taktoa has quit [(Remote host closed the connection)]
sidpatil has quit [(Ping timeout: 276 seconds)]
koserge has quit [(Ping timeout: 248 seconds)]
justelex has joined #nixos
justelex_ has quit [(Ping timeout: 240 seconds)]
mbrgm_ has joined #nixos
lambdamu has joined #nixos
mbrgm has quit [(Ping timeout: 276 seconds)]
mbrgm_ is now known as mbrgm
lambdamu_ has quit [(Ping timeout: 260 seconds)]
dmr has joined #nixos
eacameron has joined #nixos
eacameron has quit [(Ping timeout: 240 seconds)]
<gchristensen>
/topic
<Infinisil>
Huh
<Infinisil>
Works for me
<gchristensen>
just a typo, I didn't realize I had a leading space
<Infinisil>
Ahh
lambdael has quit [(Quit: WeeChat 1.7.1)]
<gchristensen>
one day I'd like to have a program installed by default that provides information about the system, as a way to skip the initial questions when asking for help
<gchristensen>
anyway, time for bed. good night
<Infinisil>
Night!
zeus_ has quit [(Remote host closed the connection)]
zeus_ has joined #nixos
zeus_ has quit [(Ping timeout: 276 seconds)]
ebzzry has joined #nixos
<Fare>
What is a good emacs initialization setup for ocaml on nixos?
<unlmtd>
noobly_ : yes that's exactly what that means
<noobly_>
what does this mean conceptually? I'm updating the package list?
<unlmtd>
no it simply means that you're obtaining a copy of the nixpkgs tree (the code behind nixos), so that you can modify it, to customize/update derivations
<unlmtd>
but your system wont use that nixpkgs unless it's specified in your environment
<unlmtd>
but you can 'cd' into it and use 'nix-env -f . {something}' for one-off use
<noobly_>
Oh ok, and (I don't beleive the manual mentions this) where should I be cloning this too? root? home?
<unlmtd>
it depends on your use case, mine is in home
<unlmtd>
obviously, if your system's env uses that tree, its access has security implications
Maxdamantus has joined #nixos
carlosda1 has joined #nixos
<unlmtd>
its a huge tree, if anything can teach you how to use git, the nixpkgs tree is it
<simpson>
It's funny that you say that. I learned git by example on huge trees (kernel, mesa, xorg) and I definitely feel a strong grasp of git's object model.
carlosda1 has quit [(Ping timeout: 260 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Infinisil opened pull request #27006: scyther: init at 1.1.3 (master...scyther) https://git.io/vQRKV
NixOS_GitHub has left #nixos []
<unlmtd>
id like to setup a pijul nixpkgs tree soon
<Infinisil>
noobly_: But generally it doesn't matter where you put it, it's just a directory
<Infinisil>
This PR right there ^^^ FINALLY
<Infinisil>
Took me long enough, but it finally builds
<simpson>
Infinisil: Congrats.
Rajsun has quit [(Remote host closed the connection)]
ryanartecona has joined #nixos
<simpson>
I left some feedback.
pxc1 has quit [(Ping timeout: 248 seconds)]
<Maxdamantus>
Hmm .. wonder how to un
<Maxdamantus>
un-uglify freetype this time.
<Maxdamantus>
Every few months when I get around to building something with nix, something in freetype seems to change and I need to change some configuration within the nix expression to make it do proper hinting.
<Maxdamantus>
Previously, I've used `useEncumberedCode = false` and `useInfinality = false`
pxc1 has joined #nixos
<Maxdamantus>
I can see in the commit that removed infinality, they've apparently added a "v40 interpreter" which is supposedly enabled when using hintstyle=hintslight, but I've always had hintstyle=hintfull
mkoenig has quit [(Remote host closed the connection)]
<Maxdamantus>
(note that I didn't use infinality, since that always seemed to end up doing less hinting (presumably that's why it's been replaced with something associated with "hintslight"))
<Infinisil>
simpson: Thanks :)
<simpson>
Infinisil: FWIW your Nix code is idiomatic and easy-to-read, so well done.
<Infinisil>
simpson: Thanks!
mitchty has quit [(Remote host closed the connection)]
<Maxdamantus>
The left version is what I consider to have "proper hinting", which is probably using `useEncumberedCode = false; useInfinality = false;` .. the right is what I currently see from nixpkgs (doesn't seem to change (much?) based on `useEncumberedCode`)
fnlkj has joined #nixos
<unlmtd>
Maxdamantus: what's the software
<unlmtd>
never tried any git guis
pxc1 has quit [(Ping timeout: 268 seconds)]
noobly_ has quit [(Ping timeout: 260 seconds)]
<Maxdamantus>
unlmtd: gitk, included with the git source itself.
<Maxdamantus>
unlmtd: have to use `guiSupport = true` in nix.
<unlmtd>
ill try it, thanks
pxc1 has joined #nixos
<unlmtd>
vim is my gui :D
<Maxdamantus>
np, `tig` is the only external git software I use.
carlosda1 has joined #nixos
<Maxdamantus>
(usually only used for its `tig grep` interface)
<unlmtd>
I really cant wait to ditch git. the patch model is much more instinctive
<unlmtd>
but I cant really choose not to use it yet
carlosda1 has quit [(Ping timeout: 260 seconds)]
* Maxdamantus
is sceptical of the patch model.
<Maxdamantus>
It relies on additional assumptions of how the code works.
<Maxdamantus>
at some point, you can't just see code as plugins that you can enable/disable.
<Maxdamantus>
so at that point, the patch model kind of breaks down.
<unlmtd>
it hasnt scaled well yet, true
<Maxdamantus>
and a patch applying according to a system that doesn't have a complete understanding of the code is not a guarantee that it actually applies.
<Maxdamantus>
the "merge conflicts" that you get when using VCS are only portions of the actual merge conflicts that exist.
<Maxdamantus>
the actual merge conflicts are what you get when you end up with incompatible portions of code .. git will catch a subset of those conflicts and force you to resolve them at a textual level.
<unlmtd>
the snapshot may be the best way in the end, but if there is a field that is young, its computer science
<Maxdamantus>
even if you had a system that knew the type system of the programming language involved, it still wouldn't practically be enough, because type checking does not imply correctness.
<unlmtd>
maybe they can be combined
<Maxdamantus>
Maybe, but I think you'd need a programming model that is radically different to the one we have at the moment.
pxc1 has quit [(Ping timeout: 276 seconds)]
tvon has joined #nixos
pxc1 has joined #nixos
ebzzry has quit [(Quit: WeeChat 1.8)]
Fare has quit [(Ping timeout: 276 seconds)]
ebzzry has joined #nixos
ebzzry has quit [(Client Quit)]
tv has quit [(Ping timeout: 276 seconds)]
justan0theruser has joined #nixos
ebzzry has joined #nixos
justan0theruser has quit [(Client Quit)]
justan0theruser has joined #nixos
justanotheruser has quit [(Ping timeout: 268 seconds)]
roberth has joined #nixos
<Infinisil>
See ya
Infinisil has quit [(Quit: leaving)]
FRidh has joined #nixos
boomshroom has joined #nixos
<boomshroom>
Hello!
<boomshroom>
Do you think it would be a good idea to install Nix onto my university network account?
<roberth>
boomshroom, can you have write access to / or /nix?
<boomshroom>
I feel it might make the university question what I'm doing with a large directory of binaries and libraries in my home directory. I do not have write access to root.
* Maxdamantus
remembers just installing it into ~/nix on his university user.
<Maxdamantus>
(obviously can't use the caches in that case)
<roberth>
boomshroom, I suppose they won't kick you out for that. Uni is about learning right? They should be supportive.
<boomshroom>
While searching on my phone before I got home today, I found something called Proot which might do something. I'm wondering if anyone here is familiar with it or if I just just put up with the source builds.
<FRidh>
Maxdamantus: you can use proot and use cache
ryanartecona has quit [(Quit: ryanartecona)]
<FRidh>
boomshroom: I used nix+proot for some time on our cluster
<Maxdamantus>
FRidh: yeah, but that seemed ugly to me.
<Maxdamantus>
You might be able to just use a user/mount namespace nowadays.
<boomshroom>
roberth: I don't think they'd kick me out, but they probably might question my actions.
