ob deploy push fails

[ninjalf2]

I followed this part of the README: https://github.com/obsidiansystems/obelisk?tab=readme-ov-file#default-ec2-deployment

But when I run ob deploy push, I get this:

user@ubuntu:~/obelisk-deploy$ ob deploy push
DONE Built on ./.obelisk/impl [command]
Process exited with code 1; nix-build /home/user/obelisk-deploy/src -A server.system --argstr hostName ___ --argstr adminEmail ____ --argstr routeHost ___ --arg redirectHosts $'[]' --argstr version 81e6f6c68500a3e7131925ad4fc1e0977add586d --arg enableHttps true --argstr configHash 418ccee2dfd9debb586a979359ecbfe99d6fc7a3 --arg module $'import /home/user/obelisk-deploy/module.nix' --no-out-link
FAILED Running nix-build on /home/user/obelisk-deploy/src [server.system]

I have blanked my parameters but it might be relevant that I used the same argument for route as for server, because I don't have another DNS entry available just now.

[alexfmpe]

Does enabling verbose output show anything of interest?
ob deploy push -v

Alternatively, what happens if you manually run the nix-build command shown to be erroring?

[ninjalf2]

If I run the command manually I get this:

user@ubuntu:~/obelisk-deploy$ nix-build /home/user/obelisk-deploy/src -A server.system --argstr hostName ___ --argstr adminEmail ___ --argstr routeHost ___ --arg redirectHosts $'[]' --argstr version 81e6f6c68500a3e7131925ad4fc1e0977add586d --arg enableHttps true --argstr configHash 418ccee2dfd9debb586a979359ecbfe99d6fc7a3 --arg module $'import /home/user/obelisk-deploy/module.nix' --no-out-link
error:
       \u2026 while calling the 'head' builtin
         at /nix/store/ahg8gp1z3qrw1ds5vx2324j72i7y9vjg-source/lib/attrsets.nix:522:11:
          521|         || pred here (elemAt values 1) (head values) then
          522|           head values
             |           ^
          523|         else

       \u2026 while evaluating the attribute 'value'
         at /nix/store/ahg8gp1z3qrw1ds5vx2324j72i7y9vjg-source/lib/modules.nix:719:9:
          718|     in warnDeprecation opt //
          719|       { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
             |         ^
          720|         inherit (res.defsFinal') highestPrio;

       \u2026 while evaluating the option `system.build.toplevel':

       \u2026 while evaluating definitions from `/nix/store/ahg8gp1z3qrw1ds5vx2324j72i7y9vjg-source/nixos/modules/system/activation/top-level.nix':

       (stack trace truncated; use '--show-trace' to show the full, detailed trace)

       error:
       Failed assertions:
       - You must accept the CA's terms of service before using
       the ACME module by setting `security.acme.acceptTerms`
       to `true`. For Let's Encrypt's ToS see https://letsencrypt.org/repository/

Quite telling. Although I don't know where to put that security.acme.acceptTerms setting.
My module.nix looks like this: (import ./src {}).obelisk.serverModules.mkBaseEc2

Also, if it's not unique to my setup, it should probably be mentioned in the README or already set.

[alexfmpe]

The setting should be in your default.nix already, e.g.

obelisk/skeleton/default.nix

Lines 11 to 14 in 135bfd7

	# In order to use Let's Encrypt for HTTPS deployments you must accept
	# their terms of service at https://letsencrypt.org/repository/.
	# Uncomment and set this to `true` to indicate your acceptance:
	# terms.security.acme.acceptTerms = false;

[ninjalf2]

But that is in my code directory and not my deploy directory.

The readme says to

cd ~/code/myapp-deploy
ob deploy push

So surely my default.nix from the code repo is not used here?

[alexfmpe]

That default.nix is exactly what import ./src {} refers to (after the thunk indirection is resolved)