klntsky has quit [Remote host closed the connection]
klntsky has joined #home-manager
ryantrinkle has joined #home-manager
<ryantrinkle>
is there a recommended way to version my home-manager configuration using git?
<ryantrinkle>
in particular, i'm looking for a way that makes it difficult to accidentally switch to a configuration that isn't committed to git
<rycee>
ryantrinkle: Nothing official :-)
<rycee>
ryantrinkle: I simply have `~/.config/nixpkgs/home.nix` be a symlink to `<hostname>.<username>.nix` in my repo directory.
<rycee>
And my repo almost always has some uncommitted stuff :-/
<rycee>
I guess it most easily could be done using a wrapper script that checks if the git repo is committed and calls home-manager with the command line arguments.
<infinisil>
rycee: I've been using a wrapper that automatically commits all new changes for me (and allows empty commit messages) every time I try to rebuild
<infinisil>
Working pretty well, I usually never have uncommitted changes lingering in my config
<rycee>
Ah, that's clever.
<ashkitten>
i have my whole system configuration on github including home-manager, and i use it as a channel pointing to the master tarball so whenever i push to github i can do a `nix-channel --update && nixos-rebuild switch`
<ryantrinkle>
ah, lots of interesting ideas here!
<ryantrinkle>
i recently figured out how to manage my /etc/nixos/configuration.nix with git using git hooks
<ryantrinkle>
basically, nixos-rebuild switch is replaced with git push
<ashkitten>
if i want to test the config before pushing, i can `nixos-rebuild switch -I nixos-config=./devices/$HOST`
<infinisil>
ryantrinkle: Hehe another different idea, we have a bunch here now
<ryantrinkle>
haha yeah
<ashkitten>
so i don't actually have a /etc/nixos now
<ryantrinkle>
ashkitten: cool; just poking the nix-env by hand?
<ashkitten>
everything is declarative
<ashkitten>
i never use nix-env
<ryantrinkle>
oh; do you still keep nixos revisions around in your bootloader?
<ashkitten>
yeah
<ryantrinkle>
some way other than /nix/var/nix/profiles/system?
<ashkitten>
it's basically the same as any other config but instead of nixos-config pointing to /etc/nixos/configuration.nix, it points to /nix/var/nix/profiles/per-user/root/channels/nixos-config/devices/$HOST
<ryantrinkle>
ah yeah, that makes sense :)
<ryantrinkle>
rycee: is it possible to get home-manager tab-completion in zsh?
<ryantrinkle>
`home-manager sw[TAB]` completes filenames for me
<ryantrinkle>
(maybe i've set something up wrong)
<rycee>
There is a completion file for Bash but nobody has contributed one for zsh. I don't know if zsh can use the Bash one?
<evanjs>
ryantrinkle: I’ve had issues with this before. Lemme see if it works on mine
<rycee>
I think the ideal would be to generate it from the docbook man page…
<ryantrinkle>
rycee: ah yeah, makes sense
<ryantrinkle>
i know where to put the script once I have it, but i don't actually know how to write them :P
<ashkitten>
i believe zsh has a completion plugin for bash completion support but that's not optimal
<ryantrinkle>
(i've always used optparse-applicative in Haskell, which generates bash/zsh/fish stuff automatically)
<evanjs>
Okay looks like it doesn’t have zsh completions on mine. But I know they’re working for other programs so it looks like hm doesn’t have them for zsh, like rycee said
<ryantrinkle>
evanjs: makes sense
<evanjs>
I checked to be sure as I’ve had issues with zsh tab completions before and wanted to make sure it wasn’t something like the configuration
<rycee>
Would be happy to add if somebody contributes :-)
<infinisil>
It's probably not too hard to write a zsh completion function
<infinisil>
There's loads of examples you can use as reference
<infinisil>
I actually wrote a small one myself I think
<ryantrinkle>
rycee: is there a way to invoke home-manager switch and explicitly tell it where to get the config file from?
<rycee>
Hmm, shouldn't be too tricky to make an xslt file that generated completion from the docbook refentries. Those are easier to keep up to date.
<ryantrinkle>
actually, i think I would need to break it down a bit further
<rycee>
ryantrinkle: `-f`
<ryantrinkle>
i guess what i'd really need to make the git hooks slick is
<ryantrinkle>
a way to do the build (and verify that the result is good, if any verification needs to be done)
<ryantrinkle>
then a way to activate it
<rycee>
ryantrinkle: See `home-manager --help`
<ryantrinkle>
it looks like activation is super easy
<ryantrinkle>
oh right, i missed -f!
