<sphalerite>
Has anyone here managed to get a full GNU/Linux ARM system running in QEMU? Doesn't need to be nixos, just something I can run nix on :)
<catern>
How would one ideally express a dependency on a native binary from a Python program?
<catern>
I guess just use it on the PATH and assume that your eventual user has a wrapper which sets the PATH?
<sphalerite>
catern: just like any other dependency
<sphalerite>
Oh right, a run-time dependency
<catern>
sphalerite: yeah, but I'm worried about how to correctly set the PATH
<catern>
right
<catern>
sorry, wasn't clear
<catern>
and I mean a Python library, too
<samueldr>
sphalerite: using qemu-user and systemd-nspawn, I was able to run an archlinux container, but I'm not sure I've got the notes around
<sphalerite>
I'd just leave it up to upstreamcatern
<sphalerite>
Err
<samueldr>
I had trouble with a nixos container using systemd-nspawn
<samueldr>
(nixos-rebuild failed)
<catern>
sphalerite: but that seems so flaky!
<catern>
what if they do not set the right PATH...
cybrian has joined #nixos
<sphalerite>
No less flaky than it would be in other distros ;)
<catern>
sure, but Nix is better than that :)
<clever>
sphalerite: ive had trouble getting anything arm to boot under qemu, the problem is the lack of a solid definition of how the cpu goes from reset -> firmware -> bootloader
<clever>
sphalerite: x86 is far more standardized
<sphalerite>
samueldr: sorry I meant qemu-system
<clever>
every arm chip does it different
<clever>
ly
<sphalerite>
Yeah I know that's the problem, just wondering if anyone knows a solution ;)
<catern>
I guess it's OK for PATH and PYTHONPATH because Nix already is setting up wrappers for those
<thoughtpolice>
catern: You can write a phase that will use something like 'substituteInPlace', but it's obviously hacky.
<catern>
thoughtpolice: hmm yeah it would ideally not be so tied to Nix...
<thoughtpolice>
Alternatively you can write an actual .patch file and use 'substituteInPlace' on that (which might be more robust).
<sphalerite>
But the real problem here is that the library assumes it's there ;)
<thoughtpolice>
catern: In that case you probably are best off fixing it upstream, then, and working with the maintainers. (Not that I disagree, but those are basically your options if you want it to be robust, but don't want to wire yourself to Nix. I actually just did this fix in a postInstall phase, myself)
<catern>
thoughtpolice: well, I think it would be better if the setup.py stored the location of the binary to a file on disk which is loaded at runtime, I guess
<sphalerite>
samueldr: yeah, saw that
<catern>
sphalerite: thoughtpolice: hmm? this is a library I wrote myself, it has a hard dependency on this executable :)
<sphalerite>
Maybe I should just use qemu-user after all
<catern>
I mean, it throws an exception if the executable is not there, but I would like to make that exception impossible
<thoughtpolice>
Well, can you note incorporate that into setup.py yourself? I don't really know how distutils in Python works so I have no idea if it would allow that. But if you're the upstream, you can obviously fix it, then!
<thoughtpolice>
s/note/not/
<catern>
I guess I can incorporate it into setup.py, definitely, but I don't know how to expose it to Python, hmmm...
<samueldr>
sphalerite: what do you want to do?
<sphalerite>
catern: right so modifying it upstream is an option :D I'd say make it an install-time option really
<catern>
I guess a wrapper is acceptable, given that the wrapper would also be built by Nix, and would be correct.
<catern>
and more significantly, given that Python already requires wrappers
<thoughtpolice>
Yeah... I'm afraid I have no idea how to do that the "pythonic" way, but I see what you're going for. Obviously there are a lot of ways to do this one (wrapper, configure-time detection, etc)
<catern>
due to PYTHONPATH
<samueldr>
I successfully built an arm kernel from an armv7l board using my x86 PC this week-end
<sphalerite>
samueldr: ARM builds in a more isolated environment than qemu-user provides. I suppose I could also nest qemu-user-arm in qemu-system-x86_64 (with KVM for low additional cost)
<Dezgeg>
sphalerite: you're in luck, in latest u-boot there's an easy way to boot it in qemu (+ nixos)
<sphalerite>
Dezgeg: sweet!
<samueldr>
Dezgeg: your patch got in? that's awesome
<dhess`>
Dezgeg: are you planning to update uboot in Nixpkgs soon?
Acou_Bass has quit [(Ping timeout: 276 seconds)]
<Dezgeg>
is it not up-to-date?
<catern>
the wrapper which sets PYTHONPATH and PATH is hardcoded to just set those two
digitalmentat has quit [(Quit: Leaving)]
<dhess`>
Last I looked it's 2017.03 or something?
<catern>
I guess for my own thing, it's best to do it at compile time
<sphalerite>
Ugh why is github's mobile site so awful
<sphalerite>
It's basically unusable
<dhess`>
yeah, 2017.03
<thoughtpolice>
catern: You can also use makeWrapper yourself, of course
<samueldr>
dhess`: a full armv7l kernel build took a bit over 4h30 using the qemu-user kludge, dunno how long it takes on a proper armv7l like your jetson board
<dhess`>
2017.11 was just released and there's a 2017.09 at least as well
<Dezgeg>
you need a monster command like qemu-system-arm -machine virt,highmem=off -cpu cortex-a15 -bios ~/opt/u-boot/build-qemu_arm/u-boot.bin -s -nographic -drive if=none,file=$HOME/armtest.qcow2,id=root -device ich9-ahci,id=ahci -device ide-drive,drive=root,bus=ahci.0 -netdev user,id=net0 -device virtio-net-device,netdev=net0
<dhess`>
samueldr: I haven't benched it and obviously there are a lot of variables here, but I'm pretty sure it's under 1 hour on my Jetson TK1
<sphalerite>
I mean, a working mobile site would be nice but just having it use the desktop site no matter what would be so much better than what they have now
<samueldr>
I'll live with the 4× longer builds (and yes, so many variables)
<dhess`>
Dezgeg: excellent! I forgot that I'm looking at an older channel
<catern>
thoughtpolice: well, I could, but that's not very generic
<dhess`>
Dezgeg: thanks! It saves me needing to do it to get the DTBO support
<sphalerite>
Dezgeg: awesome thanks!
<dhess`>
Has anyone here written a test (a la nixos/tests) that can NAT to the hosts's IP for getting ot the public Internet?
<dhess`>
In my tests using the same infrastructure, I'm unable to connect and I suspect it's because the test VM is sending out packets using its 192.xxx IP
<dhess`>
wonder if there's a simple config option to do that
<samueldr>
Dezgeg: one question, while you're there: your cache has a subset of packages built, what's used to build them? (there was a question earlier about huge rebuilds on armv6l)
<samueldr>
is it only what would be built/needed by the image file?
<joshuaks>
I'm trying to install weechat on macOS. However, the install doesn't seem to have python,ruby,etc. support. I think I'm doing something wrong because I can find weechat/nix issues but not this.
spietz has joined #nixos
<joshuaks>
With brew you explicitly have to build with these dependencies. With other packages managers it doesn't seem so.
<sphalerite>
joshuaks: that would be my fault
cybrian has quit [(Read error: Connection reset by peer)]
<sphalerite>
joshuaks: hang on
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peterhoeg pushed 1 new commit to master: https://git.io/vbUFW
<NixOS_GitHub>
nixpkgs/master 226c569 Peter Hoeg: dbus-broker: 3 -> 8
NixOS_GitHub has left #nixos []
* joshuaks
hanging on
Twey has quit [(Remote host closed the connection)]
<joshuaks>
Seeing these pushes. I have a feeling I'm about to be thoroughly impressed.
<sphalerite>
Meh we don't seem to have rendered docs for unstable >.>
<joshuaks>
If you point me in the right direction I can sift through it.
<kini>
I have a cluster of machines with shared homedirs, and I want to put Nix on them, so I figure it makes the most sense for /nix to be a network share as well. Can race conditions arise if I do this? If I have nix-daemons on machines A and B, can they step on each other, or are there lockfiles to prevent that?
<dhess`>
Dezgeg: do you ever run any nixpkgs tests from an x86_64-linux host on an armv7l-linux qemu VM?
<dhess`>
Dezgeg: when I try, the test build fails trying to build numactl
<Dezgeg>
I tried but I couldn't figure out how to get kvm working
<dhess`>
yeah ok.
<Dezgeg>
on aarch64 it does work since this week or so
<dhess`>
It seems like it's almost there. I don't know how to tell it not to build numactl
<dhess`>
Dezgeg: oh that's interesting
<samueldr>
\o/ just booted qemu-system-arm
<Dezgeg>
(by kvm I mean having /dev/kvm show up at all)
<sphalerite>
Dezgeg: ...yyyyep
<samueldr>
on my machine, it stayed for a long time on "dmi: Firmware registration failed."
<samueldr>
(but I'm guessing it's normal, the boot is quietly going along)
<Dezgeg>
yeah, for some reason the kernel loglevel is pretty low since some nixpkgs changes
<dhess`>
Dezgeg: Huh, weird. I just put "kvm" in my "boot.kernelModules" list and it works fine
<dhess`>
sorry, "kvm-intel"
<Dezgeg>
I meant KVM on the TK1
<dhess`>
ohhh
<dhess`>
Dezgeg: sorry, I was asking about running emulated tests for ARM on an x86_64 host
ylwghst has quit [(Ping timeout: 240 seconds)]
<Dezgeg>
that I haven't tried
<sphalerite>
Yaaaaay now it's booting for me too!!
<sphalerite>
!m Dezgeg
<[0__0]>
You're doing good work, Dezgeg!
joshuaks has quit [(Ping timeout: 240 seconds)]
<sphalerite>
That seems like a good note to finish and go to sleep on
<sphalerite>
Gnight folks!
<samueldr>
success is always good right before sleep
srdqty has joined #nixos
joshuaks has joined #nixos
thc202 has quit [(Ping timeout: 268 seconds)]
cybrian has joined #nixos
MP2E has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 1 new commit to master: https://git.io/vbUxB
<NixOS_GitHub>
nixpkgs/master 14ec308 Orivej Desh: nano: fix darwin build...
NixOS_GitHub has left #nixos []
<cbarrett>
what's the best way to report a broken haskell package?
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
dieggsy has joined #nixos
cybrian has quit [(Read error: Connection reset by peer)]
fragamus has joined #nixos
<bhipple[m]>
Is there a good guide somewhere on how to use the vm tools with qemu and various base images for building debs/rpms in NixPkgs somewhere? I didn't see anything in the manual and while I've managed to figure out quite a bit by playing with it some focused direction is always helpful
Supersonic112 has quit [(Disconnected by services)]
fragamus has quit [(Client Quit)]
Supersonic112_ has joined #nixos
Supersonic112_ is now known as Supersonic112
seanz has joined #nixos
seanz has quit [(Client Quit)]
dieggsy has quit [(Remote host closed the connection)]
drakonis has quit [(Read error: Connection reset by peer)]
cybrian has joined #nixos
leothrix has quit [(Ping timeout: 248 seconds)]
leothrix has joined #nixos
davidak has quit [(Quit: Leaving.)]
etu has joined #nixos
fiveht has quit [(Ping timeout: 240 seconds)]
cybrian has quit [(Read error: Connection reset by peer)]
Sonarpulse has joined #nixos
m has joined #nixos
m is now known as Guest98257
spacefrogg has quit [(Remote host closed the connection)]
aw has quit [(Quit: Quitting.)]
aw has joined #nixos
spacefrogg has joined #nixos
<Guest98257>
Hey guys! Brand new, trying to change the display manager. this is what I tried https://pastebin.com/6sSiTnNnxmon . It doesn't work and I can't find anything online in that direction. Any tips?
cybrian has joined #nixos
zab has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] yuriaisaka opened pull request #32153: fcitx-skk: init at 0.1.4 (master...pr-fcitx-skk-init) https://git.io/vbTUW
NixOS_GitHub has left #nixos []
Guest98257 has quit [(Quit: WeeChat 1.5)]
<adisbladis>
Guest98257: Your paste is gone
<zab>
Oh, odd. I'll get another one.
<zab>
I'm guest
<zab>
Try pastebin.com/Zyt5Rc7m
<adisbladis>
zab: And what does "doesn't work" mean
<zab>
Adisbladis: please excuse me, I actually just got it working :)
gm152 has quit [(Remote host closed the connection)]
spietz has quit [(Ping timeout: 248 seconds)]
<adisbladis>
zab: Nice :) What was your issue?
spietz has joined #nixos
<zab>
Adisbladis: Honestly, I think I forgot the default xmonad meta key was alt. Window manager wallpaper was automatically used for xmonad wallpaper so I thought the dm was freezing.
