Managing 30+ machines with NixOS in a single unified config, currently sitting at a total of around 17k lines of nix code.

In other words, I have put a lot of time into this. It was a very steep learning curve, but it’s paid for itself multiple times over by now.

For “newcomers”, my observations can be boiled down to this: if you only manage one machine, it’s not worth it. Maaaaaybe give home-manager a try and see if you like it.

Situation is probably different with things like Silverblue (IMO throwing those kinds of distros in with Guix and NixOS is a bit misleading - very different philosophy and user experience), but I can only talk about Nix here.

With Nix, the real benefit comes once you handle multiple machines. Identical or similar configurations get combined or parametrized. Config values set for Host A can be reused and decisions be made automatically based on it in Host B, for example:

• all hosts know my SSH pub keys from first boot, without ever having to configure anything in any of them
• my NAS IP is set once, all hosts requiring NAS access just reuse it implicitly
• creating new proxmox VMs just means adding, on average, 10 lines of nix config (saying: your ID will be this, you will run that service) and a single command, because the heavy lifting and configuring has already been done, once -…

Chat, is this AI-generated ads on Lemmy?

Are we talking permanent background tracking? Or sending a message “hey, I’m here”?

Oh yeah rust tooling is insanely good ootb

I’m too lazy to insert the “look what they need to mimic a fraction of our power” meme here, so… Please imagine it instead.

I’m switching jobs in a couple of months, and I am SO glad to be leaving a (very well maintained!!) python codebase with type hints and mypy for a rust codebase.

It is just not the same.

At this point, package management is the main differentiating factor between distro (families). Personally, I’m vehemently opposed to erasing those differences.

The “just use flatpak!” crowd is kind of correct when we’re talking solely about Linux newcomers, but if you are at all comfortable with light troubleshooting if/when something breaks, each package manager has something unique und useful to offer. Pacman and the AUR a a good example, but personally, you can wring nixpkgs Fron my cold dead hands.

And so you will never get people to agree on one “standard” way of packaging, because doing your own thing is kind of the spirit of open source software.

But even more importantly, this should not matter to developers. It’s not really their job to package the software, for reasons including that it’s just not reasonable to expect them to cater to all package managers. Let distro maintainers take care of that.

Now if Eelco Doolstra wasn’t fucking around, we could have had a super LTS NixOS - but NOOOO.

My exact thoughts lol

Not really, no

DNS over TLS and similar are only encrypted to the first (local) DNS provider, and of course that provider knows the query as well.

It protects against 3rd-party eavesdroppers between you and your primary DNS provider, but does nothing for privacy beyond that.

Also getting rid of my T1 Diabetes and re-doing my transition, but yeah! Hedonism as well!

Yeaaaaaaahh the auth thing is really, really complicated to selfhost. There’s a docker project out there that apparently makes it possible, but… No idea. FOr the time being I still use FF’s auth - that’s still an improvement though: Mozilla knows that I am logging in / from what kind of device, but not the content or amount of what I sync.

Spend the rest of my life on a Culture orbital or GSV? FUCK YEAH

Yep, this is the answer. Set it, forget it, accidentally have your hard drive destroyed irrecoverably, and re-set everything up to the exact working state you were used to in under 15min.

It’s a fair bit of initial setup and learning, but afterwards, the word “stable” takes on a new meaning.

Probably… I mean, I’d at least start it in a systemd service, but sure, you don’t need a domain.

But of course your mobile won’t be able to access that domain outside your network

No idea - this is my firefox sync NixOS config, in its entirety:

  age.secrets.ffsync.rekeyFile = secrets.ffsync;
  services.firefox-syncserver = {
    enable = true;
    secrets = config.age.secrets.ffsync.path;
    settings.hostname = "localhost";

    singleNode = {
      enable = true;
      hostname = "0.0.0.0";
      capacity = 2;
    };
  };

You can self-host Firefox sync

Take a look at Kavita for selfhosting bools!

You can also selfhost sync!

You can also just selfhost Firefox sync!

Fuck off troll.

Literally every single German old enough to remember life in the DDR that I know (which aren’t exactly few - I am German) recounts that time with terror.

In my entire life, I have not met a single person alive back then who wants to go back to the DDR. There’s no notalgia, only painful memories.