<Infinisil>
python-packages.nix is for aggregating development packages
<Infinisil>
If you have an application that just happens to use python, this needs to go into the proper directory, then use all-packages.nix to make it available
<rodarmor>
Infinisil: In this case it's a python module with no binaries called feedgen, so the expression should go in "pkgs/development/python-modules/feedgen/default.nix"?
takle has quit [(Ping timeout: 260 seconds)]
eschnett has joined #nixos
<Infinisil>
rodarmor: sounds good
<rodarmor>
Infinisil: Cool, I'll give it a shot :)
<Infinisil>
I'm not sure when to inline those packages, but I think it's good practice to not inline them, python-packages.nix is already very bloated
<Infinisil>
Damn, python-packages.nix has almost 30000 lines..
<rodarmor>
Infinisil: Is there a general guide to contributing packages? Should I test the expression I'm writing on my live system, or in some other way?
mizu_no_oto has joined #nixos
<Infinisil>
rodarmor: Build it with sandboxing enabled would be nice
<Infinisil>
And other than that there's not really much to do with python modules i guess. You could of course test it a bit
<cstrahan>
Review of the above would be greatly appreciated ^^^
<Infinisil>
fresheyeball: Ah yes, all packages installed in your user profile get linked to the profiles binary directory which is that ~/.nix-profile/bin folder
<fresheyeball>
right
<fresheyeball>
but some packages define their binaries at the root of the $out folder
<fresheyeball>
and others have $out/bin
<fresheyeball>
how does it know?
<Infinisil>
fresheyeball: All packages should put their binaries in $out/bin, which packages doesn't?
<Infinisil>
don't*
<fresheyeball>
hmm
<fresheyeball>
maybe I am wrong, and its just my stuff that doesn't use $out/bin
<fresheyeball>
because I didn't know better
<Infinisil>
fresheyeball: Ahh, probably that's why it didn't installi t
alx741 has quit [(Quit: alx741)]
_rvl has quit [(Ping timeout: 240 seconds)]
Fare has quit [(Quit: Leaving)]
<fresheyeball>
Infinisil: makes sense
rauno has quit [(Ping timeout: 248 seconds)]
filterfish_ has joined #nixos
filterfish has quit [(Read error: Connection reset by peer)]
cpennington has quit [(Remote host closed the connection)]
reinzelmann has joined #nixos
kiloreux has quit [(Ping timeout: 260 seconds)]
<rodarmor>
Infinisil: Okay, I an expression for the module, feedgen, and can do `nix-env -f . -iA python36Packages.feedgen`
<rodarmor>
How can I test that it's actually working? For example, spin up an interpret where I can do "import feedgen" etc
<rodarmor>
I'm trying `nix-shell -I . -p python36Packages.feedgen` but not having any luck. I'm inside my checkout of nixpkgs, but I don't think nix-shell is seeing it
<Infinisil>
rodarmor: You could also just write your normal python nix expression with that package, somewhere in a file and then build it with nix-build -I path/to/your/nixpkgs/checkout
<Infinisil>
nix-shell is better to test though, much quicker
sary has joined #nixos
<rodarmor>
Infinisil: Cool, it works in nix-shell. I can import and use the python module as expected. Should I also test it using the sandbox?
<Infinisil>
rodarmor: It's good practice yeah, I just have nix.enableSandbox = true enabled all the time in my configuration.nix
<Infinisil>
umm, nix.useSandbox = true;
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] falsifian opened pull request #28031: rftg: init at 0.9.4 (master...rftg) https://git.io/v7693
NixOS_GitHub has left #nixos []
MercurialAlchemi has joined #nixos
<Infinisil>
You can also just pass `--option build-use-sandbox true` (if i remember correctly) rodarmor
<rodarmor>
Infinisil: Sweet, building with sandbox worked, I'll submit a PR
<adisbladis>
rodarmor: I'm always using a sandbox and haven't had any issues with it so far
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] casey opened pull request #28032: python.pkgs.feedgen: init at 0.5.1 (master...feedgen) https://git.io/v769X
NixOS_GitHub has left #nixos []
<rodarmor>
Oh yeah, first nixpkgs PR
silver_hook has joined #nixos
silver_hook has quit [(Changing host)]
silver_hook has joined #nixos
<sphalerite>
Ralith: yes, sorry, autocorrect. Phone is not ideal device for writing nix expressions :p
<Ralith>
^^
kiloreux has joined #nixos
oida has joined #nixos
<adisbladis>
rodarmor: You can use the fetchPypi helper
<cocreature>
hey, I’m wondering, when does the unstable channel update?
<Infinisil>
kiloreux: Including what exact command you ran that gives the problem
filterfish_ has quit [(Ping timeout: 258 seconds)]
<kiloreux>
Alright Infinisil, Will do.
takle has joined #nixos
<Infinisil>
cocreature: Since a month or so it doesn't update automatically for some reason. It has been fixed by a few people last time (a bit ago), but not permanently. I think these are the tests that need to succeed in order for nixos-unstable to be updated: https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents
<rodarmor>
adisbladis: Sweet, thanks for the tip
<fresheyeball>
hey
<fresheyeball>
how to escape `${}` stuff in bash?
<fresheyeball>
I want to write a script that when called takes arguments
<fresheyeball>
${1-latest}
<fresheyeball>
backslash doesn't work
<Infinisil>
cocreature: I think it's some issue with the VM used for these tests
<adisbladis>
rodarmor: I'd just use fetchPypi instead of pythonPackages.fetchPypi
<Infinisil>
fresheyeball: ''${hi}
<Infinisil>
then ${} doesn't get interpreted as a nix expression
<cocreature>
Infinisil: ah ok, thanks!
<Infinisil>
e.g. '' foo ''${bar} hello '' if you're using quotes: " foo \${bar} hello "
periklis has joined #nixos
<rodarmor>
adisbladis: Ah gotcha, I was cargo culting :P
inflames has quit [(Ping timeout: 246 seconds)]
takle has quit [(Ping timeout: 268 seconds)]
filterfish has joined #nixos
<kiloreux>
nixpkgs doesn't seem to support libopencore_amrwb for some reason.
<kiloreux>
is there a specific reason or I can just implement it myself ?
pie_ has quit [(Ping timeout: 260 seconds)]
grisher has quit [(Ping timeout: 255 seconds)]
<adisbladis>
rodarmor: Added another comment :)
<Infinisil>
kiloreux: There just doesn't seem to be a need for it until now. Sure, go ahead ;)
<Infinisil>
If you need it for something (otherwise we can't even be sure it works)
<Infinisil>
Ahh, i see ffmpeg and mplayer could use opencore
<kiloreux>
Exactly :D
<kiloreux>
Especially ffmpeg
<kiloreux>
i can see it's mentioned as unpackaged in ffmpeg-full.
<Infinisil>
kiloreux: What is opencore even used for?
<kiloreux>
It's a speech codec.
<rodarmor>
adisbladis: Oh cool, sweet, I forgot it was in scope
<Infinisil>
kiloreux: Ahh
sellout- has joined #nixos
<kiloreux>
Infinisil, do you an idea where to start? (Never added a package to nixpkgs, hoping ti will be my first contribution :D )
<rodarmor>
adisbladis: Should I force-push changed commits to the PR branch, or push additional commits to be squashed later?
reinzelmann has joined #nixos
<sphalerite>
rodarmor: depends on the scale of the changes.
<rodarmor>
sphalerite: This is a pretty minor PR, just a python package
<sphalerite>
rodarmor: in the case of your current PR, I'd say force push
<adisbladis>
sphalerite: In this case it's just tiny changes, so I'd say rebase & force push
<rodarmor>
sphalerite: adisbladis: cool, will do
<Infinisil>
kiloreux: I don't know much about lib packaging, I would just look at how the others are done, nixpkgs is full of examples
<Infinisil>
kiloreux: (you still need to fill out the issue template for your issue though, nobody's gonna be able to even reproduce it in its current state)
jsoo has joined #nixos
eacameron has quit [(Remote host closed the connection)]
<kiloreux>
Infinisil, Yeah totally aware of that. Will have to do it late (read that in a few hours). Since I have priority issues now.
<hyper_ch>
what's wrong with nixos-unstable again?
<Infinisil>
hyper_ch: Doesn't update, yet again
<MP2E>
I just run off of git master :) been doing that for 2 years
<MP2E>
haha
jsoo has quit [(Client Quit)]
<Infinisil>
MP2E: :O
sellout- has quit [(Quit: Leaving.)]
<MP2E>
rebuild times can be painful if you catch it right after a staging merge
<MP2E>
but in general it's not too bad
<MP2E>
and in those occasions you can just wait.
ebzzry has quit [(Ping timeout: 240 seconds)]
<Infinisil>
I'm just thinking, Mozilla has had great success with its 6 weeks release cycle, how about doing something like this for nixpkgs?
<Infinisil>
Smaller releases, but more often
<Infinisil>
Like a middle ground between stable (6 months) and unstable (12 hours i think
<sphalerite>
does networking.interfaces get ignored if network-manager is enabled?
<Infinisil>
sphalerite: From the description of networkmanager.enable I think they don't
linarcx has joined #nixos
<Infinisil>
Whether to use NetworkManager to obtain an IP address and other
<Infinisil>
configuration for all network interfaces that are not manually
<Infinisil>
configured.
<adisbladis>
MP2E: Recently it's been pretty painful as a kde user...
<sphalerite>
right
<sphalerite>
hm
<adisbladis>
Lot's of breakage
filterfish has quit [(Ping timeout: 246 seconds)]
<Infinisil>
adisbladis: Well, you can help fixing it :D
<kiloreux>
What does "variable $src or $srcs should point to the source" mean exactly?
<linarcx>
why there is no dock application in pkgs(like docky and cairo-dock)?? only latty-dock exists that it is not very good.every body has another alternative?
<Infinisil>
adisbladis: What's an example of KDE breakage?