<roberth>
boomshroom, even better, you might get to know people you otherwise won't ;)
<boomshroom>
FRidh: looks like vmlinuz is 3.13.0-123-generic (Ubuntu 14.04.5)
* boomshroom
checks filename in /boot forgetting that the version is printed on every connect.
DeaDSouL has joined #nixos
<Maxdamantus>
uname -a
<DeaDSouL>
hi, does anyone know what 'i801_smbus' driver is for?
<boomshroom>
If I do a source build of nix, will the install do a second build with dependencies from nixpkgs?
zeus_ has quit [(Remote host closed the connection)]
carlosda1 has joined #nixos
<Maxdamantus>
boomshroom: iirc the nix root is a compile-time option for nix.
<Maxdamantus>
boomshroom: so you'd probably just build from source however is easiest, specifying the root as being in your home directory.
slack1256 has quit [(Remote host closed the connection)]
<Maxdamantus>
boomshroom: then you should be able to run that version of nix to build nix again from nixpkgs in that specified root.
orivej has quit [(Ping timeout: 268 seconds)]
<boomshroom>
Maxdamantus: I'd assume trying to build nix with nix will pass the root from the original.
<Maxdamantus>
(I think when compiling that second time you have to specify the root in config.nix)
<Maxdamantus>
It might just pass it automatically, not sure.
<Maxdamantus>
but I'm pretty sure there's an option for it in nixpkgs (which could just be useful for bootstrapping a new nix system)
<Maxdamantus>
Looks like you have to set it, it won't be set from the environment.
<boomshroom>
Maxdamantus: because I'm manually building several dependencies of Nix into ~/opt after which I want to replace this Nix with one who's dependencies are all in ~/.nix/store
<Maxdamantus>
You'd have a package override for nix with `storeDir = "/home/whatever/nix/store"; stateDir = "/home/whatever/nix/var";`
carlosda1 has quit [(Ping timeout: 260 seconds)]
<Maxdamantus>
boomshroom: right, that should be fine, just need to specify that storeDir/stateDir in your nixpkgs config, as above.
<boomshroom>
I decided to use ~/.nix instead of ~/nix. Keep directories I shouldn't have to worry about hidden.
<Maxdamantus>
(as well as passing --with-store-dir=.. --localstatedir=.. when compiling the version you're putting in ~/nix)
<boomshroom>
configure: error: Nix requires libbz2, which is part of bzip2.
<boomshroom>
I just tried installing bzip2 into ~/opt and have a ~/opt/lib/libbz2.so.
<Maxdamantus>
Probably have to add something like `CFLAGS=-I$HOME/opt/include LDFLAGS=-L$HOME/opt/lib`
<boomshroom>
Maxdamantus: thanks. On to the next error!
<Maxdamantus>
Indeed.
jgertm has quit [(Ping timeout: 260 seconds)]
<boomshroom>
Ah, so this is what life was like before package managers (and LFS).
<boomshroom>
It sucks.
<Maxdamantus>
another approach btw would be to just build this bootstrapping version of nix on a system with a normal installation of nix.
<boomshroom>
Maxdamantus: Maybe that's what I should do. Can it build nix completely statically? As in, no runtime dependencies on the store? That said, I feel like what I'm doing now is giving me a better appreciation for package managers in general.
<Maxdamantus>
You'd build a bootstrapping version that would just be in your current /nix/store but will be able to build in /home/whatever/whatever
<Maxdamantus>
So with that version you can install nix itself (with the paths set correctly), then you can just copy that /home/whatever/whatever directory over.
<Maxdamantus>
(well, storeDir and stateDir should really be different)
<Maxdamantus>
anyway, once you've run that, you should be able to build the same expression again using: ./result/bin/nix-build -E '...'
<Maxdamantus>
but that time it will populate the specified storeDir
<boomshroom>
I would like if I didn't have to copy an entire store across the Salish Sea. :P
<Maxdamantus>
Well, it would only be a store containing nix (and its dependencies .. and maybe build dependencies if you don't gc)
iyzsong has joined #nixos
<boomshroom>
Maxdamantus: still, if I'm copying a locally built executable, I'd rather it be statically linked.
<Maxdamantus>
Well, nix is made of a mixture of at least C++ and perl, so kind of weird requiring it be statically linked.
<Maxdamantus>
Oh, you can specify the store/state directories through environment variables, so the bootstrap version isn't necessary, just NIX_STORE_DIR=... NIX_STATE_DIR=... nix-build -E '...'
<boomshroom>
roberth: Yay! Now to make it unsafe-language-free. #RIIR \s
<simpson>
boomshroom: Well, we can start with Rust and eliminate memory-unsafe languages, but then we should eliminate capability-unsafe languages after that. #MonteOrBust
<simpson>
boomshroom: Yeah, you missed the point entirely.
sary_ has joined #nixos
<boomshroom>
simpson
<dash>
boomshroom: nix is all three of those though
<boomshroom>
simpson: I'm sorry, I'm just not a big fan of dynamic languages. I'm the only person by SENG 265 prof knew who prefers C to Python.
<dash>
boomshroom: preferring C to Python is objectively bad
<dash>
(I mean, yes, python is objectively bad, but there _is_ a scale here_)
<boomshroom>
dash: I can live with Nix because it's a package management DSL and not a general purpose language.
<simpson>
boomshroom: That's fine. Dynamic typing is inevitable, though, so don't stress too much about it.
<boomshroom>
I will never forget the time when "10" < "
<boomshroom>
I will never forget the time when "10" < "5"
<boomshroom>
Not even Fortran or Ada gave me that kind of trouble.
<boomshroom>
or LISP
<simpson>
boomshroom: `"10" < "5"` is valid Haskell; it evaluates to `True`.
<boomshroom>
simpson: As far as I could tell at the time, it was 10 < 5. I had no idea it wasn't reading them as numbers.
<simpson>
boomshroom: Happens.
<Maxdamantus>
I'm pretty sure "10" < "5" in Python too.
sary_ has quit [(Quit: Lost terminal)]
<simpson>
Yeah, many languages have comparable strings. But I grok the point trying to be made.
<Maxdamantus>
Maybe "10" < 5
<boomshroom>
simpson: Python was the only language it happened with because it was the only one that didn't complain about my function being given strings.
<Maxdamantus>
That should fail in Python.
<Maxdamantus>
(and Haskell, obviously)
<simpson>
boomshroom: Oh. Well, Monte lets you say m`x :Int`. But, again, I understand your gripe. Python's not exactly a bastion of maintainable language design.
<roberth>
No-one writes "10" < "5". Just f(a,b) = a < b and it'd be nice if the use of < shows up in your interface somehow, if the f has to be polymorphic
carlosda1 has joined #nixos
<simpson>
roberth: Well, be careful what you wish for; this is *precisely* why Data.Set.Set isn't a Monad.
<simpson>
Yay for type system features not composing nicely with each other!
<boomshroom>
The assignment was to write a program that takes 3 numbers from the user and gives the median. I put median into its own function for all implementations as taking 3 numbers and ouputing 1 number.
<Maxdamantus>
simpson: actually, there are additional reasons why Data.Set.Set isn't a monad.
<Maxdamantus>
simpson: particularly, it can't satisfy the functor law `map f . map g = map (f . g)`
<boomshroom>
Looking at my LISP implementation, I'm surprised it didn't fail the same way as Python. Probably because `read` actually parses the input itself.
<Maxdamantus>
If you had a structure that actually could satisfy that law, there's a pretty good chance it wouldn't depend on Ord.
<simpson>
Maxdamantus: Indeed, in Monte, the corresponding monad operates on precisely the same equality equivalence as the `==` operator, neatly quotienting out any violations of the functor law.
<Maxdamantus>
simpson: does == work on functions?
<Maxdamantus>
(when I said "=" in that law, it actually means "is equivalent to .. in some vague sense")
carlosda1 has quit [(Ping timeout: 268 seconds)]
<Maxdamantus>
it doesn't really mean a precise form of equality .. at least as far as Haskell is concerned, because then you have to think at least about comparing functions.
<simpson>
Maxdamantus: Yeah, it's a total relation. The functor law would hold in Mont-DF, and that's close enough since we warn folks that putting side effects into monadic actions can lead to Fun Times.
<simpson>
Sure. In Monte, we prefer to pick `==` for the equivalence at all times. It's neater that way.
