ChanServ changed the topic of #nixos-systemd to: NixOS <3 systemd | https://jitsi.nixcon.net/systemd | Next meeting 08.12.2020 14:00 UTC (every two weeks)
<Emantor>
Hm, how do I enable a systemd user service provided by a derivation without copying the whole contents into my configuration?
<V>
oh, boy. so you can either link it in (e.g. ~/.config/systemd/user/default.target.wants/pulseaudio.service -> /run/current-system/etc/systemd/user/pulseaudio.service), or (I believe) you can enable it for everyone but add ConditionUser=you
<V>
neither of these are particularly nice
<V>
Emantor: ^
<Emantor>
systemctl --user enable even creates a broken link into the store which vanishes as soon as the derivation is updated…
<V>
it does, yes
<V>
make the link manually
<V>
specificallly make it point into /run/current-system
<Emantor>
I'd rather reimplement the service in the config than, at least its consistent across machines than.
<V>
that comes with its own set of downsides :)
<Emantor>
Sure, namely that the derivation service and my configuration service start to differ…
<Emantor>
maybe ConditionUser=me is the best choice.
<V>
maybe. I'm considering switching to that myself (currently using `systemctl enable` and then fixing up the paths... I guess that could be patched in systemctl)
<V>
oh, home-manager might also solve your problem here, although I've yet to look at that properly
<Emantor>
A quick scan of man home-configuration.nix only bring up declarative services/paths timers, but no way to enable services provided by derivations, what am I missing?
<Emantor>
Or do you intent to enable it by adding the services as wants to default.target?
<V>
as I said, I've not looked into home-manager enough to say how
<V>
I'm just aware that it probably provides such functionality
<V>
(and that if it provides something similar to systemd.user.*, it'll be guaranteed to be per-user this time)
<Emantor>
V: FWIW, solved it by just creating a symlink from ~/.config/systemd/user/default.target.wants to ${pkgs.mpris-scrobbler}/share/systemd/user/mpris-scrobbler.service with home-manager. Works like a charm.
<V>
Emantor: oh, nice
<V>
I wonder if you could solve this by adding a per-user drop-in for the service that adds default.target to its WantedBy
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
Deknos has joined #nixos-systemd
<arianvp>
oh sweet
<arianvp>
systemd-master can now unseal luks2 partitions using the TPM
<arianvp>
a la bitlocker
<V>
ooh
<arianvp>
the secret is sealed with the PCR state. so you can do things like: "Don't decrypt if secure-boot was disabled"
<damjan>
yes. tested it. works
<arianvp>
noice
<gchristensen>
niiice
<arianvp>
also luks2 support
<arianvp>
fido2**
<arianvp>
gonna add this to sonos now.
<arianvp>
is there a way to emulate TPM2 on qemu?
<damjan>
yes
<damjan>
install swtpm
<arianvp>
damjan: it doesn't seem to be packages for Nixpkgs