thein3rovert Log 1765728643

14 Dec, 2025

10 Dec, 2025

Focus on Storage Migration and System Builds:

Following MinIO S3 turning off their open-source community license, I have been searching for alternatives and have identified Garage as the next option based on my research.
I currently use MinIO for my Terraform state backend and file backups, so I need to prioritize setting up Garage to prevent data loss. I plan to focus on this over the next few days.
Since I use NixOS, I had hoped there would be a standard NixOS way to enable Garage; while the necessary options exist under myNixos, the package has not been updated yet. If I run into issues, I will settle for the Docker option.
I experienced very long build times (almost 1 hour) for packages like Zed and n8n on NixOS. My last package update was three weeks prior, so I did not anticipate such a long build time for Zed.
Building packages pushed my RAM usage high (up to 10.2GiB on a 16GiB machine). I wished there was a way to build packages individually on Nix instead of all at once.
The lengthy server update time was ultimately traced back to a second zeditor package I was fetching from a different, frequently updated NixOS package branch, which had an unstable latest package for Zed. Removing this second package resolved the issue.
I was experiencing an issue with the n8n service where it was throwing a "cannot connect to server" message, suggesting they were releasing patches.
The issue with n8n was eventually solved in a subsequent package version, as other users were also experiencing it. However, when it started working again, I did not recover all my data or created workflows, and my credentials were cleared off.

14 Dec, 2025

Garage S3 Setup and Secret Management:

I successfully set up the access keys and ID for Garage.
The keys were then added to aws-cli and minio-client to enable bucket management.
The setup was challenging with Nix because I wanted to ensure secure credential management.
I chose to use agenix for secret management. While agenix generally works well with Nix services, there is no built-in function for passing secrets into system environment variables.
To resolve this, I implemented a "hacky solution": decrypting the key during runtime using agenix and then piping the result of the decrypted key into the system environment variable.