<glines>
do we have patches for those wifi vulnerabilities?
<gchristensen>
yes
<glines>
I'm guessing they hit nixos-unstable at least?
<gchristensen>
they're on their way out for nixos-17.09 and nixos-unstable, they should be released to nixos-17.09 first
jhutchinson has joined #nixos
<glines>
ah. I'll just wait a bit then
<gchristensen>
a good choice :) it'll bee out soon
<MP2E>
Ralith: i'm seeing the same problem here
<Ralith>
:(
iqubic_ has quit [(Remote host closed the connection)]
<Unode>
hi all, I'm trying to figure out how to setup burp (the backup suite) on nixos. I have the server setup (and clients on other distros) but I'm having a hard time figuring out how to do it in nixos.
<Unode>
Is anyone familiar with this and could provide some guidance/pointers to documentation?
<Unode>
google isn't being helpful either
iqubic has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vdyM8
<NixOS_GitHub>
nixpkgs/master 356892f Drew Hess: ArrayFIFO: init at 0.10.
<bgamari>
`nix-shell . -A buildPackages.stdenv.cc` seems to be dropping me into a shell that doesn't have a C compiler in PATH
<bgamari>
what is going on?
tempeh has quit [(Quit: WeeChat 1.9)]
<Unode>
Ralith: yes flash on chromium is broken (for a few days already). Currently living without it. Luckily I realize I don't need it that much.
<disasm>
Unode: it looks like you just install the package and put it in a cron. If you're interested, we could help you with creating a PR for a nixos service that sets up a systemd timer and the config file.
jhutchinson has quit [(Quit: WeeChat 1.9.1)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vdyMg
<Unode>
disasm: how is this usually handled? The suite behaves both as client and server. I guess both could be services. One a regular daemon, the other a systemd timer.
<Unode>
disasm: I have never done that myself. Only just starting nixos more seriously now (moving from Gentoo).
<gchristensen>
bgamari: -A means get me the things needed to build stdenv.cc you probably want -p b
<bgamari>
ahh
<bgamari>
right, I always forget that
<Unode>
disasm: yes the clients are trivial. What I'm getting confused about is that the package doesn't install anything on /etc (the default) so when I run burp, instead of having template configs to work with, burp complains that it can't find its configuration in a path inside the store
<bgamari>
gchristensen, what if I really want to use an attribute name?
<Ralith>
Unode: is there a fix in the pipe?
<gchristensen>
-p does that too
<bgamari>
ahh lovely
<gchristensen>
-p means get me the package by attribute...
<bgamari>
error: syntax error, unexpected '.', at (string):1:66
<gchristensen>
-A means get me the build environment necessary to build the package at attribute ..."
<gchristensen>
hm
<Unode>
disasm: literally the client only needs to run "burp -a t" every once in a while. Configuration files hold all the SSL/TLS certificates for authentication and identification.
<Unode>
disasm: the first time the client runs it creates all necessary certificates assuming some template configuration is in place. But since everything refers to locations inside the store I'm a little confused.
<bgamari>
isn't buildPackages.stdenv.cc an attribute?
<bgamari>
if so, why is nix-shell failing to parse it?
<bgamari>
I've also tried quoting it, for the record
<gchristensen>
I don't know what buildPackages is
<disasm>
Unode: you'd have to use writeText (say called burpConfig) to create a config file and then run with -c ${burpConfig}
<gchristensen>
nix-shell -p stdenv.cc works for me
hellrazo1 has quit [(Quit: WeeChat 1.9.1)]
<bgamari>
gchristensen, nix-shell . -p 'stdenv.cc.out' gives me the same error
<bgamari>
gchristensen, what does nix-shell --version say?
<gchristensen>
1.11.5
<bgamari>
I have 1.11.8
csingley has joined #nixos
<gchristensen>
that is an odd thing, why is my nix old
<Unode>
disasm: I see
<Unode>
disasm: ok I'll look for some example and give that a try
<Unode>
thanks
<disasm>
Unode: as or the certs, the --localstatedir=/var should make the certs get created in /var
<bgamari>
gchristensen, it's not complaining about the -p argument
<Unode>
--localstatedir, where would I find that defined? Is this a compile-time option?
serhart has joined #nixos
<copumpkin>
bgamari: I wouldn't expect that to work
<samueldr>
(need to clean it up a bit and politely ask for comments)
<disasm>
Unode: nixos/modules/services/security/clamav.nix looks like a good candidate to start from as a template. It has the same pieces, config file, options and a timer.
* bgamari
can never keep these command straight
<disasm>
Unode: that's defined in the package compilation
<disasm>
Unode: I think that's because /etc is different than state path. My guess is there may be a config path or something that could be overridden, but really doesn't matter since nix would never use a default value for config file
serhart has joined #nixos
<gchristensen>
bgamari: if you'd like to support the work, you can donate to the nixos foundation, that money directly supports everything we do
Welkin has joined #nixos
<disasm>
We also are always looking for people to help document :)
<Welkin>
does anyone know why ghcjs is "marked as broken"?
<Unode>
disasm: I guess I can copy over from another client for now and see if I can get it to run. Then work on the service &tc.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] grahamc pushed 2 new commits to release-17.09: https://git.io/vdyDl
<NixOS_GitHub>
nixpkgs/release-17.09 4b27625 Graham Christensen: nix-info: init...
<NixOS_GitHub>
nixpkgs/release-17.09 e6c5f30 Graham Christensen: nix-info: include in nixos' default system-path, nixpkgs's channel...
NixOS_GitHub has left #nixos []
<Unode>
Welkin: git blame perhaps :)
<disasm>
Unode: yeah, that's how I would do it :) run manually and make sure it works, then automate the sucker so you just set services.burp.enable = true;
<Welkin>
I'm new to nix and don't know what being marked as broken means
<Welkin>
all I wanted as to install the package
<disasm>
Welkin: we marked any failed builds that people didn't fix prior to 17.09 as broken.
<Welkin>
do I just have bad luck?
<Welkin>
because every time I try to use nix, I run into show stopping problems
<gchristensen>
no, you're just trying to use a package which wasn't working
<gchristensen>
I'm sorry to hear that
<Unode>
That means the package may or not have been fixed in nixpkgs/nixos-unstable (or a different channel?)
<disasm>
so, something broke upstream, in a dependency or something and we didn't have the resources to get it fixed before release. Something like that will get backported to 17.09 if you submit a PR to fix.
<Unode>
(that was supposed to be a question)
<Welkin>
okay, so someone else may have fixed it in their own private channel?
<gchristensen>
unlikely, usually if someone fixes it it'd be PR'd by now
<Welkin>
is there a way to grab older versions of a package?
<Unode>
from a previous channel perhaps? although that will likely pull an entire dependency tree since most dependencies will be different from what you might have on your system.
tgecho has joined #nixos
tgecho has left #nixos []
<disasm>
Welkin: I don't know much about haskell and how it's done, but you could try ghcjsHEAD
mbrgm has quit [(Ping timeout: 255 seconds)]
<disasm>
how can I stop X11 completely without rebuilding with it disabled? I tried systemctl isolate multi-user.target and that froze my system earlier today.
<disasm>
Unode: you are correct, but systemd changes all that :)
<Unode>
disasm: I'm still not used to systemd... if it wasn't for being default on NixOS I probably wouldn't be using it.
serhart_ has joined #nixos
serhart has quit [(Ping timeout: 252 seconds)]
serhart_ is now known as serhart
deikiyoch has joined #nixos
deikiyoch has left #nixos []
jmeredith has quit [(Quit: Connection closed for inactivity)]
<disasm>
Unode: I like systemd most of the time. The log interaction with the service is really nice for debugging services that are written properly. Also really love piping the journal via gelf to keep it's structure in graylog.
<disasm>
but I adopted systemd when arch did years ago and never looked back
<adisbladis>
I switched from Gentoo because they didn't want to adopt systemd :)
<Unode>
gelf and graylog . Added to the list of things to check.
ryantrinkle has quit [(Ping timeout: 255 seconds)]
<Unode>
adisbladis: as far as I know systemd was there, just not the default.
iqubic_ has joined #nixos
<Unode>
so far I don't have many things against it. Just that it forces me to do things differently and some of the workflows I was used to can no longer be used easily.
<Unode>
For instance, I still haven't figured out how to properly run a service that requires access to X and some of its variables.
<disasm>
also cgroup per service == genius :)
<adisbladis>
Unode: Yes but it's truly a second class citizen. Also I thought it was indicative of a view of things in general which imho is bass ackwards.
<Unode>
and that automatically runs after login to X
serhart has quit [(Ping timeout: 252 seconds)]
<adisbladis>
disasm: It's esentially containers without the pain =)
<adisbladis>
Unode: User unit?
Supersonic112 has quit [(Disconnected by services)]
<Unode>
adisbladis: let me elaborate on that.
iqubic has quit [(Ping timeout: 252 seconds)]
Supersonic112_ has joined #nixos
Supersonic112_ is now known as Supersonic112
<adisbladis>
Unode: It should just be a matter of making the service PartOf=graphical-session.target
<adisbladis>
But I ran into some bug in the nix display manager setup scripts when I made one of these units yesterday. You might be hitting the same wall as I did.
<Unode>
adisbladis: I used to have a 'startx' based approach to logging in. This was unnecessary but an old habit from the days I had an ATI card and simply starting X would freeze the system. This allowed me to have bash/zsh env propagate to X so anything launched inside X inherited the shell environment. Then I had supervisord to manage a few things both inside and external to X. Mostly in X. This would be launched
<Unode>
through .xinitrc so all X environment was available and propagated properly.
<adisbladis>
Ahh. So a very hacky solution :P
amfl_ has quit [(Read error: Connection reset by peer)]
amfl has joined #nixos
<adisbladis>
Unode: If you want to make systemd units aware of desktop session environment variables you could just do "systemctl --user import-environment ENV_VAR"
azdle has quit [(Read error: Connection reset by peer)]
serhart has joined #nixos
<Unode>
with this workflow there were at least 3 things that broke with the transition to systemd. 1) logging in the console and starting X is a no-go and from what I read pretty much impossible to achieve. 2) environment no longer propagates and I require some other way of making services aware of these variables and track them somehow. 3) Starting things that require X seems to be possible but the internet so far
<Unode>
has given (me) only one solution which is to run X as a service... riddled with pitfals.
<Unode>
adisbladis: it used to be just .bashrc + .xinitrc. Simple. supervisord came into play when I started using things that crashed all the time and I didn't want the manual burden.
<Unode>
The login on console I can live without.
<Unode>
So at this point, I just need to figure out the environment stuff so services have all the info they need (including $PATH) and the X dependency.
<Unode>
I haven't seen mentions of PartOf=graphical-session.target I'll keep that in mind
elninja44 has quit [(Remote host closed the connection)]
<Unode>
adisbladis: about import-environment, I also found that, but unless I'm doing something wrong, by the time that command is run by my user, the services are already running.
<samueldr>
looking for comments on a re-written packages explorer for nixos, before I do a proper PR
<Unode>
what I've been thinking about is to have a target that is started manually (.xinitrc) after the environment is imported. This doesn't feel that different from the hacky solution I had before.
<Unode>
samueldr: what's the red border around some packages?
<samueldr>
oh, unfree packages
<samueldr>
obviously, that's a placeholder
<Unode>
samueldr: perhaps a tiny legend would be helpful.
<samueldr>
yes
<adisbladis>
Unode: So if you export your env vars in ~/.xprofile and do the "systemd import-environment" stuff in .xprofile it should work fine
<Unode>
adisbladis: I need to try it. That's what I used to do but I have the impression that services start before the import.
<adisbladis>
Actually that red border is making me a bit dizzy.
<Unode>
For instance the only user service I have currently is one that starts supervisord (until I migrate everything to individual units). For some reason it always starts in failed state
<adisbladis>
Unode: You'll se that right below where that file is sourced graphical-session.target is started
<Unode>
but if I try to start it manually after being in X it always works.
<samueldr>
(I have removed the red border for the time being)
<adisbladis>
Unode: So being a part of graphical-session.target makes sure your unit starts after environment setup
<bgamari>
gchristensen, will do
<Unode>
adisbladis: I see. I probably have the service with incorrect dependencies. I have a bunch of stuff that I wasn't sure I was allowed to use (or had any effect)
<samueldr>
made it closest to 1:1 with the current page, included unfree packages and added regex search
<adisbladis>
samueldr: It's pretty nice :) Except I would replace that red border with a red dot or something. I'm super sensitive to these kinds of patterns.
<samueldr>
red border shouldn't be there right now
<samueldr>
from an older issue on the nixos-homepage project, adding unfree packages to that list was a contentious poiint
orivej has quit [(Ping timeout: 246 seconds)]
drakonis has quit [(Read error: Connection reset by peer)]
<Unode>
adisbladis: thanks, I'll give it a try next login. Should I remove the existing symlinks on default.wants.target?
<bgamari>
any idea what nix-shell is trying to tell me with:
<adisbladis>
Unode: Yeah just disable and re-enable the unit
Arcaelyx has quit [(Ping timeout: 240 seconds)]
<Unode>
adisbladis: complains that it needs a WantedBy entry.
<Unode>
well not just WantedBy, an [Install] actually.
<adisbladis>
Unode: Ahh just throw the one you had back in there.
serhart_ has joined #nixos
serhart has quit [(Read error: Connection reset by peer)]
cwre has quit [(Quit: Ping timeout (120 seconds))]
joelpet has quit [(Quit: No Ping reply in 180 seconds.)]
