sandro

jwildeboer, 23 hours ago (edited 22 hours ago) to opensource

You know why I like @forgejo so much? I just did a "fly-by" patch on the documentation because I was annoyed with how complicated that one page was written. So I forked the repo, cleaned up that page and submitted a Pull Request. And guess what? No discussions, no back and forth, it just got merged! Now THAT is how you attract new contributors to your Open Source project. Thank you! My first contribution!

https://codeberg.org/forgejo/docs/commit/784e395e977c5a3d0ca6892501f7216939f3b955

#Forgejo #OpenSource #MergeFast #FirstContribution #FeelsGood

chrism, 1 day ago to NixOS

Report on NixOS Governance Discussions

https://chrismcdonough.substack.com/p/report-on-nixos-governance-discussions

#nix #nixos

squirrelroad, 6 days ago to NixOS

why is there https://lix.systems and https://aux.computer ?
Why not just merge them together ? #nix #nixos

zperk13, 6 days ago to NixOS

Trying out #NixOS

I am getting very annoyed with the way it just imports everything

There's a reason we don't do "using namespace" or "use library::*" or "from library import *".

Ok I see a function here. Is it built in or imported? I have no idea.

Or if you somehow know it's not builtin, ok, but which of the 20 imported things is it from?

xenya52, 6 days ago to NixOS German

Für mich persönlich ist #nixos schwer verständlich…

jbzfn, 7 days ago to NixOS

:owi: Lix, a community run fork of CppNix and an implementation of the Nix language
➥ @lix_project

「 Lix is developed by a diverse group of users – and accordingly is committed to providing a space that’s safe for users and developers typically underrepresented in technical projects. We take moderation seriously, and are committed to preventing bad actors from driving out marginalized groups 」

https://lix.systems/

#lix #nix #nixos #opensource

mir, 7 days ago to random

NixOS use lisp for config files [search]

sandro, 10 days ago to NixOS

If you are testing all the experimental features, you also need to create PRs from time to time.
https://github.com/NixOS/hydra/pull/1377 fixes .doi resolution in hydra on the latest version.

#NixOS

baer, 10 days ago to NixOS

can someone help me with what i should expect from the
services.xserver.virtualScreen option.
From the source code I gather that it just appends

"Virtual ${toString cfg.virtualScreen.x} ${toString cfg.virtualScreen.y}"}

to the monitor section
but what does that do? I don't know enough about x11 and the docs are not really helping me...
thanks
#xorg #nixos

tcurdt, 11 days ago to NixOS

After using NixOS, the whole container ecosystem feels like holding it wrong.

I can no longer un-see it 🫣
I am doomed.

#nixos #docker #container

publicvoit, 14 days ago to ubuntu

I AM SO DISAPPOINTED WITH UBUNTU 24.04 😡
https://news.itsfoss.com/ubuntu-24-04-disappointment/

I'm so glad that I got rid of #Ubuntu (actually #Xubuntu) and #snap.

Now, I need to get rid of #NixOS as well, despite having invested (too) much effort. 😞

#Debian is my true and only safe heaven, as it seems.

jakehamilton, 14 days ago to NixOS

I like #Nix, I do not like what has happened to it. #NixOS is an incredible technology and it deserves better. Nobody else has started the process so I guess I have to be the one to do it. We are forking. I would rather try and fail alongside all the people who love Nix but were pushed away from the project than give up.

https://aux.computer/

18+ hexa, 14 days ago to NixOS

What a week, huh? #nixos

pimeys, 14 days ago to NixOS

Thank you for the TPM2 #NixOS article @jnsgruk. I decided to give it a go last weekend, and it was a bit longer process than 10 minutes. For anybody who struggle to get rid of the password prompt for the LUKS volume, this setting is essential:

boot.initrd.systemd.enable = true;

The initrd must have systemd installed, so the settings defined with systemd-cryptenroll are available during the boot. Alternative way is to use Clevis to encrypt the LUKS password using the TPM module, and invoke it during boot. This is not super complex either, but I kind of like the systemd approach more.

Also the article didn’t mention much about the different PCR ids you can use with TPM. These define the system state when a secret key can be accessed from the TPM module. If any of the policies trigger, the TPM module will not output any secrets and the user needs to enter the LUKS password. The article uses three policies:

• 0: firmware updates
• 2: extended ROMs from pluggable hardware (e.g. USB)
• 7: secure boot disabled, or firmware certificates update

Additionally, one policy is needed to ensure an attacker cannot boot the system to a single user mode from the bootloader:

• 12: kernel config change, e.g. changing the boot parameters.

It is important to wipe the old slots with systemd-cryptenroll when changing the PCRs. Changing them is additional, and doesn’t modify the existing policies.

Edit: and do not wipe the password slot! This will render your disk unbootable.

sandro, 15 days ago to random

It is always DNS 😅

One of the domains I manage has flaky results with Quad 9 because one of the nameservers it uses has a wrong glue record set for its own nameservers.

astrid, 15 days ago to random

what nix fork projects currently exist, im curious

danvolchek, 15 days ago to linux

Declarative operating systems sound really neat - I'd love to be able to configure my system + applications through files.

Unfortunately, I'm not interested in Nix because of how Dolstra is handling the current community outcry. Ideally I'd like to stay on Arch, too.

Does anyone know what the current options are? Are any of them as maintained/supported/documented as Arch itself?

Arch has been great, btw!

#arch #archlinux #nix #nixos #nixpkgs #plasma #kde #linux

soupglasses, 15 days ago to NixOS

I think the most hurtful thing with seeing #NixOS in flames and people leaving for other immutable distros is...

NixOS was strong for its module system, not so much its immutable nature.

The rapid development you could do, and test that locally, sewing together an entire fleet in a matter of hours, without much of a thought to the minor details was amazing.

Lets remember to take the NixOS module system with us.

ivan, 15 days ago to random

Maintaining software sometimes feels like rolling a rock up a hill for all eternity.

Other times, the rock is actually a pile of sand

mart_w, 20 days ago to php German

As fixes for the current #glibc and #php #vulnerability are not reliably available yet, keep in mind that a workaround exists for those of you who don’t need support for the ISO-2022-CN-EXT character set: https://rockylinux.org/news/glibc-vulnerability-april-2024/

This should be quite straightforward to apply on most machines – except those running #NixOS. If you do use NixOS, my solution might help you bridge the gap until the proper fix is upstream: https://git.brokentech.cloud/mart-w/nixos-workaround-cve-2024-2961

Thanks @hexa for pointing me in the right direction!