Re: [Nix-dev] why has each revision / generation not a own configuration.nix
On 17-05-16 04:43pm, zimbatm wrote: > How do you find back which git revision was used to produce a given NixOS > profile? In my case it’s built by a hydra and the system name contains a hash. > > Maybe nixos-rebuild should be extended to include that in the revision > name, and if the git repo is dirty. You need to include all used paths. So it’s probably best to write out a file like: - : source: /home/philip/vuizvui type: git git: dirty: yes rev: 32847298abc hash: type: sha256 hash: deadbeef - : source: https://cache.nixos.org/…/nixpkgs.tar.gz type: tgz tgz: … hash: … - system: source: user@machine type: arg arg: type: string val: "x86_64-linux" Something like that. YAML because I had to write it by hand. -- Proudly written in Mutt with Vim on NixOS. Q: Why is this email five sentences or less? A: http://five.sentenc.es May take up to five days to read your message. If it’s urgent, call me. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
Op 16 mei 2017 18:43 schreef "zimbatm" : How do you find back which git revision was used to produce a given NixOS profile? At LumiGuide I use the following module for that: { config, lib, ... }: with lib; { options.system = { lumiRevision = mkOption { internal = true; type = types.str; default = lib.commitIdFromGitRepo ; description = '' The git revision of the lumi repository that was used to configure this machine. ''; }; }; config = { environment.etc."lumi-revision".text = config.system.lumiRevision; system.nixosLabel = "nixos-" + config.system.nixosVersion + "_lumi-" + config.system.lumiRevision; }; } On Sat, 13 May 2017, 14:34 Profpatsch, wrote: > On 17-05-13 12:25pm, Layus wrote: > > On 13/05/17 12:14, Leo Gaspard wrote: > > See the previous ML discussion on that topic where we proposed to keep it > > opt-in, but with an apt-out config line in the default configuration.nix. > > This may already be implemented. > > The ones who don’t keep their sources under version control > deserve their eventual fate. > > Seriously, copying & pasting default templates around > is not a good idea. > I haven’t seen a “default” configuration.nix (whatever that is) > in more than 1.5 years. > > We already have the firewall enabled by default, > even that has been a major discussion, > because for everything that is implicit > you have to remember to turn it off. > > -- > Proudly written in Mutt with Vim on NixOS. > Q: Why is this email five sentences or less? > A: http://five.sentenc.es > May take up to five days to read your message. If it’s urgent, call me. > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
On 16/05/17 17:43, zimbatm wrote: > How do you find back which git revision was used to produce a given > NixOS profile? > > Maybe nixos-rebuild should be extended to include that in the revision > name, and if the git repo is dirty. I'm planning to implement the reverse approach on my system: have some sort of rebuild hook commit the state of the repo to a separate branch and include useful information (nixpkgs version, derivation hash of the resulting system) in the commit message. This allows greater reproducibility and provides far more helpful information (a snapshot of the full config) than simply "repo was dirty". I'll reply if/when I get this working. Linus ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
How do you find back which git revision was used to produce a given NixOS profile? Maybe nixos-rebuild should be extended to include that in the revision name, and if the git repo is dirty. On Sat, 13 May 2017, 14:34 Profpatsch, wrote: > On 17-05-13 12:25pm, Layus wrote: > > On 13/05/17 12:14, Leo Gaspard wrote: > > See the previous ML discussion on that topic where we proposed to keep it > > opt-in, but with an apt-out config line in the default configuration.nix. > > This may already be implemented. > > The ones who don’t keep their sources under version control > deserve their eventual fate. > > Seriously, copying & pasting default templates around > is not a good idea. > I haven’t seen a “default” configuration.nix (whatever that is) > in more than 1.5 years. > > We already have the firewall enabled by default, > even that has been a major discussion, > because for everything that is implicit > you have to remember to turn it off. > > -- > Proudly written in Mutt with Vim on NixOS. > Q: Why is this email five sentences or less? > A: http://five.sentenc.es > May take up to five days to read your message. If it’s urgent, call me. > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