<sphalerite>
kiloreux: it means the unpackPhase wants a $src to unpack but isn't finding one
<adisbladis>
Infinisil: Well I have to some extent, but most of the breakage is beyond my comprehension of nix
<sphalerite>
kiloreux: there are multiple ways to fix it, depending on what you want to do. If you still want to use mkDerivation you should specify an src or replace the unpackPhase with ":"
<kiloreux>
Shouldn't giving a url be enough for it to be done automatically?
<adisbladis>
Infinisil: There were some changes to cc-wrapper which made Qt not find the xcb backend
<sphalerite>
kiloreux: if you just want a script to build a derivation and don't want to use the stdenv build script you can use runCommand instead, or set buildCommand as appropriate
<rodarmor>
linarcx: I'm using dockbarx, which is pretty good. There's an xfce plugin, xfce.xfce4_dockbarx_plugin if you want to use it in xfce
<Infinisil>
kiloreux: Nah, have a look at other mkDerivations
<sphalerite>
kiloreux: no, you need to use fetchurl if you want to use something remote
<MP2E>
ah, that makes sense. Guess it depends what you use
<MP2E>
i've been using xmonad and just some terminal stuff
<sphalerite>
kiloreux: so that you can specify a hash and preserve the effective purity of the expression
<Infinisil>
MP2E: Xmonad too for me, no DE, gnome-terminal and firefox as browser, don't need much more
<kiloreux>
sphalerite, Infinisil Got it. Thank you.
<adisbladis>
MP2E: But I'm still pretty happy on master :) Worst case I can just do a rollback
<Infinisil>
MP2E: May I peek at you xmonad.hs?
<sphalerite>
adisbladis: if a rollback helps it's not the worst case ;)
<MP2E>
hasn't deviated too much from the default but there's a few custom things :) like creating 10 workspaces for each monitor it detects
<MP2E>
and changing some default behaviors there
endformationage has quit [(Quit: WeeChat 1.9)]
<Infinisil>
MP2E: Nice, thanks
sellout- has joined #nixos
<kiloreux>
I just created a nix file to install libopencore and it was installed successfuly in the nix store as following /nix/store/wz88lgd0bd69mhbjnyllrqjxfnsm7nky-amrnb-11.0.0.0/lib
<adisbladis>
sphalerite: Hehe :) I'm sure there are worse cases but not hit any (yet)
<kiloreux>
However running ffmpeg and requiring libopencore always gives me the error that it's not available :(
<Infinisil>
^^ MP2E
<spacefrogg>
kiloreux: Is ffmpeg aware that your library is there?
<MP2E>
ooh a transparent hook, neat! didn't know you could do that in xmonad.
<Infinisil>
kiloreux: Have you set outputs = [ "dev" ] or so?
<MP2E>
I have a transparent terminal but that's a urxvt setting + compton being enabled.
<linarcx>
rodarmor: im using kde plasma. can i still use dockbarx?
<kiloreux>
Infinisil, no. spacefrogg not sure how I would do that except for enabling library flags ?
<spacefrogg>
Add it to buildInputs of the ffmpeg derivation.
<Infinisil>
MP2E: I actually disabled this, because I didn't make it so you could disable it on certain scenarios. E.g. fullscreen youtube is very bad with transparency..
jonte_ has joined #nixos
<MP2E>
haha :p
<MP2E>
that makes sense. hm
<rodarmor>
linarcx: Hmm, not sure, I have very little experience with KDE
<Infinisil>
MP2E: I bet if i knew how xmonad works a bit better, I could come up with a much more elegant solution
eacameron has joined #nixos
jsoo has quit [(Client Quit)]
<kiloreux>
Should I add the name of the package (name property inside nix file) ?
<kiloreux>
or the .nix filename ?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh pushed 1 new commit to master: https://git.io/v767W
<NixOS_GitHub>
nixpkgs/master 739b4b4 Frederik Rietdijk: searx: fix typo, fixes #28015
NixOS_GitHub has left #nixos []
<Infinisil>
kiloreux: Just look at how other packages do it..
<Infinisil>
kiloreux: pkgs/development/libraries
<spacefrogg>
Make your library appear in all-packages.nix then include the name of the attribute in the argument list at the top of ffmpeg derivation nix file.
<MP2E>
This is somewhat random, but I dealt with awful screen-tearing on most fullscreen programs in xmonad for something like 6 months. If you have this issue, enable a compositor like compton in your /etc/nixos/configuration.nix file, it fixes it.
<MP2E>
or at least it did on both my nvidia desktop and intel integrated graphics laptop
<Infinisil>
MP2E: Yeah I know, I think that's pretty normal with default X without any compositor that "fixes" it
<MP2E>
ah, good to know. drove me nuts for a while :P
<Infinisil>
MP2E: I actually disabled compton again, because it caused horrible artifacts on my big external monitor..
<Infinisil>
Screen tearing doesn't bother me much though, only rarely notice it on videos
eacameron has quit [(Ping timeout: 255 seconds)]
<Infinisil>
Oh, found the image again, this is what the external monitor looked like with compton enabled..: http://i.imgur.com/6IRZVoL.jpg ( MP2E )
<srhb>
What's the rationale for nix not deleting recovery.conf for postgresql when configuration.nix ceases to reference it in any way?
<srhb>
It's scary.
<linarcx>
i set locale to en_US.UTF-8. i have to languages activated in plasma."ENGLISGH" and "PERSIAN". but when i open some applicatino like hexchat or gimp, application open in RTL format, means all menu show in rtl format.how to fix this problem?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Profpatsch opened pull request #28033: pkgs/haskellPackages: add nativeBuildInputs to shell env (master...haskellPackageEnv-addTools) https://git.io/v765e
NixOS_GitHub has left #nixos []
<hyper_ch>
Infinisil: well, it it's been like 30 days now since I could update.... 11 days ago it was updated but vbox failed... the last 11 days no updates
<Infinisil>
srhb: Does garbage collection not delete it?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/v7653
<NixOS_GitHub>
nixpkgs/master c8e9682 makefu: influxdb module: collectd.port is now called bind-address...
<Infinisil>
srhb: seems to be a symlink to the file in the store, so I'd think it gets deleted like all other stuff in the store (which is not instantly)
<srhb>
Infinisil: From the nix store, sure, presumably, but the symlink in /var/lib/postgresql, I doubt it.
<Infinisil>
srhb: Ahh yes
<Infinisil>
that's the same with all packages
<Infinisil>
stuff in /var just gets created, but nobody want's to accidentally delete something that got written there
<srhb>
Yikes.
sellout- has quit [(Quit: Leaving.)]
<Infinisil>
srhb: You could have modified the file yourself, so it wouldn't be a symlink anymore
nslqqq has quit [(Ping timeout: 246 seconds)]
<srhb>
Sure, I could have done all sorts of stupid things, but having to factor in "when are things gc'ed" is terrifying.
<srhb>
Though I suppose if the symlink still exists, at least it won't get removed.
<Infinisil>
hyper_ch: You could use the nixos-unstable-small channel
<sphalerite>
linarcx: so it's in English but RTL?
<hyper_ch>
Infinisil: I could
<linarcx>
yes.
<Infinisil>
srhb: It probably will, nix doesn't pay attention to all symlinks in the system
nslqqq has joined #nixos
<Infinisil>
srhb: only if its referenced by a gcroot, it won't be removed
<Infinisil>
srhb: Also if you want to delete something without waiting for GC you can do nix-store --delete /nix/store/...
<Infinisil>
And you can add an indirect gc root with nix-store --add-root /var/lib/postgresql/recovery.conf --indirect /nix/store/actual-recovery.conf
<sphalerite>
linarcx: nice… I don't know much about KDE/Plasma/Qt unfortunately, nor about the pains of bidi, let alone those things on nixos. But you may want to ask on a KDE/plasma channel, I think you're more likely to find someone who can help you there
<Infinisil>
Then when you delete /var/lib/postgresql/recovery.conf, the gc will collect the file in the store ( if it's not being referenced by anything else) ( srhb )
filterfish has joined #nixos
jsoo has quit [(Ping timeout: 246 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh pushed 2 new commits to master: https://git.io/v765b
<NixOS_GitHub>
nixpkgs/master 2141086 Casey Rodarmor: python.pkgs.feedgen: init at 0.5.1
<NixOS_GitHub>
nixpkgs/master 0734fb2 Frederik Rietdijk: Merge pull request #28032 from casey/feedgen...
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh pushed 1 new commit to staging: https://git.io/v765A
<NixOS_GitHub>
nixpkgs/staging 89af5d9 Frederik Rietdijk: Merge remote-tracking branch 'upstream/master' into HEAD
NixOS_GitHub has left #nixos []
<kiloreux>
When submitting a new PR for a package should I add my name also to maintainers.nix or just leave the maintainer field empty?
<Infinisil>
kiloreux: If you feel like maintaining it (which usually doesn't involve much), you should add yourself to meta.maintainers (and therefore also maintainers.nix
linarcx has quit [(Ping timeout: 240 seconds)]
jonte_ has quit [(Ping timeout: 255 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] kiloreux opened pull request #28034: opencore-amr init at 0.1.5 (master...libopencore) https://git.io/v76d8
<Infinisil>
kiloreux: I left some review comments on your PR :)
filterfish has quit [(Ping timeout: 255 seconds)]
_rvl has joined #nixos
arximboldi has joined #nixos
isHavvy has joined #nixos
Havvy has quit [(Ping timeout: 240 seconds)]
dshin is now known as dshin-california
goibhniu has joined #nixos
_rvl has quit [(Ping timeout: 240 seconds)]
filterfish has joined #nixos
rtjure has quit [(Ping timeout: 268 seconds)]
Myrl-saki has joined #nixos
ertes has quit [(Ping timeout: 246 seconds)]
filterfish has quit [(Ping timeout: 255 seconds)]
Arcaelyx has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
jonte_ has joined #nixos
fre has joined #nixos
arximboldi has quit [(Quit: arximboldi)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti pushed 3 new commits to master: https://git.io/v76xo
<NixOS_GitHub>
nixpkgs/master 142df08 Peter Simons: hackage2nix: update list of broken packages
<NixOS_GitHub>
nixpkgs/master 35dd36a Peter Simons: hackage-packages.nix: automatic Haskell package set update...