<Unode>
adisbladis: thanks, lets see if this works for next login. I'll let you know sometime later.
schoppenhauer has quit [(Ping timeout: 240 seconds)]
joelpet has joined #nixos
ncl28_ has quit [(Ping timeout: 260 seconds)]
queiw has quit [(Ping timeout: 260 seconds)]
Leo` has quit [(Ping timeout: 260 seconds)]
<Unode>
I asked about this yesterday, but didn't get a reply. Is it normal that /etc/wgetrc, /etc/environment and /etc/security are symlinks to /nix/store locations that don't exist?
akaWolf has quit [(Ping timeout: 260 seconds)]
ncl28 has joined #nixos
queiw has joined #nixos
akaWolf has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dhess opened pull request #30494: Always enable OpenSSL plugin for StrongSwan. (master...strongswan-openssl) https://git.io/vdy9v
NixOS_GitHub has left #nixos []
sigmundv has quit [(Ping timeout: 240 seconds)]
cwre has joined #nixos
Leo` has joined #nixos
<disasm>
gchristensen: just saw you pushed nix-info earlier :) does that mean once 17.09 advances, it'll be available?
serhart_ has quit [(Read error: Connection reset by peer)]
<bgamari>
can someone try compiling a test C program with the x86_64-unknown-linux-gnu-gcc compiler on their system?
<bgamari>
I'd like to know whether it fails with a linker error
schoppenhauer has joined #nixos
serhart_ has joined #nixos
<disasm>
bgamari: are you in a nix-shell?
<bgamari>
I am
<bgamari>
I think I found the issue
<bgamari>
I was in $ nix-shell -p buildPackages.stdenv.cc ./.
<bgamari>
which, it turns out, is an unwrapped gcc
<disasm>
bgamari: yeah, I think you just want stdenv.cc
<bgamari>
disasm, well, not sure
<bgamari>
the problem is that is a cross-compiler in my case
<bgamari>
I think ideally I want stdenv.cc.nativeDrv
jb55 has quit [(Ping timeout: 260 seconds)]
<bgamari>
but that doesn't exist for reasons I have utterly failed to figure out
serhart_ has quit [(Quit: serhart_)]
serhart has joined #nixos
<disasm>
ah, I haven't done any cross compilation yet
serhart has quit [(Client Quit)]
<Unode>
what exactly is the difference between /etc and /etc/static ?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] veprbl opened pull request #30495: proot: static by default (master...patch-2) https://git.io/vdy9X
NixOS_GitHub has left #nixos []
<Unode>
erm nevermind I see static is actually in the store
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peterhoeg pushed 1 new commit to master: https://git.io/vdy97
<NixOS_GitHub>
nixpkgs/master be73e42 Peter Hoeg: smartmontools: drive DB 4394 -> 4548
NixOS_GitHub has left #nixos []
pxc has quit [(Ping timeout: 255 seconds)]
Wizek has quit [(Quit: Connection closed for inactivity)]
x1n4u has quit [(Ping timeout: 246 seconds)]
globin has quit [(Ping timeout: 240 seconds)]
<hodapp>
....huh. I appear to have been running a lot of old crap because I had 'nix-env -i'ed as root and forgotten about it o_O
jb55 has joined #nixos
Jackneilll has joined #nixos
globin has joined #nixos
<disasm>
another reason to nix-env -e '*' as root frequently :)
x1n4u has joined #nixos
<adisbladis>
Another reason not to do imperative package installs ;)
<hodapp>
I have no idea what that does >_>
<disasm>
adisbladis: exactly :)
<adisbladis>
I only do systemPackages, home-manager or nix-shell for the ephemeral stuff
Jackneill has quit [(Ping timeout: 255 seconds)]
Welkin has quit [(Ping timeout: 248 seconds)]
<disasm>
adisbladis: yeah, having packages installed in nix-env is my biggest hangup with trying home-manager
slack1256 has joined #nixos
riclima has quit [(Quit: riclima)]
<disasm>
hodapp: it removes all packages installed by nix-env as user running it.
<ldlework>
is it really ephemeral if you have an artifact that describes how to install everything?
<ldlework>
Why not just not manually use nix-env?
<ldlework>
Anything you want system wide, use home-manager for
<ldlework>
For projects and so on, use a derivation/nix-shell, etc
<ldlework>
(maybe I don't know what I'm talking about)
<ldlework>
(sounds right though)
<disasm>
ldlework: system wide? home-manager is per user, not system wide.
<ldlework>
"system wide"
<ldlework>
in the "as far as the current profile is concerned"
<ldlework>
sense
<disasm>
ldlework: system wide would be environment.systemPackages in configuration.nix
<ldlework>
yes yes, for the current profile I meant
<ldlework>
just don't manually install packages into your profile
<ldlework>
only use home-manager and use nix-shell to isolate the one-off/project-based things you do
<ldlework>
this seems to avoid the need to constantly run nix-env -e '*' all the time
<ldlework>
home manager becomes the master of record for your profile, and the shell.nix the master of record for anything isolated from that
<disasm>
ldlework: yeah, that's pretty much what I do (without home-manager that is) only time I use nix-env is if a) it's a one off package that doesn't work in nix-shell (e.g. phantomjs2) or b) troubleshooting what someone is doing on this channel to reproduce something. Hence why I like to run `nix-env -e '*'` with wild abandon.
<ldlework>
Couldn't you just draft a shell.nix to reproduce someone's problem though?
<ldlework>
or just drop straight in
<ldlework>
w/e
<ldlework>
Or maybe a nix container? Not sure how those work yet.
uwap has quit [(Ping timeout: 240 seconds)]
<disasm>
ldlework: not if the problem is only reproducable when installed via nix-env
schoppenhauer has quit [(Ping timeout: 252 seconds)]
<ldlework>
Would a container help with that?
<ldlework>
Certainly a Docker container running NixOS would
<ldlework>
Anyway just babbling here
<disasm>
ldlework: yeah, nix container works, buildvm works, lots of other options :)
<disasm>
in general, if it's not system wide for me, everything is a nix-shell. Every new client I work with gets it's own default.nix with it's list of dependencies and tools.
schoppenhauer has joined #nixos
<disasm>
the draw of home manager is managing dot files. I supposed I could possibly just not install any packages with it, haven't looked at how difficult that would be, guessing a number of existing modules install stuff by default.
<ldlework>
I mean, the fact that HM installs the software related to the dotfiles is basically the whole draw for me
<ldlework>
With traditional dotfile management, you deploy your dotfiles to a new workstation... and then hope you remember everything you need.
<ldlework>
Haivng a Nix expression that describes how to install the dotfile AND the related software is 👌
riclima has quit [(Read error: Connection reset by peer)]
uwap has joined #nixos
<disasm>
yeah, that's configuration.nix for me... roles.base.enable = true; :) and I can use those same roles with nixops. If I move a lot of the zsh/vim config stuff to home manager, then I have to figure out how to deploy that to my remote systems deployed via nixops, since home-manager only runs at the user level.
<ldlework>
I don't really have the need to having my personal workstation environment everywhere. But if I had that need, I don't know how I'd solve it. I really don't know much about NixOS yet.
<disasm>
nothing against home-manager, I'm just having troubles figuring out how it can work for me :)
<ldlework>
Also, if you're running nix
<ldlework>
even if its at the user level
<ldlework>
if there's only one user, IE, you're using the host as a container host to deploy services to or something
<ldlework>
then is it really a problem that the stuff gets installed into a profile?
<ldlework>
seems like you wouldn't want your home-manager managed stuff installed system wide anyway
riclima has joined #nixos
<disasm>
ldlework: yeah, there's definitely things you don't want in your home dotfiles system wide :) but things like zsh/vim config I do :)
<ldlework>
seems like it isn't the most complicated thing to deploy to a nix system, I can deploy it with a single clone command
<ldlework>
disasm why though? are you constantly switching between profiles when logged into a remote system?
<ldlework>
why don't you have truly system things at the system level, your zsh and stuff in your profile, and then service/app level stuff in nix-shell/container isolations?
<disasm>
ldlework: seldomly if ever switch profiles, however I do switch users frequently :)
<ldlework>
Could you just install home manager and the dotfile repository at the system level so that each user's home-manager switch results in the same stuff in the profile?
<disasm>
ldlework: yeah, that would be perfect, but I don't know how to do that... something like users.users.sam.homemanager.repo = fetchgit etc...
gm152 has quit [(Quit: Lost terminal)]
<ldlework>
🤷♂️
<bgamari>
how do I escape $${...} syntax in a string?
<bgamari>
ahh
<bgamari>
indeed the manual covers this
riclima has quit [(Quit: riclima)]
<fearlessKim[m]>
bgamari: '' escape ${
<bgamari>
it sounds like '' \${abc} '' should also work
<clever>
nix-repl> '' ''${abc} ''
<clever>
"${abc} "
<clever>
nix-repl> '' $${abc} ''
<clever>
"$${abc} "
<clever>
bgamari: 2 options, depending on what you need
iqubic_ has quit [(Remote host closed the connection)]
iqubic has joined #nixos
<bgamari>
hmm, strangely neither of those appear in the manual
<clever>
Since ${ and '' have special meaning in indented strings, you need a way to quote them. ${ can be escaped by prefixing it with '' (that is, two single quotes), i.e., ''${. '' can be escaped by prefixing it with ', i.e., '''. Finally, linefeed, carriage-return and tab characters can be written as ''\n, ''\r, ''\t.
fpletz has quit [(Ping timeout: 255 seconds)]
Arcaelyx has joined #nixos
<bgamari>
however, the first sentence also says:
<bgamari>
The special characters " and \ and the character sequence ${ must be escaped by prefixing them with a backslash (\).
<clever>
bgamari: which is in the section you linked, down 1 page
<clever>
it depends on if its a "string" or ''string''
<clever>
each has a different way of escaping the contents
<samueldr>
is there an actual style guide for packaging, like "use install instead of cp"
<bgamari>
cool
<clever>
samueldr: i generally just use cp, i never bothered to learn install, and i think its mostly to manage setting modes (which nix undoes) and auto-creating directories (mkdir -pv)
slack1256 has quit [(Remote host closed the connection)]
<samueldr>
my PR was amended to use install; I used cp because most other installation steps use cp
fpletz has joined #nixos
csingley has quit [(Ping timeout: 240 seconds)]
derchris has joined #nixos
derchris has quit [(Read error: Connection reset by peer)]
pxc has joined #nixos
derchris has joined #nixos
<Unode>
I'm trying to install mlocate but I'm getting a collision with findutils. I don't have findutils in systemPackages. Is there a way to disregard findutils and have mlocate installed instead?
<clever>
Unode: did you enable the service in services and set the .package attribute?
<Unode>
clever: thanks. That did it. Although now I get a trace message informing that mlocate search works only from root. So that's kind of pointless.
<clever>
dang, it probably needs some changes to use setuid
MercurialAlchemi has quit [(Ping timeout: 248 seconds)]
abuibrahim has joined #nixos
abuibrahim has left #nixos []
Guest17 has quit [(Client Quit)]
Arcaelyx has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
Guest17 has joined #nixos
frankqux_ has quit [(Ping timeout: 248 seconds)]
frankqux has joined #nixos
marusich has quit [(Quit: Leaving)]
hotfuzz_ has joined #nixos
<srhb>
Does anyone have a ready-made libvirt kubernetes nixops setup, including networking?
Itkovian has joined #nixos
<srhb>
I suppose I could rip it out of the nixos tests...
hotfuzz has quit [(Ping timeout: 258 seconds)]
<fearlessKim[m]>
any idea how to specify several flags in cmake flags ? ''-DCMAKE_EXE_LINKER_FLAGS="-L${clangLib} -Llib"' keeps failing as it believes it's a directiory "CMake Error: The source directory "/tmp/nix-build-CastXML-20171003.drv-14/CastXML-ae62b1a29c8233c3dd40fc3e293ddcdbe0bdcccc-src/build/'-Llib'"" does not exist."
ertes has quit [(Ping timeout: 258 seconds)]
<sphalerite>
fearlessKim: it's a bit of a fuss, you need to escape them right
<sphalerite>
If that doesn't work, wrap the list with (map lib.escapeShellArg ...) as well. I can't remember the exact combination that works
kkini has quit [(Remote host closed the connection)]
kkini has joined #nixos
odi__ has quit [(Ping timeout: 240 seconds)]
<sphalerite>
Alternatively just add stuff to cmakeFlagsArray in preConfigure
<sphalerite>
Like preConfigure = ''cmakeFlagsArray+=("stringgoeshereandonlyneedsbashquoting")'';
<fearlessKim[m]>
sphalerite I 've tried all the escaping I could not find on google any example of multiple settings. All the answers are "you shouldn't use CMAKE_XX variables" . I suppose these guys were as lost as I am
<fearlessKim[m]>
sphalerite: this looks good, I'll try
ixxie has joined #nixos
p4cman has joined #nixos
<sphalerite>
Huh? Pretty sure it's quite normal to use them...
<sphalerite>
Although I guess the clangLib bit should be handled by target_link_libraries in the CMakeLists
<sphalerite>
I use CMAKE_CXX_FLAGS and CMAKE_C_FLAGS on the regular though
<ldlework>
I started commenting everything out, and it I resolved it down to line 27 there
<ldlework>
I tried to degrade it to just "config = lib.mkIf true {};" but I still got the recursion
<ldlework>
I have no idea what to do
thc202 has joined #nixos
Guest17 has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
endformationage has quit [(Ping timeout: 248 seconds)]
<ldlework>
I guess it is late
Tucky has joined #nixos
<ldlework>
srhb I'm super interested in any work you do on that
<fearlessKim[m]>
sphalerite: I oculd only make the last one work (preConfigure = ''cmakeFlagsArray+=("stringgoeshereandonlyneedsbashquoting")'') . I used to wonder why people used that version over the "cleanear" nix cmakeFlags approach but I now know why :/
<srhb>
ldlework: I'll keep you in mind if I complete it :)
<sphalerite>
fearlessKim: yeah the cmake stuff could really do with some improvement in that respect.
<sphalerite>
cmakeFlags IMHO should just be a list of strings, each of which becomes a single cmake flag
pie_ has quit [(Ping timeout: 248 seconds)]
<sphalerite>
or, better, have something like cmakeDefinitions which is an attrset. But I'm not sure if either of those are possible given how mkDerivation works
<adisbladis>
Attrset would be <3
<adisbladis>
Because just the other day I wanted to change some flags and just overriding an attribute set is much easier than dealing with a list or string substitution
<infinisil>
ldlework: Ima try to use this module myself, can't see anything wrong just yet
<sphalerite>
adisbladis: but IIRC there's no way for a buildInput like cmake to access the attrs passed into mkDerivation directly
<sphalerite>
All it can do is add some bash to the actual build process
<sphalerite>
:(
<adisbladis>
sphalerite: :'(
<adisbladis>
It would have been so beatiful
<sphalerite>
so you'd have to change how you use cmake, wrapping the attrset passed to mkDerivation instead of just adding it to the nativeBuildInputs
MercurialAlchemi has joined #nixos
bkchr has joined #nixos
<bkchr>
adisbladis: Do you oberseve linking errors with plasma 5.11 on nixpkgs master?
