<fpletz>
jtojnar: oh, I don't have services.dbus.socketActivated set, that seems to activate only the user dbus.socket unit
<Lisanna>
error is "Exec format error" ):
<fpletz>
do you have that enabled by any chance?
dan_b has joined #nixos
<yegortimoshenko>
Lisanna: missing shebang
<yegortimoshenko>
Lisanna: add #!${stdenv.shell}
<jtojnar>
fpletz: I do not have that, unless it is activated by some other module
altphi has joined #nixos
<Lisanna>
yegortimoshenko: thanks, that fixed that problem. I'm wondering if there's an easier way overall to do what I'm trying to do though?
<Lisanna>
I want Nix to see a raw /nix/store path as a "derivation"
<yegortimoshenko>
Lisanna: sure, what are you trying to do?
<yegortimoshenko>
i don't think i understand, could you elaborate?
<yegortimoshenko>
(Lisanna: ^)
<fpletz>
jtojnar: with services.dbus.socketActivated=true, it will find dbus but fails with another error \o/
<Lisanna>
ehh, I need to think about this actually... what I'm trying to do ultimately is find a way to allow users to interactively switch environments built with buildEnv in a Nix environment
<fpletz>
org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.secrets was not provided by any .service files
<fpletz>
jtojnar: does is use gnome-keyring in that case? o.O
drakonis has joined #nixos
<yegortimoshenko>
Lisanna: interactively, as in, having buildEnv environment as one of Nix function arguments?
<Lisanna>
The closest I've gotten is that nix-shell -p <environment> will start a shell with <environment> loaded into the environment, but <environment> has to be something in <nixpkgs>
<Lisanna>
No, interactively as in, from a shell
sbjorn has quit [(Ping timeout: 265 seconds)]
<yegortimoshenko>
if you add `buildInputs = paths;` to the bottom of `buildEnv`, you can switch to buildEnv environment
<Lisanna>
The best I can do so far is build environments and have them show up in /nix/store, and on the target platform I can get a direct raw path to them in the target's /nix/store, but I'm not sure how that's useful to a user in the target environment
<Lisanna>
what do you mean?
<yegortimoshenko>
Lisanna: hold, on, preparing a gist
<fpletz>
jtojnar: oh, and just noticed… it's called gnome3 and not gtk3 :>
<fpletz>
probably only works in gnome3, it uses gnome-keyring for prompts
<jtojnar>
maybe it would be better to make the curses interface default and override the gnome3/qt5 via nixos module
<Lisanna>
yegortimoshenko: okay, I understand what you mean, I need to think about how I could use something like that to get what I want
<fpletz>
yeah, but changing pinentry unfortunately triggers a rebuild of gnupg
<Lisanna>
my target here is to have some .nix file with a dozen environments or so in a top-level attrset, and they can tab-complete through to the one they want, and then they get an interactive shell
<fpletz>
the curses interface wouldn't work for my use case though, because the pty from my terminal is not sent via the ssh socket to gpg-agent ;)
<fpletz>
so I'm basically stuck with the gtk2 interface
<yegortimoshenko>
Lisanna: if file is called `default.nix`, you can do `nix-shell -A env1`, and it would spawn a shell with the environment, given that `env1` has `buildInputs` attribute.
alexteves has quit [(Quit: My Mac Mini has gone to sleep. ZZZzzz…)]
<yegortimoshenko>
Lisanna: so that it doesn't have to be specified in every env, you can map through all environments and add buildInputs attr
drakonis_ has joined #nixos
<yegortimoshenko>
Lisanna: also, is there some specific point in using buildEnv? if you just want nix-shell sessions, you might specify such environment as `stdenv.mkDerivation { name = "env-name"; buildInputs = [ hello ]; }`
<jtojnar>
fpletz: the relationships between these security components are over my head at the moment
<Lisanna>
yegortimoshenko: not particularly, it's just the thing that seemed the most natural to do
<yegortimoshenko>
then just `nix-shell -A env1`, `nix-shell -A env2`...
<Lisanna>
yegortimoshenko: would something like this work? default.nix: { env1 = buildEnv { buildInputs = [ /nix/store/...-environment ]; env2 = buildEnv { buildInputs = [ /nix/store/...-environment ]; }, and then nix-shell -A env1
<yegortimoshenko>
Lisanna: buildEnv won't, it needs `paths` attr (and `name` attr), but stdenv.mkDerivation will (provided that `name` is specified)
<Lisanna>
well, yeah, I ommitted those for brevity
<yegortimoshenko>
then, sure, it will work.
<Lisanna>
and okay, stdenv.mkDerivation could also work
<Lisanna>
would I need to convert those /nix/store raw paths into "derivations" before I could pass them as buildInputs?
<Lisanna>
they're products of buildEnv, copied to this machine
<ison[m]>
Are there specific times of day when updates are propagated to cloudfront.net mirror?
<yegortimoshenko>
Lisanna: yeah it works, just checked
<fpletz>
jtojnar: just investigated some more, the problem is that gnupg is hard-wired to a specific pinentry binary path
<jtojnar>
yes, we would have to override it with the NixOS module
<fpletz>
we could use /run/current-system/sw/bin there and install the pinentry needed via environment.systemPackages
Lisanna3 has joined #nixos
<fpletz>
rebuilding gnupg and having two versions in the system is not a good idea imho
<jtojnar>
it is possile to change it in $HOME/.gnupg/gpg-agent.conf
<Lisanna3>
cool, thanks !
<jtojnar>
so maybe there is also /etc/gnupg/gnupg-agent.conf
<fpletz>
oh, great idea
<yegortimoshenko>
fpletz: gnupg agent api is rather stable, it will even work somewhat if you're running v1.x and v2.x together
<fpletz>
jtojnar: there is --pinentry-program
<fpletz>
we can just set that in the gpg-agent user service \o/
<yegortimoshenko>
in this case it'd be backwards compatible but not forward-compatible (i.e. newer gnupg should run agent for compat)
<fpletz>
problem solved? :)
oleks_ has quit [(Remote host closed the connection)]
<fpletz>
yegortimoshenko: that's not the issue, it just isn't nice that depending on the context, gnupg will behave differently (i.e. uses another pinentry in our case)
<fpletz>
but setting the correct pinentry just for gpg-agent should solve the problem
<yegortimoshenko>
fpletz: oh, ok
Lisanna3 has quit [(Read error: Connection reset by peer)]
<Lisanna>
yegortimoshenko: thanks, just tested that, and it works!
<yegortimoshenko>
Lisanna: :-)
<Lisanna>
You don't happen to know if nix-shell sets some variable or something to the root of the environment that it makes for itself, do you?
<Lisanna>
The environment I've switched into includes some things in /libexec, and I'm not sure how to get at those without knowing the full path in the /nix store
<aanderse>
will running nixops deploy update my deployments?
<yegortimoshenko>
Lisanna: it doesn't have any root, check $PATH
<Lisanna>
aanderse: not in the strict sense. it will "deploy" your deployments. To modify / create / remove deployments, use nixops modify / create / delete
CMCDragonkai1 has quit [(Ping timeout: 256 seconds)]
<yegortimoshenko>
Lisanna: if you need these executables to be available at PATH, i think a good bet would be to symlink required executables to bin/
<Lisanna>
yegortimoshenko: I guess this is something about Nix environments that I've never quite understood... I know how it handles /bin (it adds them to $PATH), but what about other directories, like /lib, /include, and /libexec?
<aanderse>
Lisanna: reading the help there isn't anything that jumps out as a system update... just run nixops modify?
sary has quit [(Ping timeout: 265 seconds)]
ma27 has quit [(Ping timeout: 272 seconds)]
<aanderse>
hmm... no that doesn't update it...
<yegortimoshenko>
Lisanna: it doesn't do anything with these directories, but if executables need them, they know their location
<Lisanna>
yegortimoshenko: "they know their location"? you mean, how things built with Nix will have hard-coded rpaths to locations in /nix/store?