<NixOS_GitHub>
nixpkgs/master 550373b Peter Simons: cabal-install: fix build after updating to version 2.x
NixOS_GitHub has left #nixos []
snikkers has joined #nixos
thc202 has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] globin pushed 1 new commit to staging: https://git.io/v76xh
<NixOS_GitHub>
nixpkgs/staging 67a41ea Robin Gloster: cc-wrapper: fix set -u errors...
NixOS_GitHub has left #nixos []
ison111 has quit [(Ping timeout: 255 seconds)]
Infinisi1 has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] globin pushed 1 new commit to staging: https://git.io/v76p4
<NixOS_GitHub>
nixpkgs/staging 3e981b9 Robin Gloster: Revert "cc-wrapper: fix set -u errors"...
NixOS_GitHub has left #nixos []
zraexy has quit [(Ping timeout: 260 seconds)]
Infinisil has quit [(Ping timeout: 255 seconds)]
bkchr has quit [(Ping timeout: 240 seconds)]
linarcx has joined #nixos
<linarcx>
Infinisil: i fix it:) remove persian language from language setting and all software open in rtl mode now.
fre has quit [(Ping timeout: 255 seconds)]
pietranera has joined #nixos
<pietranera>
Hello, I have a nixOPS question... is it possible to customize or remove the SSH key pairs generated by NixOps? E.g. instead of using those can I specify a key pair in users.users.root ?
Infinisil has joined #nixos
mudri has joined #nixos
Infinisil has quit [(Remote host closed the connection)]
Infinisi1 has quit [(Ping timeout: 240 seconds)]
ertes-w has joined #nixos
eacameron has joined #nixos
jensens has joined #nixos
fre has joined #nixos
eacameron has quit [(Ping timeout: 268 seconds)]
LinArcX2 has joined #nixos
wigust has quit [(Read error: Connection reset by peer)]
Infinisil has joined #nixos
rtjure has joined #nixos
sary has quit [(Remote host closed the connection)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] domenkozar pushed 1 new commit to master: https://git.io/v7iel
<NixOS_GitHub>
nixpkgs/master a082215 Domen Kožar: hydra: 2017-07-24 -> 2017-07-27
NixOS_GitHub has left #nixos []
rigelk has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] domenkozar pushed 1 new commit to release-17.03: https://git.io/v7ieP
<NixOS_GitHub>
nixpkgs/release-17.03 f40f2f2 Domen Kožar: hydra: 2017-07-24 -> 2017-07-27...
NixOS_GitHub has left #nixos []
bkchr has joined #nixos
LinArcX2 has quit [(Read error: Connection reset by peer)]
<pietranera>
Asking again... Hello, I have a nixOPS question... is it possible to customize or remove the SSH key pairs generated by NixOps? E.g. instead of using those can I specify a key pair in users.users.root ?
<jophish>
Infinisil: thanks :) NixOS is running alongside an FPGA, trying to get the FPGA reprogramming from a store path today
<jophish>
pietranera: not as far as I know. You could open an issue on github about this, at the very least the documentation could be improved to explain why this isn't the case
<NixOS_GitHub>
[nixpkgs] roberth opened pull request #28036: frog: init at v0.13.7 (master...frog) https://git.io/v7iTu
NixOS_GitHub has left #nixos []
roberth has joined #nixos
dywedir has joined #nixos
MP2E has quit [(Quit: sleep)]
mpcsh has quit [(Quit: THE NUMERICONS! THEY'RE ATTACKING!)]
mpcsh has joined #nixos
cmacrae has joined #nixos
<cmacrae>
Hey peeps o/ I've got a package definition for a Golang package I want installed on my system. How can I express, declaratively, in my nixpkgs configuration that I want this Golang package to be installed? Forgive my ignorace, I'm new to this
<mpickering>
Does doJailbreak interact poorly with cabal flags sometimes?
Tucky has joined #nixos
<mpickering>
cmacrae: Are you using nixos?
<mpickering>
You should modify /etc/nixos/configuration.nix to specify which packages you want installed globally
<mpickering>
or more usually, have a shell.nix which specifies the build environment for each project you have
<_ts_>
Hi there, I'm trying to measure the interest in extension for NixOS which allows to manage user environments in a declarative way, named NixUP, and so I wanted to bring this PR/comment to your attention: https://github.com/NixOS/nixpkgs/pull/9250#issuecomment-320860635
<cmacrae>
mpickering: I'm using nix-darwin by LnL :) So, I'm not sure how I should express this.
<avn>
`/nix/store/3sc41zrs4ci4dy5p3ga95l7bszr82jda-qttools-5.9.0-dev/bin/lrelease: error while loading shared libraries: libQt5Xml.so.5: cannot open shared object file: No such file or directory` any ideas how to fix it?
<_ts_>
It would be nice to get as much feedback as possible, so it would be great if you could forward this to anyone you know who might be interested.
<mpickering>
You are probably better putting it in a per-project configuration tbh
<_ts_>
thanks! ;)
<LnL>
cmacrae: :D
<cmacrae>
mpickering: Hmm, well, I rely on gometalinter to do my linting from Emacs. So, right now I've got it installed manually - but I'd like to be able to express it declaratively
<mpickering>
I'm not an expert sorry for not being able to help
<cmacrae>
Sure, no problem :)
pbogdan has quit [(Ping timeout: 268 seconds)]
pbogdan has joined #nixos
<avn>
globin: do you hit same problem with libQtXml.so?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] 7c6f434c pushed 2 new commits to master: https://git.io/v7iqL
<NixOS_GitHub>
nixpkgs/master da7755b adisbladis: networkmanager service: use unbound if enabled
<NixOS_GitHub>
nixpkgs/master 29c3ea0 Michael Raskin: Merge pull request #27925 from adisbladis/networkmanager_unbound...
NixOS_GitHub has left #nixos []
markus1199 has quit [(Ping timeout: 268 seconds)]
bgamari- has quit [(Ping timeout: 268 seconds)]
Moredread has quit [(Ping timeout: 268 seconds)]
bgamari has joined #nixos
markus1189 has joined #nixos
andromeda-galaxy has quit [(Ping timeout: 268 seconds)]
epta has quit [(Ping timeout: 268 seconds)]
andromeda-galaxy has joined #nixos
epta has joined #nixos
gm152 has joined #nixos
CustosLimen has quit [(Ping timeout: 268 seconds)]
erictapen has joined #nixos
CustosLimen has joined #nixos
arximboldi has joined #nixos
roberth has quit [(Ping timeout: 255 seconds)]
cmacrae has quit [(Ping timeout: 260 seconds)]
Myrl-saki has quit [(Remote host closed the connection)]
elurin has left #nixos ["ERC (IRC client for Emacs 25.2.1)"]
<unlmtd>
jophish: yes Im aware of notos, but I havent found a reason to go towards runit in particular (openrc would probably make the most sense in terms of maturity I think) but I was really interested in making a wayland-only nix tree
nslqqq has quit [(Ping timeout: 276 seconds)]
<unlmtd>
nix is the best tool for the job and a wayland-first distro might bring a lot of enthusiasm
<unlmtd>
for both nix and wayland
<unlmtd>
graphics is the last straw that keeps open source interfaces from winning. X cant do it
<jophish>
mpickering: yeah, I've had problems with that in the past
<jophish>
with Cassava in particular
<jophish>
unlmtd: how about adding wayland support for regular NixOS?
gnuhurd has joined #nixos
<jophish>
mpickering: the easiest solution is to provide a patch removing the bounds
<mpickering>
I worked around it now but took me a little while to work out why it was failing
<mpickering>
the package was proto-lens-protoc, this family of packages seem to be packaged in non-standard ways which is annoying
<jophish>
ah, we use that too. I remeber it was a small pain
<jophish>
however we seem to have jailbreak without any problems. Perhaps we have the right version of the non jailbroken dependency
<mpickering>
I'm using a HEAD build as well which complicates things
<mpickering>
That bit is all working now
<unlmtd>
jophish: for sure thats what we do first. but the nixpkgs tree is bound to see a suckless twin brother one day
roberth has joined #nixos
<unlmtd>
I dont know what it will take? some guys have ideas for a smaller nix? I dont know enough
Myrl-saki has joined #nixos
nslqqq has joined #nixos
<unlmtd>
but there are kernels out there being written that make linux look for the trashcan of history. so dissociating nix from the kernel is forward-thinking
<jophish>
unlmtd: There's guix already :)
simukis has joined #nixos
Phillemann has joined #nixos
<Phillemann>
Where can I check again how old nixos-unstable is and why its hydra jobs currently fail?
<Phillemann>
howoldis, or something, I forgot the URL.
<unlmtd>
jophish: is guix abstracting away the kernel?
<unlmtd>
oh I see what you mean
<jophish>
I think it runs on hurd
roberth has quit [(Ping timeout: 240 seconds)]
<Phillemann>
jophish: Ah, thank you.
<jophish>
np
<unlmtd>
I never tried guix and never felt the need
arximboldi has quit [(Remote host closed the connection)]
<unlmtd>
ahh it the gnu part that kept me away then, saw it right away. I dont like to splash ideological posters on projects of science. truth is apolitical
Phillemann has left #nixos ["WeeChat 1.9"]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] nonsequitur opened pull request #28039: ruby docs: simplify example (master...patch-3) https://git.io/v7i3R
NixOS_GitHub has left #nixos []
cpennington has joined #nixos
<gnuhurd>
what is the preferred way of searching in NixOS?