<adisbladis>
bkchr: No I didn't. But I'm lagging behind master a bit currently
<bkchr>
adisbladis: okay
<adisbladis>
bkchr: I'll rebase and have a go at current master
<bkchr>
Ty :) For me, plasma-integration is failing
ertes-w has joined #nixos
<srhb>
ldlework: Get rid of with pkgs;
<ldlework>
srhb ?
<srhb>
ldlework: In your orgbuild thingy. Or wasn't that you?
<srhb>
Haven't had enough coffee :-P
<ldlework>
oh that worked!
<ldlework>
why did that work?
<fearlessKim[m]>
I wonder how to easily link -tlinfo . The current way is convoluted: first you renamed ncurses to ltinfo "ln -s ${pkgs.ncurses.out}/lib/libncurses.so $PWD/lib/libtinfo.so" then link it but after that "$PWD " doesn't exist so I believe some installers fix the path to the library afterwards. Wouldn't it be simpler to add a libterminfo package ?
<ldlework>
shouldn't the bare emacs now be an undefined variable?
<ixxie>
I'm about to try to make my first contributions to nixpkgs, a couple of python packages
<sphalerite>
You've heard about elf on the shelf, how about ELF on the shelf.
<ixxie>
I've been reading the nixpkgs manual
<sphalerite>
(Well, not sure how well it works since AFAIK they never used ELF. But hey.)
<sphalerite>
Yay, go ixxie!
<ixxie>
which says I can test if the pkg builds by running nix-build -A libfoo in my local nixpkgs clone root
ison111 has quit [(Ping timeout: 252 seconds)]
<ixxie>
but what if I want to set if it runs correctly as well, without installing it? I have a project which uses these packages, and I made a default.nix for it, how can I use the clone nixpkgs instead of the installed one for the test?
<ixxie>
(use with nix-shell)
<fearlessKim[m]>
ixxie nix-build generates a result folder
<sphalerite>
Either -I nixpkgs=.
<sphalerite>
Or nix-shell -p 'with import ./.; libfoi'
<sphalerite>
too*
<sphalerite>
foo*
<ixxie>
what is the ./. bit?
<ixxie>
does this have to be used in the folder where libfoo is?
<fearlessKim[m]>
I am trying to make a very simple derivation with one file, what's the best way ? any example ?
<fearlessKim[m]>
ixxie: if it starts with ./ or / nix can recognize it as a path
<sphalerite>
ixxie: if it's python stuff, you'll probably also want to make sure it works for all versions
<ixxie>
sphalerite: do you know if I make a python package, I must also add it to python-packages.nix for it to work?
<sphalerite>
And disable it for any it doesn't work eith
<sphalerite>
Yes, you do
<sphalerite>
So make the file in pkgs/development/python-modules or whstrvrt it was
m0rphism1 has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 1 new commit to master: https://git.io/vdSkL
<NixOS_GitHub>
nixpkgs/master 85a1c9e lewo: bgpdump: init at 2017-09-29 (#30461)...
NixOS_GitHub has left #nixos []
<sphalerite>
And add it to pkgs/top-level/python-packages.nix
<ixxie>
and git wise, what is the convention for branch naming?
m0rphism has quit [(Ping timeout: 240 seconds)]
mortum5 has joined #nixos
<ij>
How should a program that makes shell calls to, say, ruby or python be packaged? Do you manaully add a dependency? How will the program find it in runtime if it's not in user env?
<steveeJ>
has anyone tested overlayfs on /nix ?
<ixxie>
what is an overlay anyway?
<fearlessKim[m]>
sphalerite: thanks works like a charm
<sphalerite>
Then nix-build that and get the output from the result symlink
<sphalerite>
But that may be overkill. Idk
Guest17 has joined #nixos
<sphalerite>
It all depends on how reproducible you need it to be
<infinisil>
ixxie: `nix-build default.nix` is the same as just `nix-build`, it uses default.nix by default (duh)
<ixxie>
yeah I know infinisil :P just making it explicit
jeron has quit [(Read error: Connection reset by peer)]
<infinisil>
AH :P
<tilpner>
Hey, I need some packaging help. I want to add kvm support to rkt, but the build downloads Linux and compiles it. I got the downloading part patched (horribly), but the Linux build wants to have /bin/pwd
<tilpner>
But I can't patch it, because there is no phase between fetching and building the kernel
<ixxie>
sphalerite: runCommand is documented somewhere?
<sphalerite>
tilpner: what does what you currently have look like?
<tilpner>
(Yes, I realise replacing wget for curl like that is horrible)
MP2E has quit [(Remote host closed the connection)]
ssmike has joined #nixos
jophish has quit [(Remote host closed the connection)]
<sphalerite>
ixxie: should be in the nixpkgs manual. I'm on my phone so it's hard to check. But basically it's a thin wrapper around mkDerivation that just passes the first arg as name, the second arg as extra stuff and the tbird as buildCommand
<ixxie>
it looks like exactly what I need, but may be a bit clunky in that I will not be able to see the output of stdout, but I can just make it print a log
<tilpner>
Now the question is, if there's any way to make this work without replacing their entire build system. I don't feel like replicating their thousand-line autoconf stuff in Nix
ThatDocsLady has joined #nixos
<sphalerite>
ixxie: you can also pipe into tee rather than simply redirecting
infinisil has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
<sphalerite>
So | tee $out instead of > $out
AndreasO has joined #nixos
infinisil has joined #nixos
<ixxie>
sphalerite: that prints it as well as outputs it I guess?
<sphalerite>
It's not super nice for composability, but it is very reproducible
<sphalerite>
ixxie: yes, tee is like a tee in a pipe - redirects the stream to multiple places
<ixxie>
cheers!
<ixxie>
thanks sphalerite, ill give this a shot after lunch
<ixxie>
see you later
<sphalerite>
No problem, good luck :)
<sphalerite>
tilpner: this looks interesting, I'll take a look when I'm on my laptop again
<tnias>
I did some experimenting a while back. since then I get `Cannot mix incompatible Qt library (version 0x50900) with this library (version 0x50902)`. do I need to rebuild the specific package? how would I do it?
<tilpner>
For the bad definition of interesting... thanks :)
Jackneilll has quit [(Quit: Leaving)]
a6a3uh has joined #nixos
chakra has joined #nixos
<chakra>
hai
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti pushed 2 new commits to master: https://git.io/vdS31
<NixOS_GitHub>
nixpkgs/master 78aa7f2 Moritz Kiefer: ghcjs/ghcjsHEAD: Use separate patch files to fix build of ghcjs
<NixOS_GitHub>
nixpkgs/master f9090c3 Peter Simons: Merge pull request #30214 from cocreature/ghcjs...
NixOS_GitHub has left #nixos []
<chakra>
its gonna be a challenge to write the autogen script for my package manager
AndreasO has quit [(Quit: Found more important stuff than irc!)]
<tilpner>
Any interaction with autotools risks becoming a challenge
<chakra>
lol
<chakra>
the bigger challengs is figuring out exactly what i need to autogen and how i need to auto gen it
AndreasO has joined #nixos
juriq has joined #nixos
bennofs has quit [(Ping timeout: 252 seconds)]
<tilpner>
rnhmjoj[m] - I think unstable is already past the krack-update revisions
juriq has quit [(Ping timeout: 240 seconds)]
a6a3uh has quit [(Quit: Bye)]
AndreasO has quit [(Quit: Found more important stuff than irc!)]
<chakra>
how would i auto gen an if ... elif statement...
bkchr has quit [(Ping timeout: 252 seconds)]
laumann has joined #nixos
twey1 has joined #nixos
pxc has joined #nixos
riclima has joined #nixos
<chakra>
in a for loop how would i increase i by 1 before the loop starts
<sphalerite>
chakra: again, what are you trying to achieve with bash?
a6a3uh has quit [(Read error: Connection reset by peer)]
<chakra>
generate an if else statement
<chakra>
if elif*
<sphalerite>
why are you writing bash though?
<sphalerite>
if a ; then b; else c; fi
<chakra>
ik
pie_ has quit [(Ping timeout: 248 seconds)]
<chakra>
but it needs to be for an array
erictapen has quit [(Ping timeout: 240 seconds)]
<chakra>
eg
<chakra>
for i in ${!REPOS[@]} ; do ; printf '%b' "elif [ \$(printf '%s" ...
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] gnidorah opened pull request #30501: mailnag: use setup.py (master...mailnag) https://git.io/vdScd
NixOS_GitHub has left #nixos []
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
slyfox has quit [(Ping timeout: 260 seconds)]
slyfox has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 closed pull request #30449: mpv: enable dvb on Linux (master...mpv-enable-dvb-linux) https://git.io/vdMBw
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 1 new commit to release-17.09: https://git.io/vdSCn
<NixOS_GitHub>
nixpkgs/release-17.09 cee47ce adisbladis: display-managers: Import DBUS session bus address & Xauthority in systemd user session...
NixOS_GitHub has left #nixos []
m0rphism4 has joined #nixos
m0rphism3 has quit [(Ping timeout: 240 seconds)]
iyzsong has joined #nixos
dannyg has joined #nixos
<Phillemann>
Ok, another try. I have a package. A library. There's a derivation for it that puts a libfoo.so in $out/lib. I'd like to know the path to that lib directory, using just the name of the derivation.
leat has joined #nixos
<Phillemann>
For executables, nix-shell -p myapp puts the executable in the $PATH, so I can find it. I need that for a library.
tilpner has quit [(Read error: Connection reset by peer)]
<sphalerite>
echo "$(nix-build --no-out-link '<nixpkgs>' -A libfoo)/lib"
tilpner has joined #nixos
<sphalerite>
I have `alias nixpkgs='nix-build --no-out-link "<nixpkgs>"'` in my zshrc because I use it so much :)
<Phillemann>
Ahhh, of course. That works perfectly and I sort of understand why. Thanks! :)
<sphalerite>
err, plus -A in the alias
<sphalerite>
it also does the completion for me very kindly
<hyper_ch>
Mic92: 40gb cards don't exist!!!
<hyper_ch>
nope... they don't!!!
<hyper_ch>
otherwise I'd have slow internet
<nixo[m]>
Does nox works for you?
<ixxie>
sphalerite: one thing I was wondering about, in runCommand "process-csv" {buildInputs = [stuff];} ''python ${./process.py} ${./input.csv} > $out'' the ${./process.py} and ${./input.csv} - I can just refer to any files relative to $in using this pattern?
<sphalerite>
Nicolò: for me, yes
<sphalerite>
ixxie: relative to the nix expression, or the working directory if you're giving it through -E
<ixxie>
cool
<Mic92>
hyper_ch: how do you think the internet would work without 100 GbE / 40 GbE cards?
<hyper_ch>
it uses subspace channels and stuff :)
<hyper_ch>
do I even wanna know what a 40/100 GbE card costs? probably not
riclima has joined #nixos
<ixxie>
sphalerite: wouldn't piping need to be like > $out/logfile.txt rather than > $out since $out is a directory?
<gchristensen>
$sma,llf,ort,une
<gchristensen>
ixxie: $out isn't necessarily a dir
<ixxie>
oh right, so I define it to be whatever
<ixxie>
I see
riclima has quit [(Read error: Connection reset by peer)]
riclima has joined #nixos
<ixxie>
if I do nix-build for some random derivation, how does Nix know when to garbage collect it?
guillaum2 has joined #nixos
proteusguy has quit [(Ping timeout: 252 seconds)]
<sphalerite>
ixxie: if you use --no-out-link there won't be a gc root
reinzelmann has quit [(Quit: Leaving)]
<guillaum2>
I'm currently packaging a bunch of stuff and I'd like to make a pull request. Unfortunately it is difficult to put a license on each package. They looks like a bsd licence, but I'm not sure and I don't want to make a mistake. See for example: http://ptex.us/apidocs/license.html . What should I put in the license field ?
<sphalerite>
ixxie: if you don't have --no-out-link it'll create a symlink called result, which will be added as a root
orivej has quit [(Ping timeout: 252 seconds)]
<ixxie>
sphalerite: what is a gc root? :P
<sphalerite>
A thing (in the case of nix, a store path) where you say "I want to keep this"
<sphalerite>
So a gc run will go through all the GC roots, find all their dependencies, and mark them as "alive" and keep them
<sphalerite>
everything that isn't alive can be deleted
<ixxie>
sphalerite: I suppose you can call the dependencies branches in this context
adfaure has joined #nixos
<sphalerite>
Each system generation is a GC root for instance, as is every profile generation for each user
adfaure has quit [(Client Quit)]
<sphalerite>
nix-env --delete-generations removes them and their gc-root-ness, so anything that only they were referring to can be deleted
<ixxie>
right
<sphalerite>
I suppose.
<ixxie>
so anything I built in the past and have completely forgotten about - which didn't have --no-out-link - is kinda stuck in my system xD
<ixxie>
(not that its that much that I care about it, but kinda curious)
<sphalerite>
You can always find them using ls -l /nix/var/nix/gcroots/auto
<sphalerite>
you may want to do `nix-store --delete` first because you tend to accumulate temporary roots for nix-shell and nix-build, and those only get cleaned up when you trigger a gc
<sphalerite>
(even if the gc doesn't actually delete anything at all, like nix-store --delete with no arguments)
miefda has joined #nixos
glenn has quit [(Remote host closed the connection)]
erictapen has quit [(Ping timeout: 248 seconds)]
simukis has joined #nixos
mortum5 has joined #nixos
tilpner has quit [(Remote host closed the connection)]
bennofs has joined #nixos
tilpner has joined #nixos
<ixxie>
cool
<ixxie>
thanks sphalerite
a6a3uh has joined #nixos
<tilpner>
sphalerite - Had a chance to look at rkt yet?