Supersonic112 has joined #nixos
<yegortimoshenko>
Lisanna: if you want FHS-style prefix with include/, libexec/ and all that easily navigatable you could try buildFHSUserEnv
sary has joined #nixos
<yegortimoshenko>
Lisanna: yes, i mean rpaths, prefixes, etc. all hardcoded at build time
<yegortimoshenko>
Lisanna: or nix-env that also has something like that (in ~/.nix-profile)
<Lisanna>
I mean, I was just thinking that maybe there were other things that could be done, like wrap the linker to search in the environment's /lib directory first, or set LD_LIBRARY_PATH
<joepie91>
Lisanna: so there are a few paths that are linked into the environment 'globally' (like eg. GTK themes), using the... pathsToLink option? but the vast majority of paths is hardcoded on build time based on build paths of dependencies
<joepie91>
Lisanna: one approach to linking libraries, used particularly for proprietary stuff, does indeed involve setting LD_LIBRARY_PATH, but normally library paths are just compiled into the dependency
<joepie91>
as exact paths
<yegortimoshenko>
Lisanna: you mean, setting linker inside interactive environment? it will handle that by itself
<Lisanna>
and, yeah, I guess you don't really need to do much *in practice* other than set PATH=$env/bin,
<Lisanna>
was just thinking it would be cool if someone called gcc from inside a nix environment and it *just worked*
<yegortimoshenko>
Lisanna: it will just work
jb55 has joined #nixos
<yegortimoshenko>
s/will/does/
<Lisanna>
i.e., gcc --lfoo, where libfoo.so only exists in the /lib directory of the currently active environment (i.e., does not exist at the root /lib/libfoo.so)
<Lisanna>
-lfoo*
ledankmeme has quit [(Ping timeout: 265 seconds)]
<yegortimoshenko>
Lisanna: also, all attributes set in derivation are available as environment variables when you run nix-shell
<Lisanna>
oh yeah, I could use that
<yegortimoshenko>
Lisanna: this use-case does just work
<Lisanna>
it could literally be $env/lib
<Lisanna>
yegortimoshenko: how?
nol_ has quit [(Read error: Connection reset by peer)]
<Lisanna>
the linker that gcc invokes would search in /lib, /lib64, etc. and not find it, and it doesn't know about $env/lib
<Lisanna>
unless you go out of your way and do LD_LIBRARY_PATH=$env/lib gcc -lfoo
<Lisanna>
(or whatever the correct way to pass that to the gcc linker is)
<yegortimoshenko>
Lisanna: open nix-shell and print 'echo $NIX_LDFLAGS'
<Lisanna>
oh, that's cool... but, those have NIX_ prepended to them, how would a gcc straight from nixpkgs know about those?
<yegortimoshenko>
Lisanna: gcc is wrapped in gcc-wrapper
<Lisanna>
okay, so as long as you use compilers that have been cc-wrapped, all that will just work.
<Lisanna>
that's cool.
<yegortimoshenko>
yeah, and even if they are not, you can wrap it with NIX_LDFLAGS yourself, could be as trivial as LDFLAGS="$NIX_LDFLAGS $LDFLAGS" in some cases
<yegortimoshenko>
Lisanna: but if you want to define some search path yourself, see makeSearchPath in lib/strings.nix
Sonarpulse has quit [(Ping timeout: 264 seconds)]
ilja_kuklic has quit [(Quit: ilja_kuklic)]
<jtojnar>
fpletz: would the GNOME3 pinentry work with --no-allow-external-cache?
acarrico has quit [(Ping timeout: 272 seconds)]
dan_b has quit [(Ping timeout: 248 seconds)]
marsam has joined #nixos
<jtojnar>
oh, neat pinentry was actually updated two weeks ago
thc202 has quit [(Ping timeout: 240 seconds)]
CodeWarrior has quit [(Ping timeout: 248 seconds)]
noobineer has joined #nixos
noobineer has quit [(Max SendQ exceeded)]
usr_ has joined #nixos
hotfuzz has joined #nixos
hotfuzz_ has quit [(Ping timeout: 265 seconds)]
markus1199 has joined #nixos
markus1189 has quit [(Ping timeout: 263 seconds)]
Lisanna has quit [(Quit: Page closed)]
mizu_no_oto has quit [(Quit: ["Textual IRC Client: www.textualapp.com"])]
orbekk has joined #nixos
aarvar has joined #nixos
Judson1 has quit [(Ping timeout: 240 seconds)]
lambdamu has joined #nixos
lambdamu_ has quit [(Ping timeout: 265 seconds)]
<neonfuz>
a package I'm writing builds when I do nix-shell and then genericBuild, but not with nix-build
ertes has joined #nixos
<neonfuz>
is that weird?
aarvar has quit [(Quit: Leaving.)]
rogue_koder has quit [(Ping timeout: 256 seconds)]
marsam has quit [(Ping timeout: 272 seconds)]
<Ralith>
nix-shell --pure?
pie_ has quit [(Ping timeout: 265 seconds)]
Supersonic112 has quit [(Disconnected by services)]
<andromeda-galaxy>
I'm writing a nixos module for a daemon, where some runtime-necessary data is expected to be in a directory /etc/<pkgname> (and is present in ${pkg}/etc/pkgname). I can easilly copy the directory into /etc using environment.etc.pkgname.source = "${pkg}/etc/pkgname". However, I also need to add another file /etc/pkgname/other-config that should be generated by the module. Simply adding this to
<andromeda-galaxy>
etc."pkgname/other-config".text doesn't work, failing with a permission denied error when the file is linked into the relevant place /etc. Is there a standard way to fix this?
<andromeda-galaxy>
(inserting extra files into directories copied into /etc)
<yegortimoshenko>
andromeda-galaxy: patch the program
<andromeda-galaxy>
yegortimoshenko: can you elaborate on that? a bunch of other nixos modules for daemons do put some config files in /etc
<yegortimoshenko>
andromeda-galaxy: ... or build a custom source that is deeply (recursively) symlinked which allows to add a file in it
<gchristensen>
the issue is, I'm guessing, isenvironment.etc.pkgname.source = "${pkg}/etc/pkgname" links /etc/pkgname to /nix/store/....
<gchristensen>
which means when it tries to add /etc/pkgname/foo it tries to add it to /nix/store/.../etc/pkgname/foo, which is impossible
<andromeda-galaxy>
yegortimoshenko: yep, I did try that but I just wanted to check if there was a "standard" way of doing it (lib function or whatever). if no other packages need it then I'll just roll my own here
<andromeda-galaxy>
gchristensen: that does seem to be the issue
<andromeda-galaxy>
gchristensen: however if I add 'mode = "0700"' to the directory, which my understanding indicates should make it a copy instead, the issue still appears
<yegortimoshenko>
andromeda-galaxy: this is rather rare, i believe, so there is no standard way. also, it might be easier to just patch the program.
<andromeda-galaxy>
gchristensen: ah I see the copying only happens in setup-etc.pl
<andromeda-galaxy>
yegortimoshenko: okay, makes sense. thanks!
<jtojnar>
but during evaluation which is not a good idea
<andromeda-galaxy>
jtojnar: hmm, thanks. the discussion on that was informative
<andromeda-galaxy>
yegortimoshenko: I assume that the program patching route should only apply to files that either should not be configured by the end user/module or are not used by command-line utilities that talk with the daemon?
<yegortimoshenko>
andromeda-galaxy: probably. what are you trying to wrap in a module?
<andromeda-galaxy>
yegortimoshenko: lirc
nuncanada has quit [(Quit: Leaving)]
<yegortimoshenko>
andromeda-galaxy: oh, i see. i would generate the directory with files if i were packaging lirc. is it just lirc_options.conf and config files inside lircd.conf.d? i've never used lirc.
<andromeda-galaxy>
yegortimoshenko: and lircmd.conf. the default version has some structure around lircd.conf.d also which is why I was originally recursively copying, but after looking at it more I think it would be better to generate the individual remote confs straight from nix in a different hierarchy, which means that isn't necessary
dieggsy has joined #nixos
<yegortimoshenko>
andromeda-galaxy: that would probably make it more configurable.
<andromeda-galaxy>
yegortimoshenko: yep, I think I'm going to do that. thanks for the help/suggestions!
iyzsong has joined #nixos
<neonfuz>
Ralith: I don't think it's a pure / non pure thing though, it fails on the install step because it can't find a directory
dieggsy has quit [(Remote host closed the connection)]
rogue_koder_ has joined #nixos
rogue_koder has quit [(Read error: Connection reset by peer)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 5 new commits to master: https://git.io/vboKe
<NixOS_GitHub>
nixpkgs/master ba67110 Jan Tojnar: pinentry_qt: merge into pinentry
<NixOS_GitHub>
nixpkgs/master 7ea74f4 Jan Tojnar: pinentry: 1.0.0 → 1.1.0
<NixOS_GitHub>
nixpkgs/master 49993be Jan Tojnar: pinentry: clean up
NixOS_GitHub has left #nixos []
laggy_wifi has quit [(Read error: Connection reset by peer)]
<neonfuz>
building with --pure still worked
<neonfuz>
only nix-build fails
Acou_Bass has quit [(Ping timeout: 265 seconds)]
<clever>
neonfuz: --pure only wipes the environment, but it doesnt block access to hard-coded paths
<clever>
neonfuz: what path is it not finding during nix-build?
ilyaigpetrov has joined #nixos
iyzsong has quit [(Ping timeout: 248 seconds)]
schoppenhauer has quit [(Ping timeout: 264 seconds)]
schoppenhauer has joined #nixos
altphi has quit [(Quit: altphi)]
jmeredith has quit [(Quit: Connection closed for inactivity)]
boxofrox has quit [(Ping timeout: 248 seconds)]
<neonfuz>
it errors at "/tmp/nix-build-.../source/include", which should be "/tmp/nix-build-.../source/Externals/cubeb/include"
<neonfuz>
and the error line is CMake Error at Externals/cubeb/cmake_install.cmake:44 (file):
<clever>
neonfuz: can you gist the nix expression?
