<neeasade>
I can't get steam to launch a game -- "failed to create an opengl context" -- I have the hardware section opengl drysupport enabled, and 32 bit as well
<neeasade>
and steam with .override {new Stdcpp = true}
<neeasade>
(the same is dota2, when I search the issues list someone claimed it worked without patching)
<neeasade>
game*
mizu_no_oto has joined #nixos
<clever>
[clever@amd-nixos:~]$ ls /run/opengl-driver-32
<clever>
neeasade: so this directory exists?
<neeasade>
clever: yes
<clever>
cant think of anything else to check right now
<neeasade>
radeon card
<neeasade>
kk
<neeasade>
gonna try with nativeOnly = true on steam
<neeasade>
nerp
<frankpf>
Hey, I'm trying to follow the nixops manual and every time I deploy some nix configuration I get the following error/warning:
<frankpf>
/etc/ssh/ssh_config line 55: Unsupported option "gssapiauthentication"
<frankpf>
/etc/ssh/ssh_config line 56: Unsupported option "gssapidelegatecredentials"
<NixOS_GitHub>
[nixpkgs] vbgl pushed 3 new commits to master: https://git.io/vSW5X
<NixOS_GitHub>
nixpkgs/master 86f4ded Vincent Laporte: google-drive-ocamlfuse: add missing ocamlbuild dependency
<NixOS_GitHub>
nixpkgs/master e5d0593 Vincent Laporte: ocamlPackages.core_extended: fix build on Linux
<NixOS_GitHub>
nixpkgs/master fcb9f44 Vincent Laporte: ocamlPackages.{ocf,xtmpl}: fix for OCaml 4.04
crzyp3ck has quit [(Changing host)]
crzyp3ck has joined #nixos
[0x4A6F] has quit [(Ping timeout: 260 seconds)]
[0x4A6F] has joined #nixos
Dr8128 has quit [(Quit: Leaving.)]
wkennington has quit [(Quit: Leaving)]
<musicmatze>
I just enabled the ipfs service, but the local ipfs executable does not find the ipfs daemon - although it is running - can someone help?
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<musicmatze>
when running with `ipfs --api /ip4/127.0.0.1/tcp/5001` it works
<crzyp3ck>
?
<crzyp3ck>
XCURSOR_PATH is the environment variable available yet?
justin_ has quit [(Ping timeout: 240 seconds)]
ok2 has quit [(Ping timeout: 246 seconds)]
ericsagnes has joined #nixos
<sziszi>
Guys, I just read through the release notes... and this is fucking awesome! I want to congratulate and thank everybody who was involved. So, thank you! :)
<musicmatze>
sziszi: You are welcome! :-)
arianvp2 has joined #nixos
<arianvp2>
euhm
<arianvp2>
so 17.03 is released... but some stuff is going wrong?
<arianvp2>
It is compiling gnome3 and gtk3 from source ...
<arianvp2>
instead of downloading it from the binary cache
arianvp2_ has joined #nixos
nh2 has joined #nixos
ixxie has quit [(Ping timeout: 264 seconds)]
<crzyp3ck>
it seems changing mouse/cursor theme in nixos is very hard. is anyone know how?
<nh2>
clever fpletz arianvp2: I just upgraded to 17.03 stable, now getting an error with acme: `IOError: [Errno 13] Permission denied: u'/var/lib/acme/acme-challenge/.well-known/acme-challenge/ABC123...` - I saw you discuss that in the past (February), did you find a solution?
<arianvp2_>
nh2: oh oh
<arianvp2_>
yeh we had issues with acme, but they were another issue iirc
arianvp2 has quit [(Ping timeout: 260 seconds)]
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to staging: https://git.io/vSWFX
<NixOS_GitHub>
nixpkgs/staging af098ff Vladimír Čunát: libgudev: fix build after update #23965...
<NixOS_GitHub>
nixpkgs/staging 6c153c5 Vladimír Čunát: gtk3: maintenance 3.22.8 -> 3.22.11
eacameron has joined #nixos
ok2 has joined #nixos
erictapen has joined #nixos
<erictapen>
musicmatze: I was offline for a short time, did someone already answer your question?
eacameron has quit [(Ping timeout: 240 seconds)]
<erictapen>
musicmatze: anyway, ipfs depends on your ~/.ipfs dir. Maybe you must run commands with sudo -u ipfs?
ixxie has joined #nixos
eacameron has joined #nixos
hexanode has joined #nixos
byteflame has joined #nixos
<hexanode>
Just out of curiosity, I know NixOS defaults to a KDE installation, but is there a GNOME version ready out of the box or would that take some messing around on my part to get it working properly?
