nix-docker
nix-docker copied to clipboard
Published
20 hours ago •
LnL7
LnL7
the group 'nixbld' specified in 'build-users-group' does not exist
i cloned the repo and executed the ./start-docker-nix-build-slave script and then followed the guide in the https://github.com/LnL7/nix-docker#building-an-image guide and then in the new environment:
nixops deploy -d test
i get these errors:
... many lines
error: the group 'nixbld' specified in 'build-users-group' does not exist
i've tried this on docker host:
echo "build-users-group =" > /etc/nix/nix.conf'
but it didn't change the error message nor fix it.
system definition
- host: mac os x
- guest: nixos in docker container
i tried to add it to both but it didn't change a thing.
issues with nixops
even though this error was blocking me i had a look at the drv file which didn't build:
/nix/store/rn1k9f45igv5brly8y8lrfq0x84jxxm9-nixops-machines.drv
Derive([("out","/nix/store/ji3nqanf2prsgfava1jara1mzkqm3r5n-nixops-machines","","")],[("/nix/store/bm3s4xgqmcy5k73mb8g42kpw4jrwybk2-nixos-system-uberjarServer-17.09.git.4711d6b.drv",["out"]),("/nix/store/pm59s7l2g9zb8vr1sxp1gv3fmb0da9nf-stdenv-darwin.drv",["out"]),("/nix/store/y5zsrwhnnnkkl6a3ddgz5yrwv18h896l-bash-4.4-p12.drv",["out"])],["/nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25b-default-builder.sh","/nix/store/z347hsajryw593h802ggb63lbr3gpv2b-standard-sandbox.sb"],"x86_64-darwin","/nix/store/vkh1qq7m28v6wajva1k50a4i8x3l0r9c-bash-4.4-p12/bin/bash",["-e","/nix/store/9krlzvny65gdc8s7kpb6lkx8cd02c25b-default-builder.sh"],[("__impureHostDeps","/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation /dev/zero /dev/random /dev/urandom /bin/sh"),("__propagatedImpureHostDeps",""),("__propagatedSandboxProfile",""),("__sandboxProfile","(allow file-read* (literal \"/usr/lib/libncurses.5.4.dylib\"))\n(import \"/nix/store/z347hsajryw593h802ggb63lbr3gpv2b-standard-sandbox.sb\")\n"),("buildCommand","mkdir -p $out\nln -s /nix/store/jkdwgdzq67q41sh5w2yrzv4qd8dkh9d4-nixos-system-uberjarServer-17.09.git.4711d6b $out/uberjarServer\n\n"),("buildInputs",""),("builder","/nix/store/vkh1qq7m28v6wajva1k50a4i8x3l0r9c-bash-4.4-p12/bin/bash"),("name","nixops-machines"),("nativeBuildInputs",""),("out","/nix/store/ji3nqanf2prsgfava1jara1mzkqm3r5n-nixops-machines"),("passAsFile","buildCommand"),("preferLocalBuild","1"),("propagatedBuildInputs",""),("propagatedNativeBuildInputs",""),("stdenv","/nix/store/mdyvmyq59qbhd7ahi10lx3766p5q4w1d-stdenv-darwin"),("system","x86_64-darwin")])
i changed between shells (the one with the nix-docker drop-in builder and a vanialla one with only nix-* utils. finally i did:
nix-store --indirect -r -k /nix/store/rn1k9f45igv5brly8y8lrfq0x84jxxm9-nixops-machines.drv
to build it and afterwards:
nixops deploy -d test
was working somehow.
python exception
i seen a python exception since one service didn't come up and thus the deployment script (nixops) thought this is a critical error and errored out. is this normal?
nixops deploy -d test -I nixpkgs=/Users/josh/nixpkgs
warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
building all machine configurations...
warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
uberjarServer> copying closure...
Warning: Permanently added '188.226.143.138' (ED25519) to the list of known hosts.
uberjarServer> warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
test> closures copied successfully
uberjarServer> updating GRUB 2 menu...
uberjarServer> activating the configuration...
uberjarServer> setting up /etc...
uberjarServer> setting up tmpfiles
uberjarServer> warning: the following units failed: acme-uberjar.nixcloud.it.service, dnsmasq.service
uberjarServer>
uberjarServer> ● dnsmasq.service - Dnsmasq Daemon
uberjarServer> Loaded: loaded (/nix/store/khhn699kdmnyxwdkgy2bnisj9bh45044-unit-dnsmasq.service/dnsmasq.service; enabled; vendor preset: enabled)
uberjarServer> Active: failed (Result: exit-code) since Wed 2017-07-05 16:50:24 UTC; 1s ago
uberjarServer> Process: 4307 ExecStart=/nix/store/ph6n51r40zxpdbj9jx2dd1ws5fcnypb9-dnsmasq-2.76/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C /nix/store/vslf784imj3djdxm1ncdm4mlj3vl5wxi-dnsmasq.conf (code=exited, status=5)
uberjarServer> Process: 4291 ExecStartPre=/nix/store/qhzglp6yhsgp1znwkwf98hhsqwkaixvn-unit-script/bin/dnsmasq-pre-start (code=exited, status=0/SUCCESS)
uberjarServer> Main PID: 4307 (code=exited, status=5)
uberjarServer>
uberjarServer> Jul 05 16:50:24 uberjarServer systemd[1]: Starting Dnsmasq Daemon...
