24 |
 @ask-yourself:matrix.org | It still seems to complain in the same way:
.dotfiles on main [!+] λ colmena apply-local --sudo --sudo-command=doas
error: getting the HEAD of the Git tree '/home/isaac/.dotfiles' failed with exit code 1:
error: executing 'git': No such file or directory
(use '--show-trace' to show detailed location information)
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ChildFailure { exit_code: 1 }', src/command/apply_local.rs:95:55
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
| 20:46:55 |
| Zhaofeng Li | Yeah, because the whole deployment process is relaunched as root and Nix depends on git in the PATH for flakes, you would need to add it to the global (or root's) environment. | 20:48:07 |
| @ask-yourself:matrix.org | Don't I do that with keepEnv? | 20:48:46 |
| @ask-yourself:matrix.org | {user, ...}: {
# deployment.privilegeEscalationCommand = ["doas"];
security = {
doas = {
enable = true;
extraRules = [
{
keepEnv = true;
noPass = true;
users = ["${user}"];
}
];
};
sudo.enable = true ;
};
}
| 20:48:51 |
| Zhaofeng Li | Does doas git work? | 20:49:51 |
| @ask-yourself:matrix.org | Yup. | 20:50:02 |
| Zhaofeng Li | Hmm, this is very weird indeed. | 20:52:00 |
| Zhaofeng Li | And the weirdness is part of the reason I changed it to only escalate during activation. Permissions can also be easily messed up if you interact with the flake as another user. | 20:52:18 |
| @ask-yourself:matrix.org | I can deinitely switch to unstable. | 20:52:58 |
| @ask-yourself:matrix.org | I was just a bit confused how to do that. | 20:53:04 |
| Zhaofeng Li | nix shell github:zhaofengli/colmena should get you in a shell that has the unstable colmena. To add it to your config, add inputs.colmena.url = "github:zhaofengli/colmena"; and insert colmena.packages.${system}.colmena to devShell/systemPackages. | 20:55:36 |