<Maxdamantus>
Oh right, so you're just saying that `==` refers to equivalence, rather than the other way round, which is pretty much how it works in Haskell too (though it's not formally defined)
pxc1 has quit [(Ping timeout: 248 seconds)]
<boomshroom>
While building dependencies for nix, I found that the smallest tarball for XZ utils was with XZ compression. Funny how that worked out...
<simpson>
Right. And IMO formal definitions for Hask are a little overrated since that category's either broken or not reflective of IRL behaviors.
<dash>
simpson: What was it Perlis said about not being able to go from the informal to the formal by formal means?
<dash>
Something like that anyhow.
<roberth>
boomshroom, during the manual part of bootstrapping, right?
<boomshroom>
roberth: yep.
<simpson>
dash: Sounds familiar.
<Maxdamantus>
boomshroom: probably nepotism.
tv has joined #nixos
<boomshroom>
Maxdamantus: :P
jmeredith has quit [(Quit: Connection closed for inactivity)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti pushed 3 new commits to master: https://git.io/vQRM4
<NixOS_GitHub>
nixpkgs/master 7d8adca Peter Simons: LTS Haskell 8.21
<NixOS_GitHub>
nixpkgs/master be23568 RFish ⚓: hackage2nix: use older version of apply-refact with ghc-8.0.x...
<NixOS_GitHub>
nixpkgs/master 641bd6e Peter Simons: hackage-packages.nix: automatic Haskell package set update...
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti closed pull request #26896: haskell-packages: use older version of apply-refact with ghc-8.0.x (master...fix-apply-refact-w/-ghc802) https://git.io/vQZuE
NixOS_GitHub has left #nixos []
<boomshroom>
Now to install the perl modules
LinArcX1 has joined #nixos
<LinArcX1>
Hi.i want to install cinnamon instead of plasma5, but i cant see any options in:https://nixos.org/nixos/options.html#services.xserver.desktopmanager.
LinArcX has joined #nixos
LinArcX1 has quit [(Quit: Leaving)]
LinArcX1 has joined #nixos
<boomshroom>
How do I install a perl module into a custom prefix? The INSTALL mentions "Configure -Dprefix=..." but I don't see any Configure script.
LinArcX1 has quit [(Client Quit)]
mudri has joined #nixos
<boomshroom>
DBD::SQLite wants to know where I installed DBI and asks to upgrade my CPAN/CPANPLUS shell. How do I do that?
eacameron has quit [(Remote host closed the connection)]
<LinArcX>
@adisbladis, thanks. KDE is very "big" DE. And I want to install a small DE. Are you try xfce?is it work?
<adisbladis>
LinArcX: I'm on kde myself and see no reason to try something else for the time being
<adisbladis>
I don't really know what you mean by "big"
<qknight>
hey. i want to run xmodmap from console on nixos on https://nixos.org/nixos/options.html#powermana but it constantly tells me: /nix/store/apwyxdxgv8iijspd3dk4lfp678cxahcc-xmodmap-1.0.9/bin/xmodmap: unable to open display ':0'
<boomshroom>
Now I'm trying to install the modules with CPAN and installed DBI and am trying to install DBD::SQLite but it's complaining that DBI isn't installed and can't install it because it's already there.
<qknight>
but i did export DISPLAY=:0 beforehead and tried (without the export) directly in front of the xmodmap command
<qknight>
using a system shell (ctrl+alt+f1) i get a slightly different error message showing that the magic cookie is wrong
<Maxdamantus>
qknight: are you running it as a different user? Does $XAUTHORITY have a strange value (eg, a path inside another user's (like root's) home directory)?
Jackneilll has joined #nixos
Jackneilll has quit [(Remote host closed the connection)]
<qknight>
Maxdamantus: yes i'm running the script as root and the X as joachim i suppose
<qknight>
Maxdamantus: i've now changed to su and it kind of works now
<qknight>
no 100% sure yet
Jackneilll has joined #nixos
<Maxdamantus>
qknight: yeah, so it's probably just that it was using the wrong cookie thing since running as root will use root's cookie and the server will probably only be accepting joachim's one.
<qknight>
resumeCommands = ''
<qknight>
${pkgs.su}/bin/su -s "${pkgs.bash}/bin/bash" -c "export DISPLAY=:0; ${pkgs.xorg.xmodmap}/bin/xmodmap /home/joachim/.Xmodmap" joachim
<Maxdamantus>
Could just do some hacky thing like XAUTHORITY=/home/joachim/.Xauthority
<qknight>
'';
<qknight>
lol, that works!
<qknight>
who wouldn't have thought of that!
LinArcX has quit [(Remote host closed the connection)]
<Maxdamantus>
(since you're root, you can just read that file anyway)
Guest91457 has quit [(Read error: Connection reset by peer)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/vQRy9
<NixOS_GitHub>
nixpkgs/master 1551975 Vincent Laporte: ocamlPackages.ocp-ocamlres: init at 0.3...
NixOS_GitHub has left #nixos []
roconnor has quit [(Ping timeout: 276 seconds)]
faffolter has joined #nixos
<Maxdamantus>
Turns out the freetype issue I'm having is just an issue with freetype this time, not nixpkgs.
* Maxdamantus
is git bisecting the freetype2 repository.
<simukis>
how do I update my nixpkgs thing? That is, my current system is 17.09pre107265.0afb6d789c, that’s using stuff from february
<LnL>
sudo nix-channel --update
thc202 has joined #nixos
<simukis>
LnL: thanks!
<LnL>
or nixos-rebuild switch --upgrade if you want to rebuild with the latest channel
<Maxdamantus>
Ah, they just made "subpixel hinting" the default in 2.7.x
<Maxdamantus>
eugh, seems like the only way to "configure" it at runtime is through an environment variable.
ebzzry has quit [(Ping timeout: 268 seconds)]
telotortium has quit [(Read error: Connection reset by peer)]
telotortium has joined #nixos
carlosda1 has joined #nixos
ebzzry has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to master: https://git.io/vQRSE
<NixOS_GitHub>
nixpkgs/master 8dddd2b Vladimír Čunát: texlive.combine: fix perl scripts without a shebang...
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to release-17.03: https://git.io/vQRSa
<NixOS_GitHub>
nixpkgs/release-17.03 0476a06 Vladimír Čunát: texlive.combine: fix perl scripts without a shebang...
NixOS_GitHub has left #nixos []
kthnnlg has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to release-17.03: https://git.io/vQRSF
<NixOS_GitHub>
nixpkgs/release-17.03 057f89b Vladimír Čunát: lib/maintainers: add zxc24 to fix evaluation...
NixOS_GitHub has left #nixos []
arianvp2 has quit [(Quit: arianvp2)]
Wizek_ has joined #nixos
arianvp2 has joined #nixos
freusque has joined #nixos
mpcsh has quit [(Quit: THE NUMERICONS! THEY'RE ATTACKING!)]
mpcsh has joined #nixos
leat has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] gebner pushed 2 new commits to master: https://git.io/vQR9N
<NixOS_GitHub>
nixpkgs/master 25d4704 Johannes Frankenau: neomutt: 20170602 -> 20170609
<NixOS_GitHub>
nixpkgs/master 6acb707 Gabriel Ebner: Merge pull request #26956 from jfrankenau/neomutt-20170609...
NixOS_GitHub has left #nixos []
juhe has joined #nixos
mudri has quit [(Ping timeout: 240 seconds)]
eacameron has joined #nixos
<Mateon1>
Once I can build a package with nix-build (with a local default.nix file), how can I add it to $PATH?
eacameron has quit [(Ping timeout: 260 seconds)]
freusque has quit [(Ping timeout: 248 seconds)]
<makefu>
nix-env -i /nix/store/<package>
<Mateon1>
As in, how does a program end up in /run/current-system/sw/bin?
