globin has quit [Remote host closed the connection]
globin has joined #nixos-chat
drakonis1 is now known as drakonis
<elvishjerricco>
Since switching to 19.09, light-locker fails to start the vt with the login prompt exactly every other time the screen locks. It works once, then it doesn't, then it does, then doesn't, and so on. Have yet to find a counterexample to the pattern, except when I manually restart light-locker.
<elvishjerricco>
I just have light-locker started in my `displayManager.sessionCommands`. Is that not the right way to do that?
drakonis has quit [Quit: WeeChat 2.6]
<talyz>
adisbladis: yeah, I was slightly amazed at how well done it was, but also had no idea how to use it :D
cjpbirkbeck has quit [Quit: Quitting now.]
endformationage has quit [Ping timeout: 250 seconds]
cransom has quit [Quit: WeeChat 2.4]
buckley310 has quit [Read error: Connection reset by peer]
buckley310 has joined #nixos-chat
Synthetica has joined #nixos-chat
__monty__ has joined #nixos-chat
psyanticy has joined #nixos-chat
<eyJhb>
talyz, adisbladis hoping I can use it for a little for challenge at Aarhus CTF 2020 :p
<eyJhb>
samueldr: do you have a place with states the "final/expected" outcome of NixOS on Mobile, in terms of features etc.?
drakonis has joined #nixos-chat
drakonis_ has quit [Ping timeout: 240 seconds]
<worldofpeace>
elvishjerricco: I'm aware of this issue
<adisbladis>
I _think_ that samueldr's goals are mostly about running nixos on phone hardware
<adisbladis>
I have other goals though, I want a phone userspace stack
<adisbladis>
Which is why I'm working on plasma mobile stuffs atm
Synthetica has quit [Quit: Connection closed for inactivity]
spacekookie has quit [Read error: Connection reset by peer]
drakonis has quit [Read error: Connection reset by peer]
spacekookie has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis has quit [Read error: Connection reset by peer]
drakonis has joined #nixos-chat
drakonis has quit [Read error: Connection reset by peer]
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Read error: Connection reset by peer]
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
<eyJhb>
adisbladis: yeah, I have read them, but wondered if there was something like, is the goal also to be able to make calls, etc... But I guess running NixOS on Android Phones says it all
<eyJhb>
worldofpeace always to the rescue! :D
waleee-cl has joined #nixos-chat
<adisbladis>
eyJhb: Linux-based phones are using Ofono for calls which we already have packaged
<eyJhb>
Whelp, creating a comma seperated list with things which can have a comma in them. God damn it!....
<eyJhb>
Hmm nice adisbladis !
<adisbladis>
eyJhb: I can't say I have fully understood all interactions when it comes to making calls but it doesn't seem _too_ hard
<sphalerite>
adisbladis: any idea to what extent receiving SMS works currently?
<adisbladis>
sphalerite: Nope, I still don't have Nixos running on any mobile hardware
<sphalerite>
because I have a SIM card in my laptop and I'd quite like to know if I got any messages recently :p
<sphalerite>
ah ok
<adisbladis>
sphalerite: Ahh! That works just fine _without_ ofono :)
<eyJhb>
After I have begun to want to customize my phone a little more, I really miss NixOS stuff... But I am wondering if some kind of Android+Nix declarative thing would work
<eyJhb>
But that would come in a form of bootloader/recovery thingy
<eyJhb>
NixOS Android Recovery thingy *tm*
<sphalerite>
adisbladis: how?? :D
<adisbladis>
sphalerite: Umm... You can speak serial to the modem and get that somehow.. I seem to recall using a UI for that before too..
<adisbladis>
modem-manager-gui I think
<adisbladis>
sphalerite: Looking at screenshots modem-manager-gui looks like the one I was using before
<sphalerite>
oh no, the gsm stuff seems to have broken with my upgrade to 19.09 :/
<eyJhb>
sphalerite: time to bisect! :D
<adisbladis>
Fun fun
<sphalerite>
um, no, I have a release to manage :p
<eyJhb>
sphalerite: you cannot release without it working! :D
<eyJhb>
\jk
LnL has quit [Ping timeout: 250 seconds]
<eyJhb>
The dreaded command `git push origin master`
<sphalerite>
--force
<eyJhb>
Oh yeah, forgot that
<eyJhb>
:p
<adisbladis>
Always do --force, otherwise it might fail
<eyJhb>
It actually did fail, two times, because I forgot my branch
<eyJhb>
Does anybody know of some good static checkers for python?
