Tuesday, Jul 23, 2024
Turns out my NAS is vulnerable to the SSH vulnerability which allows anyone to log into your host with enough time, guaranteed. Dubbed regreSSHion (CVE-2024-6387), it affects a host of different OpenSSH version ranges. If one has OpenSSH 9.8p1 or later, one is totally fine.
Unfortunately, the NAS is still on NixOS 23.11. The NAS remains on NixOS, but all my other devices have been migrated off to Debian Testing.
Continue reading…
Saturday, Jan 27, 2024
Figure 1: John from USA - CC-BY-2.0
Watch out, things break, stuff catches fire. Let’s talk about backups.
Last post, I stated that I’m going to switch focus away from NixOS commentary. This is still the plan. Today, I am still committed to NixOS thanks to technical debt created - migrations aren’t for free. Until then, enjoy my NixOS posting :).
Last fall, I wanted to reformat my laptop’s NixOS deployment from BTRFS (encased within LVM2 itself encased in LUKS) to a ZFS partition plus another swap partition.
Continue reading…
Monday, Jan 15, 2024
Figure 1: The laptop that was having a bad day with NixOS 23.11
More upgrade gotchas. Shucks. If everything goes well, this will be my last NixOS post. Read on to understand my frustration just a little bit more.
My main laptop is a Lenovo Ideapad Flex 5 — simple and cheap device. The keyboard stopped working in the early boot after upgrading to 23.11. The impact: I need to a USB keyboard around to unlock the device from a cold boot.
Continue reading…
Wednesday, Jan 3, 2024
Figure 1: Official image for 23.11
Upgrading my workstation to 23.11 wasn’t as simple as I was hoping. Ran into a few issues.
Performing the upgrade I’m using a flake, so all I should have to run is:
# First edit flake.nix so it points to release-23.11. nix flake update nixos-rebuild boot --flake .# (Then systemctl reboot into the new generation that includes a new kernel.)
Issue #1: pinentry package changes I can’t unlock any keys using gpg-agent (hence cannot use GPG keys for accessing my password database and send signed documents).
Continue reading…
Sunday, Aug 6, 2023
I’ve been using Nix for a year now. It’s been going fairly well, by the way. Here are some misconceptions I’ve had to overcome to become a more productive Nixer.
False: You can’t deploy Nix software to Docker or Kubernetes False. If you can push to a docker registry such as docker.io, you can deploy to Docker or Kubernetes using Nix.
You can use dockerTools.buildImage to build a docker image from Nix.
Continue reading…
Monday, Feb 6, 2023
Figure 1: your computer on low memory
TL;DR: yes. You can throw more swap at most processes and it’ll eventually finish… Eventually.
Last year I warranty-ed a Dell XPS 13 with 32 GiB of RAM, all specced out. Sidenote: I wouldn’t recommend the Dell XPS 13, at least in 4K. The laptop gets anywhere from 1-3 hours of real world usage and gets hot as most Macbooks. The Dell XPS 13 4K is not a viable product.
Continue reading…
Wednesday, Jun 8, 2022
Recently I have begun migrating my workstation and laptop from Gentoo to NixOS. There are a great deal of tradeoffs between the two operating systems. Before going into the details, consider where I’m coming from and why I moved away from Gentoo below.
Why was I running Gentoo on workstations?? This is my heuristic for a good operating system:
The Distro must provide facility to modify system packages and maintain their modifications in sync with the upstream distro.
Continue reading…