Have you actually tried this? I was trying some time ago to get this running (you also need a keybase service service by the way) but I was unable to launch kbfs in a systemd user service due to mounts not working:

May 09 17:31:56 mildred kbfsfuse[13251]: 2017/05/09 17:31:56 mount helper error: fusermount: mount failed: Operation not permitted

Ahhh, the trick was /run/wrappers in the path - I had pkgs.fuse which doesn't work.

@peterhoeg Yeah, fusermount has a wrapper which needs to be called instead of the standard binary :)
Sorry, what do you mean I need a keybase service? These commits provide a kbfs service purely for running the Keybase Filesystem as a user service - for use with Keybase clients.

Sorry, what do you mean I need a keybase service? These commits provide a kbfs service purely for running the Keybase Filesystem as a user service - for use with Keybase clients.

If you want to run the Keybase GUI app, the keybase service is also needed. I mistakenly thought kbfs also required that service but that doesn't seem to be the case. If you're not planning on adding it as part of this, no problem, I'll do it later.

Cheers @peterhoeg - no I personally don't plan on using the GUI app at this moment.
If there's interest in it, someone can add it, or perhaps if I end up using it in the near future, I'll contribute a service for that also :)

@cmacrae, if I try running kbfs as a service without having launched the keybase server, I get a lot of these:

May 11 22:32:42 dolores kbfsfuse[12295]: 2017-05-11T22:32:42.545579 ▶ [WARN kbfs connection.go:370] 023 (CONN KeybaseDaemonRPC e41ff7d2) Connection: error dialing transport: dial unix /run/user/1000/keybase/keybased.sock: connect: no such file or directory
May 11 22:32:42 dolores kbfsfuse[12295]: 2017-05-11T22:32:42.545627 ▶ [WARN kbfs connection.go:535] 025 KeybaseDaemonRPC: connection error: "dial unix /run/user/1000/keybase/keybased.sock: connect: no such file or directory"; retrying in 2s
May 11 22:32:44 dolores kbfsfuse[12295]: 2017-05-11T22:32:44.545793 ▶ [WARN kbfs connection.go:370] 026 (CONN CryptoClient f336a259) Connection: error dialing transport: dial unix /run/user/1000/keybase/keybased.sock: connect: no such file or directory
May 11 22:32:44 dolores kbfsfuse[12295]: 2017-05-11T22:32:44.545835 ▶ [WARN kbfs connection.go:535] 027 CryptoClient: connection error: "dial unix /run/user/1000/keybase/keybased.sock: connect: no such file or directory"; retrying in 2s

@peterhoeg You're absolutely right... that's poor testing from me; I guess it was just working because I'd always had a keybase process forked in the background from using the CLI.

I'll implement this now :)

Cool, so with the above changes, I've added a keybase service - there wasn't much to be done here.
In light of that, I've then added a requirement of the keybase service for the kbfs service, such that:

• If kbfs starts, but keybase isn't up, it'll start it (kbfs automatically retries in a loop if keybase isn't up initially)
• If keybase stops gracefully/ungracefully, kbfs is automatically stopped (as it can't survive without it).

I've also enabled the keybase service at the end of the kbfs implementation, is this good practice?

Cheers for pointing this out @peterhoeg - bit silly of me not to notice 😉

I'm not sure the failure Travis is reporting is related ☝️
error: attribute ‘docker_17_04’ missing, at /Users/travis/.nox/nixpkgs/pkgs/top-level/all-packages.nix:13:2

Don't see how I could have impacted that with the changes I made 🙂

I'm not sure the failure Travis is reporting is related

It wasn't you. Fixed in 49d3b43

@peterhoeg 👍🏻

I have a few comments but I will only have time over the weekend to go through it. I'll get back to you then.

Alright, thanks @peterhoeg 👍

Okay, so I've implemented the changes outlined above, all seems to work good.

One weird side affect of changing to using serviceConfig.ExecStartPre/Post is that now every time the service is started... it seems to create a '$HOME' directory in the user's home directory, so for me that's:
/home/cmacrae/'$HOME'

I'm guessing this is a result of using mkdir -p %h/keybase (%h/keybase now being the default mountPoint value).

Hopefully that'll do it :) Only thing now is to work out the above (the creation of this $HOME directory)

@cmacrae, it works perfectly fine here without any odd directories showing up. Did you by chance set the mountpoint to "$HOME/keybase" instead of "%h/keybase" ?

@peterhoeg Nope, as the default is now set to %h/keybase I just left that and didn't specify a mountpoint. When I look at this '$HOME' directory, it's only contents are: .local/share/keybase (with all the keybase files residing in that directory).

That's so odd - it's working for me.

@peterhoeg So, it looks like it's the keybase service that's actually creating this directory

What does systemctl --user show keybase | grep HOME show?

@cmacrae I'm interested in running the GUI app, and it requires the mountpoint to be /keybase, so I think it would be worth it to change the mountpoint to that. Also, the keybase service needs to have a requires and after - I think it should be network-online.service - because as it stands, even using services.keybase.enable = true and services.kbfs.enable = true in configuration.nix does nothing

it requires the mountpoint to be /keybase

The keybase-gui launch script assumes the fs mounted at /keybase but you can simply launch the binary directly. That's what I do when running keybase-gui as a systemd service:

  systemd.user.services.keybase-gui =
    let
      services = [ "keybase.service" "kbfs.service" ];
    in {
      description = "Keybase GUI";
      requires = services;
      after = services;
      serviceConfig = {
        ExecStart = "${pkgs.keybase-gui}/share/keybase/Keybase";
        PrivateTmp = true;
      };
    };
  };
}

Also, the keybase service needs to have a requires and after - I think it should be network-online.service

That is incorrect. keybase and kbfs both run as user services while network.service and network-online.service are system services. User services don't know anything about system services.

because as it stands, even using services.keybase.enable = true and services.kbfs.enable = true in configuration.nix does nothing

That's a different issue. Can you dump your configuration somewhere and we'll see how to get it working?

@peterhoeg sorry for the delay! You're right about user services, I wasn't thinking of that. Regardless, here's the relevant portion of my configuration.nix:

environment.systemPackages = with pkgs; [
  keybase
  keybase-gui
  kbfs
];

services.kbfs = {
  enable = true;
  mountPoint = "/keybase";
};

The problem I'm having is that neither keybase.service nor kbfs.service actually start when I log in.

Here is my entire keybase.nix config:

{ config, lib, pkgs, ... }:

let
  slice = "keybase.slice";

in {
  services.kbfs = {
    enable = true;
    mountPoint = "%t/kbfs";
    extraFlags = [
      "-label %u"
    ];
  };

  systemd.user.services = {
    keybase.serviceConfig.Slice = slice;
    kbfs = {
      environment = {
        KEYBASE_RUN_MODE = "prod";
      };
      serviceConfig.Slice = slice;
    };

    keybase-gui =
    let
      services = [ "keybase.service" "kbfs.service" ];
    in {
      description = "Keybase GUI";
      requires = services;
      after = services;
      serviceConfig = {
        ExecStart = "${pkgs.keybase-gui}/share/keybase/Keybase";
        PrivateTmp = true;
        Slice = slice;
      };
    };
  };
}

Then systemctl --user start keybase-gui brings up the GUI and starts whatever needs to be started.