<gnuhurd>
the nix-env method described in configuration.nix is goddamn slow, it's faster for me to go on the webpage
<adisbladis>
gnuhurd: I have a local nixpkgs checkout which i grep in
<symphorien>
there is nox, which have a cache
<symphorien>
s/have/has
<dtz>
Fwiw new nix (unstable/1.12) has a "nix search" that looks pretty useful and addresses this common pain point
<mbrock>
unlmtd: let's not have a big debate about this, but GNU is from the start a so-called "political" project, not a scientific one. Its founder was concerned that vendors were keeping system software proprietary, which he saw as a violation of rights
phreedom has quit [(Remote host closed the connection)]
pie_ has joined #nixos
dbe has joined #nixos
<LnL>
yeah there's some nice stuff in 1.12
<sphalerite>
When will it finally become nixos default?
_Vi has quit [(Ping timeout: 240 seconds)]
MoreTea has joined #nixos
jluttine has quit [(Ping timeout: 260 seconds)]
Phillemann has joined #nixos
Infinisil has quit [(Quit: leaving)]
uralbash has joined #nixos
jtojnar has quit [(Read error: Connection reset by peer)]
uralbash has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] ttuegel pushed 2 new commits to master: https://git.io/v7iC9
<NixOS_GitHub>
nixpkgs/master 5abfed0 Joe Hermaszewski: qt5: Add qtcharts submodule
<NixOS_GitHub>
nixpkgs/master ca6f159 Thomas Tuegel: Merge pull request #27013 from expipiplus1/qt-charts...
NixOS_GitHub has left #nixos []
<Phillemann>
Hm, I've created a package in an overlay (in $HOME/.config/nixpkgs/overlays/somename/default.nix, and nix-env -qaP | grep packagename even finds it, but nix-env -i packagename says it matches no derivations.
<Phillemann>
Ah, nevermind
Jackneill has quit [(Read error: Connection reset by peer)]
<Infinisil>
The way this person asks this question targets only people that know Julia, and the intersection between Julia + NixOS + on reddit + knows how to debug is pretty small..
<Infinisil>
</rant>
<Infinisil>
No I'm not really mad, we probably all did this at some point and we all had to learn how to properly do this once (or are still learning), but still
<thblt>
Is the filename "shell.nix" a convention, or is it used in nix-shell somewhere? It seems nix-shell defaults to default.nix when it has no arguments.
<thblt>
I'm asking because I'm working on a PR to the Borg emacs package manager to handle nix-shell, and I have to handle the cases where the user gives neither a package list nor a shell file.
<thblt>
My current strategy is: if there's no default.nix, pass an empty -p
<mpickering>
I am getting "no such file or directory" when trying to execute an excutable in the store, I go to the path and it's there.
<mpickering>
I can't run it directly by the command line either
<symphorien>
maybe the ELF interpreter is wrong
<symphorien>
or the shebang
<hedning[m]>
thblt`: I'm pretty sure that nix-shell defaults to shell.nix and default.nix in that order
<jophish>
mpickering: it's probably a 32 bit binary for a 64 bit system
rauno has quit [(Ping timeout: 276 seconds)]
ebzzry has joined #nixos
<mpickering>
How do I verify this?
<jophish>
mpickering: `file path/to/bin`
<jophish>
will say something like: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /nix/store/f111ij1fc83965m48bf2zqgiaq88fqv5-glibc-2.25/lib/ld-linux-x86-64.so.2
<thblt>
hedning[m]: thank you, will test that.
<thblt>
the error message didn't make it obvious.
<mpickering>
ok so I need to change the path somehow to the store version of ld
<jophish>
if the interpreter is missing, you get that (very unhelpful) error message
<jophish>
mpickering: it's using /usr/bin/ld-linux...?
<thblt>
indeed, it chokes on an empty shell.nix
<mpickering>
great thanks again Joe
<mpickering>
lib64/ld-linux-x86-64.so.2
<jophish>
thblt: nix-shell will default to shell.nix before default.nix
<_ts_>
Thanks to all those who replied already, very encouraging!
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] womfoo opened pull request #28041: Update {fork,power}stat to latest upstream (master...bump/powerstat-forkstat) https://git.io/v7ioD
NixOS_GitHub has left #nixos []
<clever>
domenkozar: what features did you enable in /etc/nix/machines ?
pie__ has quit [(Ping timeout: 240 seconds)]
<domenkozar>
clever: "kvm" "nixos-test"
et4te has quit [(Read error: Connection reset by peer)]
et4te has joined #nixos
jensens has quit [(Ping timeout: 240 seconds)]
<clever>
domenkozar: big-parallel and benchmark are also features that may occur
<clever>
big-parallel is of note because the kernel requires it
erictapen has quit [(Ping timeout: 240 seconds)]
peacememories has joined #nixos
dynamicudpate has joined #nixos
<domenkozar>
ahhh
<clever>
as in, the kernel build
<domenkozar>
you can't have two slaves with system = bla
<domenkozar>
but one with systems = [ bla bla]
<domenkozar>
..
<clever>
yeah, its a comma seperated list
erictapen has joined #nixos
<thblt>
If anyone uses Emacs with Borg as a package manager and is interested in nix-shell support, I'm about to send a PR to that effect, and would welcome any advice/opinion before doing so :)
<avn>
Folks, anyone can hint, how to troubleshoot situation when nix unable to realise /nix/store/5gz9n4mnz3cl77d0m7xxl44riqvsa3af-ghostscript-9.20.drv (it tell "don't know how to build path")
eacameron has joined #nixos
Rotaerk has quit [(Quit: Leaving)]
<avn>
and it only one machine problem, other one realise it w/o problem
<jophish>
zimbatm: Thanks for looking at git-fame, not quite sure what the issue is
fre has quit [(Quit: WeeChat 1.9)]
himmAllRight has quit [(Remote host closed the connection)]
<avn>
I manually checked, if all required derivations are in place
jsoo has joined #nixos
himmAllRight has joined #nixos
MercurialAlchemi has quit [(Ping timeout: 240 seconds)]
jsoo has quit [(Client Quit)]
fre has joined #nixos
gnuhurd has quit [(Remote host closed the connection)]
gnuhurd has joined #nixos
mudri has quit [(Ping timeout: 240 seconds)]
<avn>
nix-store -q --tree /nix/store/5gz9n4mnz3cl77d0m7xxl44riqvsa3af-ghostscript-9.20.drv show me tree on good machine, and nothing on bad one. So I have db corrupted? how I can repair it?
steven1 has joined #nixos
<steven1>
whois steven1
<steven1>
q
<clever>
avn: does that file exist on the "bad machine" ?
<avn>
well, I am liar ;) nix-store -q --hash /nix/store/5gz9n4mnz3cl77d0m7xxl44riqvsa3af-ghostscript-9.20.drv show me `path is not valid` on bad machine
<clever>
avn: how did the file get onto the bad machine?
<avn>
by evaluation of same git checkout of nixpkgs
<clever>
avn: try a nix-collect-garbage --max-freed=1m
<clever>
and then re-eval the same nixpkgs
jonte_ has quit [(Ping timeout: 268 seconds)]
pie_ has joined #nixos
steven1 has quit [(Quit: WeeChat 1.9)]
<avn>
clever: no result
<clever>
avn: what about nix-instantiate -A ghostscript
<clever>
it may turn up a different drv path
<avn>
error: path ‘/nix/store/5gz9n4mnz3cl77d0m7xxl44riqvsa3af-ghostscript-9.20.drv’ is not valid
<avn>
and no idea, _why_ it not valid
<clever>
did you just use the path another machine had made, or the output of nix-instantiate from the problem machine?
<avn>
sudo nix-store --verify --repair tell me about same error corrected, even if runned twice
<avn>
clever: .drv is identical, I compare file with sha1sum
<clever>
the path to the .drv is a hash of its contents
<clever>
so it will always have the same contents
<clever>
but nix cant repair anything it doesnt consider valid
<avn>
clever: no, it complain about unrelated paths
<avn>
path ‘/nix/store/5dhv6mrrs950qivni2bl4vxkhi215ibi-unit-script.drv’ disappeared, removing from database...
<avn>
and same error, if I rerun it right after
<clever>
avn: can you describe the problem system in more detail?, is it using nix-daemon?, how are you evaling the nixpkgs?
erictapen has quit [(Ping timeout: 276 seconds)]
<avn>
plain nixos systems, was 1 machine, which was cloned later
<avn>
I suspect just bit-rotting at some time
<clever>
how did you clone it?
<avn>
copy disk image (both are kvm guests)
<clever>
ah
<clever>
and how are you evaling that copy of nixpkgs to get the ghostscript drv?
<avn>
yes, both have identical (via git) /etc/nixos, and /etc/nixos/nixpkgs
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
<clever>
what command did you run on them?
<CrazedProgrammer>
hi guys, i'm trying to use the crate `sdl2` in a Rust program which i build with `cargo build`. I get an error saying ld cannot find `-lSDL2`, and even if i have the package SDL2 in my system/shell environment it still gives the error. my question is: can I provide some kind of environment variable that makes ld find it or should i make a default.nix with the library as buildInputs or should I completely change the build system using
<CrazedProgrammer>
build.rs? sorry if I sound stupid but there's 0 documentation on building rust programs with cargo that require linking to C shared libraries :/
<avn>
clever: usually just `sudo nixos-rebuild {test|switch}`, any lowlevels only if problems come
<clever>
avn: can you throw the entire console output into a gist?