<adisbladis>
eyJhb: mypy?
<eyJhb>
I hate only having runtime errors, and not just.. Like, compile and say "hey, you are the biggest idiot"
<averell>
pylint is nice too, unless you use a lot of pandas
<eyJhb>
Hmm.. Pylint seems like the way to go
<eyJhb>
I have no pandas ;)
<eyJhb>
This is basically a very very simple API Module
<eyJhb>
But sometimes I just make stupid errors..
<adisbladis>
eyJhb: pylint is not a static type checker
<averell>
nobody said type :) anyway, it's still a lot of false positives with the occasional real thing, but that's still better than nothing
<eyJhb>
adisbladis: need to read some examples of both I would assume
<adisbladis>
averell: Huh, I just read "checker" and assumed type checker :)
<eyJhb>
Yeah, it was more like a on-save thing, e.g. if I use variables that has never een declared etc.
<adisbladis>
eyJhb: mypy is only checking PEP484 annotations
<eyJhb>
Oh well... Not much I do in Python anyways..
<eyJhb>
Should just write better tests
<averell>
bar.com baz.com? lol, someone left their dev-testing in the release build
<eyJhb>
*any tests that is
<averell>
maybe try with all addons disabled
<gchristensen>
averell: I did
drakonis has joined #nixos-chat
<NinjaTrappeur>
gchristensen, oh, cool!
<NinjaTrappeur>
Does this solve the problem of the window not being redrawed if out of screen?
<gchristensen>
not sure :)
drakonis_ has quit [Ping timeout: 264 seconds]
<gchristensen>
one thing about this plugin is you can't select a window, you can only do the whole output
drakonis_ has joined #nixos-chat
LnL has joined #nixos-chat
drakonis has quit [Ping timeout: 245 seconds]
cransom has joined #nixos-chat
endformationage has joined #nixos-chat
<__monty__>
I created the "haskell" feature to force haskell builds onto a remote x86_64 host. The local host is 32bit and very underpowered. Is happy getting force-built on the local host? http://ix.io/1XWb
<sphalerite>
__monty__: what's your builders option set as? Does it build other stuff on hte remote builder correctly?
endformationage has quit [Quit: WeeChat 2.6]
endformationage has joined #nixos-chat
<__monty__>
sphalerite: Yes, it's built *something* on the remote host succesfully and sends more tasks its way before erroring on this.
<__monty__>
sphalerite: The configuration is unremarkable, except for `system = "x86_64-linux,i686-linux";`
<sphalerite>
__monty__: ah, try -j0
<__monty__>
sphalerite: Get the same error. I don't understand why it's erroring on happy but not outputting "building happy on remote/locally/whatever".
<__monty__>
I apologize for the off-topic btw, thought I was in #nixos.
<worldofpeace>
eyJhb: thanks, every os needs a couple superheroes :D
<worldofpeace>
and it turns out here we have more than a few
<__monty__>
So humble : )
<__monty__>
And for clarity across the internet communication channel that was *not* intended as an ironic or sarcastic statement and neither is this!
<worldofpeace>
I understood __monty__ 😁
<eyJhb>
worldofpeace: yes, that is what makes Nix great ! ;) Just wish I had more time in general... :(
<worldofpeace>
When I'm short on time I do this thing like "make your minutes matter". because even in a moment you can make a difference just by choosing to help someone. And I think making things meaningful like this has strong impact on motivation.
<eyJhb>
worldofpeace++
<{^_^}>
worldofpeace's karma got increased to 40
<eyJhb>
worldofpeace for president :D - That was a nice thing to say! You are totally right :)
<__monty__>
#downvote message was spoiled for me by the nick, please put it in [SPOILER] tags next time.
<eyJhb>
<spoiler>worldofpeace</spoiler> ?