<zab>
I'll be keeping that one off the resume ;)
wolfcub has joined #nixos
cybrian has quit [(Read error: Connection reset by peer)]
<jeaye>
heh
hariel has quit [(Ping timeout: 260 seconds)]
hamishmack has quit [(Quit: hamishmack)]
<MP2E>
haha. I think that's happened to me at some point, no xmobar and the default, bare xmonad can be confusing
fragamus has joined #nixos
<adisbladis>
Happened to me a long time before on dwm :)
rogue_koder has quit [(Quit: Konversation terminated!)]
<adisbladis>
hyper_ch: People rushing to reinstall in the office this morning
cybrian has joined #nixos
hydraz has quit [(Read error: Connection reset by peer)]
<hyper_ch>
there have been updates again to unstable small while I was sleeping
tg has quit [(Ping timeout: 240 seconds)]
hydraz has joined #nixos
hydraz has quit [(Changing host)]
hydraz has joined #nixos
proteusguy has joined #nixos
justbeingglad has joined #nixos
<jeaye>
hyper_ch: Yikes.
spietz has quit [(Ping timeout: 248 seconds)]
cybrian has quit [(Read error: Connection reset by peer)]
spietz has joined #nixos
ma27 has quit [(Ping timeout: 240 seconds)]
babyflakes has joined #nixos
<justanotheruser>
Didn't the old install instructions involve chrooting into your new OS?
<hyper_ch>
old install instructions for?
<justanotheruser>
nixos
<hyper_ch>
pretty sure they always said to boot from iso
<justanotheruser>
I'm trying to figure out how to do that properly. Context: I am trying to move to a larger hard drive and want to rebuild grub and MBR by chrooting in and doing nixos-rebuild boot
<hyper_ch>
not really sure what you're trying to do
<justanotheruser>
not sure how to describe it differently
<hyper_ch>
why not just boot iso and install from there?
<justanotheruser>
because I already have nixos installed], I just want to migrate the contents of the partition to a larger harddrive
<justanotheruser>
installing and moving my home directory is the last resort
<hyper_ch>
what filesystem?
<hyper_ch>
can't you just dd the smaller disk to the larger one, expand partitions and expand then filesystem?
<justanotheruser>
ext2
<hyper_ch>
ext2? oO
<justanotheruser>
yeah, a bit confused about that
<hyper_ch>
as said, I'd just dd the disk, expand partition to new size and expand filesystem
<justanotheruser>
which is why I want to rebuild grub and MBR
<hyper_ch>
vg
<hyper_ch>
that lvm stuff
<hyper_ch>
no idea
<justanotheruser>
Well, I can't even get into grub which precedes the volume group stuff, and I'm pretty sure my partition containing /root and the volume group containing root is fine
<justanotheruser>
problem is grub
<justanotheruser>
hmm
<justanotheruser>
maybe I'll try to rebuild boot from the live cd by mounting root
jensens has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] bjornfor pushed 1 new commit to release-17.09: https://git.io/vbTmk
<NixOS_GitHub>
nixpkgs/release-17.09 921f089 James Earl Douglas: jenkins: 2.91 -> 2.92...
NixOS_GitHub has left #nixos []
zzamboni has joined #nixos
<clever>
justanotheruser: nixos has some hidden files in /boot that keep track of the MBR state
<clever>
justanotheruser: i the entire /boot is lost, then nixos will recreate all of it, and re-install the MBR stubs
<clever>
if*
<justanotheruser>
clever: it will recreate in on nixos-rebuild boot you mean?
<clever>
justanotheruser: yeah
<justanotheruser>
clever: yes, so I'm tyring to figure out how to run this command
fresheyeball has joined #nixos
<clever>
nixos-install --chroot
<justanotheruser>
clever: this will not modify my system at all, just chroot in?
<clever>
with the whole target mounted under /mnt, the same as if you where going to install
<fresheyeball>
so just went an upgraded my main workstation from 17.03 to 17.09
<fresheyeball>
I did sudo su
<clever>
justanotheruser: assuming your on the fixed livecd image, it will just chroot in
<justanotheruser>
tyvm!
<clever>
fresheyeball: you want "sudo -i", not "sudo su"
<fresheyeball>
and then added the channel, and ran nixos-rebuild --upgrade
<fresheyeball>
everything seemed to work out
<fresheyeball>
but I got the following error
<fresheyeball>
/nix/store/95ax28pyvvx4qsx7b5zwlm5xvi6j0r33-grub-2.02/sbin/grub-install: error: disk `hostdisk//dev/sdg' not found.
<fresheyeball>
/nix/store/a1pwf3dqzil3a8x1smcqqm6fj4r41gs6-install-grub.pl: installation of GRUB on /dev/sdg failed
<fresheyeball>
warning: error(s) occurred while switching to the new configuration
<fresheyeball>
now I am scared to reboot :(
<clever>
fresheyeball: what is boot.loader.grub.device set to in configuration.nix?
<fresheyeball>
grub failed? how terrified should I be
<etu>
fresheyeball: Yeah, well. It happens. It's not a new problem. That's why most distros switched to have /dev/disk/by-uuid/ in fstab and so on to not rely on things being in the same order :)
<clever>
sda is simply the first sata drive to be initialized
<clever>
in my case, sda is a random data drive, not involved in the boot
<fresheyeball>
clever: so I see /dev/sdk and /dev/sdk1
<dhess`>
haha.. that's a hell of a GitHub username
<hyper_ch>
got my fiber back at the office :)
cybrian has joined #nixos
hoodoo_ has joined #nixos
hoodoo_ has left #nixos []
zzamboni has quit [(Quit: Leaving.)]
<rsa>
hmm, my nvidia driver suddenly disappeared/fails to load (without changing anything in the configuration.nix, just updating to unstable channel)
<hyper_ch>
boot into earlier generation?
periklis has joined #nixos
vincent_vdk has joined #nixos
zzamboni has joined #nixos
zzamboni has quit [(Client Quit)]
zzamboni has joined #nixos
fresheyeball has quit [(Quit: WeeChat 1.9.1)]
hotfuzz has joined #nixos
hotfuzz_ has quit [(Ping timeout: 276 seconds)]
reinzelmann has joined #nixos
kosta has joined #nixos
<rsa>
reboot on current generation solved it (i thought i had rebooted sufficiently recent but apparently not)
cybrian has quit [(Read error: Connection reset by peer)]
<kosta>
Hi! I’m trying to build zopfli on macos (which is marked as broken). Running locally, it works because there’s a `gcc` executable that is actually clang on macos. How can I reproduce that in nixpkgs? Is that one of the clang-wrappers?
<hyper_ch>
you know you can always blacklist nvidia and just use the intel one? :)
aloiscochard has joined #nixos
kosta has quit [(Quit: kosta)]
Neo-- has joined #nixos
<sphalerite>
kosta: I don't think we have a wrapper that does that. Try seeing if you can tell zopfli what compiler to use, maybe setting CC=clang will do the trick
<sphalerite>
What's everyone's favourite way of sharing filesystems with VMs?
<woffs>
sphalerite: git ;)
<makefu>
smb for fast interexchance between windows/linux. the nixos module is fantastic
<sphalerite>
woffs: filesystems, not code repositories :)
ravloony has quit [(Ping timeout: 268 seconds)]
kosta has quit [(Quit: kosta)]
<woffs>
sphalerite: git-annex ;)
<sphalerite>
woffs: don't want to keep 2 copies of everything and have to sync them manually
<etu>
sphalerite: nfs
<sphalerite>
makefu: is the performance on that good?
kosta has joined #nixos
<sphalerite>
Ah but SMB won't have support for the x bit, will it? I kind of need that to have a nix store on it :p
<sphalerite>
etu: that could work
<makefu>
spacefrogg: performance is awesome, with ordinary hardware you can fill the gigabit pipe. not sure if it would be good to use for the nix store (i assume not)
<makefu>
however you could configure it as an overlay to your store
goibhniu has joined #nixos
<etu>
sphalerite: But nfs might cause problems from time to time, like if you have sqlite on a nfsshare (it doesn't matter if you're the only one using it) it might just break
kosta has quit [(Client Quit)]
<makefu>
sphalerite: according to "some dude on stackoverflow" there are unix extensions for cifs. never tried it though
<etu>
sphalerite: Otherwise, I've been using sshfs quite a lot in the past :D
cybrian has quit [(Read error: Connection reset by peer)]
<etu>
sphalerite: If you have a stable connection, sshfs can be really stable.
<sphalerite>
This is a VM-to-host connection, so yes it should be stable :D
<sphalerite>
But I don't really want any overhead
<sphalerite>
I think nfs is indeed what I want
jtojnar has quit [(Remote host closed the connection)]
<etu>
At a previous job, we started clustering the system. And at some point when we deployed it someone came and said: "oh wait, this directorys content *must* be synced between all the hosts"
kosta has joined #nixos
<goibhniu>
gchristensen: in the topic, why not just tell people to run `nix-info` (instead of all that nix-shell shenanigans)?
<etu>
So we was like, okay. Something simple and we need encryption.
<etu>
And set up sshfs
<makefu>
sounds reasonable
<etu>
It was rock solid
oahong has quit [(Ping timeout: 260 seconds)]
<woffs>
with NFS you use v3 I guess
<etu>
Not an issue for an entire year (that's when the host that was hosting the files went down)
<makefu>
i heard at microsoft they are mounting their gigantic windows repos with sshfs
<sphalerite>
etu: I suppose I could use NFS for /nix/store while keeping the rest of /nix locally then, since I am indeed planning to have it used directly as a nix store only by the one VM
<etu>
sphalerite: Dosen't that state thingy use sqlite?
<sphalerite>
Isn't NFS v4 a thing?
<etu>
yeah it is
<sphalerite>
etu: yes but that's in /nix/var/nix/db as opposed to /nix/store
<etu>
sphalerite: ah, good. i don't see any potential issues then :)
<sphalerite>
Oh, according to Wikipedia it "mandates strong security"
<woffs>
NFS4 with or without kerberos?
<makefu>
sphalerite: once you've got your setup working i'd love a writeup on what to do :)
<sphalerite>
makefu: it's still very up in the air, not sure to what extent this will actually happen
<makefu>
still!
<sphalerite>
Might end up using qemu-user after all
<makefu>
i saw that qemu-user is also able to natively run aarch64 binaries (since 2012). there must be a way to use it for building
oahong has joined #nixos
oahong has quit [(Changing host)]
oahong has joined #nixos
<sphalerite>
Yes, clever pioneered that
<sphalerite>
I've used it successfully for armv7
jgt has quit [(Ping timeout: 276 seconds)]
<sphalerite>
I haven't got any aarch64 devices to play with so I haven't tried that
townsend has joined #nixos
<makefu>
wow really, you can use it already? is there a howto somewhere?
<makefu>
because i've read that you get near-native build speed
kosta has quit [(Quit: kosta)]
johnsonav has quit [(Ping timeout: 255 seconds)]
kosta has joined #nixos
kosta has quit [(Client Quit)]
ssmike has quit [(Ping timeout: 258 seconds)]
<sphalerite>
Builds on my XPS 15 (i7-7700HQ, 16GB RAM, NVMe SSD) with qemu-user are about 2x slower than on my chromebook (quad-core Cortex A17 I think, 2GB RAM, USB for storage)
<sphalerite>
So "near-native" only if 2x counts, and such a huge difference in hardware doesn't
<dhess`>
Anyone around who understands how multi-user Nix works on macOS?
<alexteves>
nevermind, I just needed "nix-env -i nix-repl"
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
Neo-- has quit [(Ping timeout: 240 seconds)]
<sphalerite>
alexteves: that's not the built-in one. The built-in one isn't in a stable release yet, but you can install nixUnstable to start using it now if you want. (the command then would be `nix repl` rather than `nix-repl`)
<alexteves>
ah that makes more sense
ilyaigpetrov has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti pushed 5 new commits to master: https://git.io/vbT8P
<NixOS_GitHub>
nixpkgs/master 6610c35 Peter Simons: hackage2nix: keep language-c-0.7.0 around in the package set for c2hs hack
<NixOS_GitHub>
nixpkgs/master 98bf286 Peter Simons: hackage2nix: disable failing builds
<NixOS_GitHub>
nixpkgs/master f2dd899 Peter Simons: hackage-packages.nix: automatic Haskell package set update...
<bachp>
Is there a way to run nixos-rebuild switch as root without going trough the nix-daemon? I want to do that because I need to have some proxy variables set to bootstrap the system.
<bachp>
Currently the only way I found it to add the "--repair" flag but I seems to do more than just not using the nix-daemon
<gchristensen>
goibhniu: it is only installed by default on nixos and nix-darwin
zetok has joined #nixos
phreedom has quit [(Quit: No Ping reply in 180 seconds.)]
phreedom has joined #nixos
<goibhniu>
gchristensen: ah, I was just thinking that we don't need to tell people to use use-shell for it in particular
TweyII has joined #nixos
TweyII is now known as Guest44794
MP2E has quit [(Remote host closed the connection)]
<sg2002>
Hello. Is there any way to trace from where the package get installed? I'm trying to install a package from local git nixpkgs repo, but end up with the upstream version...
fendor has joined #nixos
ertes has quit [(Ping timeout: 268 seconds)]
<hyper_ch>
q: how bad does qemu compression impact performance?