<Mateon1>
makefu: I'll try that
<Mateon1>
Oh, nice, thank you
arianvp2 has quit [(Ping timeout: 240 seconds)]
<makefu>
it is now in your local environment, if you want to have it installed for everyone you can either install as root or you can include it in /etc/nixos/configuration.nix
<LnL>
that installs it into your user profile, /run/current-system has go through configuration.nix
<Mateon1>
Oh, I see
<LnL>
you could do something like this there environment.systemPackages = [ (import /path/to/expression {}) ];
_ris has joined #nixos
<Mateon1>
Hm, my expression is not a function, my default.nix starts with "with import <nixpkgs> {}; ..."
cpennington has joined #nixos
<LnL>
leave off the {} call in that case
<Mateon1>
Okay, thanks
<makefu>
the best thing of course would be to include it into nixpkgs and then you can do `environment.systemPackages = [ pkgs.<pkgname> ]`
<LnL>
I usually use { pkgs ? import nixpkgs {}, nixpkgs ? <nixpkgs> }: ... so you can override it
<Mateon1>
makefu: I could do that, that would be my first new package contribution :)
<makefu>
LnL: what i normally do is to write a `standard` package definition and use `callPackage`. this makes it easier later on to push the package upstream
<Mateon1>
makefu: It isn't terribly difficult to replace the first line with a function definition, taking stdenv, fetchurl, and pkgs
<makefu>
in standard packaging you try to include as much stuff as possible as an argument to use `.override` easily
<manveru>
so i'm thinking of fixing the style or finding a way to ignore it... i have no clue about what proper python looks like, but fixing those 5 issues seems easy enough
<manveru>
it'll just cause a massive rebuild since all python packages depend on it
<gchristensen>
sure, try it and see
<sphalerite>
What bad things could happen if I build an untrusted expression? Anything worse than denial of service?
<gchristensen>
not sure how big of a rebuild it'll be :)
<gchristensen>
sphalerite: evaluate or build?
<FRidh>
actually, if I am correct we don't need run_setup.py anymore
<sphalerite>
gchristensen: build
<manveru>
FRidh: all it does is replace those newlines?
<sphalerite>
well, evaluate as well I suppose, given that it's a necessary step towards building them :)
<gchristensen>
sphalerite: but also evaluate?
<gchristensen>
sphalerite: they can exfiltrate anything they want from your system
<sphalerite>
oh yeah
<gchristensen>
or exploit a kernel bug to get out of the sandbox if you have it on
<gchristensen>
(if you don't have it on, they don't need a kernel bug :))
<sphalerite>
Well yeah assuming no bugs
<sphalerite>
In the sense of how safe does nix *try* to guarantee builds being
<sphalerite>
Is building an untrusted derivation safe?
<manveru>
that's the changes i had to make to run_setup
<sphalerite>
gchristensen: yep
<sphalerite>
I mean, not really a realistic case (or do remote builds do that?)
<gchristensen>
they do
<gchristensen>
once you build the .drv files you can nix-copy-closure them away to take the build intructions and all their dependencies, so that makes it harder (baring bugs) for them to exfiltrate data
<FRidh>
manveru: just checked, removing that shim is not an option since it would break some packages
<gchristensen>
sphalerite: I'd go as far as say I don't know of any specific reason it wouldn't be fine, though I do have some caveats like you'd want to maybe not allow network fetching on your box (require it all fetched ahead of time, don't allow general network access via iptables rules)
<gchristensen>
sphalerite: and also I wouldn't put anything secret on that box
<gchristensen>
re network access: otherwise you're worse than an open relay :P
<sphalerite>
oh yeah
<gchristensen>
sounsd like you have big plans, what's up? sounds very cool
freusque has quit [(Ping timeout: 240 seconds)]
<sphalerite>
Sorry, no plans. Just curious
<gchristensen>
ah :)
<gchristensen>
this network issue & kernel bug concerns are why we don't auto-build PRs on hydra already
<sphalerite>
I see
telotortium has quit [(Read error: Connection reset by peer)]
<gchristensen>
oh! also, I got a new work laptop (the old drank some coffee ...) so I'm back on the prowl for a one-step automatic darwin installer that sets up the daemon
<LnL>
yeah I was thinking that there's not really a reason not to create the build users in the regular installer
<gchristensen>
really?
<LnL>
why not, doesn't matter if they exist and I don't want to use the daemon
<gchristensen>
oh in the nix-darwin installer
<LnL>
no the nix installer
<gchristensen>
oh
<gchristensen>
IMO we should be pushing people towards the daemon, why don't you use it?
<LnL>
then if somebody runs sudo nix-daemon it just works
<gchristensen>
sorry I misread the first "not really a reason not to" and thought you were against upstreaming it, but I see you meant the opposite of what I understood
<LnL>
I do, just saying that for people that need the nixops support and don't want to use the daemon it doesn't matter if those users exist
<gchristensen>
right, makes sense
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 5 new commits to master: https://git.io/vQRdJ
<NixOS_GitHub>
nixpkgs/master 8fd3645 Vincent Laporte: ocamlPackages.jsonm: 1.0.0 -> 1.0.1
<NixOS_GitHub>
nixpkgs/master 352d487 Vincent Laporte: ocamlPackages.conduit: 0.8.3 -> 0.10.0
<NixOS_GitHub>
nixpkgs/master fe9147a Vincent Laporte: ocamlPackages.conduit: 0.10.0 -> 0.15.4...
NixOS_GitHub has left #nixos []
LinArcX has joined #nixos
LinArcX has quit [(Remote host closed the connection)]
<sphalerite>
Never fail to avoid using multiple negations. They're confusing. :D
<sphalerite>
and you're not unlikely to be misunderstood
<gchristensen>
*stare*
* gchristensen
doesn't not stare
erictapen has joined #nixos
<juhe>
gchristensen: using "hardware.enableRedistributableFirmware = true;" in configuration.nix doesn't put firmware file into initrd. It seems impossible to put firmware into initrd this way. I've removed i915 from initrd (removed it from boot.initrd.availableKernelModules) so that it can load its firmware in 2nd stage boot as a workaround.
<gchristensen>
juhe: which firmware are you looking for?
<juhe>
gchristensen: i915/skl_dmc_ver1_26.bin
<gchristensen>
and why did removing it from boot.initrd... fix it? I'm not following
<sphalerite>
because that way the driver doesn't look for it until the root filesystem is mounted and the firmware is there
<juhe>
gchristensen: I have been loading i915 module in initrd, but it is not possibe to load firmware from 1st stage boot.
<gchristensen>
ohh I see
<sphalerite>
Firmware should usually be included in the initrd though I think?
<Dezgeg>
no there is nothing in nixos to include it afaik
<juhe>
seems so, but it's not a showstopper for me :)
<gchristensen>
glad to hear it, juhe :)
<gchristensen>
sorry for the misleading advice
eacameron has joined #nixos
<sphalerite>
juhe: you should be able to add the firmware manually by adding it to initrd.boot.prepend though I think
<juhe>
no problem, I've learned something new
pie_ has joined #nixos
<gchristensen>
LnL: hmm but what about setting up the per-user gcroots dirs, and the store ownership? those parts are missing from that setup script
eacameron has quit [(Ping timeout: 248 seconds)]
<juhe>
sphalerite: hm... yes, I'll take a look at it.
lambdael has joined #nixos
<LnL>
ah right
LinArcX has joined #nixos
<gchristensen>
LnL: I'll add your bootstrap in to the list, b/c it is the best user setup flow i've seen
<LinArcX>
I am installing nixos. In the last round I forgot to change my keyboard language and type password in Persian. Installer prompt me that installation is failed. But I set password again through passwd command. After reboot bathing happen and I am in installer again.
LinArcX has quit [(Remote host closed the connection)]
freusque has joined #nixos
koserge has joined #nixos
marsel has quit [(Ping timeout: 255 seconds)]
<gchristensen>
anyone have any favorite recorded talks about functional programming? I'm wanting to watch one while I do something else
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/vQRF3
<NixOS_GitHub>
nixpkgs/master 982af09 Vincent Laporte: perl522: fix build on Darwin...
<simpson>
gchristensen: There's also an ekmett talk where he encodes categories in Haskell *without* using the implicit category of endofunctors on Hask. I can go find it, but you need to be into category theory to really get the joke.
<simpson>
As with all Haskell jokes, the punchline is that it type-checks.