<ryantrinkle>
haha
<ryantrinkle>
thanks
<rycee>
Yes, activation is nothing other than running the activate script inside the output.
<ryantrinkle>
awesome
<evanjs>
I mean I just use the NixOS submodule anymore. I have autoupgrade going every 6 hours and my home-manager config is updated with my system 😃
<ryantrinkle>
evanjs: how do you do the auto-update?
<evanjs>
Lemme get the file from GH
<ryantrinkle>
i'm trying to figure out how to roll a bunch of this stuff out at obsidian; we've got about 50 nixos desktops and laptops, so it's a bit painful if I don't get things right :P
<ryantrinkle>
I want to get everyone's default config to be home-manager based, especially for the non-technical folks
<ryantrinkle>
evanjs: cool; and I assume when it fails or something, it just does nothing?
<ryantrinkle>
has it ever caused trouble for you?
<evanjs>
ryantrinkle: the system config? Yes. Home-manager? Ermmm not always
<ryantrinkle>
right, the system config
<ryantrinkle>
one of the things that gives me pause about auto-update is that channel rollbacks are dicey
<evanjs>
Right, sometimes they’ll both be upgraded and will be applied but the hm config might’ve failed anyway
<ryantrinkle>
yeah
<ryantrinkle>
one of the invariants i'm trying to enforce is that I can always roll back, not just the built system/home, but also the source that produced it
<ryantrinkle>
hence git
<ryantrinkle>
and that's also why i'm using a git push flow - that way, if you forgot to commit something, you'll notice immediately, because the rebuild will fail
<ryantrinkle>
(and the thing you forgot to commit won't ever take effect)
<evanjs>
Could also pin certain things if need be
<evanjs>
I’m trying to do something similar with the rust channels. Like make sure you have these plugins, and if you can’t find them, go back until they work. If you can’t find these other plugins, though, don’t fail the build, but make sure we get at least std and src. The same thing might be useful for home-manager, though. Like “if something fails, do
<evanjs>
not apply the new configuration, and notify me about the problem”
<ryantrinkle>
right, that makes sense
<rycee>
ryantrinkle: For the git workflow that you describe it seems to me that it would be good to pin Nixpkgs within the repo as well.
<rycee>
ryantrinkle: So if you want to recover an old configuration the git checkout would include the exact Nixpkgs you used.
<ryantrinkle>
rycee: yep, that's exactly what I do :)
<ryantrinkle>
and i've been trying out git-subrepo
<ryantrinkle>
which copies the remote repo into your repo (like git subtrees) but also preserves the metadata (like git submodules)
<ryantrinkle>
i added git-subrepo to nixpkgs a few days ago
<rycee>
Ah, neat. Haven't heard of that. You pull in Nixpkgs that way?
<ryantrinkle>
yeah
<ryantrinkle>
then my git `update` hook creates a worktree in a temp dir
<ryantrinkle>
does the build from there
<ryantrinkle>
and stuffs the nix store symlink into a temporary location in the git repo
<ryantrinkle>
the post-receive hook picks it up from there and actually activates the configuration
<ryantrinkle>
so configurations that don't even build won't be allowed to commit at all
<ryantrinkle>
(update hook fails)
<ryantrinkle>
so the workflow for updating the OS is
<ryantrinkle>
git clone /etc/nixos/configuration
<ryantrinkle>
then modify the config
<ryantrinkle>
then git push
<ryantrinkle>
it also automatically chroots so you can use it to install nixos, but i'm not sure if that's a totally good idea
<rycee>
Sounds quite refined! You should write a blog post :-)
<ryantrinkle>
haha yeah maybe so :)
<maralorn>
ryantrinkle: I have nixpkgs pinned in my configuration. (Which sadly needs a wrapper around nixos-rebuild and home-manager to have the NIX_PATH right on the first rebuild.) Then my server bumps the pinned nixpkg version in a branch of my nixos-config every night, builds the config for all of my hosts and if it succeeds pushes that branch to master. Hosts then pull the config and update to a known
<maralorn>
working version (with substitutes from my server).
<maralorn>
I just mention it because the consequence is that nearly all of my commits in the history can always be reproducibly build in the version from that point in time.
<maralorn>
But your solution sounds even cooler.^^
mexisme has joined #home-manager
<ryantrinkle>
maralorn: the auto-bump stuff sounds like exactly what I'd want :)
<ryantrinkle>
when pushing out updates to a whole company, I'd prefer that everyone pull from a single cache rather than that everyone's laptop build everything from scratch :P