<glenndavy>
OK, so single user mode working, but I sill have the original problem, that is, that nix-build can’t access SSH* sockets etc to be able to pull from private git repos
<LnL>
oh, how are you fetching those?
sierraDelta has quit [Remote host closed the connection]
ejpcmac has quit [Write error: Connection reset by peer]
dtz has quit [Read error: Connection reset by peer]
kaychaks[m] has quit [Write error: Connection reset by peer]
ysndr_ has quit [Read error: Connection reset by peer]
thefloweringash has quit [Remote host closed the connection]
matthewbauer has quit [Remote host closed the connection]
Ericson2314 has quit [Remote host closed the connection]
mog has quit [Ping timeout: 244 seconds]
Ericson2314 has joined #nix-darwin
mog has joined #nix-darwin
ejpcmac has joined #nix-darwin
kaychaks[m] has joined #nix-darwin
dtz has joined #nix-darwin
thefloweringash has joined #nix-darwin
matthewbauer has joined #nix-darwin
sierraDelta has joined #nix-darwin
ysndr_ has joined #nix-darwin
periklis has joined #nix-darwin
jtojnar has joined #nix-darwin
<glenndavy>
LnL, how do you mean? bundix makes a nix file called gemfile.nix, nix-build does building things, which includes using nix-prefetch-git to pull gem repos from github
<LnL>
that doesn't work for private repositories, regardless of single/multi user
<glenndavy>
LnL: why not? Whats weird is that a) it was working the other day. b) i can use nix-prefetch-git just fine outside of nix-build on those repositories
<glenndavy>
i don’t know how to get back to the state i was the other day, and i don’t understand why nix-prefetch-git works on the cli
<{^_^}>
manveru/bundix#6 (by pmahoney, 2 years ago, closed): Cannot download from private gemserver
<manveru>
nix-prefetch-git is not in a sandbox
<glenndavy>
so how can i inject the agent into the sandbox?
<glenndavy>
( i don’t really know what a sandbox is, but im going to assume its a mechansim nix-build is using for isoloation.. though i thought running the shell provided that… so *shrug*)
<glenndavy>
surely there’s a mechanism to set up an environment for nix-build?
<glenndavy>
manveru: ok that post seems to relate to http rather than ssh
<manveru>
well, the main usecase is github or gitlab, which allow git via http
<glenndavy>
right, but many gems aren’t decalred in the Gemfile that way
<manveru>
true
<manveru>
i don't have a good solution for that, sorry...
<glenndavy>
so, the question is, how can i give nix-build access to my agent ?
<manveru>
search google with that question :D
<manveru>
i'v seen that a lot
<glenndavy>
would you be open to a patch on bundix that uses fetchGit rather than nix-prefix-git, Clever in #nixos was telling me that this will do what i want?
<glenndavy>
i’ve already wasted quite a bit of time searching on google
<manveru>
does bundix fail, or nix-build?
<glenndavy>
nix build
<manveru>
then the issue needs to be fixed in bundlerEnv
<glenndavy>
ah, sorry i thought they were inimitately connected
<glenndavy>
i don’t have my head round bundlerEnv
<glenndavy>
thanks for the tips
<manveru>
it uses fetchgit atm, not fetchGit
<glenndavy>
i’m a bit bewildered and confuounded how the people are so helpful in nixos world but the tooling so obtuse
<manveru>
so that'd explain it
<glenndavy>
ok, so, i’ll drill in there, see if theres away to hack around that
<manveru>
try using builtins.fetchGit there instead
<glenndavy>
ok so when you say ‘try using’ you mean essentially download the source, modify and use that instead of what comes out of the channels/store etc? and source from there instead of channels?
<manveru>
jup, clone nixpkgs, change the line, use `import /path/to/your/nixpkgs {};` instead of `import <nixpkgs> {}`, and it should do something
<manveru>
sorry, i'm still busy fixing metasploit and pidgin...