<LnL>
:p
<gchristensen>
oh I wouldn't get it then but I'd watch it
LinArcX has joined #nixos
erictapen has quit [(Ping timeout: 255 seconds)]
erictapen has joined #nixos
tvon has quit [(Ping timeout: 240 seconds)]
<hodapp>
hah... long holiday weekend or something? I have seen 3 of my PRs closed in the last few days :P
<gchristensen>
yup
tmaekawa has joined #nixos
erictapen has quit [(Ping timeout: 248 seconds)]
LinArcX has quit [(Remote host closed the connection)]
<hodapp>
I'm curious if anyone actually uses DraftSight... which might be one of the only non-obscure things I've added to nixpkgs
<hodapp>
oh, I guess I need to add Tesseract support to OpenCV
<hodapp>
Are there any existing examples of a parameter that overrides another? In my case, the deal is that if you want Tesseract enabled, enableContrib must be true so I'm not sure whether I should code things so that enabling Tesseract does so, or just put it in the docs that you must have enableContrib
LinArcX has joined #nixos
LinArcX has quit [(Remote host closed the connection)]
<hodapp>
hmmmm. well, the way I go about it is to check out nixpkgs someplace like ~/nixpkgs, and then run things like 'nix-env -f ~/nixpkgs' rather than just nix-env
<hodapp>
but other folks in the channel can probably give you a much better anwser
roberth has quit [(Ping timeout: 248 seconds)]
<gchristensen>
one second, joehh
<LnL>
it depends on where you want to use it
rtjure has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] zimbatm pushed 1 new commit to master: https://git.io/vQRNm
<joehh>
LnL: thinking about it, I see what you mean, I guess my options are 1) in /etc/nixos/configuration.nix, 2) in my local user nix-env installed stuff and 3) in some sort of nix-shell/overides type environment
<joehh>
for my case now, I think I'm mainly interested in 2 - being able to install draftsight (or something else - dropbox...) from a particular branch/commit of nixpkgs
<hodapp>
for me it ends up mostly being 2/3 because of how often I need to build "weird" things which I don't need in my normal environment anyway, but which also aren't a part of nixpkgs, because they're weird
<LnL>
gchristensen: why not use an actual channel?
<gchristensen>
I didn't want to overwhelm a new user with too many steps
<gchristensen>
but that could be fine too :)
<adisbladis>
I'm a fairly new user who went pretty much straight to running of master ;)
astsmtl has joined #nixos
astsmtl has quit [(Changing host)]
astsmtl has joined #nixos
<gchristensen>
yeah, that is a terrible idea
<adisbladis>
joehh: You can do a checkout of a channel, add an extra origin which is the current nixpkgs master and cherry-pick
<adisbladis>
gchristensen: Working out great so far
<gchristensen>
yeah, drinking poison is great until you die
<LnL>
I use the release channel and overlay packages from unstable that I want to update
<hodapp>
or... should I just make opencv throw an error if you try to enable Tesseract without enableContrib? hmmmm
<joehh>
gchristensen: I think I kind of get what you are suggesting, 2 questions - where is systemPackages - is it /etc/nixos/configuration.nix? secondly, does that work because master branch is unstable release?
<gchristensen>
LnL: that is a great idea, I wish stable installs defaulted to having an unstable-small version too
<LnL>
yeah
<gchristensen>
joehh: environment.systemPackages in configuration.nix
<gchristensen>
hodapp: I'll merge your PR now if you fix it :P
arianvp2 has joined #nixos
<hodapp>
gchristensen: it was already merged
<gchristensen>
I mean your update PR
<hodapp>
I'll do my OpenCV PR real quick, then get to that
simukis has quit [(Read error: Connection reset by peer)]
simukis has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Hodapp87 opened pull request #27011: opencv: Add optional Tesseract support (master...opencv_tesseract) https://git.io/vQRN1
NixOS_GitHub has left #nixos []
<sphalerite>
gchristensen: maybe update the gist to reflect that 17.03 is current?
<LnL>
is it possible to run something in a chroot during a build?
astsmtl has joined #nixos
astsmtl has quit [(Changing host)]
astsmtl has joined #nixos
roberth has joined #nixos
<hodapp>
LnL: isn't buildFHSUserEnv sort of this?
<hodapp>
well... hmm... that's running in a chroot
<LnL>
isn't that for runtime
<LnL>
I basically just need mkdir /foo to change to mkdir $dir/foo
<hodapp>
I'd be surprised if support of this sort didn't exist yet
<hodapp>
considering how many stupid build process are handled in nixpkgs
<LnL>
and I also don't need any special user permissions
ndrei has joined #nixos
<ndrei>
Hello, I need to use VMWare as a one-shot thing, and the installer is trying to install things all over the place, so I'm trying to do so with buildFHSUserEnv, but I'm getting an error when it's trying to access the display, anybody have any hints?
<ndrei>
is there a way to "extend" the global env with nix-shell? Like, inherit the global packages? (I'm sure there is, actually)
Fare has joined #nixos
<joehh>
grahamc, LnL, hodapp, adisbladis, sincere thanks to you all - you've increased my nix knowledge and got me the packages I've wanted
tmaekawa has quit [(Read error: Connection reset by peer)]
<joehh>
thanks very much :)
<LnL>
\o/
<grahamc>
Very glad to help! Welcome to the community :)
tmaekawa has joined #nixos
<joehh>
thanks
rtjure has quit [(Ping timeout: 248 seconds)]
tmaekawa has quit [(Ping timeout: 240 seconds)]
eacameron has joined #nixos
<sphalerite>
ndrei: that's the default behaviour
<sphalerite>
ndrei: you can make it "replace" rather than "extend" with the flag --pure
astsmtl has quit [(Ping timeout: 248 seconds)]
<sphalerite>
ndrei: if a display needs to be available during a build, it really sucks because it will either need to be impure or you'll need to run an X server inside the build. Check if there's absolutely no option for vmware to install just on the commandline
<jophish>
I'm trying to build something which requires it
eacameron has quit [(Ping timeout: 240 seconds)]
vandenoever has joined #nixos
<vandenoever>
how can i get the dir where an expression is installed? e.g. i've an expression that needs to run java so i need the java path
<vandenoever>
this does not work: (pkgs.openjdk + "/bin/java")
<tilpner>
pkgs.openjdk.outPath should do
arianvp2 has quit [(Quit: arianvp2)]
<jtojnar>
Is there a way to set channels declaratively inside configuration.nix?
<vandenoever>
tilpner: so (pkgs.openjdk.outPath + "/bin/java") ?
eacameron has joined #nixos
<ndrei>
sphalerite: thank you!
<ndrei>
sphalerite: actually there is, but I'm still getting an error, so something else must be up but it will be though debugging the installer since part of the script is a binary blob
<tilpner>
vandenoever - Yes, try that
<vandenoever>
tilpner: that works!
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] expipiplus1 opened pull request #27015: qbs: init at 1.8 (master...qbs) https://git.io/vQRpE
NixOS_GitHub has left #nixos []
<sphalerite>
ndrei: the joys…
<tilpner>
jtojnar - What aspect do you want to manage declaratively? Just pkgs, or also the nixos modules that define services, and similar?
<ndrei>
sphalerite: yeah, I'm getting a spare Ubuntu machine as a "victim", I only need the launch a VM once...
arianvp2 has joined #nixos
<jtojnar>
tilpner: just the channel URLs
<tilpner>
jtojnar - Oh, so you want to keep using channels? Do you think it would be enough to symlink ~/.nix-channels from the store?
juhe has quit [(Remote host closed the connection)]
iyzsong has quit [(Ping timeout: 248 seconds)]
pxc1 has joined #nixos
<jtojnar>
tilpner: Will it work if I add the file to a new host? I mean is appending to that file all that `nix-channel --add` does?
