Anyone with experience using NixOS to create a Lemmy instance, please share any caveats and troubleshooting tips you have.
- Lemmy Instance
- VaultWarden - Password manager
- Jellyfin - Movies/TV Shows
- Roon / Roon ARC - Music
- OneDev - Used to use Gitlab but couldn’t afford the self-hosted instance anymore and want the paid features, which this mostly has.
- Dokuwiki - Used to use as a wiki, switched to…
- Trilium - Similar to Obsidian but open source.
- Kavita - Comics/books
- TubeArchivist - YouTube video downloader/viewer
- PodGrab - Podcast manager
- Wallabag - Website article saver/bookmarker etc. If anyone has a better suggestion for FOSS bookmark management please let me know!
- Mealie - Recipe manager (grabs recipes from a ton of different sites)
I use TrueNAS Scale for my NAS and Ubuntu server for my VM’s/home server. I probably am forgetting something, but, that’s what’s listed in my Portainer :).
I’ve gotten that a few times too.
Oh hello, my instance is on NixOS!
There’s a NixOS module for lemmy, but it’s kind of broken right now and in the middle of a PR. If you want, you can replace the current nix package with the one from the fork, and successfully deploy it, however, if I were you, I’d just wait a week or so.The configuration right now requires a bunch of hacks, and even doing some non-reproducible stuff.
That PR link returns a 404.
This is my way of learning Nix/NixOS so I’d rather give it a go before the PR is merged.
Sorry, missed a character, try again
I’m so deep in the weeds. I don’t know what questions to ask.
Okay, I’ve actually figured simplifying it out, it’s not that bad. Let me share my config:
First, since the PR isn’t in
nixos-unstableyet, I’m adding the fork as a flake inputinputs = { nixpkgs-lemmy.url = "github:CobaltCause/nixpkgs/lemmy-module-improvements"; };then, in my system configuration, I add this:
# Not sure if this is required, maybe caddy auto-allows it networking.firewall.interfaces.eth0.allowedTCPPorts = [443 80]; # Override the lemmy module with the one from the PR disabledModules = ["services/web-apps/lemmy.nix"]; imports = [ "${inputs.nixpkgs-lemmy}/nixos/modules/services/web-apps/lemmy.nix" ]; services.lemmy = { database.createLocally = true; database.uri = "postgres:///lemmy?host=/run/postgresql&user=lemmy"; enable = true; settings = { hostname = "<YOUR_HOSTNAME>"; }; caddy.enable = true; };and, that’s it!
However, I’m not sure if it will cleanly deploy, as you might get an error while starting.
If so, please check postgresql logssudo journalctl -fu postgresql. The error will most likely be something like this:
[…][] ERROR: permission denied: "RI_ConstraintTrigger_a_16639" is a system trigger[…]If that happens, you need to manually run the migration until the fix is merged into Lemmy. Here’s how I did it:
sudo su - postgrespsql -v ON_ERROR_STOP=1 lemmy postgres- (in psql)
SET ROLE lemmy; - Paste the SQL code from here: https://github.com/LemmyNet/lemmy/issues/2784#issuecomment-1578337686
After that’s done, you can exit the postgres CLI by typing
\q, exit the postgres user and just simplysudo systemctl restart lemmywhich should start properly now, and be accessible to the outside network.
Open it and it will give you the initial setup screen. Good luck!Note that the PR got merged into nixpkgs now, but hasn’t made it’s way forward (see https://nixpk.gs/pr-tracker.html?pr=236295), so that’s why you need to do the override for now Also, a fix for the issue with the migrations (if still occuring) has been merged yesterday, but it’s not in any release yet, and especially not in nixpkgs. You could most likely get around it by using overrideAttrs to change the source to make it build from a newer commit.
Is this sort of lag the nature of package managers that will inherently be part of NixOS and nixpk?
Nixpkgs is by nature fully reproducible and declarative - that means you can’t write a nix package to just build from master branch. You also have to specify the sha256 hash to absolutely make sure the source is the same for everyone.
With flakes, it’s a bit easier, because if the package you’re trying to build has a flake, you can just update it in your own lockfile and it will be rebuilt from the latest version.
If using something from nixpkgs, you have to wait (or PR yourself) for someone to PR the update, or you can also use overrideAttrs to do a “private” fix.
For example, I’m using thewlsunsetprogram, but wanted to build from a different branch, so I did this:(wlsunset.overrideAttrs (old: { src = fetchFromSourcehut { owner = "~kennylevinsen"; repo = old.pname; rev = "81cfb0b4f8e44db9e5ecb36222a24d53a953e6aa"; sha256 = "sha256-Lxuhsk4/5EHuKPkBbaRtCCQ/LFvIxyc+VQYEoaVT484="; }; }))This just changes the source attribute to another commit and another sha hash, and it works fine.
While we were talking I updated lemmy-server using
overrideAttrsfor my own use. It’s honestly not that hard. You change the commit, specify some random incorrect hashes, build it, nix screams at you that the hash is incorrect (and generously provides the correct one), put the correct hash, and build again. Done.
FWIW, I’m running NixOS but gave up on running the Lemmy module. I gave up when I realized that Lemmy seems to need superuser access to the Postgresql server, to install plugins or whatever.
So instead, I used Arion to make a docker-compose image, running in podman. Works great so far.
Thanks for sharing your experience.
I have not read the full docs on setting up lemmy yet. But i don’t think it matters what distro you use as long as the distro can run docker. So setup docker and from their it is the same for any distro.
NixOS has native support for Lemmy, Docker/OCI containers are not needed.
That is cool. I did not know this. Still i think docker would be the most universal and simple way.
If someone is using NixOS, they would prefer native support. It’s easier to set up than Docker and fully integrated with the rest of their system’s configuration. Though NixOS also supports declaring OCI containers (with Docker or Podman) if needed.
do you have working config or flake available? im on latest unstable channel and it builds and installs fine but when trying to login or setup admin account i receive an error
syntaxerror: unexpected end of json inputwhich when traced in browser console it seems to do with captcha endpoint downgrade through reverse proxy. i use traefik so will have to investigate further
The point of Nix is to not use docker. Nix, in theory, eliminates the need for docker.
