<anttih_>
I got it compiling by skipping cabal entirely and using nix all the way.
<anttih_>
so `nix-shell` and then using cabal there does not work for some reason
<anttih_>
cabal-install is provided by the local derivation
Chiliparrot has joined #nix-darwin
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
__monty__ has joined #nix-darwin
Chiliparrot has joined #nix-darwin
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
philr has quit [Ping timeout: 260 seconds]
cmacrae has joined #nix-darwin
<cmacrae>
Sup peeps o/ Having a bit of trouble with packaging a Firefox DMG into an overlay. I've outlined the problem here: https://git.io/JeNRd
<cmacrae>
Any ideas?
<cmacrae>
It's weird that it's not a symlink
<LnL>
what happens if you install it in isolation?
<LnL>
eg. nix-env -p /tmp/foobar -i <firefox>
<cmacrae>
Hey LnL o/
<cmacrae>
Sure, let me give it a go
<cmacrae>
(brb though, just need to make a phonecall - thanks for the reply!)
<cmacrae>
Hmm, I'm being silly. I've made a 'default.nix' in a '/tmp/firefox' directory with the contents of the overlay from that gist, and tried 'nix-env -p /tmp/firefox -i <firefox>' and I get "error: selector '<firefox>' matches no derivations"
<cmacrae>
What am I missing here?
<LnL>
ah I meant the firefox store path, not a literal <firefox> :)
<cmacrae>
Oh, haha
<cmacrae>
My bad
<LnL>
well it is valid nix syntax
<cmacrae>
When you say store path, is that the filesystem path containing the overlay file? :)
<cmacrae>
Sorry, haven't done this stuff before
<LnL>
the store path of your custom firefox
<cmacrae>
Oh! How do I get the store path? Sorry for the bottomless questions
<cmacrae>
Okay, yeah I just built that and it's the same results
<cmacrae>
firefox.app is just a directory (not a symlink in the store) and permissions are messed up
<cmacrae>
I'm working on getting the firefox module in rycee/home-manager to work on darwin, which I've got working :)
<cmacrae>
This is the last piece of the puzzle: a declarative Firefox install on darwin
<__monty__>
Just learned today that firefox is ~20% slower than firefox-bin. Maybe that needs darwin-specific attention as well.
<LnL>
ah it's because this is the only application in the profile now, adding something else results in symlinks
<LnL>
but what do you mean with the permissions?
<cmacrae>
Not sure I follow on your first point, sorry
<cmacrae>
As for the permissions, the resulting files in the output 'Applications' differ from that of the DMG archive
<cmacrae>
For instance, the 'firefox' binary is executable when unpacked. But when copied over as part of the installPhase, everything loses the permissions they had
<cmacrae>
So everything just becomes 0444 as far as I can see
<cmacrae>
LnL: Oh! Okay, fair enough. I guess it's in a differing profile from my other Applications, for some reason
<cmacrae>
The other Applications that are present are installed via home-manager, just as this one is, though. So that's a bit weird
<LnL>
yeah so from what I can tell nix-env profiles work like expected here (unless you can't reproduce that)
<LnL>
if so then the question is what home-manager does with the package option
<LnL>
looking inside the app might also help
<LnL>
nix-env starts creating symlinks when the paths become unique for one package, so maybe there are multiple firefoxes in your profile somehow?
<cmacrae>
Okay, thank you for the pointers, much appreciated
<cmacrae>
Any ideas why the permissions would be weird? :/ Or do you think they could be related?
<LnL>
not really, but 444 is totally normal for store paths
<LnL>
what are you expecting?
<cmacrae>
I'd expect the binary at Applications/firefox.app/Contents/MacOS/firefox to be executable, as that was its state in the unpackPhase before being copied into the resulting output
<LnL>
doesn't 4 include the exec bit?
<cmacrae>
Don't believe so - that's just readable
<LnL>
ah my bad
<cmacrae>
If you take a look at the bottom of my gist, you'll see the human-readable representation in an 'ls -l' output
<LnL>
nix will remove the write bits to make paths read-only, but the rest should be preserved
<cmacrae>
Hmmm
<cmacrae>
All I'm doing is unpacking the DMG, then as the installPhase, making $out/Applications and copying 'Firefox.app' into it
<cmacrae>
So, I wouldn't expect anything to change
<LnL>
the source drv looks totally fine tho, what happens if you run nix-build --check ... on the firefox expression?