<sphalerite>
trying now
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] guibou opened pull request #30503: Many packages used in computer animation industry (master...guibou_vfx_pkgs) https://git.io/vdS45
NixOS_GitHub has left #nixos []
jensens has joined #nixos
<sphalerite>
these makefiles are insane D:
mortum5 has quit [(Ping timeout: 258 seconds)]
<tilpner>
This may be another issue than I initally assumed
miefda has quit [(Quit: Leaving)]
<hyper_ch>
hmmm, I have create a nix expression in a seperate file that builds a library.... now, how do I give it a "name" so that I can call it in the configuration.nix by that name?
<tilpner>
When you run "sudo rkt run --debug --insecure-options=image --stage1-name=coreos.com/rkt/stage1-kvm:1.29.0 docker://redis", it dies with "stage0: error execing init: no such file or directory", which sounds like our standard ld path failure
<tilpner>
Maybe it's enough to download the official kvm stage1 and patch it, instead of building it ourselves
<hyper_ch>
adding in the environment.systemPackages like (pkgs.callPackage /etc/nixos/custom.nix {}) will build it.... but how do I give it a name?
<tilpner>
hyper_ch - Overlays or packageOverrides
<hyper_ch>
tilpner: I have a second .nix file where I want to have that as dependency
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] fpletz pushed 1 new commit to release-17.09: https://git.io/vdSBN
<NixOS_GitHub>
nixpkgs/release-17.09 8a732c2 Heitham Omar: mpv: enable dvb on Linux...
NixOS_GitHub has left #nixos []
<tilpner>
Well, you can give it a local name with let foobar = callPackage ./custom.nix {}; in ...
<tilpner>
But I assumed you wanted a global name
<nixo[m]>
sphalerite: nox gives me "error while evaluating grsecurity_testing"
<hyper_ch>
tilpner: let me give this a try
<sphalerite>
Nicolò: which version of nixpkgs are you on?
<tilpner>
Hah, tab completion from Matrix->Matrix looks odd on IRC
<nixo[m]>
sphalerite: 18.03pre117327.3fe7.... I have this since 17.something but never had the will to dig
<srhb>
hyper_ch: unpack only really unpacks, at least in the default builder. You can check pkgs/stdenv/generic
<hyper_ch>
srhb: weird... why do I keep then getting the error message that fatal error: sigc++/adaptors/bind.h: No such file or directory couldn't be found when it tries to compile
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] fpletz pushed 1 new commit to master: https://git.io/vdSRh
<MoreTea>
hyper_ch, are you packaging something yourself? or is it in nixpkgs already?
<hyper_ch>
MoreTea: packaging it.... or rather failing to
<tilpner>
(Common ports are closed)
<MoreTea>
hmm, the path might be a bit weird
ThatDocsLady has quit [(Remote host closed the connection)]
<hyper_ch>
with srhb's help I first tried to build an override and got stuck at that error.... now I tried to build seperate .nix files and stuck again at same error
ThatDocsLady has joined #nixos
<MoreTea>
buildInputs adds $out/include to the path
<NixOS_GitHub>
nixpkgs/release-17.09 70b2d3b Simon Lackerbauer: snd: 16.9 -> 17.8...
NixOS_GitHub has left #nixos []
<MoreTea>
depends on how long your program takes to compile :P
<nixo[m]>
sphalerite: it was not working. I managed to fix it by deleting .nix-channels and the nix-defexpr folder , re adding channel and updating them. Thanks
<MoreTea>
if I'm willing to invest time in it, I mean. Do give them ;)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] fpletz pushed 2 new commits to release-17.03: https://git.io/vdSEY
MercurialAlchemi has quit [(Ping timeout: 248 seconds)]
MercurialAlchemi has joined #nixos
<sphalerite>
jtojnar: not like that. You'd either have to move the script into a nix expression, or put some sort of placeholder and use substitute/substituteInPlace to get the right value substituted in
<chakra>
i think i completed my auto gen script o.o
<sphalerite>
jtojnar: but in that case you may want to just use bash functionality
<sphalerite>
jtojnar: `${name/-xml//}`
<jtojnar>
neat, thanks
<sphalerite>
err, only one slash at the end
<Dezgeg>
moving to the .nix file would be best, separate builder.sh mostly considered harmful
erictapen has joined #nixos
glenn has quit [(Ping timeout: 255 seconds)]
ShalokShalom has quit [(Ping timeout: 240 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] thoughtpolice pushed 1 new commit to master: https://git.io/vdSuF
<sphalerite>
Dezgeg: is it? Separate builder.sh allows avoiding the (really ugly) escaping necessary for putting ${} that should be interpreted by bash
<Dezgeg>
sure, but you can't place conditionals like stdenv.isDarwin anymore
<Dezgeg>
or have nix-shell -A work, etc.
<sphalerite>
ah right, fair enough
plakband has joined #nixos
<chakra>
is it possible to write a shell function into memory then execute that function
<chakra>
without creating any files?
<gchristensen>
are you in a shell?
<chakra>
like, write 'echo hi' into memory then execute it
<gchristensen>
are you in a shell?
<chakra>
yes
<gchristensen>
sayhi() { echo hi }; sayhi
<chakra>
thats not what i meant
<chakra>
i want to do this: echo 'sayhi() { echo hi }; sayhi' > memory > execute
<gchristensen>
SAYHI="echo hi"; eval "$SAYHI"
bennofs has quit [(Ping timeout: 248 seconds)]
<gchristensen>
you can do that ^
ssmike has quit [(Remote host closed the connection)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] xvapx opened pull request #30508: meliae: init at 0.4.0 (master...meliae-init) https://git.io/vdSzF
NixOS_GitHub has left #nixos []
ssmike has joined #nixos
<chakra>
would it be possible to do that for an entire array?
glenn has joined #nixos
<gchristensen>
I dunno, you should probably ask #bash or something
<Dezgeg>
you can eval "sayhi() { ... }" etc., I think
<chakra>
like this?
<chakra>
gen_repo_data=$(for i in ${!REPOS[@]} ; do printf '%b' "POOL$i='${REPOS[i]}" ; done) ; eval $gen_repo_data
<Unode>
adisbladis: seems like that systemd change still didn't quite make it. The service starts but for some reason it seems to fail with the started daemon failing to connect to itself (localhost:9001). Works fine if I start it manually.
<hyper_ch>
MoreTea: already got the comiple error?
<Unode>
chakra: you can do all sorts of memory actions in the shell. Much like any programming language. There are some things you are better avoiding. The main reason is that if you aren't careful you end up executing too early or not at all.
<Unode>
chakra: what exactly is the problem you are trying to solve?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] nico202 opened pull request #30511: xmr-stak-cpu: init at 1.3.0 (master...xmr-stak-cpu) https://git.io/vdS2C
NixOS_GitHub has left #nixos []
MercurialAlchemi has quit [(Ping timeout: 246 seconds)]
MercurialAlchemi has joined #nixos
<MoreTea>
@hyper_ch, experimenting with some flags
<hyper_ch>
MoreTea: as explanation: that one file that throws the error - I fetch that manually and copy it to the unpacked sources.... when I tried to use it in the patch phase it didn't work
<hyper_ch>
that's why I thought that maybe nix is fixing the patches in the original and patched sources and because I just copy the file there, it won't get updated
bennofs has joined #nixos
Myrl-saki has quit [(Ping timeout: 255 seconds)]
<hyper_ch>
that's why I asked if nix does fix paths automagically
sary has quit [(Ping timeout: 248 seconds)]
civodul has quit [(Quit: ERC (IRC client for Emacs 25.3.1))]
bennofs has quit [(Read error: Connection reset by peer)]
<MoreTea>
no, if you include a buildInput, it adds `include` to the include path.
MoreTea has quit [(Quit: Leaving)]
<hyper_ch>
then I fail to see why it can't find that file
<adamretter>
Is there anyway to get scripts whuch have shebangs of /bin/bash to easily work on NixOS without having to modify th scripts to use /usr/bin/env ?
peacememories has joined #nixos
riclima has quit [(Quit: riclima)]
<symphorien>
if thats in a derivation, there is a shell function for patching : patchShebangs
<Unode>
how are secrets usually handled in nix? I'm trying to write a service that creates a .conf file which should include a password. Is it common practice to keep these in plain-text as part of the nix configuration?
<infinisil>
Hey gchristensen / grahamc, a few days ago you mentioned that tethering doesn't 'Just Work' with iPhones on Linux, but with android it does
<gchristensen>
that sounds like something I'd say
<hyper_ch>
Unode: I hae the secrets in a seperate file so that I can use git to publicly track my configuration nix
<infinisil>
Well, turns out running usbmuxd is all you need to just make it work
<hyper_ch>
however the still end up in the store
<gchristensen>
that is cool
<infinisil>
Gonna make a service module for it now
<gchristensen>
maybe we should put usbmuxd in to our installer image
<hyper_ch>
readable by users but then I'm the only one using my computer :)
<infinisil>
Interesting, didn't think of that
<infinisil>
But this would be very convenient if you can't get internet to wrok
<infinisil>
work*
<infinisil>
I assume you have an iPhone gchristensen, could you test this too?
<gchristensen>
yep
<infinisil>
usbmuxd -f runs it in the foreground
<Unode>
hyper_ch: right, that was part of why I was asking. How is this handled on shared machines?
fendor has quit [(Ping timeout: 255 seconds)]
<gchristensen>
oh I can't test it just yet
<Unode>
simply chmod 600 those ?
<infinisil>
gchristensen: Alright, I might remind you later again ;)
<hyper_ch>
Unode: no idea
<gchristensen>
sounds good
<hyper_ch>
I don't share ;)
<Unode>
when using nix to create a config file how can I easily convert a list of options e.g. tool.option.include = [ one two ... ] into lines: include = one \n include = two \n include = ...
<Unode>
using variables to hold the body of what is supposed to be executed is calling for trouble due to how the shell mangles some characters
<disasm>
Unode: I think this is the direction things are eventually going to go, but for now, there really isn't a good option... https://github.com/NixOS/rfcs/pull/5
<Unode>
disasm: I need something like this for the burp thing. It allows repeated lines on the config.
<chakra>
either that or i make it just do 999 probably non existing arrays
<chakra>
as the function
fendor has joined #nixos
<Unode>
chakra: and any reason why you are using shell scripts? This is much easier with languages that properly support monkey patching or dynamic generation.
<Unode>
disasm: not using nixops yet.
<disasm>
Unode: as for the list of options, look at map
<Unode>
disasm: interesting. is there a concat too?
<chakra>
i could just use the printf version then source it but i dont want to do that
<Unode>
disasm: I might have something for you later if you can check. otherwise a pull request.
<Unode>
disasm: going a bit crazy with the options burp provides. I think I might just keep a minimal and let the user set extraOptions
<Unode>
disasm: Great. Now I just need to figure out how to render that inside a writeText 'file' '' concat... ''
<Unode>
disasm: thanks!
hotfuzz_ has quit [(Ping timeout: 240 seconds)]
iqubic has quit [(Remote host closed the connection)]
<disasm>
Unode: same way you render variables, ${concatStringsSep "\n" [ "foo" "bar" "baz" ]}
detran` has quit [(Read error: Connection reset by peer)]
twey1 is now known as TweyII
TweyII has quit [(Changing host)]
TweyII has joined #nixos
m0rphism4 has joined #nixos
<plakband>
Hello; I'm considering transitioning to Nixos, but I can't afford to fully transition to a new OS atm. Can I realistically expect to use Nix as a replacement for brew, and then take it from there? Is it significantly more difficult than brew?
<Unode>
sounds like I have everything I need. Thanks again.
<Unode>
plakband: have you ever created brew recipes?
<plakband>
Unode: no
cement has joined #nixos
pxc has joined #nixos
<Unode>
plakband: to use nix is rather straightforward. Much like you use brew. What varies is the software currently available on each package manager.
hotfuzz_ has joined #nixos
<plakband>
Unode: does that mean I would still need brew for the software not available on nix?
<Unode>
plakband: if you don't plan to add software that isn't already available you will be fine and with a tiny learning curve. If you plan to add software, the learning curve is a bit longer.
<Unode>
plakband: keeping brew next to nix is an option, yes.
<dgpratt>
So the way that arguments to nix utilities can be expressed/combined follows a convention (I'm almost sure since I've seen similar schemes elsewhere), but what *is* the convention? Does it have a name or is it documented somewhere?
thc202 has quit [(Ping timeout: 248 seconds)]
<joepie91>
samueldr: suggestion: add an identifier in the 'short view' of each unfree package; something like an icon or color difference or something that indicates that it's an unfree package
<samueldr>
oh hi
<joepie91>
hai :)
<plakband>
Unode: neat, thanks, I'll give it a shot
<Unode>
plakband: once you are familiar with nix adding software isn't that much of a big deal but some software makes it somewhat hard (specially those that bundle a lot of dependencies, commercial software, &tc.)
<plakband>
Unode: I imagine adding new packages would be a good learning exp for if I ever decide to go full nixos
<Unode>
plakband: on the plus side, nix already has one of the largest package collection I've seen and it keeps getting bigger with more people contributing. Not sure if exponential but close enough.
<samueldr>
as of right now, difficult to see, unfree packages are more gray than black
<joepie91>
plakband: from the perspective of somebody who started out with Nix and then moved to NixOS... while there is definitely value in using Nix stand-alone, I've found that using Nix on non-NixOS involves putting in most of the work for only a small part of the benefits you would get from NixOS proper; with a fairly minimal extra amount of work you can get way more benefits when using NixOS proper (service management, system config, etc.)
<samueldr>
tagging them in the short view would be counter-productive if the idea is to make them less apparent
<Unode>
plakband: you will find some things that will puzzle you and feel confused.
phreedom has quit [(Ping timeout: 255 seconds)]
<samueldr>
it's like having a secret door in a building with a big sign "DISREGARD DOOR"
<joepie91>
plakband: that's not to say that there's no value in Nix on non-NixOS, or that it isn't worth it, or that it's not a good way to get started with it without diving into the deep end... just that over time you might find yourself wanting to use NixOS after all :P
<Unode>
plakband: nix uses a bunch of new concepts that aren't really common with other package managers. Ability to rollback is one, multiple environments is another (by use of nix-shell or different profiles).
