<tobiasBora>
nix-env -f "<nixpkgs>" -qaP -A emacsPackagesNg.melpaPackages
<tobiasBora>
>>> error: anonymous function at /nix/store/6cjrr698z5m9nzl6rbqm91gk5f042hmc-nixpkgs-18.03pre119383.eafd703a63/nixpkgs/pkgs/applications/editors/emacs-modes/melpa-generated.nix:1594:34 called without required argument ‘font-lock-plus’, at /nix/store/6cjrr698z5m9nzl6rbqm91gk5f042hmc-nixpkgs-18.03pre119383.eafd703a63/nixpkgs/lib/customisation.nix:74:12
ma27 has quit [(Ping timeout: 248 seconds)]
joncfoo has quit [(Ping timeout: 240 seconds)]
ivanivan has quit [(Quit: WeeChat 1.9.1)]
<matthewbauer>
tobiasBora: looks like a bug. font-lock-plus isn't in melpa
<tobiasBora>
matthewbauer: should I open a bug report?
<tobiasBora>
and any idea how to query the available emacs packages ? I'd like to install the mode "ido-completing-read+", but I can't use this name because nix does not accept the "+"
<tobiasBora>
any idea where this error comes from:
<tobiasBora>
error: Package ‘emacs-ido-complete-space-or-hyphen-20130228.208’ in /nix/store/l2ly581pmj2bwal91s8p2p6s4mzhyj12-nixos-18.03.git.66b63d2f5a/nixos/pkgs/build-support/emacs/generic.nix:30 is marked as broken, refusing to evaluate.
takle has quit [(Remote host closed the connection)]
leat has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peterhoeg pushed 1 new commit to master: https://git.io/vFWA9
<NixOS_GitHub>
nixpkgs/master 3a53ddd Peter Hoeg: sshguard: 2.0.0 -> 2.1.0
NixOS_GitHub has left #nixos []
<adisbladis>
tobiasBora: Melpa is in the process of dropping packages that are hosted on emacswiki
<adisbladis>
Currently nixpkgs is missing a bunch of them
<tobiasBora>
adisbladis: oh, so here it's melpa that marked emacs-ido-complete-space-or-hyphen as broken ?
<tobiasBora>
of nixpkg cannot find this package, so it says it's broken ?
<tobiasBora>
Because nixpkgs automatiquelly get the packages from melpa, or someone manually added all the packages in melpa?
<adisbladis>
tobiasBora: nixpkgs have an auto-generated package list from melpa
matthewbauer has quit [(Ping timeout: 258 seconds)]
<tobiasBora>
adisbladis: ok thanks
<tobiasBora>
Hum... I tried to install teamviewer using "nix-env -i teamviewer", but it says that the package does not exists, but I can find it using nix-repl
<tobiasBora>
oh, it may be the allowUnFree
qknight__ has quit [(Ping timeout: 248 seconds)]
kiloreux_ has quit [(Remote host closed the connection)]
<tobiasBora>
How could I install unfree packages using nix-env, on a non nixOs system?
<clever>
tobiasBora: config.nix, at the path the error shows
fragamus has joined #nixos
<tobiasBora>
clever: error: selector ‘teamviewer’ matches no derivations ==> there is no path here. I tried to put "{ allowUnfree = false; }" in ~/.config/nixpkgs/config.nix with no chance
<clever>
the last fun problem i had, was that it ran, but the connect button was just missing
<clever>
i'm not sure what will happen if you run the whole thing as root
<tobiasBora>
clever: I mean just run the install as root
markus1199 has joined #nixos
<clever>
the client itself needs root for some backwards reason
<clever>
it doesnt really matter who you install it as
srdqty has quit [(Ping timeout: 240 seconds)]
<lfish>
Hello. In the nix pill 12, in order to build the graphviz expression I needed to use "hardeningDisable = [ fortify ]" in graphviz.nix. I don't know if that's necessary, maybe that should be added to the tutorial.
<tobiasBora>
clever: so I should run teamviewerd as root, and teamviewer as user ?
<clever>
that might work
markus1189 has quit [(Ping timeout: 240 seconds)]
mithsv has quit [(Ping timeout: 240 seconds)]
<timclassic>
Has anyone here successfully booted NixOS as an lx-brand Zone in SmartOS?
jtojnar has joined #nixos
<tobiasBora>
clever: Great, it works perfectly, thank you very much!
<cbarrett>
matthewbauer: Interesting!
<cbarrett>
Ah too bad he left
mithsv has joined #nixos
srdqty1 has quit [(Ping timeout: 240 seconds)]
srdqty1 has joined #nixos
<tobiasBora>
Is it possible to configure the file content of a user, for example to specify the content of the .emacs of my users automatically ?
jsgrant has quit [(Remote host closed the connection)]
python476 has quit [(Ping timeout: 248 seconds)]
MP2E has quit [(Remote host closed the connection)]
erictapen has quit [(Ping timeout: 240 seconds)]
marzzzello has quit [(Quit: bb)]
MP2E has joined #nixos
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
ryantrinkle has quit [(Ping timeout: 248 seconds)]
hellrazor has joined #nixos
hellrazo1 has quit [(Ping timeout: 258 seconds)]
srdqty1 has quit [(Ping timeout: 248 seconds)]
srdqty1 has joined #nixos
kp__ has quit [(Quit: WeeChat 1.9.1)]
pxc has joined #nixos
bennofs has joined #nixos
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
mithsv has quit [(Client Quit)]
mithsv has joined #nixos
pxc has quit [(Quit: WeeChat 1.9.1)]
boomshroom has joined #nixos
<boomshroom>
Hello!
<boomshroom>
I'm trying out tensorflow and it was nice that it was in nixpkgs, but when going through the tutorial, I got 5 messages saying the it wasn't compiled with certain CPU features that are available. I remember someone saying that Nix goes out of its way to disable `-m native`. How can I use the package to take advantage of the vector features?
<boomshroom>
Specifically, it's complaining about SSE4.1, SSE4.2, AVX, AVX2, and FMA.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] SeanZicari opened pull request #31300: Remove .net from mirror URL. (master...xosview-patch) https://git.io/vFlev
NixOS_GitHub has left #nixos []
<boomshroom>
I'm concerned about this since ML is fairly intensive and any speedup would be nice.
jsgrant has joined #nixos
Supersonic112 has quit [(Disconnected by services)]
Supersonic112_ has joined #nixos
pxc has joined #nixos
Supersonic112_ is now known as Supersonic112
<pxc>
is anyone here using Fish with Nix on non-NixOS?
<pxc>
jsgrant: on Fedora, are you using Nixpkgs' Fish or Fedora's Fish?
<pxc>
and are you using nix-home or any other module system for declarative configuration with Nix on Fedora?
srdqty1 has quit [(Ping timeout: 248 seconds)]
<Shados>
Has anyone here made direct use of make-disk-image.nix to prep an image for a VM?
lambdamu_ has joined #nixos
leat has quit [(Ping timeout: 240 seconds)]
srdqty1 has joined #nixos
<boomshroom>
Is there a way to make Nix use the vector instructions of my CPU without sacrificing binary packages? If not, how can I set it to compile with vector instructions?
<jsgrant>
pxc, Fedora's repo.
<clever>
boomshroom: you would need to do something like mplayer does, with runtime cpu feature detection, and auto-selecting the right version of the function
leat has joined #nixos
<jsgrant>
Have Nix installed on Fedora; But have a dedicated dev/play-box with full NixOS where a VAST majority of fooling about takes place.
lambdamu has quit [(Ping timeout: 260 seconds)]
<pxc>
jsgrant: to get your Fish environment to set up Nix correctly on Fedora, did you use something like the foreign-env plugin for oh-my-fish, or do you use a POSIX shell as your login shell and then launch Fish from there?
lfish has quit [(Remote host closed the connection)]
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
<Unode>
hi all, is there any automatic service in nixos that removes files from /tmp ? I'm getting this annoying behavior that the socket/pipe file created by ssh-agent on /tmp is removed by some system script causing my user to fail to communicate with the agent
mithsv has quit [(Client Quit)]
<clever>
Unode: are they actually in /tmp/ ?
mithsv has joined #nixos
<Unode>
clever: yes
<Unode>
let me run another agent to see their names
<clever>
there is something systemd related that does that in /run/user, but not /tmp
<Unode>
might be due to still having some keychain related stuff around: SSH_AUTH_SOCK=/tmp/ssh-lzQ9AJ1utROE/agent.1378; export SSH_AUTH_SOCK
<jsgrant>
pxc: Tbh, don't recall; Followed the installer suggestions and set environment paths appropriately and everything seems to work.
<Unode>
but in any case, I'd like to know what job is cleaning this up. Clearly this is wrong and makes me think that there are other things being removed that shouldn't
<jsgrant>
You have to do something weird in fish to set persistent paths ... again don't remember -- sorry, really tired.
<Unode>
I'm familiar with tmpwatch but I don't seem to have that on my system
<Unode>
at least as a service or cron that I can identify
mbrgm has quit [(Ping timeout: 248 seconds)]
<clever>
Unode: i think you could use one of the audit tools to track the use of the unlink syscall, systemwide
mbrgm has joined #nixos
bennofs has quit [(Ping timeout: 240 seconds)]
theseriousadult has quit [(Ping timeout: 268 seconds)]
<Unode>
clever: yeah was thinking of something like that. Right now I have 2 things on the table. 1) a rogue script that removes more than it shouldn't. 2) I have /tmp as tmpfs and rebuilding nixos somehow triggers a cleanup.
ryantrinkle has joined #nixos
<adisbladis>
pxc: A few of my colleagues at work are using nix on osx with fish
<adisbladis>
pxc: Using foreign-env
<orivej>
Unode: IIRC rebuilding NixOS used to restart systemd service that cleans tmp (when the configuration contains `boot.cleanTmpDir = true;`), but this is fixed at least in the unstable channel
<Unode>
orivej: I'm on 17.09. Might be that...
<Unode>
although I don't have cleanTmpDir = true
<Unode>
unless that's the default...
<Unode>
But in any case, the reason I suspect some cron or triggered job is that not all files are removed.
<Unode>
these ssh-agent ones are but other stuff is kept so I wonder...
<pxc>
adisbladis: perfect! I'm hoping to get some of my own colleagues doing the same, and I want it to be as easy as possible.
<pxc>
adisbladis, jsgrant: I wrote this modification to the Nixpkgs Fish package so that if you use Fish from Nixpkgs, it will automagically Nixify the environment for you. It has been tested (just now) on macOS, non-NixOS Linux, and NixOS. Would you mind giving it a try and leaving feedback on the pull request?
jefflovejapan has quit [(Remote host closed the connection)]
<Ralith>
peruse package seems to be broken
<jsgrant>
pxc: Bookmarked, if I find free-time this week I'll take a look -- yeah.