<NixOS_GitHub>
[nixpkgs] mulderr opened pull request #24530: oracle-instantclient: add optional odbc support (master...master) https://git.io/vSWAu
<musicmatze>
erictapen: I got it working by aliasing "ipfs" to "ipfs --api yaddayadda" - maybe not the cleanest way (because scripts do not work that nicely), but it works for me.
eacameron has quit [(Ping timeout: 264 seconds)]
froglegs1 has quit [(Remote host closed the connection)]
drasich has quit [(Ping timeout: 246 seconds)]
froglegs1 has joined #nixos
byteflame has quit [(Ping timeout: 260 seconds)]
deepfire has joined #nixos
stukj has quit [(Ping timeout: 260 seconds)]
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to master: https://git.io/vSWxO
<NixOS_GitHub>
nixpkgs/master d19384c Vladimír Čunát: liferea: bugfix 1.12-rc2 -> 1.12-rc3
jgertm has quit [(Ping timeout: 240 seconds)]
Sonarpulse has quit [(Ping timeout: 246 seconds)]
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 1 new commit to master: https://git.io/vSWxV
<makefu>
i am currently looking for arm-none-eabi-gcc in nixpkgs, command-not-found seems to be broken for now - is there another way to find it?
eacameron has quit [(Ping timeout: 240 seconds)]
<makefu>
there is gcc-arm-embedded, i will try this
jgertm has joined #nixos
Lisanna_ has joined #nixos
<NixOS_GitHub>
[nixpkgs] dezgeg closed pull request #24142: kernel: do not remove .o files on installPhase (master...kernel-builder-to-keep-files) https://git.io/vyN6R
<NixOS_GitHub>
[nixpkgs] nh2 opened pull request #24531: Fix acme dir permissions 17.03 (release-17.03...fix-24529-acme-dir-permissions-17.03) https://git.io/vSWpw
ToxicFrog has quit [(Ping timeout: 268 seconds)]
spinus has quit [(Ping timeout: 256 seconds)]
ixxie has quit [(Ping timeout: 246 seconds)]
<NixOS_GitHub>
[nixpkgs] domenkozar pushed 2 new commits to release-17.03: https://git.io/vSWpF
<NixOS_GitHub>
nixpkgs/release-17.03 9cebf25 Niklas Hambüchen: acme: Use `chown -R` for challenges directory. Fixes #24529....
<NixOS_GitHub>
nixpkgs/release-17.03 d746995 Domen Kožar: Merge pull request #24531 from nh2/fix-24529-acme-dir-permissions-17.03...
<NixOS_GitHub>
[nixpkgs] nh2 opened pull request #24532: acme: Use `chown -R` for challenges directory. Fixes #24529. (master...fix-24529-acme-dir-permissions-master) https://git.io/vSWha
<Lisanna_>
Hey, what's going on with the wiki? It says things are being moved, but it's not clear where to?
<nh2>
Lisanna_: the nix/nixos/nixpkgs manuals
<Lisanna_>
OK
<NixOS_GitHub>
[nixpkgs] domenkozar pushed 2 new commits to master: https://git.io/vSWh6
<NixOS_GitHub>
nixpkgs/master ee0f3e7 Niklas Hambüchen: acme: Use `chown -R` for challenges directory. Fixes #24529....
<NixOS_GitHub>
nixpkgs/master 0cc0f2d Domen Kožar: Merge pull request #24532 from nh2/fix-24529-acme-dir-permissions-master...
ndowens08 has joined #nixos
<Lisanna_>
I'm also wondering: are there any good resources that talk about NixOS container strategies? I'm interested specifically in ways of using them with GUI apps
edvorg has quit [(Remote host closed the connection)]
ToxicFrog has joined #nixos
byteflame has quit [(Ping timeout: 240 seconds)]
eacameron has joined #nixos
<crzyp3ck>
Is there to set a default application on Non DE (only WM) setups like blackbox for example? to set default terminal to something other than xterm?
<ndowens08>
crzyp3ck: not sure on blackbox, but on awesome and bspwm it is in the config file
<NixOS_GitHub>
[nixpkgs] Zimmi48 opened pull request #24533: [doc] improve "getting the sources" chapter (master...patch-1) https://git.io/vSWjm
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vSWjO
<NixOS_GitHub>
nixpkgs/master 8c38250 obadz: treesheets: init at 2017-03-27
<dtzWill>
crzyp3ck: yeah w/blackbox definitely a config thing, at least it was back when I used it and its ilk
<dtzWill>
although now that you mention it, it does seem a bit odd there's not some XDG thing for that or something
<dtzWill>
maybe there is! O:)
stepcut has quit [(Remote host closed the connection)]
eacameron has quit [(Remote host closed the connection)]
ebzzry has quit [(Ping timeout: 240 seconds)]
<dtzWill>
anyone know what this is about? "Argument "" isn't numeric in numeric gt (>) at /nix/store/hjfg4c1dipb63p4ylva5m2icl8v35hwz-hydra-0.1.1234.abcdef/libexec/hydra/root/edit-jobset.tt"
mattyu has quit [(Remote host closed the connection)]
mattyu has joined #nixos
mattyu has quit [(Ping timeout: 260 seconds)]
lukego has joined #nixos
<lukego>
I am trying to upgrade from NixOS 16.03 to 16.09. Just now the system as a whole is running 16.09 but my own user is running 16.03. How can I update myself? :-)
<tilpner>
lukego - You can switch channels by using $ nix-channel --add and $ nix-channel --remove so that your nixos/nixpkgs alias points to the right channel
<lukego>
Just now I have no channels at all in 'nix-channel --list'. So I am wondering where it is finding 16.03 and how the new channel will override that?