<Unode>
plakband: so in short, give it a try and if you hit any wall, you'll most likely find some help here.
<joepie91>
samueldr: ah, I didn't spot the color difference - it's not a very clear signal, though. and I'm not sure that "de-emphasizing unfree packages" is really the right goal to have here either; rather, you probably want to have "make it easy for people to identify non-unfree packages" as the goal
<joepie91>
samueldr: which sounds similar but is subtly different :P
<plakband>
joepie91: that's what I was hoping to hear :)
<samueldr>
exactly
<samueldr>
and it's a fine balance between de-emphasizing and accessibility
<plakband>
Unode, joepie91: thanks, you've been very helpful
<samueldr>
too light and with some screen settings it becomes hidden
<joepie91>
samueldr: so I don't think there's a problem with using an icon to mark unfree software - so long as it's an icon that clearly communicates 'unfree', not something promotional-seeming like a star or whatever
<samueldr>
though, I think the real solution is to filter out unfree by default, same behaviour as it has right now, and a setting to enable them
phreedom has joined #nixos
<joepie91>
samueldr: I feel like the goal is poorly defined here
<joepie91>
the package search should first and foremost be a practical thing for people to find packages, no?
<ToxicFrog>
If it has that setting, it needs to be really prominent
<Unode>
samueldr: another option would be to have some checkboxes next to the search bar, that way users could select what subset of packages they would want to see in the results. non-free could be unchecked by default.
<joepie91>
I get the impression that it's being turned into a "let's promote free software at the cost of practicality" thing and that's probably not desirable here
<ToxicFrog>
Like, on the website a tickbox [ ] include nonfree software next to the search box; I'm not sure what the equivalent on the command line would be
<gchristensen>
joepie91: on the contrary
<Unode>
ToxicFrog: hehe :)
<infinisil>
Lol, I always thought the `singleton` function would be some kind of genious function to only have something once, kind of disappointed now that I looked it up (singleton = x: [ x ])
<joepie91>
then what is the rationale behind unfree software being hidden?
<ToxicFrog>
But it has to be really obvious that things are being hidden, or people will keep running into this wall over and over and over again.
<joepie91>
like, I don't see a valid practicality reason here
<Unode>
infinisil: almost an identity function.
<ToxicFrog>
(adding that tickbox is actually on my TODO list, I just haven't had time to do it yet)
<joepie91>
but perhaps there's something I'm missing
<gchristensen>
joepie91: as a bit of advice, you're going to have to set aside your own beliefs on this
<ToxicFrog>
joepie91: for a while the answer was "freeness/unfreeness wasn't properly being included in the JSON package information", but that's fixed now
<ToxicFrog>
So it's just a matter of wiring it up to the UI
Manny8888[m] has joined #nixos
<joepie91>
gchristensen: not sure what this has to do with beliefs, I'm simply making a practicality argument here
<samueldr>
thanks gchristensen, was searching for the other issue about the same topic
<Unode>
joepie91: I think this was a point of concern. Some unfree software has restrictions on distribution. I suspect nixos doesn't want to advertise that they make it easier but bypass some of those regards. I don't know how strict is nixos (policy) in this regard.
<gchristensen>
joepie91: your beliefs value practicality higher than freeness. that isn't a ubiquitous opinion.
<joepie91>
gchristensen: my personal beliefs aside, even if freeness is said to be valued higher than practicality, then why are unfree things packaged *at all*?
proteusguy has quit [(Ping timeout: 258 seconds)]
<joepie91>
this seems like the worst of both worlds
* gchristensen
shrugs
<Unode>
gchristensen: is that the main point? I always assumed it was a more practical one, rather than subjective.
<joepie91>
Unode: considering that nixpkgs refuses to auto-download the JDK (which is free! but can't be redistributed per EULA) I don't think there would really be such concerns
<joepie91>
Unode: (it asks you to manually add it to the store)
<joepie91>
unless there are certain 'bypasses' somewhere that I'm not aware of
<Unode>
gchristensen: I see.
bdimcheff has quit [()]
<joepie91>
anyway, if there is a goal here to only include free software, sure - but then be clear about that and maintain that consistently including in what actually gets packaged... right now there's a bizarre situation of "well we're packaging unfree stuff but we don't really want you to know about it"
<Unode>
joepie91: I haven't come across those (no java on system yet). But I'm familiar with that Oracle pearl. I take that point back then.
abrar has quit [(Quit: WeeChat 1.9)]
<joepie91>
which makes no practical sense
<joepie91>
shouldn't it be an individual's choice whether to install unfree software or not in the first place?
<ToxicFrog>
^
<joepie91>
(I mean, there is already a flag you need to enable to allow unfree software to be installed, I'm not sure what else is needed to give people a choice that they can be sure is respected)
<samueldr>
while it is, it is also a choice whether the project advertises those or now
<Unode>
Well the choice is always there, it's more of obfuscation in nature.
<ToxicFrog>
I hope that having a default-off "include nonfree" tickbox on the package search page would be acceptable to everyone.
<Unode>
I've always puzzled myself about why the website search missed so many results. Started using github's search on nixpkgs a lot more than I should :)
<Unode>
ToxicFrog: +1 on that.
<ToxicFrog>
It wouldn't help the people who search using nix-env, but it would be a step in the right direction.
<gchristensen>
ToxicFrog: and a "unfree packages are hidden <show>" if a query matches unfree
<samueldr>
ToxicFrog: later this evening I was going to add the checkbox
<joepie91>
Unode: I don't mean it in the sense that nixpkgs doesn't give you the choice, rather that using unfree software or not is an inherently personal choice and it's probably out-of-scope for nixpkgs to try and nudge you in a particular direction by hiding things from the package search and whatnot
<ToxicFrog>
samueldr: that would be awesome
<samueldr>
and yes gchristensen, a number of unfree packages shown
glenn has quit [(Ping timeout: 260 seconds)]
<ToxicFrog>
I haven't been doing a lot of Nix stuff lately, so I haven't had a chance to poke at that
<gchristensen>
joepie91: you could go start joepkgs which changes this decision :P
<ToxicFrog>
(I stopped using Nix on the laptop, and the server doesn't require as much poking and prodding)
<joepie91>
I mean, there is *already* a hoop for using unfree software, the setting to allow installation, although that one at least has practical value (in that it prevents you from accidentally installing unfree software as eg. a dependency of free software)
<Unode>
joepie91: The way I see that... if nix/nixos/nixpkgs should care about that, a better alternative would be "you are trying to install X which is non-free, if you want free alternatives consider A, B, C" either during installation or somewhere in search.
<ToxicFrog>
gchristensen: steam was more than a little flaky and Digikam was just broken; also KDE updates routinely broke stuff because it would end up baking paths to /nix/store into its config files
<joepie91>
gchristensen: I've already been contemplating maintaining a separate package set for eg. games, because the opinion of unfree software in nixpkgs seems very poorly defined and intermittent
<clever>
joepie91: you can also give nixpkgs a function, that takes a package name and then says yes or no
<clever>
joepie91: so you could allow google-chrome, but not allow everything else
<gchristensen>
I thought it was well defined and constant
<joepie91>
gchristensen: and I don't really want to deal with repeated "are we sure we want to package this unfree stuff" discussions on every PR...
<joepie91>
gchristensen: where is it defined?
<joepie91>
I've asked here a few times, never got a response
<gchristensen>
in the licenses.nix
<joepie91>
gchristensen: I'm talking about the desirability of unfree things in nixpkgs
<ToxicFrog>
gchristensen: also I occasionally want to run nonfree stuff that isn't packaged (e.g. DoomRL) and getting it packaged is a huge headache.
<gchristensen>
we have lots of unfree things
<gchristensen>
gotch
<joepie91>
I have a good amount of locally written packages for eg. proprietary games laying around, and I'm hesitant to PR them into nixpkgs because I feel like it's just going to result in a "how do we feel about adding more proprietary things to nixpkgs" discussion
<ToxicFrog>
I do miss the ability to very easily apply patches to stuff, and I may end up using nix-env at some point, but I don't see myself going back to nixOS on the laptop anytime soon.
<joepie91>
(aside from the practical issue of not having a good proprietary file loading mechanism)
<joepie91>
gchristensen: and I am aware that there are lots of unfree things in nixpkgs, but at the same time unfree packages are hidden from the package search and it all seems like they're in nixpkgs reluctantly
<ToxicFrog>
(there's a lot I miss about NixOS, but the software I use daily actually working reliably takes priority over that)
<gchristensen>
<3
<joepie91>
which puts me in a position of not being sure whether PRing in my packages is going to be a waste of time or not
<tilpner>
joepie91 - How about a proprietary games overlay? It could be mentioned in the wiki, and that would still be better than pretending unfree stuff doesn't exist
<ToxicFrog>
(this is less of a problem on the server, which is probably going to keep running NixOS)
<tilpner>
(Only read last parts of discussion)
<joepie91>
tilpner: right, that's what I've been considering, but I'm packaging more things than just games
shymega has quit [(Ping timeout: 240 seconds)]
<Unode>
by the way, just to make sure I'm fully aware of this, what exactly qualifies as "non-free"? a) freeware but not open-source? b) freemium? c) trialware? d) paidware?
<ToxicFrog>
The openSUSE approach is to have a separate repo for nonfree stuff that's on by default but can be turned off in its entirety (at install time or at any other time)
<joepie91>
eg. random freeware-but-unfree graphics tools
<ToxicFrog>
Unode: not released under a FOSS license
<joepie91>
(that's why the JDK is unfree)
<ToxicFrog>
Steam is freeware but closed-source, for example
<Unode>
ToxicFrog: so, closed source.
shymega has joined #nixos
<joepie91>
'closed source' is unfortunately pretty poorly defined :P
<ToxicFrog>
Unode: note that this includes stuff where source code is available but you can't distributed modified version, which is not always something people consider "closed source"
<Unode>
joepie91: fair enough.
<joepie91>
^
<joepie91>
precisely what ToxicFrog said
<joepie91>
I run into this regularly
<joepie91>
people feeling that that doesn't fall under closed-source
<Unode>
ToxicFrog joepie91 interesting. Got any example of that? I'm not sure I'm familiar with the model.
glenn has joined #nixos
<ToxicFrog>
(e.g. Chrome -- the video game -- came with complete source code but sharply restricted what you could do with it, so it wouldn't be considered FOSS)
<joepie91>
(I'm actually even stricter than that in how I interpret 'open-source'; I don't consider something open-source unless it's actually open-source in spirit, ie. no shitty hacks like "well this core thing is open-source but you need this auxiliary proprietary thing to actually make it useful")
<Unode>
ToxicFrog: games are a difficult example. I can think of a few cases were only the content is protected, the engine isn't. But "the game" is both things.
<ToxicFrog>
samueldr: ping me when you have the PR for the checkbox up?
<joepie91>
clever: btw, that's probably an interesting idea; this is already how the 'insecure' exemptions work, isn't it?
<ToxicFrog>
Unode: yeah. In this case, IIRC (it's been like 15 years) one of the provisos was that you couldn't use the source to make anything that would function without the content. So you could make mods, but you couldn't make your own game in the engine or make a "workalike" replacement a la freedoom.wad
Arcaelyx has joined #nixos
<Unode>
joepie91: funny that all examples on that link are Microsoft licenses :)
<joepie91>
Unode: also, I'd like to see a "maybe you want open thing X instead" thing, but that's probably going to be quite a bit of maintenance work
<joepie91>
keeping a mapping of proprietary -> FOSS things
<joepie91>
Unode: it's not Microsoft-specific though :P
<joepie91>
iirc Apple has a similar license, and there's various independent projects that do this
<joepie91>
often 'auditable for security purposes but cannot reuse'
<joepie91>
I just don't recall them right now
<Unode>
so "be a good guy and find bugs for us" model. Gotcha
<joepie91>
it's not always that pessimistic :P
<Unode>
:)
<joepie91>
sometimes there's a genuine intention for auditability, those usually include a provision that allows you to compile the source for personal use
<joepie91>
(ie. you can build from a known-good copy)
<Unode>
right, that makes sense.
<clever>
joepie91: and last i asked, sphalerite cant find the bug that shal not be named in the XNU source, nor reproduce it in a custom build of it
<sphalerite>
what? Me?
<clever>
correction, copumpkin
<Unode>
joepie91: ToxicFrog tanks for the discussion.
<sphalerite>
oh right lol
<joepie91>
anyway, to tl;dr my stance on all this: I can live with the 'allow unfree' setting in nixpkgs simply because it has practical value for those who want only FOSS software... but I think that nixpkgs should decide to either not package unfree things at all, or include them in package searches (with a clear identifier so that people can avoid unfree packages if they want to!)
<Unode>
sphalerite: what clever said is true, you haven't even tried :P
<copumpkin>
?
<sphalerite>
clever: maybe it's actually an NSA rootkit :o
<joepie91>
the current it's-there-but-not-really-there approach really doesn't help anybody, it's the worst of both worlds
<sphalerite>
Unode: true x)
<Unode>
joepie91: I vote checkbox on that.
<clever>
sphalerite: the bug only lets you send signals to processes en-mass, usually -9'ing everything as root
<sphalerite>
Unode: actually maybe I can, but just haven't. So no
<joepie91>
Unode: then I'd say that that checkbox should probably remember the user's setting, not just always default to off
<clever>
sphalerite: and apple claims its not a security problem
<ToxicFrog>
joepie91: honestly I think the best approach would be "have a separate channel for nonfree, let people choose what channels they want" a la SUSE, and perhaps let people pick which channels to search on the nixpkgs website
<joepie91>
store it in localstorage, whatever, doesn't have to be strong persistence
<copumpkin>
joepie91: yeah I think that's a bad consequence of the implementation of unfree right now
<ToxicFrog>
But that's more effort that just adding a checkbox, since right now the website assumes all the packages are in a single giant blob
<copumpkin>
don't think it was the goal to hide them
<joepie91>
ToxicFrog: one problem I can see is that right now the channels implementation isn't especially robust
<Unode>
joepie91: currently it doesn't because they aren't included in the bundle on the main website.