<pxc>
jsgrant: cool! thanks
leothrix has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
MP2E has quit [(Remote host closed the connection)]
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
mithsv has quit [(Client Quit)]
mithsv has joined #nixos
leothrix has joined #nixos
aw has quit [(Quit: Quitting.)]
spacefrogg has quit [(Quit: Gone.)]
aw has joined #nixos
spacefrogg has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] adisbladis opened pull request #31302: emacsPackages.font-lock-plus: init at 20170222.1755 (master...emacsPackages.font-lock-plus) https://git.io/vFlUU
NixOS_GitHub has left #nixos []
<adisbladis>
pxc: Nice :) I'll try to have a look later.
mithsv has quit [(Quit: mithsv)]
fragamus has joined #nixos
<pxc>
please do :-)
<cbarrett>
pxc: looking forward to merging those updates into the nix-darwin module :-)
<cbarrett>
although maybe it’d be good to hack on fish support for the installer too
<pxc>
managing those configuration changes would probably be harder than just using the Nixpkgs from Fish, if it takes care of the environment automatically
<pxc>
but I can think of some ways that might be useful
proteus-guy has joined #nixos
Khetzal has quit [(Ping timeout: 248 seconds)]
<gfixler>
"Next pill ...we will finally write our first derivation."
<gfixler>
*excite*
srdqty1 has quit [(Quit: WeeChat 1.9.1)]
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
adisbladis has left #nixos ["ERC (IRC client for Emacs 25.2.1)"]
schoppenhauer has quit [(Ping timeout: 246 seconds)]
schoppenhauer has joined #nixos
pmn has quit [(Quit: I'm Mr. Meeseeks, look at me!)]
proteus-guy has quit [(Remote host closed the connection)]
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
jb55 has quit [(Ping timeout: 264 seconds)]
hexamod has joined #nixos
damke has joined #nixos
damke_ has joined #nixos
fragamus has joined #nixos
damke has quit [(Ping timeout: 240 seconds)]
ma27 has joined #nixos
ylwghst has joined #nixos
ylwghst has quit [(Remote host closed the connection)]
reinzelmann has joined #nixos
srdqty has joined #nixos
damke_ has quit [(Ping timeout: 240 seconds)]
damke has joined #nixos
damke has quit [(Ping timeout: 240 seconds)]
damke has joined #nixos
pxc has quit [(Remote host closed the connection)]
reinzelmann has quit [(Ping timeout: 258 seconds)]
justbeingglad has joined #nixos
justbeingglad has left #nixos []
reinzelmann has joined #nixos
akapav_ has joined #nixos
p4cman has joined #nixos
akapav has quit [(Ping timeout: 248 seconds)]
ericsagnes has quit [(Ping timeout: 248 seconds)]
infinisil has quit [(Ping timeout: 248 seconds)]
<boomshroom>
I'm currently trying to use tensorflow to make the worlds slowest brainfuck interpreter.
theseriousadult has joined #nixos
<theseriousadult>
Having weird issues with multi-monitor on i3
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej closed pull request #31161: networkmanager: add power saving and mac address randomization options for wifi devices (master...master) https://git.io/vFZE1
NixOS_GitHub has left #nixos []
infinisil has joined #nixos
Bane^ has quit [(Ping timeout: 260 seconds)]
<theseriousadult>
Whenever I set them to anything other than mirroring at the same resolution, the external monitor stops refreshing anything other than mouse position, and windows are stuck off-monitor
<aminechikhaoui>
theseriousadult: nix 1.12 has a show-derivation subcommand which shows the derivation in JSON
c0bw3b has joined #nixos
ylwghst has joined #nixos
periklis has quit [(Ping timeout: 240 seconds)]
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
goibhniu has joined #nixos
Li[m] has joined #nixos
<Li[m]>
nixcat
ixxie has joined #nixos
ipj[m] has joined #nixos
<ixxie>
So over the weekend I watched almost all the Nixcon talks (awesome stuff everyone!), and I am wondering if the other talks will be uploaded at some point
pie_ has joined #nixos
goibhniu has quit [(Remote host closed the connection)]
goibhniu has joined #nixos
<srhb>
globin: Regarding the gitlab tests (of which you have fixed some things locally?) there also seems to be a missing webserver. Afaik the current gitlab service definition doesn't open any tcp ports at all and instead relies on a proxy like nginx in front, forwarding to http://unix:/run/gitlab/gitlab-workhorse.socket or something like that.
<srhb>
globin: Do you also have that somewhere?
<srhb>
(I mean, a fixed test branch)
<globin>
srhb: probably not anymore, but if you want I can do that quickly
<srhb>
globin: I have a version with that as well, but it still times out after like 20 minutes in prestart.
<srhb>
I'm not sure what can really be done to fix it.
<globin>
srhb: yep I know
<srhb>
It sucks to have it untested though :/
<globin>
srhb: probably best would be write a container backend for our test runner %)
<srhb>
globin: That's an excellent suggestion, but way over my ability :-P
<globin>
srhb: I'm hoping to get to that at some point but sadly haven't had the time yet
<srhb>
globin: Okay, cool! :)
<globin>
srhb: but feel free to open a PR for the gitlab test stuff you've done, better have a timing out test than a broken one
<srhb>
globin: Will do. :)
asuryawa_ has joined #nixos
roberth has joined #nixos
asuryawanshi has quit [(Ping timeout: 240 seconds)]
asuryawa_ has quit [(Ping timeout: 246 seconds)]
Biappi has joined #nixos
<srhb>
globin: Just a thought, maybe mounting a ramdisk over the datadirs might help? How much can a test vm safely consume on hydra?
Li[m] has quit [(Remote host closed the connection)]
ipj[m] has quit [(Read error: Connection reset by peer)]
Itkovian has joined #nixos
Cheng has joined #nixos
silver_hook has quit [(Ping timeout: 260 seconds)]
python476 has joined #nixos
python47` has joined #nixos
ThatDocsLady has joined #nixos
kuznero has joined #nixos
<kuznero>
Hi All!
lunaris has joined #nixos
<srhb>
kuznero: o/
silver_hook has joined #nixos
silver_hook has quit [(Changing host)]
silver_hook has joined #nixos
<lunaris>
Hi all. N00b question -- how do I get nodejs-8.6.0 into an environment through my shell.nix file? If it matters, I'm on NixOS 17.09.
<globin>
srhb: might be worth a try, grep on memorySize in nixos/tests/ tells me most max at 2048
<srhb>
globin: I'll give it a go. Thank you :)
theseriousadult has quit [(Remote host closed the connection)]
qknight__ has joined #nixos
ipj[m] has joined #nixos
hellrazor has quit [(Ping timeout: 258 seconds)]
takle has joined #nixos
<adisbladis>
lunaris: Just put nodejs-8_x as your buildinputs like so: https://ptpb.pw/HOuT
<lunaris>
OK, will try that. Was putting 8.6.0 which is pretty dumb now I think about it.
<adisbladis>
lunaris: Current nixpkgs-unstable version of node 8 is 8.9.0. If you want 8.6.0 specifically you'll have to override the derivation.
<lunaris>
It's OK; I was only asking because that's the version in 17.09 I think.
bennofs has quit [(Ping timeout: 246 seconds)]
<lunaris>
Works great; thanks very much :)
<adisbladis>
You're welcome :)
bennofs has joined #nixos
davidak has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] kuznero opened pull request #31310: mono: init at 4.8 (master...pr/mono48) https://git.io/vFl8H
NixOS_GitHub has left #nixos []
python47` has quit [(Remote host closed the connection)]
python476 has quit [(Remote host closed the connection)]
civodul has quit [(Ping timeout: 255 seconds)]
python476 has joined #nixos
hellrazor has joined #nixos
Behnam has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] binarin opened pull request #31312: emacs-packages: Cleanup and document for overrides (master...emacs-package-set-overrides) https://git.io/vFl41
NixOS_GitHub has left #nixos []
mgttlinger has joined #nixos
unlmtd has joined #nixos
cornu[m] has joined #nixos
nixo[m] has joined #nixos
ArdaXi[m] has joined #nixos
nkpart[m] has joined #nixos
sirius[m] has joined #nixos
abbafei[m] has joined #nixos
Phyra[m] has joined #nixos
AlanPearce[m] has joined #nixos
MawKKe[m] has joined #nixos
jyp[m] has joined #nixos
primeos[m] has joined #nixos
mankyKitty[m] has joined #nixos
indefini has joined #nixos
moredhel1 has joined #nixos
berot3[m] has joined #nixos
WilliamHamilton has joined #nixos
spacekitteh[m] has joined #nixos
regnat[m] has joined #nixos
bachp has joined #nixos
peterhoeg has joined #nixos
efx[m] has joined #nixos
aspiwack[m] has joined #nixos
NickHu has joined #nixos
davidar has joined #nixos
hendrik[m] has joined #nixos
timclassic has joined #nixos
Nobabs27[m] has joined #nixos
TimePath has joined #nixos
nh2[m] has joined #nixos
baconicsynergy[m has joined #nixos
mith[m] has joined #nixos
zoya-kosova[m] has joined #nixos
M-liberdiko has joined #nixos
wak-work has joined #nixos
Kallegro[m] has joined #nixos
bdimcheff has joined #nixos
peel[m] has joined #nixos
rycee has joined #nixos
moredread[m] has joined #nixos
sudoreboot[m] has joined #nixos
teh[m] has joined #nixos
octalsrc[m] has joined #nixos
matrixkrav has joined #nixos
Exee7uvo[m] has joined #nixos
olejorgenb[m] has joined #nixos
Elephant454[m] has joined #nixos
itorres has joined #nixos
Li[m] has joined #nixos
copumpkin has joined #nixos
trikl[m] has joined #nixos
Deleh[m] has joined #nixos
Geeky[m] has joined #nixos
apocolocyntos[m] has joined #nixos
myklam[m] has joined #nixos
reactormonk[m] has joined #nixos
herzmeister[m] has joined #nixos
Johnny44[m] has joined #nixos
kevincox has joined #nixos
AndersonTorres[m has joined #nixos
tokudan[m] has joined #nixos
FRidh[m] has joined #nixos
a123123123[m] has joined #nixos
magnap has joined #nixos
dpc has joined #nixos
viaken[m] has joined #nixos
lecorpsnoir[m] has joined #nixos
edef[m] has joined #nixos
necronian has joined #nixos
randomenduser[m] has joined #nixos
thematter[m] has joined #nixos
sargon[m] has joined #nixos
florianjacob has joined #nixos
hl has joined #nixos
Wysteriary[m] has joined #nixos
benkolera has joined #nixos
nocent has joined #nixos
spawnthink[m] has joined #nixos
the_m4ur1[m] has joined #nixos
aminech[m] has joined #nixos
wmertens[m] has joined #nixos
revoltmedia[m] has joined #nixos
freeman42x has joined #nixos
offlinehacker[m] has joined #nixos
