I am on a Mac, using VirtualBox. I am trying to get the example from the nixops manual to work. I have experimented with loading packages with nix-env, starting up nixos inside VirtualBox and playing with it, and now trying to startup the example in the manual with trivial.nix and trivial-vbox.nix. I have the examples exactly as they are in the manual, even while wondering whether I should change the email address in trivial.nix to something else.
When I deploy it, it starts up a nixos machine inside VirtualBox and goes a long ways, but eventually dies with the messages
copying path ‘/nix/store/2xhsqwyi091aa93r1na1fsvq2xknvf34-append-initrd-secrets’ from ‘ssh://root@192.168.99.103’…
error: cannot add path ‘/nix/store/2xhsqwyi091aa93r1na1fsvq2xknvf34-append-initrd-secrets’ because it lacks a hash
copying 1 paths…
copying path ‘/nix/store/a678jxi2d4fx3jz3m0anhxyzb8jrn03b-audit-disable’ from ‘ssh://root@192.168.99.103’…
error: cannot add path ‘/nix/store/a678jxi2d4fx3jz3m0anhxyzb8jrn03b-audit-disable’ because it lacks a hash
I cannot find out what “it lacks a hash” is supposed to mean. What should I do?
The main problem here is that you cannot build linux packages on MacOS and transfer them to nixops directly. You need always a remote builder like https://github.com/LnL7/nix-docker
to prepare you store that will be transferred to your virtualbox VM.
2 Likes
Thank you for pointing this out @periklis, I’ve been having the same problem and this docker image and its start-docker-nix-build-slave
script got everything up and running on macOS for me.
I knew I couldn’t build linux packages on MacOS. I didn’t realize this example was building any packages at all on MacOS. The “trivial” example is just using standard features of nixos. Doesn’t this indicate a problem with the manual? The manual gives a simple example and indicates it should run. But it doesn’t.
nixops does not mention builders. nix does mention builders, but I can’t figure out what I should do to get nixops to work. Do I specify the builders in nix.conf and then nixops will use the right one?
You define builders for nix in your nix.conf
. Therefore nixops can you nix to build the store that will be transferred to the target machine. Even a trivial machine should consist of a linux kernel and in extent to build/fetch-from-binary-cache for a x86-64-linux
machine you need a builder for it.
NixOps has some heuristic to use the target hosts as the remote build automatically if the systems differ.
The error is related to a NAR file not having a hash. It might be an issue of using different versions of Nix between the local and remote system. Try upgrading everything to the latest version.
1 Like
I created a nixos machine on VirtualBox and can “nix ping-store” to it (I assume that no result is success, after getting error messages when I made a mistake). However, when I try to use it build something, I always get the error “cannot add path … because it lacks a valid signature”. Is there something I need to do to make sure that signatures are valid? I was reading about GPG signatures but couldn’t see that there was anything I was supposed to do.
I also had a lot of friction with how nixops
chose to do (remote/local) builds and where/how it did substitution. Folks might be interested in following or participating in this issue: Support building fully remotely · Issue #260 · NixOS/nixops · GitHub
edit: In fact, from there you can find your way to this issue, which is the exact issue described by OP here: Failure deploying containers from OS X · Issue #398 · NixOS/nixops · GitHub
Also, slight off-topic, but maybe relevant to someone… krops
is a seemingly simpler alternative to NixOps that would also appear to avoid the issue you’re having. I don’t have first-hand experience, and I don’t think krops
does any of the IaasS management layer stuff that NixOps can do, but it seems that it does the build remotely by default, based on the documentation:
- krops
-
krops will copy the file configuration.nix
to /var/src/nixos-config
on server01
and will clone nixpkgs
into /var/src/nixpkgs
. After that, krops will run nixos-rebuild switch -I /var/src
which will provision server01
.