<Aleksejs>
I think I created it via unetbootin, but I don't remember exactly. I labeled partition as NIXOS_ISO (the label of image I used) and will try in a moment
<maurer>
lassulus: Sorry, that one won't help you, that checks for "Spectre" not meltdown, and there's no workaround for that one, and you're almost certainly affected
<samueldr>
labelling the partition should work (iirc)
<samueldr>
the new and best™ method since ~17.09 (maybe 17.03) is simply dd-ing or using an equivalent process
dan_b` has quit [Quit: Lost terminal]
<Aleksejs>
yeah, it helped!
<lassulus>
maurer: thanks anyway. so even upgrading to 4.14.11 won't save me?
<MP2E>
yeah unfortunately there are 2 huge security bugs, and meltdown is the only one currently worked around, from what I can tell
<maurer>
lassulus: there are two attack vectors. 4.14.11 removes the worst one
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dhess opened pull request #33405: Make GHC work on armv7l-linux (master...ghc-armv7l) https://git.io/vNe5m
NixOS_GitHub has left #nixos [#nixos]
<maurer>
lassulus: The other one there is no saving you from, but don't turn on BPF and you should only have to worry about ring3 getting invaded
<maurer>
probably'
<maurer>
as long as your compiler doesn't generate unusual code for the kernel
nithor has joined #nixos
<lassulus>
ok, good to know. is BPF turned on normally?
<maurer>
No
<lassulus>
ok, great, thanks for all the information.
<maurer>
The other one can only manage to ring jump if a certain code structure is present in the victim process (looks like if (bounds check) a[b[x]] where x is user controlled)
<maurer>
bpf can be used to generate that structure if not present
<maurer>
but it can break SFI, so I dunno what browsers are gonna do about it
<maurer>
maybe they'll rework their jits
Fannar has quit [Quit: leaving]
<Aleksejs>
samueldr: I think it would also be useful to add some nice manual on how to deal with wlp0s1 not ready. I have this error now and I had it on my old lenovo. In both cases, wifi works if I launch KDE
mizu_no_oto has joined #nixos
nithor has quit [Ping timeout: 252 seconds]
<samueldr>
hmmm, Aleksejs, how did you deal with wlp0s1, I haven't seen that
joelpet has quit [Remote host closed the connection]
joelpet has joined #nixos
lassulus has quit [Quit: WeeChat 1.9.1]
mbrgm has joined #nixos
lassulus has joined #nixos
macslayer has quit [Ping timeout: 248 seconds]
<pie_>
any rust people know how to get qmlrs to work? im trying to build panopticon and the build breaks at qmlrs
macslayer has joined #nixos
joelpet has quit [Remote host closed the connection]
joelpet has joined #nixos
joelpet has quit [Changing host]
joelpet has joined #nixos
ma27 has quit [Ping timeout: 265 seconds]
joelpet has quit [Remote host closed the connection]
Ridout has joined #nixos
joelpet has joined #nixos
joelpet has quit [Changing host]
joelpet has joined #nixos
<Aleksejs>
one more thing I noticed: when SATA controller mode is set to Intel RST, NixOS doesn't see any ssd. It sees them when I switch to AHCI
jrolfs has joined #nixos
jrolfs__ has joined #nixos
m0rphism has joined #nixos
<gchristensen>
I've heard of this before with other linuxes, Aleksejs
<clever>
Aleksejs: is that when fully booted, or at the initrd?
<Aleksejs>
clever: booted from usb
<clever>
that is strange
tekul has quit [Quit: leaving]
hyphon81 has quit [Remote host closed the connection]
sary_ has joined #nixos
sary_ has quit [Client Quit]
jrolfs__ has quit [Ping timeout: 260 seconds]
jrolfs has quit [Ping timeout: 248 seconds]
<Aleksejs>
clever: this model has a very strange firmware - they cut a lot of things from it and moved to their windows app called Vantage. I needed to install windows (including ~4 hours of updates) and that app to just be able to use F1-F12 keys without pressing Fn
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] corpix opened pull request #33407: Fixed airmon complaining about tools (master...fix/airmon-start) https://git.io/vNehy
NixOS_GitHub has left #nixos [#nixos]
<clever>
Aleksejs: wtf?
