<copumpkin>
lots of unresolvable tarballs.nixos.org issues recently
JosW has joined #nixos-dev
<copumpkin>
anyone know what's going on with that
mbrgm has quit [Quit: ZNC 1.6.5+deb1 - http://znc.in]
goibhniu has joined #nixos-dev
orivej has joined #nixos-dev
jtojnar has quit [Remote host closed the connection]
jtojnar has joined #nixos-dev
FRidh has joined #nixos-dev
ckauhaus has joined #nixos-dev
ckauhaus has quit [Ping timeout: 268 seconds]
Mic92 has joined #nixos-dev
ckauhaus has joined #nixos-dev
ckauhaus has quit [Remote host closed the connection]
ckauhaus has joined #nixos-dev
ckauhaus has quit [Remote host closed the connection]
jtojnar has quit [Ping timeout: 248 seconds]
jtojnar_ has joined #nixos-dev
jtojnar_ is now known as jtojnar
jtojnar has quit [Remote host closed the connection]
ma27 has joined #nixos-dev
ckauhaus has joined #nixos-dev
ckauhaus has quit [Ping timeout: 240 seconds]
__Sander__ has joined #nixos-dev
ma271 has joined #nixos-dev
ma27 has quit [Ping timeout: 265 seconds]
pie__ has joined #nixos-dev
pie_ has quit [Ping timeout: 240 seconds]
ma271 has quit [Ping timeout: 246 seconds]
<FRidh>
Why were the Darwin staging jobs aborted? I would like to merge staging into master.
<LnL>
vcunat was preparing a staging merge
<contrapumpkin>
niksnut, ikwildrpepper: any idea what's up with the DNS issues on tarballs.nixos.org?
<contrapumpkin>
niksnut, ikwildrpepper: it's weird, but tarballs.nixos.org resolves fine on most machines I test on, but not on hydra (see all recent failures of https://hydra.nixos.org/jobset/nix/master), and on one other build box of mine it fails too. I can't figure out what's up with it
<pierron_>
We are really lacking documentation, and we are lacking authoritative choices in NixOS!
<pierron_>
The fact that a module does not provide a default working configuration, or a single well documented option to get, nor good examples, make NixOS worse than configuring on any other distribution …
<pierron_>
I see that we have bacula, which is supposed to be complex to configure, why can't we have good default? I spent 2 days trying to figure out rsnapshot, and how to make it secure … That's a shame.
<pierron_>
Now I am trying to get systemd-nspawn mount-bind my home directory in a usable way, and due to the fact that systemd examples are not overridable the same way as other units, I literally lost a half a day trying to figure out how to mkForce some ExecStart command, which the only way I am left with, is editting the source of systemd …
<pierron_>
Seriously, NixOS quality is far from being a mainstream accessible distribution.
__Sander__ has quit [Quit: Konversation terminated!]
FRidh has quit [Quit: Konversation terminated!]
<gchristensen>
:(
<pierron_>
No seriously even patching systemd derivation does not works … :(
ma271 has joined #nixos-dev
ckauhaus has joined #nixos-dev
ckauhaus has quit [Ping timeout: 256 seconds]
ma271 has quit [Quit: WeeChat 2.0]
ma27 has joined #nixos-dev
orivej has quit [Ping timeout: 256 seconds]
michaelpj_ has joined #nixos-dev
<Mic92>
pierron_: you can override ExecStart the following way
<Mic92>
ExecStart = ["" "/new/path"];
<Mic92>
the problem is, that ExecStart can contain multiple entries
<Mic92>
however systemd allows to override things.
<pierron_>
Mic92: not for /etc/systemd/system/systemd-nspawn@.service
<fpletz>
LnL: that is used if an upstream systemd service file is overridden
ckauhaus_ has quit [Remote host closed the connection]
<Mic92>
This is an upstream issue.
ckauhaus has joined #nixos-dev
<Mic92>
pierron_: also your own bind mounts would need to be shifted to the same range as the user namespace. systemd-nspawn does not do this.