<sg2002>
Hmm. Verbose seems to tell me that I'm actually using the correct package... Maybe I'm installing it the wrong way? What's the proper way to install a package after runing nix-build on it?
ertes has joined #nixos
fendor has quit [(Remote host closed the connection)]
fendor has joined #nixos
Guest44794 is now known as TweyII
TweyII has quit [(Changing host)]
TweyII has joined #nixos
<vaibhavsagar>
how do I evaluate and print the output of nix-instantiate --eval?
<gchristensen>
sg2002: nix-env -i ./result will do it
<goibhniu>
sg2002: perhaps you didn't change the hash in the expression?
fendoer has joined #nixos
fendor has quit [(Ping timeout: 260 seconds)]
<sg2002>
gchristensen: Thanks. And what nix-env -f . -iA {packagename} supposed to do? Should it be able to install from local packages?
<gchristensen>
I don't really know how to use nix-env, sorry. I don't use it very much
berce has joined #nixos
Neo-- has joined #nixos
<sphalerite>
vaibhavsagar: pass --strict
<sphalerite>
vaibhavsagar: although I'm not sure if that evaluates it all the way down. You could use --json if you don't have any values that can't be represented in JSON in there
cybrian has quit [(Read error: Connection reset by peer)]
ylwghst has joined #nixos
reinzelmann has quit [(Remote host closed the connection)]
warbo has joined #nixos
cybrian has joined #nixos
<warbo>
hello, I'm trying to get NixOS (16.09, I think) to show linux consoles on F1-F6, but they're just blank black screens at the moment
<warbo>
os there a configuration.nix setting I can use to enable these?
<warbo>
*is
ylwghst has quit [(Remote host closed the connection)]
ssmike has quit [(Ping timeout: 240 seconds)]
<vcunat>
consoles are enabled by default
ylwghst has joined #nixos
<vcunat>
if you get black screens, you probably have graphics driver problems
<warbo>
I'm using a 10 year old thinkpad with integrated Intel graphics
<warbo>
which I would imagine is pretty well supported
zzamboni has quit [(Quit: Leaving.)]
derped has joined #nixos
<vcunat>
I would also imagine that.
__Sander__ has joined #nixos
zzamboni has joined #nixos
<dweller>
warbo: try adding fbcon and i915 to boot.initrd.kernelModules
<warbo>
dweller: ok, I'll give that a try
<warbo>
would that need a reboot or would nixos-rebuild switch do?
<dweller>
rebuild and reboot
<warbo>
:(
<warbo>
ok
jtojnar has joined #nixos
<dweller>
afair i had to do something similar on my x230
<dweller>
thought it might not be needed anymore
zzamboni has quit [(Quit: Leaving.)]
townsend_ has joined #nixos
townsend has quit [(Ping timeout: 268 seconds)]
zzamboni has joined #nixos
<vaibhavsagar>
sphalerite: I'm trying to expand the output of `nix-instantiate --eval -E '(import <nixpkgs/nixos/lib/eval-config.nix> { modules = [/etc/nixos/configuration.nix]; }).config.systemd.units."alsa-store.service".text'`
phreedom has quit [(Ping timeout: 276 seconds)]
<sphalerite>
vaibhavsagar: I usually use --json and pipe into jq -r for that
phreedom has joined #nixos
ylwghst has quit [(Remote host closed the connection)]
<vaibhavsagar>
perfect, is there a way to do it without jq?
<vaibhavsagar>
I'm using `echo -e $(nix-instantiate ...)`
<sphalerite>
I'd recommend using something that handles the output correctly in all cases, which your echo trick won't
<sphalerite>
jq is tiny and does the job well, why do you not want to use it?
<vaibhavsagar>
I'm putting this in a tutorial
peacememories has joined #nixos
<sphalerite>
I'd recommend using jq for it, since it's guaranteed to get it right (barring a bug in nix or jq)
<Biappi>
python -mjson.tool $file.json
<Biappi>
if you need a prettyprinter
<sphalerite>
Biappi: no, not pretty-printing. Parsing a string and outputting it raw
<vaibhavsagar>
I think I might as well assume jq
<sphalerite>
as jq -r does
<Biappi>
oops, sorry
<sphalerite>
python -c 'import json, sys; print json.load(sys.stdin)' can do it I think but it's so ugly!
ylwghst has joined #nixos
<vaibhavsagar>
I think I'll stick with jq
ssmike has joined #nixos
cybrian has quit [(Read error: Connection reset by peer)]
<vaibhavsagar>
`python3 -c "import sys, json; print(json.loads(sys.stdin.read()))"` works too
<Neo-->
hey all :) I have firefox-esr and firefox from master in my configuration.nix, but `firefox` command is symlinked to firefox-esr and firefox from master seemes to be installed but not accesible... is there a way to set alias for a package in configuration.nix? https://gist.github.com/uskudnik/996f2214f2282656914444e1def5a596
zzamboni has quit [(Quit: Leaving.)]
<srhb>
Does anyone know of a good example of a multi-version-module? I feel it's really messy to support two versions in one module, interspersing ifs everywhere. I kind of feel it's much simpler to create a service.module3 (where 3 is the major version of the service) and make it mutually exclusive with service.module2
zzamboni has joined #nixos
<srhb>
Specifically I'm updating the elasticsearch module to support version 6, and ugh: Version 2, 5 and 6 in one module is pain and horror.
zzamboni has quit [(Client Quit)]
zzamboni has joined #nixos
derped has quit [(Remote host closed the connection)]
townsend_ has quit [(Ping timeout: 248 seconds)]
__monty__ has joined #nixos
<__monty__>
I've defined an environment using myEnvFun and it seems to work alright but when loading it I get these errors: http://ix.io/CmM Am I doing something wrong?
ssmike has quit [(Ping timeout: 276 seconds)]
jgt has quit [(Ping timeout: 276 seconds)]
townsend has joined #nixos
stphrolland has quit [(Quit: Page closed)]
jtojnar has quit [(Quit: jtojnar)]
jtojnar has joined #nixos
<srhb>
__monty__: I don't think so, but I think you probably shouldn't use myEnvFun
<srhb>
(Well, okay: Yes, you're using myEnvFun, and you probably don't need to)
<__monty__>
srhb: Afaict issue #18315 is still ongoing because johnw's use case (which I copied) isn't covered by buildEnv.
<srhb>
__monty__: Ah, okay.
ylwghst has quit [(Quit: Lost terminal)]
ssmike has joined #nixos
tmaekawa has quit [(Quit: tmaekawa)]
bennofs has joined #nixos
warbo has quit [(Remote host closed the connection)]
<__monty__>
srhb: I always read your nick as Señor Hb.
<srhb>
__monty__: Aww! I was going for "shrub" though, I think. :-P
<srhb>
... which is weird, considering that's out of order.
<srhb>
Maybe I didn't give it much thought after all...
fendoer has quit [(Remote host closed the connection)]
davidak has joined #nixos
ylwghst has joined #nixos
periklis has quit [(Remote host closed the connection)]
periklis has joined #nixos
warbo has joined #nixos
<warbo>
adding fbcon and i915 to the kernelmodules seems to have worked, thanks
<sg2002>
I'm trying to create a pull request, so I followed the manual advice here: https://nixos.org/nixpkgs/manual/#idm140737317305456 . So I have my own fork that forks after a particular commit(not master). I cannot create a pull request unless I compare with master. Do I have to compare with master?
<MichaelRaskin>
Well, the PR is expected to be merged in some branch; most PRs target master.
<MichaelRaskin>
Things that require a lot of rebuilds usually go to staging branch,
<MichaelRaskin>
and release branches (like release-17.09) get cherry-picks of fixes that have landed into master.
adamt has joined #nixos
adamt has quit [(Changing host)]
adamt has joined #nixos
<etu>
MichaelRaskin: So things in staging get built before it lands in master to have caches slightly less behind?
<gchristensen>
sg2002: do you not want to target master?
<adamt>
Is the code behind the nixos packages and options available somewhere? :-)
<gchristensen>
adamt: like the web pages?
<adamt>
gchristensen: Yeah, specifically the thing that creates the searchable packages and options
<vcunat>
etu: yes
<gchristensen>
the part that creates the dataset, or the viewer?
<etu>
vcunat: Cool, I like that :)
<MichaelRaskin>
etu: also, sometimes multiple updates go into staging to get merged to master in a single operation.
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<rmrfroot>
can someone please tell me how to access `nix-hash` inside the installPhase of a derivation?
<adamt>
gchristensen: Thanks a lot. :-)
<gchristensen>
adamt: out of curiosity, why do you ask?
<gchristensen>
you're welcome :)
szicari has joined #nixos
<warbo>
rmrfroot: `readlink -f $(which nix-hash)` tells me it's located at /nix/store/sswcsyy0p034h3202yvwjfm79xy1v138-nix-1.11.6/bin/nix-hash
<warbo>
rmrfroot: so add `nix` to the buildInputs of your derivation
<sg2002>
gchristensen: My branch was forked from an older version of nixos as suggested in the manual. Comparing with master added all those commits that are different from my branch.
<adamt>
gchristensen: Two reasons. 1) It's pretty annoying that the official website tells you nothing about which branch it shows data from, so I actually considered running a local instance. 2) We develop packages and modules in house, so it would be neat with a package and option browser for what's in our own repository (and not yet upstreamed) :-)
<gchristensen>
sg2002: hmm that seems wrong, what branch of nixos did you branch from?
<sg2002>
gchristensen: Not from a branch. I followed the manual's suggestion of branching from a commit of my local installation.
<warbo>
rmrfroot: note that if you want to use nix to build stuff from within a derivation, it's not enough to just add nix to buildInputs (you need to sort out NIX_PATH and NIX_REMOTE, at least)
<gchristensen>
sg2002: ok, what does `nix-info` say?
<adamt>
gchristensen: Nice with elm. I'll look into it later. The repo browser isn't that high on the list, but it'll be useful sooner or later, and i just wondered. Thanks for the help, i made sure to bookmark the links. :-)
<warbo>
rmrfroot: but simple tools like calculating a hash should hopefully just work, since they don't need to modify the store or anything
<gchristensen>
adamt: sounds like a cool project :)
<sg2002>
gchristensen: nixos-17.09.2182.7f6f0c49f0 - I branched out from that particular commit.
<gchristensen>
ahh I see
<rmrfroot>
warbo: yeah, it's just that i wanted to get a hash for a whole directory and not a single file
<sg2002>
gchristensen: Ok, I just manually changed to 17.09 branch. Guess someone needs to suggest a clearer instructions in the manual.
<gchristensen>
sg2002: the instructions do need to be clearer, because you should be branching off some version of master :/
<MichaelRaskin>
Generally, PRs towards 17.09 are things that are already fixed in master (in the same way), or not applicable to master (a minor update when the master just updated to a newer major version)
periklis has quit [(Remote host closed the connection)]
periklis has joined #nixos
stphrolland has joined #nixos
sg2002 has left #nixos ["ERC (IRC client for Emacs 25.3.1)"]
<stphrolland>
HI. Do you know a way to increase the font size of tty 1 to 6 ? There are too small on my hi definition laptop screen.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 2 new commits to master: https://git.io/vbTxj
<NixOS_GitHub>
nixpkgs/master 268d365 Antoine Eiche: qemu: fix CVE-2017-15118...
<NixOS_GitHub>
nixpkgs/master df5600d Vladimír Čunát: Merge #32163: qemu: patch CVE-2017-15118
NixOS_GitHub has left #nixos []
<MichaelRaskin>
I guess setfont would do it manually
rmrfroot has quit [(Remote host closed the connection)]
<stphrolland>
gchristensen: it works well :-)
<gchristensen>
maybe we should just default to that
<stphrolland>
gchristensen: let's try adding it to i18n.consoleFont to see if that can stay
<gchristensen>
it is much easier to take a large font and turn it small than the teeny font and make it large
<stphrolland>
gchristensen: I reboot to see
<gchristensen>
ok
stphrolland has quit [(Quit: Page closed)]
stphrolland has joined #nixos
<stphrolland>
gchristensen: perfect. it's not my favorite, but its size is well readable enough. I'll go with it for the moment. thanks for the trick :-°
<gchristensen>
:) you're welcome! if you come across a better font, do let me know
<stphrolland>
gchristensen: and now also all the boot log is readable from the start, I feel better.