<clever>
so all options defined under unitConfig, can be set on mounts, paths, timers, sockets, services, and targets
<andromeda-galaxy>
clever: unitConfig and friends are functions, though. Where do the sets passed into them come from?
<clever>
the module system will pass unitConfig a subset of the options
<andromeda-galaxy>
ah. Maybe what I was missing was what functions passed to submodules do/are for
<clever>
so if i set systemd.services.foo.description, it will pass { description = "something"; } to unitConfig
<andromeda-galaxy>
that makes more sense now
<clever>
and then unitConfig can map that to systemd.services.foo.unitConfig.Description
<andromeda-galaxy>
does passing functions to submodule ever make sense when not passing a list with one thing that defines the actual option schema?
<clever>
id say you need to pass a function any time you want to set config based on other config
<clever>
and then it works basically the same way as top level modules
<andromeda-galaxy>
right. but basically submodule arguments can do two different things: (1) define keys for a user to set, (2) define keys based on the ones the user set according to one of the other arguments
<andromeda-galaxy>
and I think it doesn't make sense to do (2) (= pass a function) when you haven't also done (1)
<andromeda-galaxy>
is that right?
<clever>
in the case of unixConfig, the options like .description and unitConfig are being defined elsewhere
<andromeda-galaxy>
right, in targetOptions/serviceOptions/etc.
<clever>
unit*
<andromeda-galaxy>
the 1st argument in the last passed to submodule
<clever>
with import ./systemd-unit-options.nix { inherit config lib; };
<andromeda-galaxy>
my point is more that I think that 'submodule unitConfig' by itself wouldn't be meaningful
<clever>
unitConfig could define both options and config at the same time
<clever>
but the author of systemd choose to not do that
altphi has quit [(Quit: altphi)]
<clever>
the systemd module that is
<andromeda-galaxy>
ahh that makes more sense. but what options would be passed to the unitConfig function when it was being used to get the permissible option definitions, which are needed to compute the options to pass?
<clever>
thats the fun thing with nix and lazyness
<clever>
its being passed the config that it defines the options for
<clever>
and other top-level modules, are being passed their own return value
<andromeda-galaxy>
oh yeah, fair enough
<andromeda-galaxy>
haskeller at heart but have been writing too much idris
<andromeda-galaxy>
and coq
kp__ has quit [(Quit: WeeChat 2.0)]
<clever>
ive also read the source behind how nix handles lazyness
<clever>
all expressions and function calls are initialy of type thunk, which contains a function pointer and argument pointer
<clever>
if you attempt to read it, the type will be temporarily changed to black hole, then the function ran
<andromeda-galaxy>
nice. sounds pretty similar to the ghc rts
<clever>
and after it returns, the type it changed to a base type (int, string, set, list, bool)
<clever>
if it encounters a blackhole while recursively doing that, it knows it has circled around and will cause infinite recursion
<clever>
so it throws a c++ level exception
<clever>
and then restores things back to thunk type as it goes up the call chain
drakonis_ has quit [(Ping timeout: 272 seconds)]
drakonis has quit [(Ping timeout: 272 seconds)]
<clever>
andromeda-galaxy: oh, and there are some other fun tricks in nix involving lists
<clever>
every value in nix is stored as a union of many things, along with an enum for its type
<clever>
because of that union, all values are 2 pointers long, plus a type tag
<clever>
so, internally, it has 3 types for lists
<clever>
for lists of length 1, 2, or n
astronavt has joined #nixos
astronavt has quit [(Remote host closed the connection)]
<clever>
list1 and list2 directly store the first 1 (or 2) items into the union
<andromeda-galaxy>
will have to keep that in mind next time I want to shave a few bytes off an rts ;)
<clever>
every string in nix, has a list of derivations the string refers to
<andromeda-galaxy>
makes sense
<clever>
and when you call the builtins.derivation function with a string, the derivation it creates will auto-magically depend on the derivations the strings refered to
<andromeda-galaxy>
but also... feels a bit off
<clever>
so just doing buildPhase = "${cmake}/bin/cmake"; will make sure cmake is built before your thing
<clever>
and will include cmake in the sandbox
mizu_no_oto has joined #nixos
<clever>
i also just noticed, there is no special type for lists of size 0
<clever>
i'm guessing that would be listn, with the elems set to null
<clever>
so it has the same size as list1 and list2
<andromeda-galaxy>
interesting
<andromeda-galaxy>
one other quick Q on understanding the systemd thing: unitConfig and friends take 'name' as one of the arguments, but serviceOptions and friends don't declare it. where does it come from?
orivej has quit [(Ping timeout: 264 seconds)]
<clever>
andromeda-galaxy: i think thats the foo in systemd.services.foo
<andromeda-galaxy>
it is... but where is the special handling that makes that happen?
mizu_no_oto has quit [(Quit: Computer has gone to sleep.)]
Isorkin has quit [(Read error: Connection reset by peer)]
<clever>
andromeda-galaxy: deep within the bowels of the module framework
boxofrox has quit [(Ping timeout: 256 seconds)]
<andromeda-galaxy>
fair enough. I think maybe mergeModules' inherit name?
<andromeda-galaxy>
or applyIfFunction?
<clever>
applyIfFunction just decides if its a function or not, and calls it with the args if it can
<clever>
so passing a set doesnt fail with an error, and just ignores the args
rotaerk has quit [(Ping timeout: 255 seconds)]
<andromeda-galaxy>
applyIfFunction also appends extraArgs, though, which contains "inherit name"
<andromeda-galaxy>
oh wait nevermind I missed the listToAttrs there
<andromeda-galaxy>
the same is true of mergeModules'
<clever>
line 158 queries the function to get its arguments
<clever>
so { a, b, ... }: returns a { a=false; b=false; }
<clever>
and the attrNames turns it into [ "a" "b" ]
<andromeda-galaxy>
right
<clever>
the map on 160 then fetches the a and b from args or config._module.args
jtojnar has quit [(Quit: jtojnar)]
CMCDragonkai1 has joined #nixos
Tobba has quit [(Read error: Connection reset by peer)]
<andromeda-galaxy>
I should really PR adding all this stuff to the manual, which afaict doesn't explain (1) passing lists to submodule, (2) passing functions to submodule, (3) passing config = ... to submodule, or (4) the special behavior of name when bound by a function passed to submodule inside of attrsOf
CMCDragonkai1 has quit [(Read error: Connection reset by peer)]
jtojnar has joined #nixos
Tobba has joined #nixos
<clever>
i often say, docs can lie, the source cant
<andromeda-galaxy>
yep ;)
<andromeda-galaxy>
that's why I was looking for the name= thing in the source
boxofrox has joined #nixos
jtojnar has quit [(Quit: jtojnar)]
jtojnar has joined #nixos
<fpletz>
jtojnar: then is fails with: No Gcr System Prompter available, falling back to curses
<jtojnar>
weird
fresheyeball has joined #nixos
<fresheyeball>
hey out there
<fresheyeball>
a friend of mine just installed nixos on a lonovo thinkpad
<fresheyeball>
and copy and paste commands do not function
<fresheyeball>
any idea where to look?