<worldofpeace>
lol, next office-hours I'm just going to write really heartfelt compliments for people
<gchristensen>
sounds nice
<eyJhb>
worldofpeace: please do sign me up for that :p Like a "pick-me-up" before the weekend ;)
<eyJhb>
And with the timezones, it would actually be somewhat right before bed !
<worldofpeace>
ahh, I wish all humans choose to create like that 😁
<eyJhb>
It really adds something to your messages worldofpeace when I have emoji to ascii in Weechat as well, - `ahh, I wish all humans choose to create like that _beaming_face_with_smiling_eyes_` :D - But I am looking forward to next office hours now ;)
<eyJhb>
Don't let me down :p
<worldofpeace>
I won't ! like a different attitute today, like are people ready to really come and hang out?
<worldofpeace>
I love how make name makes everything mean something more. worldofpeace messages.
<eyJhb>
Well, I think you somewhat softened the mood with your message, so now it is a little safe space for a while :p
<eyJhb>
Is office hours this friday as well? Curious if I can actually make it :(
<eyJhb>
Also, worldofpeace can I preorder something for thursday before my meeting? :p
<worldofpeace>
I have a lot of todo's to do for it (if you know what I mean) :D
<worldofpeace>
hopefully I can get to them today. something like a calendar people could subscribe to is needed.
<eyJhb>
worldofpeace: you could actually just throw something like a ical into it, and modify which people could throw into their calendars (very simple, but maybe too much manual work) :p
<worldofpeace>
I should be able to generate some sort of ical with zoom
<eyJhb>
Maybe a nosy question worldofpeace , but do you and gchristensen work together?
<worldofpeace>
eyJhb: We actually don't, though we're working on stuff together
<worldofpeace>
though if we did, I don't think we'd get too much work done. we'd talk too much :P
<Taneb>
worldofpeace: luckily, gchristensen works remotely :D
<gchristensen>
hehe
<worldofpeace>
for sure, though I always kinda found that setup isolating
<gchristensen>
just good ol' community collaboration =)
<worldofpeace>
exactly
<eyJhb>
I generally tend to talk too much... I love getting paid by the hour for talking :p
<gchristensen>
worldofpeace: I did too at first, but in the end it has been really healthy for me. I'm not good at making friends where I live. working at home meant I couldn't lean on work to give me nearby friends. it forced me to (eventually, when I was miserable feeling lonely) to actually go find some community
<Taneb>
gchristensen: heh, I'm similar, then half of my friends from uni moved to the same city as me by coincidence
<eyJhb>
Somewhat know that feeling gchristensen, I had to look for community as well when I moved to Aalborg. So I found a knitting club <3 Always fun!
<eyJhb>
Taneb: sounds lovely :D
<gchristensen>
so cool!
<worldofpeace>
gchristensen: !!!! I think that's a great example how that setup can make you take responsibility for your own happyness.
<worldofpeace>
and tbh work friends can get to that point where it kinda shallow, where the connection is kinda hands and "safe" because it's not a realy connection
<gchristensen>
exactly
<eyJhb>
worldofpeace: care to elaborate? :| "hands and safe"?
<worldofpeace>
i.e boys scouts relationships. it's just a club without realy belonging.
<adisbladis>
eyJhb: Same for me in London too...
<adisbladis>
Not so much when I moved to asia though, it was _much_ easier to find a community there
<Taneb>
adisbladis: I'm in Cambridge, which is the perfect distance from London to be not able to get to the NixOS meetups after work
<worldofpeace>
I meant hands off and "safe" with the scare quotes because people don't want to be vulnerable to connect eyJhb
<adisbladis>
Taneb: Yay..
<worldofpeace>
but when you actually choose to be your weird self you exclude people who don't like you and suddenly attract everyone you actually belonged with.
<eyJhb>
worldofpeace: that is true. You would love a non-profit/project I have been working on for some time, but I just.. Don't have the time to do it, even though it is VERY easy!
