gomp

I'm playing around with nixos in a few VMs and at some point I realized I must have lost the swap configuration in one of my refactorings.

To my surprise, however, the VMs do use the swap partitions I had set up.

There is no mention on "swap" in my nix configuration (or in fstab) and no .swap units in /etc/systemd/system; I do however have a swap partition labelled "swap".

Turns out there is a systemd unit (albeit not a corresponding file) that sets up swap:

[root@vm1:~]# free -hw
               total        used        free      shared     buffers       cache   available
Mem:           2.8Gi       664Mi       955Mi       4.0Mi       3.0Mi       1.3Gi       2.0Gi
Swap:          3.7Gi          0B       3.7Gi

[root@vm1:~]# systemctl list-dependencies swap.target 
swap.target
● └─dev-disk-by\x2ddiskseq-1\x2dpart3.swap

I'm wondering where the unit comes from? Can I rely on this and never configure swap ever again?

Is there an extension that warns you when you are wasting time reading ai-generated crap?

Case in point, I was reading an article that claimed to compare kubernetes distros and wasted some good minutes before realizing it was full of crap.

I have an option that must be left with the default value when a certain flag (another option) is false.

I didn't find any example (let alone documentation) on how to implement this, so I've come up with two ideas:

option-that-errors-out-if-set-when-flag-is-false =
let
  default = if config.some-flag
          then "some default value for when flag is true"
          else "value that should not be changed when flag is false";
in lib.mkOption {
  type = lib.types.str;
  inherit default;
  apply = v: assert assertMsg (config.some-flag || v == default) "Do not set this option unless 'flag' is true";
          v;
};

option-that-ignores-value-when-flag-is-false =
let
  default = if config.some-flag
          then "some default value for when flag is true"
          else "value that should not be changed when flag is false";
in lib.mkOption {
  type = lib.types.str;
  inherit default;
  apply = v: if config.some-flag then v else default;
};

Which one do you think is "best" (cleaner, more idiomatic, etc..)?

Is apply the "right" place to validate options? Should I make a custom type instead? Should I approach this in some different way?

I'd like to set a "global" option from within a submodule, but the config I return is grafted into the "global" under the submodule "path" rather than at the root... any idea if it's somehow possible?

Er... I guess I didn't make a great job at explaining what I want to do... Some code will hopefully help.

In mymodule.nix I have:

{ lib, config, ... }: {

  options.myoption = lib.mkOption {
      type = lib.types.attrsOf (lib.types.submodule (
        import ./mysubmodule.nix
      ));
  };

}

and mysubmodule.nix is:

{ name, lib, config, ... }: {

options.mysubmoduleoption = {
  type = lib.types.str;
};

config = {
  # here I want to set a "global" option, say "systemd.mounts"
  # based on the value of "mymodule.name.mysubmoduleoption"
  # but it seems I can only set values under "mymodule.name" 
};

}

I'm trying to debug a module I'm writing with builtins.trace, but it's being more complicated than I anticipated.

Let's say I have a module:

{ config, lib, pkgs, modulesPath, ... }:

{

  config =
  let
    some-list = lib.attrsets.mapAttrsToList (n: v: {
        some-attr = "${n} ${v}";
    }) { n1 = "v1"; n2 = "v2"; };
  in {
    users.mutableUsers = builtins.trace (some-list) false;
  };

}

This will print

trace: [ <code> <code> ]

because builtins.trace (for whatever reason?) evaluates its first argument only shallowly.

Changing the trace expression to:

builtins.trace (builtins.toJSON some-list) false;

helps a lot, but as soon as one tries to print a long list or a structure with some complexity the output is completely unreadable, and it's not like it can easily be piped into jq (I mean... &| grep ^trace: | sed 's/trace: //' | jq works*, but there must be a "better" way?)

(*) in fish shell, IDK about bash

edit: It's not like I specifically want JSON output: any format will do (ideally, nix would be nice)

I need to generate a number of scripts in my configuration and make them into a single package (for ease of reference, because there are a lot of them).

So far, I'm creating the scripts via writeShellApplication, making them into packages via an overlay, merging them with buildEnv and then adding the resulting package to `systemPackages.

Something like:

nixpkgs.overlays = [ (final: prev: {
  my-hello-1 = final.writeShellApplication {
    name = "my-hello-1-script";
    text = "echo my hello wolrd 1";
  };
  my-hello-2 = final.writeShellApplication {
    name = "my-hello-2-script";
    text = "echo my hello wolrd 1";
  };
  my-hello-scripts = final.buildEnv {
    name = "my-hello-scripts";
    paths = [ final.my-hello-1 final.my-hello-2 ];
  };
}) ];

environment.systemPackages = [ pkgs.my-hello-scripts ];

This works, but I don't really need the my-hello-1 and my-hello-2 packages... can you think of a way to make do without needing them?

I'm migrating my NAS to nixos, and I got to the point of setting up my restic backups.

services.restic.backups is great, but -- on top of the systemd timers/services -- I also want some helper scripts (eg. one to easily mount the backups, stuff that with ansible I currently generate into /usr/local/sbin).

These scripts would be entirely generated from the services.restic.backups config and would reference sops secrets also from configuration.nix, so... I don't think it would make sense to make a package out of them?

What should I use to make these scripts? Should I use nixpkgs.writeShellApplication and then alter the PATH?

Since I need to run a few apps that won't work on LineageOS (because dumb developer security stance), I need to buy a "regular" android device that includes all the google "services".

Ideally, it should be a cheap second-hand phone that will still receive security updates for a long time.

Are there bands that are better (well, "less worse") than others from a privacy perspective?