<avn>
clever: I thinking about use some sqlite check tool, or just dump-kill-restore /nix/var/nix/db/*
<clever>
avn: sqlite is extremely hardened against corruption
<clever>
avn: i want to know what command you ran to get that ghostscript path, not what your running against it
<avn>
clever: `nix-instantiate -A ghostscript ./nixpkgs`, or just `rebuild switch`
mudri has joined #nixos
<avn>
nix-store --delete it and nix-instantiate recreate it again
ison111 has joined #nixos
<clever>
avn: does /etc/nix/nix.conf differ any?
grumble has quit [(Read error: Connection reset by peer)]
<avn>
same
<clever>
not sure then
grumble has joined #nixos
<avn>
clever: lol, even nix-store --dump-db compplains about path-not-valid
phinxy has joined #nixos
<avn>
so any ideas, copy db from healthy machine, then `nix-store --verify --repair`, then rebuild?
Sonarpulse has joined #nixos
<clever>
copying the db will cause massive problems
contrapumpkin has joined #nixos
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<avn>
clever: bigger than corrupted db?
<clever>
yeah
<clever>
it will try to delete all invalid paths, paths that the db says shouldnt exist
<clever>
which includes your entire nixos
jensens has joined #nixos
<avn>
Well, any other suggestions?
pie_ has quit [(Ping timeout: 240 seconds)]
drakonis has joined #nixos
<clever>
avn: cant think of anything else at the moment
<avn>
I understand, that just reinstall and rebuild is simpler way. But here some politic reasons, if I can't repair machine -- customer says I won't nixos, I want centos -- rpm --repairdb works there
erasmas has joined #nixos
gnuhurd has quit [(Remote host closed the connection)]
gnuhurd has joined #nixos
<clever>
avn: run another nix-collect-garbage, does the file exist?, dont run anything else
<avn>
error: cannot delete path ‘/nix/store/c47j3q3maxqgw1cb2b3ijqv092bx7hgc-HTTP-Negotiate-6.01.tar.gz.drv’ because it is in use by ‘/nix/store/542x1s2jpm5kxxshkkp8z8hfj8lyc4w8-perl-HTTP-Negotiate-6.01.drv’
<clever>
from just nix-collect-garbage??
<avn>
yep
<clever>
id reboot it and try again
<seequ>
Is it ok to add a package to nixpkgs without marking yourself as a maintainer?
<ndash_>
seequ: sounds irresponsible :)
<avn>
clever: ok, well, in worst case I try copy db, and then rebuild/boot/switch immediately
<seequ>
ndash_: Eh, I just built DCD to try D out and decided someone else might need it. :)
tmaekawa has joined #nixos
<CrazedProgrammer>
I found a solution to my problem. I did `env LIBRARY_PATH=/run/current-system/sw/lib cargo run`. I know this isn't a solution for building a rust program as a nix package but it works for basic `cargo run`. Hope this helps someone as I spent over 2 hours figuring this out :P
<avn>
error: error getting references of ‘/nix/store/k04z6ry3gsz5lbp3jd1nvsz71wkb40dp-th-lift-instances-0.1.11.drv’: database disk image is malformed
<avn>
finally, after reboot
<clever>
avn: another option, boot from an install cd, delete the nix database, run nixos-install
<clever>
avn: that will recreate the db and all store contents
<seequ>
That's clever.
<clever>
data and config files will persist
<avn>
clever: yep, if just reload db from healthy machine not help
<clever>
the nixos-rebuild will probably fail, because things are missing from the store, that the db claims exist
<clever>
a full wipe of /nix/store and the db.sqlite, and re-run nixos-install should recreate it all
takle has quit [(Remote host closed the connection)]
<clever>
just mount the existing partitions on /mnt
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/v7iHj
<NixOS_GitHub>
nixpkgs/master 82a4c5e Vincent Laporte: ImageMagick: fix Magick-config
NixOS_GitHub has left #nixos []
<avn>
clever: worst case, yes. I need someone to add install media, allow me console etc ;)
<clever>
avn: this creates a storepath containing kexec, and an install image
alx741 has joined #nixos
<clever>
run it, ssh back in, do the above, pray
goibhniu1 is now known as goibhniu
fre has quit [(Quit: WeeChat 1.9)]
jtojnar has joined #nixos
willprice has joined #nixos
peacememories has joined #nixos
<mpcsh>
I'm having the dumbest problem with chromium yall
<mpcsh>
every time I launch it, it asks if I want to set it as the default browser
<mpcsh>
every time I click yes
<mpcsh>
and then when I launch it next it asks me again
jensbin has joined #nixos
tmaekawa has quit [(Quit: tmaekawa)]
<clever>
mpcsh: tell it to stop asking
<clever>
its a glitch caused by how nix wraps things
<mpcsh>
clever: but it doesn't actually seem to be default - e.g. when I click a link in termite, it won't open
nwuensche has joined #nixos
<mpcsh>
clever: oop, nvm, was a problem with termite
jensbin has quit [(Client Quit)]
gnuhurd has quit [(Remote host closed the connection)]
gnuhurd has joined #nixos
<nwuensche>
Hello everybody. I currently try to install NixOS, and right now, I want to protect my system with sudo. I create a new user in the config file, but the user still can nix-env -i packages without sudo. I installed the package sudo and set security.sudo.wheelNeedsPassword = true; What can I do?
<gnuhurd>
nix-env -i installs packages for the user alone
<gnuhurd>
not system-wide
<mpcsh>
nwuensche: don't use nixos? the point of nix is that users can install packages for themselves
<willprice>
Hi, I'm trying to find unfree packages, and i was reading through https://github.com/NixOS/nixpkgs/issues/17126 but I'm still unsure what is the defacto method for finding them. Is it to `find` in the the `nixpkgs` repo?
bkchr has quit [(Ping timeout: 240 seconds)]
<mpcsh>
willprice: so you're trying to install something unfree?
<avn>
clever: btw, after this expirience -- I feel, I want to have db dumped daily
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti pushed 2 new commits to staging: https://git.io/v7i52
<NixOS_GitHub>
nixpkgs/staging e1d46c0 Taahir Ahmed: makeWrapper: Only wrap normal executable files...
<NixOS_GitHub>
nixpkgs/staging 67f37b7 Peter Simons: Merge pull request #24944 from ahmedtd/make-makewrapper-picky...
NixOS_GitHub has left #nixos []
<willprice>
mpcsh, well, I want to search through unfree packages, e.g is there a pycharm professional nix expression
<clever>
avn: sqlite has some pretty extreme testing on it, was the disk image cloned with the machine on or off?
<nwuensche>
gnuhurd: And this should be ok? I don't know if this could be a security flaw. Should I do something against that?
<gnuhurd>
it's okay
<gnuhurd>
it's not a security flaw
<avn>
clever: not sure, possible it was copied on the way
<mpcsh>
willprice: well you just need { allowUnfree = true; } in ~/.config/nixpkgs/config.nix
<clever>
avn: if it wasnt an atomic copy, then that could have corrupted almost anything on the machine
<mpcsh>
willprice: and then you can search free and unfree at the same time
gnuhurd has quit [(Remote host closed the connection)]
dbmikus has joined #nixos
<clever>
avn: you should either freeze all writing to the disk, snapshot the whole thing as one atomic operation, or just shut it off, then clone it
gnuhurd has joined #nixos
<avn>
clever: yep, I do fsck and storage check/repair, but not thought that db was fatally corrupted
<avn>
clever: and they also live w/o ECC and ZFS
<nwuensche>
Ok, thank you. However, I also have another problem. I installed openjdkm but everytime I do java --v, it says that no JVM could be created.
<clever>
avn: ext4 does writes in place, so fsck may be happy, but the data is mixed thruout time
<clever>
avn: zfs checksums all data, and would be more likely to detect such things
<avn>
clever: yea, I told that --- but not sure, if stuff was done property
<willprice>
mpcsh, thanks, I'll try that now :)
<willprice>
mpcsh, yep, that did the trick
<mpcsh>
willprice: great!
<mpcsh>
does anyone here use compton?
<dtzWill>
mpcsh: yep!
<mpcsh>
dtzWill: does it work on nixos? I have it enabled and it's not doing anythin
<mpcsh>
*anything
<mpcsh>
no shadows, no fade, nothing
snikkers has quit [(Ping timeout: 260 seconds)]
<dtzWill>
mpcsh: i think you have to restart display-manager the first time
<dtzWill>
mpcsh: (or restart the system)
<dtzWill>
but yes it does work
<mpcsh>
dtzWill: I've had it enabled for a while now, across many reboots
<dtzWill>
although it complains in my logs constantly but that's a known and possibly fixed issue
<mpcsh>
(and many nixos-rebuild switch's)
<dtzWill>
o_O
<dtzWill>
"services.compton.enable = true;" or similar?
<mpcsh>
precisely that
<dtzWill>
are any compton processes running? Anything in logs mentioning problems?
<dtzWill>
err not that you don't know how to debug ;), I suppose to answer your question it sure does work for me
<mpcsh>
dtzWill: yeah compton is running according to `ps`
<dtzWill>
and has more or less since started using NixOS last year xD
<mpcsh>
dtzWill: where are your logs? home dir?
willprice has quit [(Ping timeout: 268 seconds)]
<dtzWill>
journalctl? I'm not super slick with invoking it, usually just check "journalctl -xe" and look around.. and read man pages for anything else O:)
<copumpkin>
unfortunately on a machine I can't even log into :)
<gnuhurd>
any GNU Emacs users here?
<copumpkin>
tons :)
<copumpkin>
(though not me)
Sonarpulse has quit [(Ping timeout: 255 seconds)]
<gnuhurd>
I have a problem... when I try to use smtpmail in Emacs, Emacs screams that there is no smtpmail process running... is there a Nix package I can install to fix this, or is this how Emacs is built in NixOS?
Tucky has quit [(Remote host closed the connection)]
arximboldi has quit [(Quit: arximboldi)]
<thblt>
gnuhurd: is smtpmail on path?
<avn>
gnuhurd: possible should be enough install package with smtpmail. But I am also interested, how all emacs' required tools can be installed, w/o polluting main systemEnvironment and global PATH
bkchr has joined #nixos
<thblt>
avn: you can probably register these tools as runtime deps in a custom emacs derivation.