<fpletz>
jtojnar: well, it's designed to delegate the prompting to gnome-keyring, so that seems fair :)
* fpletz
does not want to use gnome-keyring for now though
<fpletz>
I've refactored the pinentry expression and made gnupg use only the curses pinentry by default
<jtojnar>
I would expect that it will only show the dialogue when external cache is disabled
<jtojnar>
it seems to do that when running the pinentry program manually
<fpletz>
jtojnar: nice changes, also wanted to merge the qt5 expression
<fpletz>
I've experimented with using multiple outputs for each pinentry program
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] jwiegley pushed 1 new commit to master: https://git.io/vboPW
<NixOS_GitHub>
nixpkgs/master 4062700 John Wiegley: coq_8_7: 8.7.0 -> 8.7.1
NixOS_GitHub has left #nixos []
<fpletz>
and use those in a new nixos-option programs.gnupg.agent.pinentryFlavour to configre which pinentry is desired
<fpletz>
if gnome3 is enabled, it could set that to gnome3 by default
<fpletz>
and stil let the user override it if desired
<fpletz>
if it's unset, the default (curses) or whatever is configured in gpg-agent.conf is used
MP2E has quit [(Remote host closed the connection)]
<fpletz>
I'll open a PR shortly, have to clean it up and rebase after your changes :)
endformationage has quit [(Quit: WeeChat 1.9.1)]
<jtojnar>
sounds nice
<fpletz>
this also solves the dependency cycle in gcr
<fpletz>
gcr currently builds its own gnupg :)
dj_goku_ has quit [(Quit: Lost terminal)]
gm152 has joined #nixos
<jtojnar>
very nice
MP2E has joined #nixos
rotaerk has joined #nixos
<fpletz>
jtojnar: just noticed one bad thing about using multiple outputs here… when building pinentry now, all prerequisites are needed, so qt and gcr has to be built first to get i.e. gtk2
<fpletz>
the dependencies are correct though, the gtk2 version does of course not depend on qt or gcr, they are just build dependencies to get the other outputs
<jtojnar>
bless binary cache
fresheyeball has quit [(Quit: WeeChat 1.9.1)]
<fpletz>
jtojnar: oh no, the qt4 and qt5 versions can't be built simultaneously
<jtojnar>
oh, right
<jtojnar>
do we even still need qt4?
<fpletz>
right, let's remove it
coot has joined #nixos
yegortimoshenko has quit [(Ping timeout: 248 seconds)]
babs__ has quit [(Quit: Leaving)]
jb55 has quit [(Ping timeout: 256 seconds)]
coot has quit [(Quit: coot)]
<johnw>
if I have gc-keep-outputs = true, gc-keep-derivations = true, env-keep-derivations = true, shouldn't nix-collect-garbage -d leave my downloaded tarballs alone for any active derivations that were built from them?
<johnw>
after cleaning (freeing 82G), all my sources are gone, only the .drv files and the outputs remain
<johnw>
but none of the outputs of the tar.gz.drv's
simukis has joined #nixos
<johnw>
for example, I see in the garbage collection output "deleting ‘/nix/store/ixchqlz9pxbijzkbgwfm412hxqlxikfk-zsh-5.4.2-doc.tar.gz’", when I still have ./kgalb2mj2nrbd86mdhsrfwxn9j2cdrfq-zsh-5.4.2-doc.tar.gz.drv afterward that names this file
<johnw>
but doing nix-store -qR on the .drv doesn't mention the .tar.gz file
<johnw>
hmm.. even the Wiki says "all these fetched tarballs are not referenced anywhere and removed on GC"
<neonfuz>
this would be in ~/.config/nixpkgs/config.nix
<neonfuz>
but make it for ghc instead of qbittorrent lol
<neonfuz>
oh wait, there are actually packages made for 8.2.2
<Taneb>
neonfuz, it turns out what I wanted was "nix-env -iA nixos.haskell.compiler.ghc822"
<neonfuz>
yeah I was just going to say actually you can use the full path
<Taneb>
Thanks anyway though! :)
<neonfuz>
I assumed there wasn't a package because I did 'nix-env -qaP | grep ghc' and didn't see it lol
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<neonfuz>
then when I went to see how to make an override I saw it lol
<neonfuz>
np
<neonfuz>
so back on gentoo there was some sort of tag on the packge manager you could do like --fetchonly, which only got the sources but didn't build anything, is this possible with nix?
<neonfuz>
I can't really think how it would be
simendsjo has joined #nixos
b has quit [(Quit: Lost terminal)]
boxofrox has quit [(Ping timeout: 256 seconds)]
ssmike has quit [(Read error: Connection reset by peer)]
<dhess>
nix-prefetch-url --unpack
<neonfuz>
true
<neonfuz>
but you can't do that to many packages, just to certain resources right
gm152 has quit [(Ping timeout: 264 seconds)]
<dhess>
I don't know what you mean. You give it the same URL that the package uses for its src attribute, and it will download it and unpack it.
<neonfuz>
in gentoo you can just do 'emerge -u --fetch-only' to fetch all the new sources, so if you were, say away from internet you could rebuild
<dhess>
oh I see.
<neonfuz>
the only way that would be possible is if it could take an attribute and instead of calculating the actual attribute, recursively go through it and fetch all the sources
<neonfuz>
sorry my terminology is bad lol
<dhess>
I understand what you mean now. Unfortunately I don't know how to do that.
<neonfuz>
I actually got stuck the other day because I did a nixos rebuild and broke my wifi drivers, and I think I did a GC becasue I ran out of root space lol
<neonfuz>
I don't remember how I fixed it
boxofrox has joined #nixos
ssmike has joined #nixos
laggy_wifi has quit [(Ping timeout: 240 seconds)]
ssmike has quit [(Ping timeout: 255 seconds)]
sary has quit [(Ping timeout: 272 seconds)]
<sphalerite>
neonfuz: catern made something like that the other day
sary has joined #nixos
boxofrox has quit [(Ping timeout: 260 seconds)]
<neonfuz>
oh sweet
jacob_ has joined #nixos
magnetophon has quit [(Ping timeout: 265 seconds)]
<sphalerite>
Li: there's a number of machines, I think some of them are AWS EC2 instances, others are physical machines in the Netherlands, there's a physical aarch64 one at packet.net which I think is in the US. Basically a mix. If you're very paranoid I'd recommend building everything yourself (and publishing the results somewhere so others can use it to cross-check)
<sphalerite>
https://hydra.nixos.org/machines here's a list of machines, but it doesn't contain a huge amount of information about them
<sphalerite>
oh, some are at rackspace too
<neonfuz>
hyper_ch: it's currently failing when I try to install firefox, trying to fetch version 27.0.0.187
<sphalerite>
actually not sure if it got backported
<neonfuz>
I mean I can do it again
<neonfuz>
backported from where?
<sphalerite>
it's fixed in master, I don't think it was cherry-picked to 17.09
<sphalerite>
if you're on unstable, it might not have updated yet as well
<neonfuz>
I'm on unstable
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] themoritz opened pull request #32736: pkgs.emacs25: backport patch to fix vfork issue (master...emacs-vfork) https://git.io/vbo5E
NixOS_GitHub has left #nixos []
<neonfuz>
I'm gonna make an override lol
<sphalerite>
yeah it seems it hasn't updated yet
<Li[m]>
Linus: thanks
<sphalerite>
Li: no problem. I don't really know that much about hydra's setup though, so if you want more details best to ask someone else. Not sure exactly who though
<sphalerite>
neonfuz: you could also use unstable-small, which has updated :p
pie_ has quit [(Remote host closed the connection)]
<evangeline>
hi, is anybody using fcrontab, I'm getting the following error when trying to run "fcrontab -l" as fcron user: " User "fcron" is not allowed to use fcrontab. Aborting." ?
Harpalus has joined #nixos
<sphalerite>
evangeline: I don't know about your specific problem unfortunately, but would using systemd timers instead of fcron maybe be an option?
<sphalerite>
That way you can configure it in your configuration.nix as well
<ebzzry>
Both installing and uninstall does NOT work.
<ebzzry>
Ok. 'nix-env --rollback' worked
<evangeline>
sphalerite: I just straced it, you need to add the fcron user to the fcron.allow.
<evangeline>
This is so that the fcron user can use fcrontab; now I need to trace what to add so my user is able to execute command as fcron, possibly I need to add an entry into the sudoers
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl opened pull request #32737: Tidy up the Coq package sets (master...coq-packages-filter) https://git.io/vbo5b
NixOS_GitHub has left #nixos []
<sphalerite>
ebzzry: it's a bug in nixUnstable. I've fixed it but it's not in nixpkgs yet
<ebzzry>
Wait. The rollback doesn't work.
<ebzzry>
What tree can I pull from?
<ebzzry>
What is the current course of action?
<sphalerite>
ebzzry: run your nixos-rebuild within nix-shell -p nix
<ebzzry>
Just `nixos-rebuild` or the one with `switch`?
