 | Nix: Cloud Native | 260 Members |
| 65 Servers |
| Nix: Cloud Native | 260 Members |
| 65 Servers |
| Sender | Message | Time |
|---|---|---|
| 23 Oct 2025 | ||
 lillecarl | FrΓ©dΓ©ric Christ: If you're curious to try out nix-csi I would happily hold your hand π The deployment docs are quite sparse still | 12:28:00 |
| lillecarl | I implemented support for setting storepaths as volumeAttributes now, this will make nix-csi fetch from cache and do no building at all. Verbose(r) explanation here | 13:52:36 |
 Marcus | nix-csi seems quite interesting π | 21:46:54 |
 ggpeti left the room. | 21:48:41 | |
| Marcus | https://github.com/Lillecarl/nix-csi/blob/main/python/nix_csi/runbuild.py#L9 love the default node name π | 21:49:43 |
| lillecarl | Happy to hear, I'm excited AF2.0 to be honest π I posted the first actual example of using easykubenix + nix-csi in the announcement thread now π | 23:59:52 |
| 24 Oct 2025 | ||
| lillecarl |  Download shitbox IRL π€ͺ | 00:01:57 |
| lillecarl | I've also got terragrunix in the early stages. Right now it's missing generating the TF lockfile in a drv (required since TF want's to write the lockfile temporarily in module dir but it's RO), it's going to be terragrunt + terranix essentially. Reminds me of the time when I came into a consulting job where they had 300 Terrraform states for one environment, someone somehow misunderstood terragrunt and split essentially every resource into it's own terragrunt unit. I quit that job, it was a loser society πΈ | 00:25:02 |
| lillecarl | * I've also got terragrunix in the early stages. Right now it's missing generating the TF lockfile in a drv (required since TF wants to write the lockfile temporarily in module dir but it's RO), it's going to be terragrunt + terranix essentially. Reminds me of the time when I came into a consulting job where they had 300 Terrraform states for one environment, someone somehow misunderstood terragrunt and split essentially every resource into it's own terragrunt unit. I quit that job, it was a loser society πΈ | 00:36:51 |
| lillecarl | I don't think Terragrunt is worth the effort when rendering config with Nix anyways, it really really tries to own tofu more than I'd like it to. What do you guys use to manage multiple states and data between them? terranix + some build system and remote_state? | 22:29:40 |
| 27 Oct 2025 | ||
 genadij.udarov joined the room. | 16:35:29 | |
| 28 Oct 2025 | ||
 puffnfresh joined the room. | 08:30:03 | |
| 31 Oct 2025 | ||
 purrtner joined the room. | 23:56:13 | |
| 2 Nov 2025 | ||
| lillecarl | Still looking for Kubernetes users to try out nix-csi! π It's got a in-cluster cache (ssh-ng) now and you can reuse "builder nodes" as your own build cluster. The cache pod maintains a /etc/nix/machines config you can SCP onto your machine and with some ssh_config you get all builder labeled nodes accessible from nix CLI on your machine: ^ Pretty much like this, the list is always up2date on the cache (watching pod nix-csi-node pod events). Works with aarch64-linux and x86_64-linux so for cross-building it's pretty neat. Still investigating the proper way to trigger cache population within the cluster when doing remote builds | 17:03:49 |
| lillecarl | * Still looking for Kubernetes users to try out nix-csi! π It's got a in-cluster cache (ssh-ng) now and you can reuse CSI pods as your own build cluster. The cache pod maintains a /etc/nix/machines config you can SCP onto your machine and with some ssh_config you get all builder labeled nodes accessible from nix CLI on your machine: ^ Pretty much like this, the list is always up2date on the cache (watching pod nix-csi-node pod events). Works with aarch64-linux and x86_64-linux so for cross-building it's pretty neat. Still investigating the proper way to trigger cache population within the cluster when doing remote builds | 17:04:42 |
 Zhaofeng Li joined the room. | 17:30:41 | |
 Erik | @lillecarl:matrix.org: first time I have heard of nix-csi, definitively I will give a try. I found it really amazing! | 20:49:02 |
| lillecarl | Erik: It's still ~quite beta~, but I'm happy to provide some hand-holding π | 20:49:58 |
| lillecarl | * Erik: It's still ~quite beta~, but I'm happy to provide some hand-holding π The CSI bit works well, the cache bit works well if you hold it right-ish, hehe. There isn't an option to add your own caches and trust-keys currently so the beaten path is adding your pubkey and pushing to it, or providing expressions in the volumeAttributes | 20:51:34 |
| Erik | And how a container is invoked with nix-csi? | 20:53:53 |
| Erik | What I understand is that nix-csi avoids the necessity to an adapter like nixify to consume nix builds, or maybe i had misunderstood... | 20:56:01 |
| Erik | * What I understand is that nix-csi avoids the necessity of an adapter like nixify to consume nix builds, or maybe i had misunderstood... | 20:56:16 |
| lillecarl | Erik: Yeah, and it's zero copy too. you provide a volume to the pod. On it you put volumeAttributes. Either you put down ${system} = pkgs.whatever; or you put down expression = ''full independent nix expression''; In the first operating mode the storepath must be available on a cache, in the second one it'll build it in-cluster and store it on the built-in cache | 21:18:54 |
| lillecarl | The thing with running on the CSI layer is that you must still specify a container image (quay.io/nix-csi/scratch:1.0.1 which sets PATH to /nix/var/result) and you get the zero copy /nix from nix-csi π So it's a bit different as you specify the "image" through volumes rather than image, but it's what you've got to do to operate on the CSI layer π | 21:20:55 |
| lillecarl | There's nix-snapshotter which does the same thing on the CRI level but then you need their containerd and NixOS on the Kubernetes host, nix-csi can just be deployed anywhere Kubernetes runs any CRI which doesn't create VMs work π | 21:21:54 |
| Erik | really interesting | 21:23:10 |
| Erik | I will give a try for sure | 21:23:40 |
| lillecarl | https://gist.github.com/Lillecarl/3104898680ff9bd6128b6f4ddc2072e4 <- example podspec | 21:24:45 |
| Erik | Yeaaaah, i have stalikng your repo already | 21:25:14 |
| Erik | i got the main idea | 21:25:20 |