| 10 Jan 2022 |
 @worldofgeese:one.ems.host | I'm a little confused about getting started and could use a little guidance.
So I've read through the first few pages of documentation and started to split out my configuration.nix into a users/worldofgeese/default.nix for user stuff, filesystem stuff into a hosts/endless-summer.nix and filled out the root user with a hashed password and pubkey.
So I'm ready to go, right? Here's where I get confused: the install instructions indicate I should build an ISO from the bootstrap.nix but that won't source a lot of my personalizations. Do I wait on those until after I've built and booted a minimal ISO? | 19:51:54 |
| @worldofgeese:one.ems.host | DevOS also has a tool for creating a guideline hosts file so I assume I wait on including my personal changes but I'm unsure | 19:52:47 |
| 11 Jan 2022 |
 Daniel Phan on conduit | In reply to@worldofgeese:one.ems.host
I'm a little confused about getting started and could use a little guidance.
So I've read through the first few pages of documentation and started to split out my configuration.nix into a users/worldofgeese/default.nix for user stuff, filesystem stuff into a hosts/endless-summer.nix and filled out the root user with a hashed password and pubkey.
So I'm ready to go, right? Here's where I get confused: the install instructions indicate I should build an ISO from the bootstrap.nix but that won't source a lot of my personalizations. Do I wait on those until after I've built and booted a minimal ISO?
Yes, normally you would into a minimal ISO and deploy your personalizations to the remote machine. Since this is your first time installing, you can copy your devos config to the booted ISO and nixos-install from that. | 01:58:02 |
| @worldofgeese:one.ems.host | 
Download DSC_0000_BURST20220111103107683_COVER.JPG | 09:34:38 |
| @worldofgeese:one.ems.host | I got a little further on this, thanks Daniel (and cool you're running Conduit, that's why I'm setting up a NixOS server now with the recently merged Conduit service).
Following the documentation to set authorizedKeys, the key is set in the ISO but restrictive firewall rules block access to sshd. | 09:34:42 |
| @worldofgeese:one.ems.host | I needed to clear the iptables rules and was then able to ssh into the live environment | 09:34:59 |
| @worldofgeese:one.ems.host | Is this intended behavior? | 09:35:11 |
| Daniel Phan on conduit | The docs actually didn't mention that you would need networking.trustedInterfaces = [ "eth0" ]; | 10:26:57 |
| Daniel Phan on conduit | I found out about networking.trustedInterfaces because I tried to opened port for Spotify and my phone couldn't detect my computer, though I only tested this with tailscale. | 10:32:53 |
| Daniel Phan on conduit | Oops, nevermind. https://github.com/divnix/devos/blob/main/profiles/core/default.nix#L149 wasn't true by default, so you had to clear the iptables rules. | 10:37:10 |
| @worldofgeese:one.ems.host | I can make a PR for the docs to specify that openFirewall must be set to true when creating an ISO if remote access is desired | 10:40:43 |
| Daniel Phan on conduit | Yes, that will do. Just set services.openssh.openFirewall = true; in hosts/bootstrap.nix and recreate the ISo | 10:41:58 |
| Daniel Phan on conduit | * Yes, that will do. Just set services.openssh.openFirewall = true; in hosts/bootstrap.nix and recreate the ISO | 10:42:00 |
| @worldofgeese:one.ems.host | Well, I almost succeeded in the initial install but was bitten by https://github.com/NixOS/nixpkgs/issues/73404.
The suggested solution is to `nixos-enter` and try again but that doesn't work because `nixos-install --flake .#host` expects `/mnt`
I have logs at https://gist.github.com/worldofgeese/76446406a2c970a8908167bad8482596 | 20:03:00 |
| Daniel Phan on conduit | What about nixos-rebuild boot .#host? | 20:06:28 |
| @worldofgeese:one.ems.host | From inside the chroot? | 20:14:09 |
| Daniel Phan on conduit | Yep | 20:14:13 |
| @worldofgeese:one.ems.host | Let me give it a shot | 20:14:28 |
| @worldofgeese:one.ems.host | Redacted or Malformed Event | 20:24:14 |
| @worldofgeese:one.ems.host | Well, maybe? I think all that's left is to try a reboot and see | 20:26:56 |
| @worldofgeese:one.ems.host | There's no output apart from warning that my git tree is dirty and some cachix saved settings | 20:27:28 |
| @worldofgeese:one.ems.host | I'm going to do a systemctl reboot and pray 🙏🏼 | 20:27:53 |
| @worldofgeese:one.ems.host | Hard stop at GRUB. 🤔 And I did have systemd-boot enabled. I'll give this another try tomorrow, thanks again Daniel | 20:34:42 |
| @worldofgeese:one.ems.host | Pushed my forked config to https://github.com/worldofgeese/devos | 20:53:11 |
| 13 Jan 2022 |
 @gytis-ivaskevicius:matrix.org | Whats exactly the reason why flakes are not expected to support nested package sets in the future? | 14:35:24 |
| @gytis-ivaskevicius:matrix.org | is it due to extra eval? | 14:35:42 |
 Pacman99 | I think the simplest reason is that it hurts the performance of nix search | 18:12:36 |
| Pacman99 | But looking at the decision with the end goal of flakes in mind, it makes sense that a flake should advertise a set of package around the topic of that flake. A nested package set indicates that the flake might need to be seperated. | 18:13:52 |
| Pacman99 | * But looking at the decision with the end goal of flakes in mind, it makes sense that a flake should advertise a set of packages around the topic of that flake. A nested package set indicates that the flake might need to be seperated. | 18:15:14 |
| Pacman99 | * But looking at the decision with the end goal of flakes in mind, it makes sense that a flake should advertise a set of packages around the topic of that flake. A nested package set indicates that a flake should be separated. | 18:15:25 |