<sphalerite>
^ the PR that fixes it
<ebzzry>
Ok
<sphalerite>
ebzzry: whatever fails
<ebzzry>
Who do we shoot?
<sphalerite>
Nobody preferably :)
<neonfuz>
sphalerite: ooh, maybe that is better for me, I used to be a gentoo-unstable user lol
<neonfuz>
so I'm used to recompiling things
<neonfuz>
and am finding myself doing anyways as I start making overrides and stuff
<sphalerite>
neonfuz: usually the regular channels won't be more than a day or two behind, but sometimes that day or two can be painful so yeah it could help
ylwghst has quit [(Ping timeout: 256 seconds)]
<ebzzry>
Wait, wait. Why am I getting 'sudo nixos-rebuild, No manual entry for nixos-rebuild'
<ebzzry>
That is inside `nix-shell -p nix`
<LnL>
it takes a command like switch
<LnL>
and it probably can't find the manpage because of sudo
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] bjornfor pushed 1 new commit to master: https://git.io/vbodO
<NixOS_GitHub>
nixpkgs/master 352399e Markus Kowalewski: airspy: fix installation of udev rules for USB access
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] bjornfor closed pull request #32719: airspy: fix installation of udev rules for USB access (master...airspy-udev) https://git.io/vbrxU
<ebzzry>
sphalerite: Yes. Using -A prevents the evaluation of the whole expression, by selecting the attribute directly.
<ebzzry>
sphalerite: 'nix-channel --update' gives me 'error: imported archive of ‘/nix/store/5s5nxqmhl4syga1pmqgwpff8l0g8cahj-nixos-17.09’ lacks a signature'
pie_ has joined #nixos
<ebzzry>
Additionally, 'nix-env -iA nixos.nix' still gives me that EOF problem
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 3 new commits to master: https://git.io/vbodp
<NixOS_GitHub>
nixpkgs/master 237cf9e Luke Adams: edk2: 2014-12-10 -> 2017-12-05...
<Baughn>
I'd argue this is Qt's fault and a breach of semantic versioning, but sigh.
<seequ>
Yes, but that doesn't make it any less of a problem.
marsam has quit [(Ping timeout: 240 seconds)]
<Baughn>
Tried `nix-env -u --always`?
ssmike has joined #nixos
<Baughn>
It seems like making sure *everything* is on 5.9.2 would also fix it.
<gchristensen>
Ankhers: both :)
<Ankhers>
I assume there is more of an explanation incoming?
<gchristensen>
yes
<aanderse>
when github says "merged 1 commit into NixOS:release-17.09 from ...." this means if i update my system i'll have this update on my system, right?
<aanderse>
nixpkgs pulls straight from github right?
<seequ>
Aha. The culprit was a custom package I had installed a while back. Which obviously had no update route.
<Baughn>
aanderse: If you *want* a particular commit, then the simplest way is to run nix-channel --update, take note of the commit ID in the update message, check out that version from git, cherry-pick on top of that and finally rebuild your system from the result.
<gchristensen>
Ankhers: there is a cluster of ofborg build machines, run by different members of the community. however, a single ofborg build is run on a single machine.
<Baughn>
There are ways to automate that, of course. Building straight from head is unlikely to work.
<Ankhers>
Gotcha.
<Ankhers>
Thanks.
<aanderse>
well steam is broke and someone fixed it... i just wanted to game out tonight because i've been so busy lately
<aanderse>
dang
<aanderse>
oh well, thanks for letting me know
<Baughn>
aanderse: So you can do what I suggested. ;-)
<Baughn>
aanderse: Alternately, 'nixos-rebuild switch --rollback' until it works.
<gchristensen>
^ this has some words about why, and what testing goes in to the channel but doesn't happen if you just fetch the branch directly
erictapen has quit [(Ping timeout: 264 seconds)]
ssmike has quit [(Ping timeout: 255 seconds)]
<aanderse>
that command just switched me to the testing channel?
<yegortimoshenko>
if you have any problems, you can always roll back
<aanderse>
yeah, nixos + zfs is great
<yegortimoshenko>
realistically, you'll be fine, release-17.09 only gets backported changes
<aanderse>
i can screw up as much as i want
iqubic has joined #nixos
<gchristensen>
no, but you're using a version of nixpkgs which isn't vetted to keep your system working
<aanderse>
and i'm just a rollback away from being ok
<gchristensen>
that is not true
<iqubic>
Which package provides make?
<aanderse>
so in a few days, after this fix makes it into the normal channels, how do i go back?
<Yaniel>
iqubic: gnumake I think
<yegortimoshenko>
aanderse: you don't have to do anything, just nixos-rebuild switch
<aanderse>
fantastic
<gchristensen>
using an unvetted version of nixpkgs isn't tested to not rm -rf /, or ruin your bootloader by mistake. there are real risks to using an untested version of nixpkgs for nixos that are not handled by rolling back, aanderse
<aanderse>
gchristensen: thank you for letting me know. so release is just like a quick peer review on github, where the normal channel is more carefully vetted?
<gchristensen>
right
<gchristensen>
and this is not a vague risk, it has happened that people used an untested version of nixpkgs that made their system unbootable. it was from the master branch, not a stable release, but still
<aanderse>
well i'll be sure to never run that on the desktop then
<yegortimoshenko>
gchristensen: i don't see any commits that are not backported in release branch
<gchristensen>
sorry?
<yegortimoshenko>
what i mean is, all commits in release-17.09 branch are backported from master. i think you said "that is not true" in regards to that
<yegortimoshenko>
also, changes to release branches tend to be very minor
<gchristensen>
no, I said "that is not true" to "i can screw up as much as i want" and ""and i'm just a rollback away from being ok"
<yegortimoshenko>
it is true, if boot is from zfs, barring new zfs corrupts filesystem, which is very unlikely
<gchristensen>
yes I know, but it is unsafe to assume it is always fine to build from an untested commit and it is always going to be possible to roll back in that circumstance
<aanderse>
well, again, i appreciate all the help and information
<aanderse>
a malicious commit could bork my zfs
<gchristensen>
no, it is not true, because it assumes other software doesn't corrupt ZFS by mistake
<aanderse>
mhm
<gchristensen>
or on purpose
<aanderse>
like when i upgraded from nixos 17.03 to 17.09 that upgraded the zfs version
<aanderse>
i was a bit nervous about that
<yegortimoshenko>
most software is fs-agnostic
<aanderse>
but it worked great
<aanderse>
anywho
<aanderse>
kids are running around... gotta go
<aanderse>
thx again
<yegortimoshenko>
see you
<gchristensen>
it doesn't make it universally true or a safe statement to make to someone who doesn't know the specifics
<gchristensen>
it is critical we keep people trusting that the channel won't break their system, and telling people to leave the channel without the caveats that it lacks the normal safety checks is not good
<gchristensen>
Baughn's recommendation to use the channel commit + a cherry-pick of the specific bump is much safer advice
<yegortimoshenko>
gchristensen: i understand your point, but risk of breaking the system, considering the context (zfs, + release branch) is negligible.
<yegortimoshenko>
and passing nixos/nixpkgs tests don't entirely negate that possibility. system can break at any time.
<gchristensen>
yes, the risk is low, and there don't appear to be risky changes unreleased, however there are 698 other people in #nixos who may follow that advice another time in riskier cases
<yegortimoshenko>
s/don't/doesn't/
<gchristensen>
aanderse: fwiw it looks like the channel will include the steam change by this after noon
<gchristensen>
of course they don't
ssmike has joined #nixos
<yegortimoshenko>
s/doesn't/don't/
<gchristensen>
:D
<yegortimoshenko>
heh, i misread my own message
<yegortimoshenko>
or... wait...
<yegortimoshenko>
s/don't/doesn't/
altphi has quit [(Quit: altphi)]
<gchristensen>
haha.it is okay
<yegortimoshenko>
...
<gchristensen>
the tests do though at least validate the bootloader will be properly written
<iqubic>
Trying to get stack working on NixOS, and not having much luck.
<sphalerite>
LnL: plus the whole issue was that the channel wasn't up-to-date enough
<tilpner>
LnL - s/release/nixos/?
usr_ has joined #nixos
<LnL>
right, it uses the channel names there
<betaboon>
good evening. reporting back on running nixos on rpi-zero-w using the armv6 image. didnt succeed. i just checked with a raspbian image which boots fine. the ACT-led blink pattern seems to indicate that the sd-card cannot be read. any ideas ?