<tilpner>
lukego - What does $ sudo nix-channel --list say?
ixxie has quit [(Ping timeout: 240 seconds)]
<lukego>
tilpner: oh, with sudo it shows 16.03. but as my user it shows nothing.
<joepie91>
ashkitten: I'm unlikely to have an answer to your question, but you're more likely to get useful answers if you describe *how* it isn't working :)
<tilpner>
lukego - How did you determine that "the system as a whole is running 16.09"?
<ashkitten>
Yeah sorry. The issue is that when I use a TTY and try to lock it, it doesn't work
ixxie has joined #nixos
<lukego>
tilpner: Hmm... I thought I got that from 'nixos-version' but that seems to be showing 16.03 now. Thoroughly confused... Gotta run now but if you have any ideas please braindump and I will check when I can get back to the keys :)
<lukego>
(Or a link for understanding how to know what version(s) of NixOS you are really running and whether your own user is running the same packages as systemd etc...)
<lukego>
(Thanks!)
<ashkitten>
If I open a TTY and execute a command it immediately says that the process is done
<tilpner>
lukego - I think (as root) # nix-channel --remove nixos && nix-channel --add https://nixos.org/channels/nixos-16.09 nixos should work, but consider trying if 17.03 works for you
<ndowens08>
So why is it I am on unstable-small and still don't have the "nix" command
<clever>
ndowens08: nix-shell -p nixUnstable
<ndowens08>
:)
ixxie has quit [(Ping timeout: 258 seconds)]
<symphorien>
is there an equivalent of python.withPackages with ruby ?
lukego has quit [(Ping timeout: 260 seconds)]
erictapen has joined #nixos
agjacome has joined #nixos
ebzzry has joined #nixos
<ndowens08>
symphorien: like mkDerivation or buildInputs?
<symphorien>
what do you mean ?
<symphorien>
I try to install the libvirtd plugin of vagrant
<ndowens08>
I am unsure really on ruby. what i mean is like for example with python, if it is buildInputs from python modules, you can do buildInputs = with python; [ dep dep ];
<ndowens08>
clever: you are the one that wanted the bitcoin update?
<ndowens08>
yeah that may work for ya symphorien , maybe
alx741 has joined #nixos
eacameron has joined #nixos
<ashkitten>
Is there any way to have physlock ask for user password instead of the root one?
k2s has joined #nixos
deepfire has quit [(Ping timeout: 260 seconds)]
mipmop has joined #nixos
<mipmop>
using unstable, kde doesn't see Power Management. System Settings -> Power Management: says it's off. Going to Startup and Shutdown it's not there to enable.
<avn>
this .nix is easy to adapt to any closed source app
<avn>
Other way is use steam-run (or how it exactly named)
<Filystyn>
whats with the line
<Filystyn>
copy it on bin?
<avn>
If you want package closed source app, then copy it to $out/bin, and patchelf with interpreter and correct set of libraries
<nh2>
why are there 2 repos on Github, nixpkgs and nixpkgs-channels, instead of simply having nixpkgs (with the branches from nixpkgs-channels being moved to nixpkgs)?
<Filystyn>
ok later I will incvestigate i have very little time
<avn>
you can look to channel archives, how to do it -- because I never use it
<nh2>
avn: so I guess nixpkgs-channels is a better git upstream for the case that I want to check in nixpkgs as a submodule of my code?
<nh2>
avn: also, would it still not make sense to have the two in the same repo, given that the CI-pushed branches have different names? E.g. nixos-17.03 in nixpkgs-channels and release-17.03 in nixpkgs
<Filystyn>
thx!
<avn>
nh2: maybe, I use just "vetted" checkout from nixpkgs
<avn>
I need refresh my brain, how to update that to release=17.03 ;)
<NixOS_GitHub>
[nixpkgs] vcunat pushed 5 new commits to master: https://git.io/vSlta
<NixOS_GitHub>
nixpkgs/master b0115c2 Tom Hunger: Logbook: 0.11.3 -> 1.0.0
<NixOS_GitHub>
nixpkgs/master 5e31a7c Tom Hunger: pytables: 3.2.2 -> 3.3.0
<NixOS_GitHub>
nixpkgs/master 90223a9 Tom Hunger: vega: add pytest as a build-input....
<avn>
samae: I am about submodule nixpkgs/ updating, where it linked right to machine gits ;)
x1n4u has joined #nixos
eacameron has joined #nixos
<avn>
git submodules is enough rare thing for me, and I each time forget how to do it last time ;)
Baughn has joined #nixos
jensens has quit [(Ping timeout: 240 seconds)]
chris| has joined #nixos
<ericnoan>
how long will you support 16.09?
mkoenig has joined #nixos
mojjo has joined #nixos
eacameron has quit [(Ping timeout: 260 seconds)]
reinzelmann has joined #nixos
eacameron has joined #nixos
jmiven has joined #nixos
byteflame has quit [(Ping timeout: 264 seconds)]
byteflame has joined #nixos
stepcut has joined #nixos
ninja_in_neopren has joined #nixos
leothrix has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
<mojjo>
hi! are there some builtin/lib functions for function composition and uncurrying/applying a list as positional args to a fun? Or would I have to implement them?