qrilka[m] has joined #nixos
fearlessKim[m] has joined #nixos
Obscurity[m] has joined #nixos
dtz has joined #nixos
bhipple[m] has joined #nixos
bennofs[m] has joined #nixos
pstn has joined #nixos
aniketd[m] has joined #nixos
grahamc has joined #nixos
yochai[m] has joined #nixos
WinterFox[m] has joined #nixos
krawiec[m] has joined #nixos
codyopel has joined #nixos
Phil[m]1 has joined #nixos
jsv[m] has joined #nixos
dkellner[m] has joined #nixos
kitten[m] has joined #nixos
puffnfresh has joined #nixos
JameySharp[m] has joined #nixos
pvn[m] has joined #nixos
Dezgeg[m] has joined #nixos
adisbladis[m] has joined #nixos
Yaniel has joined #nixos
Sovereign_Bleak has joined #nixos
AdamSlack[m] has joined #nixos
sk23[m] has joined #nixos
onito[m] has joined #nixos
equalunique[m] has joined #nixos
mpuppe[m] has joined #nixos
pierrebeaucamp[m has joined #nixos
Pneumaticat has joined #nixos
seif[m] has joined #nixos
Oo[m] has joined #nixos
admin[m]1 has joined #nixos
trevorriles[m] has joined #nixos
dash1 has joined #nixos
paperdigits[m] has joined #nixos
voobscout[m] has joined #nixos
fgaz[m] has joined #nixos
bendlas has joined #nixos
ison[m] has joined #nixos
zigschots20[m] has joined #nixos
Drakonis[m] has joined #nixos
malteof[m] has joined #nixos
stites[m] has joined #nixos
taohansen has joined #nixos
chominist[m] has joined #nixos
jluttine[m] has joined #nixos
DIzFer[m] has joined #nixos
musicmatze[m] has joined #nixos
sphalerite has joined #nixos
scott1 has joined #nixos
mtncoder[m] has joined #nixos
noctuid has joined #nixos
Leo[m]2 has joined #nixos
thomad[m] has joined #nixos
mrdaak[m] has joined #nixos
M-berdario has joined #nixos
tommyangelo[m] has joined #nixos
dibblego[m] has joined #nixos
Ralith has joined #nixos
ycy[m] has joined #nixos
wizzup[m] has joined #nixos
Barnabas[m] has joined #nixos
hedning[m] has joined #nixos
EuAndreh[m] has joined #nixos
jack[m]1 has joined #nixos
StuK[m] has joined #nixos
demyan[m] has joined #nixos
rnhmjoj[m] has joined #nixos
dylanjust[m] has joined #nixos
kainospur[m] has joined #nixos
dalaing has joined #nixos
r3mfKm[m] has joined #nixos
M-fishy has joined #nixos
Khorne[m] has joined #nixos
xurxo[m] has joined #nixos
icetan has joined #nixos
etcinit[m] has joined #nixos
EB[m] has joined #nixos
akavel[m] has joined #nixos
gudea[m] has joined #nixos
guest521[m] has joined #nixos
corngood has joined #nixos
eqyiel[m] has joined #nixos
ninegua[m] has joined #nixos
sziszi[m] has joined #nixos
mhsjlw[m] has joined #nixos
maralorn[m] has joined #nixos
tobim[m] has joined #nixos
AllanDaemon[m] has joined #nixos
AsherGottlieb[m] has joined #nixos
retrry[m] has joined #nixos
jlle[m] has joined #nixos
AmineChikhaoui[m has joined #nixos
Singularity[m] has joined #nixos
Vincenzo[m] has joined #nixos
smbarte2[m] has joined #nixos
Manish[m] has joined #nixos
danielrf has joined #nixos
Itkovian has quit [(Read error: Connection reset by peer)]
davidak has quit [(Quit: Leaving.)]
snikkers has joined #nixos
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
ssmike has joined #nixos
<gfixler>
so just to double-check, because I'm starting to feel like playing on my main machine instead of my old laptop
<tobiasBora>
Hello,
<gfixler>
installing nix through the curl | sh route doesn't change my system, right?
nh2 has joined #nixos
<srhb>
gfixler: Change in what way?
<gfixler>
it just makes /nix and adds some .nix* stuff to my home directory
<srhb>
Yeah.
<gfixler>
so it's completely reversible
asuryawanshi has joined #nixos
<gfixler>
and it may add to my $PATH
<gfixler>
anything else Nix does?
<srhb>
I don't recall if some profile loading stuff is added to shell profiles and such
asuryawanshi has quit [(Remote host closed the connection)]
<srhb>
But other than that, yes, completely reversible.
<tobiasBora>
Just a question (I will try not to be too long this morning): how could I ask to NixOs to ensure that a file is created in /home/<user>, and if it's not, then create it with a given content ?
<gfixler>
srhb: would those additions be in my ~ dotfiles?
asuryawanshi has joined #nixos
<srhb>
gfixler: Like I said I'm unsure if that happens at all. I don't know where either.
<gfixler>
srhb: I could just grab all their sha1sums and diff afterward
<gfixler>
that would tell me which files to check for changes
<srhb>
Yeah.
<gfixler>
I have a .dotfiles repo and many links, but not everything
<gfixler>
tobiasBora: could you use `builtins.pathExists path` to see if the file exists?
<gfixler>
tobiasBora: you could also use `builtins.readFile path` to read in the file
<gfixler>
tobiasBora: and you can use `builtins.toFile name s` to write a string s to a file
<gfixler>
tobiasBora: according to the manual, you can do multiline strings between double quotes, which helps with writing file contents
ssmike has quit [(Remote host closed the connection)]
<tobiasBora>
ixxie: home-manager is supposed to provide a way for a user to get advantages of .nix files right ? But in my case, I would like to allow root to change a user file, so I guess it's useless no?
Behnam has quit [(Remote host closed the connection)]
ylwghst has quit [(Ping timeout: 264 seconds)]
<ixxie>
tobiasBora: oh you want it to exist for all users
<tobiasBora>
ixxie: something like that yes. So for now, I guess I'll write a function that create the file for one user, and then map this function to all users...
<tobiasBora>
gfixler: I've been using nixOs for 8 hours now ;-) And I did not know nix-pill, really nice!
<tobiasBora>
ixxie: woow, that's great!
<tobiasBora>
thank you!
Mateon1 has quit [(Ping timeout: 240 seconds)]
Mateon1 has joined #nixos
<tobiasBora>
ixxie: and I also find the page https://nixos.org/nixos/options.htm really helpful. Do you know if there is a command line equivalent?
<kuznero>
oh, I would also like to know if there is command line version...
ylwghst has joined #nixos
<gfixler>
tobiasBora: I've had the pill blog posts in my todo pile for probably a year or two, but only just started reading them
<gfixler>
tobiasBora: and then was told (in here) that they moved to the official site and are maintained in a git repo
<c0bw3b>
gfixler tobiasBora : you have nixos-option CLI command
<c0bw3b>
but mostly for querying an option value
<tobiasBora>
ixxie: by the wayn the skeldirectory only works during the creation of the user, of if I modify the skeldirectory I will also modify the user folder?
<lars_>
Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key). To disable the account, administrators should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).
<lars_>
from man passwd
<lars_>
for the -l
HTTP_____GK1wmSU has joined #nixos
HTTP_____GK1wmSU has left #nixos []
<srhb>
I really can't figure out why that gitlab test never works. I'm pretty sure it's not just a question of the timeout... I can't see where the IO is occurring though, and even with tmpfs mounted liberally everywhere, all that happens is that sidekiq and bundle uses almost no (but sys) cpu forever.
<sphalerite>
lars_: yeah but I think that's what you need
<sphalerite>
You should still be able to auth as root using sudo for instance
<sphalerite>
I'm not certain of it thougb
<lars_>
my google-fu tentatively indicates that you are right
seanparsons has quit [(Ping timeout: 246 seconds)]
<lars_>
sphalerite: thanks for your help
lars_ has quit [(Quit: Page closed)]
seanparsons has joined #nixos
patrl has joined #nixos
<lunaris>
OK, nodePackages is there, I'm an idiot, but I don't know why pulp isn't in it -- seems like I'm getting v4 stuff and not v6. Anyone got any tips?
<chrisburr>
Hey, when the hash of dependencies is computed for the store path in Nix, does it ever depend on the output a build? Or does it only depend on the nix expressions of the dependencies?
<joko>
chrisburr: I'd say it's the latter
<edef>
chrisburr: the latter
<joko>
This is why binary caches would work and download a closure
<joko>
your system downloads a closure before trying to build it *
<globin>
chrisburr: it does only depend on all inputs (builder, dependencies, src)
woffs has quit [(Quit: Gateway shutdown)]
seanparsons has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 2 new commits to master: https://git.io/vFlMa
<NixOS_GitHub>
nixpkgs/master 00fe372 Alex Feldman-Crough: gitea: 1.2.1 -> 1.2.3
<NixOS_GitHub>
nixpkgs/master 2767a0e Tim Steinbach: Merge pull request #31288 from afldcr/master...
NixOS_GitHub has left #nixos []
<chrisburr>
Thank you everyone!
pmeunier has quit [(Quit: leaving)]
pmeunier has joined #nixos
woffs has joined #nixos
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] srhb opened pull request #31317: nixos/tests/gitlab.nix: Unbreak config, still times out (master...almost-fix-gitlab-test) https://git.io/vFlD2
NixOS_GitHub has left #nixos []
typeggzero has joined #nixos
ma27 has quit [(Ping timeout: 240 seconds)]
roberth has joined #nixos
<joko>
Hmmm, I've tried setting "export VAR" in postBuild, but it didn't work
ylwghst has quit [(Ping timeout: 240 seconds)]
Itkovian has joined #nixos
Cheng has joined #nixos
Cheng has quit [(Remote host closed the connection)]
Isorkin has joined #nixos
catch22 has quit [(Ping timeout: 255 seconds)]
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
freusque has quit [(Read error: No route to host)]
<tobiasBora>
I've a question: I saw that Nix containers does not really sandbox everything, and if a user can get an access to the root account, then he can corrupt the host system... Then, why would I want to use Nix containers, if it's not for security? Can I do interesting stuff like migration on the fly to another Nix machine?
Itkovian has joined #nixos
catch22 has joined #nixos
lebel has joined #nixos
<sphalerite>
tobiasBora: the main use I know of is running multiple instances of the same (usually singleton) service on one machine without virtualisation
ylwghst has joined #nixos
catch22 has quit [(Remote host closed the connection)]
Itkovian has quit [(Client Quit)]
<tobiasBora>
sphalerite: ok thank you. If I want to really sandbox a system, the best solution is to use "Deploying to Libvirtd (Qemu)" ?
