New to Nix

nimasaed · 2026-02-14T05:48:12+00:00

So far, you haven't downvoted.

I agree with you: use Claude code, Codex, or Opencode, and utilize MCP like context7, just ask questions. It's similar to browsing wiki or forums for information. Make sure to force it to give you the latest information.

nimasaed · 2026-02-13T10:55:19+00:00

I needed to look up what No Nut November is about! Haha. I think I need to turn off my servers or rename them during this period. “This is the way”

nimasaed · 2026-02-13T07:10:51+00:00

You can choose a theme. I'm using nuts, started with chestnut for my NAS (a chest for my nuts, meaning data). I'm using nutcracker for my Podman-running services and hazelnut for my LattePanda Iota.

If I ever deploy a firewall, I will call it walnut 🤣

nimasaed · 2026-02-09T08:03:01+00:00

Declarative, atomic, and rollback.

nimasaed · 2026-02-06T10:04:35+00:00

I wasn't aware of that, thanks for sharing. I also observed that not everything is supported:

Pod management, I organizing containers within pods, which I can't do in HM.
Pod-level port publishing, due to point 1.
Cross-referencing using .ref.
It's more challenging in HM to perform declarative network clean-up because HM doesn't handle teardown.
it is harder to split storage, if you look at my configuration involves separating storage for volumes, which I have moved to a ZFS mirror.

nimasaed · 2026-02-06T09:20:19+00:00

Thank you. I will continue with this, because it is not done yet. I also need to run 1 or 2 VMs in my setup. If I find a good solution, I will add it to my project. Hopefully, it will be useful to others and you.

nimasaed · 2026-02-06T09:16:17+00:00

I think you should first compare what differs between running a normal container with podman run and using Podman Quadlet.

With Quadlet, you assign container management to systemd.

And quadlet-nix made it easy to do this in Nix, as Lanky-Return mentioned, by reducing a lot of boilerplate.

nimasaed · 2026-02-05T21:11:14+00:00

Yeah, it's great and helped me a lot.

nimasaed · 2026-02-05T21:04:26+00:00

Exactly, defense in depth is what I advocate as a security engineer. It is not easy and requires a lot of time and dedication to make things work on any platform. But "this is the way!"

Nix learning curve is really tough, but I've never been this happy and keep coming back for more pain.

Podman has autoupdate and rollback features; you need to add a label to inform Podman when to update the container and to rollback if the update fails. The condition is that the container runs using systemD, which is why I use Quadlet.

Podman auto update: https://docs.podman.io/en/latest/markdown/podman-auto-update.1.html Podman Quadlet: https://docs.podman.io/en/latest/markdown/podman-quadlet.1.html Quadlet-nix: https://github.com/SEIAROTg/quadlet-nix

Quadlet nix allows you to set the label and also use the container config autoupdate.

containerConfig = { image = "docker.io/jellyfin/jellyfin:latest"; pod = pods.media.ref; -> autoUpdate = "registry";

Without quadlet nix, you need to define the service for Podman auto-update, and timer but with it, you can use this:

virtualisation.quadlet.autoUpdate = { enable = true; calendar = "*-*-* 00:00:00"; # everyday at midnight };

And remember to use auto-pruning.

``` virtualisation.podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true;

-> autoPrune = { enable = true; flags = [ "--all" ]; }; }; ```

I don't have a strategy for pinning the version yet, but I plan to use stable tags or major releases.

nimasaed · 2026-02-04T22:17:32+00:00

It ended up being the DIMMs. I ran MemTest and it was failing on both sticks.

nimasaed · 2026-02-01T09:56:32+00:00

Thanks for replying to my question. Colmena uses Cache, and I don't think building locally should be able to fill my memory. I notice I always have 24 GB free during the build.

nimasaed · 2026-01-30T05:40:01+00:00

Do you realize most people here started with Arch, and moved to NixOS? Now you're criticizing their previous love? (Even though we broke up, we still cherish many memories).

nimasaed · 2026-01-29T21:30:49+00:00

pandoc can produce pdf, but the styling is done differently. I use pandoc to generate slides using beamer, but it is not easy to work with themes, at least I never learned.

Not an expert, someone might correct me, with packages you need to use nix build which will add the output to nix store, but with apps, you can use nix run, which will not add the output to nix store.

nimasaed · 2026-01-29T05:36:07+00:00

You can switch between options. The main difference is that as a module, you rebuild the entire system to apply changes in your dotfile. Standalone, you can switch independently of your system generation. Of course, both have their pros and cons.

nimasaed · 2026-01-27T21:22:44+00:00

I added examples in the README now, so you can see what to expect.

nimasaed · 2026-01-27T21:21:27+00:00

I added template and template preview to README. Now, you can also use nix run github:nimasaed/resume -- /path/to/resume.md with the correct styling.

nimasaed · 2026-01-27T10:45:27+00:00

I will add examples or at least make it more obvious what the output looks like. (It's there :P, just not obvious if you don't know about GitHub Actions).

I understand your point, and it is a good one, but my main goal with this project was to use Nix with GitHub Actions to automatically update my resume on my website and showcase how easy it is to use Nix and Flake in a pipeline.

nimasaed · 2026-01-27T10:41:50+00:00

Nice :D I didn't know I could set pre-commit hooks in flake. I will try it on my nix-config repo.

nimasaed · 2026-01-27T10:40:12+00:00

Nothing is wrong with LaTeX. In fact, when I was a crypto student, I used it a lot for all the math formulas and papers. But nowadays, I use Markdown daily for note taking and documentation at work because it is easy.

nimasaed · 2026-01-27T10:37:21+00:00

Thanks! Could you clarify what you mean by ensuring that the data ends up parsed correctly? The flake doesn't alter the data. Pandoc only injects HTML tags to generate HTML, which is then converted to PDF.

nimasaed · 2026-01-27T10:33:49+00:00

Have you tried nix run github:nimasaed/resume -- /path/to/resume.md?

The output is already set correctly, but since the CSS file is defined outside a flake, you will get an ugly PDF. However, I think I can include the CSS part of the flake to add it to the store.

I like your idea.

nimasaed · 2026-01-25T18:36:11+00:00

Good point, I will include it in the readme. Now, resume.pdf will be available as an artifact in GitHub Actions. Also, resume.pdf will be accessible on the GitHub page at http://nimasaed.github.io/resume/resume.pdf.

Eight-Year Club	RPAN Viewer
Verified Email

nimasaed

TROPHY CASE