<johnw>
I needed this tonight, and there you are again, rocking my nix world :)
<LnL>
:D
<johnw>
are you an Emacs user?
<LnL>
nope, vim
<johnw>
how do I nix-build just the dependencies of a project, but not the project itself?
<johnw>
I want to create a layer in this Dockerfile that contains everything my default.nix needs
<LnL>
nix-shell kind of does that
<johnw>
true
<johnw>
but that needs a shell.nix
<johnw>
I was hoping to use only the default.nix
<johnw>
interesting, just .env
<LnL>
also, if you don't need nix inside of the container you should look at the dockerTools in nixpkgs
<johnw>
I need nix in the container
<johnw>
the whole point of this exercise is for me to be able to fully specify my entire application using Nix, and then deliver a Dockerfile to someone who doesn't know or care or want to know about Nix, so that all they have to do is type "docker build ."
<LnL>
ah cool
<johnw>
yeah, so your stuff is perfect
<johnw>
if they were a fellow nix user, I'd totally go the dockerTools route, which would actually be better as an end result
<johnw>
but their machine doesn't have Nix and so couldn't build it
<LnL>
I know a few people also use it for CI stuff at work
<johnw>
yeah, it's a great idea
<LnL>
including myself, since I set my master plan in motion
<johnw>
sometimes you want Nix on the outside declaring what goes into the image; other times you want Nix on the inside so you can still declare but insulate others who will want to build that image themselves
<LnL>
well ideally every host has nix, then you can get rid of that annoying docker part ;)
<johnw>
yeah
<johnw>
well, except that nix can't make containers for me on Mac
<dhess>
these folks are doing macOS "containers," of a sort. https://veertu.com
<dhess>
I haven't tried it yet
<LnL>
aren't those the guys that made a ui for xhyve
<dhess>
yeah. Unfortunately they abandoned that to work on this new thing.
<dhess>
It was quite nice. All it needed (for me, anyway) was USB passthrough support.
<johnw>
LnL: how do I configure nixpkgs within nix-docker?
<LnL>
whaaa, this new thing looks awesome to run my tests in
<LnL>
to reduce the size you'd build the base system yourself based on the same nixpkgs version
<johnw>
LnL: your nix-docker will also give me a Linux builder for making other Docker images with dockerTools :)
<dhess>
LnL: oh if you end up using it I'd love to hear how it works
<LnL>
but you can change NIX_PATH to whatever you want
<johnw>
LnL: I meant, creating the equivalent of a ~/.nixpkgs/config.nix. Ah, I point to it with NIX_PATH
<johnw>
dhess: yeah, I had heard it was a hacky bunch of Perl 3 years ago
<johnw>
which couldn't hold up to serious deployment scenarios
<dhess>
oh you mean in general I guess
<LnL>
it's python AFAIK
<dhess>
it is Python.
<johnw>
how do I build only dependencies the way nix-shell does, but using nix-build and a typical default.nix file?
<dhess>
anyway I use it for everything now, but more importantly, companies like IOHK are using it for commercial deployments as well
<dhess>
and SnabbLab
<LnL>
I have a machine deployed somewhere, but the only thing I do is upgrade it every 6moths after changing like 2 lines in the configuration :p
<johnw>
dhess: nice
<dhess>
NixOps has completely changed the way I work. It's fantastic.
<dhess>
deploy a new machine in about 5 minutes with one command
<johnw>
dhess: I'd love to see a writeup
<dhess>
johnw: I am slowly publishing most of the stuff on GitHub, so there'll be that, at least. And domenkozar has given a few talks about it that you can find on Youtube
johnw_ has joined #nix-darwin
johnw has quit [Ping timeout: 256 seconds]
<johnw_>
do I identify config.nix with config=config.nix or nixpkgs-config=config.nix?
<johnw_>
ah, NIXPKGS_CONFIG
<dhess>
LnL: can that nix-docker run NixOS tests?
<LnL>
no, you need qemu for that
<dhess>
oh bummer
<LnL>
or if it works it’s insanely slow
<LnL>
you can try adding supportedSystems = [ "kvm" ]; to the builder config
<dhess>
I suspect you're right, it's going to fail outright or run in emulation mode
<dhess>
although maybe qemu does what VMware used to do on non-vmx-enabled hosts and patches privileged instructions on the fly?
<dhess>
that wouldn't be too bad
<LnL>
I remember running nixos-rebuild build-vm in a veertu vm once and that was basically unusable
<LnL>
but I didn't know about virtualisation.graphics = false; so maybe it's fine with console only
<dhess>
I used to use Veertu for NixOS and it was OK. I don't think I ran any VMs though.
<periklis>
can someone with macos sandbox-knowledge elaborate if we can run integration tests on a postgres bootstrapped and run during nix-build isolation?
<dhess>
huh I wonder if I should be using virtualisation.graphics = false
<dhess>
LnL: weird, nothing obvious in the changelog from working build to broken build. Looked like just a bunch of package updates to me
<LnL>
yeah, I'll bisect
<dhess>
I want a bisect feature in Hydra :)
<LnL>
was just thinking of making an alias that does that :p
<LnL>
I already have all of the building blocks
<dhess>
would it just keep creating jobsets or something?
<LnL>
oh no, build locally
<LnL>
but query the hydra api for the last good/bad revision
<dhess>
oh I see
<LnL>
I get 7880caca48ca3b0f7f3157b8d9be79a52b457240
<dhess>
xml :(
<dhess>
every time I see libxml being used I pour one out for s-expressions
acowley has joined #nix-darwin
<LnL>
testing a possible fix, since it works on master
<LnL>
btw, how do you guys handle GPG_TTY for remote machines?
<LnL>
thinking of setting that in a test -n "$TMUX"
<dhess>
I'm using the `extra-socket /Users/dhess/.gnupg/S.gpg-agent.extra` trick now with ssh forwarding
<dhess>
it's so nice.
<dhess>
it does occasionally fail to work for reasons I haven't figured out. Once in awhile my NixOS box where I'm tramp-editing will start a local gpg-agent rather than fowarding to my local one