Lix: path does not exist and cannot be created

I use Lix on aarch64-darwin without home-manager or nix-darwin. When I tried to upgrade my installation, I saw the error:

$ nix upgrade-nix
=> error: path '/nix/store/ggppip3wfx4vbdc0kxsdniw118viymdg-lix-2.93.2' does not exist and cannot be created

After going down the rabbithole, I figured out the issue. My nix.conf was missing two crucial lines:

# append to /etc/nix/nix.conf
substituters = https://cache.nixos.org https://cache.lix.systems
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=

For context, these lines are normally added by the Lix installer, but they weren’t in my conf. I think this is because my install predates lix-installer, but I am not sure.

After adding those lines, I was able to reboot the daemon and upgrade successfully:

$ sudo launchctl kickstart -k system/org.nixos.nix-daemon
$ sudo nix upgrade-nix
$ nix --version
nix (Lix, like Nix) 2.93.2
System type: aarch64-darwin

Hopefully, this saves someone else some time.

Wrapping Rust's log crate

Rust’s log crate crate is a thin macro interface for logging that can plug in to many different backends. Its functions can be called just like println!:

let you = "cow".to_string();
let name = "moo".to_string();

// There's also log::log, log::warn, and so on.
log::info!("Hello {animal}, {} to you", greeting);

I wanted to wrap it to add a prefix [farm] so the output looks like:

[farm] Hello cow, moo to you

Easy, right? 😅

My first attempt was a macro that tried to concat! the prefix:

macro_rules! warn {
    ($str:literal) => (::log::warn!(concat!("[farm] ", $str)));
    ($str:literal, $($args:tt)*) => (::log::warn!(concat!("[farm] ", $str), $($args)*))
}

But it doesn’t work:

error: there is no argument named `animal`
  --> src/log.rs:3:51
   |
3  |     ($str:literal, $($args:tt)*) => (::log::warn!(concat!("[farm] ", $str), $(...
   |                                                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^
   |
  ::: src/main.rs:46:5
   |
46 |     warn!("Hello {animal}");
   |     -------------------- in this macro invocation

Keep in mind that animal was previously defined with a let-statement as in the example code, so it should be in the calling context. Fortunately, there’s a helpful note:

= note: did you intend to capture a variable `animal` from the surrounding scope?
= note: to avoid ambiguity, `format_args!` cannot capture variables when the format string is expanded from a macro

The solution is straightforward. We just call format_args! ourselves!

// It works!
macro_rules! warn {
    ($str:literal) => (::log::warn!("[farm] {}", format_args!($str)));
    ($str:literal, $($args:tt)*) => (::log::warn!("[farm] {}", format_args!($str, $($args)*)))
}

Hacking a GPO 746 rotary phone

Rotary dial telephones are a fantastic way to start learning about electronics. They’re built to be disassembled and serviced (because they were originally rented!). There are online communities of engineers and enthusiasts who are happy to to share what they know. Most of all, they’re beautiful objects that inspire curiosity and nostalgia.

Here’s what I’ll be making:

It’s a GPO (General Post Office) 746 rotary dial telephone that plays a random song each time you pick up the handset.

Cross-compiling NixOS for a Raspberry Pi

I had to install NixOS on my Raspberry Pi 4, Model B recently. I didn’t have the HDMI→ micro HDMI cable so I decided to install it headlessly. This is a fairly intricate setup because I wanted to:

1. Cross-compile from aarch64-darwin→ aarch64-linux.
2. Remote build using nixbuild.net to speed up build times.
3. Build from my memory-constrained 1GB Raspberry Pi.*

It involved a few gotchas which I want to document here.

* Note: Although it is possible to offload the compilation to nixbuild, you still need memory on the Pi to evaluate the nix code. There is an open issue for eval memory usage which may alleviate this.

Making a NixOS SD Image

First, make a flake.nix that produces the SD image:

{
  inputs = {
    nixos-generators.url = "github:nix-community/nixos-generators";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    nixpkgs.url = "nixpkgs/nixos-unstable";
  };

  outputs =
    { nixos-generators
    , nixos-hardware
    , nixpkgs
    }: {
      # This produces the install ISO.
      packages.aarch64-linux.installer-sd-image =
        nixos-generators.nixosGenerate {
          specialArgs = { inherit dotfiles-private; };
          system = "aarch64-linux";
          format = "sd-aarch64-installer";
          modules = [
            ./modules/hardware-configuration.nix
            nixos-hardware.nixosModules.raspberry-pi-4
            ./modules/base.nix
            ./modules/builder.nix
            ./modules/networking.nix
            ./modules/users.nix

            # Anything else you like...
          ];
        };
    };
}

Onto the modules…

Using Nix on Flakes on OSX

I use Nix Flakes on OSX to setup my development environment. I’ve not seen anyone else document this approach. Maybe you will find it useful.

What’s in a development environment?

By “development environment,” I mean three things:

1. Adding and mutating shell environment variables (e.g. $EDITOR)
2. Installing command line applications (e.g. /usr/bin/nvim)
3. Adding config files (e.g. $HOME/.config/nvim/init.lua)

Unfortunately, 2 and 3 are “impure” according to Nix because they require access to mutable paths. But there are simple workarounds:

• Instead of installing binaries to /usr/bin/, I can install it to the store and add it to the $PATH. For example, instead of installing /usr/bin/nvim, I would install /nix/store/abc123-nvim/bin/nvim.
• Instead of adding config files, I can wrap a binary to point to the store. For example, instead of generating $HOME/.config/nvim/init.lua, I’d:
  • Generate /nix/store/abc123-init.lua/init.lua.
  • Generate /nix/store/abc123-nvim-wrapped/bin/nvim, which just does nvim -u /nix/store/abc123-init.lua/init.lua $@. The -u flag lets you pass a path to the config, and $@ forwards arguments.
  • Add /nix/store/abc123-nvim-wrapped/bin to $PATH.