<joepie91>
mojjo: hm, isn't that really easily implementable using a reduce?
leothrix has joined #nixos
eacameron has quit [(Ping timeout: 240 seconds)]
chakerbenhamed has quit [(Ping timeout: 246 seconds)]
<joepie91>
reducing over the list of functions calling the next function on the result of the previous
<joepie91>
unless I'm misunderstanding something about the usecase :)
<leothrix>
Hey friends, is there a way to override an option for a systemd service? I want to set `systemd.services.docker.restartIfChanged = true;` but get definition conflict errors.
<joepie91>
leothrix: can you gist the code that's trying to set the option?
<joepie91>
ie. the code that isn't working for you
ertesx has joined #nixos
<leothrix>
There's really not a whole lot, I'm just enabling docker virtualisation and including that line verbatim in the configuration.nix file
Drakonis has joined #nixos
<mojjo>
joepie91: yeah, sure. I was just wondering why I could not find such fundamental functions in the builtins/the lib..
<joepie91>
leothrix: can you gist the error then? because "definition conflict error" makes me suspect that you're trying to define a new option rather than setting the value for an existing one, but I don't know the exact error you're getting
erictapen has quit [(Read error: Connection reset by peer)]
justin_ has joined #nixos
eacameron has joined #nixos
<sziszi>
"this systemd is evil" thing is getting ridiculous
<joepie91>
Drakonis: mildly amused
<Drakonis>
quite
<Ralith>
appropriate for april fools
<Drakonis>
although the bsds have thrived without systemd
<Drakonis>
that post's from 17th march
<joepie91>
I mean, don't get me wrong, I have my complaints about systemd... but their goals are, uh, curious
<Drakonis>
very
<Drakonis>
i would like nixos to not be locked into systemd's capricious whims
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
eacameron has quit [(Read error: Connection reset by peer)]
<joepie91>
my position on systemd can be summarized as "I have problems with everybody involved in that particular Holy War, on either side" :)
praduca has quit [(Remote host closed the connection)]
eacameron has joined #nixos
<Drakonis>
but then, it ties with my other issues with linux, like duplication of effort
<Drakonis>
and NIH
<Drakonis>
there's already duplication of effort over triton because there's no real freebsd support
<joepie91>
on the one hand you have people promoting systemd, a monolithic beast (yes, it's monolithic) with obvious technical deficiencies... on the other hand you have the anti-systemd fanatics that refuse to build a better alternative but rather keep putting ancient and poorly designed tools on a pedestal despite those tools being the reason systemd got so popular in the first place
<Drakonis>
which is, honestly, pointless to have triton in the first place
<Drakonis>
given that ports is evolving
<joepie91>
neither side is really fixing things very well :|
takle has joined #nixos
<Drakonis>
being old doesn't mean it isn't bad
batdog has quit [(Remote host closed the connection)]
<joepie91>
I did say 'ancient' rather than 'old' for a reason :)
<Drakonis>
but that's more of a issue with the linux community not letting anyone touch sysvinit
<joepie91>
my problem isn't with their age, it's with their inability to keep up with modern developments
<joepie91>
I don't mind an old project that has kept itself up to date
justin_ has quit [(Ping timeout: 256 seconds)]
<joepie91>
I do mind an old project that never changed from its initial premise despite the world around it changing
<Drakonis>
you mean the linux community being idiots who won't touch old software because it works
<Drakonis>
joepie91, haw
<joepie91>
the bar for "works" seems to be very low in Linux-land
<Drakonis>
i can look at several
<Drakonis>
gnu itself
<zetok>
…
<Drakonis>
the gnu compiler collection is a grand example of that
Itkovian has joined #nixos
<joepie91>
I don't have much experience with that particular set of software so I can't speak for that
<Drakonis>
its more of a observation
<joepie91>
but my experiences with other Linux distro internals have been, uh, less than pleasant :)
<joepie91>
of the "yeah I'm sure this made sense back in 1990" variety
<Drakonis>
software built with the mission of being terrible for proprietary software
<Drakonis>
usually ends being terrible for regular software
eacameron has quit [(Ping timeout: 240 seconds)]
<zetok>
Drakonis: that's a noble goal, and regular software does benefit from it
<Drakonis>
zetok, ?
<Drakonis>
a noble goal you say?
<Drakonis>
it gave us llvm
<zetok>
><Drakonis> you mean the linux community being idiots who won't touch old software because it works
<Drakonis>
llvm is by far an vastly better built compiler
<joepie91>
I personally don't really care about the reason somebody builds something, so long as it's built towards the right objectives
<zetok>
breaking working software only because it's old is what I'd call idiotic
<Drakonis>
i think it is counter intuitive at times
<Drakonis>
zetok, this is why forks exist, yeah?