<gchristensen>
nice
<gchristensen>
yeah, when debugging my current laptop's setup I'd video record the boot on my phone and zoom in to read it
asuryawanshi has quit [(Ping timeout: 276 seconds)]
warbo has left #nixos ["ERC (IRC client for Emacs 25.1.1)"]
<vcunat>
:-)
<hyper_ch>
a photographic memory would be useful
zzamboni has quit [(Quit: Leaving.)]
fragamus has joined #nixos
<gchristensen>
also the eyes of a 9 year old
zzamboni has joined #nixos
ma27 has joined #nixos
<stphrolland>
now that my system tty are fine, I want my terminal in X to look fine. How do you set defaults for xterm in nixos ? I have read to create a .Xdefaults file but it doesn't seem to be read when I treid. .Xresources ? another name ?
johnwhitlow[m] has joined #nixos
peacememories has joined #nixos
<vaibhavsagar>
how do I get NixOps to stop using a VirtualBox image based on 16.09?
LexLeoGryfon has joined #nixos
ssmike has quit [(Ping timeout: 240 seconds)]
cybrian has quit [(Read error: Connection reset by peer)]
<LexLeoGryfon>
gents, I'm doing nix os install on plain dm-crypted root. in my configuration.nix I included boot.initrd.kernelModules = [ "keyboard" "keymap" "encrypt"]; & boot.kernelParams = ["root=/dev/mapper/encrypteddick" "cryptdevice=/dev/sda:encrypteddick" "crypto... etc BUttt... Os doesn't asks for password to decrypt root, and I have error 'encrypt' module not found in /lib/modules
<LexLeoGryfon>
how to fix?
<hyper_ch>
what encryption did you use? luks/dm-crypt?
<LexLeoGryfon>
I mentioned 'encrypt' module, in configuration.nix and hooks, but it doesn't being loaded by initrd.
<LexLeoGryfon>
and I NEED to use it without LUKS. it works ok after boot, and works ok during boot in other distros., but here in NixOS during boot something gone wrong
Sonarpulse has joined #nixos
<hyper_ch>
no idea
<hyper_ch>
I always used luks/dm-crypt
<hyper_ch>
and now I use native zfs encryption
<LexLeoGryfon>
yeah, your way work, I know and tested it too
<LexLeoGryfon>
however my requirement in this case to use plain dm-crypt
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 3 new commits to master: https://git.io/vbkff
<NixOS_GitHub>
nixpkgs/master 5f59913 Philipp Hausmann: FusionInventory: 3.18 -> 3.21
<NixOS_GitHub>
nixpkgs/master 59a737a Philipp Hausmann: FusionInventory: Patch in NixOS support...
<catern>
how would I package some library that provides a Python module interface, a C library interface, and other library interfaces for other languages?
<catern>
I can't just use buildPythonPackage, for example
<catern>
Should I make it into multiple derivations?
<LexLeoGryfon>
I would build\link it statically in single binary, that's my way :)
<catern>
I don't think you are answering the same question :)
<LexLeoGryfon>
yeah(
ma27 has quit [(Quit: WeeChat 1.9.1)]
DerGuteMoritz has quit [(Read error: Connection reset by peer)]
<LexLeoGryfon>
yeah, much love <3 , the right and correct way of distributing binary packages and avoid dependency conflicts
<LexLeoGryfon>
I wish there were actual working static distro with mostly static packages. Have heard Alpine done some work in that way, But Sta.li and similiar projects look abandoned\dead
<Li[m]>
LexLeoGryfon: count me in to participate on a stali verson of nixos
<gchristensen>
there is basically only costs and few up-sides when you have a system like Nix
<LexLeoGryfon>
yay, how many intelligent people on this channel!
joshuasarver is now known as joshuaks
<LexLeoGryfon>
I appreciate that
<joshuaks>
sphalerite: you around
<orivej>
catern: look at opencv in all-packages and python-packages
<sphalerite>
yep
<joshuaks>
you got a BC wallet or something? I really appreciate the help yesterday.
<catern>
orivej: thanks, will look
<Li[m]>
LexLeoGryfon: have you looked at oasis ?
cybrian has joined #nixos
<LexLeoGryfon>
There is some chance that I will static fork distro version of NixOs someday. But firstly I want to get used to NixOS on daily basis.
ylwghst has quit [(Quit: Lost terminal)]
<gchristensen>
what do static binaries get you with nix?
<catern>
orivej: oh, yikes, this seems distasteful... am I right in understanding that it builds the C core of opencv twice?
<joshuaks>
Is there any chance nixOS could get ported to BSD / is it possible?
<sphalerite>
joshuaks: I don't currently, but thanks!
<catern>
gchristensen: you should state it more directly instead of rhetorically :)
<catern>
LexLeoGryfon: static binaries don't gain you anything with Nix
<orivej>
catern: I don't know, but I won't be surprised if it does, and that's ok
<gchristensen>
catern: state what?
<hiroshi>
joshuaks: Is there any chance nixOS could get ported to BSD / is it possible?
<sphalerite>
oh yeah, that reminds me, I wanted to make it default to having all the plugins
<hiroshi>
joshuaks: what do you mean ?
<catern>
gchristensen: that there's no benefit to static linking once you have Nix
<joshuaks>
ie. is it feasible it could run on the bsd kernel? No the package manager, but the entire system.
<LexLeoGryfon>
gchristensen: mental satisfaction in my case
<catern>
(except in contrived scenarios)
<gchristensen>
catern: I thought I did: "151355 gchristensen | there is basically only costs and few up-sides when you have a system like Nix""
<catern>
oh
<catern>
fair enough :)
<gchristensen>
but I'm genuinely curious what up-side I may not know about which would cause someone to make the effort
<LexLeoGryfon>
and It could be interesting to port majos software to Musl C lib
<hiroshi>
joshuaks: haha that sounds interesting but how are you going to deal with systemd and nix ?
<joshuaks>
not a clue lol
<Li[m]>
systemd is the main project to tackle in this case
<joshuaks>
I saw some requests to move off systemd but it looks like a nightmare
<catern>
joshuaks: if you're interested in such efforts, maybe look at Guix - I think they are working on running on Hurd. and anyway they don't use systemd in the first place
<hiroshi>
haha
<joshuaks>
runit looks super nice
<Li[m]>
basically a quasi rewrite
<joshuaks>
hm I'll definitely check it out
<hiroshi>
systemd is linux for massive projects. if you don't use it , you will have an small project
<joshuaks>
I don't really know the inner workings of systemd, I just don't like it from a philisophical standpoint.
<FRidh>
Funny, yesterday I created a Nix store at a different location. For the bootstrapping I used a NixOS build of Nix. Then, afterwards, I wanted to upgrade Nix in that store. Its a single-user installation, no sandbox, and at some point during a build the contents of the glibc store path was deleted...
<gchristensen>
FRidh: yikes ...... I think I saw some chatter about a similar issue
<avn>
joshuaks: you ofc can try to maye init system pluggable in nixos, it shouold be mid-size task ;)
<gchristensen>
mid-to-enormous
bennofs has quit [(Ping timeout: 248 seconds)]
<adisbladis>
And what would the gain be
<hiroshi>
haha
berce has quit [(Ping timeout: 264 seconds)]
DerGuteMoritz has joined #nixos
stphrolland has quit [(Quit: Page closed)]
<LexLeoGryfon>
Li[m]: first time I see Oasis. But I saw a lot of small interesting distros for example http://bedrocklinux.org/introduction.html promises cross-distro packages compatibility. K, gotta run away in hurry now. cya tomorrow
<LexLeoGryfon>
my first touch\sense of nix when I installed nix-package manager in to my broken Arch in order to isntall new version of software in /home/user w\o root, and I liked it.
mmlb has joined #nixos
<LexLeoGryfon>
there is somwhere a small collection of binary packages in git, that could be downloaded to /home/ and work out of box w\o root and with static musl linked already
* LexLeoGryfon
lost the link
bennofs has joined #nixos
zzamboni has joined #nixos
<joshuaks>
Coming from Homebrew (if you're familiar with that). Can I create a "Nixfile" with a list of packages I want installed? Use that on a new install to pull everything I need?
<FRidh>
gchristensen: I wonder how it got deleted. While the build runs as the user (me), the contents of the store paths are flagged as unwriteable.
<joshuaks>
I saw you can copy stores around but that not really what I'm trying to do.
<joshuaks>
sphalerite: I seriously can't thank you enough for your help
<sphalerite>
joshuaks: that can then be installed with nix-env -f path/to/file.nix -ir (where -r makes it remove all the existing stuff in the profile)
<joshuaks>
ah okay so similiar to the script I used yesterday
<joshuaks>
I'm gonna have to spend some time on the syntax
<sphalerite>
If you just want a list of packages, your file can be as simple as `{ inherit (import <nixpkgs> {}) weechat tmux foo bar baz; }`
ma27 has joined #nixos
kus_ubuntui686a has joined #nixos
kus_ubuntui686a has quit [(Max SendQ exceeded)]
magnetophon has joined #nixos
<sphalerite>
If you want to learn how nix works in more detail, the "nix pills" at https://nixos.org/nixos/nix-pills/ are a great resource
<joshuaks>
Oh man I was reading those. I find them way easier to follow than the actual documenation. Whoever wrotes those did great.
joshuaks is now known as formerlyCuckd
formerlyCuckd is now known as joshuaks
<magnetophon>
I'm running the default emacs pkg, which afaik is configured with imagemagick, but when I eval: (image-type-available-p 'imagemagick) , I get: nil. (getenv "PATH") seems OK as well. I have imagemagick installed.
<sphalerite>
Yeah, it was originally written as a series of blog posts by lethalman, then recently (thanks to gchristensen's organisation) rewritten in docbook to live on the official site
<sphalerite>
And is now maintained by anyone who wants to contribute :)
cybrian has quit [(Read error: Connection reset by peer)]
ssmike has quit [(Remote host closed the connection)]
ssmike has joined #nixos
* __Sander__
endures a lot of physical pain
<sphalerite>
__Sander__: ???
<__Sander__>
I'm on node2nix's new NPM support again
<__Sander__>
lots of fun stuff
<__Sander__>
I thought I had a working approach
stanibanani has joined #nixos
<sphalerite>
oh boy
<__Sander__>
but apparently these APIs don't appear to be stable
<__Sander__>
upgrading npm to a new minor release breaks it
<__Sander__>
fortunately, I discovered yet another approach
<__Sander__>
but it's complicated
vandenoever has quit [(Ping timeout: 248 seconds)]
ma27 has quit [(Ping timeout: 250 seconds)]
berce has joined #nixos
<dtzWill>
so LexLeoGryfon you might be rather interested in my research-- either as ideas (I just submitted a paper on it!) or as a means to a number of ends. In the hopefully near future when I sit down and make the code/tools/nixpkgs-fork all freely available
<dtzWill>
I've love to send you my draft if that sounds like something you'd be intrested in but it seems very much up your alley...
vandenoever has joined #nixos
vandenoever has quit [(Changing host)]
vandenoever has joined #nixos
<dtzWill>
a)building "all the things" using Nix and musl
<dtzWill>
b)(this is my research angle: Everything is built as LLVM IR (http://allvm.org roughly))
<dtzWill>
c)this paper presents techniques that create fully-statically-linked programs from programs generally dynamically linked, and in particular
ma27 has joined #nixos
seanparsons has quit [(Ping timeout: 268 seconds)]
<dtzWill>
d)capability to create a single binary for an arbitrary (mostly) collection of programs-- that is static goodness but also allows sharing code pages like shared libraries
<dtzWill>
resulting in much smaller sizes than even dynamically linked libraries, lower memory usage, faster start, etc.
<dtzWill>
fun example: create a single fully-statically linked executable for nginx, mariadb, and php.. all-in-one O:) :D
<dtzWill>
misc example, I just generated this-- a dynamically linked "nixUnstable" build is ~20MB using ~17MB of shared libraries across 10 executables
<dtzWill>
multiplexing gets that down to 13MB retaining sharing benefits while also creating statically linked binary for easy deployment/portability
<dtzWill>
for those times where Nix can't be your savior ;) :P
<dtzWill>
anyway it's all Nix goodness, working on getting all the pieces suitable for sharing soon :)
<dtzWill>
it all works well enough that most of my daily programs are built this way O:)
seanparsons has joined #nixos
derped has quit [(Ping timeout: 240 seconds)]
<dtzWill>
re:shared/static, idk how people deal with linux shared libraries /without/ Nix haha
<vcunat>
:-)
<sphalerite>
with difficulty
<dtzWill>
IMO this is largely what motivated the early hype about Docker
<Li[m]>
dtzWill: that sounds awesome, is there a public repo?
<sphalerite>
yeah
<dtzWill>
Li[m]: not yet! But I've been working hard--i even have a nifty S3 cache and funding plans aimed at making it available
<sphalerite>
I worked with docker for a bit and thought "If only there was a package manager with which I can manage dependencies like this but have sharing and not have to download bazillions of megabytes of image layers"
<joshuaks>
Docker is what brought me to Nix.
