I ran into this error when trying to run `opendkim-genkey` in a vars
generator:
```console
=========================================================================== Command ===========================================================================
nix \
--extra-experimental-features 'nix-command flakes' \
shell \
--inputs-from /nix/store/9r3ddw80dz4qzci9pj57ppbh6gy2pgv9-clan-cli/lib/python3.12/site-packages/clan_cli/nixpkgs \
'nixpkgs#bash' \
'nixpkgs#bubblewrap' \
-c bwrap \
--unshare-all --tmpfs \
/ \
--ro-bind /nix/store \
/nix/store \
--dev /dev \
--bind /tmp/nix-shell.ClOjgJ/vars-kh4qrnas \
/tmp/nix-shell.ClOjgJ/vars-kh4qrnas \
--chdir / \
--bind /proc \
/proc \
--uid 1000 \
--gid 1000 \
-- bash \
-c /nix/store/p0089w4y1w3h535g7ipv4jl4r6mb2hs2-generator-dkim-playground.jflei.com.mail
=========================================================================== Stderr ============================================================================
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = (unset),
LC_NUMERIC = (unset),
LC_COLLATE = (unset),
LC_TIME = (unset),
LC_MESSAGES = (unset),
LC_MONETARY = (unset),
LC_ADDRESS = (unset),
LC_IDENTIFICATION = (unset),
LC_MEASUREMENT = (unset),
LC_PAPER = (unset),
LC_TELEPHONE = (unset),
LC_NAME = (unset),
LANG = "en_US.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
Can't exec "/bin/sh": No such file or directory at /nix/store/nfawbww80p1hgpymfgq1vq8wqlak75yh-opendkim-2.11.0-Beta2/sbin/.opendkim-genkey-wrapped line 139.
.opendkim-genkey-wrapped: openssl died with signal %d
127
Return Code: 1
1 hosts failed with an error. Check the logs above
```
As we allow `/bin/sh` in the nix build sandbox, I assume we're OK
allowing it here as well?
... for now only when updating a machine (not when installing)
Whenever the user clicks on the update button in the machine view, and only if user input is needed for some missing vars, the user will be forwarded to a vars page.
Invalidation doesn't need to be done after each generator is executed.
We cannot interpolate values from other generators into another
generator. The generators are executed in order. The finalScript of each
generator stays constant.
After the complete closure is generated the caller of generate may
decide to invalidate the flake cache
* Switch `Generator`'s `validation` from a regular property to
an `@property` annotated method backed by `Machine`'s `eval_nix()`.
* Ensure that `Machine`'s flake cache is flushed after each
effectful generator execution (rather than only after all
generators have been executed).
On macOS mktemp returns a temporary directory in a symlink.
Nix has a bug where it won't accept path:// located in a symlink.
This avoid this issue by always resolving symlinks as returned by
TemporaryDirectory.
- `delete` lets you delete a specific var under a specific generator;
- `delete_store` deletes an entire store.
The `delete` method could be useful to "garbage-collect" unused vars as
a machine's configuration changes.
The `delete_store` method can be used to delete all the vars for a
machine when the machine is deleted. The current behavior is to leave
everything behind.
Important point:
- `delete_store` needs to be idempotent because public and
"private"/"secret" vars for a machine can share the same physical
store (directory), and deleting either type of store (public or
private) will delete both.