<sphalerite>
It always depends on how strong the separation you need is
<c0bw3b>
tobiasBora: a system or just an app?
<sphalerite>
full-system virtualisation like qemu certainly isolates it a lot more strongly than a nixos container
<sphalerite>
something like docker is probably in between, but ew docker
hellrazor has quit [(Ping timeout: 240 seconds)]
<sphalerite>
But even full-system virt has bugs sometimes. Maybe you need to run it on separate hardware machines in fact ;)
<c0bw3b>
look at LXC or rkt if you want to stay away from the docker hype :p
<tobiasBora>
c0bw3b: I'd say I'm interesting in both applications. App is a more frequent use, but I'd like to deploy a machine for educational purpose, where the users have root access, so that they can try to play with linux.
<c0bw3b>
if you need a more lightweight form of isolation for a single app you should take a look at nsjail and/or firejail
adulteratedjedi has quit [(Read error: Connection reset by peer)]
MerelyAPseudonym has quit [(Read error: Connection reset by peer)]
sjanssen has quit [(Read error: Connection reset by peer)]
ericbmerritt_ has quit [(Read error: Connection reset by peer)]
scott has quit [(Read error: Connection reset by peer)]
philipcristiano has quit [(Read error: Connection reset by peer)]
stasku has quit [(Read error: Connection reset by peer)]
gaqzi has quit [(Read error: Connection reset by peer)]
oscarduignan has quit [(Read error: Connection reset by peer)]
pchiusano has quit [(Read error: Connection reset by peer)]
akl has quit [(Read error: Connection reset by peer)]
jml has quit [(Read error: Connection reset by peer)]
mgdelacroix has quit [(Read error: Connection reset by peer)]
codedmart has quit [(Read error: Connection reset by peer)]
scott has joined #nixos
gaqzi has joined #nixos
MerelyAPseudonym has joined #nixos
gridaphobe has joined #nixos
akl has joined #nixos
<tobiasBora>
sphalerite: the bugs about virt comes from qemu, not nixos right
mgdelacroix has joined #nixos
yrashk has joined #nixos
philipcristiano has joined #nixos
pchiusano has joined #nixos
stasku has joined #nixos
oscarduignan has joined #nixos
sjanssen has joined #nixos
mbrock has joined #nixos
jml has joined #nixos
adulteratedjedi has joined #nixos
ericbmerritt_ has joined #nixos
MerelyAPseudonym is now known as Guest37084
codedmart has joined #nixos
ocharles has joined #nixos
<sphalerite>
yeah
<sphalerite>
I can't recommend firejail based on my experience with it and what I've seen of the code
<srhb>
tobiasBora: Do you mean "is it impossible for NixOS to mess up virtd setup such that isolation is broken despire qemu working perfectly?" ?
<srhb>
despite*
<tobiasBora>
sphalerite: ok thanks.
orivej has joined #nixos
<tobiasBora>
And LXC/RKT/Docker are not supported by NixOps? Any reason for that?
<Mic92>
tobiasBora: how would this support would like?
<sphalerite>
nobody's bothered implementing it would be the main reason I'm guessing
yastero has joined #nixos
<Mic92>
You probably deploy to lxc, if lxc runs a sshd
<Mic92>
But nixos containers is probably easier, so there is no real advantage.
<tobiasBora>
Mic92: Well, something like "please run a new NixOs instance, in a Lxc container, with the following configuration"
<Dezgeg>
I recall someone saying they deploy to LXC with nixops via libvirt
<tobiasBora>
Mic92: The problem with nixos containers is that it does not isolate the system from the host
Itkovian has joined #nixos
<Mic92>
there is dockerTools and nix2aci for docker/rkt
<sphalerite>
Mic92: neither of those support nixos configuration though do they
<sphalerite>
?
<Mic92>
sphalerite: no, that is out-of-scope how you would use docker or rkt
pie_ has quit [(Remote host closed the connection)]
pie_ has joined #nixos
<Mic92>
you also would run a new version of the container rather then updating the existing one.
<sphalerite>
yeah, just that AFAIU what tobiasBora wants is nixos configuration support
ssmike1 has joined #nixos
<Mic92>
then docker/rkt is not the right tools for the job
<Mic92>
imperative nixos containers provide seperation
Itkovian has quit [(Client Quit)]
<tobiasBora>
Mic92: really?
<sphalerite>
tobiasBora: the isolation warning in the manual still applies
ssmike has quit [(Ping timeout: 264 seconds)]
ssmike1 is now known as ssmike
<sphalerite>
What weaknesses, concretely, are there actually in nixos container isolation?
<tobiasBora>
sphalerite: I think it's indeed the good question ^^
<Mic92>
tobiasBora: ok, just checked, it also shared the nix store
civodul has joined #nixos
<tobiasBora>
Mic92: so if I've a root access on the container, I can corrupt the nix store by replacing "bash" with "bash_troyan_version"
<sphalerite>
I don't think that should be possible since the nix store is mounted read-only, and within the container even root shouldn't have the capability for mounting stuff?
<Mic92>
sphalerite: I think you can remount it
<Mic92>
otherwise updateting would not work.
<sphalerite>
can containers be updated from within?
Itkovian has joined #nixos
Tucky has joined #nixos
<Mic92>
tobiasBora: you cannot run nixos in a unpriviledged mode at the moment, because setuid/setcap does not work there.
<ixxie>
why are NixOS containers not LXC containers?
<Mic92>
also systemd is hard to convience to run with only a few capability
<ixxie>
is it because LXC assumes LSB?
<Mic92>
nixos containers are based on systemd-nspawn
<Mic92>
lxc does not assume anything
<Mic92>
lxcfs is the easiest way to run systemd with a reduced set of capabilities, but you still break setuid/setcap
<sphalerite>
lxc is just a different frontend for the same thing as systemd-nspawn
<Mic92>
nspawn also integrates journald of the containers nicely as well as socket activation
<niksnut>
systemd-nspawn has a --private-users flag nowadays, but NixOS containers don't use it
<Mic92>
if you don't trust your containers it is still better to run VMs
<tobiasBora>
Mic92: you mean than even lxc is not safe if a user has root access in the hosted system?
<Mic92>
tobiasBora: what is your threat-model?
asuryawanshi has joined #nixos
ertes-w is now known as supercynic
<tobiasBora>
Mic92: My attacker has root access on the hosted system, what can he do on the host system
<tobiasBora>
for example can he modify programs? Change file configuration?
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<sphalerite>
"First things first, to make this clear: Linux containers are not a security technology right now. There are more holes in the model than in a swiss cheese. "
<sphalerite>
nothing, that command is the right thing to use AFAIU
<vaibhavsagar>
the long one or just nix-build?
<sphalerite>
the long one
<vaibhavsagar>
why can't I use the short one?
<sphalerite>
or you can write that into an expression file if you prefer a shorter command :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] globin closed pull request #31317: nixos/tests/gitlab.nix: Unbreak config, still times out (master...almost-fix-gitlab-test) https://git.io/vFlD2
NixOS_GitHub has left #nixos []
<Mic92>
tobiasBora: CAP_DAC_OVERRIDE -> ignore filesystem permission, CAP_CHOWN/CAP_FOWNER -> change any permission of any file in its root filesystem, everything that CAP_SYS_ADMIN allow
<Mic92>
systemd-nspawn -> --capabilities for a full list
<Mic92>
man systemd-nspawn
stph__ has joined #nixos
<pbogdan>
vaibhavsagar: cabal2nix --shell should give you an expression usable with nix-shell / nix-build
<stph__>
hi !
<tobiasBora>
sphalerite: Mic92: So to sum up, the security of Lxc and NixOs container is more or less the same, and the security is not perfect, so if I want "real" (or better) security I need to rely on qemu-kvm. Right?
<sphalerite>
I think lxc has some seccomp stuff as well? Not sure
<sphalerite>
But yes
<sphalerite>
If you want "real" security, don't run an application ;)
<Mic92>
tobiasBora: yes. I would make an exception, if the untrusted part in the container is not running as root
<stph__>
I'm newb. I want to try to switch to nixos. I'm gonna try my first install this afternoon. Do you think 20 GB is sufficient ? Is it more space consuming than usual distro like ubuntu or debian ?
<vaibhavsagar>
pbogdan: my question was more about why this is the default
<niksnut>
tobiasBora: no, because NixOS containers don't use user namespaces. I assume lxc does.
<vaibhavsagar>
and if cabal2nix --shell is the best practice, why isn't that the default?
sa1 has joined #nixos
<viaken>
stph__: It can be more space consuming, but there are ways to mitigate that.
<vaibhavsagar>
why do haskell derivations have a .env for nix-shell unlike everything else?
<srhb>
vaibhavsagar: The output of cabal2nix without --shell is suitable for inclusion with the haskell callPackage function
<srhb>
vaibhavsagar: It's easy to argue that either one should be the default, though..
<vaibhavsagar>
srhb: isn't this true of cabal2nix --shell as well though?
<vaibhavsagar>
currently there is a haskellPackages.callCabal2nix
<vaibhavsagar>
which doesn't have the option of passing in `--shell`, so this is doubly frustrating
<Mic92>
niksnut: you also have to enable it explicit in lxc
<vaibhavsagar>
I want to write a blog post that goes "Hey, use Haskell with Nix! It's easy, here's how!"
<tobiasBora>
sphalerite: Mic92 : By the way, I'm quite unfamiliar with all these kernel modules CAP_..., and the security behind this, but I'd be very curious to dig into it, do you have good references to start? A first exercice for me would be for example to get root access on the host system when I've root access on the hosted NixOs container.
<vaibhavsagar>
but I can't, because it's the opposite of easy
<adisbladis>
stph__:
<vaibhavsagar>
first you must learn how to use cabal
<vaibhavsagar>
then you must learn how to use cabal2nix
<adisbladis>
stph__: Currently my KDE desktop with a bunch of applications is consuming 10.8G of space
<vaibhavsagar>
then you must learn that the package set is based on the current Stackage LTS
<adisbladis>
But I just GCed yesterday, it's usually quite a bit more
<stph__>
@adisbladis thanks, good estimate for me
<sphalerite>
tobiasBora: for CAP_* (capabilities) see man capabilities
<vaibhavsagar>
then you must learn about all-cabal-hashes, which is still (as of this writing) woefully out of date in the current release
<manveru>
anyone got a package for the new mysql 8?
<Mic92>
tobiasBora: there is probably no complete documentation, especially what CAP_SYS_ADMIN covers, the man page is the best documentation at the moment.
<srhb>
vaibhavsagar: I don't understand why anything beyond cabal2nix --shell is news to anyone.