<joshuaks>
I loved it for application deployment, but...it's really not great for the desktop.
<sphalerite>
Little did I know that exactly that already existed! Then I found out, and now I never want to go back
<dtzWill>
but also I wasn't sure how much people would be interested --in some ways it's a bit ambitious and it's taken a lot of work to get enough results to show my crazy ideas actually work, even if they're still a smidge crazy ;)
<Li[m]>
dtzWill: iv been looking for something like this
<dtzWill>
anyway so I'd /love/ to make this as absolutely public as I can, lol
<Li[m]>
my main goalpoast is to move towards different kernels with nix, so decoupling from linux in any way
<dtzWill>
Li[m]: oh? any particular aspect? And depending on how important it is, I /can/ probably share what I have if you're interested in collaborating or using it privately
<Li[m]>
ahah, I guess I foresaw the question
spietz has joined #nixos
Turion has joined #nixos
<dtzWill>
so I pitched it about in terms of static/shared, but really I've been using Nix to explore my vision of abstracting away lots of the pains of things like binary formats and generally how software has become so very complicated even when it does simple things :)
<dtzWill>
so lots of that is finding the right, well, process model is what I've been calling it, but the right abstractions
<dtzWill>
that let people do the things they want
<dtzWill>
without hating their lives
darlan has joined #nixos
<joshuaks>
I really like that nix derivations pull in everything. It really blew my mind the first time I realized package mangers may not pull in everything. Then you spend two hours finding out what's missing and how to configure it.
darlan has quit [(Client Quit)]
<dtzWill>
but I do compiler research so I'm also excited about having /actually/ whole-program IR for non-trivial programs, an ridiculously excited for the sort of cross-program analysis and optimizations that are possible if you don't insist on systematically converting your nice programs into opaque binay formats no one understands :P
<joshuaks>
Which was part of the appeal of Docker. Someone else handles all that. But with Nix, it's done at a much lower level (which is great).
<sphalerite>
the only trouble is optional run-time dependencies. I mean, it's still miles better in nix than it is in other package manager where it's handled completely ad-hoc, but we don't have a consistent interface for it in nixpkgs, only per-package stuff like the weechat thing, texlive.combine, ghc.withPackages, etc
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Fuuzetsu pushed 1 new commit to master: https://git.io/vbkGC
<NixOS_GitHub>
[nixpkgs] joachifm pushed 2 new commits to master: https://git.io/vbkG4
<NixOS_GitHub>
nixpkgs/master 3741ecd James Edington: palemoon: 27.6.0 -> 27.6.2...
<NixOS_GitHub>
nixpkgs/master 85b4a20 Joachim F: Merge pull request #32154 from JamesTheAwesomeDude/palemoon...
NixOS_GitHub has left #nixos []
<joshuaks>
Could each of those be a separate deriviation, or does that blow up into too many options quickly?
<dtzWill>
fun example: here's what dynamic/static (vs my work) looks like when running 1, 2, 3, ... 10 Qt appliications in terms of memory footprint as well as disk usage: http://dtz.so/docs/ajixa.png ^_^
<sphalerite>
what do you mean?
erasmas has joined #nixos
<dtzWill>
honestly Nix just needs a bit more love and polish to unify some of those details
<sphalerite>
dtzWill: nice!
<joshuaks>
You have a weechat+php deriviation, weechat+ruby, etc. But I think I answered my own question. That will blow up quick.
<dtzWill>
also fun things happen when you combine multiple versions of the same pakage--how amounts of code sharing present not captured by shared libraries; not a problem for ALLVM! muahaha
<joshuaks>
Then you get weechat+php+ruby, weechat+php+python, etc.
<joshuaks>
Oh, speaking of all this. I have another question.
<sphalerite>
joshuaks: well they're already easy to make. But yes, putting all of them in nixpkgs as their own thing would explode
<dtzWill>
lol for example can create a single binary that contains "all" 40 memcached versions in one, hahaha
<dtzWill>
:D
ma27 has quit [(Ping timeout: 250 seconds)]
<dtzWill>
and smaller than dynamically linked equivalent, etc., etc
<dtzWill>
anyway thanks for letting me go on about this O:)
<sphalerite>
dtzWill: mind blown.
<joshuaks>
One of my weechat scripts require a python websocket dependency. I tried installing via nix but it can't seem to find it. If I use pip it's all fine (as expected).
<sphalerite>
joshuaks: that's also addressed by the weechat section of the nixpkgs manual ;)
<joshuaks>
Do I need to do somthing with my path to have the nix installed packages work? Python can't seem to find any additional packages installed at the nix level.
<dtzWill>
joshuaks: python packages shouldn't be installed IIRC
<dtzWill>
joshuaks: should use in a derivation or use nix-shell
<joshuaks>
via pip you mean?
<joshuaks>
ahhhh ok
<Li[m]>
one nixos option for every setting in strongswan and swanctl
<dtzWill>
no I mean "nix-env -iA pythonPackages.XXX" is generally the first step with the second being "why aren't things working the way I want"
<joshuaks>
So there's no reason why everything can't be done at the nix level
<dtzWill>
similarly c/C++ libraries used as build deps are the same
<clever>
dtzWill: something ive been wondering, how feasible is it to compile something large/complex to llvm, then finish it off later, and how cross-platform would that llvm be?
<dtzWill>
so unless it's a python /application/ it's likely a build dependency and doesn't make sense to install
<dtzWill>
oh lmao sphalerite already linked a nice explanation and I'm rambling
<dtzWill>
xD
<sphalerite>
Yeah. This is one of the issues new users have the most, hence the FAQ entry :)
<joshuaks>
So is that considered something that needs improvement or it that just the nix way?
<dtzWill>
clever: well so that's basically what I'm doing in my creation of "allexes" (executables that are 100% LLVM IR, only external refs are to a fixed interface that's pretty much just musl)
<dtzWill>
ti works wonderfully cross-distro, since it's easy to build into static executables and such
<dtzWill>
but cross-platform? that's more diving into the realm of (p)nacl
<dtzWill>
and the short answer is LLVM IR is not platform-independent
<dtzWill>
(unlike, say, java or .net)
<sphalerite>
joshuaks: that's the nix way
<dtzWill>
so your C program has platform-specific bits like size of a pointer that are evaluated long before you get to LLVM IR level
<dtzWill>
I think webasm is how people are choosing to see that solved, lol
<clever>
dtzWill: so it should be trivial to optimize the IR to your specific x86-64 cpu, to take advantage of what features you have
<sphalerite>
Because you want behaviour of one thing to depend as little as possible on what else is installed
magnetophon has quit [(Remote host closed the connection)]
<dtzWill>
after pnacl/nacl, emscripten, etc.
<clever>
dtzWill: but translating it to x86-32 or armv7 would be harder?
<dtzWill>
clever: absolutely!
<dtzWill>
clever: yeah; LLVM IR is "high" level enough you can still udnerstand the code, at least as compared to trying to throw IDA at it or something lol
ma27 has quit [(Quit: WeeChat 1.9.1)]
<clever>
dtzWill: what about switching between x86-64 and aarch64 (64bit arm)
ma27 has joined #nixos
<dtzWill>
and perhaps more importantly it's still flexible, in that none of the implementation details have been irrevokably merged with the code
<dtzWill>
I mean for some use cases you might be able to pull that off
adamt has quit [(Ping timeout: 255 seconds)]
<dtzWill>
but basically LLVM IR doesn't work that way, unfortunately
<dtzWill>
honestly LLVM IR isn't the greatest for what I'm doing but it's the hammer I'm most familiar with and it gives me a lot of other goodness I wouldn't otherwise have
<dtzWill>
but inevitably conversations tend to end up with me happily admitting that if everyone sat down and designed the "right" answer for such a thing
<dtzWill>
it wouldn't almost certainly not be LLVM IR
<dtzWill>
lol
<dtzWill>
(for many of the reasons the webasm folks cite as motivation for creating their new thing instead of continuing on the pnacl route/etc)
vandenoever has quit [(Ping timeout: 260 seconds)]
<dtzWill>
idk if it's something lots of other people about but one of things I love about my ALLVM goodness is that it makes programs.. simple again. All the code is right there :).
<clever>
dtzWill: what kinds of dis-agreements can happen if you try to use the same IR for many platforms?
* dtzWill
is using allexe-built terminal/shell/ssh/etc. to chat presently, many of which are JIT'd just because I can xD
<dtzWill>
clever: well to non-Nix users, and especially non-clever people ;) I'd start with the fact that LLVM IR is incapable of expressing a complete program
slack1256 has joined #nixos
<dtzWill>
but with Nix and such that becomes much easier to manage, but it's a show-stopper in most other environments
<dtzWill>
for same reasons people use package managers at all instead of just copying things around :)
<dtzWill>
anyway as for IR itself, hmm
<clever>
the main limit i can see is things like the layout of `struct stat` and things like #ifdef's
<dtzWill>
I'm trying to distill it best I can for you, sorry 1 sec. Hmm.
<Turion>
I find haskell development on nixos incredibly difficult. How do I simply cabal build a project that depends on gloss or OpenGL? How do I tell it where the GL library bindings are?
<dtzWill>
one category is front-end things--the ones you mentioned but also things like use of inline asm and such
<dtzWill>
on the other side of things you have the ways the details of a machine leak up through the IR-- most importantly the memory model
zzamboni has quit [(Read error: Connection reset by peer)]
<dtzWill>
but if you say, fix a pointer size and a few other details
<clever>
dtzWill: mplayer for example, has many inline asm chunks, and c chunks implementing the same thing, and some ./configure options let you switch between the sse or the c variant
<dtzWill>
I feel like there's a better answer. Hmm.
<clever>
dtzWill: and mplayer has runtime cpu detection, where it can compile both, then swap the function pointer out based on /proc/cpuinfo at runtime
nuncanada has joined #nixos
<dtzWill>
clever: yes! One of my hobbies is "purging" use of inline asm in various places
<dtzWill>
clever: ifunc insanity or more cpuid-based checks and dispatch?
<clever>
dtzWill: i have also discovered, that if you compile rocksdb with gcc -O4, it will wind up using some sse4 stuff (the compiler is to blame)
<clever>
dtzWill: and my previous laptop doesnt support that
<dtzWill>
media codecs are probably the only /solid/ motivation for inline asm AFAIK re:performance
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<__monty__>
dtzWill: And replace the asm with IR?
<dtzWill>
and arguably that's all because compilers aren't good enough yet :P
<dtzWill>
__monty__: actually, we do that too! it's popular for projects to (EEK) implement their own versions of atomic primitives
<dtzWill>
esp in C projects that couldn't rely on C11 or w/e made those avail
<dtzWill>
so literally have a compiler pass that (optionally, but on by default) recognizes such and replaces with IR intrinsics
<dtzWill>
much neater ^_^
<dtzWill>
clever: oh, hmm. so other than explicit use of SIMD intrinsics that shouldn't be a problem at the IR level
<dtzWill>
even if we assume super great autovectorization at the IR level; no reason that can't be install-time
<dtzWill>
well "no reason" ;)
<__monty__>
I'm not convinced because you're basically vendor locking yourself to a single compiler.
<Turion>
Does everyone else just use stack or whatever to build their haskell projects?
eraserhd has joined #nixos
<dtzWill>
oh, yes. I'd say it's much much more liberating than the binary formats used today; /but/ that's my $.02. But yeah it hardly replaces source code
<dtzWill>
err not my $.02 but rather that's my preference/opinion. language is hard ;)
<eraserhd>
I have a dumb question: why does `nix-env -f "<nixpkgs>" -qa ...` find different things than `nix-env -qa ...`?
<__monty__>
Turion: No, I use cabal. I've heard about nix's opengl story not being great outside of nixos though.
<clever>
Turion: personally, i havent used stack or cabal on any of my own projects, i just make a pkgs.runCommand containing ghcWithPackages, then i just run ghc -o foo
<dtzWill>
eraserhd: I don't immediately know why that is, if that makes you feel better
magnetophon has joined #nixos
<dtzWill>
eraserhd: but also no such thing as dumb question ;)
<clever>
eraserhd: without -f, it will search every channel, with -f, it will search the nixpkgs in $NIX_PATH
<clever>
eraserhd: if you have multiple channels, then that can differ
<dtzWill>
eraserhd: something something nix-env uses ~/.nix-defexpr and "<nixpkgs>" might grab it from NIX_PATH?
<dtzWill>
oh yay clever to the rescue
<clever>
Turion: and if you where to use opengl in the example i linked, you would just add mesa to the buildInputs on 5 i believe
<eraserhd>
Shouldn't nixpkgs appear in my defexpr?
<eraserhd>
Do I need to subscribe or something?
