gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
evanjs has quit [Quit: ZNC 1.7.4 - https://znc.in]
evanjs has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 245 seconds]
<samueldr> ugh, github won't allow one to own a fork to one's own repos
<samueldr> tried to side-step this by making the fork in an organization, then transfering ownership
<samueldr> I'm looking to have a github-type fork so that pull requests can be made from the WIP repo to the main repo
<samueldr> because it's obvious that you could just set up a new repo and push to it otherwise
drakonis has joined #nixos-chat
<hyperfekt> still no impure derivations smh... can't even create a keypair in nix, which is obviously something you want to do
<drakonis> rfc: impure derivations
srhb has quit [Quit: ZNC 1.7.4 - https://znc.in]
evanjs has quit [Remote host closed the connection]
LnL has quit [Ping timeout: 245 seconds]
srhb has joined #nixos-chat
evanjs has joined #nixos-chat
Peetz0r has quit [Ping timeout: 245 seconds]
msgctl has quit [Ping timeout: 245 seconds]
cransom has quit [Ping timeout: 245 seconds]
msgctl has joined #nixos-chat
LnL has joined #nixos-chat
Peetz0r has joined #nixos-chat
cransom has joined #nixos-chat
<hyperfekt> drakonis: Are you suggesting to open an RFC? I don't think that would be well received, Eelco implemented an impure derivation branch in 2017 but never merged it, probably for ${reasons}
<drakonis> i am, yes.
<drakonis> worth a try after flakes comes in
<drakonis> one big change at a time
das_j has quit [Remote host closed the connection]
das_j has joined #nixos-chat
andi- has quit [Remote host closed the connection]
andi- has joined #nixos-chat
endformationage has quit [Ping timeout: 240 seconds]
endformationage has joined #nixos-chat
<infinisil> hyperfekt: Why would creating a keypair in the nix store be a good idea?
<hyperfekt> infinisil: i don't think it's a good idea, i was being sarcastic ^^
<infinisil> Ohhh hah now I see it
<hyperfekt> it just would've been the least effort way to do something
<infinisil> I wouldn't mind having support for private things in the store though
<hyperfekt> yes please. maybe some of the architects will direct their attention towards that when flakes are done
MichaelRaskin has quit [Quit: MichaelRaskin]
endformationage has quit [Ping timeout: 252 seconds]
AluisioASG has quit [Ping timeout: 276 seconds]
kini is now known as fs
fs has joined #nixos-chat
fs has quit [Changing host]
drakonis_ has quit [Ping timeout: 265 seconds]
fs is now known as kini
kini has joined #nixos-chat
kini has quit [Changing host]
drakonis_ has joined #nixos-chat
drakonis has quit [Quit: WeeChat 2.6]
Jackneill has joined #nixos-chat
<lejonet> hyperfekt: setfattr -n nix.pleasedontreadkthxbai -v true -R /nix/store/private, done! ;)
<lejonet> On a more serious note tho, maybe ecryptfs could be something for that? (disclaimer: I do not know the details of how ecryptfs work nor how much of a performance hit it may be to implement it properly)
<etu> That would probably result in a secret that needs to be stored somewhere to unlock the secret though...
<lejonet> Well, I doubt you'll get away from that if you want private stuff in a by-design world readable place :/
<lejonet> At least till we get practically feasible homomorphic encryption or similar stuff or something :P
kcalvinalvin has joined #nixos-chat
psyanticy has joined #nixos-chat
Arahael has quit [Quit: WeeChat 2.4]
<hyperfekt> lejonet: If I hadn't recently learned overlayfs was broken I'd suggest putting the public store over a derivation-specific private one.
tilpner has joined #nixos-chat
<emily> overlayfs is broken? :(
<emily> I heard it's slow but not that it's broken (for read-only cases)
<lejonet> hyperfekt: that could've been a nice way of doing it without having to "resort" to encryption of some form
<hyperfekt> emily: #64126
<{^_^}> https://github.com/NixOS/nixpkgs/issues/64126 (by vcunat, 13 weeks ago, closed): builds started failing on Hydra's new hash-named x86 machines
<emily> hyperfekt: this is unionfs, not overlayfs, looks like?
<emily> unionfs is well-known broken
<emily> ~linux~
<hyperfekt> yup, but i asked grahamc the same thing and he said overlayfs was broken, too. not sure if in the same way though
avn has quit [Ping timeout: 265 seconds]
__monty__ has joined #nixos-chat
<lejonet> hyperfekt, emily: #54509 perhaps?