<copumpkin>
just to not make them installable by accident
<ToxicFrog>
joepie91: yeah
<copumpkin>
and buildable on hydra
Myrl-saki has quit [(Ping timeout: 240 seconds)]
<adisbladis>
ToxicFrog: Separate channel would be messy imho.
<ToxicFrog>
Like, that's my "ideal end goal", not something I think would be practical to implement right now
<ToxicFrog>
Lots of infrastructural stuff would need to change first.
<joepie91>
copumpkin: right; that I can understand, mostly just commenting on the opinions of "we don't want to emphasize unfree packages"
hotfuzz has joined #nixos
<adisbladis>
I quite like how it is now except that they could end up in searches just to point out that they are indeed there just not available for install by default.
<ToxicFrog>
copumpkin: at least on the website, one of the arguments was that since license display wasn't working, people could get search results and not realize they were nonfree
<joepie91>
Unode: please make it remember the user's setting :)
<Unode>
samueldr: if you don't mind me asking, how did you generate your packages databases?
<ToxicFrog>
Which IMO is a red herring, since people still can't install them by accident
<joepie91>
Unode: (having to add --with-unfree or something to every invocation is a massive UX trap)
<Unode>
joepie91: .nixsrc if necessary :)
<ToxicFrog>
But that's fixed now anyways
<joepie91>
Unode: even better if it looks at allowUnfree and uses that
<ToxicFrog>
So there should now be no barrier to displaying them on the website.
<cement>
website? I thought the routine was to search nixpkgs
<Unode>
joepie91: that might be tricky. I sometimes use it on a system that doesn't have nix/nixos.
<joepie91>
ToxicFrog: I think it's still important to clearly mark unfree packages; one might have allowed unfree, but still want to minimize the amount of them
<adisbladis>
I just use grep in the package tree :3 It's the best search
<joepie91>
ToxicFrog: ie. the "necessary evil" approach
<ToxicFrog>
This is a much nicer UX and a lot faster than searching the repo except that it silently hides nonfree packages.
hotfuzz_ has quit [(Ping timeout: 240 seconds)]
<ToxicFrog>
joepie91: yeah, fair. Right now that information is just in the license: line but it wouldn't be hard to make them show up in a different colour or something.
<joepie91>
Unode: hm.
<copumpkin>
anyeway, I'm sure we'd all welcome someone fixing that :)
<copumpkin>
lots of people moaning about it over the years
<Unode>
copumpkin: samueldr has a prototype.
<joepie91>
Unode: I'm thinking maybe "infer from allowUnfree if Nix is installed, allow a manual remembered setting otherwise"
<copumpkin>
sweet
<joepie91>
Unode: not entirely happy with the implementation complexity there but I don't immediately see a better option that doesn't involve UX oddities
<joepie91>
and at least it optimizes for the common case
<joepie91>
(searching from a Nix-having system)
<Unode>
joepie91: how do you read allowUnfree? My user can't read into /etc/nixos
phreedom has quit [(Ping timeout: 258 seconds)]
<joepie91>
Unode: hmm, one moment.
<joepie91>
Unode: so on NixOS, I think you can do it with nixos-option?
<joepie91>
(which essentially asks the daemon)
<joepie91>
on non-NixOS it'll be in the user's local Nix config
<joepie91>
Unode: yep, hence why I said "not entirely happy with the implementation complexity" :)
<joepie91>
unfortunately I don't think there exists a single tool to get a nixpkgs config option on both NixOS and non-NixOS
<joepie91>
but I may be wrong
<Unode>
joepie91: fails here without any output. Possibly due to the permissions I mentioned.
<joepie91>
that... shouldn't fail
<joepie91>
oh, hold on
<joepie91>
Unode: can you do `nixos-option nixpkgs.config` and see if it produces *any* output?
<Unode>
joepie91: works as root
<joepie91>
uh...
<Unode>
-rw------- 1 root root 11589 Oct 17 13:57 configuration.nix
* joepie91
goes look at how nixos-option is implemented
<joepie91>
yeah, but that shouldn't matter
<joepie91>
because of the daemon
<joepie91>
# FIXME: rewrite this in a more suitable language.
<joepie91>
heh
bdimcheff has joined #nixos
<joepie91>
seems to use nix-instantiate with an import from <nixpkgs> and <nixpkgs/nixos>
<joepie91>
accessing nixos.config
<adisbladis>
nix-instantiate --eval '<nixpkgs>' -A config.allowUnfree
<adisbladis>
works
<joepie91>
works for me too
<joepie91>
(NixOS)
<joepie91>
Unode: can you try if that command works for you too?
ryantrinkle has joined #nixos
<Unode>
joepie91: that works here (nixos) and "error: attribute ‘allowUnfree’ in selection path ‘config.allowUnfree’ not found" on non-nixos.
<joepie91>
strange that nixos-option doesn't work for you then, since that's supposed to be doing the same thing
* joepie91
thinks
<joepie91>
oh
<joepie91>
hm, no
proteusguy has joined #nixos
<Unode>
joepie91: stracing it gives: read(3, "error: getting status of /etc/ni"..., 128) = 73 so I guess nixos-option does try to read from /etc/nixos directly
plakband has quit [(Quit: leaving)]
<joepie91>
Unode: can you do `nix-instantiate --eval '<nixpkgs>' -A config` on non-NixOS?
<joepie91>
and see what that does?
<Unode>
{ packageOverrides = <LAMBDA>; }
Phillemann has left #nixos ["WeeChat 1.9.1"]
<Unode>
might be reading ~/.nixpkgs/config.nix
<joepie91>
Unode: one sec
mortum5 has joined #nixos
<disasm>
Unode: imho, just go with a flag... The user can always alias the tool with the flag if they really don't want to pass -u flag every time to search unfree... Introducing state and logic to a tool like that seems like a bad idea.
<joepie91>
Unode: am I correct that you don't have allowUnfree set at all on that system?
ssmike has quit [(Remote host closed the connection)]
<joepie91>
if yes, that output is correct and the nixos-instantiate will work on both NixOS and non-NixOS
ssmike has joined #nixos
<joepie91>
and a non-existent allowUnfree just means false
<joepie91>
:P
<Unode>
joepie91: yes, I do not. I don't have it on ~/.nixpkgs/ and the system doesn't have /etc/nixos.
<joepie91>
Unode: alright. then that's your solution :D
<joepie91>
for all Nix systems
<Unode>
disasm: flag is indeed the easiest. An alias on the shell takes care of persistence. All of this assumes non-free packages will be included in the bundle, which currently they aren't/
<joepie91>
not particularly happy about the alias idea
<joepie91>
this will be rather counterintuitive to many users, especially if working on multiple systems
<joepie91>
ideally it should just understand things correctly out of the box without extra user action
detran` has joined #nixos
<tilpner>
Are you talking about a CLI search tool for nixpkgs?
<Unode>
joepie91: you realize that tool was a 2 hour hack right? :) It's as close as it gets to minimal functionality.
glenn has quit [(Ping timeout: 255 seconds)]
<chakra>
what distro is NixOS based on?
<Unode>
joepie91: there's nox if you need a bigger cannon.
pxc has joined #nixos
<Unode>
chakra: on NixOS.
<chakra>
ok
<Unode>
chakra: it's entirely original. Built on top of nix, it's package manager.
<disasm>
joepie91: right, but the alternative is by introducing state if you run a script using it and non-free is on vs off you get different results.
<chakra>
o.o
<Unode>
its*
<tilpner>
I feel like a good default would be to search all packages, but display only free unless the edit distance of the search term is very close to an existing unfree package
<tilpner>
(Or otherwise regex-matches)
<Unode>
If anyone uses that and unfree packages are made available, the default will be to show them, as the tool currently doesn't try to filter anything other than by filename/match.
<Unode>
regexp I mean.
pxc has quit [(Ping timeout: 258 seconds)]
ma27 has joined #nixos
glenn has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] pbogdan opened pull request #30514: nixpkgs manual: remove reference to now defunct nixpkgs monitor (master...manual-remove-nixpkgs-monitor) https://git.io/vdS9R
<joepie91>
Unode: disasm: sorry, I was otherwise occupied for a moment, hence the intermittent responses
<joepie91>
disasm: the suggestion was to infer the allowUnfree from the Nix config; ie. it wouldn't require any state beyond what the system already has in terms of Nix configuration... the exception being systems that don't run Nix at all, where you might want to remember a setting (but then it's a stateful system anyway)
<joepie91>
Unode: yeah, I get that it's a hack :P but nevertheless, if you want to support including vs. excluding of free stuff then you might as well do it in a way that's intuitive to the user... because once the feature's there it becomes difficult to change it without upsetting users because of changing parameters/defaults
<joepie91>
Unode: if you want it to be the absolute minimal thing, then the easiest solution is to just include unfree stuff by default always, and mark it in the results, and not filter at all
<srhb>
In fairness though, when you open up pkgs like that, you bring in a _ton_ of names in scope.
<ldlework>
That is indeed fair
<srhb>
But surprises are always nasty. I didn't even consider that it'd be 'config' -- I just figured it had to be something in pkgs.
<ldlework>
I think I will adopt the convention to never scopemerge pkgs
<ldlework>
is there a word to describe what "with" does
<srhb>
At least not at that level, yeah, I think that's a good practice.
<srhb>
While over an isolated list it's fine...
<srhb>
I think scopemerge is very telling, I didn't know what to call it either :P
<ldlework>
heh
__Sander__ has quit [(Quit: Konversation terminated!)]
<ldlework>
🎉
<disasm>
ldlework: sets the attributes in that variable in scope
<srhb>
How wordy!
<ldlework>
I know what it does, but just wondering if there was a term in use to describe it
<srhb>
"scopes" is the least verbose I've heard, but it's also a bit ambiguous.
<tilpner>
nix repl calls it loading
<srhb>
oh, funky.
<infinisil>
My message might've gotten lost
<infinisil>
what I said: ldlework: srhb: How about making nix emit a warning when an assignment is implicitly overriden with a `with <foo>;` (in verbose mode)
<srhb>
infinisil: That could be quite helpful.
<srhb>
Then again, I expect this might be done pretty often on purpose.
<srhb>
Though arguably it should be more explicit.
<infinisil>
It would be possible to make every `with foo;` explicit with `with { inherit (foo) what you need; };` but that doesn't look very nice
<infinisil>
But I honestly also don't think intentional overriding/overshadowing of the assignments is very common
<srhb>
And Welkin will be back, I'm sure, even if that was a bit of erratic frustration. :-)
<heath>
thanks srhb :)
dywedir has quit [(Remote host closed the connection)]
thblt has joined #nixos
<srhb>
Hmm. In lieu of auto-generated ips, can I refer to the ips of other machines from within the nixops definitions?
Judson has joined #nixos
<srhb>
network definitions, I guess is the right word.
Judson is now known as Guest92359
nschoe has quit [(Quit: Program. Terminated.)]
<Unode>
is there any variable I can refer to in a .nix that reports the hostname specified by the user?
<srhb>
Unode: If you have access to the nixos config, it's networking.hostname
<srhb>
But you probably don't?
<jluttine>
ugh, debugging errors from nixos-rebuild is quite painful.. --show-trace doesn't help much.. any good ways to debug?
<Unode>
srhb: can I import that into scope?
<srhb>
Unode: What are you actually trying to do?
erictapen has quit [(Ping timeout: 248 seconds)]
<srhb>
Unode: If it's a derivation, then remember that that will be impure, so you cannot get it.
<Unode>
srhb: I'm trying to configure services for burp.
<srhb>
Ah
<Unode>
and I'd like to use the hostname as part of the configuration
<srhb>
A nixos module?
dieggsy has quit [(Quit: ERC (IRC client for Emacs 27.0.50))]
<Unode>
yes
<srhb>
They get fed config as an argument afaik?
<Unode>
srhb: I do see { config ... } at the top.
<srhb>
then it should be config.networking.hostname
<Unode>
great thanks
<srhb>
er, hostName, I think
<Unode>
I'll give that a try. First time doing this.
<srhb>
Unode: Cool :)
<Unode>
Also, wondering, once I get to testing, what is the recommended way to do so?
<srhb>
Unode: Check out nixos/tests
Myrl-saki has quit [(Ping timeout: 240 seconds)]
<Unode>
I mean, I can't drop this into the current store/channel
<Unode>
to try system-wide
<srhb>
The nixos/tests work by spinning up virtual machines accomplishing your tests
<srhb>
You need only stand in the nixpkgs repo and do nix-build . -A nixos/tests/testfile.nix
<srhb>
Er, that's wrong
<srhb>
nix-build nixos/tests/postgresql.nix for instance
<Unode>
Ok, that's quite deep down the rabit hole, is there something I can try before going for a full fledged test?
Myrl-saki has joined #nixos
<srhb>
I'm not sure what you're trying to avoid.
<srhb>
You don't want to modify your local system, and no virtual machine tests...?
<srhb>
Need more parameters to come up with a sane alternative :)
reinzelmann has joined #nixos
<Unode>
modifying the local system is fine, what I don't know is where to place the file such that I can use it from nixos-rebuild
<Unode>
I mean, I'm using a git clone of nixpkgs on my user's home folder. If now I want to give that a try I should probably use the 17.09 checkout, but even then how do I make the systems' nixos-rebuild use this location instead?
<srhb>
Okay, just pass -I nixpkgs=/path/to/your/nixpkgs
<Unode>
to nixos-rebuild?
<srhb>
Unode: Bear in mind that if the repo differs in other ways, your system will be rebuilt from that spec too
<srhb>
Yeah
<Unode>
srhb: ok then I should make sure to use the exack same checkout.
<srhb>
Basically yes, nixos-version should give you the commit you want to rebase onto
jbgi has joined #nixos
<Unode>
and that was my next question :) thanks
<srhb>
Woo, prescience. :-)
simendsjo has joined #nixos
orivej has joined #nixos
ThatDocsLady has quit [(Ping timeout: 255 seconds)]
<Unode>
can I make a service option required? i.e. the user needs to specify it for the service to be valid?
nh2 has left #nixos []
<ixxie>
imports are always relative to the Nix expression they are called from right?