<tilpner>
jtojnar - I haven't been using channels for a while, but I think you're right, that's all it does
telotortium has quit [(Read error: Connection reset by peer)]
telotortium has joined #nixos
<tilpner>
It might additionally make sure ~/.nix-defexpr contains the right symlinks, but that's just a guess
pxc1 has quit [(Ping timeout: 255 seconds)]
roconnor has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] DanOlivier opened pull request #1433: Altering tests to run "out-of-source" (master...Tests-run-out-of-source) https://git.io/vQRht
NixOS_GitHub has left #nixos []
zraexy has joined #nixos
lambdael has quit [(Quit: WeeChat 1.7.1)]
lambdael has joined #nixos
Wizek_ has quit [(Ping timeout: 240 seconds)]
Wizek has quit [(Ping timeout: 260 seconds)]
DeaDSouL has quit [(Ping timeout: 276 seconds)]
Wizek has joined #nixos
Wizek_ has joined #nixos
schoppenhauer has quit [(Ping timeout: 276 seconds)]
erictapen has joined #nixos
jsoo_ has joined #nixos
schoppenhauer has joined #nixos
jsoo_ has quit [(Client Quit)]
rtjure has joined #nixos
astsmtl has joined #nixos
astsmtl has quit [(Changing host)]
astsmtl has joined #nixos
Wizek_ has quit [(Ping timeout: 240 seconds)]
Wizek has quit [(Ping timeout: 260 seconds)]
<clever>
tilpner: ~/.nix-channels is just a config file for nix-channel and nothing else, nix-env reads ~/.nix-defexpr/
phinxy has joined #nixos
justbeingglad has joined #nixos
justbeingglad has left #nixos []
<tilpner>
clever - I know that part, but jtojnar was asking how to manage channels declaratively. They would want to define .nix-channels and .nix-defexpr from their config for that
<tilpner>
(Unless you're just saying that nix-channel --add doesn't touch nix-defexpr, which I didn't know)
<clever>
ah
<clever>
--add doesnt touch defexpr, its --update that handles that
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] LnL7 opened pull request #27017: docker-tools: set user/group when creating a pure layer (master...docker-pure-layer) https://git.io/vQRjD
<clever>
so you just need to control whatever nixpkgs= in $NIX_PATH points to
orivej has joined #nixos
tvon has quit [()]
<tilpner>
No, that won't quite work. I have a nixpkgs that's been imported with a list of overlays, and that's working fine. It's being passed to my configuration.nix
DanC has joined #nixos
<tilpner>
My configuration.nix can access packages defined by the overlays just fine, but anything I import doesn't have access to them
<clever>
how are you importing things?
<tilpner>
That's because the pkgs passed to those modules is not the same pkgs I pass to configuration.nix
<clever>
how are you loading configuration.nix?, that should be handled by nixos
<tilpner>
I'm using the module mechanism, imports = [ ./config/services.nix ];
<clever>
that should get the exact same pkgs as configuration.nix
<tilpner>
But that doesn't allow me to pass arguments
kthnnlg has quit [(Remote host closed the connection)]
zetok has joined #nixos
pxc has quit [(Ping timeout: 255 seconds)]
mudri has quit [(Ping timeout: 248 seconds)]
bennofs has joined #nixos
boomshroom has joined #nixos
<boomshroom>
Good morning. Back to trying to build Nix's dependencies on my university account in my home directory.
<Infinisil>
boomshroom: What's the problem you got? I'm not sure if it's possible to install nix if you're not root
<boomshroom>
Trying to build the perl modules includes a line like "YAML not installed. Not storing persistent state." Would that be a problem?
<Infinisil>
Doesn't look like that's needed
<boomshroom>
Infinisil: With the binary builds, yes. I'm attempting to build from source, which means I need all the dependencies, which aren't necessarily provided for me.
<Infinisil>
Oh
<Infinisil>
Well if you can't install anything on the machine yourself I don't see how this could work
spinus has joined #nixos
<Infinisil>
Building everything from source might work, but that's gonna be annoying I bet
<boomshroom>
Infinisil: I can install into my home directory (Though I probably shouldn't :P).
<Infinisil>
Hmm
<boomshroom>
Yesterday, I was able to get CPAN to install into my home directory, but now it's trying to use the global installation.
<Infinisil>
So you can't install new software at all? Like with an existing package manager?
<boomshroom>
Infinisil: this isn't for my computer. This is for my user on the university machines.
<boomshroom>
Do you expect the university to give root access to a student like me?
<LnL>
isn't there something to run everything in a chroot?
<boomshroom>
If they were already using Nix, I would be able to install it with a package manager. :P
<clever>
you dont technicaly need root to install nix
<boomshroom>
Sorry. My parents are dragging me shopping.
<clever>
all you need, is ownership of /nix/
ertes has quit [(Ping timeout: 255 seconds)]
<clever>
the curl script will skip sudo if you can write to /nix
<boomshroom>
clever: I'm setting the store to ~/.nix/store, so I need a source build.
boomshroom is now known as boomshroom-away
<clever>
yeah, that would require building it from scratch
<clever>
boomshroom-away: one last thing before you go
<Infinisil>
Is it possible to have a nixops configuration for a remote system in my local configuration.nix and have it automatically be deployed on a rebuild?
<Infinisil>
Hmm actually no, it would be better and safer to do this separately, I can still share expressions between them if I want
<roberth>
Infinisil, that's probably better. If they are tightly coupled for some reason, you can use NixOps to manage both
eacameron has quit [(Remote host closed the connection)]
detran` has joined #nixos
<Infinisil>
An example use case for something shared is when I change the port for ssh
detran has quit [(Remote host closed the connection)]
<Infinisil>
While I don't yet know of a lot of use cases, I hate redundancy
vandenoever has quit [(Ping timeout: 240 seconds)]
bennofs has quit [(Ping timeout: 240 seconds)]
grisher has quit [(Ping timeout: 255 seconds)]
grisher has joined #nixos
dtzWill has quit [(Ping timeout: 240 seconds)]
<Gravious>
ok guys
<Gravious>
nix@salo:~$ gitano-setup
<Gravious>
/usr/bin/lua5.1: error loading module 'luxio' from file '/nix/store/yjc6vmfl1jsykls4h922dk3vh5jakyzj-lua5.1-luxio-12/lib/lua/5.1/luxio.so': /nix/store/f111ij1fc83965m48bf2zqgiaq88fqv5-glibc-2.25/lib/librt.so.1: symbol __recv, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference
<Gravious>
what is this about? :D
phinxy has quit [(Read error: Connection reset by peer)]
<gchristensen>
LnL: fixed
<LnL>
what was the problem?
<gchristensen>
LnL: if it can't connect to github on startup, it seems to forget everything it knew
<srhb>
It says, for installed packages: nix-store --query --references $(which emacs)
<srhb>
LnL: Oh nice :)
<srhb>
The formatting is all shot though...
<Infinisil>
Gravious: Oh they probably blocked the archive because it allows access to pretty much everything, just like a proxy
* Gravious
nods
<srhb>
Oh, it scrolls sideways.
<LnL>
wat...
<LnL>
so they also block google translate?
<Infinisil>
srhb: nix-store -qR is just abbreviated for nix-store --query --references
<srhb>
Infinisil: Yep.
<srhb>
I was just quoting it verbatim :)
<Infinisil>
LnL: Well they can't block everything and there are tons of free proxies out there
<Gravious>
both of those are really useful anyway, thanks :)
pxc1 has joined #nixos
marsel has joined #nixos
erictapen has quit [(Ping timeout: 240 seconds)]
erictapen has joined #nixos
metaphysician has quit [(Ping timeout: 240 seconds)]
metaphysician has joined #nixos
<hodapp>
err, just did "services.tt-rss.enable = true;" and "nixos-rebuild switch" produced no error... but now nothing resembling a Tiny Tiny RSS installation is present
<hodapp>
does anyone run this by chance?
<bennofs>
hodapp: systemctl status tt-rss
<hodapp>
"Unit tt-rss.service could not be found."
erictapen has quit [(Ping timeout: 276 seconds)]
erictapen has joined #nixos
boomshroom-away is now known as boomshroom
<boomshroom>
Happy Canada day!
<boomshroom>
I just got pack from purgatory with 2 new pairs of shorts.
<hodapp>
...purgatory?
<tilpner>
Is there a prettier way to do with builtins; map (o: import (./overlays + ("/" + o))) (attrNames (readDir ./overlays))?
<boomshroom>
The mall.
<dash>
o/` down in the mall o/`
<boomshroom>
While waiting for my ssh to catch up. I'm doing a `nix-store --verify --check-contents` and it mentioned that python3 was modified. On past invocations of `nix-store --optimise` it was giving messages about "skipping suspicious writable file." Do these have anything to do with each other?
<srhb>
boomshroom: Sounds likely, and also eek.
<tilpner>
boomshroom - I never manually ran the verify thing, but got the suspicious file warning too
johnw has quit [(Ping timeout: 276 seconds)]
<boomshroom>
tilpner: Do you have it run automatically in your configuration.nix?
<tilpner>
boomshroom - I don't remember enabling it. Which option would that be?
<boomshroom>
tilpner: I don't know, I just assumed that would be the alternative to running it manually. This is the first time I've used verify and python was the only error.
johnw has joined #nixos
<tilpner>
No, the alternative I meant was it running as part of some other nix-store command, or enabled to run automatically by default
<LnL>
boomshroom: is this on a non nixos system?