<{^_^}> https://github.com/NixOS/nixpkgs/issues/54509 (by bachp, 36 weeks ago, closed): OverlayFS broken on NixOS Kernel 4.19 and 4.20
<emily> mhm, I'm not surprised if it's broken for read-write cases
<hyperfekt> well we could manage with that, the store is read-only (if we want it to be)
<lejonet> Yeah, from a users point of view, the store is read-only anyway, even if the user ofc can ensure writes in it happen but not directly by the user
avn has joined #nixos-chat
tokudan has quit [Ping timeout: 240 seconds]
avn has quit [Read error: Connection reset by peer]
avn has joined #nixos-chat
vesper11 has quit [Ping timeout: 244 seconds]
vesper11 has joined #nixos-chat
<pie_> i want sandstorm on nix but its probably a ton of integration work :( thres a three year old open github issue on the sandstorm repo
<pie_> and sandstorm development seems to have ground to a mostly halt due to various reasons so one probably cant expect much work to come from the sandstorm side
vesper11 has quit [Ping timeout: 246 seconds]
<joepie91> I've seen various people claim that sandstorm is effectively dead, fwiw
<pie_> yep
<pie_> but from what little i read anno, the tech is good
<pie_> and there are no real replacements are there?
vesper11 has joined #nixos-chat
vesper11 has quit [Ping timeout: 240 seconds]
vesper11 has joined #nixos-chat
__Sander__ has joined #nixos-chat
tilpner has quit [Remote host closed the connection]
tilpner has joined #nixos-chat
__monty__ has quit [Quit: leaving]
waleee-cl has joined #nixos-chat
drakonis has joined #nixos-chat
endformationage has joined #nixos-chat
AluisioASG has joined #nixos-chat
drakonis_ has quit [Remote host closed the connection]
drakonis has quit [Quit: WeeChat 2.6]
__Sander__ has quit [Quit: Konversation terminated!]
AluisioASG has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
AluisioASG has joined #nixos-chat
<gchristensen> it is cold in my office today, and my hands hurt :|
drakonis_ has joined #nixos-chat
<aleph-> gchristensen: :/ Renauds?
<cransom> i'm jealous. it's 97 outside right now.
<aleph-> Nice and temperate here today
<samueldr> it's 8° outside here, (47° Frankenstein)
waleee-cl has quit [Quit: Connection closed for inactivity]
<gchristensen> aleph-: yeah :(
<gchristensen> samueldr: ~same
drakonis_ has quit [Ping timeout: 240 seconds]
<aleph-> gchristensen: :/
<aleph-> God I'm tired.
<aleph-> I need a nap after my meeting and a quick audit of our monitoring metrics
<cransom> i bought some larger blank pcb boards to try and mill (+/- burn house down) some traces and have a slightly warmed keyboard for the much cooler weather. i ran out of steam when spring hit.
<gchristensen> I'm pretty sure I've asked this a dozen times, and yet I don't remember.
<gchristensen> is there a way for obs to record a screen without it being the focused screen? when I switch away from the window it stops getting updates
<gchristensen> this is annoying because it means I can't tweak the obs settings without pausing the video capture
drakonis_ has joined #nixos-chat
<samueldr> gchristensen: do you have compositing software active?
<samueldr> I don't know in which situations, but with one of the plugins with obs it did things differently depending, IIRC
<samueldr> it's been a while
<gchristensen> I run i3
<samueldr> with something like xcompmgr or one of the myriad forks?
<gchristensen> no (I'm not sure what compositing software does)
<samueldr> compton
<samueldr> partly for eye candy (shadows, transparency)
<samueldr> but it also changes how the windows are rendered since they now do so in an GPU accelerated manner
<gchristensen> ahh probably not
<samueldr> I would try starting compton in a nix-shell and see if and how the behaviour differs
<gchristensen> cool, I can try that
<gchristensen> I wonder also if it has to do with i3 being tiled, and zoom being on a different workspace
<samueldr> is the window unmapped (hidden)?
<samueldr> can the window be mapped (shown) but unfocused?
<gchristensen> I could setup another monitor and make it that way
<infinisil> Should I dare to create a date library in Nix?
<gchristensen> oh dear
<gchristensen> do
<gchristensen> no
<gchristensen> you don't
<infinisil> I might just dare to do it!
<gchristensen> you don't want that
<gchristensen> you don't want that in your life
<infinisil> I really want to be able to do `event = mkEvent { name = "office hours"; date = "2019-10-04"; time = "19:00"; }`, and then evaluating event gives `This event is in 1 hour` or so
<infinisil> gchristensen: That would be really slick!
<gchristensen> you poor thing
<gchristensen> here lies infinisil, he took on a date library
<infinisil> > isoEpoch "2019-10-04" # I already got started a while ago!
