worldofpeace_ changed the topic of #nixos-dev to: #nixos-dev NixOS Development (#nixos for questions) | NixOS stable: 20.03 ✨ https://discourse.nixos.org/t/nixos-20-03-release/6785 | https://hydra.nixos.org/jobset/nixos/trunk-combined https://channels.nix.gsc.io/graph.html | https://r13y.com | 19.09 RMs: disasm, sphalerite; 20.03: worldofpeace, disasm | https://logs.nix.samueldr.com/nixos-dev
cocreature has joined #nixos-dev
Jackneill has quit [Ping timeout: 256 seconds]
Jackneill has joined #nixos-dev
drakonis_ has joined #nixos-dev
drakonis has quit [Ping timeout: 246 seconds]
<jtojnar> does `nix build` no longer support building Nix expressions?
orivej has joined #nixos-dev
<jtojnar> oh, it uses `--expr`, not `-E`
<clever> nix build '(with import <nixpkgs> {}; hello)'
<clever> jtojnar: if the string starts with a (, it gets parsed as an expr
<jtojnar> yeah, I remember that
<jtojnar> though with flakes, I need to use --impure
<jtojnar> clever with flakes, it needs explicit --expr
<jtojnar> (... is not a valid URL)
drakonis_ has quit [Ping timeout: 256 seconds]
orivej has quit [Ping timeout: 264 seconds]
drakonis_ has joined #nixos-dev
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 240 seconds]
orivej has joined #nixos-dev
alp has joined #nixos-dev
orivej has quit [Ping timeout: 260 seconds]
orivej has joined #nixos-dev
justanotheruser has quit [Ping timeout: 256 seconds]
ajs124 has quit [Quit: killed]
Scriptkiddi has quit [Quit: killed]
das_j has quit [Quit: killed]
ajs124 has joined #nixos-dev
Scriptkiddi has joined #nixos-dev
das_j has joined #nixos-dev
orivej has quit [Quit: No Ping reply in 180 seconds.]
justanotheruser has joined #nixos-dev
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 272 seconds]
orivej has joined #nixos-dev
orivej_ has joined #nixos-dev
orivej has quit [Ping timeout: 256 seconds]
orivej_ has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
drakonis1 has quit [Quit: WeeChat 2.8]
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 264 seconds]
orivej has joined #nixos-dev
rajivr has joined #nixos-dev
<ryantm> Crossed the 90k issue+pr count
orivej has quit [Ping timeout: 264 seconds]
orivej has joined #nixos-dev
m1cr0m4n has joined #nixos-dev
m1cr0man has quit [Ping timeout: 246 seconds]
alp has quit [Ping timeout: 272 seconds]
orivej has quit [Ping timeout: 240 seconds]
orivej has joined #nixos-dev
<lovesegfault> domenkozar[m]!!! You're bumping patchelf!!!
<lovesegfault> The hero we need!
<lovesegfault> domenkozar[m]++
<{^_^}> domenkozar[m]'s karma got increased to 23.000000000000004
orivej has quit [Ping timeout: 246 seconds]
orivej has joined #nixos-dev
orivej_ has joined #nixos-dev
orivej has quit [Ping timeout: 258 seconds]
alp has joined #nixos-dev
orivej_ has quit [Ping timeout: 256 seconds]
orivej has joined #nixos-dev
evanjs has quit [Read error: Connection reset by peer]
evanjs has joined #nixos-dev
orivej has quit [Quit: No Ping reply in 180 seconds.]
__monty__ has joined #nixos-dev
orivej has joined #nixos-dev
orivej_ has joined #nixos-dev
orivej has quit [Read error: Connection reset by peer]
<kloenk> the html content of cache.nixos.org. can I get it somewhere? under which license is ist? would like to change the url und use if for my own cache (it has a nice design :-) )
cole-h has quit [Quit: Goodbye]
<LnL> not sure about the licence, most things are mit but nothing is specified in that repo
orivej_ has quit [Ping timeout: 246 seconds]
orivej has joined #nixos-dev
callahad8707 has quit [Ping timeout: 240 seconds]
callahad87074 has joined #nixos-dev
orivej_ has joined #nixos-dev
orivej has quit [Ping timeout: 246 seconds]
orivej_ has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
alp has quit [Ping timeout: 272 seconds]
ckauhaus has joined #nixos-dev
orivej has quit [Ping timeout: 256 seconds]
orivej has joined #nixos-dev
alp has joined #nixos-dev
<kloenk> LnL: as far as I see thats for the status page, not the cache
<LnL> oh whoops
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
ris has quit [Ping timeout: 272 seconds]
jared-w has quit [Ping timeout: 256 seconds]
jared-w has joined #nixos-dev
cstrahan has quit [Ping timeout: 256 seconds]
cstrahan has joined #nixos-dev
orivej has quit [Read error: Connection reset by peer]
orivej_ has joined #nixos-dev
orivej_ has quit [Ping timeout: 260 seconds]
orivej has joined #nixos-dev
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos-dev
ehmry has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
<rnhmjoj> what do you do to test changes to nixos-install? i'm trying to install nixos on an external drive but i can't get grub to install the bootloader
<JJJollyjim> The installer tests in nixos/tests/ in nixpkgs should provide test coverage
<rnhmjoj> Jamie: do they cover installing a bootloader too? that's what i'm interested in
<JJJollyjim> yeah, looks like they cover both systemd-boot and grub
<JJJollyjim> then it reboots into the drive it installed on, to make sure it worked
<rnhmjoj> great, thank you, i'll take a look
alp has quit [Ping timeout: 272 seconds]
<manveru> what are the chances of ever getting `builtins.fromYAML`?
