The command "sudo ob init" fails in the image nixos/nix in gitpod.

[romefeller]

Using this image nixos/nix, the command "sudo ob init" fails with the following error in gitpod.

Cloning into '/tmp/ob-init-d256638524233314/.obelisk/impl'... HEAD is now at 7ad33cb Merge pull request #829 from obsidiansystems/aa/rp070 -> Setting up obelisk DONE Built on /tmp/ob-init-d256638524233314/.obelisk/impl [command] /tmp/ob-init-d256638524233314/.obelisk/impl: command not cached, building ... Tip: Press Ctrl+e to display full output -> Setting up obelisk DONE Built on /tmp/ob-init-d256638524233314/.obelisk/impl [command] /tmp/ob-init-d256638524233314/.obelisk/impl: skeleton not cached, building ... Process exited with code 1; nix-build /tmp/ob-init-d256638524233314/.obelisk/impl -A skeleton --out-link /tmp/ob-init-d256638524233314/.obelisk/impl/.attr-cache/skeleton.out -> Setting up obelisk FAILED Running nix-build on /tmp/ob-init-d256638524233314/.obelisk/impl [skeleton] FAILED Setting up obelisk

[romefeller]

My dockerfile: FROM nixos/nix

RUN set -ex && apk --no-cache add sudo RUN echo "ALL ALL=(ALL) NOPASSWD: ALL " > /etc/sudoers RUN echo "sandbox = true" > /etc/nix/nix.conf RUN echo "binary-caches = https://cache.nixos.org https://nixcache.reflex-frp.org" >> /etc/nix/nix.conf RUN echo "binary-cache-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI=" >> /etc/nix/nix.conf RUN echo "binary-caches-parallel-connections = 40" >> /etc/nix/nix.conf RUN echo "substituters = https://cache.nixos.org/ https://nixcache.reflex-frp.org" >> /etc/nix/nix.conf RUN echo "trusted-public-keys = ryantrinkle.com-1:JJiAKaRv9mWgpVAz8dwewnZe0AzzEAzPkagE9SP5NWI= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" >> /etc/nix/nix.conf

RUN nix-env -f https://github.com/obsidiansystems/obelisk/archive/master.tar.gz -iA command

[ryantrinkle]

Interesting! Is it necessary to run ob init as root? That's not a use case I've considered before, although I'm not aware of a reason it shouldn't work.

[romefeller]

I think nix is misbehaving in this setting. I'm trying to run obelisk with fewer resources as possible (like a docker container in gitpod).

Here what happens without sudo.

gitpod /workspace/obelisk-aula/app1 $ ob init Process exited with code 1; /nix/store/nk4px4bjp0kiss27n5dyrwsj9xgflwhp-nix-2.3/bin/nix-prefetch-url --unpack --type sha256 $'https://github.com/obsidiansystems/obelisk/archive/7ad33cbe3e84b209e83c505ce25486445bbd602e.tar.gz' nix-prefetch-url: Failed to determine sha256 hash of URL https://github.com/obsidiansystems/obelisk/archive/7ad33cbe3e84b209e83c505ce25486445bbd602e.tar.gz FAILED Setting up obelisk

---

If I try to run the nix command without sudo: /nix/store/nk4px4bjp0kiss27n5dyrwsj9xgflwhp-nix-2.3/bin/nix-prefetch-url --unpack --type sha256 $'https://github.com/obsidiansystems/obelisk/archive/7ad33cbe3e84b209e83c505ce25486445bbd602e.tar.gz'error: opening lock file '/nix/var/nix/db/big-lock': Permission denied

With sudo: gitpod /workspace/obelisk-aula/app1 $ sudo /nix/store/nk4px4bjp0kiss27n5dyrwsj9xgflwhp-nix-2.3/bin/nix-prefetch-url --unpack --type sha256 $'https://github.com/obsidiansystems/obelisk/archive/7ad33cbe3e84b209e83c505ce25486445bbd602e.tar.gz' unpacking... [10.3 MiB DL] path is '/nix/store/ban0l6kci3f7j8xw25svj0qkvf9zr9ix-7ad33cbe3e84b209e83c505ce25486445bbd602e.tar.gz' 0dlk8y6rxc87crw7764zq2py7nqn38lw496ca1y893m9gdq8qdkz

That's why I have to use sudo.

[madeline-os]

Can you run this command, or something similar to account for tmp stuff, manually and examine the output? nix-build /tmp/ob-init-d256638524233314/.obelisk/impl -A skeleton --out-link /tmp/ob-init-d256638524233314/.obelisk/impl/.attr-cache/skeleton.out