<srhb>
vaibhavsagar: But sure, suggestions for improvements are welcome :)
<manveru>
trying to build one based on the 5.7.x.nix but i get strange C++ mojo :(
<sphalerite>
stph__: meanwhile my system is using up just short of 90GB. It depends very much on how you manage it
<vaibhavsagar>
srhb: is there a fundamental reason why Haskell derivations have a special .env?
<srhb>
vaibhavsagar: I don't think it's special? Isn't it just the normal env attribute for nix-shell ?
<sphalerite>
stph__: main factor in this is that old versions of stuff aren't clobbered by upgrades, so they stick around until you delete them
<vaibhavsagar>
I don't think other languages have this
<vaibhavsagar>
e.g. if I nix-shell a C package derivation it automatically does the right thing
<srhb>
vaibhavsagar: Yes they do.
<sphalerite>
vaibhavsagar: as does nix-shell -p haskellPackages.foo
<vaibhavsagar>
nix-shell -p is a whole other thing
<sphalerite>
or nix-shell '<nixpkgs>' -A haskellPackages.foo
<stph__>
sphalerite: this afternoon I just try to have something more or less running, even if incomplete. I'll see about deleting packages and upgrades afterwards.
<sphalerite>
stph__: actually that was pretty wrong haha, most of that is a disk image I made a while back. My actual system is ~30GB, with lots of old versions and stuff hanging about
<srhb>
vaibhavsagar: Oh, you were talking about -p, not about .env
<sphalerite>
c0bw3b: it's genuinely a good reference/introduction! :)
<vaibhavsagar>
srhb: runCommand doesn't need the .env
<vaibhavsagar>
my suggestions are: nix-build should work with cabal2nix-generated derivations, we shouldn't explicitly need .env for nix-shell to do the right thing, and cabal2nix --shell should be the default
<srhb>
OK. :)
<vaibhavsagar>
in fact, if we did the third thing, it would work around my first two concerns
ilyaigpetrov has joined #nixos
<ilyaigpetrov>
So you may install nix package manager above some ubuntu and live with it happily, right?
proteus-guy has joined #nixos
<srhb>
ilyaigpetrov: Yes.
<vaibhavsagar>
it's silly that I need to do cabal2nix --shell in order for nix-build to work correctly
<srhb>
Well, depends on your standards. I don't live happily with Ubuntu :-)
<ilyaigpetrov>
what's the benefit of installing nixOS then?
<srhb>
ilyaigpetrov: You get a declarative system with NixOS.
<srhb>
ilyaigpetrov: You don't with Nix.
ma27 has joined #nixos
<vaibhavsagar>
ilyaigpetrov: things like your systemd services and all installed packages
<ilyaigpetrov>
srhb: so you don't have to mess with config files in nix language if you are not on nixOS?
<vaibhavsagar>
ilyaigpetrov: you still do
<srhb>
ilyaigpetrov: Depends how you use it.
<vaibhavsagar>
maybe a little less
<srhb>
ilyaigpetrov: But your system will not be protected by all the NixOS goodies for sure.
<ilyaigpetrov>
srhb: what are these goodies?
<vaibhavsagar>
rollbacks
<srhb>
ilyaigpetrov: Rollbacks, declarative system management :)
<vaibhavsagar>
guaranteed uninstalls
<sphalerite>
ilyaigpetrov: the biggest one for me is if I break my system config I can roll it back without having to restore from a backup — it's almost instant and can even be done at boot time
<vaibhavsagar>
super easy configuration
<vaibhavsagar>
if you want to set up an SSH server it's a few lines in a text file
<srhb>
vaibhavsagar: One! :-)
<sphalerite>
ilyaigpetrov: that and being able to copy the configuration between machines. Setting up my new laptop when I got it a couple months ago took me about an hour to get everything the way I liked it
<vaibhavsagar>
srhb: + public keys :)
<srhb>
Ah, yes...
<adisbladis>
sphalerite: An hour? That long? ;)
<vaibhavsagar>
including copying binaries over I'd say that's pretty good
ssmike has quit [(Ping timeout: 264 seconds)]
<vaibhavsagar>
being able to effortlessly replicate your entire setup is a game changer
<sphalerite>
adisbladis: yeah, a lot of that was setting up the partitioning, because it was my first foray into zfs, and hardware-specific stuff
<sphalerite>
but yeah you'd never manage that with an equally intricate ubuntu setup
<sphalerite>
unless you just move the hard drive, which is cheating :p
<adisbladis>
sphalerite: I guessed so :) An hour is not unreasonable
slyfox has quit [(Ping timeout: 240 seconds)]
<ilyaigpetrov>
do somebody of you use LUKS/encrypted partitions ? Never could configure it on any linux distro.
<vaibhavsagar>
I'm running ubuntu on this laptop but every other machine I have SSH access to runs NixOS
<sphalerite>
ilyaigpetrov: yeah I have zfs on luks
<sphalerite>
ilyaigpetrov: luks with nixos is easy
slyfox has joined #nixos
<vaibhavsagar>
yeah, I use it on my two NixOS laptops
<adisbladis>
ilyaigpetrov: Native zfs encryption here :>
<manveru>
looks like `boot.initrd.luks.devices = [ { name = "encroot"; device = "/dev/sdb3"; preLVM = true; } ];`
ssmike has joined #nixos
<adisbladis>
Luks on some other systems
<sphalerite>
Well, the configuring it to boot from it part is. Actually setting up the partitioning is basically the same as with other distros that don't have graphical tools for setting it up
<sphalerite>
so nixos will be easier if your problem was crypttab (I certainly had problems with it back in the debian days), no different if it was cryptsetup
<etu>
ilyaigpetrov: Got luks+lvm+ext4 on 3 systems
<ilyaigpetrov>
sphalerite: so nixos have no installer and you install it without installer?
<tobiasBora>
sphalerite: Mic92 : ok thank you! Just, I've no idea, gaining root access in the host system from a NixOs container logged as root is easy (one command), medium (a few commands & mounts), complicated, or not possible?
<sphalerite>
ilyaigpetrov: it has an installer, but it certainly doesn't do much hand-holding
<adisbladis>
ilyaigpetrov: Well it has an "installer"
<adisbladis>
Which is the command "nixos-install"
<adisbladis>
And a config generator
<adisbladis>
But not what most other distros call an installer. Not a fancy gui hand holding you through partitioning and user setup
Itkovian has joined #nixos
<ilyaigpetrov>
so like arch and gentoo, RTFM
<adisbladis>
ilyaigpetrov: Yes, I'd say more like the arch experience
ma27 has quit [(Ping timeout: 248 seconds)]
<sphalerite>
Yep
orivej has quit [(Ping timeout: 240 seconds)]
<ilyaigpetrov>
I guess in nix/hydra they don't test apps, but just build them
<vaibhavsagar>
ilyaigpetrov: nix tests packages during the build process
<rmrfroot-work>
downloaded a fresh NixOS 17.09 install from nixos.org this morning, does that mean "wpa_supplicant: patch for KRACKAttack" is included?
<tobiasBora>
Mic92: ok nice, let me know if at some point this is integrated in NixOs ;)
<adisbladis>
rmrfroot-work: It's been patched for ~3 weeks.
davidak has joined #nixos
<rmrfroot-work>
adisbladis: yes, but does the ISOs on nixos.org get rebuilt everytime the release-17.09 branch has new changes?
Neo-- has joined #nixos
<Mic92>
tobiasBora: I will not integrate it into nixos-container, because I broke without a lot of old stuff when which was added systemd-nspawn had less features. At some point I will move this to an overlay. Maybe some features can be backported to nixos-containers.
<ilyaigpetrov>
I have a nixOS issue with booting in uefi mode. So I compile a nixos iso with rsyslog configured to write logs to FS. The problem is that mini-iso has no writable FS. vcunat offers using boot.specialFilesystems -- can you guide me, first step -- where can I find it?
<adisbladis>
rmrfroot-work: I think so. The current one is at sha 1a8a95e879 which 1 day old according to https://howoldis.herokuapp.com/
<rmrfroot-work>
adisbladis: ok, thanks :)
ixxie has joined #nixos
asuryawanshi has joined #nixos
orivej has joined #nixos
rmrfroot-work has quit [(Remote host closed the connection)]
<tobiasBora>
Mic92: too bad... (it's funny to see how I've no idea on how to gain root access ^^)
asuryawanshi has quit [(Ping timeout: 250 seconds)]
FRidh has quit [(Remote host closed the connection)]
reinzelmann has quit [(Quit: Leaving)]
<vincent_vdk>
is it possible to install a specific package from unstable?
python476 has joined #nixos
<Orbstheorem>
Hi, I've heard about mbsync, I'd like to give it a try, but I don't think it's packaged, can anyone point me on what should I do in order to try it?
<woffs>
Orbstheorem: use offlineimap ;)
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
FRidh has joined #nixos
<disasm>
Orbstheorem: install isync
<Orbstheorem>
x)
<pie_>
alias apt-get to nix-env
<manveru>
vincent_vdk: sure
<disasm>
pie_: that's a horrible idea... the flags are too different :)
<pie_>
pff im totally not trollin
<pie_>
actually i wonder what it would take to import debian packages heh
<manveru>
pie_: take a look at steam... it basically builds a whole debian on nix :P
<pie_>
xD
<adisbladis>
disasm: But you don't have to use -f anymore anyway ;)
<manveru>
oh well, that wiki entry is way more elegant
<manveru>
i should use that ^^;
<manveru>
it's also wrong
asuryawanshi has joined #nixos
<manveru>
should be <unstable> instead of <nixos-unstable>
asuryawanshi has quit [(Remote host closed the connection)]
<vincent_vdk>
woffs: manveru thx
asuryawanshi has joined #nixos
Isorkin has quit [(Quit: Miranda IM! Smaller, Faster, Easier. http://miranda-im.org)]
<manveru>
it also ignores my nixpkgs.config ... :|
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
Itkovian has joined #nixos
<woffs>
it's only a snippet
<manveru>
true, but it shouldn't be misleading :)
<manveru>
it says `sudo nix-channel --add https://nixos.org/channels/nixos-unstable unstable` and then proceeds with `unstable = import <nixos-unstable> {};`, those names won't match
<manveru>
either name the channel nixos-unstable, or import <unstable>
cement has joined #nixos
Deleh[m] has quit [(Ping timeout: 264 seconds)]
bennofs[m] has quit [(Ping timeout: 264 seconds)]
dtz has quit [(Ping timeout: 264 seconds)]
sirius[m] has quit [(Ping timeout: 264 seconds)]
<manveru>
i fixed the page, feeling better now :D
roberth has quit [(Ping timeout: 240 seconds)]
bennofs[m] has joined #nixos
Deleh[m] has joined #nixos
srdqty has joined #nixos
sirius[m] has joined #nixos
dtz has joined #nixos
srdqty has quit [(Client Quit)]
x1n4u has joined #nixos
bennofs has quit [(Ping timeout: 248 seconds)]
<iamrecursion>
I'm pretty darn new to NixOS, having just built my first configuration. I'm pretty confused as to how I can find out what configuration options are available for a given package - does anyone have any tips?