uberjarServer> Jul 05 16:50:24 uberjarServer dnsmasq-pre-start[4291]: dnsmasq: syntax check OK.
uberjarServer> Jul 05 16:50:24 uberjarServer dnsmasq[4307]: dnsmasq: DBus error: Connection ":1.13" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
uberjarServer> Jul 05 16:50:24 uberjarServer dnsmasq[4307]: DBus error: Connection ":1.13" is not allowed to own the service "uk.org.thekelleys.dnsmasq" due to security policies in the configuration file
uberjarServer> Jul 05 16:50:24 uberjarServer dnsmasq[4307]: FAILED to start up
uberjarServer> Jul 05 16:50:24 uberjarServer systemd[1]: dnsmasq.service: Main process exited, code=exited, status=5/NOTINSTALLED
uberjarServer> Jul 05 16:50:24 uberjarServer systemd[1]: Failed to start Dnsmasq Daemon.
uberjarServer> Jul 05 16:50:24 uberjarServer systemd[1]: dnsmasq.service: Unit entered failed state.
uberjarServer> Jul 05 16:50:24 uberjarServer systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
uberjarServer>
uberjarServer> ● acme-uberjar.nixcloud.it.service - Renew ACME Certificate for uberjar.nixcloud.it
uberjarServer> Loaded: loaded (/nix/store/6gaivryvrdx4wa6411p16n8sqi87fdmi-unit-acme-uberjar.nixcloud.it.service/acme-uberjar.nixcloud.it.service; enabled; vendor preset: enabled)
uberjarServer> Active: failed (Result: exit-code) since Wed 2017-07-05 16:50:26 UTC; 38ms ago
uberjarServer> Process: 4285 ExecStart=/nix/store/1y1rgimi4f2g3r330axk2y2d5ja93dh5-unit-script/bin/acme-uberjar.nixcloud.it-start (code=exited, status=2)
uberjarServer> Process: 4273 ExecStartPre=/nix/store/5qwi1b7bvfvl2xykfjr29rimamq7p00g-unit-script/bin/acme-uberjar.nixcloud.it-pre-start (code=exited, status=0/SUCCESS)
uberjarServer> Main PID: 4285 (code=exited, status=2)
uberjarServer>
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: r = adapter.send(request, **kwargs)
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: File "/nix/store/7aby52g9sdjjym5hdzd6yf751rzmcrfs-python2.7-requests-2.13.0/lib/python2.7/site-packages/requests/adapters.py", line 487, in send
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: raise ConnectionError(e, request=request)
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: ConnectionError: HTTPSConnectionPool(host='acme-v01.api.letsencrypt.org', port=443): Max retries exceeded with url: /directory (Caused by NewConnectionError('<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7fa173b6b990>: Failed to establish a new connection: [Errno -2] Name or service not known',))
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: Unhandled error has happened, traceback is above
uberjarServer> Jul 05 16:50:26 uberjarServer acme-uberjar.nixcloud.it-start[4285]: Debugging tips: -v improves output verbosity. Help is available under --help.
uberjarServer> Jul 05 16:50:26 uberjarServer systemd[1]: acme-uberjar.nixcloud.it.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
uberjarServer> Jul 05 16:50:26 uberjarServer systemd[1]: Failed to start Renew ACME Certificate for uberjar.nixcloud.it.
uberjarServer> Jul 05 16:50:26 uberjarServer systemd[1]: acme-uberjar.nixcloud.it.service: Unit entered failed state.
uberjarServer> Jul 05 16:50:26 uberjarServer systemd[1]: acme-uberjar.nixcloud.it.service: Failed with result 'exit-code'.
uberjarServer> error: Traceback (most recent call last):
File "/nix/store/s4xf0nk5w09a4j9nvby9m8ib659vqhhd-nixops-2017-05-22/lib/python2.7/site-packages/nixops/deployment.py", line 705, in worker
raise Exception("unable to activate new configuration")
Exception: unable to activate new configuration
@LnL7 When building a docker image for nix, setting up nixbld users even without installing the daemon can be helpful sometimes, e.g. when building nixpkgs.google-chrome-dev, it always fail with a cryptic permission error, but builds fine when nixblds is set up.
