ChanServ changed the topic of #nixos-systemd to: NixOS <3 systemd | | Next meeting 08.12.2020 14:00 UTC (every two weeks)
<Emantor> Hm, how do I enable a systemd user service provided by a derivation without copying the whole contents into my configuration?
<V> oh, boy. so you can either link it in (e.g. ~/.config/systemd/user/ -> /run/current-system/etc/systemd/user/pulseaudio.service), or (I believe) you can enable it for everyone but add ConditionUser=you
<V> neither of these are particularly nice
<V> Emantor: ^
<Emantor> systemctl --user enable even creates a broken link into the store which vanishes as soon as the derivation is updated…
<V> it does, yes
<V> make the link manually
<V> specificallly make it point into /run/current-system
<Emantor> I'd rather reimplement the service in the config than, at least its consistent across machines than.
<V> that comes with its own set of downsides :)
<Emantor> Sure, namely that the derivation service and my configuration service start to differ…
<Emantor> maybe ConditionUser=me is the best choice.
<V> maybe. I'm considering switching to that myself (currently using `systemctl enable` and then fixing up the paths... I guess that could be patched in systemctl)
<V> oh, home-manager might also solve your problem here, although I've yet to look at that properly
<Emantor> A quick scan of man home-configuration.nix only bring up declarative services/paths timers, but no way to enable services provided by derivations, what am I missing?
<Emantor> Or do you intent to enable it by adding the services as wants to
<V> as I said, I've not looked into home-manager enough to say how
<V> I'm just aware that it probably provides such functionality
<V> (and that if it provides something similar to systemd.user.*, it'll be guaranteed to be per-user this time)
<Emantor> V: FWIW, solved it by just creating a symlink from ~/.config/systemd/user/ to ${pkgs.mpris-scrobbler}/share/systemd/user/mpris-scrobbler.service with home-manager. Works like a charm.
<V> Emantor: oh, nice
<V> I wonder if you could solve this by adding a per-user drop-in for the service that adds to its WantedBy
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
qyliss has quit [Quit: bye]
qyliss has joined #nixos-systemd
Deknos has joined #nixos-systemd
<arianvp> oh sweet
<arianvp> systemd-master can now unseal luks2 partitions using the TPM
<arianvp> a la bitlocker
<V> ooh
<arianvp> the secret is sealed with the PCR state. so you can do things like: "Don't decrypt if secure-boot was disabled"
<damjan> yes. tested it. works
<arianvp> noice
<gchristensen> niiice
<arianvp> also luks2 support
<arianvp> fido2**
<arianvp> gonna add this to sonos now.
<arianvp> is there a way to emulate TPM2 on qemu?
<damjan> yes
<damjan> install swtpm
<arianvp> damjan: it doesn't seem to be packages for Nixpkgs
<arianvp> or is it part of some other package?
<damjan> my VM host is on Arch
<flokli> IMHO, that part of the tooling should also live in nixpkgs.
Emantor has quit [Quit: ZNC -]
Emantor has joined #nixos-systemd