<Profpatsch> no.
<Profpatsch> Probably useful tohave :)
<manveru> yeah, Crystal just switched to a new lock format that contains git revisions... but it's in YAML :)
<Profpatsch> manveru: IfD?
<manveru> so still need to do IFD
<manveru> which is fine, but not for nixpkgs :)
<Profpatsch> yeah, just convert to json and check that in
<Profpatsch> who cares really
<manveru> jup
<infinisil> manveru: Arghh, why did they choose yaml
<manveru> why you asking me...
<manveru> probably because bundler uses yaml too?
<JJJollyjim> Yaml parser written in nix please :P
<LnL> is there a standard for a sane subset of yaml?
<infinisil> json :P
<Profpatsch> JJJollyjim: We don’t joka about that here
<Profpatsch> too soon
<LnL> like without all the anchor crap
<Profpatsch> what infinisil says
<manveru> technically correct, but not helpful :P
<LnL> just wondering since that could be reasonable to add as a builtin
<infinisil> toml is similar to yaml
<infinisil> And there is builtins.fromTOML :)
<manveru> yeah, eelco added that for rust i think
<Profpatsch> It was about as slow as you’d expect
<JJJollyjim> haha
<JJJollyjim> we gotta write like
<JJJollyjim> a webassembly interpreter
<JJJollyjim> in nix
<JJJollyjim> then we can run anything
<JJJollyjim> :3
<infinisil> JJJollyjim: My idea is to have a builtins.haskell, which allows using any pure haskell functions
<JJJollyjim> oh a builtin, that's boring
<JJJollyjim> :P
<infinisil> Heh, gotta use builtins for that
<JJJollyjim> compile ghc for wasm
<JJJollyjim> write a wasm interpreter in nix
<JJJollyjim> ez
<JJJollyjim> i guess a wasm builtin would be better lol
* JJJollyjim uses builtins.haskell to import hnix and just run the rest of my nix code :P
<infinisil> Yeah with a builtins.haskell, something like hnix would have to be used for the interaction layer
orivej has quit [Ping timeout: 260 seconds]
orivej_ has joined #nixos-dev
<adisbladis> Oh no
<adisbladis> Nix is already sufficiently complex without FFI boundaries
<JJJollyjim> :P
<ekleog> a wasm builtin would make sense, under the assumption that it must be a pure function — it'd avoid having to write complex and slow algorithms in nix, and would maybe improve significantly the time to evaluate nixpkgs? seeing as ISTR that an algorithmic improvement on one of the algorithms reduced significantly the eval time already once
<puck> IFD :p
<ekleog> using ifd wouldn't make eval faster, though :p
<puck> well, that's not an insurmountable problem, is it?
<JJJollyjim> Yeah idk if wasm and IFD would be that much different
<JJJollyjim> Performance-wise
<ekleog> IFD means forking, setuid, setgid, setting whole processes in memory, etc. Wasm would be just load a file cached in the nix store (that would have the prebuilt, cached wasm code) to RAM and jmp to it :) (and on the second eval in the nix-daemon lifetime it could probably even cache it in memory seeing as it'd likely be <1KB, so it'd really just be “jump to native code”)
<ekleog> (note: the “cache the prebuilt wasm” is a further optimization, I also think that just rebuilding the wasm live would also make sense so long as the [source language -> wasm] step is cached in the store, but that'd be the case with something like lib.evalRust = builtins.evalWasm (lib.buildRustWasm '' ... '') where lib.buildRustSource produces the wasm blob in the store — that part would
<ekleog> indeed be IFD, though)
<ekleog> (we may want to just commit the wasm blobs to nixpkgs for the few functions that'd benefit from such a system)
<ekleog> now… if there's something lower-prio than that, I don't know about it :p
<Profpatsch> we already have that, builtins.exec.