Swant is now known as ikea
ikea is now known as Swant
<gnuhurd>
it's not a package in nixos, thblt
endformationage has joined #nixos
pie_ has joined #nixos
nwuensche has quit [(Quit: Leaving)]
eacameron has joined #nixos
ikwildrp1pper is now known as ikwildrpepper
<thblt>
gnuhurd: actually smtpmail seems to be pure elisp indeed. Could you post the exact error? After M-x toggle-debug-on-error?
<thblt>
FWIW i'm on nixos and have no issues sending emails through smtpmail in mu4e
<pbogdan>
gnuhurd: maybe try setting (setq smtpmail-debug-info t) in your emacs config and see if that produces a more informative output?
eacameron has quit [(Ping timeout: 240 seconds)]
pie_ has quit [(Ping timeout: 240 seconds)]
digitus has joined #nixos
bkchr has quit [(Remote host closed the connection)]
bkchr has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh pushed 1 new commit to master: https://git.io/v7ixd
<NixOS_GitHub>
nixpkgs/master d6c5109 Frederik Rietdijk: python35: 3.5.3 -> 3.5.4
NixOS_GitHub has left #nixos []
arximboldi has joined #nixos
bkchr has quit [(Ping timeout: 268 seconds)]
ison111 has quit [(Ping timeout: 268 seconds)]
inflames has joined #nixos
Filystyn has joined #nixos
zraexy has joined #nixos
mudri has quit [(Ping timeout: 255 seconds)]
nwuensche has joined #nixos
jensens has quit [(Ping timeout: 255 seconds)]
nwuensche has quit [(Client Quit)]
alx741_ has joined #nixos
[0x4A6F] has joined #nixos
alx741 has quit [(Ping timeout: 268 seconds)]
<sphalerite>
Nice error I haven't seen before while fiddling with an application...
<sphalerite>
But isn't the date set to the epoch, which is 1980-01-01 00:00:00, usually? Which isn't really before 1980?
MinceR has joined #nixos
ixxie has joined #nixos
<sphalerite>
Is there a way to override the date that's set for builds?
<jasom>
sphalerite: I bet ZIP uses the local timezone, so if you'e in e.g. the americas, it will be december 31 1979 since the epoch is 00:00:00 UTC
<sphalerite>
jasom: that shouldn't affect nix builds though
pie_ has joined #nixos
arximboldi has quit [(Quit: arximboldi)]
pietranera has quit [(Quit: Leaving.)]
zeus__ has joined #nixos
arximboldi has joined #nixos
Ivanych has joined #nixos
<sphalerite>
jasom: plus I'm in the UK, so my timezone is BST which is ahead of UTC :)
<kiloreux>
When creating a nix file for a dependency that I need inside another nix file. How can I mention that dependency? It seems like mentioning the attribute name at the beginning {stdenv, dependency_name} is not the way to go :(
<sphalerite>
kiloreux: are they in nixpkgs or elsewhere?
<sphalerite>
doing what you said should be the right way, but how you make that work depends on how you're composing the packages
<kiloreux>
not in nixpkgs, I just created a .nix file for them locally. So that dependency is not included anywhere in the nixpkgs.
<sphalerite>
If it's something you're not planning to contribute to nixpkgs, you should probably use an overlay
<kiloreux>
My dependency is called opencore-amr however when I include it in my nix file. I get "called without required argument ‘opencore-amr’" error
ThatDocsLady has quit [(Quit: Arma-geddin-outta-here!)]
<sphalerite>
And where is the dependent package/how are you building it?
simendsjo has joined #nixos
<sphalerite>
jasom: I was wrong — the epoch is 1970, not 1980!
kiloreux has quit [(Ping timeout: 240 seconds)]
Foul is now known as Nyctelos
Filystyn has quit [(Ping timeout: 246 seconds)]
pie_ has quit [(Ping timeout: 240 seconds)]
AndChat114816 has joined #nixos
eacameron has joined #nixos
eacameron has quit [(Ping timeout: 248 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/v7Pk1
<NixOS_GitHub>
nixpkgs/master e60ffe6 Vincent Laporte: ocamlPackages.ocamlnet: 4.1.2 -> 4.1.3
<mpickering>
If I modify a derivation in nixpkgs, what is the best way to build it to test that my changes work
<Infinisil>
LnL: Is it too late? These commit messages are pretty confusing
<Infinisil>
mpickering: nix-build -A <package name>
<LnL>
yeah but changing history is a bad idea
<LnL>
and I don't think (hope) people can force push to master
<Infinisil>
LnL: Well if one was quick enough I don't think anyone would even notice
jgertm has joined #nixos
[0x4A6F] has quit [(Quit: [0x4A6F])]
pie_ has joined #nixos
Sonarpulse has joined #nixos
<kiloreux>
It's still the last commit in the tree. And i think it's still possible :(
bennofs has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] mpickering opened pull request #28044: GHC Head updates (master...ghc-head) https://git.io/v7PqB
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] neilmayhew closed pull request #27824: cabal-bounds: fix build error by raising upper bound on directory lib (release-17.03...release-17.03) https://git.io/v7Biy
NixOS_GitHub has left #nixos []
<LnL>
it's fine, I don't think it's worth messing with the history
<Infinisil>
Yeah probably
<Infinisil>
kiloreux: Do you know how to squash?
eacameron has quit [(Remote host closed the connection)]
linarcx has joined #nixos
snikkers has quit [(Ping timeout: 240 seconds)]
mudri has joined #nixos
<copumpkin>
niksnut: I just ran a nix build under strace and noticed it attempting to close ~1M invalid file descriptors before proceeding with a build. Is that normal?
<copumpkin>
niksnut: it looked like it was just looping from lownumber to 2^20 and calling close on it
oahong has quit [(Ping timeout: 255 seconds)]
<kiloreux>
Infinisil, yes, but I think it was a functionality provided by Github on the merger command. That's why I didn't bother. My apologies.
pie_ has quit [(Ping timeout: 246 seconds)]
eacameron has joined #nixos
<kiloreux>
I just ran `nix-env -f github_has -iA` on my machine for the last nixpkgs commit
<Infinisil>
kiloreux: It's git that can do that, has nothing to do with github. squashing commits is very important when pushing many commits to a branch
<linarcx>
hi. i have a problem. every time i want to disable any systemd service it says to me that:"Failed to disable unit: File /etc/systemd/system/multi-user.target.wants/tor.service: Read-only file system" why?
<kiloreux>
Infinisil, My bad.
<kiloreux>
nix-env -i opencore-amr doesn't seem to work so far even on the latest commit.
<kiloreux>
What if I want to pin everything in my systemt to that specific commit ?
<kiloreux>
How can I do that?
<LnL>
use the commit hash instead of "master"
eacameron has joined #nixos
<LnL>
that kind of url works for branches tags and commits
<Infinisil>
kiloreux: Squashing goes like this: `git rebase -i HEAD~n` where n is the number of commits you did, that's most of the time equivalent to `git rebase -i upstream/master`. In the text editor that opens, you change every commit except the first to "squash". Upon exiting that file you can combine the commit messages of all commits into one. After doing that you do `git push -f`
roberth has quit [(Ping timeout: 260 seconds)]
tvon has joined #nixos
<kiloreux>
Infinisil, Thank you for the tutorial :) I know how to squash :D. Do you still want me to do it ? I don't think forcing into master is a good idea now.
<Infinisil>
kiloreux: Ahh, didn't get that
<Infinisil>
kiloreux: Nah, just wanted to make sure you know how to do it for next time ;)
mudri has quit [(Ping timeout: 276 seconds)]
<kiloreux>
That's kind of you. Thank you. I must say the nixos channel is so friendly and everything is smooth here. Very encouraging :D
eacameron has quit [(Ping timeout: 240 seconds)]
<Infinisil>
Yeah, it's really nice <3
Phillemann has joined #nixos
eacameron has joined #nixos
<Phillemann>
I'm trying to write a package for a piece of software that has a Makefile, but no configure. The Makefile has a "DESTDIR" variable to which it installs stuff. How and what do I specify in the nix expression to make nix install it in /nix/store/...?
<georges-duperon>
Ah, I asked earlier how to edit /etc/pam.d/sudo, the answer is so simple I feel silly: security.pam.services.sudo.text = ''existing contents of /etc/pam.d/sudo … extra lines …'';
<darkhour>
oh maybe not general help though
<darkhour>
ok
<georges-duperon>
Quite likely there's a way to append to the string, although my nix-fu is not good enough to know the syntax for that (yet, but that's definitely somewhere, so I'm headed to the docs!)
<willprice>
When using `nix-env`, how do I query for all subpackages of a parent set, e.g. intellij lives under `nixpkgs.jetbrains.idea-ultimate`, how do I find all packages under `nixpkgs.jetbrains`?
<Phillemann>
The package I'm trying to build an expression for installs a bash script into /usr/bin/. nix installs this in /nix/store/<hash>/usr/bin/, but I cannot execute it from my shell afterwards.
<Phillemann>
Do I have to specify the script somehow, so it lands in my $PATH?
<willprice>
georges-duperon, ah, thanks, I expected nix-env to be able to do something like that but I couldn't find anything in the manual about it
<Infinisil>
Phillemann: You should make it so the binaries go into $out/bin
<NixOS_GitHub>
[nixpkgs] pikajude pushed 1 new commit to master: https://git.io/v7PCV
<NixOS_GitHub>
nixpkgs/master eeeead2 Jude Taylor: add override for digestive-functors-blaze
NixOS_GitHub has left #nixos []
ixxie has joined #nixos
<tek0>
is there no functionality in nix for managing lvm volumes?
<Phillemann>
One problem remains, however. The package contains a bash script which calls "peco". I put this program into my derivation's buildInputs. However, when I run my program, it says it cannot find "peco".