jrolfs has joined #nixos
<Aleksejs>
yeah, you need to use Fn in combination with F1-F12, and to disable that you need to install windows and that app because they took that option out from BIOS setup
<gchristensen>
gros
<clever>
i havent seen that kind of thing since the 486 era
joelpet has quit [Remote host closed the connection]
<clever>
i have a computers from that era, where the bios is configured from dos
<samueldr>
no entropy means easier reproducible builds, right?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] mekeor closed pull request #31722: mu: correctly install mu4e by moving it to emacs' load-path. (master...master) https://git.io/vF1Mu
NixOS_GitHub has left #nixos [#nixos]
<dhess>
samueldr: heheheheeh
<samueldr>
dhess: any progress on NixOS on C1? (I'm still building the kexec thing)
<dhess>
samueldr: nah, I just saw your comment on the wiki, as a matter of fact.
thc202 has quit [Ping timeout: 248 seconds]
<samueldr>
I need to go through a fulll kernel build on-device, on my (underpowered) armv7l device, in ~10 hours I'll be able to test :)
<samueldr>
to their defense, about the entropy issue, other ARM systems have similar issues, raspberry pi (at least the original) had that
<dhess>
samueldr: I don't think the stuff on the other Scaleway wiki page applies to the C1s because they're this strange "bare metal" thing that boots off network-attached storage
<samueldr>
I've read just enough about how scaleway works that I *think* it should work for the C1
<dhess>
oh ok
<samueldr>
well, it'll be easy enough to know once the thing is built
<dhess>
well I hope you're right.
<clever>
samueldr: the rpi has a hardware random number generator
<samueldr>
the original one too?
<clever>
i believe so
<samueldr>
maybe I'm misremembering and had the issue with my ODROID board, or that archlinux didn't use the hardware RNG
<dhess>
I wonder if I should be spending my time trying to get armv7l support working on aarch64, instead.
<samueldr>
thing is, I know I had to use haveged on those :(
<dhess>
I guess the cross-compile stuff will fix most of the issues, except for Haskell
nuncanada has quit [Quit: Leaving]
<samueldr>
I'm curious about the cross-compile stuff, but I may have misunderstood a detail
<samueldr>
if I understood correctly, cross-compiled things aren't substitutable(?) to natively compiled, if so, what does the cross-compilation work means for distributed builds?
<samueldr>
oh, dhess, if you ever play around the scaleway C1 before I'm able to test things, the scw CLI tool is pretty neat, you can boot and attach to a server for the early initrd, and debug it
<samueldr>
I may have misunderstood something, that's all informations that seeped in my brain through leisurely reading the chats during the past weeks
<_alice_>
Trying to do nixos-rebuild switch I get a fatal error when it tries to install nvidia-x11-384.98-4.9.73 "atal error: linux/sched/task_stack.h: No such file or directory"
<_alice_>
Am I the only one? How would I fix this?
<MP2E>
ah yep, looks like the patch to fix the nvidia driver for 4.14.9 needs to be properly #ifdef'd by kernel version
jrolfs__ has joined #nixos
<_alice_>
Is there a temporary workaround I can do to reload now?
jrolfs has joined #nixos
<MP2E>
oh huh it's not our patch, guess it's upstream
<yegortimoshenko>
it is our patch
<yegortimoshenko>
linux/sched/task_stack.h should always be available, regardless of kernel version
<MP2E>
ah hmmm
<_alice_>
;s am I gonna have to wait for a fix?
sirkha has joined #nixos
<MP2E>
to rebuild yeah, but your current environment isn't broken or anything. It doesn't actually switch your profile over until everything successfully rebuilds
<yegortimoshenko>
_alice_: what kernel do you use?