<usr_>
I have this error: "SSL certificate problem: unable to get local issuer certificate." while running stack build (while cloning git extra dependency network-transport-tcp ) in buildCommand of derivation. Is anyone familiar with this?
<LnL>
you could also run some of the nixos tests yourself if you really want to be safe
Acou_Bass has quit [(Ping timeout: 265 seconds)]
<yegortimoshenko>
look at arch people, they run the newest and the latest and can't even roll back
Judson has quit [(Ping timeout: 255 seconds)]
ssmike has joined #nixos
<yegortimoshenko>
(and it works most of the time without breakage)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] jtojnar opened pull request #32739: libpcap: increase maximum snapshot length for dbus (master...libpcap-nolimit) https://git.io/vbKvL
NixOS_GitHub has left #nixos []
<sphalerite>
does anyone happen to know if it's possible for me to remove the write protection that's on part of the eMMC in my chromebook?
acarrico has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] 7c6f434c closed pull request #32731: graphviz: cleanup, use autoreconfHook, source from GitLab (master...graphviz/src) https://git.io/vboza
NixOS_GitHub has left #nixos []
iqubic has left #nixos ["ERC (IRC client for Emacs 25.3.1)"]
<samueldr>
betaboon: this means then that there is no serial output at all, right?
<betaboon>
samueldr: yep nothing on the tty. the led blink pattern is 1xlong->1xshort->dark which seems to mean sd-cannot-be-read
<samueldr>
I'm guessing you don't have a raspbery pi 1 B to double-verify that the sd-image-armv6 is properly installed
<betaboon>
samueldr: good idea. i do. gonna check after writing the nixos image back onto the sd-card
<samueldr>
:)
<joncfoo_>
When using `buildStackProject` in a default.nix file I notice that Stack always tries to download GHC and subsequently fails - is there something that I'm specifying incorrectly? - http://sprunge.us/KHdY
<samueldr>
this'll at least let us know the image is good
* samueldr
is looking into getting both raspberry pi zeroes
phdoerfler has joined #nixos
DeaDSouL has joined #nixos
<joncfoo_>
shouldn't `buildStackProject` be forcing Stack to use the --nix flag and thus use GHC provided by nix?
marsam has joined #nixos
catears has quit [(Quit: Connection closed for inactivity)]
erictapen has joined #nixos
<joncfoo_>
I "fixed" it by specifying: buildPhase = "stack --no-install-ghc build"
<joncfoo_>
seems odd that stack would require that flag
mizu_no_oto has quit [(Quit: ["Textual IRC Client: www.textualapp.com"])]
<betaboon>
samueldr: same behavior on two rpi-1-b
jb55 has joined #nixos
<samueldr>
can you confirm the name of the image file you're using?
<betaboon>
sd-image-armv6l-linux.img
<samueldr>
okay, should be the one
<samueldr>
I'm loading the latest one to check on mine, maybe there's something wrong with the image? (I wouldn't bet on it)
<samueldr>
have you verified the sha256sum of the image to be 6b76d7e1d9acc57ec2b1c0503d01ebcc085566f5b4211a423ff016e19bc0229b ?
michaelpj has quit [(Quit: ZNC 1.6.5 - http://znc.in)]
iyzsong has quit [(Ping timeout: 256 seconds)]
michaelpj has joined #nixos
proteusguy has quit [(Remote host closed the connection)]
<betaboon>
samueldr: yep shasum is correct (of the downloaded file)
usr_ has quit [(Ping timeout: 260 seconds)]
acarrico has quit [(Ping timeout: 255 seconds)]
proteusguy has joined #nixos
<betaboon>
samueldr: i ran dd with bs=4M and conv=fsync (which worked fine with the raspbian image)
<jmc_fr>
clever: $PATH/ => `/home/jmc/bin:/run/wrappers/bin:/etc/per-user-pkgs/jmc/bin:/home/jmc/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin/:' - what am I missing ?
<jmc_fr>
<clever>
jmc_fr: there should be vbox utils in /run/current-system/sw/bin
<jmc_fr>
clever: OK, thanks !
<gchristensen>
pbogdan: hopefully I fixed it, but I've got to go, hopefully it doesn't cause too many issues
<gchristensen>
pbogdan: I need to move those checks to a bigger box
<samueldr>
betaboon: the large offset is because the image is generic
<samueldr>
the raspberry pi boot process directly reads the first(?) FAT partition and searches for a file
<samueldr>
whilst most other boards will read from after the MBR at a specific offset, to get the bootloader
<samueldr>
offsetting partitions this way makes the images universal
<clever>
yeah
<yegortimoshenko>
pbogdan: btw, what's the problem? is it specific to cdemu/libmirage?
<clever>
in both cases, the dram is offline, and that first stage goes into the L2 cache of the cpu
<samueldr>
(it really depends on the hardware though, pine64 as an example loads a FIRST part off a flash chip, which then loads from an offset, but technically the whole bootloader can be on the flash chip if wanted and if it fits)
<clever>
yeah, the allwinner line loads an SPL (secondary program loader) from a given offset on many media
<clever>
and the SPL that comes with u-boot is concated to u-boot itself, and expects u-boot to follow
<jmc_fr>
Btw, is it a good idea to git /etc/nixos/configuration.nix, I mean locally, to follow the changes. Or is thre a way to diff it with previous versions
acarrico has quit [(Ping timeout: 268 seconds)]
<clever>
jmc_fr: i tend to put a git repo at /etc/nixos/nixcfg/
<clever>
jmc_fr: then configuration.nix just contains the bare minimum to boot, and imports = [ ./nixcfg/hostname.nix ];
<clever>
each host has its own unique file that is added to imports, and all can share nixcfg
<sphalerite>
Couple of questions about remote builders… Can I get them to fetch paths from a binary cache rather than copying them over from the machine requesting the builds when possible? Or even from each other?
<clever>
jmc_fr: the hostname.nix can then have something like ./core.nix added to imports, to share config between several systems
erictapen has quit [(Ping timeout: 240 seconds)]
<clever>
sphalerite: i know nix-copy-closure can make the remote system use a binary cache, but i dont know if hydra/nix-daemon can trigger that automatically
<sphalerite>
or can I "chain" remote builds, i.e. get one machine to handle build requests by passing them on to others?
<clever>
i have chained by mistake
vcunat has joined #nixos
<sphalerite>
hm, nix-copy-closure isn't really what I want
<clever>
yeah, but the remote end does support it
<clever>
so nix-daemon needs to just send the right flag
<sphalerite>
Also, can I change the compression used on a binary cache? xz is heavy and I'd rather save the CPU time than the bandwidth and storage space, and use gzip or something instead
aloiscochard has joined #nixos
<clever>
sphalerite: how is the the cache being served?
<sphalerite>
via HTTP
<sphalerite>
I'm copying into it using nix copy and sshfs
<clever>
what server at the other end?
<sphalerite>
nginx
<clever>
ah, is it a new `nix copy` that generates a directory of .nar.xz's ?
himmAllRight has quit [(Remote host closed the connection)]
himmAllRight has joined #nixos
<sphalerite>
nix copy can copy between various kinds of store, including a binary cache (using a file:///path/to/cache/dir URL), a local nix store via chroot (using a /path/to/root "URL"), a remote host's nix store (using a ssh://foo@example.com URL), etc
<sphalerite>
so yes, in the case of a file:// URL it will create narinfos and nar.xz's
<clever>
ah, then the compression would have to be changed within nix
aloiscochard has quit [(Ping timeout: 240 seconds)]
thblt has quit [(Remote host closed the connection)]
<sphalerite>
hm snooping around the source code suggests that it supports other compression as well
<samueldr>
but I think it might, it feels like I have seen that exact same problem while testing with another board earlier on
ebzzry has joined #nixos
b has quit [(Quit: leaving)]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 3 new commits to staging: https://git.io/vbKTR
<NixOS_GitHub>
nixpkgs/staging 07d3bfc Vladimír Čunát: libjpeg(-turbo): 1.5.2 -> 1.5.3
<NixOS_GitHub>
nixpkgs/staging 21ba964 Vladimír Čunát: mesa: maintenance 17.2.6 -> 17.2.7
<NixOS_GitHub>
nixpkgs/staging fc5756e Vladimír Čunát: cairo: bugfix 1.14.10 -> 1.14.12
NixOS_GitHub has left #nixos []
b has joined #nixos
d3vnu77 has joined #nixos
<ison[m]>
Hello, I'm having a problem with steam on NixOS. It looks like the problem was fixed here https://github.com/NixOS/nixpkgs/pull/32723 18hrs ago but I still get no changes when I --upgrade my system. Am I misunderstanding something? Or is there something I need to do to gain access to these kinds of bug fixes? Or do I just need to wait longer before the fix propagates to me?