<Profpatsch> But it’s behind a very long feature flag for a reason
<adisbladis> Profpatsch: Tbh I wish we'd remove it
<ekleog> the very big issue of builtins.exec is that it's not sandboxed, and so it breaks literally everything
<ekleog> builtins.evalWasm would be sandboxed, and so could be considered as any other nix function
alp has joined #nixos-dev
orivej_ has quit [Ping timeout: 260 seconds]
orivej has joined #nixos-dev
tokudan_ has joined #nixos-dev
kloenk_ has joined #nixos-dev
nh2_ has joined #nixos-dev
tokudan has quit [Ping timeout: 256 seconds]
jared-w_ has joined #nixos-dev
matthewbauer1 has joined #nixos-dev
alexarice[m]1 has joined #nixos-dev
janneke_ has joined #nixos-dev
jared-w has quit [*.net *.split]
janneke has quit [*.net *.split]
kloenk has quit [*.net *.split]
Dandellion has quit [*.net *.split]
bennofs[m] has quit [*.net *.split]
matthewbauer has quit [*.net *.split]
alexarice[m] has quit [*.net *.split]
nh2 has quit [*.net *.split]
hexa- has quit [*.net *.split]
nh2_ is now known as nh2
jared-w_ is now known as jared-w
janneke_ is now known as janneke
bennofs[m] has joined #nixos-dev
hexa- has joined #nixos-dev
ehmry has joined #nixos-dev
orivej has quit [Ping timeout: 260 seconds]
orivej_ has joined #nixos-dev
alp has quit [Ping timeout: 272 seconds]
Dandellion has joined #nixos-dev
Dandellion has joined #nixos-dev
Dandellion has quit [Changing host]
bennofs[m] has quit [Ping timeout: 256 seconds]
alp has joined #nixos-dev
kloenk_ has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
kloenk has joined #nixos-dev
<gchristensen> interesting, someone is calling <nixpkgs/nixos> "diamond paths"
justanotheruser has quit [Ping timeout: 260 seconds]
rajivr has quit [Quit: Connection closed for inactivity]
justanotheruser has joined #nixos-dev
drakonis has joined #nixos-dev
<gchristensen> domenkozar[m]: have you seen issues w.r.t. nixos/nix's docker image and certs after 2.3.4?
drakonis_ has quit [Read error: Connection reset by peer]
drakonis1 has joined #nixos-dev
drakonis has quit [Ping timeout: 260 seconds]
<domenkozar[m]> hmm no
<domenkozar[m]> that's weird, don't think we changed anything related in Nix
<domenkozar[m]> maybe due to nixpkgs?
<gchristensen> nah
<gchristensen> `docker run nixos/nix nix-shell -p hello --run hello` fails
<gchristensen> but docker run -it nixos/nix, then running nix-shell -p hello --run hello works fine
<gchristensen> error: unable to download 'https://cache.nixos.org/xfbmj7sl2ikicym9x3yq7cms5qx1w39k.narinfo': Problem with the SSL CA cert (path? access rights?) (77)
<domenkozar[m]> Nix doesn't add GC root for the certs
orivej_ has quit [Ping timeout: 260 seconds]
<gchristensen> impressive
orivej has joined #nixos-dev
<domenkozar[m]> we should probably just install cacert again after GC
<gchristensen> wait, no, I think there is something else wrong
drakonis has joined #nixos-dev
<gchristensen> because it depends on if you're in an interactive bash terminal (which bash does one initialisation process) or non-interactive (where bash loads different files)
justanotheruser has quit [Ping timeout: 272 seconds]
drakonis1 has quit [Ping timeout: 264 seconds]
<domenkozar[m]> gchristensen: either way I'd be surprised it was the release
<gchristensen> looking in to it further.
<domenkozar[m]> but not sure how bash affects the certs, it should respect the same env var
<domenkozar[m]> k
<domenkozar[m]> thanks!
drakonis has quit [Ping timeout: 272 seconds]
drakonis_ has joined #nixos-dev
alp has quit [Ping timeout: 272 seconds]
<domenkozar[m]> interesting
<gchristensen> I'm poking with dive
<domenkozar[m]> there's no certs in the profile
orivej has quit [Ping timeout: 246 seconds]
orivej has joined #nixos-dev
<domenkozar[m]> probably the easiest fix is to remove NIX_SSL_CERT_FILE from dockerfile
<domenkozar[m]> although git will still fail
<gchristensen> I think there is a problem with the Nix installer in 2.3.6
<LnL> it's always been this way AFAIK, not sure why we don't just always install the cert bundle
<gchristensen> can we add a test to the nixos/docker repo to prevent it from publishing if a non-interactive use fails?