<joepie91>
zetok: there is a mountain of difference between 'working' and 'good'
<joepie91>
zetok: 'working' is the absolute lowest bar possible
<zetok>
Drakonis: no, forks exist because software doesn't work
<Drakonis>
they exist because software can be made better
batdog has joined #nixos
<joepie91>
zetok: so breaking working software because it's old, sure, that's bad. but breaking working software because it's not *good* is a completely valid thing to do, and this very often ties into the 'working' software not keeping up to date
takle has quit [(Ping timeout: 256 seconds)]
rmrfroot has joined #nixos
<Drakonis>
hm
<zetok>
joepie91: "working" means "good"
<Drakonis>
so there's gsoc projects for nix + bsd
<joepie91>
zetok: no, it doesn't.
<Drakonis>
excellent to be honest
<joepie91>
zetok: working means functioning.
<joepie91>
working means not breaking.
<Drakonis>
nix shouldn't be locked to linux, the land of the barely working
<joepie91>
this is a *considerable* lower bar than 'good' because it doesn't take into account usability, documentation, interoperability, ease of maintenance, and so on and so forth.
<Drakonis>
zetok, a relevant quote from linus torvalds
<joepie91>
incidentally, all points that most of a typical Linux distro stack fails on
<Drakonis>
"never break userspace"
<zetok>
joepie91: yes, and yet, almost none of existing software meets even the "lowest", bar of "working"
<joepie91>
s/considerable/considerably/
eacameron has joined #nixos
<Drakonis>
although linux itself breaks with an alarming frequency
<zetok>
Drakonis: I fail to see how that's relevant
<joepie91>
zetok: depends on the software, but yes, I agree that there is a lot of software that doesn't work *reliably*
<joepie91>
however, 'making it work' isn't enough to solve the problem
<zetok>
joepie91: if it doesn't work reliably it simply doesn't work
<mojjo>
anyone knows what to do when a systemd service is not starting? This is in the logs: Failed with result 'start-limit-hit'.
<zetok>
no, "make it work" is the lowest bar that isn't yet met
<zetok>
get to that point, and improve it from there
<bennofs>
zetok: nothing works 100% reliably :)
<joepie91>
mojjo: after X failures to start a service, systemd will refuse to start the service again
<Drakonis>
systemd lol
<joepie91>
mojjo: look further back in the logs to determine the actual failure, resolve the failure, then run `systemctl reset-failed servicename` to reset the counter
<joepie91>
and allow it to start again
<Drakonis>
that's ridiculous
<Drakonis>
why
<Drakonis>
why is that a thing
<joepie91>
(also, who thought it was a good idea to make the start limit count for *manual* restarts as well? fucking hell)
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
mattyu has joined #nixos
<zetok>
mojjo: you could add a restart delay
<joepie91>
Drakonis: it makes sense for auto-restarts, just not for manual starts
<joepie91>
Drakonis: you don't want a failing service restarting hundreds of times a second because of a config failure
<joepie91>
Drakonis: but it should auto-reset the counter once you explicitly restart the service
<joepie91>
which... for inexplicable reasons.. it does not
<Drakonis>
of course it should
<Drakonis>
the magical poetteringware
<Drakonis>
while i joke about it
<Drakonis>
i don't think it can get any better
<bennofs>
is there a bug report for this somewhere? Seems broken to me
<joepie91>
[21:03] <bennofs> zetok: nothing works 100% reliably :)
<joepie91>
not true
<joepie91>
formally verified software does :)
<zetok>
bennofs: there are plenty of things broken in systemd
<joepie91>
it's just totally impractical to write it, heh
<bennofs>
joepie91: formally verified software is just broken by design :D
<joepie91>
bennofs: not a clue but I've been fighting with this on Debian
<joepie91>
bennofs: so it's not likely to be a NixOS issue specifically
eacameron has quit [(Ping timeout: 260 seconds)]
<joepie91>
anyhow, I've been rambling enough for a saturday, I should get back to learning about natural logarithms :)
<Drakonis>
ha
Itkovian has joined #nixos
praduca has joined #nixos
<Drakonis>
its april fools
<Drakonis>
its part of the day
Itkovian has quit [(Client Quit)]
markus1209 has quit [(Ping timeout: 240 seconds)]
markus1189 has joined #nixos
mattyu has quit [(Ping timeout: 240 seconds)]
ntruessel has joined #nixos
<mojjo>
yeah, I looked back in the logs and could find the problem that caused the service not to start. By doing that I realized sth. else: I'm having a "Failed password for root from 58.218.204.132 port 62766 ssh2" every second on my remote server (at least during the last hour). mhh. anyone suggestions what to do with that?
<simpson>
mojjo: Enable fail2ban.
<simpson>
mojjo: I guess I'm assuming that this is a cloud machine and that these failed attempts are not you.
marusich has joined #nixos
<joepie91>
fail2ban is totally unnecessary if you disable password auth over SSH and only allow keypair auth
<joepie91>
and these auth failures can be safely ignored then
<joepie91>
@ mojjo
georges-duperon has quit [(Quit: Leaving)]
<joepie91>
the logs you should be worried about are those that are *not* failures but also not you ;)
takle has joined #nixos
<mojjo>
yeah, its a vserver. ok, enabled fail2ban.. the logs already tell me that some ips have been banned.