<manveru>
should be part of the guest extensions...
<iamrecursion>
I'm still quite at a loss as how to find packages
<manveru>
did you enable the exts?
<iamrecursion>
Don't even have them installed yet
<manveru>
you should have it after a nixos-rebuild switch
<iamrecursion>
It looks like it's `open-vm-tools`
<fearlessKim[m]>
src = fetchgitLocal /home/teto/tegaki; triggers a "cd: /home/teto/tegaki: Permission denied" . Is that not how to use fetchgitLocal ?
<stph__>
i have done `sudo dd if=nixos...iso of=/dev/sdb` like recommended on the nixos install manual, but there doesnt seem to have any file after copying on the usb key I was planning to use. Any idea what I may have done wrong ?
dash2 is now known as dash
c0bw3b has joined #nixos
<goibhniu>
stph__: odd ... do you have a filesystem on sdb1 after using dd?
roberth has joined #nixos
<goibhniu>
you can test that it boots with qemu: e.g. `qemu-kvm /dev/sdb`
<iamrecursion>
manveru so I can get the shared folders working but they don't persist across reboots
<stph__>
I start to blush, maybe I have not mounted the usb drive
<manveru>
iamrecursion: yeah, for that you need the systemd service
<stph__>
I'm gonna retry
<iamrecursion>
So what's the nix way to create a systemd service? That's my point of confusion
<goibhniu>
stph__: as long as you don't use the wrong device (and nuke your system!) it's all good :D
<iamrecursion>
on arch I'd literally just create the vmware-sharedfolders.service
<iamrecursion>
and systemctl enable vmware-sharedfolders
<manveru>
:)
<iamrecursion>
but that doesn't seem very in keeping with declarative configuration in configuration.nix
<manveru>
iamrecursion: yeah, you actually need two i think
tgunb has joined #nixos
<manveru>
there's the vmware-vmblock-fuse.service it requires to setup the fuse i guess
<iamrecursion>
that appears to be started by the guest additions
<stph__>
goibhniu: I tried again and no I don't have a filesystem after I copied... absolutely no directories. It's strange also I need to sudo...
<iamrecursion>
I didn't realise that you could write the services directly like that
<manveru>
vmhgfs-fuse should probably be "${open-vm-tools}/bin/vmhgfs-fuse -o allow_other ...
<iamrecursion>
Let me give it a go
<clever>
iamrecursion: thats how every service is nixos is written
<iamrecursion>
I'm very new to all of this
<goibhniu>
stph__: are you sure the image you downloaded is okay?
<manveru>
i gotta get back to work, but clever is around now, so you'll be in good hands :D
<iamrecursion>
Thanks for your help manveru!
<stph__>
gonna download it again
asuryawanshi has joined #nixos
<manveru>
iamrecursion: the best part is that you can also publish it to nixpkgs when it works for other people to just say `vmware.sharedFolder = "/some/path"` in future ;)
<iamrecursion>
If I get it working and learn how to make it extensible, I shall.
stph__ has quit [(Quit: Page closed)]
p4cman has joined #nixos
joncfoo has joined #nixos
dieggsy has joined #nixos
zunk has quit [(Ping timeout: 248 seconds)]
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
zunk has joined #nixos
<disasm>
Orbstheorem: did that work for you?
<iamrecursion>
clever: is there a way to require that a given directory exists in the system and create it if not?
pie_ has quit [(Ping timeout: 260 seconds)]
<c0bw3b>
test -d ? 0:)
<c0bw3b>
but you meant in nix language i guess
<Orbstheorem>
disasm: You mean about offlineimap/isyinc or nixup?
davidak has quit [(Ping timeout: 250 seconds)]
<Orbstheorem>
offlineimap -> queued, nixup listening the conf while doing laundry xD
ambro718 has joined #nixos
TweyII has joined #nixos
TweyII is now known as Guest14295
<disasm>
Orbstheorem: yeah, the mbsync thing. It looked like isync package had the mbsync binary in it, but didn't try it myself.
jtojnar has quit [(Quit: jtojnar)]
damke_ has joined #nixos
hexkey[m] has joined #nixos
<iamrecursion>
Is there a way to specify your default channel in your configuration.nix? I can't seem to find a concrete answer.
Itkovian has quit [(Ping timeout: 268 seconds)]
<etu>
iamrecursion: You can check out the channel you're using as a git repo/submodule and specify that directory in configuration.nix
MP2E has joined #nixos
<iamrecursion>
That sounds interesting
<iamrecursion>
can you given an example?
<clever>
iamrecursion: make a systemd unit or prestart on a unit, that runs mkdir
<iamrecursion>
clever: thank you
<srhb>
iamrecursion: There's a lot of waysto do this. One is setting nix.nixPath = [ "nixos-config=/etc/nixos/configuration.nix" "nixpkgs=/path/to/your/checkout" ]; -- I'm not actually sure that first bit is necessary or preserved even if you only set the nixpkgs part.
<iamrecursion>
srhb: Would that be done at the start of your configuration.nix?
<srhb>
iamrecursion: You can even set ("nixpkgs=" + nixExpressionThatGetsNixpkgs.outPath)
<srhb>
iamrecursion: It's just a regular option. The order doesn't really matter.
<iamrecursion>
Oh, right!
<iamrecursion>
I'll have an experiment
Tucky has quit [(Quit: WeeChat 1.9.1)]
Neo-- has joined #nixos
dieggsy has quit [(Remote host closed the connection)]
<srhb>
Sadly there's no automated test for this service..
<__monty__>
Kinda hard to test the service if I can't run it.
damke_ has joined #nixos
<srhb>
__monty__: Maybe a VM? Or someone might be able to team up with you.
asuryawa_ has quit [(Remote host closed the connection)]
asuryawa_ has joined #nixos
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
<__monty__>
Could I submit a new version under a different name instead? Since the current one is selfoss-unstable-date and I'm not interested in unstable versions anyway?
asuryawanshi has quit [(Ping timeout: 268 seconds)]
ylwghst has quit [(Ping timeout: 240 seconds)]
mithsv has quit [(Client Quit)]
mithsv has joined #nixos
ssmike has joined #nixos
ryantrinkle has quit [(Ping timeout: 248 seconds)]
<srhb>
I don't know what the maintainers would think of that.
<srhb>
Perhaps try poking regnat[m].
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] rycee opened pull request #31323: i3lock-color: limit to i686 and x86-64 platforms (master...i3lock-color-needs-sse2) https://git.io/vF8W0
NixOS_GitHub has left #nixos []
trevorriles has quit [(Ping timeout: 268 seconds)]
<c0bw3b>
__monty__ actually that unstable version is quite old
<tnks>
At work I've been doing Nix+Docker stuff exclusively... not even messing around with NixOS, really.
<__monty__>
c0bw3b: Yes, that's the issue.
<c0bw3b>
so its a good occasion to upgrade the package to latest _stable_
<__monty__>
I agree, but I can't test the service module.
<tnks>
I'm curious about accounts from people that have tried to use NixOps. I hear people have had frustrations with it, but I don't know specifics.
<tnks>
Is it's design flawed or limited in some way?
<srhb>
tnks: I use it for my private vpses with great satisfaction.
<srhb>
tnks: It's less handy for shared deployments, because of the state file (sqlite db)
<tnks>
srhb: could you see it having problems with the kinds of things people want to do in a more corporate setting?
<srhb>
tnks: Yes, until that is resolved.
<srhb>
tnks: It needs a shared, secure state with locking. :)
<c0bw3b>
__monty__ let me take a quick read at the service definition, see how complex it is
supercynic has quit [(Ping timeout: 255 seconds)]
roberth has quit [(Ping timeout: 240 seconds)]
<tnks>
srhb: okay, let me see if I understand the complaint. Every node used to run NixOps will have a sqlite DB, and so sharing this between different admins is a problem?
Guest14295 has quit [(Changing host)]
Guest14295 has joined #nixos
Guest14295 is now known as TweyII
<srhb>
tnks: Essentially. People work around it in all sorts of ways though, exporting the state to json, encrypting it, decrypting it and reloading on pull etc.
<c0bw3b>
__monty__ okay there is a bit of shell in there but most of it seems 'generic' enough to resist the pkg upgrade
<c0bw3b>
__monty__ so if you want and try to upgrade the package locally, open your PR with the pkg update and in the PR description you could mention clearly that you did not test the corresponding service module
pie_ has quit [(Ping timeout: 260 seconds)]
<c0bw3b>
__monty__ another contributor might come forward and test it :)
<__monty__>
Is there an alternative to fetchFromGithub to download release zips from github?
<mpickering>
Is it possible to make a dependent pull request?
<__monty__>
Unless there's a way to just have it fetch the latest. I assume there's not because of the shasum.
<srhb>
__monty__: fetchFromGitHub does that, too.
<srhb>
__monty__: Just specify the release version instead of a commit hash
<srhb>
Er
<srhb>
Or is that just the tag...
* srhb
is unsure
<srhb>
That's probably just the tag...
<__monty__>
I can't find documentation on fetchFromGithub, it's not in the nixpkgs manual.
radvendii has quit [(Ping timeout: 246 seconds)]
<c0bw3b>
yep inside fetchFromGitHub yuo set rev = version or rev = tag or rev = "v${version}"
HTTP_____GK1wmSU has joined #nixos
stphrolland has joined #nixos
<c0bw3b>
depending on how the upstream repo name its releases tags
<c0bw3b>
in selfoss case you would set version = "2.17" and inside fetchFromGH you would do rev = version
<c0bw3b>
__monty__ the best documentation when it comes to packaging is reading at other packages definitions :p
<stphrolland>
Hi, I am noob. I'm starting installing nixos. I already have ubuntu and grub2 running on my machine. Should I configure the boot.loader.grub.enable entry in the configuration.nix file ?
HTTP_____GK1wmSU has quit [(Read error: Connection reset by peer)]
<c0bw3b>
use https://search.nix.gsc.io/ and search for the thing you want to know about (restrict the search to NixOS-nixpkgs repo)
HTTP_____GK1wmSU has joined #nixos
<srhb>
stphrolland: If you want nixos to take over managing your bootloader, yes. You probably also want to set some options to make it find ubuntu though
nithor has joined #nixos
c0bw3b has left #nixos []
<tilpner>
Is there a way I can let a build connect to X?
<srhb>
stphrolland: boot.loader.grub.useOSProber = true; if you just want automagic to do it.