<boomshroom>
The python thing was on NixOS.
<LnL>
oh that's unexpected
<LnL>
python likes to write pyc files everywhere, but the store is mounted ro on nixos
<Infinisil>
What I really really like about linux is that you have full control over everything
<Infinisil>
I just booted macOS yesterday and some fucking process was using all the CPU, making the fans spin
ebzzry has quit [(Ping timeout: 240 seconds)]
<srhb>
How does Nix know to preserve a shared library that I depended on as buildInputs, but not as propagatedBuildInputs?
<srhb>
(preserve as in save from the gc)
<sphalerite>
srhb: it searches all the files in the output for the paths referenced by the derivation
<srhb>
sphalerite: When does it do this? Upon gc?
<grahamc>
When the build. Finishes
<sphalerite>
I don't know exactly when, but not at gc time I'm pretty sure
<srhb>
Oh, so this information is stored in a database somewhere?
<sphalerite>
yes
<sphalerite>
in /nix/var/nix/db/db.sqlite I believe :)
<srhb>
I see. So in this case, it's reading the nix path to the dependency from ldd (basically) and storing it
<srhb>
I assume that's a fixupPhase thing?
<sphalerite>
No, fixupPhase is part of the build
<sphalerite>
and it's not using ldd, it's (basically) just grepping for the path in all the files
<hodapp>
is there some magical way that I can run an nginx virtualhost off of a subdirectory? I would really like to make ttrss run without having to resort to editing my DNS configuration or some garbage like that
<srhb>
Even binaries? :p
<srhb>
:o
<hodapp>
but it appears to want to have the entire webserver to itself
<zraexy>
Can someone restart the keymap tests in trunk-combined/tested that timed out (It only seems to happen on lucifer) so we can get a new nixos-unstable?
<sphalerite>
srhb: yes.
<srhb>
I'm trying to explain this to someone else, and I just realized I don't really understand where the dependencies came from.
<sphalerite>
:)
<srhb>
sphalerite: Thank you. :)
<Infinisil>
hodapp: There's the services.nginx option, which is dead simple to use
<hodapp>
sphalerite: as far as I can tell, that 'locations' is still for some subdirectory off of the virtual host itself
<sphalerite>
hodapp: isn't that what you want?
<hodapp>
sphalerite: then I still require a separate virtual host for everything
<Infinisil>
hodapp: I don't really get your problem
<boomshroom>
sphalerite: doesn't bind mount require root?
<sphalerite>
ooooh I see
<sphalerite>
boomshroom: nope, not with user namespaces.
<sphalerite>
boomshroom: I successfully installed nix on my uni account
<sphalerite>
Although then I had to remove it again because it took up too much space
madgoat has joined #nixos
<boomshroom>
`mount --bind /bin mount-test/` -> "mount: only root can do that"
<hodapp>
Infinisil: I am avoiding creating a virtual host because I don't feel like fucking around with SSL certs (which I already have on the domain I'd like to use) and with my DNS configuration (and then waiting for that to take effect just so I can get to the point of testing it), but the only way that tt-rss.nix passes through the correct configuration seemingly is if I'm using a virtual host
<sphalerite>
boomshroom: Yes but you're not in a separate user and mount namespace
<sphalerite>
boomshroom: unshare -rfm and try again
madgoat has left #nixos []
<sphalerite>
(don't worry, you won't really be root even if your prompt says you are)
<hodapp>
Infinisil: and I really have no idea how to properly configure nginx to run this in a subdirectory - which is where I am right now, and I'm just getting 404s and have no idea how to actually diagnose this
<boomshroom>
unshare: invalid option -- 'r'
<sphalerite>
boomshroom: the abbreviation must be new. what about unshare --map-root-user -fm ?
<Infinisil>
hodapp: So you have your sub.domain.com and want tt-rss to run in sub.domain.com/rss/ ?
<boomshroom>
I don't really care about a chroot of building packages from source. If anything, I found manual dependency management to be an interesting challenge and it's already mostly done.
apeyroux_ has joined #nixos
<hodapp>
Infinisil: I just want it in a subdirectory.
<hodapp>
I already have a domain, I'd prefer to not screw around with making another subdomain
<sphalerite>
boomshroom: but building stdenv and everything else from source takes a long time
<boomshroom>
sphalerite: I see help, mount, uts, ipc, and net options. Also, it's not my machine that's building them. ;)
<sphalerite>
boomshroom: it's very likely you can save yourself a lot of time using nix-user-chroot instead, if it works
<sphalerite>
boomshroom: it is your patience though ;)
simendsjo has quit [(Ping timeout: 268 seconds)]
<boomshroom>
And building from source lets me do optimizations like minimizing the size. How can I view which cpu optimization setting would match the current system.
<sphalerite>
-march=native is best
<boomshroom>
sphalerite: Does it count as patience if it's happening while I'm out at a Canada day celebration?
<sphalerite>
Fair enough :D
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] joachifm pushed 4 new commits to master: https://git.io/vQ0YD
<NixOS_GitHub>
nixpkgs/master 6e36e7f Joachim Fasting: gede: replace build.patch with inline sed call...
<NixOS_GitHub>
nixpkgs/master 4f320d3 Joachim Fasting: gede: fix sandboxed build...
<NixOS_GitHub>
nixpkgs/master 0040dba Joachim Fasting: gede: add ctags and gdb to path via wrapper
NixOS_GitHub has left #nixos []
boomshroom is now known as boomshroom-away
<sphalerite>
-march=native can optimise to the CPU it's building on in a more fine-grained way than specific models passed in
<sphalerite>
assuming of course that you're building for the CPU you're running on
<boomshroom-away>
ld: cannot find -lbz2
<Infinisil>
boomshroom-away: need to install bz2
<Infinisil>
the library of it
Isorkin has quit [(Ping timeout: 260 seconds)]
<hodapp>
ugh, I really wish nginx could articulate something to me other than 404
<hodapp>
the most I can figure out is that by trying to copy from the virtualhosts configuration, I have made nginx pretend that PHP files don't exist at all
jgertm has quit [(Ping timeout: 255 seconds)]
boomshroom-away is now known as boomshroom
boomshroom has quit [(Quit: Page closed)]
boomshroom has joined #nixos
<boomshroom>
I installed bz2 yesterday well enough that ./configure didn't complain.
<LnL>
ok so that works, not sure where it's getting stuck then
<boomshroom>
It's also printing "lib/libcurl.so.4: no version information available (required by /usr/bin/curl)"
mudri has joined #nixos
mkoenig has joined #nixos
<LnL>
must be something with the perl module
<boomshroom>
nix-channel was calling nix-env with --quiet. I removed that and it seems to be trying to build ~/nix/store/...nixpkgs-... Given that I'm building from source, that could be why it seems to be doing nothing.
Filystyn has quit [(Remote host closed the connection)]
mudri has quit [(Ping timeout: 260 seconds)]
<LnL>
I'm pretty sure building nix on another machine and copying it over is a lot easier
<Mic92>
bennofs: yeah, that would be cool
FRidh has quit [(Quit: Konversation terminated!)]
<LnL>
boomshroom: do you have another machine with nix?
<boomshroom>
So many tools just to shuffle the VFS.
<Mic92>
nix-user-chroot is quite handy. I just putted it in my zshrc back then.
<Mic92>
But I am actually glad to root instead most of the time these days.
<clever>
and once you have root, you could just install full nixos, even remotely
<boomshroom>
I don't know if the university would appreciate me installing a full distro into my student drive. Especially not when the volume is shared between multiple students.
<clever>
yeah, lol
<Infinisil>
You should really have them put nix on all systems
<clever>
containers/user_ns would give good performance without needing root
<praduca>
Hi, anyone know how to fix the nox problem? I mean, the grsecurity message issue at invocation of nox
<boomshroom>
If they get suspicious of my activities enough to ask what the heck I'm doing, I could make it an oportunity to try to convince them to install nix system wide. I'd probably fail, but that's besides the point.
<boomshroom>
How can I specify options to gcc and ld from config.nix?
