| 4 Nov 2024 |
 lassulus | I think the impure image script should be able to ask you for the password interactively | 19:38:23 |
 pinpox | How do I use that/make it ask? | 19:39:21 |
| pinpox | currently using this config:
https://termbin.com/v5pk
then running:
nix build .\#nixosConfigurations.limette.config.system.build.diskoImagesScript
sudo ./result --build-memory 4096 --pre-format-files /tmp/secret.key /tmp/secret.ke
dd if=main.raw ...
| 19:40:34 |
| pinpox | * currently using this config:
https://termbin.com/v5pk
then running:
nix build .\#nixosConfigurations.limette.config.system.build.diskoImagesScript
sudo ./result --build-memory 4096 --pre-format-files /tmp/secret.key /tmp/secret.key
sudo dd if=main.raw ...
| 19:42:26 |
 @brian:bmcgee.ie | I'm having trouble mixing in a passwordFile for vmVariantWithDisko. It doesn't seem to like merging this config:
virtualisation.vmVariantWithDisko = {
disko.devices.mdadm = let
passwordFile = pkgs.writeText "secret.key" "!Pa55w0rd";
in {
raid0.content.passwordFile = passwordFile;
raid5.content.passwordFile = passwordFile;
};
};
Gives me:
at «string»:1:1:
1| nixosConfigurations.saturn.config.virtualisation.vmVariantWithDisko.disko.devices.mdadm.raid0.content
| ^
… while evaluating the attribute 'value'
at /nix/store/vpzg5qjqwl76ichhjwwgmwc8v3j369q5-source/lib/modules.nix:809:9:
808| in warnDeprecation opt //
809| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
| ^
810| inherit (res.defsFinal') highestPrio;
(stack trace truncated; use '--show-trace' to show the full trace)
error: No type option set in:
{
passwordFile = <derivation secret.key>;
}
| 20:16:49 |
| @brian:bmcgee.ie | * I'm having trouble mixing in a passwordFile for vmVariantWithDisko. It doesn't seem to like merging this config:
virtualisation.vmVariantWithDisko = {
disko.devices.mdadm = let
passwordFile = pkgs.writeText "secret.key" "!Pa55w0rd";
in {
raid0.content.passwordFile = passwordFile;
raid5.content.passwordFile = passwordFile;
};
};
Gives me:
at «string»:1:1:
1| nixosConfigurations.saturn.config.virtualisation.vmVariantWithDisko.disko.devices.mdadm.raid0.content
| ^
… while evaluating the attribute 'value'
at /nix/store/vpzg5qjqwl76ichhjwwgmwc8v3j369q5-source/lib/modules.nix:809:9:
808| in warnDeprecation opt //
809| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
| ^
810| inherit (res.defsFinal') highestPrio;
(stack trace truncated; use '--show-trace' to show the full trace)
error: No type option set in:
{
passwordFile = <derivation secret.key>;
}
| 20:16:59 |
| lassulus | In reply to @pinpox:matrix.org
currently using this config:
https://termbin.com/v5pk
then running:
nix build .\#nixosConfigurations.limette.config.system.build.diskoImagesScript
sudo ./result --build-memory 4096 --pre-format-files /tmp/secret.key /tmp/secret.key
sudo dd if=main.raw ...
ah that is already the impure script, but you can skip configuring a keyFile in that case | 20:18:21 |
| @brian:bmcgee.ie | Here's the luks setup in my main disko config:
mdadm = {
raid0 = {
type = "mdadm";
level = 0;
content = {
type = "luks";
name = "crypted-root";
settings = {
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/home" = {
mountpoint = "/home";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
raid5 = {
type = "mdadm";
level = 5;
content = {
type = "luks";
name = "crypted-archive";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/archive" = {
mountpoint = "/archive";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/archive/media" = {
mountpoint = "/archive/media";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/archive/backups" = {
mountpoint = "/archive/backups";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
| 20:18:48 |
| @brian:bmcgee.ie | * Here's the luks setup in my main disko config:
disko.devices.mdadm = {
raid0 = {
type = "mdadm";
level = 0;
content = {
type = "luks";
name = "crypted-root";
settings = {
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/home" = {
mountpoint = "/home";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
raid5 = {
type = "mdadm";
level = 5;
content = {
type = "luks";
name = "crypted-archive";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/archive" = {
mountpoint = "/archive";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/archive/media" = {
mountpoint = "/archive/media";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"/archive/backups" = {
mountpoint = "/archive/backups";
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
| 20:19:12 |
| lassulus | that sounds like https://github.com/NixOS/nixpkgs/pull/254790#discussion_r1358073458 | 20:19:34 |
| @brian:bmcgee.ie | Yeah, looks like it | 20:21:41 |
| @brian:bmcgee.ie | I'll read this properly tomorrow and see if I can work around it | 20:23:30 |
|  Tanvir changed their profile picture. | 21:41:18 |
 tuxiqae | Is it possible to create an AWS image using nixos-generators with disk configuration defined by Disko? | 23:04:09 |
| pinpox | In reply to @lassulus:lassul.us
ah that is already the impure script, but you can skip configuring a keyFile in that case I tried commenting it out like this: https://termbin.com/v5pk but then it doesn't build an image | 23:27:26 |
 @kranzes:matrix.org | In reply to @tuxiqae:matrix.org
Is it possible to create an AWS image using nixos-generators with disk configuration defined by Disko? Honestly I would talk to Arianvp for stuff related to AWS images and nixos | 23:57:28 |
| 5 Nov 2024 |
|  Sait set a profile picture. | 06:56:03 |
| tuxiqae | Did anyone have any success with generating NixOS images using NixOS on a non-NixOS instance? | 11:08:06 |
| tuxiqae | * Did anyone have any success with generating NixOS images using Disko on a non-NixOS instance | 11:08:18 |
| pinpox | In reply to @pinpox:matrix.org
I tried commenting it out like this: https://termbin.com/v5pk but then it doesn't build an image lassulus: any other ideas? if not I'll submit an issue, but maybe I'm just doing it wrong? | 11:41:03 |
| lassulus | whats the output? did you try passwordFile? not sure it did something more smart :D | 11:41:29 |
| pinpox | lassulus: this is the output: https://gist.github.com/pinpox/a2ff60cadd0c8f40cbcf536a09b2552b | 11:49:29 |
| pinpox | It skipped over the password prompt instantly and errorer. Config is the one above, with the keyfile stuff commented out | 11:50:01 |
| lassulus | and you can't enter text in there? | 11:50:18 |
| pinpox | no | 11:50:23 |
| lassulus | hmm, sad | 11:50:27 |
| lassulus | then I guess passwordFile? | 11:50:40 |
| pinpox | In reply to @lassulus:lassul.us
then I guess passwordFile? but then it won't boot on the real thing as it keeps asking for the file | 11:51:20 |
| pinpox | In reply to @pinpox:matrix.org
sent an image. lassulus: | 11:51:29 |
| lassulus | wasn't that with keyFile? | 11:51:45 |