<{^_^}> { success = true; value = <CODE>; }
<infinisil> > :p isoEpoch "2019-10-04"
<{^_^}> { success = true; value = 1570147200; }
<gchristensen> leap seconds?
<gchristensen> :p isoEpoch 0001-01-01
<gchristensen> > :p isoEpoch 0001-01-01
<{^_^}> value is an integer while a string was expected, at /var/lib/nixbot/lib/iso.nix:21:12
<gchristensen> :|
<infinisil> Should be accounted for, unix epoch includes them I think
<qyliss> ISO weeks?
<NinjaTrappeur> gchristensen, I have exactly the same issue. I usually just plug another monitor to make the window render. Please ping me if you find an issue.
<NinjaTrappeur> /issue/solution
<gchristensen> NinjaTrappeur: thanks!
<gchristensen> I'm giving another monitor a try
<infinisil> > :p isoEpoch "0001-01-01"
<{^_^}> { success = false; value = "Years below 2018 are not supported"; }
<infinisil> (I cheated a bit in the implementation)
<qyliss> > :p isoEpoch "2019-W10"
<{^_^}> { success = false; value = "2019-W10 is not of the form YYYY-MM-DD"; }
<samueldr> > :p isoEpoch 9999-01-01
<{^_^}> value is an integer while a string was expected, at /var/lib/nixbot/lib/iso.nix:21:12
<infinisil> Ah didn't know this was a thing
<samueldr> oops
<samueldr> > :p isoEpoch "9999-01-01"
<{^_^}> error: stack overflow (possible infinite recursion)
<gchristensen> infinisil: when is your birthday? I'll get you the specification for ISO8601
<infinisil> Well, I know where to get people to test my future library lol
<gchristensen> > :p isoEpoch "-10-04"
<samueldr> though do note that you never want to store the moment of anything scheduled as an amount of second since epoch
<{^_^}> { success = false; value = "-10-04 is not of the form YYYY-MM-DD"; }
<samueldr> otherwise you'll have a bad time with leap seconds :)
<infinisil> samueldr: Really?
<infinisil> Even if there were a couple leap seconds, the time would only be wrong by a tiny bit
<infinisil> gchristensen: Hehe no thanks, I'm not a fan of birthdays tbh
<infinisil> Yeah so I think I won't waste my time on creating a date library (anymore than I already have)
<infinisil> Better worth spending this effort elsewhere
<samueldr> infinisil: yes really, if I schedule something for 2200-02-02 at 00:11:00 I expect it happens at 00:11:00, as scheduled, not 00:11:04 because of some leap seconds!
<samueldr> it may have been a laser pulse to send data to mars!
<samueldr> there, missed it by 4 seconds :D
<samueldr> contrived example, but life is contrived
<infinisil> > :p isoEpoch "2200-02-02"
<{^_^}> { success = true; value = 7260883200; }
<infinisil> samueldr: So you think the unix epoch should be at 7260883196 for that date?
Jackneill has quit [Remote host closed the connection]
<samueldr> I don't know what the unix epoch will be for that date
<samueldr> and it's hard to say because it depends which date system is followed :)
MichaelRaskin has joined #nixos-chat
<infinisil> Hmm yeah
<infinisil> samueldr: Aha! Apparently unix epoch time includes lead seconds
<emily> unix time does *not* contain leap seconds
<emily> on most common system configurations
<emily> it's POSIX noncompliant to include them ("TAI-10")
<infinisil> Ohh
<samueldr> date/time is "fun"
<infinisil> I meant like "it includes correct for leap seconds"
<samueldr> because even what is "known" is sometimes, if not often, wrong in some way
<infinisil> correcting*
<samueldr> and often in ways that cannot be reconciliated
<emily> this is widely considered a mistake and you can use tzdata's right/ timezones to use a TAI-10 system clock (needs a cooperating timesync daemon) and have the leap second adjustment done in the timezone
<emily> as it should be
<emily> but it's POSIX noncompliant, and iirc musl doesn't support it, and so on, and so forth.
<emily> infinisil: ah, right
<emily> natural language strkes again
<samueldr> this is why you should always use an existing date/time library; they already made the mistakes :)
<MichaelRaskin> Then there is Google time
<samueldr> don't forget about hammer time
<MichaelRaskin> And systemd defaulting to using Google NTP servers that serve Google time which is not strictly speaking, well, any of the above
<qyliss> Do we use Google's NTP in NixOS?
