I came across an interesting thread on the NixOS subreddit today that helped me fix a problem that I didn’t even know I had with my NixOS system configuration.
Every now and then, I’ll try to quickly do nix-shell -p somepackage, and it will fail, because somepackage couldn’t be found.
I go and check https://search.nixos.org and it’s there. Huh. Weird.
So I just go and add it to my environment.systemPackages to install it, and remove it if it turns out I don’t really need it.
I have a confession to make. Until yesterday, I did not have any form of dotfiles management or versioning for my Windows 11 machine. Yes, I, the person who wrote an entire tiling window manager for Windows from scratch in Rust, did not manage my dots.
I had to sheepishly admit this on more than one occasion in the project Discord server when people would watch my live programming videos and then ask if I could share my Windows dotfiles repo.
There are a number of different approaches available for NixOS users to handle secrets. The most popular tend to be git-crypt, agenix and sops-nix. But which one should you use?
To hopefully help you in answering this question for yourself, here is an overview of a few common use cases and what I think is most appropriate for each.
Managing Your Own Physical Machines Maybe you have a desktop, a Macbook and a Raspberry Pi which you are managing from a single NixOS flake repo.
In my last post, I shared how to get a working instance of Nitter deployed on NixOS, but requested advice on how to best automatically provision the guest_accounts.json runtime secret file on the target server.
A number of folks reached out to me on Mastodon (thanks @[email protected], @[email protected], @[email protected] and @[email protected]!) to suggest that I use agenix to copy encrypted files to the server and decrypt them in non-world readable directories, and then use systemd’s LoadCredentials option to make them available to the nitter service.
With all of the various user and developer-hostile changes introduced to Twitter over the past year, the importance of a user-friendly alternative frontend for Twitter is greater than ever.
After using public instances of Nitter for a while, I wanted to try hosting my own instance. I thought it would be as simple as enabling a service in my NixOS configuration:
{ services.nitter.enable = true; } Unfortunately, the only builds of Nitter that currently work are taken from a feature development branch which introduces changes both in build-time dependencies and runtime dependencies.
The social media landscape from Twitter and Mastodon to Instagram and TikTok has, for better or worse, centralized on sharing text highlights and quotes as images rather than as plain text.
Now I can share my highlights easily as images on social media! I like to share my highlights from across the web, which is why I publish topic-specific RSS feeds for people to subscribe to.
However, one of the features that I’ve been missing for a while now on Notado is exporting screenshots for social sharing.
As I write this, the genocide in Gaza being perpetrated against the Palestinian people continues unabated, with the explicit support of many western governments and politicians across the political spectrum.
Facilitation of war crimes is generally recognized as a war crime in International Humanitarian Law, the Rome Statue of the International Criminal Court and Customary International Humanitarian Law (I know this thanks to my many years spent as an ICRC field delegate, but you can do your own further research on this point if you’d prefer).
I recently starting using Yubikeys both to store passkeys which allow me to do passwordless logins to websites like GitHub, and to SSH into remote servers with FIDO2.
I have a number of machines at home, but I spend the majority of my time using a Windows 11 desktop computer running NixOS on WSL2 (in the past I’ve described Windows 11 + my tiling window manager komorebi as the “desktop environment” on top of my NixOS WSL2 shell).
Have you ever hit alt + backspace while in a zsh session, intending to delete just the last part of a path, or a word, or an identifier, but ended up deleting far more than that?
This is probably because you are using the default value for $WORDCHARS.
The default value for $WORDCHARS is
*?_-.[]~=/&;!#$%^(){}<>
i.e. pretty much everything and the kitchen sink. Usually, therefore, you will want to remove characters which you don’t want to be considered parts of words
Last year I read the excellent article “Hands-Free Coding” by Josh Comeau which went into detail about modifying his programming workflow to use dictation and eye-tracking after developing Cubital Tunnel Syndrome. I highly recommend reading the whole article and watching the demonstration videos of his approach.
This article was my first exposure to the dictation software Talon, which is specifically built to be hackable and naturally targets software developers.
If you know anything about me by now, it’s that I can’t use a computer without a tiling window manager anymore.