Managing 30+ machines with NixOS in a single unified config, currently sitting at a total of around 17k lines of nix code.

In other words, I have put a lot of time into this. It was a very steep learning curve, but it’s paid for itself multiple times over by now.

For “newcomers”, my observations can be boiled down to this: if you only manage one machine, it’s not worth it. Maaaaaybe give home-manager a try and see if you like it.

Situation is probably different with things like Silverblue (IMO throwing those kinds of distros in with Guix and NixOS is a bit misleading - very different philosophy and user experience), but I can only talk about Nix here.

With Nix, the real benefit comes once you handle multiple machines. Identical or similar configurations get combined or parametrized. Config values set for Host A can be reused and decisions be made automatically based on it in Host B, for example:

• all hosts know my SSH pub keys from first boot, without ever having to configure anything in any of them
• my NAS IP is set once, all hosts requiring NAS access just reuse it implicitly
• creating new proxmox VMs just means adding, on average, 10 lines of nix config (saying: your ID will be this, you will run that service) and a single command, because the heavy lifting and configuring has already been done, once -…

Are we talking permanent background tracking? Or sending a message “hey, I’m here”?

At this point, package management is the main differentiating factor between distro (families). Personally, I’m vehemently opposed to erasing those differences.

The “just use flatpak!” crowd is kind of correct when we’re talking solely about Linux newcomers, but if you are at all comfortable with light troubleshooting if/when something breaks, each package manager has something unique und useful to offer. Pacman and the AUR a a good example, but personally, you can wring nixpkgs Fron my cold dead hands.

And so you will never get people to agree on one “standard” way of packaging, because doing your own thing is kind of the spirit of open source software.

But even more importantly, this should not matter to developers. It’s not really their job to package the software, for reasons including that it’s just not reasonable to expect them to cater to all package managers. Let distro maintainers take care of that.

I have been listening to SO many audiobooks since getting Audiobookshelve ❤️

Now if Eelco Doolstra wasn’t fucking around, we could have had a super LTS NixOS - but NOOOO.

My exact thoughts lol

Yeaaaaaaahh the auth thing is really, really complicated to selfhost. There’s a docker project out there that apparently makes it possible, but… No idea. FOr the time being I still use FF’s auth - that’s still an improvement though: Mozilla knows that I am logging in / from what kind of device, but not the content or amount of what I sync.

Yep, this is the answer. Set it, forget it, accidentally have your hard drive destroyed irrecoverably, and re-set everything up to the exact working state you were used to in under 15min.

It’s a fair bit of initial setup and learning, but afterwards, the word “stable” takes on a new meaning.

Probably… I mean, I’d at least start it in a systemd service, but sure, you don’t need a domain.

But of course your mobile won’t be able to access that domain outside your network

No idea - this is my firefox sync NixOS config, in its entirety:

  age.secrets.ffsync.rekeyFile = secrets.ffsync;
  services.firefox-syncserver = {
    enable = true;
    secrets = config.age.secrets.ffsync.path;
    settings.hostname = "localhost";

    singleNode = {
      enable = true;
      hostname = "0.0.0.0";
      capacity = 2;
    };
  };

You can self-host Firefox sync

Hard to put my lips finger on the reason, though

Now judge it by how good the end result looks

But also… The fuck?

You can also selfhost sync!

You can also just selfhost Firefox sync!

Fuck off troll.

Literally every single German old enough to remember life in the DDR that I know (which aren’t exactly few - I am German) recounts that time with terror.

In my entire life, I have not met a single person alive back then who wants to go back to the DDR. There’s no notalgia, only painful memories.

Yep, that’s right. In theory you could share the encrypted DB with the public and not degrade security. (Still don’t do that though…)

A high-quality laptop without any branding.

I’m currently using a 9-year-old, woefully underpowered laptop made by Xiaomi. Full aluminium unibody, and NO logo. Not printed on, not etched in, not glistening only in the right light. NO LOGO.

I’m not a billboard. I’m not responsible for your brand recognition. Ironically though, far more people have come up to me and asked “hey, what laptop is that” than ever would have cared if there was a logo on it.

It also just looks and feels fantastic, all-aluminium-no-logo just looks so sleek.

So yeah. I will not be upgrading until I find another laptop of the same build quality, with no logo. Tuxedo has that option for most of their laptops, but for some reason not for their only current full-aluminium body -.-

Oh, and don’t come at me with stickers.

Dang, oof

Might even be worth checking if https://github.com/NixOS/nixos-hardware has a straight-up fix for the issue.

😭

I usually do, I promise. Anyways, that was 6 years ago. We’re stil going strong, making the most of life in this universe :)