<worldofpeace>
oh I for sure volunteer in the city I'm in, though I only share that info(location) in private channels
<eyJhb>
worldofpeace: PM'ed you some stuff :D
<worldofpeace>
👍️
drakonis has joined #nixos-chat
<samueldr>
eyJhb: not yet written down, but doing so for the talk, but it's both running on phone hardware, and making it useful on phone hardware
<eyJhb>
It was the making it useful on phone hardware that I was missing from it! :D
<eyJhb>
Currently I am somewhat considering, if I can get some Nix declaration running on Android with APKs, settings, etc. that would be nice as well. But I don't dare to start looking into that
<eyJhb>
And when you say talk, it is NixCon , right?
<samueldr>
yeah, nixcon
drakonis has quit [Quit: WeeChat 2.6]
<eyJhb>
Considering more and more if I should go. 13 hour drive :p
drakonis has joined #nixos-chat
drakonis_ has quit [Ping timeout: 264 seconds]
drakonis_ has joined #nixos-chat
<eyJhb>
It is a weird feeling have paying 66 EUR to have someone punch a hole in the bottom of your... (periodic car inspection)
<ashkitten>
wouldnt it be great if github would refrain from telling people that dont care when i merge a pr into my personal nixpkgs fork
<sphalerite>
indeed
<ashkitten>
idk if it notifies anyone but who really wants to see that i "referenced the pr" by pushing the merge commit to my fork
<ashkitten>
maybe i should just not use the merge commit
<sphalerite>
ashkitten: well, it definitely happens when people rebase stuff into their repos and the commit messages contain @username
<ashkitten>
ugh
<sphalerite>
actually not definitely
<sphalerite>
but used to happen, I think
<ashkitten>
i wish github would just... filter out commits that are obviously identical
<gchristensen>
what does it mean for a commit to be identical? :)
<ashkitten>
same changeset and metadata
<gchristensen>
ie, the exact same git commit hash?
<ashkitten>
no
<ashkitten>
because git commit hashes are based on previous commits
<eyJhb>
Patch hash? :p
<gchristensen>
yeah, that seems like a relevant part of the metadat :)
<drakonis_>
pantheon is beautiful and really not a mac os UI clone
<drakonis_>
and windows vista onwards looks like an expensive kde ripoff
<drakonis_>
actually, i think 7 shipped with big icons by default in the taskbar
<worldofpeace>
I actually have almost no opinion on those comparisons. I'm very happy with desktop linux development
<drakonis_>
these are not complaints
<worldofpeace>
We have great offerings that just get better, that's something other platforms don't have
<drakonis_>
i'm running windows on this laptop and it is not a fun experience
<worldofpeace>
lol
<drakonis_>
if i want to change default app handlers, a popup shows me where i should go to change it, instead of opening the menu for that
<worldofpeace>
I've got say that as much, maybe window's desktop is dead and an interactive advert
<drakonis_>
i dont understand why would someone greenlight such a change
<gchristensen>
I dunno, I know a bunch of devs moving to windows
<drakonis_>
why would anyone bother showing this popup instead of just loading the menu
<worldofpeace>
gchristensen: probably for much different reasons than drakonis_ mentions
<drakonis_>
the new menu for changing defaults only allows me to change specific defaults
<drakonis_>
baked into the menu
<drakonis_>
if i want to change anything outside, i have to open a different window
<eyJhb>
gchristensen: like, microsoft windows?
<gchristensen>
yeah
drakonis has quit [Ping timeout: 252 seconds]
drakonis has joined #nixos-chat
<eyJhb>
Hurts.. I love how on most linux distros you can just e.g. `sudo apt-get install x y z`, and `sudo apt-get update && sudo apt-get upgrade`, takes no time to reinstall stuff.. And the NixOS comes into play, and then it becomes even more easy!
<eyJhb>
But I guess software like Ninite helps on Windows as well
<drakonis_>
chocolatey is the best option on windows
<drakonis_>
boxstarter as well
<eyJhb>
drakonis_: that was started after I switched to Linux :( Haven't touched it since 2016 I think
<drakonis_>
chocolatey was started right around when microsoft started shipping nuget with windows installs
<drakonis_>
right around 8?
<drakonis_>
oneget rather.
<drakonis_>
oh, 2017, hm.