<joepie91>
mojjo: you should really just disable password auth :P
<joepie91>
(also, fail2ban can consume considerable resources)
<joepie91>
(and is not a reliable solution)
systemfault has quit [(Quit: Bye!)]
<joepie91>
(and can cause false positives and lock you out if you accidentally mess up your own login a few times, eg. because of caps lock)
<mojjo>
joepie91: ok, password auth is disabled....
<joepie91>
mojjo: *after* you set up SSH keys, right?
takle has quit [(Ping timeout: 258 seconds)]
<simpson>
joepie91: fail2ban causes repeat offenders to be cut off a little bit further up in the kernel, and it's actually improved my CPU usage on GCE.
<mojjo>
yeah, I did set them up and wasn't using the password auth anyways..
<joepie91>
mojjo: one sec
<joepie91>
mojjo: make sure to also disable challengeResponseAuthentication (if it's NixOS)
<joepie91>
iirc that's turned on by default and also allows password auth
<joepie91>
simpson: if you disable password auth then most bruteforcers simply won't even bother trying to connect
Itkovian has joined #nixos
jgertm has quit [(Ping timeout: 258 seconds)]
takle has joined #nixos
<simpson>
joepie91: That is simply not my experience. I just popped onto one of my GCE machines and there's a couple persistent attacks going on right now.
<Ralith>
wish I'd noticed the vulkan loader version bump earlier, could've gotten it into (and our patches out of) 17.03
<Ralith>
oh well
<mojjo>
being a bit more protected in the wild now, I turned back to my systemd service. It generally works now. But even though I set enable = true, it does only start manually (systemctl start my.service).. does anyone had this before?
takle has joined #nixos
<bennofs>
mojjo: make it be WantedBy some target that is activated by default
<pikajude>
getting "error: setting death signal: Invalid argument" from nix-build in WSL
<pikajude>
someone said update to the latest insider build, which i did
<pikajude>
but it's still not working
<mojjo>
I set `wantedBy = [ "default.target" ];`
<bennofs>
hmm, then it should start...
<bennofs>
i think
<mojjo>
yeah, on other machines the config worked..
<bennofs>
mojjo: check journalctl -b, perhaps it says something about your unit?
<pikajude>
puffnfresh: you've gotten nix in WSL working?
takle has quit [(Ping timeout: 240 seconds)]
eacameron has quit [(Remote host closed the connection)]
<pikajude>
i mean, will i receive some kind of visual confirmation that i'm on an insider build
<bennofs>
mojjo: I don't know, sorry. Just thought that perhaps there could be a big fat error involving your unit in there somewhere
<Drakonis>
looks like one of the projects for next year will be freeing nix from the tyranny of systemd
georges-duperon has joined #nixos
magnetophon has joined #nixos
<Drakonis>
making it portable
<bennofs>
nixos and systemd is actually a pretty good synergy IMO. systemd has much more fine grained dependency tracking than most other init systems I know of, which really helps with seamless state switching
<Drakonis>
is it?
<simpson>
Drakonis: A project is just an idea. It needs people to do the hard work.
<Drakonis>
how many do you know?
<pikajude>
oh okay
phreedom has joined #nixos
<pikajude>
the microsoft site says that i'll be silently updated and it may take up to 24 hours
<pikajude>
wow
<Drakonis>
microsoft's weird
<pikajude>
and they didn't bother actually saying that in the UI
<bennofs>
Drakonis: I have looked around a bit and read a lot, but haven't actually used many, so happy to learn more. I don't know any in much detail, so I'm happy to be corrected here
<Drakonis>
openrc is quite good.
<Drakonis>
cleaner than systemd
<bennofs>
but it appears to me that most other init system rely a lot on stuff like "sleep 5 seconds" and other hacks
<Drakonis>
most being?
<Drakonis>
there's also runit, but i can't comment on it
<Drakonis>
there's nosh
<bennofs>
you caught me. I'm only really familar with supervisord (which is not really an init system) and runit and found the dependencies spec to be lacking
<Drakonis>
there's bsd init
<Drakonis>
which is obviously a bsd thing
eacameron has quit [(Remote host closed the connection)]
<Drakonis>
there's upstart and sysvinit, which are the darlings of the linux community
<bennofs>
isn't upstart like ubuntu's variant of systemd?
<simpson>
Drakonis: Patches welcome.
<mbirkis>
didn't ubuntu ditch it in favor of systemd
<Drakonis>
patches always welcome
<bennofs>
Drakonis: tbh, I'm not a fan of writing init scripts in shell scripts. I like statically checkable interfaces much more
<simpson>
Drakonis: Just so we're clear. Nobody needs to be in GSoC to work on stuff related to non-systemd init.
<Drakonis>
oh they have because everyone else were ditching it
<Drakonis>
simpson, of course not
<bennofs>
Drakonis: is there any distribution other than Gentoo that supports OpenRC?
