Nix / NixOS

https://hachyderm.io/@wilson/111515849801909154

A key thing to note:
"Updating with nixos-rebuild boot and rebooting is recommended, since in some rare cases the nixos-rebuild switch into the new generation on a live system might fail due to missing mount units."

Also I'm not sure if this is the beta release as Package Search currently(as of 3:22am) displays channel option: "23.11 Beta" (this might get updated soon who knows)

Other notable things that I've seen in the release notes:

• sudo-rs is now supported
• btrfs now can be auto resized
• NetworkManager now uses nftables backend unconditionally
• new service options for SearXNG "for better support"
• new option for QEMU for enabling "specifying explicitly named network interfaces in QEMU VMs"
• "virt-manager, an UI for managing virtual machines in libvirt, is now available as programs.virt-manager."
  • (this one's gonna be interesting for my config as I currently have it installed as a package, I'm gonna guess it's probably fine)
• fail2ban configuration with attribute sets
• "New boot.bcache.enable (default enabled) allows completely removing bcache mount support."

Either way I'd def recommend checking out their announcement and releases page for more details~
Thanks to the devs for making an awesone distro!🤗🎉

We are starting a new meetup group for the Rhein-Neckar-Region in Heidelberg, Germany.

The first event will take place on December 19 at the University's Mathematikon.

The twist is that we're beginning with a dual-topic meetup: Nix & Rust.

As there is some overlap between the two communities and we couldn't decide for which of the two we'd rather organize a meetup, we went for both in one.

The meetup is organized through the regional Mobilizon instance: https://rheinneckar.events/events/298e520c-89ca-4754-96f8-e252b96b7a46

Please sign up if you plan on attending so we can make sure there is enough space for all participants. Also feel free to drop an email at nixrust@rheinneckar.events or a Mastodon message at https://rheinneckar.social/@NixRust if you would like to become a speaker for the meetup, be it with a NixOS or Rust topic, or a combination of both!

The current (tentative) schedule:

• 18:30 - Open Doors

• 19:00 - Greeting

• 19:05 - An Introduction to Nix

• 19:30 - Second Talk (Rust related)

• 20:00 - Networking and get together

Someone on another website asked me whether it makes sense to use agenix or sops-nix to encrypt secrets for NixOS configurations.

I realized that I hadn't seen a good overview article of the different approaches to secret handling in NixOS and when each one is appropriate to use, so I put down all of my knowledge and opinions in this post 🤞

Sorry Noob here. This is my second time trying NixOS as a desktop. I just did a new installation of NixOS on my main pc.

In Arch my goto kernel was the Zen kernel. Is something similar available on NixOS ?

What kernels do you use / has got the most out of ?

I've made a fun little project inspired by this (except it's not updated any more).

It provides easy instructions for installing old versions of packages, it takes them straight from the official nixpkgs repo.

Example: https://history.nix-packages.com/package/dotnet-sdk_3/3.1.426 (.NET SDK 3.1 actually prompted the creation of this tool, I needed it for one old project).

Each detail page provides instructions on how to install the package using nix-shell, nix-shell with shell.nix file, configuration.nix and nix-env.

The design is based on https://search.nixos.org (because I suck at graphical design).

Do let me know what you think!

It currently requires some extra steps to get Nitter up and running on NixOS as I found out yesterday. I documented the process for anyone else who might be looking to run their own Nitter instance between now and the trunk branch of Nitter being functional again.

Reason for this post is to encourage external NixOS users to join our instance,

• not sure if this'll work but it's an interesting experiment for me😆

1. Configuring VS Code extensions with Home Manager

@Operator21 it seems that you're trying to install VSCodium in Home Manager. While I've stopped using HM and can't directly answer this I hope the following config helps: VSCodium override in configuration.nix - pastebin

2. Brother Printers

@CharleHuff, one suggestion I have for fixing your printer problem is to host a Windows VM and print within it,

• With Virt-manager, your configuration will look like this:

configuration.nix:

  ## [NixOS Virt-manager](https://nixos.wiki/wiki/Virt-manager)

  services =
  {
    ## Enables the qemu guest agent.
    qemuGuest.enable = true;
  };

  dconf.settings =
  {
    "org/virt-manager/virt-manager/connections" =
    {
      autoconnect = ["qemu:///system"];
      uris = ["qemu:///system"];
    };
  };


  ## Ungrouped Single-line configs:
  # virtualisation.libvirtd.enable = true;
  # programs.virt-manager.enable = true;

  ## Grouped configs:
  virtualisation =
  {
    ## Enables the libvirtd daemon that manages virtual machines.
    libvirtd.enable = true;

