Skip to content

Instantly share code, notes, and snippets.

@s1341
s1341 / freeipa-server.nix
Created May 29, 2023 04:08
working freeipa config
{
config,
lib,
...
}: let
cfg = config.services.freeipa-server;
in {
options.services.freeipa-server = {
enable = lib.mkEnableOption "freeipa service";
router = lib.mkOption {

Nixpkgs Pivots

We have a number of problems that currently require full rebuilds of nixpkgs:

  • glibc needs to find third-party nss modules
  • cacerts needs to contain custom CA's from enterprises
  • tzdata just changed frequently
  • locales

Interestingly, Nix's deep pinning of cacerts and tzdata gets in the way of Nix's promise of packages working over the long term in an archival sense:

@FRidh
FRidh / overview.md
Last active February 12, 2023 18:00

Python on Nix infrastructure

Introduction

Python is used throughout Nixpkgs. We use it for certain scripts, we provide Python libraries, and we provide applications. There are several methods on how to use Python on Nix, each with their pros and cons. An overview of all issues with the current Python infrastructure on Nix is available in the placeholder issue 1819.

Goal