We present a real-world use-case of NixOS to manage an highly distributed fleet of servers & VMs in low-resource settings used for mission critical applications. After a brief overview of who MSF is and what we do, we'll dive into the technical details of how we manage our fleet with NixOS and the unique strengths that NixOS brings to the table.

Hi everyone I'm currently in the process to move one of my RPI4s from RaspberryOS to NixOS and I'm struggling to setup one of the services.

On the RPI I have a python script that is creating offsite backups via a Wireguard tunnel:

• Open the wg tunnel
• mount and encrypt the external disk on the offsite RPI
• mount the source from my nas
• start the restic-rest server container offsite
• trigger the restic command to backup to the restic repo

allthough it's a bit overkill it works quite well for a few years now. Since most of the tasks are actually outsourced to systemd units those where quite easy to setup in nixOS. What I'm struggling is, how can I create a virtual python env to run the python script. All the guides I found for managing python dependencies are usually for development and use nix shell

My current workaround is, that I copy the script and requirements.txt from my script repo and create the venv manually. This does work, but I feel there is a better way, maybe the

Meaning, VMs with Xen and hardware virtualization support

The system VM/Qube for USBs is isolated, the Network VM/Qube is separate and isolated, the windowing system and OS housing the qubes is isolated....

And being able to configure all of those with Nix would be a wet dream come true

cross-posted from: https://discuss.tchncs.de/post/22577290

Self-hosted photo and video management solution

cross-posted from: https://discuss.tchncs.de/post/22480304

cross-posted from: https://discuss.tchncs.de/post/22424459

cross-posted from: https://discuss.tchncs.de/post/22424275

NixOS Facter aims to be an alternative to projects such as NixOS Hardware and nixos-generate-config. It solves the problem of bootstrapping NixOS configurations by deferring decisions about hardware and other aspects of the target platform to NixOS modules.

cross-posted from: https://infosec.pub/post/15780978

Am I out of touch?

No, it's the forward-thinking generation of software engineers that want elegant, reliable, declarative systems that are wrong.

Had a lot of headaches the last week or two trying to optimize star citizen as well as fix a vulkan RHI bug which was affecting unreal engine games.

Apparently rolling release schedules (like NixOS23.05, 23.11, 24.05...) are better for servers since they're less prone to change, where as nightlies like for the unstable Branch are better for gaming since those latest drivers are likely the current ones for a newly released game

This idea is inspired by nixos-mailserver. It was so easy to spin up the mailserver after changing some DNS records and putting in some settings. I thought it might be a good idea to do the same for services that need public, decentralized infrastructure to support. Some ideas include

• Tor relay, or exit node
• Encrypted messaging nodes. It looks like SimpleX chat relies on SMP servers to relay communication
• Crypto miners (I know, I know, but you understand how it fits the "public contribution" usecase)
• Search engines like searxng (I currently use a public instance)
• Libredirect services, like proxy clients for social media

Maybe federated services, but those require more than just the software running on the public internet. Those require moderation and long term maintenance. Ideally, the services in this config would be ephemeral.

Does this sound like a good idea? Would you spin one of these up on a $10 VPS? I understand that this is the NixOS community, not necessarily the p

Went through the pain of packaging a python project on Nixos. Here's some issues I hit, and how I got lucky resolving them. I feel the most reliable way of doing this in the future is to use docker and just imperatively build.

Here's how I got web drivers, AI dependencies, gpu dependencies, and an api dependency bundled together into an ephemeral shell for python development, on NixOS 23.11

0. Enable Flakes
1. Start with setting up poetry2nix
2. Get the template flake by running

nix flake init --template github:nix-community/poetry2nix

3. in the flake.nix, sometimes changing projectDir = self to projectDir = ./. fixed some issues
4. in your terminal, run nix develop . to build the poetry app with python packages described in pyproject.toml
5. By default, just poetry and python latest