Tucky has quit [(Quit: WeeChat 1.9.1)]
<clever>
eraserhd: what does nix-channel --list and sudo nix-channel --list say?
<dtzWill>
__monty__: thinking a bit more, I suppose I'd say you're absolutely right :). Another reason IR isn't really the "right" choice for program distribution. But it's enough to be very useful and demonstrate/explore the potential of these sorts of things :)
<__monty__>
clever: What do you do when distributing the project? Just not include a cabal file?
<dtzWill>
__monty__: do you "buy" that? O:)
<clever>
__monty__: i just never wrote a cabal file, i distribute it with a default.nix
<eraserhd>
Local box, just darwin (which I got installing nix-darwin).
<eraserhd>
build box just nixos.
<dtzWill>
lol Nix is a virus and takes over all the things
<dtzWill>
magnetophon: "working"? What happens without the override? Maybe we've regressed and the non "Big" variant doesn't have requisite features?
joepie91 has quit [(Ping timeout: 264 seconds)]
<Turion>
__monty__: Oh no :/ (hopefully I'll get this app built eventually)
<Turion>
clever: I'm currently running a "nix-shell -p mesa glut", but that didn't help it so far...
<magnetophon>
dtzWill: Well, with the default emacs, when I eval'd (image-type-available-p 'imagemagick) I got nil, and now I get t. Also images where not resized, and now they are.
<__monty__>
I'm not sure how cabal looks for the opengl libs but I wouldn't be surprised if it looked in standard places, not /nix/store/...
zzamboni has joined #nixos
<dtzWill>
opengl is also a bit of a mess, even with Nix, and esp on non-NixOS
<dtzWill>
if that is something that you'd like more info on, search nixpkgs issues or bug me and I'll turn up what I'm talking about
<dtzWill>
not sure what the story is for expected usage
<magnetophon>
dtzWill: OK, thanks. (was that last line also to me? If so, I didn't get it)
<clever>
dtzWill: at build-time, you link against the dumb mesa, then at runtime, nixos will use LD_LIBRARY_PATH to redirect things to /run/opengl-driver/lib
<clever>
dtzWill: and the correct mesa implementation for your GPU gets swapped in impurely
<dtzWill>
magnetophon: oh just that while what I linked shows the default imagemagick is "null", I'm not sure if there's some other emacs attribute that has it non-null without going full-customize. But at least the behavior is explained, just unsure what the intended emacs-user workflow is
<dtzWill>
there's some notes in the manual, not sure if that helps :)
asuryawanshi has joined #nixos
<clever>
dtzWill: and the reason why, is that you dont just have some specialized drivers in the xorg side, the client mesa libs in the end application also have to be specialized
<LnL>
eraserhd: nix-env doesn't look at NIX_PATH by default, with -f '<nixpkgs>' it does
<dtzWill>
clever: ah, okay thanks
<dtzWill>
I'd bumped into some of that, but.. okay that makes sense.
<dtzWill>
I still feel like it's silly for my programs to "dynamically" search for the interface to my graphics cards
<clever>
dtzWill: the mesa client side for example may have special formats for the textures, before it ships them to xorg
<dtzWill>
hint: it's not a dynamically changing entity ;)
<dtzWill>
oh? hmm, interesting
<clever>
dtzWill: or the mesa client might directly access the gpu over a node in /dev and have total access to all physical ram
<dtzWill>
I really only ever thought about/considered it at the OpenGL api level
<eraserhd>
LnL: So, pretty much "always pass -f '<nixpkgs>'"?
<clever>
dtzWill: the mesa libs the client loads implement the opengl api
<clever>
dtzWill: but then what that uses to talk to xorg, and the gpu, can be anything
<dtzWill>
ah, indeed okay, I wasn't 100% what was exposed and realized I'd just decided it must be some OpenGL interface set lol
ssmike has joined #nixos
<clever>
dtzWill: in the past, i have implemented my own opengl library, from scratch, that didnt even involve xorg
noobineer has joined #nixos
noobineer has quit [(Max SendQ exceeded)]
<dtzWill>
hmm, well so despite all my "yay static" I'm not anti-shared libraries (dynamic linking, even dynamic loading) or some of the goodness that motivates them like modularity and flexibility
<clever>
dtzWill: the client side library directly opened a char node in /dev and used ioctl to implement the rendering
<LnL>
eraserhd: or symlink your nixpkgs to ~/.nix-defexpr, that's where it looks by default
<dtzWill>
it's just .... really really ufnortunate that in order to make such goodness possible our software is maximally-complicated and searches all kinds of paths and uses strings to bind to a predetermined API, etc. :(
<clever>
LnL: this adds a nix-env -iA foo.hello "channel"
<dtzWill>
like maybe software could just be a fixed thing until some actor indicates otherwise O:)
<LnL>
clever: heh, that also works
<dtzWill>
clever: (!)
<clever>
basically, it will recursively search until it finds a default.nix, and the directory containing that is the channel name
<dtzWill>
clever: errr is it supposed to be clear how ioctl + char dev is somehow suitable for rendering of anything? lol
<eraserhd>
On NixOS, can I select these packages in configuration.nix?
<clever>
so the 'test' element is to seperate linux ownership and who can manage which set
<eraserhd>
I can add the symlink on Mac in my dotfile script.
<dtzWill>
(I admit I don't dabble in such as freely as it seems you do :D)
<clever>
channels_root exists at that level and is root-only
<clever>
dtzWill: a custom kernel driver handles the other end of that
<dtzWill>
unfortunately the behavior of nix-env, nix-shell, etc re:search paths is .. basically impossible and confusing until you sit down and decide to understand it completely
<dtzWill>
clever: ty I was just deciding if I could make sense of it with a few github browser tabbs or if a clone was wiser xD so appreciate the guided tour
<clever>
i think added a select ioctl, to pick an object, and implemented mmap on the character device
<clever>
so you allocate a blob and get a handle, select that handle, then mmap the char device into ram
orivej has quit [(Remote host closed the connection)]
<clever>
and which blob you wind up mapping, depends on what handle you selected last
vandenoever has quit [(Ping timeout: 260 seconds)]
<clever>
that gives the userland write access to the DMA buffers
<dtzWill>
so "traditional" use of the gpu wouldn't be done this way, would it? I have no idea but always imagined it was mostly in a kernel module instead of making marshalled through uuserspace.
<dtzWill>
ooo select
fragamus has joined #nixos
<dtzWill>
userland DMA aww yiss
davidak has quit [(Ping timeout: 268 seconds)]
<clever>
i think traditionally, more of this is implemented in the kernel/xorg, and the end-users (glxgears for ex) dont do as much
<dtzWill>
i mean I suppose on something like the rpi who needs userspace/kernel separation anyway
<dtzWill>
:)
the-kenny has quit [(Quit: WeeChat 1.9.1)]
<dtzWill>
ah
bennofs has quit [(Ping timeout: 268 seconds)]
the-kenny has joined #nixos
<clever>
one problem with the current design i was doing, is that you cant really have 2 GL clients at once
<clever>
so you really need a kernel or xorg "server" that can multiplex many clients into a single GPU
<Dezgeg>
I think on many of those IOMMU-less clients the kernel enforces (by validating the command stream) that you can't read/write memory you're not supposed to
<clever>
that was my general idea for that driver at the time
orivej has joined #nixos
<clever>
dont even give the userland a physical access, just give it a blob id#
<clever>
and the userland puts that blobid into the operands of the command stream
<clever>
and the kernel will sed in the phys address
<Dezgeg>
yes, leaking even physical addresses is a no-no
<clever>
i was thinking more along the lines of giving them a phys addrs makes them think they can attack things, and also lets you miss an argument somewhere
<clever>
but if you never give them a phys addr, they only have handles to operate on
<clever>
and if you forget to replace a handle with the phys, it just doesnt work
<clever>
rather then working, and being a security hole
<clever>
dtzWill: also, i think the closest thing the rpi has to an IOMMU, is on backwards, lol
<clever>
Dezgeg: oops, ^^^
<clever>
it restricts what phys memory the arm mmu can access
<dtzWill>
lol!
orivej has quit [(Ping timeout: 240 seconds)]
<Dezgeg>
well after all it's a GPU chip with an arm core tacked on, rather than the other way around
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
<clever>
the reason for that, is to run untrusted code in the arm, while having HDMI and DRM keys in a special area that only the GPU can access
orivej has joined #nixos
<clever>
Dezgeg: yep
<dtzWill>
I remember some gpu guys were chatting after a conference over some drinks saying how completely bonkers insecure things were--few years ago
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
<dtzWill>
lamenting things like webGL saying they knew myriad ways to hard-lock computers using the "trusted" api or something
<dtzWill>
haha
erictapen has joined #nixos
<dtzWill>
i like the idea of a backwards iommu
<dtzWill>
ah, great, reading on you say why
<gchristensen>
dtzWill: FPGAs have certain nets, that if applied to the FPGA, will ruin it
<clever>
with the rpi, the gpu is the master, and the arm cores are more of an after-thought and act as slave devices
<dtzWill>
i was gonna say that seems a very.. "arm" thing-- at least in context of its huge use in mobile and embedded
<clever>
thats why the iommu is on backwards
<dtzWill>
haha
<dtzWill>
that makes great sense but is still amusing for some reason :)
<clever>
gchristensen: how does that work?
<gchristensen>
I dunno, they are just permanently bricked
<dtzWill>
Dezgeg: what's the bg deal about leaking physical adddresses if they can't be accessed?
<dtzWill>
gchristensen: lol that's... unfortunate
<dtzWill>
are they.. specific kill configurations? or "some unknown combinations of parameters may brick it"?
DerGuteMoritz has quit [(Ping timeout: 240 seconds)]
<clever>
gchristensen: oh right, there are also x86 opcodes that just hang the machine
<Dezgeg>
presumably they're useful infoleaks for defeating kernel aslr
<dtzWill>
permanently brick != hang or anything an x86 opcode will do
<dtzWill>
Dezgeg: okay, wasn't sure if there was a particular reason in this conteext
<clever>
dtzWill: things that any userland app can run
cybrian has quit [(Read error: Connection reset by peer)]
Ivanych has quit [(Quit: Leaving.)]
<clever>
dtzWill: as in, i could just fire up a travis job, and hang the entire container host
<dtzWill>
clever: lol whaattt. well that's just silly D:
Ivanych has joined #nixos
<dtzWill>
clever: assuming it's something someone found and blogged about or something, do you remember details/have a link I can chase?
<dtzWill>
"we're good at crashing your computer and in fact it's possible and not /unlikely/ some new brand of badness will be found if you try it"
<taktoa>
MoreTea: I'm running yarn2nix on a project and it's spitting out a yarn.nix file containing "git+https://..." urls which fetchurl seems to be choking on
<dtzWill>
just lol that such a thing was made to be so slick
<dtzWill>
:D
<taktoa>
MoreTea: I tried `sed`ing out the URLs and replacing them with just `https://...`, but then the hashes are wrong
<taktoa>
MoreTea: any idea what's going on there?
<taktoa>
dtzWill: clever: oh man, it just occurred to me that we should have all met up when clever was in Urbana for ASE 2017
<dtzWill>
D:
<dtzWill>
haha yeah
<clever>
dtzWill's in urbana?
<dtzWill>
next time! I think I was in paper-deadline-doom mode anyway but :/
<dtzWill>
clever: yessir :)
<clever>
ah
<gchristensen>
dtzWill: isn't there a whole mess of Nix people in urbana?
<cransom>
huh. mbbx6spp is in urbana too.
ansero1234 has joined #nixos
<gchristensen>
ttuegel too
<dtzWill>
o_O
* taktoa
is too, if that wasn't obvious from what I said earlier
<gchristensen>
jfc
* dtzWill
was unaware it was more than taktoa lol
Sonarpulse has quit [(Ping timeout: 255 seconds)]
<dtzWill>
we need meetups, I'm jealous of all the NixCon goodness far far away in europe
<gchristensen>
I was thinking about holding a Nix get-together in my backyard but sounds like we should borrow an Urbana person's backyard for it
<taktoa>
lol, yeah
magnetophon has quit [(Remote host closed the connection)]
<dtzWill>
gchristensen: wait are you around here too??
<dtzWill>
lol
<clever>
taktoa: i dont think your yard is big enough
<gchristensen>
dtzWill: I'm in Berkshire County (western MA)
<dtzWill>
ah, okay!
<taktoa>
lol, yeah, I'm just in an apartment
<cransom>
i drive somewhere near it, twice a year. but yeah, that seems like it would be convenient.
<dtzWill>
yeah I don't have a yard to speak of either :(
<jeaye>
Never even heard of Urbana until now.
<dtzWill>
it's pretty accessible
<jeaye>
Ya'll can come to SF and pay triple the rent to hang out with me.
<dtzWill>
UIUC is massive and chicago is uberhub
<cransom>
it has all the beauty and elegance that you'd think a smaller, progressive city in illinois woul dhave.