<domenkozar[m]> yeah I'm working on a test
<domenkozar[m]> I think the problem is there was no nix-env -i cacert
<domenkozar[m]> since you can see in 2.3.6 there's profile-1
<domenkozar[m]> instead of profile-2
<gchristensen> I think the problem remains in the Nix installer
<LnL> I'd say always install but let the nix.sh profile figure out what cert bundle it should use
<gchristensen> can we get the build logs from docker hub some how?
<domenkozar[m]> I'm looking at them now
<domenkozar[m]> let me gist them
<domenkozar[m]> it seems like nix-env installed stuff into the wrong profile?
justanotheruser has joined #nixos-dev
<domenkozar[m]> ah no - it didn't even install it
justanotheruser has quit [Ping timeout: 272 seconds]
justanotheruser has joined #nixos-dev
<domenkozar[m]> could it be that $NIX_SSL_CERT_FILE is somehow set for the installer?
<gchristensen> maybe should diff the installer's tarball
<domenkozar[m]> strange
<domenkozar[m]> if I build the image locally
<domenkozar[m]> it does install the cert
<gchristensen> :o
<domenkozar[m]> so must for reproducability :P
drakonis has joined #nixos-dev
<domenkozar[m]> reproducibility*
<gchristensen> I wonder what it would take to actually build it with Nix
justanotheruser has quit [Ping timeout: 272 seconds]
<domenkozar[m]> oh LnL already does that :D
<domenkozar[m]> but why the heck did it skip installing certs?!
<LnL> not 100% because I didn't want it to depend on qemu but if you don't mind that it could be pulled into a build entirely
drakonis_ has quit [Ping timeout: 265 seconds]
<domenkozar[m]> huh why does it even add users?
<domenkozar[m]> it's using single-user installation
<LnL> because root
<LnL> see, you can currently skip build users if you really want but I'd prefer if that wasn't even possible https://github.com/NixOS/nix/pull/3415
<{^_^}> nix#3415 (by LnL7, 12 weeks ago, open): build: disallow root without build users
Jackneill has quit [Ping timeout: 264 seconds]
<domenkozar[m]> so we should probably just use multi-user installation in docker
<domenkozar[m]> although that's painful due to daemon having to run :/
<LnL> multi-user without the daemon works fine
<LnL> everything you run in nixos as root will do the same thing
<domenkozar[m]> ah cool so we can try that
<domenkozar[m]> btw, locally it installs nsscert
<domenkozar[m]> on travis-ci it fails to
<domenkozar[m]> same commit
<domenkozar[m]> what the heck?
<{^_^}> docker#22 (by domenkozar, 37 minutes ago, open): add a regression test
<LnL> does it pull in environment variables somehow, like with docker -e FOO=bar?
Jackneill has joined #nixos-dev
<domenkozar[m]> not sure :/
<domenkozar[m]> I need to run for today.
drakonis_ has joined #nixos-dev
<Profpatsch> domenkozar[m]: what are you running from
<domenkozar[m]> $ docker build .
<domenkozar[m]> my laptop
drakonis has quit [Ping timeout: 260 seconds]
<domenkozar[m]> really need to run now!
<Profpatsch> don’t let them catch you!
