Hacker News — vinext + Cloudflare Workers

new
past
show
ask
show
jobs
submit

▲I can haz smoller NixOS ISOs? (natkr.com)

32 points by birdculture 2 days ago | 5 comments

craftkiller 1 days ago [-]

That's how I manage all of my virtual machines: building an ISO from a NixOS config and booting it as a virtual machine. I'm going to take some time to see what bits of this I can copy to slim down my ISOs.

One additional benefit: I build all my software from source (by disabling the nix cache) so stripping out these extra programs will not only slim down my ISOs but it will also reduce the build time.

khuedoan 1 days ago [-]

Curious bout your use case for building all software from source, is it because you're worried about the supply chain since nixpkgs builds don't have reproducibility guarantee?

craftkiller 23 hours ago [-]

I was already building the vast majority of it from source because I enable CPU optimizations for the specific microarchitecture in the machine (nixpkgs.hostPlatform.gcc.arch and nixpkgs.hostPlatform.gcc.tune), so once I learned about the risk of supply chain attack on the nix cache, disabling it entirely was a pretty small change.

So far, I'd say the biggest negative (aside from the build times that I was already experiencing due to the optimizations) is that GNU savannah will temporarily IP ban you when you download too much from them. For example, building the grub that is used for the ISOs downloads like 70+ patches from GNU Savannah which frequently triggers the IP ban.

nylonstrung 22 hours ago [-]

https://sidhion.com/blog/nixos_server_issues/

Here's another good article on the topic

It's unfortunate that Perl and Python are core deps, as well as Bash

lordkrandel 1 days ago [-]

Hey, thanks, nice adventure! I will have a look. I'm trying to ditch Arch for NixOS and I'm starting from Distrobox probably. Super useful!

Rendered at 13:22:07 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.