<sphalerite>
ison: the channel just hasn't updated yet
<sphalerite>
^ that will fetch the not-yet-tested updated nixpkgs version (where the fix is included) and build the steam package from there
<ison[m]>
Ok, I see. Thank you
<samueldr>
betaboon: I can confirm that the image works on my raspberry pi 1, (when using a good known working sd card)
alexteves has joined #nixos
<samueldr>
hmmmmmmmmmm, or I shared successs too soon
<samueldr>
ah, there's no loglevel parameters
<samueldr>
sorry, serial output parameter to the kernel
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dylex opened pull request #32740: slurm: 17.02.6 -> 17.02.9 for CVE-2017-15566 (master...slurm) https://git.io/vbKTp
NixOS_GitHub has left #nixos []
marsam has quit [(Ping timeout: 240 seconds)]
<samueldr>
with HDMI plugged-in, I can finally confirm that yes, the armv6l image does boot to login prompt
zarel has joined #nixos
<sphalerite>
samueldr: console=/dev/ttyS1?
<samueldr>
something like that, but that was because I assumed the sd-image had it by default
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 2 new commits to master: https://git.io/vbKkl
<NixOS_GitHub>
nixpkgs/master 9846d74 Tim Steinbach: linux: 4.4.105 -> 4.4.106
<NixOS_GitHub>
nixpkgs/master 5850e74 Tim Steinbach: linux: 4.9.69 -> 4.9.70
NixOS_GitHub has left #nixos []
<samueldr>
sd-image-aarch64 has that: `console=ttyS0,115200n8` by default
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 1 new commit to release-17.09: https://git.io/vbKk8
<NixOS_GitHub>
nixpkgs/release-17.09 13c8775 Tim Steinbach: linux: 4.4.105 -> 4.4.106...
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 1 new commit to release-17.09: https://git.io/vbKkB
<NixOS_GitHub>
nixpkgs/release-17.09 d14c63d Tim Steinbach: linux: 4.9.69 -> 4.9.70...
NixOS_GitHub has left #nixos []
d3vnu77 has quit [(Remote host closed the connection)]
d3vnu77 has joined #nixos
erictapen has joined #nixos
d3vnu77 has quit [(Remote host closed the connection)]
d3vnu77 has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 1 new commit to master: https://git.io/vbKkD
<NixOS_GitHub>
nixpkgs/master a192ac5 Tim Steinbach: linux-copperhead: Fix hash
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 1 new commit to release-17.09: https://git.io/vbKkS
<NixOS_GitHub>
nixpkgs/release-17.09 32b6911 Tim Steinbach: linux-copperhead: Fix hash...
NixOS_GitHub has left #nixos []
nuncanada has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] gnidorah opened pull request #32741: rambox: allow user to disable tooltips (master...rambox) https://git.io/vbKkQ
NixOS_GitHub has left #nixos []
<contrapumpkin>
I was going to read the iohk site but their front page was so mesmerizing that I'm now just playing with it
sary has quit [(Ping timeout: 265 seconds)]
sary has joined #nixos
m0rphism has quit [(Quit: WeeChat 1.9.1)]
balsoft[m] has joined #nixos
<sphalerite>
How can I remove something from systemPackages? Specifically in this case I don't want xterm in systemPackages but I do want services.xserver.enable = true
<sphalerite>
Is the only option copying the whole module and removing the xterm line?
<clever>
export includes the list of deps for each path, and the hash of the nar, along with its storepath
m0rphism has joined #nixos
<clever>
but no signature
fendor has joined #nixos
mahalel_ has joined #nixos
oida has quit [(Ping timeout: 240 seconds)]
Oida has joined #nixos
phreedom has joined #nixos
endformationage has joined #nixos
drakonis has quit [(Ping timeout: 255 seconds)]
<betaboon>
samueldr: sorry for not responding, something came up xD
<betaboon>
samueldr: on the rpi1 did you have keyboard and screen connected while booting? I'm trying to boot without any of those, maybe that can be a source of problems (not likely i guess).
<betaboon>
samueldr: what confuses me: the same sd-card works with raspbian so i would consider this sd-card to be good. all the shasums on the sd-card seem to match the shasums in the img (i checked by mounting the img and comparing shasums)
<samueldr>
betaboon: serial console isn't in the kernel command line parameters on the image, if you see u-boot, and it says "starting kernel", you're okay
<samueldr>
with hdmi I was able to assert that yes, I booted to prompt
sary has quit [(Ping timeout: 265 seconds)]
ebzzry has joined #nixos
drakonis has joined #nixos
cmiles74 has joined #nixos
aloiscochard has joined #nixos
aarvar has joined #nixos
fenedor has joined #nixos
jb55 has quit [(Ping timeout: 272 seconds)]
fendor has quit [(Ping timeout: 248 seconds)]
aloiscochard has quit [(Ping timeout: 240 seconds)]
cmiles74 has quit [(Quit: WeeChat 1.9.1)]
m0rphism has quit [(Quit: WeeChat 1.9.1)]
alexteves has quit [(Quit: My Mac Mini has gone to sleep. ZZZzzz…)]
python476 has joined #nixos
<lejonet>
Hmm, to install virt-manager, don't I just have to specify virt-manager in environment.systemPackages? nixos-install is whining about undefined variable "virt-manager" even tho I can find the package in applications/virtualization/virt-manager in nixpkgs and I have "with pkgs;" infront of the list that I define systemPackages in
<lejonet>
do I have to do virt_manager or something like that?
<samueldr>
environment.systemPackages wants attribute names, which is sometimes different from the name of the package
<samueldr>
as a small bonus, it caches things for a small while, making the next searches faster
verite has joined #nixos
<lejonet>
ah yeah, got hinted that nox was a good thing a while back, but haven't done that much with nixos lately, I've got one server deployed with nixops, but that is as far as my nixos fiddling has taken me so far :P
<samueldr>
fiddle some more then! :)
<lejonet>
I'm trying to :P
<lejonet>
but time has been short :(
<lejonet>
I still need to figure out why I can't login locally on that server that I deployed, just because I enabled sssd xD
<lejonet>
ssh and all that works as intended but even root isn't allowed to login locally xD
Guest76527 has quit [(Remote host closed the connection)]
<lejonet>
Kindof wanna solve that issue before I go bonkers and convert my entire server env :P
<ottidmes>
Is it possible to modify things defined in NixOS through my config instead of actually modifying my local nixpkgs checkout? I tried e.g. systemd.units."getty@.service".text = builtins.replaceStrings [" --noclear"] [""] config.systemd.units."getty@.service".text; But unsurprisingly this causes infinite recursion. Is there a way to achieve this, our is there no way around having to assign the text directly (not
<ottidmes>
using the old value)?
MocroBorsato has joined #nixos
<sphalerite>
ottidmes: not really. Your best bet is (unfortunately) copying the default value and making the change yourself :(
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 2 new commits to master: https://git.io/vbKne
<NixOS_GitHub>
nixpkgs/master bb02a14 Frank Doepper: pulsemixer: 1.3.0-license -> 1.4.0
<ottidmes>
sphalerite: I expected as much, otherwise I probably would have seen it before, but I imagine this would have made ordering imports and such very tricky and more expensive
<seequ>
Btw, what's the policy on PRing alpha/beta software to nixpkgs?
<sphalerite>
ottidmes: yeah. I feel like generally the module system isn't really an ideal solution for the problem
jnugh has quit [(Remote host closed the connection)]
MocroBorsato has quit [(Ping timeout: 260 seconds)]
nickdshsadhkas[m has joined #nixos
zzamboni has joined #nixos
JosW has quit [(Quit: Konversation terminated!)]
fendor has quit [(Remote host closed the connection)]
<yegortimoshenko>
hi, i want to package electron, but i can't realistically build it on any hardware that i own. can someone setup a hydra jobset for me?