    ## Enables SPICE USB redirection helper with setuid privileges.
    ## Enable/uncomment to pass USB devices into your guest VMs
    # spiceUSBRedirection.enable = true;
  };

  programs =
  {
    ## Enables Virt-manager.
    virt-manager.enable = true;
  };


  users =
  {
    users =
    {
      <your_system_username> =
      {
        extraGroups = ["wheel" "storage" "networkmanager" "libvirtd"];

        ## tbh this might not be needed:
        ## this is from my days with archlinux (installing all dependencies)
        packages = with pkgs;
        [
          ## Virtual machine software/packages.
          dconf           # is a low-level configuration system. Its main purpose is to provide a backend to GSettings on platforms that don't already have configuration storage systems.
          dnsmasq         # An integrated DNS, DHCP and TFTP server for small networks.
          # bridge-utils  # (deprecated in favour of iproute2).
          iproute2        # A collection of utilities for controlling TCP/IP networking and traffic control in Linux.
          # ebtables      # (deprecated in favour of iptables).
          iptables        # A program to configure the Linux IP packet filtering ruleset.
          libguestfs      # Tools for accessing and modifying virtual machine disk images.
          libvirt         # A toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes.
          netcat-openbsd  # TCP/IP swiss army knife. OpenBSD variant.
          OVMF            # Sample UEFI firmware for QEMU and KVM.
          qemu_full       # provides qemu_kvm.
          vde2            # Virtual Distributed Ethernet, an Ethernet compliant virtual network.
          virt-manager    # Desktop user interface for managing virtual machines.
        ];
      };
    };
  };

• Or if you want to use Oracle VirtualBox:

configuration.nix:

  ## [NixOS VirtualBox](https://nixos.wiki/wiki/VirtualBox)

  ## Required for forwarding USB_2/3 to your guest VMs.
  ## Uncomment to enable [unfree packages](https://nixos.wiki/wiki/FAQ/unfree).
  nixpkgs.config.allowUnfree = true;


  ## Ungrouped Single-line configs:
  # virtualisation.virtualbox.host.enable = true;
  # users.extraGroups.vboxusers.members = [ "user-with-access-to-virtualbox" ];

  ## Grouped configs:
  virtualisation =
  {
    virtualbox =
    {
      ## Enables VirtualBox.
      host.enable = true;

      ## Required for forwarding USB_2/3 to your guest VMs.
      ## Uncomment to enable extensions.
      # host.enableExtensionPack = true;

      ## Uncomment to enable VirtualBox Guest Additions.
      # guest.enable = true;
      # guest.x11 = true;
    };
  };


  users =
  {
    ## Enable VirtualBox.
    extraGroups.vboxusers.members = [ "user-with-access-to-virtualbox" ];

    users =
    {
      <your_system_username> =
      {
        extraGroups = ["wheel" "storage" "networkmanager"];

        packages = with pkgs;
        [
          nano
        ];
      };
    };
  };

after finishing modifications run sudo nixos-rebuild switch --upgrade, hope this helps! 🤗

I've found the built in nix firewall to be somewhat lacking (can't have different ports open on different networks for instance, I would rather reduce my attack surface while out on other people's/public WiFi)

Is it possible to use other firewall software on NixOS declaratively?

I agree that dockerfile's are not very reproducible. But honestly, that's not how most people use it. I believe most people just pull the already built image which is very reproducible. Anyways, I found this video interesting and thought I'd share it and get your guys thoughts.

Edit: Solved at https://lemmings.world/comment/1719409

Hi there! I'm trying to make php and composer work. I have this in environment.systemPackages:

    (pkgs.php82.buildEnv {
      extensions = ({ enabled, all }: enabled ++ (with all; [
        xdebug
        redis
      ]));
      extraConfig = ''
        memory_limit=2G
        xdebug.mode=debug
      '';
    })
    php82Extensions.redis

The problem is that while running php -m correctly prints that redis extension is installed, composer does not, because it uses a different php:

• file $(which php) prints the path /nix/store/igx8j4qjxy9jyj8kjyccwarnzqq5vsml-php-with-extensions-8.2.9/bin/php
• cat $(which composer) shows that it's a wrapper for '/nix/store/lv4prxa52zifr54ws56iz3b9kdhs1b5w-php-with-extensions-8.2.9/bin/php' --add-flags '/nix/store/avqj0662f4gg2s875zlbbjajx6fm6bl0-php-composer-2.5.5/libexec/composer/composer.phar'

Note that the path to php is different. Is there any way to correct it on my side? I'd like to avoid having to install composer manually

I hope I am not coming across as spamming as this is my third post to this community today. I won't do another today but I just thought this was interesting. I watch most of CTT's videos and this was one from a live stream where he went into gaming on NixOS.

