Graham Christensen
determinate.systems. Nix obsessed.
he/him
📻 no5ig
- Reposted by Graham ChristensenBuild for Linux from your Mac. It just works, with Determinate #Nix. Zero config.
- @dangoodin.bsky.social re your DNS article ... for a good time: dig +noall +short disk.vhd.gz.base64.grahamc.com TXT | cut -d'"' -f2 | base64 -d | gzip -d > minimal.vhd
- Where do people get good stickers from? In the distant past I've used StickerMule.
- Hey y’all, I could use help: if you’re using the determinate nix installer in GitHub actions and you’re seeing an increase in CI failures — let me know? We’re slowly rolling out a new version and suspect there is an edge case we haven’t covered.
- So this merged: github.com/DeterminateS... (not yet released, see the linked comment)
- An awkward UX issue of Determinate Nix is that we serve it from FlakeHub Cache, which has no unauthenticated access. We do that to make the auth backend very straightforward, avoiding complexity that could lead to leaking customer cache entries. But...
- that means you have to log in to FlakeHub to download prebuilt upgrades. This is not some brain genius number-go-up-maxxing, but an annoying side effect of Product Design Decisions. I wrote up a tracking ticket for folks while we solve that: github.com/DeterminateS...
- In the meantime, Determinate Nix 3.4.1 helps you upgrade more successfully. Where it used to crash out on a ridiculous error, now it _tells you_ that you have to log in.
-
View full threadUpgrade to Determinate Nix 3.4, by ... I mean, that picture :) but for posterity: determinate-nixd login sudo determinate-nixd upgrade Or install it for the first time from docs.determinate.systems (we recommend the package on macOS!)
- 💪
- The next release of Determinate Nix will start addressing two issues that commonly confuse our users: 1. `nix-channel` is deprecated, and using it will issue a warning. 2. Using an indirect flakeref or implicit registry input in a flake.nix will also raise a warning. >>>
- We've seen countless users trip themselves up on outdated channels and confusing them for the `nixpkgs` flake ref used by `nix run nixpkgs#`, etc. Determinate Nix Installer hasn't shipped configured channels for years, and now we're warning against them: github.com/DeterminateS...
- Similarly, we frequently see confusion when locking a flake which uses implicit inputs and indirect flakerefs. Indirect flakerefs are great on the CLI. Determinate Nix will start warning when you use them as a flake.nix input url, where they're a negative: github.com/DeterminateS...
-
View full threadThese two strategic changes are aimed at eliminating confusion and surprise, and are based on working with our users and hearing their feedback. I can't wait for Determinate Nix 3.4 to ship on Monday!
- Reposted by Graham ChristensenDeterminate Nix 3.3.1 is now out and folks, it is not playing games. We've added JSON logging to Nix and a whole new UX around fixing hash mismatches during Nix builds—and we've fixed some long-standing paper cuts to boot. determinate.systems/posts/change...
- Reposted by Graham ChristensenDeterminate #Nix 3.2: we fixed the infamous `git add` error. Really.
- Is this anything?
- You can try it now: github.com/DeterminateS...
- Reposted by Graham ChristensenLet’s be real: any GitHub Action could expose your secrets at any time. Just look at the latest CVE uncovered in the popular tj-actions/changed-files Action. Static, long-lived secrets are a major 🚩. The solution? Don't rely on them, there is a better way. 🧵👇
- @arrdem.com nice to find you again =)
- @hankgreen.bsky.social my daughter is named Io, and ++ on your video about paying more attention to Jupiter's moons.
- can we please just get a move on, and (1) make Ed25519 FIPS-140, and (2) get Ed25519 in HSMs and AWS KMS?
- Autonomous Sensory Materials Lithography
- This Firefox ToS hubbub is wild. It is amazing they didn't have one before. Lawyers like to spell out things like "If you type things into our program, we will do things with it." Which is the fundamental operating principle of a browser! You type things into it, and things happen!
- How is it that most glasses companies take 7-10 days, when there are plenty of companies that will get them to you next day?
- Reposted by Graham ChristensenTo support streamlined NixOS deployments to AWS, we now offer Determinate NixOS AMIs that come with Determinate Nix and fh, the CLI for FlakeHub, installed. Authenticate with STS, apply your configuration, and you're off to the races. determinate.systems/posts/nixos-amis
- Evidently, GitHub Actions' API has no way to trigger a workflow, and then know the ID of the run that was triggered.
- Maps, being so utterly political, are touched by the digital age. Online maps present different boundaries and names depending on where you are.
- Hey @quinnypig.com, is it possible AWS support actually gets >500 cases per second? At that rate, is it better to send a thank you reply, or is it more polite to silently resolve closed tickets to avoid extra messages?
- Do I know any swift devs that do contract work? I’ve got a project!
- Winter runners, how different is it to run at 4F than 10F?
- Reposted by Graham ChristensenUnfortunately, due to GitHub Actions Cache API changes, the free Magic Nix Cache support is near end of life. TL;DR: * Upgrade to FlakeHub Cache and get a month free * Free cache for OSS * GitHub Enterprise Server is unaffected 🔗
- Incoming: a lot of normies angry about the monty hall problem.
- Me as a user: Firefox is so important for society as a whole Me, staring at a bug that only happens on Firefox: ok but like
- It’s my favorite time of year: when the garage windex freezes solid.
- RIP Honey www.youtube.com/watch?v=4H4s...