<Phillemann>
The manual says buildInputs is for run-time dependencies, just like peco.
<Phillemann>
Should I rewrite the bash script to somehow include the complete nix store path to peco?
tvon has left #nixos ["Peace out, y'all!"]
linarcx has quit [(Remote host closed the connection)]
<kiloreux>
How can I inject gcc flags inside before compliation of nixpkgs ?
Lisanna has joined #nixos
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
pie_ has joined #nixos
erictapen has joined #nixos
<clever>
Phillemann: everything added to buildInputs must contain a bin subdir to get added to PATH
<clever>
Phillemann: and the scripts in bin must be +x'd
<clever>
Phillemann: and buildInputs are only available at build time
<clever>
Phillemann: you probably need to add it to buildInputs, then patch the result of $(which peco) into the other script at compile-time
<Lisanna>
Anyone online that's familiar with the various Nix phases (https://nixos.org/nixpkgs/manual/#sec-stdenv-phases)? I'm looking at the buildPhase trying to find out how to set the build target, but I don't see any such option (would be analogous to the installTarget option in installPhase). I see the derivation for GNU HURD works around this by using buildFlags as the "buildTarget". Is there really no buildTarget? Why?
<clever>
Lisanna: looks like $buildFlags is the best option you have
<Phillemann>
clever: Ah, yes, that's what I thought, and it makes sense.
<Phillemann>
Otherwise, $PATH would be full of transitive dependencies.
<clever>
Phillemann: after the build is done, nix will check for every build input in your output (by grepping for the storepaths), and any paths it finds become runtime dependencies
Infinisil has quit [(Remote host closed the connection)]
darkhour has quit [(Remote host closed the connection)]
Ivanych has joined #nixos
roberth has quit [(Ping timeout: 255 seconds)]
mudri has joined #nixos
FRidh has joined #nixos
<avn>
fpletz: nice idea, ty.
rardiol1 has joined #nixos
FRidh has quit [(Client Quit)]
FRidh has joined #nixos
FRidh has quit [(Client Quit)]
jgertm has quit [(Ping timeout: 240 seconds)]
FRidh has joined #nixos
_rvl has joined #nixos
_rvl has quit [(Client Quit)]
Ivanych has quit [(Ping timeout: 260 seconds)]
_rvl has joined #nixos
Lisanna has quit [(Quit: Page closed)]
linarcx has joined #nixos
<linarcx>
hi. i have two ntfs driver and automount theme in kde.but every time login to system i have to enter root password for access theme.i ask this question in #kde channel and they told me use fstab to mount theme.how?
erictapen has quit [(Ping timeout: 248 seconds)]
puffnfresh[m] is now known as puffnfresh
_Vi has quit [(Ping timeout: 258 seconds)]
darkhour_ has joined #nixos
rardiol1 has left #nixos []
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
zeus__ has quit [(Read error: Connection reset by peer)]
roberth has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] globin pushed 1 new commit to staging: https://git.io/v7PRp
<NixOS_GitHub>
nixpkgs/staging c00a95b Robin Gloster: nix-prefetch-git: fix wrapProgram call
NixOS_GitHub has left #nixos []
zeus__ has joined #nixos
Wizek has joined #nixos
linarcx has quit [(Quit: Leaving)]
MoreTea has quit [(Quit: Leaving)]
<nixos-users-wiki>
"Customizing the Installation ISO" created by makefu https://git.io/v7P0p
MP2E has joined #nixos
jgertm has joined #nixos
<nixos-users-wiki>
"Customizing the Installation ISO" edited by makefu https://git.io/v7PE0
nevermind has joined #nixos
goibhniu has joined #nixos
kea has quit [(Quit: ERC (IRC client for Emacs 25.1.1))]
LinArcX has joined #nixos
FRidh has quit [(Quit: Konversation terminated!)]
<LinArcX>
Hi. I change desktop background. But after reboot it doesn't appear and default background show. Why?
frankpf has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] joachifm pushed 1 new commit to master: https://git.io/v7PgY
<NixOS_GitHub>
nixpkgs/master 1b77c29 Joachim Fasting: tor-browser-bundle-bin: 7.0.3 -> 7.0.4...
NixOS_GitHub has left #nixos []
ison111 has quit [(Ping timeout: 240 seconds)]
Phillemann has left #nixos ["WeeChat 1.9"]
_Vi has joined #nixos
_ts_ has left #nixos ["Leaving"]
simendsjo has quit [(Ping timeout: 255 seconds)]
<sphalerite>
LinArcX: which desktop are you using?
roberth has quit [(Ping timeout: 276 seconds)]
Arcaelyx has joined #nixos
phreedom has joined #nixos
silver_hook has quit [(Ping timeout: 260 seconds)]
ambro718 has joined #nixos
<LinArcX>
sphalerite: kde
<eacameron>
I'm getting an urn:acme:error:serverInternal (status 500) error when trying to register a new domain with letsencrypt module
<sphalerite>
Then I don't really know. But maybe putting your background image at ~/.background could do it
<eacameron>
Is this something on my end or is letsencrypt broken?
<sphalerite>
eacameron: sounds like the latter.
LinArcX has quit [(Remote host closed the connection)]
<nixos-users-wiki>
"Customizing the Installation ISO" edited by makefu https://git.io/v7PVs
<eacameron>
There was planned maintenance today
<eacameron>
But it should have ended an hour ago
<sphalerite>
mine isn't trying to renew because the certs are still too up-to-date :(
<sphalerite>
oh, Icould try adding a new domain
<eacameron>
sphalerite: likely a good thing if it's actually down
frankpf has quit [(Ping timeout: 240 seconds)]
<sphalerite>
true, but I might as well try and reproduce the issue. Plus I was planning on setting up a few new services on a new server (my first proper nixos server, yay!) the next few days
<eacameron>
sphalerite: If it works for you then I'll want to know what versions you're running. :D
<clever>
eacameron: do you know if the journal logs that letsencrypt makes on nixos contain any secrets?
inflames has quit [(Ping timeout: 240 seconds)]
<eacameron>
clever: Sure looks like it
<clever>
eacameron: dang, that makes it much harder to share the logs for debug purposes
<eacameron>
I'm most certainly getting a 500 from letsencrypt
<eacameron>
But I'm about 6 mo behind on nixpkgs-unstable
<eacameron>
So the client could be triggering some bug
<clever>
ive only used the nixos module, and nixos should never be ran from nixpkgs-unstable
justbeingglad has joined #nixos
<eacameron>
clever: what do you've only used the nixos module?
<eacameron>
clever: I *think* nixops builds the machine based on the nixpkgs that you give it
<clever>
i think it uses <nixpkgs> from $NIX_PATH
<clever>
and you can configure -I flags
<eacameron>
clever: Right yeah that's what I thought as well
<clever>
and you can configure -I flags for the whole deployment
<clever>
and i think per-machine, you can set nixpkgs paths in the nix file
<eacameron>
clever: Yah so my deployments are all pinned
<eacameron>
clever: Entire deployment stack and server use the same nixpkgs
<eacameron>
But it's unstable because I was on mac
<eacameron>
But now I that I have a nice nixos vm *and* a docker build slave on mac, I should switch
<clever>
yeah, if you run "nixops info" it shows the -I flags under "Nix path:"
<clever>
yeah, you can almost always run nixos-unstable or nixos-17.09 on darwin
<clever>
only thing you might loose is binary cache builds of darwin things
s4sha has joined #nixos
<s4sha>
hi
<s4sha>
I'm completely new to NixOS and struggling a bit to get logs from phpfpm
cpennington has quit [(Remote host closed the connection)]
<eacameron>
clever: I thought darwin had no caching at all
<eacameron>
except on unstable
<clever>
nixpkgs-unstable has caching for 32bit/64bit linux, and 64bit darwin
<s4sha>
I'm a bit confused with all the /nix/store/* directories and really don't know where I could expect the logs to be
<clever>
any other channels will only get support if they happen to match up to the same versions of things
<eacameron>
clever: sphalerite: Looks like letsencrypt got its act together again!!!
<clever>
s4sha: the /nix/store is immutable, so it will never have log files
<sphalerite>
yay
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] lluchs opened pull request #28048: pcmanfm: build with gtk3 (master...pcmanfm-gtk3) https://git.io/v7Pr3
NixOS_GitHub has left #nixos []
<clever>
s4sha: the logs are either in the systemd journal, some /var/log folder, or /dev/null
<s4sha>
I've even tried `php_admin_value[error_log] = "/tmp/php.log"`
darkhour_ has quit [(Quit: leaving)]
frankpf has joined #nixos
<s4sha>
the thing is the file won't even get created
<sphalerite>
s4sha: logs will be in the journal (`journalctl`), /var/log, occasionally /var/spool/, and if you're unlucky they won't exist at all
aupiff has joined #nixos
<clever>
s4sha: where did you put that config string?
<s4sha>
I've found nothing with a `journalctl -xn -u phpfpm-nginx.service`
<s4sha>
clever: somewhere in services.phpfpm.poolConfigs.nginx
<s4sha>
(I've named my only php pool «nginx»)
<copumpkin>
if I want to add a couple of command-line arguments to an existing NixOS service's ExecStart, but the module doesn't have an option for that, am I forced to rewrite the whole ExecStart? or is there a way I can weasel into there and just append something?
<clever>
s4sha: and did you nixos-rebuild switch after making the change?
colabeer has quit [(Ping timeout: 258 seconds)]
<s4sha>
clever: yep, I nixos-rebuild build then nixos-rebuild test after each micro-change
<eacameron>
s4sha: phpfpm services are split up for each app IIRC. systemctl list-units | grep phpfpm
<sphalerite>
copumpkin: I think I wanted to do that a while back and didn't find a way
<clever>
copumpkin: the entire serviceConfig is a single option, any attempt to set something under it wipes all of the serviceConfig
<copumpkin>
yeah, that's what I was afraid of
<s4sha>
eacameron: I think I've got the right one but I'll check, thanks
<aupiff>
I installed gmp-6.1.0 using `nix-env -i gmp` on macOSX but when I try to compile a C file which includes <gmp.h>, it says the gmp.h file is not found. How should I debug this?
