| 21 Jul 2022 |
 polygon_ | I have a Hydra running and now want to add a nix-serve instance to use it as a binary substituter. I've been following https://nixos.wiki/wiki/Binary_Cache for the most part. However, I have some issues with configuring the private key for nix-serve. I have
services.nix-serve.secretKeyFile = "/var/cache-priv-key.pem"
in my config and doing "systemctl cat nix-serve" also shows:
LoadCredentials=NIX_SECRET_KEY_FILE:/var/cache/cache-priv-key.pem
But when I try to obtain a narinfo, automatic signing fails with the following error:
cannot open file '/run/credentials/nix-serve.service/NIX_SECRET_KEY_FILE': permission denied
Is this a known issue? I am running on 22.05 | 14:19:05 |
| polygon_ | Fixed it by removing the secretKeyFile line and adding systemd.services.nix-serve.serviceConfig.Environment = "NIX_SECRET_KEY_FILE=/var/cache-priv-key.pem" | 14:47:18 |
| polygon_ | still a bit weird | 14:47:21 |
 Sandro |
I have a Hydra running and now want to add a nix-serve instance to use it as a binary substituter.
hydra is already a substituter.
For example I nuked the nix-serve in the hackspace and changed the reverse proxy to redirect directly to hydra.
| 15:51:46 |
 @grahamc:nixos.org | one thing to note is hydra is not very good at it | 16:26:41 |
| @grahamc:nixos.org | * one thing to note is hydra is not very good at it, like (iirc) it fully buffers NARs before sending them to clients | 16:26:58 |
 ajs124 | polygon_: is using nix-serve though, right? | 16:34:11 |
| ajs124 | personally, I'd recommend harmonia instead (obviously), but maybe you should talk about that to somebody more impartial | 16:34:41 |
| Sandro | is nix-serve doing that differently? | 16:35:30 |
| polygon_ | Mhm, hydra on 3000 is a substituter | 17:18:52 |
| polygon_ | Yes, I was using nix-serve | 17:33:01 |
 kayla (she/they) | jsyk, last I checked, nixpkgs nix-serve conflicts with the hydra flake, if you're going that route | 19:36:39 |
| kayla (she/they) | * jsyk, last I checked, nixpkgs nix-serve conflicts with the hydra flake, if you're going that route
(https://github.com/NixOS/nixpkgs/blob/nixos-22.05/pkgs/tools/package-management/nix-serve/default.nix#L50) | 19:40:09 |
| kayla (she/they) | * jsyk, last I checked, nixpkgs nix-serve conflicts with the hydra flake, if you're going that route
Oh it's fixed! https://github.com/NixOS/nix/commit/948515efb775c22df5a2585443a0c7f86d2dc64d | 19:42:25 |
| kayla (she/they) | * jsyk, last I checked, nixpkgs nix-serve conflicts with the hydra flake, if you're going that route
Oh it's fixed! https://github.com/NixOS/nix/commit/948515efb775c22df5a2585443a0c7f86d2dc64d Thanks Eelco! | 19:43:07 |
|  dhess left the room. | 21:20:52 |
| 22 Jul 2022 |
 Amanda (she/her) | What's Hydra's compatability promise? Cause if it's not needing to support before 22.05 then https://github.com/NixOS/hydra/blob/master/hydra-module.nix#L231 should be changed to nix.settings.trusted-users = ... | 14:19:38 |
| Amanda (she/her) | I was going to throw in a quick PR, but I wasn't sure if that'd break any compat | 14:20:12 |
| Amanda (she/her) | NixOS unstable complains about that useage, not sure if the complaint is in 22.05 as well | 14:20:49 |
| Sandro | we should probably change that when 21.11 is EOL | 14:23:09 |
 Rick (Mindavi) | Maybe PR a comment with a todo then? | 14:24:31 |
| Rick (Mindavi) | Oh, isn't 21.11 already EOL? | 14:25:13 |
 hexa | it is very much EOL | 14:25:48 |
| hexa | since the end of june | 14:25:56 |
 das_j | In reply to @rick:matrix.ciphernetics.nl
Oh, isn't 21.11 already EOL? Depends on where you look tbh | 14:27:16 |
| das_j | In reply to @amanda:camnet.site
What's Hydra's compatability promise? Cause if it's not needing to support before 22.05 then https://github.com/NixOS/hydra/blob/master/hydra-module.nix#L231 should be changed to nix.settings.trusted-users = ... I don't think there is one | 14:27:31 |
| Amanda (she/her) | 22.05 and unstable are all that are shown in search.nixos.org so I'd assume those were the non-EOL versions | 14:28:23 |
| das_j | In reply to @amanda:camnet.site
22.05 and unstable are all that are shown in search.nixos.org so I'd assume those were the non-EOL versions status.nixos.org says something different | 14:29:10 |
| hexa | funny | 14:29:34 |
| hexa | very funny | 14:29:35 |