<taktoa>
oh, I think ICFP 2018 is in St. Louis (colocated with Strange Loop), so maybe we could do a NixCon US in the midwest around that time
<dtzWill>
!
<dtzWill>
(err i should clarify: "+1!")
<dtzWill>
(ᵔᴥᵔ)
<taktoa>
(I will have graduated and moved to Sunnyvale by then but I definitely plan to go to ICFP)
<dtzWill>
I'll graduate one day! One... day. O:)
* dtzWill
writes nix expression for his thesis
<dtzWill>
that was originally meant as a joke but of course it's not even a little bit lol
<clever>
taktoa: and what do you write in latex? lol
<dtzWill>
even have a hydra instance that uses 100% allexe's to build my papers
<dtzWill>
including the strace instance that checks nothing non-allvm is ever executed
<dtzWill>
teehee
* taktoa
thinks clever is referring to the fact that taktoa wrote all his homework for the last 4 years in LaTeX, totaling over 400 pages
<dtzWill>
haha :D
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 1 new commit to release-17.09: https://git.io/vbkug
<eraserhd>
Just packaged Chez Scheme locally. Gonna figure out how to contribute it now.
joshuaks has quit [(Quit: WeeChat 1.9.1)]
<hyper_ch>
no idea what that is
<eraserhd>
An implementation of Scheme that's basically the fastest, although kind of dumb.
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<eraserhd>
(a programming language)
<hyper_ch>
no idea what "Scheme" is
<hyper_ch>
ah
<eraserhd>
(a programming language (a lisp, in fact))
<hyper_ch>
"a lisp"? I thought lisp is also a programming language
<eraserhd>
Yes, that was supposed to be "programming language, more specifically a lisp"
<eraserhd>
except that I had to make a dumb parentheses joke
<hyper_ch>
so there are different "lisps"?
<gchristensen>
'in-fact
<eraserhd>
hyper_ch: Many. Common Lisp and Scheme are the biggest.
<hyper_ch>
:)
vandenoever has joined #nixos
vandenoever has quit [(Changing host)]
vandenoever has joined #nixos
<cement>
there are quite a few schemes, and there are many common lisp implementations
sconybeare has joined #nixos
<tokudan[m]>
release-17.09 channel is 4 days old. have there been no updates for anything?
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<eraserhd>
Oh man, it turns out there is already a chez expression, it just claims to only work on Linux, and it looks like that is not true.
<dash>
I hope racket-on-chez gets some traction.
Sonarpulse has joined #nixos
Dr8128 has joined #nixos
<hyper_ch>
eraserhd: what's the appeal of using lisp?
<eraserhd>
Lisp in general is very good if you are working with heterogeneous data and you don't care so much about format.
<hyper_ch>
:)
ilyaigpetrov has quit [(Quit: Connection closed for inactivity)]
bennofs has joined #nixos
<MichaelRaskin>
joshuaks: If you want Nix on BSD, you should care about Nixpkgs coverage mostly; if you want to assemble an OS image, you need to write the low-level boot stuff anyway, but even now you can convert a NixOS service into a runner script, so the high-level stuff can be reused with little effort.
<LnL>
I think it's also a nice language to teach programming
townsend has quit [(Ping timeout: 248 seconds)]
<MichaelRaskin>
hyper_ch: Lisps generally have good metaprogramming, interesting object systems, good language descriptions — and there is often a reasonably good compiler.
<hyper_ch>
MichaelRaskin: what's metaprogramming?
<hodapp>
what's the benefit of Chez Scheme over any other Scheme?
<MichaelRaskin>
Programs writing programs.
<hyper_ch>
MichaelRaskin: :)
<hyper_ch>
so using bash scripts to do various things would also be metaprogramming?
<MichaelRaskin>
hyper_ch: it is actually nice when you _know_ that as soon as you can describe a type of boilerplate you _can_ automate this boilerplate in a powerful language and using all the utility libraries you have accumulated.
<hyper_ch>
MichaelRaskin: now that was confusing :)
<MichaelRaskin>
Using Bash scripts to automate generation of getters and setters would count as metaprogramming. Just not the most comfortable way of doing it.
<hyper_ch>
but bash is really comfortable to use
<eraserhd>
hodapp: Chez Scheme is basic, in terms of language support, but super fast and very correct wrt the Scheme standard.
<hyper_ch>
I use it to manipulate pdfs, do backups, ....
<MichaelRaskin>
hyper_ch: I like Bash per se, I like Bash for automating backups, but some kinds of code are pretty annoying to generate in Bash due to quoting escaping.
<hyper_ch>
I like bash for almost everything :)
<MichaelRaskin>
I have written some thousand-lines programs in Bash, and that was OK; but I am happy that tens-of-thousands-of-lines programs I wrote in Common Lisp were _not_ in Bash.
<hyper_ch>
:)
dan_b has joined #nixos
tnks has joined #nixos
Jeschli has joined #nixos
peacememories has joined #nixos
tmaekawa has joined #nixos
* hodapp
twiddles thumbs and builds TensorFlow dependencies... again...
vcunat has quit [(Quit: Leaving.)]
<hodapp>
eraserhd: more portable than Guile or faster or something? more compliant in useful ways?
cybrian has quit [(Read error: Connection reset by peer)]
<eraserhd>
faster than Guile for sure. I'm pretty sure it's the fastest Scheme. Benchmarks show it clearly ahead.
tmaekawa has quit [(Client Quit)]
<eraserhd>
I don't know about "portable", honestly.
<eraserhd>
I use it for, "all I care about is Scheme, not libraries or nothing, because I just want to play around with some algorithm"
jrolfs has joined #nixos
jrolfs has quit [(Client Quit)]
DerGuteMoritz has joined #nixos
<Turion>
How do I find out where the haskell package OpenGLRaw is defined?
<Turion>
I can't find it in pkgs/top-level/all-packages.nix or pkgs/top-level/haskell-packages.nix
<boxofrox>
it's slightly different depending on whether one uses NixOS or nix-on-another-distro, or some other reason?
<boxofrox>
s/it's/is it/
<tilpner>
boxofrox - No, this one was specific to my setup. I actually tried with nixos-unstable-default.haskellPackages.OpenGLRaw, but obviously they don't have nixos-unstable-default
<tilpner>
So I wrongly replaced it with nixpkgs, which wasn't necessary here
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
magnetophon has joined #nixos
ssmike has quit [(Ping timeout: 276 seconds)]
rihards has joined #nixos
ssmike1 has quit [(Ping timeout: 276 seconds)]
berce has joined #nixos
erictapen has joined #nixos
jrolfs has joined #nixos
dan_b has quit [(Ping timeout: 250 seconds)]
peacememories has joined #nixos
<eraserhd>
oh man, the processing of a nixpkgs PR is something to watch.
<gchristensen>
eraserhd: oh?
ylwghst has joined #nixos
<Turion>
tilpner: Thanks, that's amazing!
<tilpner>
:)
<eraserhd>
Weird custom CI stuff, plus robots.
<eraserhd>
And the robot failed, tho.
<Turion>
Hmm, and back to square one. OpenGLRaw builds with a dependency to mesa, as far as I can see. So why can't I cabal build OpenGLRaw in a "nix-shell -p mesa"?
<eraserhd>
I guess it ran the chez build on the wrong kind of box?
<Turion>
It's still complaining about GL bindings to be missing
cybrian has joined #nixos
slack1256 has quit [(Ping timeout: 264 seconds)]
taktoa has quit [(Remote host closed the connection)]
<Turion>
Or do I have to treat libraries differently in a nix-shell?
sg2002 has joined #nixos
<jtojnar>
is there something like git reflog for nix profile?
<gchristensen>
that is LnL's machine doing weird things :/
jtojnar has quit [(Quit: jtojnar)]
<gchristensen>
not an issue with borg
<LnL>
yeah, nix 1.12 doesn't look at --argstr system anymore for some reason
bennofs has quit [(Ping timeout: 258 seconds)]
<globin>
ok :)
Neo-- has joined #nixos
<LnL>
was debugging some stuff over the weekend and forgot to switch back
jtojnar has joined #nixos
<jtojnar>
yippee, gnome 3.26 in nixos-unstable-small
<gchristensen>
jtojnar: YAY!
orivej has quit [(Ping timeout: 240 seconds)]
fragamus has joined #nixos
<gchristensen>
eraserhd: nixpkgs is a big bit of software, standard CI doesn't work nicely for us :)
<LnL>
eraserhd: that's my fault, kind of
<gchristensen>
LnL: what if we put stable Nix in to the nix-shell you run it in? that way it always talks to stable nix and doesn't have this problem
<LnL>
nope, already tried that
simukis has joined #nixos
<gchristensen>
bummer
<globin>
gchristensen: mine has pannicked on cloning..? do I have to create something? the folder was there after that?
<gchristensen>
erm
<globin>
gchristensen: but panicked again on next run, trying again now with the lock file deleted I missed earlier
<globin>
gchristensen: thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Error { repr: Os { code: 2, message: "No such file or directory" } }', src/libcore/result.rs:860:4
<globin>
running with RUST_BACKTRACE=1 now
<gchristensen>
-> #nixos-borg please :)
<globin>
sure :)
<toogley>
when will firefox probably updated to version 57? it made some problems, as far as i know
AluisioASG has quit [(Remote host closed the connection)]
cybrian has quit [(Read error: Connection reset by peer)]
AluisioASG has joined #nixos
cybrian has joined #nixos
duncan^ has quit [(Quit: WeeChat 1.9.1)]
ylwghst has quit [(Quit: Lost terminal)]
ma27 has joined #nixos
ylwghst has joined #nixos
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
acarrico has quit [(Ping timeout: 240 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] LnL7 pushed 2 new commits to master: https://git.io/vbkHS
<NixOS_GitHub>
nixpkgs/master ed38976 Jason Felice: chez: support Darwin
stanibanani has quit [(Ping timeout: 248 seconds)]
<LnL>
yeah the channel is owned by root
<eraserhd>
sudo still doesn't list it, tho
<LnL>
sudo -i nix-channel --update, the -i is required because darwin is weird :)
<trevorcook>
Hi all, is this a good place to get some help regarding non-nixos (nix on ubuntu)? I'm getting a build error traced to the test phase for gnuTLS.
<boxofrox>
alexteves: I'm new at this, but I ran `nix-env -qaP | grep chromium` and found chromium-62.0.3202.89 listed on my nixos-17.09 channel on a nixos box. I don't have mac osx. which nix channel are you using? maybe you need to `nix-channel --update` first?
* eraserhd
dreams of a bot that just changes random 'linux' platforms to 'unix' and makes PRs when it finds ones that work.
<fresheyeball>
boxofrox: login failed with username root and password postgres
<MichaelRaskin>
eraserhd: if you change to unix, you'd better test on FreeBSD, too
<boxofrox>
fresheyeball: how about username root and system's root user password?
<MichaelRaskin>
Maybe linux -> linux ++ darwin (unless darwin is already included)
<fresheyeball>
boxofrox: same
<MichaelRaskin>
But I guess you could just do it with a script inside a branch and send a single PR with all the successes.
ansero1234 has quit [(Remote host closed the connection)]
<fresheyeball>
boxofrox: it looks like it has a start script with `initdb -U ${cfg.superUser}`
<fresheyeball>
no idea what the password would be
<boxofrox>
fresheyeball: user:pass = root:root?
<fresheyeball>
boxofrox: I tried that
<boxofrox>
dang, i'm batting a thousand, aren't i
<fresheyeball>
boxofrox: well I am here for help because this is not obvious
<fresheyeball>
all good
trevorcook has quit [(Ping timeout: 260 seconds)]
<fresheyeball>
I apprciate the help
<samueldr>
fresheyeball: iirc, postgresql will not set a password, it will allow use of `psql` by using `sudo -u root psql` with stateVersion prior to 17.09, and `sudo -u postgres psql` 17.09 and following
<fresheyeball>
samueldr: psql: FATAL: database "root" does not exist
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dezgeg pushed 6 new commits to staging: https://git.io/vbkxv
<NixOS_GitHub>
nixpkgs/staging aa3d195 Tuomas Tynkkynen: gcc5: Reduce diff to gcc6
<NixOS_GitHub>
nixpkgs/staging 77b409b Tuomas Tynkkynen: gcc49: Reduce diff to gcc5
<NixOS_GitHub>
nixpkgs/staging 825b953 Tuomas Tynkkynen: gcc48: Reduce diff to gcc49
NixOS_GitHub has left #nixos []
<samueldr>
you'd need to pass a table name that exists, but as the error is "database does not exist" you logged-in successfully
<fresheyeball>
samueldr: any idea what db might be there by default?
