Unfortunately it seems non-trivial to get nix-update to work with update
scripts outside of nixpkgs however I could write a script to automate
updating all packages in the future.
It turns out that having to do the `nat` shenanigans is no longer
necessary or was never necessary to begin with.
In either case, the simplified result is much easier to work with
due to no dependency on the localAddress.
The wg-mullvad interface was at some point renamed to wg0-mullvad.
Note that in the future this method can be used to prevent certain
containers from accessing the internet in a similar way.
At some point this started causing the /run/user/1000 directory to be
deleted when changing container configurations, which was definitely not
ideal.
An alternative approach will have to be taken if we want the wine
container to auto-start on boot.
This is the start of my fun attempt at using NixOS containers for web
services as a Docker replacement.
After spending some time on other servers I realized that I don't
actually *need* my dotfiles on those servers, so it becomes
significantly faster to build these containers without worrying about
home-manager and command-line programs I use on the host.
Main advantages include web service configuration with Nix instead of
Docker. Disadvantages include increased complexity for anything that
isn't already maintained by others in nixpkgs.
Using @attrs for the flake was cool at first, but this doesn't actually
work if we want to use our nix-config inside NixOS containers due to how
`self` works.
Because of this, it's easier to simply ban @attrs altogether and use
`nix-config` for everything since it's possible to access *all* the
inputs of nix-config from itself instead of having to manually inherit
each input we want (which could be any of them).
Previously we used a mobile-nixos config without the mobile-nixos
modules to start up a QEMU virtual machine on x86_64-linux without
having to worry about cross-compiling aarch64-linux.
Although this worked, the added complexity was not ideal and the
compilation time of the kernel with emulation was definitely not
ideal (5+ hours).
Note that I *may* add this again in the future, although I'd rather
set the system to x86_64-linux and cross-compile instead, which
mobile-nixos already supports but takes a large amount of ram.
It turns out that I shouldn't actually need graphical container support
for most containers, which might also improve build times with multiple
containers.
Prevents an issue where previously it'd be possible for a nixos-rebuild
to stop during the middle of compilation during a build failure, which
is problematic for longer builds.
Used for terminal-based slideshows with markdown. Wow your audience
with a cool terminal background blur effect not present in any other
mainstream tools.