Paul Meyer
@katexochen.bsky.social
Security software engineer @ Edgeless Systems | committer, Go team @ #nixpkgs
#infosec #golang #Nix #NixOS #ReproducibleBuilds #ConfidentialComputing
#infosec #golang #Nix #NixOS #ReproducibleBuilds #ConfidentialComputing
Thanks to all the contributors, and a special shoutout to the release managers Leona Maroni and @thecomputerguy.bsky.social !
I will follow up with a thread focused on the Go ecosystem in some days, so stay tuned! [9/9]
I will follow up with a thread focused on the Go ecosystem in some days, so stay tuned! [9/9]
May 24, 2025 at 8:11 AM
Thanks to all the contributors, and a special shoutout to the release managers Leona Maroni and @thecomputerguy.bsky.social !
I will follow up with a thread focused on the Go ecosystem in some days, so stay tuned! [9/9]
I will follow up with a thread focused on the Go ecosystem in some days, so stay tuned! [9/9]
'substituteAll' and 'substituteAllFiles' have been deprecated in favor of 'replaceVars' and will be removed in the next release.
And I already posted about the improvements of 'lib.packagesFromDirectoryRecursive' being able to construct nested scopes.. [8/x]
And I already posted about the improvements of 'lib.packagesFromDirectoryRecursive' being able to construct nested scopes.. [8/x]
May 24, 2025 at 8:11 AM
'substituteAll' and 'substituteAllFiles' have been deprecated in favor of 'replaceVars' and will be removed in the next release.
And I already posted about the improvements of 'lib.packagesFromDirectoryRecursive' being able to construct nested scopes.. [8/x]
And I already posted about the improvements of 'lib.packagesFromDirectoryRecursive' being able to construct nested scopes.. [8/x]
On the #nixpkgs side of things, the 'no-broken-symlinks hook' was added to catch builds containing dangling or reflexive symlinks, as these are indicative of problems with packaging. The hook can be disabled by providing 'dontCheckForBrokenSymlinks = true;' as an argument to mkDerivation. [7/x]
May 24, 2025 at 8:11 AM
On the #nixpkgs side of things, the 'no-broken-symlinks hook' was added to catch builds containing dangling or reflexive symlinks, as these are indicative of problems with packaging. The hook can be disabled by providing 'dontCheckForBrokenSymlinks = true;' as an argument to mkDerivation. [7/x]
Finally, a NixOS module has been added for ncps, a Nix binary cache proxy service implemented in Go using go-nix. It's available as 'services.ncps.enable'. [6/x]
May 24, 2025 at 8:11 AM
Finally, a NixOS module has been added for ncps, a Nix binary cache proxy service implemented in Go using go-nix. It's available as 'services.ncps.enable'. [6/x]
To avoid delaying user logins unnecessarily the multi-user.target is no longer ordered after network-online.target. System services requiring a connection to start correctly must explicitly state so in their service configuration. [5/x]
May 24, 2025 at 8:11 AM
To avoid delaying user logins unnecessarily the multi-user.target is no longer ordered after network-online.target. System services requiring a connection to start correctly must explicitly state so in their service configuration. [5/x]
The 'nixos-generate-config' command now supports a optional '--flake' option, which will generate a flake.nix file alongside the configuration.nix and hardware-configuration.nix, providing an easy introduction into flake-based system configurations. [4/x]
May 24, 2025 at 8:11 AM
The 'nixos-generate-config' command now supports a optional '--flake' option, which will generate a flake.nix file alongside the configuration.nix and hardware-configuration.nix, providing an easy introduction into flake-based system configurations. [4/x]
Next, a 'nixos-rebuild build-image' sub-command has been added. It allows users to build platform-specific (disk) images from their NixOS configurations and works similar to the popular nix-community/nixos-generators project. See new section on image building in the NixOS manual. [3/x]
May 24, 2025 at 8:11 AM
Next, a 'nixos-rebuild build-image' sub-command has been added. It allows users to build platform-specific (disk) images from their NixOS configurations and works similar to the popular nix-community/nixos-generators project. See new section on image building in the NixOS manual. [3/x]
or by adding 'nixos-rebuild-ng' to your 'environment.systemPackages' (for side-by-side installation). It is expected that the next major version of NixOS (25.11) will ship with nixos-rebuild-ng by default. [2/x]
May 24, 2025 at 8:11 AM
or by adding 'nixos-rebuild-ng' to your 'environment.systemPackages' (for side-by-side installation). It is expected that the next major version of NixOS (25.11) will ship with nixos-rebuild-ng by default. [2/x]
Watch the full thing here:
Fireside Chat with Kelsey Hightower:
An Outsider’s Look at Nix
youtu.be/caxcawUCSZ8
#Nix #NixOS #Kubernetes #OpenSource
Fireside Chat with Kelsey Hightower:
An Outsider’s Look at Nix
youtu.be/caxcawUCSZ8
#Nix #NixOS #Kubernetes #OpenSource
Fireside Chat with Kelsey Hightower: An Outsider’s Look at Nix
YouTube video by Southern California Linux Expo
youtu.be
April 23, 2025 at 6:13 AM
Watch the full thing here:
Fireside Chat with Kelsey Hightower:
An Outsider’s Look at Nix
youtu.be/caxcawUCSZ8
#Nix #NixOS #Kubernetes #OpenSource
Fireside Chat with Kelsey Hightower:
An Outsider’s Look at Nix
youtu.be/caxcawUCSZ8
#Nix #NixOS #Kubernetes #OpenSource
Some interesting takes by Kelsey on the Nix project at PlanetNix 2025. I hope we can get to a point where commercial and non-commercial interests can co-exist in the project.
April 23, 2025 at 6:13 AM
Some interesting takes by Kelsey on the Nix project at PlanetNix 2025. I hope we can get to a point where commercial and non-commercial interests can co-exist in the project.