<sphalerite>
tilpner: starting an X server in the build
HTTP_____GK1wmSU has left #nixos []
<tilpner>
sphalerite - Do you know of a package that does this, so I can steal the setup?
<sphalerite>
tilpner: there aren't any afaik
<sphalerite>
And I'm not sure that would help, since you still don't get a way to interact with it
<sphalerite>
You could use xdotool or something to script it but it's very nasty
<tilpner>
Oh, I don't need to interact with it. The tool wants to open and close a window, nothing more
jb55 has joined #nixos
<tilpner>
I don't even need to see it
<sphalerite>
Do you really need it?
<sphalerite>
Ah OK
Neo-- has quit [(Ping timeout: 240 seconds)]
snikkers has joined #nixos
<tilpner>
The right thing would be to patch that behaviour out, but that's probably more effort
erasmas has joined #nixos
<sphalerite>
Not sure how to do it, it would probably be easier to try disabling the behaviour
<tilpner>
(And would require rebuilding it)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] srhb opened pull request #31324: openra: Add python to bin PATH, fixing launcher (master...openra-python-binpath) https://git.io/vF84B
NixOS_GitHub has left #nixos []
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
Itkovian has quit [(Ping timeout: 248 seconds)]
mithsv has quit [(Client Quit)]
<tilpner>
:/
<sphalerite>
tilpner: xvfb may be helpful
mithsv has joined #nixos
<sphalerite>
I don't know the details of using it though
<tilpner>
Sounds like what I want. I'll play around with it. Thank you! :)
civodul has quit [(Remote host closed the connection)]
jgertm has joined #nixos
ssmike has quit [(Ping timeout: 240 seconds)]
damke_ has quit [(Ping timeout: 240 seconds)]
__Sander__ has quit [(Quit: Konversation terminated!)]
damke_ has joined #nixos
<__monty__>
Ok, I guess I know what to do tomorrow, thanks for the help srhb and c0bw3b.
<srhb>
__monty__: o/
__monty__ has left #nixos []
<BlessJah>
is it possible to track and remove derivations in my environment based on channel from which they've been installed?
<BlessJah>
E.g. are they 17.03, small, unstable or local checkout of nixpkgs?
[0x4A6F] has joined #nixos
digitus has joined #nixos
kuznero has joined #nixos
<srhb>
BlessJah: I don't think so. I don't think that information even exists once a package is installed.
<kuznero>
Hi All!
<kuznero>
How do I start about testing in nixpkgs?
<kuznero>
Any documentation available?
<BlessJah>
that's a pity
<srhb>
kuznero: There's some for NixOS tests at least.
<BlessJah>
Probably I should've asked myslef much earlier, but what nix-env --upgrade do then?
<srhb>
kuznero: But that's probably not useful if you really mean nixpkgs.
<srhb>
kuznero: Looks like you can just nix build that
<srhb>
kuznero: It uses the NixOS test infrastructure.
<kuznero>
srhb: does it work on nix-build in general or there is something like nix-test? Is it pure?
<srhb>
kuznero: nix-build suffices, it is pure, but it relies on NixOS afaik.
<srhb>
kuznero: Since it spins up qemu things :)
<gchristensen>
you can nix-build them without nixos
<srhb>
Oh, TIL.
<srhb>
... how does that even work.
<gchristensen>
it just runs qemu :)
<srhb>
I thought that required some sort of daemon. TIL again.
<gchristensen>
your system does need to have kvm though
<gchristensen>
(a kernel module)
* srhb
nods
<srhb>
Thanks for clarifying.
<srhb>
/correcting :P
c0bw3b has joined #nixos
<gchristensen>
:) I run nixos tests in jenkins on a scientific linux 6 box ... :)
damke_ has quit [(Ping timeout: 240 seconds)]
<kuznero>
Ok, I will just try nix-build. And result is just the exit code with some logs, right?
<gchristensen>
yep
<gchristensen>
for large values of "some"
ylwghst has joined #nixos
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
<srhb>
all of journald? :-P
<gchristensen>
:)
<kuznero>
Is there any special place in nixpks for tests? Is the process for running it automated in hydra?
<srhb>
kuznero: Check out nixos/tests
ma27 has joined #nixos
mithsv has quit [(Client Quit)]
mithsv has joined #nixos
<kuznero>
srhb: thanks
radvendii has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] deedrah opened pull request #31325: nixos/gdm,nvidia: fix assertion for gdm not using wayland on nvidia (master...pr/nvidia-gdm-wayland) https://git.io/vF8EN
NixOS_GitHub has left #nixos []
ylwghst has quit [(Ping timeout: 268 seconds)]
bennofs has joined #nixos
tempeh has joined #nixos
ylwghst has joined #nixos
<kuznero>
$nixpkgs/pkgs/test look very very slim... Is that all tests there is in nixpkgs?
<clever>
kuznero: there are also tests under nixos
stphrolland has quit [(Quit: Page closed)]
<sphalerite>
kuznero: and tests within packages, in checkPhase
goibhniu has quit [(Ping timeout: 255 seconds)]
<kuznero>
sphalerite: thanks, that sounds like right approach to keep it close to a package
<kuznero>
srhb: yep, it fails after running `nix-build nixos/tests/docker-swarm.nix -A driver` without even prompting me
<srhb>
kuznero: It didn't produce a result directory?
<srhb>
kuznero: You're supposed to run the driver that produced.
<kuznero>
srhb: and no result directory
<srhb>
kuznero: Weird, works for me.
<kuznero>
srhb: should I have made sure that qemu is installed somehow explicitly?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh closed pull request #31309: pythonPackages.devpi_common: remove one test (master...pr/devpi) https://git.io/vFlWH
NixOS_GitHub has left #nixos []
<srhb>
kuznero: I don't know, sorry. I would find that surprising.
zunk has quit [(Ping timeout: 250 seconds)]
<cement>
how do I specify which channel for nix-shell to use?
<cement>
through much experimentation, -p is definitely not what I need
Phillemann has joined #nixos
zunk has joined #nixos
<Phillemann>
I'd like to write a simple script to check if nixos-unstable has updates for me (in other words, nixos-rebuild switch --upgrade does something). What would be a good way to do that?
lebel has quit [(Remote host closed the connection)]
<kuznero>
srhb: figured out - just had some weird typo :) sorry, it works fine!
<hyper_ch>
how can I find out which zfs version I'm actually using? will unstable use latest master?
mithsv has quit [(Ping timeout: 240 seconds)]
<sphalerite>
cement: if you want to use a channel you have on your system, it will be in /nix/var/nix/profiles/something, can't remember exactly, hng on
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
<cement>
I found /nix/var/nix/profiles/root/unstable
<cement>
profiles/per-user/root*
ssmike has joined #nixos
<sphalerite>
hyper_ch: look at pkgs/os-sprcitic/Linux/zfs/default.nix
<sphalerite>
Minus typos and autocorrect
<LnL>
hedning[m]: seems to be working even better than before at first glance :)
<taaperotassu>
Is the xarchiver from nixos unstable something that we should correct by ourselves manually?
erictapen has quit [(Ping timeout: 250 seconds)]
tmaekawa has joined #nixos
disasm has quit [(Ping timeout: 240 seconds)]
<hyper_ch>
sphalerite: thx
zunk has quit [(Remote host closed the connection)]
<hedning[m]>
LnL: 😄 yeah, it should be more robust, extracts most information from --help
pxc has joined #nixos
<hedning[m]>
nix-env completion is a bit more sane now too, handles stacking options properly on the first option and such
ixxie has joined #nixos
tmaekawa has quit [(Quit: tmaekawa)]
kuznero has quit [(Quit: WeeChat 1.9.1)]
pie_ has joined #nixos
FRidh has quit [(Quit: Konversation terminated!)]
FRidh has joined #nixos
athan has quit [(Ping timeout: 240 seconds)]
athan has joined #nixos
ma27 has quit [(Ping timeout: 250 seconds)]
ma27 has joined #nixos
Itkovian has joined #nixos
davidak has joined #nixos
Vorpal has quit [(Ping timeout: 248 seconds)]
<pxc>
hedning[m]: for which shell?
TweyII has quit [(Ping timeout: 240 seconds)]
<LnL>
zsh, it's insanely good
leothrix has quit [(Read error: Connection reset by peer)]
Vorpal has joined #nixos
Vorpal has quit [(Changing host)]
Vorpal has joined #nixos
leothrix has joined #nixos
betaboon has quit [(Quit: WeeChat 1.9.1)]
asuryawa_ has joined #nixos
thblt has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] FRidh pushed 2 new commits to master: https://git.io/vF8XH
<kiloreux>
But I want to use nix-build also to build my nix expressions
ma27 has quit [(Ping timeout: 250 seconds)]
<kiloreux>
what's the best way to do that without using a nix base image ?
endformationage has quit [(Ping timeout: 246 seconds)]
ertes has joined #nixos
ma27 has joined #nixos
<moredread[m]>
Is there a way to get all the source code necessary to build a nix expression (including all dependencies?)? Is it also possible to than use it to build it? I'm thinking about reproducibility for a science project, where maybe in a few years the original sources aren't available anymore.
disasm has joined #nixos
<rnhmjoj[m]>
moredread: you should be able to disable the binary caches and build everything from source
p4cman has quit [(Quit: Connection closed for inactivity)]
matthewbauer has joined #nixos
<bgamari->
steveeJ, I do
adisbladis has quit [(Read error: Connection reset by peer)]
<LnL>
not sure if it works on master at the moment
<kuznero>
Is there the recommended way to separate default configuration from per-profile configuration? So far I have my dotfiles git repository that has only global default profile configuration. I would like to be able to configure per-profile packages for a couple of users as well.
adisbladis has joined #nixos
<moredread[m]>
rnhmjoj: do you know whether I can only pull the source and still leverage the cache for the actual installation? Or does nix first download all sources before building?
<bgamari->
steveeJ, but note that cross-compilation is quite rough at the moment
<kuznero>
What can be the reason for a $nixpkgs/tests/nixos/sometest.nix to pass but in real scenario - to fail? Where should I look first?
asuryawanshi has joined #nixos
ixxie has quit [(Quit: Lost terminal)]
ixxie has joined #nixos
pie_ has quit [(Ping timeout: 248 seconds)]
asuryawanshi has quit [(Ping timeout: 240 seconds)]
bennofs has quit [(Ping timeout: 240 seconds)]
Lisanna has joined #nixos
dieggsy has joined #nixos
<kuznero>
Is there a way to re-create real setup from QEMU test to ensure it behaves similarly, then adding more and more packages and configuration to see what is it exactly that makes it fail?
<Lisanna>
is there some code I can look at which shows copying things from your Nix store onto a disk image in runInLinuxVM (and all their dependencies?)