<manveru>
but if you need this for work, maybe suggest to them to setup gem-in-a-box for hosting their gems :)
<glenndavy>
no stress, thanks for your time. if it came to that they’d just tell me not to be an idiot and go back to homebrew and bundler, this is just pure self indulgence on my part.
sierraDelta has quit [Remote host closed the connection]
Ericson2314 has quit [Read error: Connection reset by peer]
dtz has quit [Read error: Connection reset by peer]
kaychaks[m] has quit [Remote host closed the connection]
matthewbauer has quit [Remote host closed the connection]
thefloweringash has quit [Read error: Connection reset by peer]
ejpcmac has quit [Remote host closed the connection]
ysndr_ has quit [Remote host closed the connection]
daGrevis has quit [Quit: daGrevis]
daGrevis has joined #nix-darwin
Ericson2314 has joined #nix-darwin
ejpcmac has joined #nix-darwin
dtz has joined #nix-darwin
kaychaks[m] has joined #nix-darwin
thefloweringash has joined #nix-darwin
matthewbauer has joined #nix-darwin
sierraDelta has joined #nix-darwin
ysndr_ has joined #nix-darwin
<manveru>
glenndavy: well, it's also useful for people using that... it's always a good idea to keep your used dependencies in-house :)
<manveru>
gem-in-a-box acts as a transparent cache, which is pretty cool :)
<manveru>
but i understand that not many would care about it, we have mirrors for all our deps in my company for security reasons though
<LnL>
while this probably not clear at all, there's a big difference between fetchgit and builtins.fetchGit
<LnL>
the first is isolated which means it won't have access to your secrets, etc. unless globally configured
<LnL>
builtins.fetchGit runs as your user, so any access configured locally will work automatically just like executing git yourself
<manveru>
yeah, at the time of writing the gem build, there was no fetchGit...
<manveru>
but i think it's safe to switch now?
<manveru>
not sure if all the bugs for it are fixed already
<LnL>
it was added in 2.0 so it's fine
<manveru>
it wasn't fine for things like commits that aren't in HEAD though :|
<LnL>
however you don't want to use it for public sources since it's evaluation time
<manveru>
plus the speed issue of having a massive git repo
<LnL>
2.2 or 2.1 switched to a per url cache
<manveru>
oh cool :)
<LnL>
not sure about the detached refs tho
<manveru>
it's still not used at all in nixpkgs though?
<LnL>
you don't want it eval time there
<manveru>
if i switch the gem builder, at least metasploit would be affected...
<manveru>
yeah :(
<LnL>
I see it more as a replacement for the terrible fetchGitPrivate hack
<manveru>
now... how to distinguish the two :|
<manveru>
something like bundlerEnv.gitFetcher = builtins.fetchGit maybe...
<manveru>
so the user can choose at least
<manveru>
sorry, very OT
<LnL>
yeah, it's a very subtitle difference making the user choose is probably best
<manveru>
maybe this weekend if i get a free minute...
<manveru>
still working on getting all the ghc versions into haskell.nix
<manveru>
and at work i use neither ruby nor haskell but elixir... so working on that build stuff too :P
<manveru>
i'm still not sure how people can remain sane while working on dozens of projects at once without nix-shell
<manveru>
and on macs, none-the-less
jtojnar has quit [Quit: jtojnar]
jtojnar has joined #nix-darwin
<glenndavy>
I’m trying to read between the lines of that conversation? Is there technical difficulties using fetchGit in bundleEnv?
periklis has quit [Remote host closed the connection]
<manveru>
glenndavy: there are difficulties because some packages in nixpkgs are packaged using bundlerEnv, and using fetchGit is not as fast as downloading the tarball would be
<manveru>
so, for private use, you don't really care about it, but it's a problem if it makes nixpkgs even slower to evaluate
<manveru>
just that in this case, i'm not sure why that's the case...
johnw has quit [Remote host closed the connection]
<glenndavy>
hmm, beats crippling for a given use case i’d have thought, but i guess thats just from my perspective. from an outsider/noobies point of view, there comes a point where there’s just too many battles and guessing games to get simplest tasks done
<glenndavy>
not quit sure what the solution would be to get the balance of speed for the majority of situations and the functionality for the minority, but still real situations
<glenndavy>
perhaps a configuration flag in gemset.nix.. but yet another configuration is the death of 1000 cuts