| 14 Mar 2026 |
 zoë (she/her) | In reply to @webtier:unredacted.org
WHAAAAAAAAATTTTTSSSSSSUUUUUUUPPPPPPP LIXXXXXXXOOOOOOOOOSSSSSSSSSS mostly my lix+nixos-running server, for the last 154 days, when i first started learning/using nix :p | 13:35:10 |
 webtier | Sounds great! | 13:36:28 |
| webtier | What's up with #running-main:lix.systems ? I'm using flakes and want to migrate and saw this room in the docs | 13:40:24 |
| webtier | Oh wait, now it works, well, Fractal is weird! | 13:41:35 |
 K900 | It's for people running Lix from main | 13:41:36 |
 sterni | Did I run into a GC timing with these builds or what?
https://buildkite.com/afnix/lix/builds/869
https://buildkite.com/afnix/lix/builds/870
https://buildkite.com/afnix/lix/builds/871 | 13:50:01 |
| sterni | I can't reproduce any of these failures in case, so would be helpful if someone could try bonking these pipeline runs | 13:52:29 |
 raitobezarius | yes, it's my fault | 14:53:14 |
| raitobezarius | kicked again | 14:53:36 |
| sterni | seems to persist, maybe is the sqlite db corrupted on the builder? | 14:56:34 |
| sterni | ah nvm looked at the wrong thing | 14:56:54 |
| sterni | * seems to persist, maybe is the sqlite db corrupted on the builder? | 14:57:10 |
| raitobezarius | build03 has this persistent issue, but I already nuked the store and this was not sufficient | 15:02:21 |
| raitobezarius | I took out the builder | 15:02:28 |
| sterni | sounds ominous | 15:02:49 |
| raitobezarius | I think it's stupid | 15:03:03 |
 antifuchs | hm, is there a recommended thing for updating stuff like go module hashes, or is nix-prefetch with --eval the best we got? I am trying to use that in CI but it depends on so much ambient stuff to work that I'm not sure how to set up for it. | 17:32:57 |
| antifuchs | (needs a nixpkgs channel that it passes to the eval closure, then something is required for fetchgit to be capable of fetching git inputs, and by now I'm ready to throw up my hands and be very unhappy at it) | 17:34:01 |
|  Orion joined the room. | 17:44:06 |
 emily | nix-update? | 21:48:28 |
| 15 Mar 2026 |
| antifuchs | hmmmm, kinda? but that doesn't seem to play too well with npins (which is what my custom packages' sources all use)... | 00:40:09 |
| antifuchs | the nix-prefetch expression magic is really nice, if only it worked in my ci setup (or if only I could figure out why it's trying to evoke an attribute on fetchgit that doesn't exist there but exists on my dev machine) | 00:41:58 |
| antifuchs | this whole hermetics thing is very convenient, until it goes away | 00:42:23 |
 Sofie 🏳️⚧️🐾 (she/her) | K900have u found a way to have secrets in nix build yet? :3 | 06:26:49 |
| Sofie 🏳️⚧️🐾 (she/her) | * K900have u found a way to have secrets in nix builds yet? :3 | 06:27:02 |
| webtier | Funny that you're mentioning this because I was running into something like this yesterday, so while migrating I was getting a number of errors which were all pointing to my secrets.nix file not being evaluated properly (whatever the terminology is). Background is that I was handling secrets by first git adding a template secrets.nix, and then doing git update-index --assume-unchanged secrets.nix.
So quite surprisingly, native nix build system handled that well, lix was running into issues though because the changes weren't tracked and was probably seeing a bunch of nulls. Food for thought.
| 10:58:44 |
| webtier | Ofc this is just my dumb way of handling it, I could also use git secrets or something more sophisticated, but wanted to mention this edge-case. | 11:00:56 |
| Sofie 🏳️⚧️🐾 (she/her) | impure access to /run/secrets would basically be enough | 11:01:39 |
| Sofie 🏳️⚧️🐾 (she/her) | maybe an option to enable it in pure mode | 11:01:47 |
| zoë (she/her) | In reply to @sofiedotcafe:catgirl.cloud
K900have u found a way to have secrets in nix build yet? :3 is this about using secrets during the build of a derivation? cause i'd be a very curious how you do that securely with a multi-user setup :3 | 13:10:59 |