_rvl has joined #nixos
<Lisanna>
assuming the disk image has an installation of Nix on it
<Lisanna>
is "exportReferencesGraph" what I want?
<LnL>
you can use that to export the paths in a format that you can import them into the nix db
<vcunat>
no, I don't think so
<vcunat>
hmm, or maybe... better just ignore me on this
<vcunat>
well, if the VM should be NixOS, then there certainly are better ways
<vcunat>
(e.g. add the packages to VM's systemPackages)
<Lisanna>
It's not NixOS, it's a RHEL or something, but I've installed Nix on it, so /nix exists
<LnL>
can't you use nix-copy-closure or nix-store --export/--import
<vcunat>
:+1: (was just writing that)
<Lisanna>
those sound like they would work... let me read the documentation on them
<earldouglas>
Uh oh, I'm running into `error: [Errno 17] File exists: '/var/lib/jenkins/.ssh'` again when nixops tries to fire up a new node.
<earldouglas>
Anyone else seen this?
<Lisanna>
well, nix-copy-closure goes over SSH, and nix-store --export is a command line that would need to be run on the host... not sure how either of those would fit in with a runCommand in a runInLinuxVM
<vcunat>
I assumed you wanted to import it into the VM by hand
<Lisanna>
what happens to the buildInputs of the runInLinuxVM's runCommand?
<Lisanna>
no, I've got a bunch of derivations in a nix expression, and I want to load them into the /nix of the disk image I have loaded in a runInLinuxVM
<Lisanna>
I think I remember reading that the buildInputs get mounted as a special filesystem or something in the QEMU? Could I do a copy from there into the disk image's native /nix?
thblt has quit [(Ping timeout: 260 seconds)]
<vcunat>
Lisanna: the /nix/store of the host gets mounted into the VM, yes
<vcunat>
that's "automatic"
<vcunat>
(maybe not all but just what you reference)
<vcunat>
you can inspect various stuff in pkgs/build-support/vm/default.nix
<LnL>
yeah, don't think you need to do anything special for that
<Lisanna>
okay, so I could just literally do nix-store --export // --import right in that runCommand, between /nix/store and /<diskimagemount>/nix/store
<vcunat>
I don't remember much from it anymore, but there are also e.g. functions to generate images of some distros with packages you choose
<Lisanna>
yeah, I know about those, but I have to use a special base image, and I have specific packages not in nixpkgs that I want to install
<vcunat>
Lisanna: you would probably just directly use the the /nix/store paths directly
<vcunat>
(unless you need to copy them inside for some reason)
mizu_no__ has joined #nixos
<Lisanna>
that's the idea, I explicitly want to install them onto the disk image
<vcunat>
they will be there
<Lisanna>
so that I can boot that disk image somewhere else
<vcunat>
"installed" in nix sense
<vcunat>
ah, right
<vcunat>
that might get complicated by that mounting on the same path, but that can probably get hacked around somehow
<Lisanna>
I don't mount on the same path, the disk image is in /mnt,
<vcunat>
Or maybe there's some easier way. I haven't done much around VMs.
<Lisanna>
which of course will be mounted as / when booted in another env
<Lisanna>
oh, the symlinks would get messed up, wouldn't they
<Lisanna>
does nix-store require the daemon to be running to manipulate the store?
<vcunat>
no, if you have write access to it
<Lisanna>
Okay, good
<Lisanna>
so in a nix expression in a runCommand for runInLinuxVM, I guess that would literally be something like "nix-store --export ${drvname}"
kuznero has quit [(Quit: WeeChat 1.9.1)]
<Lisanna>
but with extra stuff to make it get the entire closure
bgamari- is now known as bgamari
dhess has joined #nixos
<dhess>
Hi, does anyone have an example of overriding a NixOS module/service, similar to overriding a Nixpkgs package with packageOverrides or an overlay?
<dhess>
The module system is pretty complicated and I haven't quite worked out how to do this.
asuryawanshi has joined #nixos
[0x4A6F] has quit [(Ping timeout: 268 seconds)]
<disasm>
dhess: it's easier than you want to believe... custom_modules = (import ./modules/modules-list.nix); then imports = [ <your current imports ] // custom_modules;
asuryawanshi has quit [(Ping timeout: 240 seconds)]
ssmike has joined #nixos
fleaz has joined #nixos
cfricke has quit [(Ping timeout: 268 seconds)]
jb55 has joined #nixos
<dhess>
disasm: hmm OK, let me try that.
<dhess>
disasm: I should mention I'm doing this from NixOps, so typically I use "require = [ .. ];" to load my custom modules and then start enabling services, without any explicit imports.
<dhess>
but if I have a custom module with the same services."name" as a NixOps module, I get conflicts.
ssmike1 has joined #nixos
<clever>
the require stuff doesnt directly use the nixos module framework
hiratara has quit [(Ping timeout: 252 seconds)]
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
ssmike has quit [(Ping timeout: 264 seconds)]
ssmike1 is now known as ssmike
<dhess>
clever: no, but I don't have to import anything from NixOS explicitly. I can just refer to "services.gitlab" or whatever and all of those modules are automatically in scope.
<clever>
dhess: that can also work when using default.imports
<dhess>
I suppose that's where my confusion comes from
<clever>
imports will accept a list of nixos modules, which recursively get loaded and merged into the final nixos build
nix-gsc-io`bot has quit [(Client Quit)]
<dhess>
so I can just put all my custom modules into a top-level modules-list.nix or whatever as explained by disasm, and then override "imports" and get rid of all the special-case requires.
<dhess>
cool
<clever>
require works in a similar way, but isnt as smart as imports
<dhess>
I'll just have to add an explicit "enable" attribute to all of those modules. "require"ing them automatically enables them.
<dhess>
ok cool!
<dhess>
this should be much cleaner.
<clever>
yeah, make each module off by default, like everything in nixos
<clever>
then you can enable it as needed
patrl has joined #nixos
<dhess>
BTW whoever did the overlays stuff in Nix, thank you! That is so much cleaner than packageOverrides, at least for my use cases.
<dhess>
clever: makes sense now, thanks as always!
<clever>
yep
__monty__ has joined #nixos
__monty__ has left #nixos []
Fare has quit [(Ping timeout: 268 seconds)]
<dhess>
clever: you've always got some cool new Nix stuff cooking here and there. I don't suppose you've done anything with NixOS/NixOps and Vault, have you? For distributing secrets?
<clever>
nothing with vault yet
<dhess>
ok
<clever>
dhess: but i have recently made some recovery tools
<clever>
dhess: this one puts the entire installer into /boot and your grub config
ipj[m] has joined #nixos
<clever>
so you can just boot it at any time, to do any kind of recovery
<dhess>
I could have used that recently! I was not aware that NixOS locked the root account if you used non-mutable users. I had an "auto" filesystem that wouldn't mount and when it dropped to single-user, I couldn't log in :(
<dhess>
that was a bummer. Took a few hours to fix.
<clever>
you can also boot with init=/bin/sh to get root without any password prompts
<clever>
that will bypass everything
<clever>
it wont even initialize PATH though, so it can be tricky to get the system into a usable state
<dhess>
yeah the PITA with that approach was getting everything in a state so I could try to mount the FS and figure out what was wrong.
<clever>
it turns a laptop into a combination network boot server, and router, with full NAT/bind/dhcp
<clever>
plug any machine into the ethernet port, and it can network boot, and it can leech off the wifi of the server
<clever>
and justdoit is pre-installed on the netboot image, you just run "justdoit" in the shell, and it installs nixos
<dhess>
nice, I dumped my PXE boot server when I switched to NixOS
<dhess>
maybe I'll set it up again with this.
<clever>
the only problem i ran into when using that last week, is that it lacks uefi support, and it gets confused by nvme drives
<dhess>
PXE boot server/installer
<clever>
the dhcp config tells ipxe to report its mac address to "boot.php" (which isnt even a php script in that version)
<clever>
and then server-side scripting can be used to send it a different config, based on the mac
<dhess>
clever: this iohk binary cache thing in your repo -- are you working for/with IOHK?
<clever>
yep
<avn>
clever: nice, I thinking about full small.iso building as part of system derivation on all machines. So I would able write flash/cd on any of my machine.
<dhess>
When I have some time I need to look into IOHK's deployment thing written in Haskell. I could use something like that
<dhess>
I have a wrapper of my own around nixops but it's extremely primitive and I would love to have some type-safety for deployments.
<clever>
dhess: its mostly a wrapper around nixops, that turns some yaml files into nix so the deployment file can generate machines based on the yaml
JosW has quit [(Quit: Konversation terminated!)]
<dhess>
clever: does it serialize/reify the NixOps deployment state into/from yaml?
<clever>
dhess: the haskell will post-process the yaml into topology.nix, then the deployment file makes heavy use of map to turn that into an array of lists
<viric>
mh
<viric>
damn it... I had ttf fonts somewhere in $HOME
<viric>
and they used to work. Not now.
<viric>
some xdg thing it must have bene
<viric>
been
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
mithsv has quit [(Remote host closed the connection)]
mithsv has joined #nixos
vcunat has quit [(Quit: Leaving.)]
<viric>
~/.local/share/fonts !
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 1 new commit to release-17.09: https://git.io/vF4vz
<NixOS_GitHub>
nixpkgs/release-17.09 e53e9a2 Tuomas Tynkkynen: lcdproc: Disable parallel build...
NixOS_GitHub has left #nixos []
<viric>
why libreoffice doesn't pick them'
<viric>
?
<viric>
Ah damn it, it's libreoffice_fresh that doesn't pick them
<viric>
wtf
dhess has quit [(Ping timeout: 246 seconds)]
<Lisanna>
is there a version of callPackage that operates on functions instead of paths? e.g., callPackage (import ./foo.nix) {}
<romildo>
I am using NixOS unstable. I have a Haskell project with two executable targets. I am using Emacs with haskell-mode to edit the code. When I open a file and try to load it (C-c C-l) I am getting the error: cabal: The 'repl' command does not support multiple targets at once. Any clues?
<clever>
romildo: you need to tell cabal repl which executable to load in ghci
goibhniu has joined #nixos
<romildo>
clever, how can I do that? I just have the source file open in emacs and want to load it in the repl within emacs. Usually it can be done with the keyboard shortcuts C-c C-l.
asuryawanshi has quit [(Ping timeout: 260 seconds)]
<clever>
not sure how to tell emacs how to do that
<romildo>
clever, the corresponding emacs function is haskell-process-load-file.
mithsv has quit [(Quit: mithsv)]
mithsv has joined #nixos
romildo has quit [(Quit: Leaving)]
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
Wizek_ has joined #nixos
patrl has quit [(Quit: WeeChat 1.9.1)]
mgttlinger has quit [(Quit: Connection closed for inactivity)]