<Infinisil>
Only people that don't know nix wouldn't want it, so if they reject it you can be sure they didn't look into it xD
apeyroux has quit [(Quit: Lost terminal)]
apeyroux_ has quit [(Quit: Lost terminal)]
<clever>
boomshroom: you would need to make an override to stdenv.mkDerivation
apeyroux has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] bennofs pushed 1 new commit to master: https://git.io/vQ0ZZ
Guest32701 has quit [(Remote host closed the connection)]
<armijn>
sigh. I am trying to get toybox to build, but for some reason it barfs with compilation errors. When I build it 'natively' on Fedora 25 it 'just works'
<hodapp>
sigh. so far, still getting 404 errors from nginx *only* on PHP files, but the headers for the request are telling me that the errors are coming from PHP and not nginx
apeyroux has quit [(Quit: Lost terminal)]
<armijn>
lots of sighing tonight...
<hodapp>
it boggles my mind how ridiculously difficult it is to get at *any* sort of diagnostic information in configurations like this
<clever>
hodapp: i would throw strace at the nginx process, and then see what it says
apeyroux has joined #nixos
<gchristensen>
hodapp: would youo like to see how I run nginx + php?
<boomshroom>
ok... what fields to I set in the stdenv override to change optomisation settings?
<hodapp>
gchristensen: is your configuration comparable to what I'm trying to do?
<boomshroom>
I specifically want -march=native and -Os
<hodapp>
clever: strace is telling me...... I really don't know what
apeyroux has quit [(Client Quit)]
<clever>
hodapp: throw it all in a pasetbin
<clever>
boomshroom: nix goes out of its way to remove march=native from the flags
<hodapp>
it's mostly just not telling me anything. I'm at the browser force-refreshing this page and I don't see new lines arriving
<gchristensen>
hodapp: I don't know
<boomshroom>
clever: I figured if I was building from source anyways and storing it on a shared drive, I may as well get the most out of it.
<gchristensen>
hodapp: use curl
<hodapp>
how will curl help me here?
<gchristensen>
no cache
<clever>
hodapp: what pid's do you see in "ps aux | grep nginx" ?
<boomshroom>
I at least want -Os to keep my disk usage down.
<hodapp>
gchristensen: I can bypass the cache just fine in the browser
<gchristensen>
ok
<hodapp>
clever: master, worker, and 10 php-fpm processeses running as nginx user (but not nginx itself I guess)
<clever>
hodapp: try passing all of the nginx processes to strace, with strace -p <pid1> -p <pid2>
<boomshroom>
Sorry, I'm heading out now. I might catch up tonight but I don't know. In the meantime, nix-repl will continue to build. Bye!
<boomshroom>
Happy Canada day!
<clever>
322 # intended to be used like nix-build -E 'with <nixpkgs> {}; enableDebugging fooPackage'
<clever>
so now repeat the same thing agaist the php-fpm workers
ilyaigpetrov has quit [(Quit: Connection closed for inactivity)]
apeyroux has joined #nixos
<clever>
hodapp: it may also help to add "-s 5000" to the strace args
orivej has quit [(Remote host closed the connection)]
<hodapp>
looks like one of the paths was wrong in the fastcgi configuration... but with fixing that, I now have just a blank page for any PHP file I request
faffolter has quit [(Ping timeout: 260 seconds)]
<clever>
what does the fpm-worker strace look like now?
Jackneilll has quit [(Remote host closed the connection)]
<clever>
2017-07-01 18:15:54 < mst> PHP isn't a language, it's a malignant perl templating engine that metastasised
<clever>
hodapp: i saw this in another irc room about an hour ago
mkoenig has quit [(Remote host closed the connection)]
<hodapp>
I feel like things just go this way every single time I try to make a PHP web application play nice with anything
<clever>
hodapp: ah, i think the 2 lines gchristensen linked will help a lot
<hodapp>
gchristensen: I'll try that
<clever>
they should land in the journal for the phpfpm service
k0001_ has quit [(Ping timeout: 248 seconds)]
<hodapp>
I guess there's always the option of firing up another container and just using some proxy settings from one nginx to another
<hodapp>
and letting it piggyback off of the existing SSL
mkoenig has joined #nixos
<hodapp>
php-fpm[250]: [ALERT] [pool main] user has not been defined, php-fpm[250]: [ERROR] failed to post process the configuration, php-fpm[250]: [ERROR] FPM initialization failed
<hodapp>
then "php-fpm[257]: [NOTICE] ready to handle connections"... what?
<hodapp>
well, phpfpm-main is now definitely failing to start
<hodapp>
but what "user"? it's configured to run everything as user nginx
justelex has quit [(Quit: Konversation terminated!)]
<hodapp>
okay, I solved that error (and then another) by basically copying gchristensen's configuration... and PHP pages are *still* just blank
Jackneill has quit [(Read error: Connection reset by peer)]
Jackneill has joined #nixos
<clever>
hodapp: it may also help to set it to 1 worker, then stop the systemd unit, and manualy run the command defined in /etc/systemd/system/phpfpm.service under strace -f
<clever>
then you can see what its doing on startup
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/vQ0cn
<hodapp>
ugh, I am debating just putting this in its own container and seeing if the configuration out of the box is even capable of working right
<clever>
a nixos container would have nearly identical config
<hodapp>
right now it's in a container that I'm trying to share with my existing nginx config
<hodapp>
and why I'm here is because tt-rss only sets up nginx configuration if you tell it to use a virtualhost
<hodapp>
I have no idea if tt-rss.nix even works out of the box or not, or if it just ships broken and no one noticed
<hodapp>
but this "PHP gives me a blank page" issue comes up online more than any issue like this ever should
<clever>
yeah, it doesnt really make much sense
<clever>
id have to cross-reference the php source to see whats going on
<tilpner>
A no-changes $ nixos-rebuild switch timing comes out at 6.55s user 0.88s system 7% cpu 1:36.48 total for me. That seems way too long, and most of its time is spent in "setting up tmpfiles", which calls out to systemd-tmpfiles. Did anyone have a similar problem?
bennofs has quit [(Ping timeout: 255 seconds)]
<hodapp>
it happens identically if I just put a hello-world PHP file in ttrss's directory
<clever>
hodapp: what does the strace look like if you stop the systemd unit, and run the full php-fpm command under strace?
<hodapp>
hrmph. okay, I had the wrong pool name, and I tried to fix that, but if I use the systemd service, I get the 200 OK & blank page, while if I run separately and with strace, 502 Bad Gateway
mbbx6spp has quit [(Client Quit)]
<Infinisil>
Umm where is the nix.conf file supposed to be? The manual says sysconfdir/nix/nix.conf, but what is sysconfdir?
<LnL>
it's /etc/nix/nix.conf by default
<Infinisil>
Ah thanks
<clever>
hodapp: can you gist the entire strace output when you manually run it?, i can check it for odd errors that explain the 502
<hodapp>
ack, I just needed to copy some of Environment, that's all
<clever>
ah, i suspected that, but didnt see anything in the module i previously linked
<NixOS_GitHub>
[nixpkgs] corngood opened pull request #27026: rustc: Provide unpacked source tree derivation for use in tools (master...rust-racer-fix) https://git.io/vQ0Wh
NixOS_GitHub has left #nixos []
<clever>
hodapp: oh fun, lol, it reads the php-fpm config one byte at a time!
<clever>
that will kill performance, but it only happens once
slyfox_ has joined #nixos
<hodapp>
at a certain point it is probably easier for me to just find a damn RSS reader that isn't a PHP dumpster-fire, and write my own Wallabag plugin for it
slyfox has quit [(Ping timeout: 240 seconds)]
<clever>
:D
eacameron has quit [(Ping timeout: 240 seconds)]
<hodapp>
tt-rss.nix already requires so much manual management bullshit that I don't know why I'm even bothering
<hodapp>
there's probably a Dockerfile someplace I can just run instead and pass it through a proxy or something
jgertm has joined #nixos
aneeshusa has joined #nixos
<hodapp>
if I do run this in a separate NixOS container, it's not even clear to me how to get the virtualhosts setup right... would I just put nginx on a separate port or something?
carlosda1 has joined #nixos
simukis has quit [(Ping timeout: 240 seconds)]
mudri has joined #nixos
ris has joined #nixos
koserge has quit [(Ping timeout: 240 seconds)]
<clever>
hodapp: nixos containers get their own instance of the networking stack
<clever>
hodapp: so you can then setup the container on the same port, and give it a unique ip
hamishmack has joined #nixos
nckx has quit [(Quit: restarting my GuixSD server)]