Excerpt #
As I’ve been experiencing (what feels like circles) Skarabox, I noticed that some friends would be dropping hints here and there with how to use Nix more effeciently; those days of just doing some cowboy building was driving me insane, constantly asking myself if there was a more efficient way and feeling the scope creep getting to me. That’s what the Testing and Building sections are meant to capture, this post is to capture my first experience using these tools.
Tips and Tricks #
Where is this Referenced? #
I was running into this issue where I couldn’t find a source of a configuration file, this is especially true when it comes to dealing with multiple flakes.
Context #
I was receiving this informational output when evaluating an flake:
[USER@MACHINE:~/<FLAKE-LOCATION>] nix flake check
evaluation warning: The user '<X>' has multiple of the options
`initialHashedPassword`, `hashedPassword`, `initialPassword`, `password`
& `hashedPasswordFile` set to a non-null value.
If multiple of these password options are set at the same time then a
specific order of precedence is followed, which can lead to surprising
results. The order of precedence differs depending on whether the
{option}`users.mutableUsers` option is set.
If the option {option}`users.mutableUsers` is
`false`, then the order of precedence is as shown
below, where values on the left are overridden by values on the right:
{option}`initialHashedPassword` -> {option}`hashedPassword` -> {option}`initialPassword` -> {option}`password` -> {option}`hashedPasswordFile`
The values of these options are:
* users.users."<X>".hashedPassword: "..."
* users.users."<X>".hashedPasswordFile: "/run/secrets-for-users/<X>_PASSWORD"
* users.users."<X>".password: null
Command #
[USER@MACHINE:~/<FLAKE-LOCATION>]$ nix eval .#nixosConfigurations.<X>.options.users.users.files
[
"/nix/store/fa7l72wmxbl27wqqss48pipssmmw1bx9-source/installNixOs/configuration.nix"
"/nix/store/0r82ixlfyda8wb3i15mq636sn8kxzqgw-source/user/<X>.nix"
"/nix/store/fylgvww2kah1h4lk79c6f1izz3zl9asi-source/hosts/<MACHINE>/hostProfile.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/config/users-groups.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/system/boot/timesyncd.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/system/boot/systemd/user.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/system/boot/systemd/oomd.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/system/boot/systemd/coredump.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/system/boot/systemd.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/system/nscd.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/system/nix-daemon.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/system/dbus.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/security/clamav.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/networking/ssh/sshd.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/services/misc/nix-ssh-serve.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/security/polkit.nix"
"/nix/store/d1n5ak0xa4d17jld7cpg96a353hiyyvz-source/nixos/modules/config/users-groups.nix"
]
What Secrets you have? #
Ever want to know what secrets get evaluated?
Hint: Recommneded to use NOM.
Context #
This was just shared, I never really needed to use; would be good to add as a requirement for testing system configurations.
Command #
[USER@MACHINE:~/<FLAKE-LOCATION>]$ nix eval .#nixosConfigurations.<X>.config.system.build.sops-nix-manifest
«derivation /nix/store/5ykaxzs7zpnkiwjzrr5z59b4p91yi1y6-manifest.json.drv»
Session 1: Past Experience #
Current Date: March 17th, 2025
For the past three/four years, I’ve been approaching NixOS like a caveman; focused on the Systems Configuration aspect. I haven’t been ready to make the jump to learn about Nix/NixOS in other aspects becase I’ve wanted those systems that utilize the power of Nix. Nix isn’t the everything but is the answer that I’ve been looking for, especially for the longest time. With this, it’s not new to me with building configurations; but it is pretty new to me when it comes to testing configurations. While I never paid much attention, every configuration I would build was being tested.