<qyliss> IIRC I looked and couldn't see anywhere we changed it, even though AAUI distributions are supposed to
<emily> leap second slewing is a good idea
<emily> it's the second-best thing to a TAI-10 clock
<MichaelRaskin> systemd: «we provide The Right Way To Do things, but distributions are supposed to change this long list of things»
<emily> if you don't have super-precise timing requirements -- and Google has pretty tight ones, given the whole distributed systems consensus thing -- then it lets you mostly forget that everything is horrible and avoid client-side bugs entirely
<MichaelRaskin> (and we make sure anything not done The Systemd Way eventually breaks)
<MichaelRaskin> Google timeservers indeed spread the leap second via clock skew in a complicated way specific to their needs
<elvishjerricco> Aw man. My Nix bootstrap script broke
<elvishjerricco> I had a script that built NixOS from source starting with packages you can get on Debian / Ubuntu. The boost version they have is now no longer accepted by Nix for some coroutine big reason
<infinisil> emily: Well the point of distributed systems should really be that no clock is needed because there is no way to get a universal consistent time anyways
<elvishjerricco> s/big/bug
<emily> infinisil: that is, unfortunately, what you would call an Unsolved Problem
<infinisil> Unsolvable!
<emily> lots of consensus protocols used extensively in production today require reasonably synchronised clocks
<emily> time synchronization is a reality people have to deal with
<MichaelRaskin> infinisil: you can get to within a few RTT-diameters of the system, though
<MichaelRaskin> And that's useful for timeouts
* infinisil nods
<ar> /39/35
<drakonis_> i have a actual use for impure derivations now
<drakonis_> producing signed kernel images
<drakonis_> with any n extra modules
<drakonis_> any number of extra modules
<gchristensen> NinjaTrappeur: a second screen fixed it!
<aleph-> drakonis_: Nice
<drakonis_> i need secureboot on this laptop
<drakonis_> i dont want to have to set a password in it just for it
<drakonis_> just to disable it
<MichaelRaskin> I think if you need to set password to disable SecureBoot, you can remove it again after changing the SecureBoot settings
<MichaelRaskin> (Of course, this is vendor-dependent, so you might be out of luck)
<drakonis_> there's no option in the bios to do that
<NinjaTrappeur> gchristensen, nice. That said, having to plug another screen everytime you stream is a real annoyance :/
<drakonis_> i could of course fail it enough times to get the code to reset the password
<drakonis_> i'd also like impure derivations to deal with fast moving software
<drakonis_> see that one gpg enchantment to produce updated chrome packages
<drakonis_> an rfc should be done for it, to justify it being added to nix
<infinisil> drakonis_: Wait so what support is needed for "impure derivations"?
<drakonis_> there's a branch that adds impure derivations but it has not been merged yet
<infinisil> Was even in my browser history
<infinisil> "Pure derivations are not allowed to depend on impure derivations"
<{^_^}> nix#2270 (by edolstra, 1 year ago, open): Restrict fixed-output derivations
<infinisil> I'm not really sure how this could be useful with this constraint ^^
<drakonis_> of course.
<drakonis_> that does kneecap the whole thing
<infinisil> drakonis_: Not sure how that issue relates to this
<infinisil> Oh
<infinisil> I guess buildRustPackage and such are impure already in some sense
<infinisil> But they really shouldn't be
<drakonis_> https://github.com/NixOS/nix/issues/520 non determinism ahoy
<{^_^}> nix#520 (by copumpkin, 4 years ago, open): Nondeterministic derivations?
<drakonis_> besides rust there are other languages that exhibit this kind of behavior
<qyliss> go as well
<drakonis_> javascript based languages too
<qyliss> I'm going to RFC that we just package Rust etc libraries like we do Python ones
<qyliss> Fuck pinning to patch versions
<drakonis_> agreed
<qyliss> We are a distribution, after all.
<infinisil> qyliss: I'm not sure how well that's gonna work
<qyliss> extremely well imo
<qyliss> but am interested in your concerns
<infinisil> Because of rust packages usually pinning to exact versions
<qyliss> Rust is also very strict on semver
<drakonis_> i would prefer to just have the ability to flag software as impure and/or non deterministic
<qyliss> As long as it doesn't end up in Nixpkgs, IMO
<drakonis_> have a flake for bleeding edge software
<infinisil> qyliss: Ah you mean to potentially have multiple major versions if needed?
<qyliss> infinisil: that's what we do for python
<drakonis_> fast moving software that updates often with new features
<drakonis_> gotta update the derivation all the time to stay on top
<qyliss> Yeah, stuff like latest in nixpkgs-mozilla is fine and good I think
<infinisil> qyliss: Oh wait you mean to do this manually? The crates packages?