<LnL>
we could use the expressions but I want to make sure we're not accidentally looking at other things
<LnL>
hm, I was expecting that to complain that stuff was changed
<LnL>
and that's still only read now?
<cmacrae>
Yep, sadly so!
<cmacrae>
I completely removed any traces of it from my system by removing old generations from my system and home-manager profiles, then collected garbage
<cmacrae>
Confirmed there was nothing in the store related
<cmacrae>
Then rebuilt and switched, same situation I'm afraid :(
<LnL>
oh so the path was gone and you rebuilt it?
<cmacrae>
Yeah, I "disabled" it on my system by commenting out my config for it. Rebuilt, removed old gens, collected garbage, confirmed nothing related in the store, uncommented, rebuilt & switched. Resulting Applications/firefox.app directory tree has the same problem with permissions
<LnL>
right, so --check does that without having to go through all that
<LnL>
but I guess that double confirms it
<cmacrae>
Oh... hahaha
<LnL>
so I'm wondering if something is going wrong that the sandbox would prevent
<LnL>
at this point I should probably just add that to nix
<LnL>
interesting, check doesn't complain if I break that
<LnL>
aha, what does nix-store --verify-path ... say?
cmacrae has quit [Ping timeout: 268 seconds]
<LnL>
hrm repair is broken :/
* LnL
adds a todo
cmacrae has joined #nix-darwin
<cmacrae>
Sorry, dropped out there
<LnL>
did you try nix-store --verify-path?
<cmacrae>
I didn't, let me give it a go
<cmacrae>
I also haven't looked at your last gist
<cmacrae>
Bear with me :)
<LnL>
no problem
<cmacrae>
nix-store --verify-path exited silently with 0
<cmacrae>
So, guessing all looks okay
<LnL>
nothing messed with it then
<LnL>
oh, you did pass the store path right?
<cmacrae>
Yup!
<cmacrae>
Would I benefit from enabling sandboxing with the stuff from your gist? :)
<cmacrae>
I really appreciate the time you've spent looking into this with me!
<LnL>
no, only if verify failed
<cmacrae>
Ah okay
<LnL>
well I'm not sure what's going on, I would blame the expression but it looks good on my side
<cmacrae>
Okay! That's good enough for me - like I say, I really appreciate the time and advice. Thank you very much
<cmacrae>
I do have to ask: with that expression, does the resulting firefox binary at Applications/firefox.app/Contents/MacOS/firefox look executable on your machine?
<LnL>
yeah, hold on let's make this totally reproducable
<clever>
`--option repeat 1` would make nix repeat every single build an extra 1 times, and it will compare the result of both runs
<clever>
and if they arent identical, it will treat it as a failure
<clever>
but that only catches rng and timestamps, host stuff leaking in due to no sandbox wont be caught, since it will match between runs
<cmacrae>
Seriously, thank you - this was great to be walked through and see it all broken down
<cmacrae>
The thing I'm now wondering: this would indicate to me that there's a build of Firefox in nixpkgs capable of building on darwin... am I correct?
<cmacrae>
I was only trying to use my overlay because I thought there wasn't a Firefox package for darwin D:
<LnL>
not exactly clear why, but supposedly that was added to fix the app bundle
<LnL>
yeah firefox worked at some point, but it's been broken for a while again
<cmacrae>
Okay, phew. I thought I'd just lead you on a wild goose chase for no reason, haha
<LnL>
that said, I'm not sure how much sense the wrapper makes for a precompiled build
<cmacrae>
No, agreed
<LnL>
adding firefox directly to your user packages instead of using the firefox module might make more sense
<cmacrae>
Sure, so what I'm trying to do is just set the firefox module from home-manager's 'package' parameter to the result of that overlay (i.e: just a downloaded, unpacked Firefox distribution)
<cmacrae>
Of course, this whole time I must be doing something silly
<cmacrae>
I've got the other features of the module working on darwin
<LnL>
yeah, but I think home-manager is wrapping this custom firefox for you
<cmacrae>
Ah damn, okay
<cmacrae>
That makes sense
<cmacrae>
I didn't think it would be since I was explicitly telling it which package to use
<cmacrae>
I'll try just adding it to my packages and see what the result is
<cmacrae>
Okay, yep.... simply adding it to my 'environment.systemPackages' works perfectly!