<jluttine>
how can i convert an integer to a string? if i=5, "foo ${i} bar" doesn't work :(
jbgi has quit [(Ping timeout: 248 seconds)]
<srhb>
jluttine: What is foo?
<srhb>
Unode: I'm not sure, do the types not cover this?
erictapen has joined #nixos
<jluttine>
srhb: it's just part of the string
<srhb>
aah
Oida has quit [(Ping timeout: 260 seconds)]
<jluttine>
i would have expected to get "foo 5 bar"
<srhb>
toString?
<srhb>
as in ${toString i}
<ixxie>
I just refactored my NixOS config, moving everything to some custom directory and symlinking configuration.nix, and suddenly I get the error: "The ‘fileSystems’ option does not specify your root file system."
<srhb>
ixxie: Been there... The paths will be relative to the resolved file, and not the link, I think.
paluh has joined #nixos
Oida has joined #nixos
ryantrinkle has quit [(Ping timeout: 248 seconds)]
<jluttine>
srhb: yep, thanks! also, didn't know that one can put code inside ${..}
paluh has quit [(Remote host closed the connection)]
<jluttine>
thought it needs to be a variable, not arbitrary code
<srhb>
jluttine: That's exactly what it does :-)
<jluttine>
nice
<srhb>
As long as it evaluates to a string, you're fine.
hexamod has joined #nixos
<ixxie>
srhb: well, that was alright, I just forgot to import a new file I made xD
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] shlevy pushed 1 new commit to master: https://git.io/vd9YO
<NixOS_GitHub>
nixpkgs/master 69607d7 Shea Levy: nixUnstable: Bump for fetchgit fixes
NixOS_GitHub has left #nixos []
<ixxie>
anybody else got irssi issues after upgrading to 17.09?
mgdelacroix[m] has joined #nixos
drakonis has joined #nixos
<disasm>
ixxie: what do you mean by issues?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Ma27 opened pull request #30517: services.xserver: assert that either desktop- or window manager is not "none" (master...x11/assert-that-either-dm-or-wm-is-not-none) https://git.io/vd9Yu
<ixxie>
disasm: well, elements of the interface are botched up
<ixxie>
the footer and header bars no longer extend from end to end (they now only cover parts where there is text) and some of the window numberings repeat
<jluttine>
how do i create an option that is a list of attrs {foo=mkOption {type=types.str};}. that is, [{foo=42} {foo=666}] would be a valid value
<srhb>
jluttine: loaAttrs or something like that
<srhb>
grep the modules for loa
reinzelmann has quit [(Quit: Leaving)]
disasm|irssi has joined #nixos
<infinisil>
ListOrAttributesOf = loaOf
<srhb>
infinisil: Thanks!
<disasm|irssi>
ixxie: with no custom config, it all looks fine for me.
<ixxie>
disasm|irssi: I will have a look at my config then
<ixxie>
thanks for testing ^^
<Unode>
is there anything in /nix/var that would be worth including in a backup? Wondering if anything there would be of value when /nix/store isn't being backed up.
disasm|irssi has quit [(Client Quit)]
<disasm>
Unode: I don't backup anything in /nix.
<jluttine>
srhb: hmm.. loaOf is "list or attribute set of". i tried type=types.listOf (types.submodule {foo=mkOption {type=types.str};}) but that doesn't work for some reason :/
<Unode>
disasm: the only thing that came to mind was software installed by users. Their profile information is referenced in /nix/var. however without /nix/store I can't think of a way the symlinks would be useful.
<srhb>
jluttine: loaOf (types.submodule { ... }: { options = { foo = mkOption { type = types.str; }; }; ? Or am I misunderstanding?
jbgi has joined #nixos
chreekat has quit [(Ping timeout: 255 seconds)]
<srhb>
jluttine: Actually, that's overly complex
<srhb>
... I think. I'm not sure of your spec entirely.
<jluttine>
i think you understood correctly. i'll try that.. but yes, that looks a bit complex.
<srhb>
If all you want is a list of heterogenous options, it's simpler
<srhb>
Well... It's the same, really :-P
<srhb>
But it helps to factor out the submodule.
<jluttine>
i want a list of attribute sets. the definition(?) of each attribute set is the same
<Sonarpulse>
I'm going to throw in an "--enable-target=all" which might just fool this silly non-native special-casing
TweyII has quit [(Ping timeout: 246 seconds)]
* bgamari
tries to figure out what this patch actually does
<bgamari>
oh, it splits up binutils
<mpickering>
thanks srhb
<srhb>
mpickering: Welcome! :)
<jluttine>
banging my head on such simple things.. tried to use + for concatenating lists and got weird error about cannot coerce list to string. took an hour to hunt down that + is for strings and ++ for lists..
<srhb>
jluttine: Strengthens character -- and skull!
ma27 has quit [(Ping timeout: 248 seconds)]
<jluttine>
srhb: definitely! :)
<mpickering>
Why is fetchFromGithub preferred to fetchurl pointing to a release download?
<mpickering>
(the release hosted on github)
<srhb>
I don't have to remember how to make permalinks into github...
<copumpkin>
fetchFromGitHub is less likely to be mutable
<jluttine>
mpickering: hmm.. dunno. i prefer fetchurl pointing to release tarball
<srhb>
(other than that, i don't know if people prefer it)
<copumpkin>
if you point it at at a rev, it won't change
<copumpkin>
release tarballs can be uploaded and contain anything you want
<srhb>
fetchFromGitHub just fetches release tarballs when you specify rev=v4, doesn't it ?
<mpickering>
The reviewer left a comment saying "why not use fetchFromGithub" which is why I'm asking :P
<srhb>
You can specify a v1.2.3 as rev, and fetchFromGitHub will fetch the release tarball (I think)
<srhb>
Hence the question.
<copumpkin>
nah, that'll fetch the tag
<srhb>
Oh.
<srhb>
That makes sense then.
<disasm>
mpickering: easier to maintain for future people making changes.
thc202 has quit [(Ping timeout: 255 seconds)]
radvendii has joined #nixos
<radvendii>
How often does nixos-unstable get updated?
<disasm>
radvendii: when it builds successfully can vary wildly
ison111 has joined #nixos
<radvendii>
disasm: Ah. Is there a way to do things kind of piece-meal? Like there's one commit in particular (the flashplayer update) that I need to successfully rebuild my system. Is there a way to add that in?
<srhb>
radvendii: I think you're reading it right, and I'm puzzled by the version on your link.
<radvendii>
you can actually just click "nixos-unstable" on the website you sent and it takes you to the website I was at
<srhb>
radvendii: It should have updated, since the channels/nixos-unstable repository did.
<radvendii>
it says "9 hours ago" but then the commit it points to is 11 days ago
<radvendii>
::confused::
<srhb>
Regardless, if you're looking for the ppapi changes neither of those revisions have it.
<srhb>
Since it was bumped to 170 this morning sometime.
<srhb>
radvendii: The channels/nixos-unstable repo _was_ bumped 9 hours ago. I'm not sure why the actual channel was not.
<radvendii>
weird
<srhb>
Maybe it requires manual intervention.
<radvendii>
maybe I'll just live without chromium for a while :P
* srhb
uses a git checkout
<radvendii>
to rebuild from?
<srhb>
Yeah
erictapen has quit [(Ping timeout: 255 seconds)]
<radvendii>
gotcha
pxc has joined #nixos
yonk42 has joined #nixos
erictapen has joined #nixos
work has quit [(Quit: Connection closed for inactivity)]
radvendii has quit [(Ping timeout: 252 seconds)]
<catern>
hey #nixos, is there some standard easy way to use dwm and customize its config.h with Nix?
simendsjo has quit [(Quit: ERC (IRC client for Emacs 25.3.1))]
mma has joined #nixos
<hyper_ch>
config.h is in your user home?
<musicmatze>
catern: I guess you have to override the package and use the newly generated package as service package... that's pretty much the standard way.
<catern>
I mean, I can put it anywhere
ssmike has quit [(Ping timeout: 255 seconds)]
nh2 has joined #nixos
<musicmatze>
I cannot tell you more (how to do it exactly) as I've not done this myself, yet.
ssmike has joined #nixos
<musicmatze>
you can put it into your configuration.nix (assuming your running nixos)
<hyper_ch>
well, nixos usually only handles system-wide stuff and not user configs... that's why I ask
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] edolstra pushed 1 new commit to master: https://git.io/vd9cE
<musicmatze>
hyper_ch: if you're using nixos, your service configuration for your window manager _is_ system wide... there's no such thing as a "per user x server", is there?
<hyper_ch>
musicmatze: you imply that I know what dwm is :)
<musicmatze>
haha :-) Its a window manager
slyfox has quit [(Quit: kernel upgrade \o/)]
<hyper_ch>
well, some people use home-manager and I thought it could be of use
<catern>
where can I find the equivalent of usr/share/dict/words with Nix?
ertes has joined #nixos
<Yaniel>
dwm is a gentoo-style window manager
<Yaniel>
you configure it by changing the header and recompiling
<Yaniel>
should work perfectly fine as a user-installed nix expression
<Yaniel>
with overrides in ~/.config/nixpkgs/config.nix
<catern>
but how do I override the config.h with config.nix?
stanibanani has joined #nixos
drakonis_ has joined #nixos
radvendii has joined #nixos
katyucha has joined #nixos
<clever>
catern: by applying .overrideAttrs to the dwm derivation, and adding a postPatch hook
drakonis has quit [(Ping timeout: 255 seconds)]
ssmike has quit [(Remote host closed the connection)]
ssmike has joined #nixos
<catern>
clever: but that's so manual :(
stanibanani has quit [(Ping timeout: 252 seconds)]
riclima has joined #nixos
<clever>
catern: you can also read the dwm expression to see if something better has been setup
ixxie has quit [(Quit: Lost terminal)]
stanibanani has joined #nixos
<infinisil>
hyper_ch: Yeah home-manager can do xsession stuff
<infinisil>
My xmonad is from home-manager
yonk42 has quit [(Quit: leaving)]
<infinisil>
How NixOS does it: If there's a ~/.xsession file, it uses that, otherwise it uses the things you set in services.xsession
<infinisil>
xserver*
<hyper_ch>
does NixOS use TPM by default for anything?
glenn has quit [(Remote host closed the connection)]
jmeredith has quit [(Quit: Connection closed for inactivity)]
wilornel has quit [(Ping timeout: 240 seconds)]
glenn has joined #nixos
ssmike has quit [(Ping timeout: 255 seconds)]
Guest65577 has quit [(Ping timeout: 260 seconds)]
infinisil has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
infinisil has joined #nixos
glenn has quit [(Ping timeout: 260 seconds)]
<makefu>
hyper_ch: i think it can and will be used for a trustedgrub setup
<makefu>
if you want to use your tpm chip i recommend enabling tcsd as the sole gateway to tpm functionality
<gchristensen>
nixos doesn't use TPM out of the box though, you have to tell it to
thblt has quit [(Ping timeout: 248 seconds)]
radvendii has quit [(Ping timeout: 258 seconds)]
<makefu>
gchristensen: with the exception of grub.trustedboot . i would love to test this feature but i fear my computer will be come unbootable afterwards ....
MP2E has joined #nixos
<gchristensen>
:)
<gchristensen>
what happens if you turn it on?
<makefu>
tpm will store checksums of the different parts of grub and grub will validate that everything is unchanged
<gchristensen>
so if it breaks, can you live-cd and then turn-it-off?
<makefu>
well maybe ;)
<makefu>
trustedboot essentially protects against evil maid attacks
wilornel has joined #nixos
ubuntu has joined #nixos
<clever>
my understanding, is that if configured correctly, the TPM will give access to protected key material, which can be used to unlock the rootfs encryption
thblt has joined #nixos
ubuntu is now known as Guest45531
<clever>
but nothing stops you from also having a normal passphrase on the luks, as a second way in
<clever>
just remember, tha an evil maid could replace the hdd, with oen that asks for a passphrase, and phones-home
<clever>
so thats more of a recovery thing, then a daily use option
<srhb>
Weird. Sometimes libvirt nixops machines know each others hostname and can resolve, sometimes not.
<srhb>
Can't figure out what influences this...
ryantrinkle has quit [(Ping timeout: 248 seconds)]
<srhb>
Hm, rebooting them seems to work.
Sonarpulse has quit [(Ping timeout: 240 seconds)]
<makefu>
clever: so you would also need secureboot in place to protect against hdd replacing?
<clever>
makefu: it would need to be secureboot with your own certs
<clever>
makefu: the MS certs are now useless
<clever>
makefu: and if the maid is able to reset the bios (or replace the entire motherboard), secureboot wont do a thing
<makefu>
true, but it would make it much harder in this case
thblt has quit [(Ping timeout: 248 seconds)]
<clever>
about the MS certs, there is a debug option in a signed bootloader, that causes it to run unsigned code
<clever>
so anybody can grab the windows bootloader, pop it into a hdd, and run unsigned code, if secureboot is on
stanibanani has quit [(Ping timeout: 258 seconds)]
<dash>
beware! an evil maid could steal your computer and replace it with an exact lookalike
<clever>
dings and dents + stickers are hard to replicate
<dash>
(the security-consultant version of Capgras syndrome I guess?)
<clever>
simpler to replace the motherboard, if they have time
mizu_no__ has joined #nixos
romildo has joined #nixos
JosW has quit [(Quit: Konversation terminated!)]
<makefu>
clever: the invisible bonding between me and my laptop can never be replicated!
<romildo>
Earlier today I have updated my unstable NixOS system to version 18.03pre117981.88b853eb80 (Impala)
<disasm>
romildo: early adopter, eh? :)
<romildo>
Later on I have run nix-channel --update again and I am getting nixos-18.03pre117327.3fe7cddc30 (the previous version) back. Has anybody seen this?
mizu_no__ has quit [(Client Quit)]
<disasm>
romildo: someone saw something similar on 17.09 yesterday
<disasm>
I forget who it was, gchristensen ^^^ do you remember?
<gchristensen>
BlessJah has seen it, and I've seen it
<romildo>
But is there an explanation for it?