<eacameron>
s4sha: Once you have the right one: journalctl -u <unit-name>
<s4sha>
I think «lstat("/var/spool/nginx/html/index.php", 0x7fff7c16c410) = -1 ENOENT (No such file or directory)» might have some sort of connection with the «File not found» message that I get from nginx
<s4sha>
(and 404, obviously)
<clever>
ah, it was sending the error right back to nginx, and its the error you previously gave
<clever>
and yeah, 404 is obvious now from the files its opening
<s4sha>
but I still don't know why it wouldn't go into a nice little line in /tmp/nginx.log
<s4sha>
anyway thanks a HUGE lot for the strace tip
<bendlas>
If I requested commit access, what would be expected of me? In terms of amounts PR/Ticket reviews? Other things?
georges-duperon has quit [(Ping timeout: 255 seconds)]
<infinisil>
Hail Hydra!
<infinisil>
Why the hell is hydra not used for nixpkgs..
<infinisil>
like on github
<LnL>
ask gchristensen's wallet :p
<clever>
infinisil: the current github status plugin in hydra doesnt produce the right output to make it a sensible status hook
<infinisil>
Ahh
sellout- has quit [(Quit: Leaving.)]
frankpf has quit [(Ping timeout: 255 seconds)]
<infinisil>
Can we make a patreon page for nix & co.?
<LnL>
there's also a trust issue, since builds are uploaded straight to the cache
<aupiff>
if I'm using osx's clang in `/usr/bin/clang`, then it won't be able to find c libraries like gmp installed by nix, right? should I indicate nix library paths somehow or should I just install another version of clang via nix?
drakonis has quit [(Read error: Connection reset by peer)]
<clever>
LnL: if nix is trusted 100%, then only users running the "malicious" nix expression will get the cached build
<clever>
LnL: and at that point, nix would have just built the thing on the end-users machine anyways
<clever>
aupiff: you should open a nix-shell that has the nixpkgs clang in its PATH
<clever>
aupiff: only when using nix-shell is the env properly modified to make things work
ertes has joined #nixos
<clever>
LnL: the bigger risk i can see, is people opening PR's that download things, and abusing cache.nixos.org as a mirror for whatever they want, of any size
<bendlas>
clever: still, if we run a malicious script on our hydra, it's suddenly our problem, instead of Travis'
<clever>
bendlas: if the container logic does its job, then the scripts output merely gets saved to cache.nixos.org and it does no real harm
<clever>
and end-users only get that output if they ran the same malicious script under nix-build
<infinisil>
Okay, how about we set a limit to how many resources a build can take by default. E.g. 5min CPU time, 10MB download.
<infinisil>
If one needs more you can request it with a comment
<clever>
infinisil: hydra has no way to limit that per jobset right now
<infinisil>
clever: Yeah, but I think this would be a good solution
<grahamc>
LnL :)
<bendlas>
clever: containers are great for isolating benevolent code. our builds can do pretty much anything, from accessing '/' up to running curl or a kernel exploit
<infinisil>
grahamc: May I ask what the expenses are?
<clever>
bendlas: if you turn on a sandbox in nix, it cant read / or even access the network
<grahamc>
Bandwidth storage compute and administrative.
<LnL>
it's certainly possible, just needs some work
<clever>
bendlas: so only kernel exploits are a threat for non-fixed-output paths
<infinisil>
grahamc: How much?
<bendlas>
clever: or sandbox exploits, for that matter
<clever>
bendlas: i think this is also why sudo based travis runs in a full vm, and non-sudo travis runs as a container
<grahamc>
I can explain more in about 3 days, infinisil. I'm mostly not available.
* bendlas
personally doesn't believe in sandboxes
<infinisil>
grahamc: Okay thanks :)
hiratara has quit [(Ping timeout: 246 seconds)]
<grahamc>
You can do plenty of damage without producing valid outputs clever.
<LnL>
I think you posted a summary on the mailing list
<clever>
grahamc: such as?, the only things i can think of are weird network requests (if you claim to have a hash), and chewing up cpu/ram
<clever>
if we ignore sandbox/kernel level exploits
<grahamc>
Right infinisil, I did send a summary to the ML, go hunt for that earlier this year.
<bendlas>
after all, chromium even uses a syscall firewall and still, google pays out 10s of Ks of $ to whitehats each month
<grahamc>
Clever, I would recommend not ignoring those.
<bendlas>
... for chromium sandbox exploits, that is
erictapen has joined #nixos
<grahamc>
Anyway I've got to get back to some personal matters. I'll only be able to pop in a few minutes here and there until Friday or Saturday.
<clever>
grahamc: yeah, i previously said that assuming nix and the sandbox logic is 100% perfect, the only other threats i can think of are people abusing cache.nixos.org to host content we dont want to host
hiratara has joined #nixos
snikkers has joined #nixos
DutchWolfie has quit [(Quit: Konversation terminated!)]
sigmundv has joined #nixos
eacameron has quit [(Remote host closed the connection)]
<clever>
brb
<bendlas>
anyway, I think a button to let collaborators green-light a PR review on hydra would be awesome and if a patreon could help make this happen, I'd contribute
<grahamc>
Good to know. I think more challenging is getting the software working to do it, then coordinating with people with access to finisher that up. Moretea knows more about that.
<jasom>
If a package requires a particular user to exist, how does one manage that? e.g. upstream service scripts that run a service as a particular user
<sphalerite>
jasom: by writing a nixos module for it
<LnL>
yeah, I created a simple command to create a jobset for a pr a while back
<LnL>
but I don't know any perl so it's kind of hard to do anything mroe
newhoggy has joined #nixos
<grahamc>
bendlas: I'd love to discuss more in in 3 days. Until then, 👋
<infinisil>
Ah I think I found the overview you were talking about grahamc
<gnuhurd>
did the NixOS devs ever think of replacing systemd?
<sphalerite>
Some people want to do it, but apparently not enough to actually do it afaik
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] copumpkin pushed 1 new commit to master: https://git.io/v7PMa
<NixOS_GitHub>
nixpkgs/master b48ffa3 Dan Peebles: services.fluentd: add plugins option...
NixOS_GitHub has left #nixos []
<bendlas>
grahamc: great, I'll try to follow and support the effort
<sphalerite>
Nixos's service configuration is quite closely mapped to systemd services.
<bendlas>
till then, have a good one
<clever>
LnL: using the declarative jobset stuff, hydra can pass you some JSON describing all PR's, you must then return some JSON describing all jobsets
<clever>
LnL: and hydra will then re-configure itself
<sphalerite>
It would certainly be possible and definitely nice to provide another implementation, but it's not actually happened AFAIK
<clever>
LnL: and that whole process is done inside a pure nix build
<LnL>
the declarative jobsets where broken when we where looking at it
<LnL>
IIRC
<sphalerite>
gnuhurd: although clever here has a thing called not-os which is somewhat based on nixos and uses runit I think
<clever>
LnL: i have since set it up on 2 hydras and helped a 3rd person set it up
<clever>
gnuhurd, sphalerite: currently, all services have to be rewritten by hand, it cant translate the existing systemd.services definitions over
<bendlas>
does hydra have an http API, that would be sufficient to support an external GitHub bot, managing the PRs?
<clever>
LnL: of note, the milestone and assignees appear to be available in the json, so you could have a "magic" milestone that hydra will filter the PR's on
<clever>
LnL: that could then easily be implemented with the nix logic i have in my hydra-configs repo
<clever>
LnL: for anything more complex like a special word a certain user has to say, it would need some changes to the perl in hydra
<clever>
LnL: same to view the review statuses
* infinisil
checks how much of hydra is perl
<clever>
infinisil: a painful amount :P
zeus__ has quit [(Read error: Connection reset by peer)]
<infinisil>
Whew, 57% Perl, 24% C++
dbmikus has quit [(Quit: WeeChat 1.9)]
<infinisil>
Needs more Rust
zeus__ has joined #nixos
<sphalerite>
aupiff: still there?
<clever>
infinisil: i think the expense summary is only for prs.nix.gsc.io?
nevermind has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<infinisil>
clever: Oh, yes probably
<infinisil>
I did'nt find anything else though
<LnL>
clever: looks pretty interesting, I should take a look at how the declarative jobsets work
<clever>
LnL: you setup the url to a repo like this, and give it a relative path like "toxvpn/spec.json" (very similiar to setting the release.nix stuff)
<clever>
LnL: hydra will fetch that json, and use it to create a jobset called .jobsets
Mateon3 has joined #nixos
Mateon2 has quit [(Ping timeout: 240 seconds)]
<clever>
LnL: that jobset must contain a single build called jobsets, which returns more json, a list of the same structure, which will configure all other jobsets
<LnL>
so how does your stuff interact with the github api?
gm152 has joined #nixos
<clever>
for this half of it, adding a build input of type "githubpulls" causes hydra to query the PR list every time its checking for changes to the inputs
<clever>
at the same time it polls github for changes to given branches
<clever>
LnL: the github token on line 60 needs repo:status to post the travis checks, and its also used to greatly increase the ratelimiting for the PR data
<LnL>
yeah, that's something separate
<clever>
LnL: and line 62 contains a piece of regex, that must match the project:jobset:job string
<clever>
any job matching that regex gets posted to github as a status
<clever>
it uses the current revision of the input named on line 64 to know which github and which rev
<clever>
when both halves are put together, hydra will create a new jobset for every PR, and post the status back to the commit that is at the tip of the branch
<LnL>
ok but the part that fetches / generates the pr.json doesn't exist yet right?
<LnL>
or am I missing something
<clever>
thats the type "githubpulls" in the spec.json