<samueldr>
fresheyeball: use `-l` to list them, but iirc, postgres should be there, template0 and template1 too
<MichaelRaskin>
pcarrier: I guess you could learn mkForce and try to filter out lvm2 from systemPackages
<gchristensen>
MichaelRaskin: the problem is there is a builder reporting itself to be darwin but it isn't actually darwin
<MichaelRaskin>
gchristensen: I am almost sure you meant to mention someone else in addition to me
<gchristensen>
yep
<gchristensen>
the other Mic<tab>
<gchristensen>
Mic92: the problem is there is a builder reporting itself to be darwin but it isn't actually darwin, but it is using remote builders to access a darwin box... but then hits bugs in the nix 1.12 implementation causing that error
<gchristensen>
Mic92: and LnL already knows :P
<Mic92>
gchristensen: you in other words, its complicated.
<joncfoo>
If I need to override a haskell package's dependency in the nixpkgs repo, how do I go about doing that? I'm assuming the changes need to go in pkgs/development/haskell-modules/configuration-common.nix
<gchristensen>
LnL: any chance the borg builder could run directly on the mac host?
<joncfoo>
I'm trying to override one of `purescript`'s library dependencies
<Mic92>
LnL: maybe the pull request was build before your fix.
<LnL>
gchristensen: hmm? that last build looks fine
<Mic92>
now it is working
<gchristensen>
oh sure enough
<gchristensen>
I misread it :)
<Mic92>
gchristensen: maybe you switch to nix 1.12 also for the linux box for consistency with mac and hydra
periklis has quit [(Ping timeout: 260 seconds)]
ma27 has quit [(Ping timeout: 264 seconds)]
acarrico has joined #nixos
<gchristensen>
probably should
<gchristensen>
can you open an issue? :D
<samueldr>
fresheyeball: can you confirm everything worked with `psql`?
<eraserhd>
OK, so ... license question. If I want to package up binary, proprietary software from dmgs (what Homebrew calls casks), can I do it?
<eraserhd>
Is it "unfreeRedistributable"?
<eraserhd>
I mean, we shouldn't build and cache these, clearly.
cybrian has joined #nixos
<eraserhd>
e.g. Slack, Anki, Evernote.
ylwghst has joined #nixos
mizu_no__ has quit [(Quit: Computer has gone to sleep.)]
kus_ubuntui686a has joined #nixos
kus_ubuntui686a has quit [(Max SendQ exceeded)]
orivej has joined #nixos
<globin>
eraserhd: just unfree
hiratara has quit [(Ping timeout: 250 seconds)]
szicari has joined #nixos
astronavt has quit [(Remote host closed the connection)]
astronavt has joined #nixos
astronavt has quit [(Remote host closed the connection)]
stphrolland has joined #nixos
hiroshi- has joined #nixos
hiratara has joined #nixos
hiroshi has quit [(Ping timeout: 248 seconds)]
hiroshi- is now known as hiroshi
<stphrolland>
I have read that cryptsetup luksFormat default values are set at compilation. Do you know what are the default values in the nixos package for cryptsetup ?
<stphrolland>
do you usually set your own values or keep the default ones ?
simukis has quit [(Ping timeout: 260 seconds)]
ssmike1 has joined #nixos
ssmike has quit [(Ping timeout: 264 seconds)]
ssmike1 is now known as ssmike
<eraserhd>
According to the manual, unfree "cannot be included in the nixpkgs channel". That's true?
<Mic92>
gchristensen: do you want a carnix pr for ofborg?
<gchristensen>
Mic92: it doesn't work with carnix :(
<gchristensen>
but yes, I do :)
<Mic92>
gchristensen: this was fixed
<gchristensen>
yes please!
dan_b has joined #nixos
cybrian has quit [(Read error: Connection reset by peer)]
acarrico has quit [(Ping timeout: 240 seconds)]
<samueldr>
eraserhd: afaik it means it won't be available in the cache, but still will be installable; the "build" of the derivation will happen on the machine
<jtojnar>
eraserhd: wait, is not Anki FOSS?
<eraserhd>
jtojnar: uh, I'm not actually sure. I know the iOS app isn't, I might be confusing things.
civodul has quit [(Quit: ERC (IRC client for Emacs 25.3.1))]
slack1256 has quit [(Remote host closed the connection)]
berce has quit [(Quit: leaving)]
<Mic92>
gchristensen: thanks do overrideCrates it also automagically nows that openssl is required for ofborg
<gchristensen>
nice!
<stphrolland>
Hi. I have a noob question again. I wanted to try to learn a bit more about linux/nixos internals. (I have some hazy wayland project in mind but that's not the moment now.). SLIM is/was the default gui login manager. It seems little, I wanted to learn what it does. How do I get the nixos source package for SLIM (and other package in general), so as to consult the source code ?
<gchristensen>
wow Mic92, thank you!
Ross has joined #nixos
ylwghst has quit [(Remote host closed the connection)]
<LnL>
manveru: cabal2nix, for some reason some stuff like that uses npm to distribute prebuilt binaries
ylwghst has joined #nixos
peacememories has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<LnL>
manveru: and downloads them from somewhere else during an install hook aparently
<manveru>
yeah...
<manveru>
i did patchelf it in node_modules for a while, but i'd rather just build it right now
ylwghst has quit [(Remote host closed the connection)]
<Mic92>
stphrolland: you mean the nix expression to build slim or the source code of slim?
ylwghst has joined #nixos
spietz has quit [(Ping timeout: 248 seconds)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] LnL7 closed pull request #32182: added pssh to darwin (master...master) https://git.io/vbITo
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vbIqq
<NixOS_GitHub>
nixpkgs/master 566a16b Linus Heckemann: weechat: default to enabling all plugins...
<stphrolland>
Mic92: I already downloaded the source code from SOunrceForge, but I don't know if it is the same that is used for the nixos package... So I would like to know how the nixos package is built, the source used, the make file, and the way to produce the package. Maybe my query is naive, and that I cannot have all in one :-°
<sphalerite>
stphrolland: you can get the exact source by doing nix-build '<nixpkgs>' -A slim.src
<Mic92>
stphrolland: you can get the source code by using: tar xf $(nix-build -E 'with import <nixpkgs>{}; slim.src')
<stphrolland>
Mic92: I will have the same question for other package in the future, so I wonder what is the way to get the source of a nixos package
<sphalerite>
then the result symlink will be the tarball or directory with the source
<stphrolland>
in general it's tje package name, appended with .src ?
<clever>
i tend to use `nix-shell '<nixpkgs>' -A slim` followed by `unpackPhase`, but my method also downloads the dependencies required to build it and could be slower
<stphrolland>
clever: I think it can be good to have the dependencies also
<stphrolland>
clever: if I understand the sources enough, there's a possibility I might create a fork... but let's see the code first. First I need to learn.
cybrian has joined #nixos
<clever>
stphrolland: ive also worked on a new display manager, written from scratch in haskell
<stphrolland>
clever: that was my hidden plan ! :-) do you have a github for it ?
<clever>
stphrolland: it has working pam, and xorg launching, and i think launching an actual user session
<clever>
stphrolland: the only missing part, is a gui for the login window
taktoa has joined #nixos
<clever>
stphrolland: launch-xnest spawns an x server in a window, and the -A hsdm-config attribute of the default.nix will make a script that can run hsdm, just aim $DISPLAY at the xnest server
fragamus has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
jgt has joined #nixos
<manveru>
LnL: yeah, can't get it to build with cabal2nix either
<manveru>
it seems like that doesn't really provide the dependencies it's looking for :|
jmc_fr`` has quit [(Ping timeout: 248 seconds)]
cybrian has quit [(Read error: Connection reset by peer)]
vod has joined #nixos
stphrolland has quit [(Quit: Page closed)]
<vod>
Hi people!
dhess_ has joined #nixos
ma27 has quit [(Ping timeout: 255 seconds)]
<vod>
any idea how to hardlink stuff in nix? some programs can't work with links... ie, pam_mount wouldn't read ~/.pam_mount.conf.xml if it's a link
<dhess_>
How does the addition of toString prevent the secrets from being written to the Nix store?
Neo-- has quit [(Remote host closed the connection)]
<gchristensen>
Deep Magic
<gchristensen>
(a better explanation on its way)
Neo-- has joined #nixos
<dhess_>
gchristensen: ahh I have another question for you, actually.
<gchristensen>
basically cfg.openssh.privateKey = ./my-key.private. if you "{cfg.openssh.privateKey}" that, it'll become a /nix/store/<hash>-my-key.private. if you usee "${toString cfg.openssh.privateKey}" it'll be retained as the absolute path to ./my-key.privatee
<dhess_>
ok let's handle this one first
<gchristensen>
it isn't a great thing to do, and will break nixops
<gchristensen>
but it ... will keep it out of the store ...
<dhess_>
gchristensen: but how does ./my-key.private get to the host in the first place?
<clever>
nixops already does its own things to manage the ssh host keys
<clever>
dhess_: it doesnt, thats why it breaks nixops
<gchristensen>
dhess_: well pretend it is in /etc/nixos/mykey.privat
<dhess_>
gchristensen: so deployed separately.
<clever>
dhess_: toString will basicaly insert the result of $(realpath ./mykey.private) into the string
<gchristensen>
yeah
<clever>
and that file has to exist at that path at runtime, and nix wont do anything to help
<gchristensen>
this is why it breaks nixops, unless you use the nixops key support
<dhess_>
ok, but the tyep of privateKey (types.str) implies that it could also just be the raw string, rather than a path, no?
<clever>
is this a client or host key?
<gchristensen>
client key
dan_b has quit [(Ping timeout: 276 seconds)]
<clever>
dhess_: toString just converts the path to a raw string, without copying it anywhere
<LnL>
it should probably still be types.path
<dhess_>
clever: so shouldn't it be types.path? Or does that ensure it'll be written to the store?
<LnL>
that's not related to nix path types
<gchristensen>
anyway, I'm heading out for ~30min dhess_
<dhess_>
Here's what I don't get. Typically when I see a type that is fooKey or bazPassword and its type is types.str, I expect that means I need to provide the *text* of the key or password, not its path.
<clever>
dhess_: the only thing the "path" type does is check that the first character is a /
ylwghst has quit [(Quit: leaving)]
ylwghst has joined #nixos
chessai has quit [(Remote host closed the connection)]
<dhess_>
clever: sure but is that check applied to all types.str as well to automatically convert them to a path if it begins with '/'?
jrolfs has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<gchristensen>
dhess_: if you want to ask the question I'll scroll up for it when I get back
<dhess_>
it makes sense for types.path but that is not what I expected from types.str
<LnL>
manveru: all of hackage is available in nixpkgs so you generally can use those
<dhess_>
gchristensen: ok it's regarding the new Mac installer and permissions
<gchristensen>
:%
<dhess_>
multi-user install
<manveru>
LnL: yeah, i've got several versions that aren't there
erasmas has quit [(Quit: leaving)]
<manveru>
i need aeson 1.0.2.1, binary 0.7.6.1 (it's in nixpkgs but doesn't build), optparse-applicative 0.13.1.0, and text 1.2.2.1
<manveru>
so... i gotta make cabal2nix derivations for all of them i guess
<LnL>
manveru: you can try haskell.lib.doJailbreak and see if the versions of nixpkgs work
<dhess_>
anyway, getting back to the buildkite-agent PR I referenced: bottom line is I can use that technique elsewhere to ensure that key plaintext isn't inlined into scripts, or keys that are paths to plaintext files aren't written to the store?
<clever>
dhess_: as long as you call toString on the path before using it in any script, it shouldnt wind up in the store
<dhess_>
clever: hmm ok. I didn't expect that behavior but it turns out it's handy.
cybrian has joined #nixos
<manveru>
is it because of the indents package?
<dhess_>
clever: so it sounds like that will also work with `toString keyFile` where keyFile is of type types.path, is that right?
<clever>
dhess_: yeah
<dhess_>
interesting
dan_b has joined #nixos
<clever>
dhess_: and because the path type calls toString on line 223, the check function wont accidentally copy your key to /nix
<LnL>
manveru: you'd get type errors if the version is incorrect, I think a bunch of dependencies are just missing
<manveru>
the question is which one :)
<manveru>
guess i have to try them all
<d6e>
if I update nginx in a nixos config, is there a way I can see the config that was written to verify? It's not in its usual place nor is there a symlink (/etc/nginx/)
jrolfs has joined #nixos
<clever>
d6e: if you run "nixos-rebuild build" it will create a result symlink, then run "nix-store -qR result | grep nginx" and you should see the path to the generated config
<d6e>
ah, nix-store, thank you
<LnL>
manveru: not sure what's going, guess you might need to try with the correct versions
bennofs has quit [(Ping timeout: 268 seconds)]
<manveru>
well, i think it might be greencard missing
<manveru>
but that fails to build
<manveru>
ghcjs, hmake, jhc, lhc are all marked as broken, so i guess it's not those
<manveru>
whatever they are :P
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]