On 17-05-13 12:25pm, Layus wrote: > On 13/05/17 12:14, Leo Gaspard wrote: > See the previous ML discussion on that topic where we proposed to keep it > opt-in, but with an apt-out config line in the default configuration.nix. > This may already be implemented. The ones who don’t keep their sources under version control deserve their eventual fate. Seriously, copying & pasting default templates around is not a good idea. I haven’t seen a “default” configuration.nix (whatever that is) in more than 1.5 years. We already have the firewall enabled by default, even that has been a major discussion, because for everything that is implicit you have to remember to turn it off. -- Proudly written in Mutt with Vim on NixOS. Q: Why is this email five sentences or less? A: http://five.sentenc.es May take up to five days to read your message. If it’s urgent, call me. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
On 13/05/17 12:14, Leo Gaspard wrote: On 05/13/2017 05:28 AM, Stefan Huchler wrote: [...] Do you know the reason why it defaults to false, cant think of any disadvantage of that functionality. I mean nixos eats harddrive like nearly no other distro. So saving space cant be the reason. Some sort of privacy concern? With https://github.com/NixOS/nix/issues/8 solved, there will be possibility to have password in the configuration that won't be world-readable. In this context, copying the configuration.nix would make world-readable again, which in case of passwords can hurt security a lot. At least that's the only reason I can think of. HTH, Leo The way this option is implemented makes it impossible to activate by default for hydra test builds. In most autamated setups like that, the bare module system is used, and there is no configuration.nix involved. Jry to temporarilly move configuration.nix somewhere else, and you will see that nixos-rebuild fails verbosely :-). See the previous ML discussion on that topic where we proposed to keep it opt-in, but with an apt-out config line in the default configuration.nix. This may already be implemented. Regards, -- Layus. ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
On 05/13/2017 05:28 AM, Stefan Huchler wrote: > [...] > Do you know the reason why it defaults to false, cant think of any > disadvantage of that functionality. I mean nixos eats harddrive like > nearly no other distro. So saving space cant be the reason. > > Some sort of privacy concern? With https://github.com/NixOS/nix/issues/8 solved, there will be possibility to have password in the configuration that won't be world-readable. In this context, copying the configuration.nix would make world-readable again, which in case of passwords can hurt security a lot. At least that's the only reason I can think of. HTH, Leo signature.asc Description: OpenPGP digital signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
Anotther solution shown in https://mailman.science.uu.nl/pipermail/nix-dev/2017-April/023403.html which has an advantage of copying related modules (assuming they belong to same folder as configuration.nix) 2017-05-13 6:28 GMT+03:00 Stefan Huchler : > Tomasz Czyż writes: > > > https://nixos.org/nixos/options.html#configuration+copy > > Thanks nice, could not belive that I am the first "genieus" that thought > on that. > > Do you know the reason why it defaults to false, cant think of any > disadvantage of that functionality. I mean nixos eats harddrive like > nearly no other distro. So saving space cant be the reason. > > Some sort of privacy concern? > > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
Tomasz Czyż writes: > https://nixos.org/nixos/options.html#configuration+copy Thanks nice, could not belive that I am the first "genieus" that thought on that. Do you know the reason why it defaults to false, cant think of any disadvantage of that functionality. I mean nixos eats harddrive like nearly no other distro. So saving space cant be the reason. Some sort of privacy concern? ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] why has each revision / generation not a own configuration.nix
https://nixos.org/nixos/options.html#configuration+copy 2017-05-12 22:57 GMT+01:00 Stefan Huchler : > Hi, > > I find it always strange, that when I revert back or boot a older > version of nixos, the configuration file has no version that reflected > that version. So I have to seperatly have to backup the > configuration.nix file. > > Could there not be at least a backup of the config used in that > generation somewhere (or is there somewhere one) when you build a > generation? > > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > https://mailman.science.uu.nl/mailman/listinfo/nix-dev > -- Tomasz Czyż ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] why has each revision / generation not a own configuration.nix
Hi, I find it always strange, that when I revert back or boot a older version of nixos, the configuration file has no version that reflected that version. So I have to seperatly have to backup the configuration.nix file. Could there not be at least a backup of the config used in that generation somewhere (or is there somewhere one) when you build a generation? ___ nix-dev mailing list nix-dev@lists.science.uu.nl https://mailman.science.uu.nl/mailman/listinfo/nix-dev