<gchristensen>
there is
<gchristensen>
the channel is based on the newest build of hydra which has completely finished building. if you restart jobs, the newest to completely finish goes back to an older build. the channel update tool has code to guard against going back in time, but it seems to be broken
<infinisil>
Wait, does this thing happen when you're using the unstable channel?
<gchristensen>
it can, presumably, happen on any channel
<gchristensen>
it is a bug in the channel update script, which is the same script run for each channel
Wizek_ has quit [(Ping timeout: 240 seconds)]
<infinisil>
I don't really get it but am too lazy to ask more/dig the source ¯\_(ツ)_/¯
Ivanych has joined #nixos
<disasm>
gchristensen: is there an issue open on github?
<gchristensen>
I dunno
<gchristensen>
check the repo named something like channel-scripts or something (use github's search on the org page)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] edolstra pushed 2 new commits to master: https://git.io/vd90y
<NixOS_GitHub>
nix/master ca580be Eelco Dolstra: BinaryCacheStore: Support local caching of NARs...
<NixOS_GitHub>
nix/master b24b8ef Eelco Dolstra: BinaryCacheStore::addToStore(): Add NARs to the local cache
NixOS_GitHub has left #nixos []
civodul has joined #nixos
mortum5 has joined #nixos
<ldlework>
infinisil rycee maybe this is a crazy idea, but I think that HM needs a plugin system
<gchristensen>
like some sort of modular thing?
<ldlework>
Yeah so that we do not need to submit modules to HM itself, but there is still a mechanism for keeping the community together
<disasm>
doesn't look like it... I'll dig through irc logs and one one
<infinisil>
ldlework: What's the problem with adding stuff to HM itself?
<ldlework>
so that you can add a plugin name to your HM, and it will make sure to clone that plugin and make it available as a module for your expressions
slyfox has joined #nixos
<infinisil>
You can already do that with nix
<ldlework>
infinisil let's say a few people come up with different ways of deploying emacs
<romildo>
gchristensen, in this situation what would be better to do. I want to make a small edit in configuration.nix and rebuild my system. It is going back to the older build from the channel, right? Should I let it do that? Or is there a better way of handling this situation?
<ldlework>
its uncomfortable to have multiple ways of doing that in HM standard. Plugins allow more free innovation.
<gchristensen>
it should be fine to go backwards, but we should fix the bug to not happen in the future
<srhb>
I'm having a hard time provisioning when I can't refer to the addresses across machines.
<sphalerite>
infinisil: nr for nix-repl
<infinisil>
Dang, almost forgot about nix-repl, I'll do nr="nix-repl '<nixpkgs/lib>'
Pneumaticat has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 1 new commit to release-17.09: https://git.io/vd9zo
<NixOS_GitHub>
nixpkgs/release-17.09 82752b5 Dario Bertini: BerkeleyDB 5.3 is under the Sleepycat license, not AGPL...
NixOS_GitHub has left #nixos []
<lejonet>
Hmm, what is the nix way of creating groups? Users, declarative, have the users.extraUsers way, but there doesn't seem to be a groups.extraGroups
<lejonet>
I tried to google that, but I guess my google-fu was too weak :P hmm, that lists users.extraGroups tho, but nixops whined that I used that
<BlessJah>
gchristensen: is groups.groups a thing? I cannot find it in options
<gchristensen>
oh users.groups :P
<gchristensen>
sorry
<lejonet>
makes sense that its under users :P
<lejonet>
didn't know that web interface existed either, thanks for the link BlessJah :)
<gchristensen>
also `man configuration.nix`
<sphalerite>
infinisil: my most valuable alias is nixpkgs='nix-build --no-out-link "<nixpkgs>" -A', given the trend I'm guessing you'd alias that to np?
tmaekawa has joined #nixos
tmaekawa has quit [(Client Quit)]
* lejonet
needs to find a legitimate alias that can be shortened to wtf
<joepie91>
I've run into two undocumented compat breaks from 17.03 -> 17.09 so far
<gchristensen>
please document them
<joepie91>
1) wrapProgram now explicitly checks that the thing being wrapped is an executable; which means something like `makeWrapper strace foo --add-flags -f --add-flags $out/bin/foo` doesn't work anymore (which it probably shouldn't have in the first place, but it's a break nevertheless)
stanibanani has quit [(Ping timeout: 240 seconds)]
<joepie91>
2) the following warning appeared: warning: The option `services.printing.gutenprint' defined in `/home/sven/projects/nixrc/systems/desktop.nix' has been changed to `services.printing.drivers' that has a different type. Please read `services.printing.drivers' documentation and update your configuration accordingly.
<joepie91>
gchristensen: how/where would I get these contributed to the release notes on the site?
<gchristensen>
PR to master, put in to nixos/doc/somethingsomethingreleasenotes or somethingsomethingchangelog
<joepie91>
alright :) will have a look at that once I finish this upgrade
<gchristensen>
beyond that, grep for a string nearby to where you want to put it
<joepie91>
interestingly, the second change seems to be a reversal of a change in 16.03 where there was a recommendation to use the gutenprint option instead of drivers?
<joepie91>
unsure what happened there
stanibanani has joined #nixos
glenn has quit [(Remote host closed the connection)]
dhess has joined #nixos
<joepie91>
gchristensen: hm, nixpkgs 17.09 wants jdk 8u144, the download page only offers 8u151...
<lejonet>
Hmm, if I want to add a path to be created and such, I'm guessing its in the derivation I must set that up? (sadly this service doesn't seem to have a --user or --group option, so no priv dropping there, so want to use the User and Group directives for unitfiles instead, which means no mkdir in preStart :( )
<joepie91>
... I need to log in for those? what the fuck?
<joepie91>
:|
<joepie91>
if I needed more reasons to despise Oracle...
nixer has quit [(Ping timeout: 260 seconds)]
<lejonet>
Welcome to the new world... I hate how many companies that have put their free products behind a registration wall... (I'm looking at you VMWare!)
<srhb>
I want a firewall that can be disabled...
<joepie91>
my phone number is now 000000000000
<joepie91>
(Oracle is asking for way too much information)
<srhb>
Oh yeah, downloading oracles things is much fun.
<srhb>
I must have like 20 users there by now.
<infinisil>
sphalerite: Hmm... I've never run that command
<sphalerite>
depending on what the src looks like though you might need tar xf $(nixpkgs hello.src) instead for instance
stanibanani has quit [(Ping timeout: 260 seconds)]
<joepie91>
cc srhb and lejonet
ison111 has quit [(Ping timeout: 240 seconds)]
<sphalerite>
lejonet: if it's for state, I wouldn't
<lejonet>
sphalerite: it is for state, hence why I don't really want to put it in /etc, but can't say I understand how to create other, paths that gets included, or would a postBuild = '' mkdir /bla/bla; chown bla:abl '' do what I want it to do?
<infinisil>
Makes it use the configured user only for ExecStart
slyfox has joined #nixos
<lejonet>
infinisil: Ah, didn't know about that one
<infinisil>
If you need something more complex you can use multiple systemd unit with dependency on each other
drakonis_ has quit [(Read error: Connection reset by peer)]
<infinisil>
there's a bunch of such combos in nixpkgs with names <name>.service and <name>-init.service
lassulus has quit [(Quit: WeeChat 1.9.1)]
<lejonet>
With this type of system, I'm not surprised :)
lassulus has joined #nixos
jbgi has quit [(Ping timeout: 258 seconds)]
<joepie91>
gchristensen: is there a current process for tracking breaking changes? to ensure that release notes are complete
hamishmack has quit [(Quit: hamishmack)]
<infinisil>
the tests?
<ldlework>
how do I get the sha256 for fetchFromGithub?
<disasm>
ldlework: run it with a broken sha and it'll output it
<ldlework>
:(
<infinisil>
ldlework: nix-prefetch-url --unpack or nix-prefetch-git
Ivanych has quit [(Ping timeout: 248 seconds)]
<ldlework>
infinisil hmm, is that going to work on OSX?
<infinisil>
If I know where I need the hash from beforehand I usually just do `:r!nix-prefetch-url --unpack github.com/<name>/<repo>/archive/<revision>.tar.gz` in vim
stanibanani has joined #nixos
<infinisil>
ldlework: Why wouldn't it?
<ldlework>
I don't have that command
<infinisil>
nix-prefetch-url?
<ldlework>
yeah
<srhb>
Can I set up an enpIsJ-style named interface to be renamed?
<ldlework>
oh I have that one
<srhb>
"devices" doesn't show anything interesting in the manual
<dhess>
Anyone have an example of using overlays with NixOps?
<dhess>
I'm not exactly sure where to define it in my NixOps setup
<srhb>
dhess: I don't think there's a NixOps-centric idea of overlays
<Dezgeg>
well the thing is nix-prefetch-git fetches a git repository with the git protocol, but fetchFromGithub downloads a tar.gz from github directly
<infinisil>
dhess: Just use nixpkgs.overlays
civodul has quit [(Quit: ERC (IRC client for Emacs 25.3.1))]
<srhb>
However, you can use definitions from your user overlays for your nixops deployments just fine
<dhess>
infinisil: yeah, but where do I define it? Assuming I've got a fairly standard setup, e.g., machines/foo-production.nix and machines/foo.nix ?
stanibanani has quit [(Ping timeout: 240 seconds)]
Sonarpulse has joined #nixos
mortum5 has quit [(Ping timeout: 240 seconds)]
stanibanani has joined #nixos
nh2 has joined #nixos
MichaelRaskin has joined #nixos
Wizek_ has quit [(Ping timeout: 240 seconds)]
ssmike has quit [(Ping timeout: 255 seconds)]
hiratara has quit [(Ping timeout: 252 seconds)]
pbogdan has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
jb55 has joined #nixos
hiratara has joined #nixos
stanibanani has quit [(Ping timeout: 240 seconds)]
pbogdan has joined #nixos
serhart has joined #nixos
stanibanani has joined #nixos
ma27 has quit [(Ping timeout: 252 seconds)]
iqubic has joined #nixos
<iqubic>
Is there a way to disable the Systemd-boot boot menu timer, WITHOUT enabling auto select of an option?
jb55 has quit [(Ping timeout: 240 seconds)]
<iqubic>
I tried "boot.loader.timeout = null;" and "boot.loader.timeout = 0;" Both settings gave me a system that skipped the boot loader and just sent me straight to nixos
<iqubic>
I want there to be no timer. Where no matter how long I wait, I will still be in the boot menu until I select an option.
<infinisil>
iqubic: I'd just set it to something like 999999 then
csingley has quit [(Ping timeout: 248 seconds)]
serhart has quit [(Quit: serhart)]
serhart has joined #nixos
<iqubic>
infinisil: That's not good enough.
<cransom>
how about -1?
ThatDocsLady has quit [(Ping timeout: 255 seconds)]
<infinisil>
iqubic: 9999999999? It's really just the same as no timer from a practical standpoint. Or you can read the manual of systemd-boot to see what option there is for that
jb55 has joined #nixos
cement has quit [(Ping timeout: 260 seconds)]
ison[m] has joined #nixos
<joepie91>
so it seems that the Plasma in 17.09 has the audio indicator thing
<joepie91>
very neat
<chakra>
what would be a fast way to download 50 websites in under 1 minute
<joepie91>
(indicates which applications are producing audio, much like in a web browser, with an application mute button)
<joepie91>
chakra: aria2c is a commonly used parallel downloader but isn't really made for downloading recursively iirc; I usually use https://github.com/ludios/grab-site but that's designed for archival use and therefore produces WARC archives, not just files on disk
<joepie91>
chakra: of course you're always going to be limited by the available CPU/bandwidth/etc. on both ends :)
<chakra>
ok
stanibanani has quit [(Ping timeout: 240 seconds)]
<infinisil>
ldlework: Seems like man-db is not available on darwin
<bgamari>
Sonarpulse, should perl and perl-cross be two separate derivations?
<bgamari>
they don't share a whole lot
<bgamari>
Sonarpulse, actually, my previous fixupPhase statement isn't quite right in the way I thought it was:
<bgamari>
oh, never mind
<Sonarpulse>
bgamari: is the normal perl one just too screwed up?
<Sonarpulse>
a perlCross does sound vagely familiar
<Sonarpulse>
I hope I didn't remove it long ago!
<bgamari>
Sonarpulse, it's literally not possible to cross perl with its build system
<bgamari>
s/cross/cross-compile/
<Sonarpulse>
bgamari: oh, hah!
<bgamari>
Sonarpulse, so there is a separate project, perl-cross, which provides an alternate build system
<Sonarpulse>
I just looked right past the second source
<bgamari>
seems to work pretty well though
<Sonarpulse>
yeah I think in this case it's fine
<Sonarpulse>
can't be *less* conditional than upstream!
<bgamari>
true
<bgamari>
Sonarpulse, then the question is what should the derivation be called
csingley has joined #nixos
<bgamari>
perl-cross or perl?
<bgamari>
it's technically perl, just built with a different build system
<Sonarpulse>
you could just put everything behind the if
<Sonarpulse>
so just perl
<Sonarpulse>
perhaps perl-cross would work natively, as the identity cross
<Sonarpulse>
but let upstream work out that battle
<Sonarpulse>
there used to be a tone of fooCross derivations
<Sonarpulse>
but a) eelco told me we are moving to kebab case
<Sonarpulse>
b) that was never justified before so I wouldn't want it's reputation to tarnish your derivation :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] copumpkin opened pull request #1616: Shift Darwin sandbox to separate installed files (master...separate-darwin-sandbox) https://git.io/vd979
NixOS_GitHub has left #nixos []
<bgamari>
Sonarpulse, heh
<bgamari>
I wish there were an easy way to prevent nix from rebuilding the world after you touch ld-wrapper
<bgamari>
Sonarpulse, by the way, so pkg.nativeDrv is going away, right?
<csingley>
How does nix-shell compose those huge PYTHONPATH?
<csingley>
Can I somehow access them by accessing some attribute of .env ?
Nobabs25 has joined #nixos
Nobabs27 has quit [(Client Quit)]
erictapen has joined #nixos
<elvishjerricco>
Is there any documentation on the layout of release.nix for hydra? It's unclear what gets passed as parameters, and what exactly are the requirements and allowances of the return value.