Posts

We rely heavily on spot instances in our infrastructure, with most of our production workloads running on them. Spot instances are significantly cheaper than on-demand instances, but their prices are not fixed—they can change every minute. Therefore, we must monitor spot prices to ensure we’re not paying more than the on-demand rates. Understanding AWS Spot Pricing AWS Spot Instances operate on a supply-and-demand model where prices fluctuate based on the available EC2 capacity and current demand for compute resources. Here’s how the pricing mechanism works: ...

Zed Editor is a promising new code editor built with performance in mind. Below, I’ll share how I configured Zed using Nix and Home Manager to create a consistent and reproducible development environment. File Structure First, let’s look at how the configuration files are organized: nix-config/ └── modules/ └── darwin/ └── programs/ └── zed-editor/ ├── default.nix ├── extensions.nix ├── lsp.nix ├── settings.nix └── terminal.nix Integration with Home Manager To use this configuration with Home Manager, you’ll need to import it in your Home Manager configuration. Here’s how you can set it up: ...

Aerospace is a tiling window manager for MacOS inspired by i3. It’s currently in public beta, and I have been using it for the last few weeks, and really come to like it. One of the first issues I ran into was that the default keymappings did not play well with a norwegian keyboard layout that I’m running. Quite a few of the default keymappings where in direct conflict with for example |, {}, [], $ and so on. I tend to use these symbols quite a lot. ...

Atuin is a nice tool to sync, search and backup shell history between machines. This post describes how to setup a Atuin server with TLS on NiXOS and how to use home-manager to configure the client. Server setup We are going to install the Atuin service and set up a ngnix reverse proxy to terminate TLS. Add the following to your configuration file of choice, for example configuration.nix security.acme.acceptTerms = true; security.acme.certs = { "atuin.example.com".email = "<e-mail>>"; }; services.nginx = { enable = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { "atuin.example.com" = { enableACME = true; forceSSL = true; locations."/" = { proxyPass = "http://127.0.0.1:8888"; proxyWebsockets = false; extraConfig = "proxy_ssl_server_name on;" + "proxy_pass_header Authorization;" ; }; }; }; }; services.atuin = { enable = true; openFirewall = false; openRegistration = true; }; I created a small module to install Atuin on my clients machines. ...

There are a high number of posts on this topic, but I was still not able to find a solution that worked well for me. I don’t believe my setup is that special, but I want everything to be declarative. Short summary of what I’m using: MacOS NiX Home-manager Fish shell No use of ssh-agent from earlier YubiKey 5c Note: The current version of OpenSSH on MacOS does not support the sk-options, so we will need to use a version of OpenSSH from the nixpkgs or homebrew. I’m using a version from nixpkgs. ...

Ngnix is my preffered reverse proxy. I use it both in k8s clusters as an ingress controller, as well on old school servers. As a reverse proxy, it can be used to route traffic to different services running on the same machine. It can also be used to terminate TLS connections and handle TLS certificates. As I’m tinkering with NixOS I wanted to create a simple Nginx configuration that would allow me to route traffic to different services running on the same machine. I also wanted to use Let’s Encrypt to automatically generate and renew TLS certificates. ...