Mateon3 has joined #nixos
<sphalerite>
yegortimoshenko: what's the limitation?
vidbina has quit [(Ping timeout: 265 seconds)]
<sphalerite>
yegortimoshenko: because chances are that won't reduce your latency
<yegortimoshenko>
sphalerite: its build time is roughly chromium build time + nodejs build time * 2
Mateon1 has quit [(Ping timeout: 265 seconds)]
Mateon3 is now known as Mateon1
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 2 new commits to master: https://git.io/vbKnb
<yegortimoshenko>
sphalerite: it also needs at least 8GB RAM and 25GB disk space to build
<sphalerite>
yeah chances are a hydra jobset won't really improve the build time by a useful amount. What makes hydra able to build all of nixpkgs fairly fast is the number of machines, but only one machine will be able to build electron at a time
<yegortimoshenko>
sphalerite: i see
<sphalerite>
You might be better off using an EC2 instance or something
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] davidak opened pull request #32745: [WIP] elementary-xfce-icon-theme: init at 2017-11-28 (master...elementary-xfce) https://git.io/vbKcR
NixOS_GitHub has left #nixos []
<yegortimoshenko>
yeah, i have some gcp credit. by the way, is there a nixos gcp image? i couldn't find one
<yegortimoshenko>
i know i probably could use nixops
<sphalerite>
no, nixops won't help you magically get nixos on a machine unfortunately
zzamboni has quit [(Quit: Leaving.)]
<sphalerite>
I don't know if there's a GCP image, but you don't necessarily need a nixos machine, you can just install nix on debian or whatever
<yegortimoshenko>
sphalerite: i've previously deployed to gcp via nixops and it is almost certainly results in nixos running on a gcp instance
<yegortimoshenko>
maybe via nixos-assimilate, i don't know details
<sphalerite>
ah right nixops specifically supports gcp
<sphalerite>
then yeah there must be a GCP image, or a way to build one :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 2 new commits to master: https://git.io/vbKcD
<verite>
New to Nix and the idea of package managers in general (ie: I'm used to package managers just blowing up my machine upon installation). Just installed Nix on my Mac. Starting with the Nix manual and the Nix pills (blog series from 2014 http://lethalman.blogspot.it/2014/07/nix-pill-1-why-you-should-give-it-try.html). Are there any other good resources for Nix beginners using Mac's?
<pie_>
well we have a wiki again now....i think?
<pie_>
##nix-darwin ?
<yegortimoshenko>
pie_: nix-darwin is not very active, and i think is mostly for LnL's declarative configuration tooling
cmiles74 has joined #nixos
<pie_>
ah.
<pie_>
i wouldnt know
<LnL>
we mostly discuss darwin specific issues there
jb55 has joined #nixos
verite has quit [(Quit: Live long and prosper.)]
verite has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] jtojnar opened pull request #32746: haskellPackages.bustle: build icons and metadata (master...bustle) https://git.io/vbKCj
NixOS_GitHub has left #nixos []
<LnL>
verite: for most things there's not really a difference, the nix pills are a great starting point
<infinisil>
whew, i put all my home-manager config in my system config, now I can build both my server's and local machine's nixos config and their home-manager config with a single command :D
aarvar has quit [(Ping timeout: 265 seconds)]
thblt has quit [(Ping timeout: 265 seconds)]
fendor has quit [(Remote host closed the connection)]
joelpet has quit [(Remote host closed the connection)]
<LnL>
that isn't the nix-store --serve --write error right?
<sphalerite>
yeah sounds familiar to me too but I can't put my finger on it
<symphorien>
well I did that with a bogus hash, but I still get a name or service not known error
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej closed pull request #32674: texlive: fix use of xdvi: add hashes and don't orphan it (master...fix/xdvi-hash) https://git.io/vbV5e
NixOS_GitHub has left #nixos []
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] orivej pushed 2 new commits to master: https://git.io/vbKBf
<NixOS_GitHub>
nixpkgs/master fcffee2 Will Dietz: texlive: fix use of xdvi: add hashes and don't orphan it...
<samueldr>
I remember reading about something similar, I think it was with btrfs
<sphalerite>
I also need to work out why gnutls builds fine on my chromebook but not on Scaleway's C1 servers
romildo has joined #nixos
joelpet has quit [(Remote host closed the connection)]
<samueldr>
IIRC, ext4 has a soft limit (configurable) too
joelpet has joined #nixos
Itkovian has quit [(Quit: My MacBook has gone to sleep. ZZZzzz…)]
<sphalerite>
yegortimoshenko: it took 44min
<sphalerite>
also…
<sphalerite>
error: derivation '/nix/store/xxrrk2ls8b8jxs7f2hpy05pq5wqz8h9a-chromium-63.0.3239.84.drv' may not be deterministic: output '/nix/store/vk8lvg8v2q3x0yai3wypjilxhhfqa65s-chromium-63.0.3239.84' differs
<sphalerite>
:(
<LnL>
gchristensen: inodes?
jmc_fr has joined #nixos
<yegortimoshenko>
sphalerite: i see, thanks
<gchristensen>
OH!
ivanivan has joined #nixos
ivanivan has quit [(Client Quit)]
erictapen has joined #nixos
erictapen has quit [(Remote host closed the connection)]
erictapen has joined #nixos
ma27 has quit [(Ping timeout: 240 seconds)]
<jmc_fr>
now installing physically (after successful test in VBox) : however it fails with "Failed to check file system type of "/boot": no such fileor directory ... yet I followed carefully the manual
<gchristensen>
probably inodes, LnL :)
alexteves has joined #nixos
phreedom has quit [(Ping timeout: 240 seconds)]
srdqty has quit [(Quit: WeeChat 1.9.1)]
romildo has quit [(Quit: Leaving)]
<samueldr>
jmc_fr: installing using bios boot, legacy on uefi or using uefi? Which bootloader?
<jmc_fr>
samueldr: new install as dualboot with windows 8 (? - I dunno anything on windows, but must keep it). In my config I have boot.loader.systemd-boot.enable = true, but I have not installed grub, I thought nixos-install would do it
<samueldr>
then you're booting with UEFI (good to know)
sigmundv__ has quit [(Ping timeout: 272 seconds)]
<samueldr>
grub won't be installed if you're using systemd-boot
<jmc_fr>
I have checked that there is a bios (version )
<jmc_fr>
I have checked that there is a bios (version 2012)
<jmc_fr>
OK so I do not need grub.
<sphalerite>
clever: looks like the logs for remote builds don't even get saved in /nix/var/log on the remote build host :(
<samueldr>
when booting using UEFI, the bootloader is installed in what is called the ESP (EFI System Partition)
<samueldr>
nixos assumes this partition will be mounted at /boot/ for UEFI booting
<samueldr>
you will need to mount it at /mnt/boot for the installation process
<jmc_fr>
OK, trying this
romildo has quit [(Ping timeout: 265 seconds)]
<samueldr>
(if windows 8 came installed on the computer, I do not know for sure how the ESP is formatted or configured, I've not kept windows around for years)
erlandsona has joined #nixos
moet has joined #nixos
phreedom has joined #nixos
<erlandsona>
Hey y'all what's the latest nixos lts channel at the moment? I'm currently using nix-unstable but I just tried upgrading after a few months and it broke a bunch of stuff... I wanted to try a less drastic upgrade to see how that worked.
jmc_fr has quit [(Quit: ERC Version 5.3 (IRC client for Emacs))]
<infinisil>
Well there's 17.09, which is more stable than nixos-unstable
<erlandsona>
Ardour wouldn't build :shrug:
jmc_fr has joined #nixos
<sphalerite>
infinisil: it's not LTS though
<erlandsona>
Rather is v18 out? or where do I find the channels list again?
<sphalerite>
erlandsona: which version did you try to upgrade from and what broke?
DeaDSouL has quit [(Read error: Connection reset by peer)]
<erlandsona>
It's still 17.09?
<sphalerite>
erlandsona: no, the stable version numbers are based on dates like ubuntu's. 18.03 will be out in (or shortly after) March 2017
<sphalerite>
2018z
<sphalerite>
Yes, 17.09 is the current stable version
<erlandsona>
Ah alright, sounds good. I'll give 17.09 a shot again then.
<sphalerite>
yegortimoshenko: I'm also building webkitgtk on the machine to see how long that takes btw
<sphalerite>
erlandsona: I suggest reading the release notes for all the versions that came out since you last used it. They should cover all the breaking changes, anything else that breaks is likely to be a bug
pie_ has quit [(Ping timeout: 256 seconds)]
<orivej_>
erlandsona: ardour builds in the current master, but it was broken for about 20 hours, and the last channel update must have happened at that time
orivej_ is now known as orivej
dan_b has quit [(Ping timeout: 272 seconds)]
iyzsong has joined #nixos
pie_ has joined #nixos
<erlandsona>
orive_j: thanks! Maybe I'll try it again in a bit...
joelpet has quit [(Remote host closed the connection)]
jb55 has quit [(Ping timeout: 240 seconds)]
erictapen has quit [(Remote host closed the connection)]