<Drakonis>
i think debian with the freebsd kernel uses it? freebsd's trueos variant uses it, netbsd also uses it
<Drakonis>
but really
<Drakonis>
alpine also uses it
<Drakonis>
some folks who use arch use openrc
<Drakonis>
manjaro has a openrc spin, devuan
marusich has quit [(Ping timeout: 240 seconds)]
<Drakonis>
debian itself can have it replaced
<Drakonis>
then various minor distros can run it instead
<bennofs>
i might try it on arch then
<Drakonis>
arch doesn't run it by default, it uses systemd
<Drakonis>
manjaro is a arch variant
<bennofs>
i know that it doesn't
mattyu has joined #nixos
mattyu has quit [(Remote host closed the connection)]
mattyu has joined #nixos
<bennofs>
Drakonis: systemd has a lot of cool features though :) like support for syscall filtering to not needing pidfiles and having socket activation
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<pmade>
What's the best way to get NixOps to deploy a key for use with `nix-store --decrypt`?
orivej has quit [(Ping timeout: 244 seconds)]
<bennofs>
Drakonis: I do prefer having my components be combined through c libraries and statically checked that the interface matches rather than relying on various independent components to work together without any interface checking
<bennofs>
so as long as they are developed as separate components, I don't care too much.
<bennofs>
Though I can understand wanting a more minimal version
byteflame has quit [(Ping timeout: 240 seconds)]
<bennofs>
Drakonis: does openrc have a way to specify a dependency without also incurring a "before" relationship?
<Drakonis>
is this about race conditions?
<Drakonis>
because that's a shit thing about init systems
agjacome has quit [(Read error: Connection reset by peer)]
stepcut has joined #nixos
<bennofs>
Drakonis: hmm. when you do `after some-service` in openrc, how does openrc determine that `some-service` has finished starting up?
<bennofs>
it might need to do some initialization stuff before being ready
rmrfroot has quit [(Remote host closed the connection)]
<mojjo>
I'm looking for an ideomatic way to chain functions. like using fn-composition in haskell (dot) or the $ operator. Or.. if someone is into it, clojure's threading macro... You know, in order to avoid the nesting of e.g. `foldr + 0 (filter odd (map id [1,2,3]))`, which gets unclear when expressions get bigger...
deepfire has joined #nixos
hiratara has joined #nixos
ma9e has quit [(Quit: Leaving)]
Itkovian has quit [(Ping timeout: 256 seconds)]
catch22 has joined #nixos
ndowens08 has quit [(Ping timeout: 260 seconds)]
Itkovian has joined #nixos
stepcut has quit [(Remote host closed the connection)]
mattyu has quit [(Remote host closed the connection)]
mattyu has joined #nixos
ndowens08 has joined #nixos
[0x4A6F] has quit [(Quit: Quit)]
<dash>
mattyu: it would be in i686Packages I believe
<ndowens08>
Is there an article on using wayland window managers such as sway/way-cooler on nixos?
georges-duperon has quit [(Quit: Leaving)]
KABA has joined #nixos
KABA has quit [(Client Quit)]
mattyu has quit [(Ping timeout: 258 seconds)]
<NixOS_GitHub>
[nixpkgs] rycee pushed 1 new commit to master: https://git.io/vSlBn
<ndowens08>
supposedly lightdm can support wayland; in which i figured out, our version is out of date; updated it and gonna test it in a min
<bennofs>
ndowens08: the problem is that you probably need to rebuild gtk with wayland support (not sure if available by default) or figure out how to use the qt wayland plugin to launch any apps
<ndowens08>
hmm, will look at gtk in a min and see
hiratara has quit [(Remote host closed the connection)]
hiratara has joined #nixos
stepcut has joined #nixos
dejanr has joined #nixos
stepcut has quit [(Remote host closed the connection)]
eacameron has joined #nixos
RchrdB has joined #nixos
dejanr has quit [(Read error: Connection reset by peer)]
<ndowens08>
there is an option in gtk3 to enable it, looks like it might be already enabled?
<ndowens08>
it is wrote like waylandSupport ? stdenv.isLinux
mojjo has quit [(Read error: Connection reset by peer)]
<bennofs>
sounds good
mekeor has joined #nixos
<ndowens08>
i was gonna try and use sddm since it supposedly has even better wayland support, but wouldn't let me login for some reason
eacameron has joined #nixos
thc202 has quit [(Ping timeout: 260 seconds)]
mudri has quit [(Quit: WeeChat 1.7)]
Svarog has joined #nixos
<Lisanna_>
"Currently, NixOS containers are not perfectly isolated from the host system. This means that a user with root access to the container can do things that affect the host. " Is there a plan to address this shortcoming? WIll NixOS containers eventually be completely isolated?
bennofs has quit [(Quit: WeeChat 1.7)]
<c74d>
Lisanna_: for better isolation, use NixOS VMs (which use QEMU) rather than NixOS containers
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 1 new commit to master: https://git.io/vSl0C
<NixOS_GitHub>
nixpkgs/master c7e885f Dmitry Rets: xkbset: init at 0.5
[0x4A6F] has joined #nixos
<Lisanna_>
c74d I've never heard of NixOS VMs... is it in the manual?