<drakonis_> get rid of the manual aspect for that
<qyliss> infinisil: semi-manually, probably
<drakonis_> also relevant to it
<samueldr> the idea would be not to rely on $randomsoftware that manages deps in a non-reproducible way
<samueldr> is that it?
<drakonis_> derivations that fetch the latest tag
<qyliss> Pretty much
<samueldr> it's likely that it's the only way forward with FODs anyway
<qyliss> I think we could do it mostly automatically
<qyliss> But we'd still need, like, the list of native dependencies for each package
<samueldr> like bundix is doing for ruby, right?
<samueldr> (thinking also the newer unrelease branch)
<qyliss> I'm torn on that
<qyliss> I don't like how in Ruby we have to be able to build arbitrary versions of every gem
<qyliss> So honestly, a more manual Python-style approach might be better
<samueldr> I wonder though if there's a middle of the road method, where we package python-style within nixpkgs, but also allow more specific pinning?
<samueldr> (sorry for derailing)
<qyliss> Yeah, that might be nice.
<qyliss> Maybe like we do with ruby gems now
<qyliss> Yeah I heard about that yesterday!
<manveru> which avoids the FOD, i really like it :)
<qyliss> Oh, neat.
<manveru> for ruby... i think we could evolve the ruby.withPackages away from bundler
<qyliss> Yeah.
<manveru> it already doesn't need bundler at runtime
<qyliss> And then do the same for every other language
<manveru> no way we can avoid bundlerEnv for the majority of people though
<manveru> not a big fan of the python way, it's so much manual labor :|
<manveru> but i guess that's because of the fragmented ecosystem
<samueldr> the same result in nixpkgs, but with automation, would be interesting
* joepie91 prods pie_ given that they might be interested in above discussion
<aleph-> manveru: I need to sit down and figure out what broke with gem.BundledRuby incidentally. Sat down to finally finish the lobsters service and it fails to build now >_>
<aleph-> Also Crate2nix is very nice
<manveru> built a little tooling around querying npmjs, fetching deps, and running npm4nix for each to get a tree of derivations
<qyliss> manveru: I read it briefly but was confused what it was actually proposing
<manveru> basically the python/haskell approach for node
<qyliss> Oh, cool
<manveru> it sounds cool, until you realize the packages you want have thousands of dependencies :P
<qyliss> I don't think the Python approach needs to be that much manual labour with updateScript, etc.
<manveru> i really would like to package `netlify-cli` without yarn2nix, for example
<qyliss> Yeah.
<drakonis_> manveru, i found one that had *checks number* 11000+ node dependencies
<drakonis_> oh my goooood the graph keeps getting bigger
<manveru> jup
<qyliss> Do we know the number of dependencies, ignoring different versions of the same package?
<qyliss> that can't be 11000, surely
<manveru> i have no clue wtf they need so many deps for... it's just a cli util for talking to their rest api :P
drakonis__ has joined #nixos-chat
<drakonis__> those packages all have permissive licenses lol
<joepie91> manveru: it's not just an API client afaik
<joepie91> also a local dev server, and a packager, and...
drakonis_ has quit [Ping timeout: 240 seconds]
<joepie91> I recall there being some decent compleixty in netlify's thing
<manveru> yeah, it's pretty refined for what it does
tokudan has joined #nixos-chat
drakonis__ has quit [Ping timeout: 240 seconds]
drakonis__ has joined #nixos-chat
drakonis has joined #nixos-chat
<lassulus> someone should build a browser game where people actually review nixpkgs PRs and gather points and stuff
<emily> it's called githubs. the points are the green boxes on your profile
<emily> *github
<lassulus> not gameified enough imho :D
<lassulus> something like: you ran nix-review on this PR +100 points, you spotted an error in a PR, +300 points, you gathered 10000 points and now you can spend it on fancy nixos swag or get into the hall of fames
<emily> spend it on getting your PRs merged imo
<emily> then I'd definitely play :P
<drakonis__> beautiful
psyanticy has quit [Quit: Connection closed for inactivity]
evanjs has quit [Quit: ZNC 1.7.4 - https://znc.in]
evanjs has joined #nixos-chat
drakonis__ has quit [Quit: Leaving]
waleee-cl has joined #nixos-chat
<samueldr> heh
<samueldr> this is what was listed in an horrible view on the alcatel goflip, using kaios, for their license "compliance"
<samueldr> imagine this list, on a tiny screen, which scrolls at about 2 lines a second
<samueldr> things worthy of note
<samueldr> busybox is present, but lacking its liecnse
<samueldr> (cc joepie91 who showed some interest about kaios + compliance)