<drakonis_>
nevermind, its older than that
<drakonis_>
the repository already existed in 2013 and backwards
<samueldr>
yeah, used it to setup a windows 7 vagrant vm automatically with SDKs for compiler targets in what must have been ~2014-2015
<drakonis_>
initial commit in 12 december 2013
<samueldr>
and it was used because it had been a project that showed its worth
<gchristensen>
🌶️ Nix shouldn't handle secrets, because Nix has no concept of ACLs and variable levels of sensitivity. Wedging it in is guaranteed to be a nightmare. Instead, in the spirit of functional system design, software should be written and changed in such a way as to support dynamically receiving secrets. 🌶️
<drakonis_>
hot takes itc
<drakonis_>
spicy
<samueldr>
gchristensen++
<{^_^}>
gchristensen's karma got increased to 159
<samueldr>
sounds like that, without a big undertaking, the best way to go is out of band
<samueldr>
with well-known locations
<drakonis_>
its currently preventing some degree of adoption i suppose
<samueldr>
e.g. setup your configuration file to look at /var/sekretstuff/ssl/cert.pem and manage it out of band
<drakonis_>
one of the erlang folks dropped nixos over this
<samueldr>
what would be nice, though, is some "cookbook" examples of how this can be achieved
<gchristensen>
+1 secrets must be viewed as state
<samueldr>
and maybe some example tooling around?
<drakonis_>
and state must be dealt accordingly
<gchristensen>
agreed, outside of Nix :P
<samueldr>
I would opine that nix may want to grow the feature _with great consideration and appropriate time_
<samueldr>
though not sure how it can make sens
<samueldr>
e
<drakonis_>
grow the ability to handle state with grace when necessary
<samueldr>
hmm... I say nix... maybe I mean nixpkgs/nixos/nixops rather than nix
<gchristensen>
monads
<drakonis_>
monads you say?
* gchristensen
dunno
<gchristensen>
be able to represent "how to get the secret" and then "what to do with the secret" and "how to know if the secret changed"
<samueldr>
annoyingly, this would be easier if all secret consumption was done the same way; e.g. open a file
<gchristensen>
right
<gchristensen>
mixing secret and not-secret data is always a nightmare
<eyJhb>
Just make everything public!
<eyJhb>
Had someone at work do that. He did not seem to care
<gchristensen>
oops
<emily>
the fact that some amount of hacking around for secrets is required for just about every nix deployment scheme is really annoying tbh
<emily>
it's not like nix is a paragon of perfect crystalline design in every other respect
<emily>
not to say I have good solutions to the secrets problem, but I think Nix could probably stand to gain functionality in this regard
<emily>
hopefully more along the lines of objcap than ACLs
<gchristensen>
nix has no runtime
<samueldr>
am I right in assuming that any "runtime" consideration with nix, e.g. for secrets handling, is going to be an issue?
<gchristensen>
:D
<samueldr>
welp, sounds like gchristensen says so
<gchristensen>
I dunno, maybe it could grow a runtime
<samueldr>
as it is, it needs to be a stateful scheme, something that can be done entirely "at rest"
<gchristensen>
but I think Nix having no runtime (and "evaporating" at the end) is very nice
<samueldr>
it is imo
<samueldr>
thus maybe it's something that needs to be an addition on top of the nix/nixpkgs/nixos/nixops ecosystem
<samueldr>
a runtime thing that uses nix to leverage its build system, but does builds in a different context and store?
<ashkitten>
it'd be interesting to have some sort of encryption based thing to store secrets, that way you could just store them encrypted in your normal configs and nix would decrypt it during evaluation or something
<gchristensen>
and then what? (after decryption)
<ashkitten>
and then it gets used by whatever, i guess
<gchristensen>
how?
<ashkitten>
like, it'd just be a normal value but you could use a helper function from nix which decrypts the input at eval time
<gchristensen>
yeah I get that, but then what? write it to /nix/store?
<ashkitten>
hm
<samueldr>
during the nix build time, if $software was to be built with your secret, the secret would end up in the store here I guess
<samueldr>
I think that's like the main and only issue with handling secrets
<ashkitten>
yeah i guess it'd still be bad to share the store then
<samueldr>
the store is designed to be public
<ashkitten>
hngg
<samueldr>
most anything that can happen during build time with nix will end up spoiling the secret
<samueldr>
(as currently implemented)
<ashkitten>
yeah
<ashkitten>
but we'd have to do it at build time is the thing, right?