<c74d>
I'm not sure
<c74d>
to build a NixOS VM, use `(import <nixpkgs/nixos> { configuration = ...; }).vm`, where `configuration` is the NixOS configuration for the NixOS instance inside the VM
<c74d>
and that expression evaluates to a package containing a `run-<hostname>-vm` script that starts the VM
jgertm has joined #nixos
mattyu has quit [(Remote host closed the connection)]
<Lisanna_>
c74d and how does networking work between them? is it similar to container networking?
deepfire has quit [(Ping timeout: 264 seconds)]
mattyu has joined #nixos
<c74d>
I don't know about networking
<Svarog>
Is there a way to list all package collisions in the current profile?
<Svarog>
I noticed a few package collisons listed for gnome, and at the moment I'm kind of clutching at straws and guessing one of those is what's causing gnome to break
markus1209 has joined #nixos
markus1219 has quit [(Ping timeout: 240 seconds)]
<Svarog>
The only one I've written down is a collision between gvfs-1.30.1/lib/gio/modules/giomodule.cache and glib-networking-2.50.0/lib/gio/modules/giomodule.cache
mattyu has quit [(Ping timeout: 240 seconds)]
<Lisanna_>
c74d are there any known full examples that I can reference?
<NixOS_GitHub>
[nixpkgs] primeos pushed 1 new commit to master: https://git.io/vSl0a
<NixOS_GitHub>
nixpkgs/master 40d1718 Michael Weiss: gpgme: 1.8.0 -> 1.9.0...
markus1189 has quit [(Ping timeout: 258 seconds)]
<Svarog>
I want to see if there were others but no idea how to query those without rolling back configurations, doing a full garbage collection and then reinstalling things. There has to be an easier way to check for collisions in a profile.
<c74d>
Lisanna_: I have some example VMs in my NixOS configuration (<https://github.com/8573/nixos-config>), but my NixOS configuration in generally too (over)complicated to use as an example
<Svarog>
Thanks, clever. Is there a way to get a report on all collisions though? I'm guessing this would give me a log on a specific package?
<clever>
Svarog: you would need to run it on the derivation that /run/current-system/sw points to, to get the collisions for the current environment.systemPackages
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 1 new commit to master: https://git.io/vSl09
<NixOS_GitHub>
nixpkgs/master affce1e Tuomas Tynkkynen: nixos hibernate test: Use waitForOpenPort...
<ndowens08>
git conclusion: cherry-pick doesnt seem to cause crazy amount of commits and files changed :), though doesn't cause PRs to close; atleast on gitlab
<Svarog>
Ah right.
<Drakonis>
a question
<Drakonis>
why use git?
<NixOS_GitHub>
[nixpkgs] hamishmack opened pull request #24546: Fix geoclue build on macOS (master...geoclue-macos2) https://git.io/vSl0b
<Svarog>
Drakonis, what do you mean? Is there a better/easier way of debugging when a package got broken?
<simpson>
Drakonis: Why use git for what, exactly? For nixpkgs?
<Drakonis>
yeah
<Drakonis>
for nixpkgs
<simpson>
Speed and bisectability would be my main arguments in favor.
<Drakonis>
for that? mercurial
<simpson>
Ah, you wanted an argument.
<Drakonis>
sorry bout that
<Drakonis>
i shouldn't even be asking
<Drakonis>
i'm leaving for dinner
<simpson>
I don't really care. It's just not very interesting. Having actually *used* Mercurial and git, the choice is really obvious.
<NixOS_GitHub>
[nixpkgs] sternenseemann opened pull request #24547: glyr: init at 1.0.10 (master...glyr) https://git.io/vSl0h
<Drakonis>
eh, alright.
<Drakonis>
i had enough arguments for the day
<Ralith>
you seem to spend most of your time trying to start arguments
<Drakonis>
so i have noticed
<Drakonis>
i'll be off
<Drakonis>
toots
jgertm has quit [(Ping timeout: 260 seconds)]
<Svarog>
When there is a collision between two packages, how does Nix resolve collisions? Which package gets selected and is that recorded somewhere?
<Drakonis>
you have to resolve the collision yourself
<clever>
Svarog: for systemPackages, i think its whichever came first, for nix-env, its a fatal error and you must set a priority
<c74d>
Is there any way to set priorities for systemPackages packages?
<Svarog>
Hmm. So for system packages, how do I find if a different package got selected between two generations?
<clever>
Svarog: i dont think it records it anywhere, but for a given nix expression, it will always give the same result
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<Svarog>
Then I'm very confused how commit f815a76 breaks gnome while 67c44de, the commit right before it, works fine even with the change from f815a76 added in
<Svarog>
Shouldn't the two then be identical?
<Svarog>
Since the expressions are identical.
<ndowens08>
they are different commits, so something may have changed
<Svarog>
Only 2 lines.
<Svarog>
And I added those two lines manually into 67c44de, done a rebuild, and everything still works.
<Svarog>
And those two lines have nothing to do with gnome3 either which is why I thought it must be something to do with collisions. But again.. cluthing at straws.. I have no idea what's going on.
<Svarog>
It's pretty frustrating.
[0x4A6F] has quit [(Ping timeout: 258 seconds)]
eacameron has quit [(Remote host closed the connection)]
<Dezgeg>
I don't see 67c44de being right before f815a76
<c74d>
`git diff f815a76 67c44de | wc -l` says 1245 for me, not 2