Pinning a commit hash is definitely 1 step to reproducibility. But another
step is that all build inputs and upstream sources must also be content
addressed and available. One challenge with this security updates.
On 12/09/2016 7:05 PM, "Tobias Pflug" wrote:
> If I may just jump in with a questio
If you work in a team, definitely pin your nixpkgs revision.
At LumiGuide we use a variation of the technique outlined in
https://garbas.si/2015/reproducible-development-environments.html.
Bas
On 12 September 2016 at 11:05, Tobias Pflug wrote:
> If I may just jump in with a question: What I f
Using pinned commit++, CI checks if upgrade is ok.
2016-09-12 10:05 GMT+01:00 Tobias Pflug :
> If I may just jump in with a question: What I feel uneasy about is to just
> use some channel. Is that what everyone does? I usually pinpoint a specific
> commit so that i know that my deployments are a
If I may just jump in with a question: What I feel uneasy about is to just use
some channel. Is that what everyone does? I usually pinpoint a specific commit
so that i know that my deployments are actually deterministic about what
nixpkgs set is being used.
Am I just being paranoid/impractical?
Hi everybody,
Thanks so much for you very valuable feedback :-)
It's great to see other use it and have success (or gonna to know about the
issues you guys faced).
We'll definitely take all your recommendation into account!
Again, thanks for the great stories you shared
Alois
On 7 September 20
I'm using NixOps to boot strap servers and then they auto upgrade based on
channels from Hydra:
https://github.com/snabblab/snabblab-nixos#automatic-deployments
On Wed, Sep 7, 2016 at 4:47 PM, zimbatm wrote:
> I've been using NixOPS for my personal servers (on Vultr) and I couldn't
> be happier
I've been using NixOPS for my personal servers (on Vultr) and I couldn't be
happier. I'm deploying a rails app and I never had a better experience than
that, even on Heroku. The initial setup take a bit longer but it already
paid back in terms of no-brainer deploys. I love it that I can share
confi
obadz: nixops has backend to deploy to hetzner.
2016-09-07 15:39 GMT+01:00 obadz :
> On Wed, Sep 7, 2016 at 11:36 AM, Игорь Пашев
> wrote:
>
>> The other day I moved one of the machines from EC2 to Hetzner... in the
>> blink of an eye :-)
>>
>
> Out of curiosity, how do you install NixOS on the
On Wed, Sep 7, 2016 at 11:36 AM, Игорь Пашев wrote:
> The other day I moved one of the machines from EC2 to Hetzner... in the
> blink of an eye :-)
>
Out of curiosity, how do you install NixOS on the Hetzner machines?
___
nix-dev mailing list
nix-dev@l
2016-09-07 13:22 GMT+03:00 4levels <4lev...@gmail.com>:
> We've been pleasantly surprised that every single deploy has given identical
> results on all (currently 12) servers in the various datacenter locations of
> Vultr.
Yeah, develop in VBox, deploy to everywhere. The other day I moved one
of
Hi Aloïs,
we're using NixOps to deploy a "typical" php web application using Nginx /
Redis / MariaDB and the Symfony and Laravel/Lumen frameworks. We're also
making use of the python package wkhtml2pdf to generate PDF documents from
HTML content.
All our credentials are deployed through the depl
I'm using NixOps in production, EC2, Hetzner, VBox with no issues.
Of course, commit NixOps state (JSON) in git with git-crypt. And this
wrapper for NixOps:
#!/usr/bin/env bash
set -euo pipefail
NIXPKGS=https://github.com/NixOS/nixpkgs-channels/archive/nixos-15.09.tar.gz
NIXOPS=${NIXOPS:-nixops
Yes, you're deliberately breaking purity, but if you're going to be using
it as part of the development infrastruction (he could mean many things,
does he mean *code deployment infrastructure* or implicitly implying CDI
and explicitly mentioning part of the development infrastructure.)
If he means
If you're on a system with a pure stdenv (linux or pure-darwin) and find
yourself needing to turn off the sandbox, most likely there is a bug in
nix or you are doing something wrong. Please don't recommend turning off
the sandbox unless you are very sure you know what you're doing and that
the pers
On 6 Sep 2016 00:01, "Aloïs Cochard" wrote:
> We do plan to use it for our development infrastructure
You'll need to implement incremental recompilation (IR) to reduce
compilation times. It's not too difficult to implement if you know _not_ to
set nix.useSandbox = true; .
Ping me when/if you get
We're also using NixOps, as well as some other sub projects (Disnix, Hydra,
and "plain old" Nix) in our company.
- The following presentation briefly covers Disnix + NixOps deployment (for
the impatient: scroll to the last ~10 slides):
http://www.slideshare.net/sandervanderburg/deploying-microserv
Hi Aloïs,
if you don't need any of the backends nixops offers except maybe "none",
it might be better to avoid the stateful nature of nixops and go with a
simple script based on nixos-rebuild, something like:
deploy1.sh:
HOST=$1
NIXPKGS=$2
nixos-rebuild switch \
-I nixos-config=./$HOST/configu
I am switching manual deployment to NixOps, and I'm getting lots of quirks
in hetzner, virtualbox, libvirtd and container backends.
Also, because of impurities in my systems, I can't switch easy from
production to, for example, virtualbox deployment.
So no success story here, but I like this tool
Hi Aloïs,
We use nixops at LumiGuide to deploy to our network of image analysis
servers that power our bicycle detection and guidance systems[1]. I
recently gave a talk[2] at ZuriHac and MuniHac that contained a few slides
on our usage of nixops.
A few machines in our network are at Hetzner ('het
Hi all,
We are experimenting with NixOps and we are having great success. We do
plan to use it for our development infrastructure, and it seems to be very
promising.
In the light of applying the same technology on our production stack, I'm
curious to know how NixOps is used "for real"? Do you use
20 matches
Mail list logo