justanotheruser has joined #nixos-dev
orivej has quit [Ping timeout: 260 seconds]
drakonis has joined #nixos-dev
orivej has joined #nixos-dev
drakonis_ has quit [Ping timeout: 256 seconds]
orivej has quit [Ping timeout: 264 seconds]
orivej_ has joined #nixos-dev
ckauhaus has quit [Quit: WeeChat 2.7.1]
justanotheruser has quit [Ping timeout: 260 seconds]
drakonis_ has joined #nixos-dev
drakonis has quit [Ping timeout: 272 seconds]
drakonis has joined #nixos-dev
drakonis_ has quit [Ping timeout: 256 seconds]
drakonis1 has joined #nixos-dev
justanotheruser has joined #nixos-dev
ris has joined #nixos-dev
orivej has joined #nixos-dev
orivej_ has quit [Ping timeout: 260 seconds]
cole-h has joined #nixos-dev
<mdlayher> infinisil: thanks so much for the review, just updated my PR if you'd like to give it another look: https://github.com/NixOS/nixpkgs/pull/89781
<{^_^}> #89781 (by mdlayher, 2 days ago, open): nixos/corerad: add settings option to supersede configFile
nschoe has joined #nixos-dev
nschoe has quit [Ping timeout: 272 seconds]
<ekleog> Do we have a policy wrt. modules that could be either in nixos, home-manager, or both? Looking at https://github.com/NixOS/nixpkgs/pull/86225 I'm thinking of answering that it'd be better in home-manager, but…
<{^_^}> #86225 (by sorki, 6 weeks ago, open): nixos/proxychains: init
<mdlayher> i've got a couple of Prometheus exporter related PRs open if anyone has a moment: https://github.com/NixOS/nixpkgs/pull/89810 and https://github.com/NixOS/nixpkgs/pull/90077
<{^_^}> #89810 (by mdlayher, 2 days ago, open): prometheus-keylight-exporter: init at 0.1.1
<{^_^}> #90077 (by mdlayher, 2 minutes ago, open): nixos/prometheus-apcupsd-exporter: new module
<mdlayher> happy to trade for other reviews. i'm most comfortable with Go/Prometheus stuff :)
<cole-h> ekleog: Curious why you think that belongs in h-m rather than NixOS proper? I don't see anything specific that screams "h-m" to me.
<ekleog> cole-h: well, it's just configuration for an end-user program, which is more h-m than nixos to me
<ekleog> what could be nixos would be a proxychains.withConfig '' config ''
<ekleog> (well… nixpkgs even)
<cole-h> Well, most of the various shells have a NixOS module, and I think that also satisfies "configuration for an end-user program"
<cole-h> I see your point, but that's not enough justification (for me, IMHO) to redirect it to h-m.
<ekleog> I'd argue that `programs.` is a mistake, that was made before h-m arose :p but that's also why I'd like to have feedback from other people about how far we want to go duplicating modules between h-m and nixos
orivej has quit [Ping timeout: 256 seconds]
orivej has joined #nixos-dev
tokudan_ has quit [Remote host closed the connection]
tokudan has joined #nixos-dev
alp has joined #nixos-dev
<timokau[m]> gchristensen: You'll be happy to see https://github.com/timokau/marvin-mk2/pull/4 ;)
<{^_^}> timokau/marvin-mk2#4 (by timokau, 1 minute ago, open): Convert to a GitHub app
<timokau[m]> Mic92: around?
<Mic92> timokau[m]: yes
<timokau[m]> What would we need to do to move marvin-mk2 on nix-community infra?
<Mic92> timokau[m]: It just needed to be added as a service to build01
<Mic92> timokau[m]: you can get in touch with adisbladis or zimbatm
<timokau[m]> Mic92: Is the nix-community irc channel closed?
<Mic92> timokau[m]: no
<timokau[m]> Mic92: Hm, maybe its a matrix issue. Its telling me I'm not invited to this room.
<timokau[m]> Should I open an issue against nix-community/infra?
<Mic92> yes, you can
<Mic92> matrix.org's irc is super flaky
<timokau[m]> It works well enough these days that having the history available without having some always-on irc client is worth it for me
<worldofpeace> I can attest to this ^ but it probably gets a lot of traffic. Though I can agree it works well enough
<timokau[m]> I haven't joined a new channel in forever though, so maybe I'm just doing something wrong
<{^_^}> #89449 (by mmilata, 6 days ago, open): nixos/prometheus-lnd-exporter: init
<{^_^}> #89267 (by mmilata, 1 week ago, open): nixos/prometheus-bitcoin-exporter: init
<mdlayher> sure!
<{^_^}> nix-community/infra#24 (by timokau, 8 seconds ago, open): Host marvin-mk2
orivej has quit [Ping timeout: 256 seconds]
drakonis_ has joined #nixos-dev
drakonis has quit [Read error: Connection reset by peer]
drakonis2 has joined #nixos-dev
drakonis_ has quit [Ping timeout: 256 seconds]
justanotheruser has quit [Ping timeout: 246 seconds]
<infinisil> mdlayher: I'll take a look soon (not today though, maybe tomorrow)
<mdlayher> infinisil: no worries and no rush! Thanks
justanotheruser has joined #nixos-dev
__monty__ has quit [Quit: leaving]
rajivr has joined #nixos-dev
justanotheruser has quit [Ping timeout: 272 seconds]
alp has quit [Ping timeout: 272 seconds]
evanjs has quit [Ping timeout: 240 seconds]
evanjs has joined #nixos-dev
justanotheruser has joined #nixos-dev