<samueldr>
with the current design, yeah, as everything has to be finished, and done, after build
<gchristensen>
not to mention the lifecycle of secrets is often very different from the lifecycle of everything else
<samueldr>
yeah
<samueldr>
imagine a certifiate renewed weekly
<gchristensen>
it'd be weird having to do a whole nix-build of everything every time your dynamically allocated API key resets (every 15 minutes)
<samueldr>
but your software updates every two months
<ashkitten>
i just want ~something~ more streamlined than the current "put some crap in /var/lib and point a path to it"
<samueldr>
I think you're not alone :)
<gchristensen>
+1
<samueldr>
though this is something that's as it looks like, pretty hard
<gchristensen>
+1 :)
<samueldr>
I just started thinking, not sure what user namespaces allow exactly, but it'd be nice to have some kind of "secrets-wrapper <secret-key> <command>" command that can be used to mount secrets at a well-known location for that namespace
<samueldr>
kind of unrelated to nix though
<ashkitten>
and then theres stuff that squonches around the fact that nix has no runtime by installing systemd services just to update variables
* emily
would like to see some lightweight secrets manager designed to integrate with nix, then, at least
<gchristensen>
emily: agreed :)
<emily>
something to manage the /var/lib secrets and provide a nicer interface to them
<emily>
syncing can just be handled through git I guess
<joepie91>
obligatory warning that env vars tend to leak
<__monty__>
Looks like something you could put in a .envrc. But why eval rather than source?
<samueldr>
can you source the output of a command, __monty__?
<samueldr>
in that example pass will output to stdout
<__monty__>
source <(pass some-secrets); no?
<emily>
they're about the same
<emily>
they're both effectively eval
<emily>
you could do source <(echo ...) rather than eval too
<samueldr>
though <() is a bashism, right?
<samueldr>
not saying it's bad because it's a bashism, but something to keep in mind :)
<samueldr>
does <() use a transient file or is it all done in memory?
<samueldr>
I guess there's no reason to do it with files though
<emily>
it uses an fd
<emily>
<(...) evals to e.g. /dev/fd/63
<emily>
...well, I guess it isn't as simple as that
<emily>
probably /proc/.../fd/... or something
<samueldr>
yeah
<emily>
oh
<emily>
/dev/fd is a symlink to /proc/self/fd i guess, okay
<emily>
yeah it gives... wow, exactly /dev/fd/63 for me
<emily>
in fact it's consistently 63, which is I guess why I remembered it
<__monty__>
I guess I'm just irrationally averse to eval.
<emily>
FWIW: source is also a bashism
<samueldr>
I guess it will change if you have more than one open
<emily>
yeah, next one goes to 62 if you include two on the same line
<__monty__>
I figured since we were talking nix bashims were fine tbh.
<samueldr>
it probably is, though always something to know and keep in mind :)
psyanticy has quit [Quit: Connection closed for inactivity]
waleee-cl has quit [Quit: Connection closed for inactivity]
<gchristensen>
anyway, that is just a thing I've done
<__monty__>
gchristensen: Oh, you don't relish your every action being picked apart on irc? : )
<__monty__>
It's clever though. I'd never thought of it.
<gchristensen>
I don't mind :P
waleee-cl has joined #nixos-chat
aleph- is now known as Church-
__monty__ has quit [Quit: leaving]
<manveru>
gchristensen: we just put those as normal shell files in keybase :)
<ashkitten>
hmmmmm why is ssh to my desktop hanging on "Offering public key"
<manveru>
ashkitten: does it need a password?
<ashkitten>
oh
<ashkitten>
my zpool is hanging, i think
<ashkitten>
damn
<manveru>
uh oh
<gchristensen>
I was going to suggest io :)
<ashkitten>
maybe i should go back to zfs 0.8.1, or ask someone in #zfsonlinux
drakonis_ has quit [Ping timeout: 265 seconds]
<elvishjerricco>
I had ZFS hang on me once. Only on one dataset though. Couldn't figure out anything to do about it other than reboot, after which it was fine.