<Mic92>
As the kernel still lacks of a shiftfs implementation this is an unsolved problem and makes unprivileged containers still hard to use for some use cases
ckauhaus has quit [Ping timeout: 256 seconds]
MichaelRaskin has joined #nixos-dev
orivej has joined #nixos-dev
JosW has quit [Quit: Konversation terminated!]
ckauhaus has joined #nixos-dev
<copumpkin>
niksnut: any idea why I might be getting the DNS resolution error on a builtin:fetchurl .drv with sandboxing? I can't reproduce it except in a weird environment but am still trying to get a more minimal repro
<niksnut>
copumpkin: is that on NixOS?
<copumpkin>
it's on a linux set up with a multi-user daemon-less arrangement, in a docker container
<copumpkin>
but with sandboxing on
<copumpkin>
it works for everything but this, but it must be something odd about the setup
<niksnut>
it might have something to do with the sandbox not having access to nscd
<niksnut>
so it's forced to do a DNS lookup
<niksnut>
without any caching
<copumpkin>
ah, I did go out of my way to cut nscd out of /etc/nsswitch.conf
<copumpkin>
because in the docker situation for whatever reason it was going to the host
<copumpkin>
and giving me a bunch of nonsense
<copumpkin>
niksnut: does builtin:fetchurl do resolution differently from other fetchers though? I've fetched plenty of FO derivations in the past with this exact setup
<copumpkin>
but probably no builtin:fetchurl ones until today
<niksnut>
no
makefu has quit [Ping timeout: 268 seconds]
ckauhaus has quit [Remote host closed the connection]
ckauhaus has joined #nixos-dev
makefu has joined #nixos-dev
ckauhaus has quit [Remote host closed the connection]
ckauhaus has joined #nixos-dev
ckauhaus_ has joined #nixos-dev
ckauhaus has quit [Ping timeout: 268 seconds]
michaelpj_ has quit [Ping timeout: 240 seconds]
ckauhaus_ has quit []
<copumpkin>
what's the best way to just inject a raw .drv file alone into the store?
<copumpkin>
just dropping the file there and attempting to nix-store -r it doesn't seem to work
<copumpkin>
presumably because the path isn't valid
<copumpkin>
ah, I can just nix-store --add it
<MichaelRaskin>
But then you need to add dependency list to the command
<MichaelRaskin>
Where did you get it?
<MichaelRaskin>
Why didn't you nix-export its closure?
<copumpkin>
it has no dependencies, but yes
<copumpkin>
I'm trying to repro a tiny bug
<copumpkin>
its builder is builtin:fetchurl
ma27 has quit [Ping timeout: 246 seconds]
<Sonarpulse>
Dezgeg: 9848df4392d174fbeb01762572498b6a80a47b85 `system` parameter is unused?
<Sonarpulse>
Dezgeg: oh nevermind
<Sonarpulse>
misread indentation
<Dezgeg>
yeah it was eird
<Sonarpulse>
Dezgeg: also, is that branch something that gets merged into master or separate?
<Dezgeg>
will PR once I write a good commit message (probably tomorrow)
<Sonarpulse>
nice
<Sonarpulse>
I'm going to fix meta.platforms for cross soon
<Sonarpulse>
remember the lib/systems/inspect.nix stuff?
<Sonarpulse>
I think I want to make it take either a string (as today, for compat) or one of those sets which can be `matchAttr`ed with the platform
mbrgm has joined #nixos-dev
<copumpkin>
niksnut: it's definitely specific to builtin:fetchurl. I have a smaller repro (not small enough to post yet) that fails consistently (same nix.conf with sandboxing) on builtins.fetchurl and is able to resolve names just fine in a variety of ways (nscd, direct dns, etc.) from inside a non-builtin builder
manveru has quit [Read error: Connection reset by peer]
manveru has joined #nixos-dev
<catern>
is builtins.fetchTarball broken on latest master?
<catern>
(it seems to be to me, or at least it's not-backwards-compatible)
dtz has joined #nixos-dev
<dtz>
Lost this when the server running my irc client kicked it over holidays haha