So if I can mutate environment variables— including $PATH— then I can do everything!

But first, I need to explain Flakes a little bit.

A Nix Flakes primer

Sorry, I feel like every Nix article that touches on Flakes has to explain Flakes from scratch. I’ll try and stick with what’s relevant to what I’m doing. If you’re interested in a deep dive, I recommend Xe Iaso’s Nix Flakes: an Introduction.

Flakes, at their core, are a configuration format for the Nix toolchain. This format accepts inputs, which are dependencies that live in the Nix store, and produces outputs, which are read by various tools. For example, the nix CLI tool’s nix build subcommand builds the packages.default output for the flake.

See? That wasn’t so bad, was it? If this still seems a bit abstract, read on for an example.

Note: In versions of nix prior to 2.7, packages.default was known as defaultPackage. If you care about compatibility with old versions, you may want to alias it to point to packages.default.

Designing a development environment

Using Flakes, I need to mutate environment variables. To do this, I’ll use a little-known command called nix print-dev-env:

nix print-dev-env - print shell code that can be sourced by bash to reproduce the build environment of a derivation

If you run nix print-dev-env, it will build the packages.default output of your current flake.nix.

This approach has two steps:

1. Make a packages.default output that mutates shell environment variables as desired. For example, it should add /nix/store/abc123-nvim-wrapped/bin to the $PATH.
2. Source the output of nix print-dev-env in my development shell.

Putting the pieces together

To construct the packages.default output, you can use pkgs.mkShell:

# In flake.nix
let
  neovim-with-config = neovim.override {
    customRC = ''
      lua << EOF
        -- init.lua goes here
      EOF
    '';
  };
in 
  {
    outputs = flake-utils.lib.eachDefaultSystem (_system: {
        packages.default = pkgs.mkShell {
          packages = with pkgs; [
            neovim-with-config
            # anything else
          ];

          shellHook = ''
            # Optionally, inject other stuff into your shell
            # environment.
          '';
        };
      });
  }

Since the shell requires neovim-with-config, its ‘build environment’ will append /nix/store/abc123-neovim-with-config/bin/ to $PATH. That’s exactly what we want.

And finally, source the output of nix print-dev-env:

# `print-dev-env` assumes bash. It mutates env variables such as
# `LINENO` that # are immutable in zsh, so I need to exclude them.
# This is annoying, but in practice works fine.
$ nix print-dev-env \
  | grep -v LINENO \
  | grep -v EPOCHSECONDS \
  | grep -v EPOCHREALTIME \
  > $HOME/development-configuration.zsh 

$ echo 'source $HOME/development-configuration.zsh' >> $HOME/.zshrc

If you inspect development-configuration.zsh, you’ll see a giant RC file that includes:

PATH='...:/nix/store/abc123-neovim-with-config/bin:...'

Indeed, running nvim works as expected. We have set up a development environment using Nix Flakes!

Full dotfiles

If you want to see my full dotfiles, it lives on sourcehut. Here’s a link to where I define packages.default and here’s where I run print-dev-env

Scoring an animation with Orca

In this post, I’ll demonstrate how to score an animation using Orca.

• What is Orca?
• The final score
• What is a score?
• Learning how to wait
• Wiring up sounds
• Timers in practice
• Conclusion

Restic + Backblaze B2 on NixOS

While NixOS fully supports making restic backups using Backblaze, I couldn’t find documentation for it. From browsing configs on GitHub, many people seem to also use rclone but I’d rather not introduce another dependency.

Here’s how I did it:

{ config, pkgs, ... }:
{
  environment.systemPackages = [ pkgs.restic ];

  services.restic.backups.myaccount = {
    initialize = true;
    # since this uses an `agenix` secret that's only readable to the
    # root user, we need to run this script as root. If your
    # environment is configured differently, you may be able to do:
    #
    # user = "myuser
    #
    passwordFile = config.age.secrets.my_backups_pw.path;
    # what to backup.
    paths = ["/home/myusername"];
    # the name of your repository.
    repository = "b2:my_repo_name";
    timerConfig = {
      # backup every 1d
      OnUnitActiveSec = "1d";
    };


    # keep 7 daily, 5 weekly, and 10 annual backups
    pruneOpts = [
      "--keep-daily 7"
      "--keep-weekly 5"
      "--keep-yearly 10"
    ];
  };

  # Instead of doing this, you may alternatively hijack the
  # `awsS3Credentials` argument to pass along these environment
  # vars.
  #
  # If you specified a user above, you need to change it to:
  # systemd.services.user.restic-backups-myaccount = { ... }
  #
  systemd.services.restic-backups-myaccount = {
    environment = {
      B2_ACCOUNT_ID = "my_account_id_abc123";
      B2_ACCOUNT_KEY = "my_account_key_def456";
    };
  };

}

Overriding packages in NixOS

In NixOS, it’s sometimes desirable to override a package in order to extend or modify its behavior. For example, I override my Neovim to add plugins so they get all the benefits of being in the nix store. Here’s how I do it.

Rust Magic

This is a list of places in Rust where implementing a trait or using a struct affects the syntax of your code. I think of these features as “magical” because using them can change the behavior of very basic Rust code (let, for-in, &, etc.).

What follows is a small list of (hopefully) illustrative examples, and a short epilogue pointing you to more articles if this topic interests you.

How to configure API Gateway v2 using Terraform

Here’s how you wire up an AWS lambda into an HTTP API using Terraform and AWS’s API Gateway v2 resources.