I was looking up gaming on NixOS and I came across this video. I have never seen this creator before but the video was interesting. So, I thought I'd share.

I know you can go github and just do a file search. I am just wondering if there is a place where people share and give descriptions. I would like to see what is out there in terms of "gaming configurations". But, I also would love to just read some random configs that can help me learn new concepts of what can be done in the config.

I've got a small haskell project and I am building it using a flake using cabal2nix based on a package.yaml file.

nix build works fine, but I have trouble with my nix develop shell. The shell is built using shellFor from haskellPackages.

Is it possible to construct a shell that contains all dependencies to build the package, but not the package itself? I tried returning the buildInputs from the packages function, but that didn't seem to have any effect. When I return my package from that function, all dependencies are available, however the package is also built - is that how it is supposed to be?

#nix #haskell

I was configuring DWM, among other things, for the last 3-4 days, and every single rebuild switch caused a new generation to appear. There were too many Systemd-boot entries so they couldn't even fit on the screen and continued down to Gen 41. It's just crazy.

Edit: This post: https://feddit.uk/post/1454176 shows the rest of the boot entries

I still unfortunately need a windows VM as backup Is it possible to declaratively setup a VM given a path/url to a virtual disk image

I've tried to dual boot with Fedora, NixOS being installed first, but now GRUB menu shows only options for Fedora and I lost my precious NixOS installation. Already tried everything described on Fedora wiki and various Internet sources, but to no avail. Worth mentioning that both os-prober and grub2-mkconfig finds Nix installation but it is not added to grub config.

Anyone know why my dualsense controller won't show up in Bluetooth discovery? Have confirmed it shows up and pairs on my phone and used to show up on my windows machine before I switched

• It is only on NixOS this seems to happen, both my laptop and PC do this.

• Yes I have put it into pairing mode, it shows up in discovery on my phone

• The controller works perfectly when wired

• Every other Bluetooth device works with no issues

I feel like I'm missing a driver or something but no idea what, can anyone help?

I found no documentation on how to do this but found this option in the home-manager source code that I might not be using correctly:

home-manager.users.my_username.xfconf = {
  enable = true;
  settings."xfce4-keyboard-shortcuts" = {
    "<Super>space" = "rofi -show drun";
    "<Super>space" = "rofi -show drun";
  };
};

Any ideas?

Here is my full configuration.nix file for full context if that helps. I just started with Nix and NixOS this week so I the config is a bit haphazard at the moment.

When I run nixos-rebuild switch, i get this:

trace: warning: optionsDocBook is deprecated since 23.11 and will be removed in 24.05

I’m running 23.11 with flakes

Disclaimer. I'm doing it anyway.

Long time hacker, and ambi-os user. Latest sexyness is my new macbook. After getting everything setup the way I want it, I start seeing buzz for Nix and got excited, but also bummed out that I didn't start from scratch.

I like new stuff, figuring it out and solving problems, but I also hate broken and unstable stuff. Doubly so when you go to use something you spent time setting up and it fails. Triply on having to switch your daily driver or setup any new system with all of your crazy custom setup.

• How much pain will I suffer trying to replace brew with nixpkg?
• Currently I use podman to build containers, should i switch to nix?
• I use whatever virtual environment is appropriate for the task. Venv, etc. Seems like nix can do a better job?
• What's the experience like with VSCode?

I am most excited at the prospect of using home-manager. The 'idea' of portability for my profile is pretty nice. I'd like to see it work across osx/win/linux and all the things be the same up to my browser and maybe some other cross-platform common things.

Don't roast me for not being hyper-specific here. I am not an uber-dev. I'd say I lean more into security and dev-ops. Happy to elaborate on anything.

I really want to hear others' experiences. I see the upside and, like I said, I'm going to take on the challenge anyway, but will I end up regretting it?

I'm new to nix, but I really went full beans on it: installed NixOS on my daily and I'm using nix-shell for some projects and yesterday I learned how nix docker images work.

I was actively avoiding flakes because I try never to use unstable/experimental features until they are stabilised so I can rely on them.

Thing is, they seem to be ubiquitous. Their reason to exist makes sense to me and I think I should learn how to use them to fully take advantage of the ecosystem.

My question: is it fairly safe to assume nix flakes won't suddenly break on me? is there any known roadmap to flakes stabilisation?