<yegortimoshenko>
4.9, or 4.14?
chreekat has quit [Ping timeout: 276 seconds]
<_alice_>
uname -a
<_alice_>
Linux ingsoc 4.9.72 #1-NixOS SMP Mon Dec 25 13:23:47 UTC 2017 x86_64 GNU/Linux
chreekat has joined #nixos
<sirkha>
hi, if i want to use a nix expression that contains 'pkgs ? import <nixos-unstable> {}' do I need to modify NIX_PATH? I have added it using nix-channels, but it gives an error when i try to run it.
<yegortimoshenko>
oh, i was wrong about task_stack.h, it was recently introduced
<yegortimoshenko>
thanks, MP2E! yes, the right way is #ifdef
<yegortimoshenko>
_alice_: temporary workaround would be to use 4.14 kernel
<gchristensen>
everyone: (1) use nixos-17.09 (2) boot.kernelPackages = pkgs.linuxPackages_latest;
<gchristensen>
(3) you're protected from meltdown
<samueldr>
but I haven't rebuilt yet!
oahong has quit [Quit: 暂离]
<gchristensen>
ehh :P
<_alice_>
Now there's a whole new error, "/nix/store/dqs3pbjm04hm296hyhp85dyh189xrfl6-linux-4.14.10-dev/lib/modules/4.14.10/source/Makefile:939: *** "Cannot generate ORC metadata for CONFIG_UNWINDER_ORC=y, please install libelf-dev, libelf-devel or elfutils-libelf-devel". Stop."
<_alice_>
installing libelf does not fix
<samueldr>
yeah, installing it won't change the derivation... but that's weird, I though this was a 4.15 thing
<gchristensen>
_alice_: can you run nix-info?
<MP2E>
nah it happens from 4.14.9 onwards unfortunately, but that's odd... I thought we fixed all those errors
pjan_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<yegortimoshenko>
fpletz: do you perhaps know why linuxPackages_latest.kernel.moduleBuildDependencies attribute is missing on unstable but present on nixos-17.09?
<fpletz>
wat \o/
<fpletz>
yegortimoshenko: why wouldn't it exist? grepping for it yields some results
<MP2E>
huh, that is odd, it's definitely in the git tree
<MP2E>
been there for at least a few days
<yegortimoshenko>
the expression i've sent to _alice_ above works if nixpkgs points to nixos-17.09 nixpkgs branch, but doesn't work on nixos-unstable channel
<MP2E>
maybe nixos-unstable is out of date, currently?
<yegortimoshenko>
MP2E: perhaps, i'll check on master
<MP2E>
huh, says nixos-unstable was updated 2 days ago on the nixpkgs-channels repo on github
<MP2E>
it should be in then
<MP2E>
odd
atrx_ has joined #nixos
<_alice_>
Still errors out "
<_alice_>
/nix/store/y81xhkvj6jakznwkdlw0l0gyzvjb1ip0-builder.sh: line 69: nuke-refs: command not found
<_alice_>
builder for ‘/nix/store/dd3b6sdia99hf3f5f6b0d0xnfwp04vbf-nvidia-x11-384.98-4.14.10.drv’ failed with exit code 127
<_alice_>
error: build of ‘/nix/store/dd3b6sdia99hf3f5f6b0d0xnfwp04vbf-nvidia-x11-384.98-4.14.10.drv’ failed
oahong has joined #nixos
jb55 has joined #nixos
Ridout has quit [Ping timeout: 260 seconds]
<yegortimoshenko>
fpletz, MP2E: sorry for false alarm! it isn't present on last week's nixos-unstable channel but works in master
<fpletz>
phew, you had me really worried there for a bit… thought I messed up backporting the commits :)
<fpletz>
but weird that the nixpkgs-channels repo seems to be out of sync with the actual channel release
rogue_koder_ has quit [Remote host closed the connection]
atrx has quit [Ping timeout: 260 seconds]
<fpletz>
fpletz: the nixos-unstable branch is actually in sync with the current unstable channel release
<fpletz>
that's why channels are weird: they have state that has to be updated manually with nix-channel --update :)
macslayer has quit [Ping timeout: 260 seconds]
mizu_no_oto has joined #nixos
<yegortimoshenko>
_alice_: and, this one should do it...
<yegortimoshenko>
fpletz: at least there is only one repo, otherwise state would have to be coordinated between multiple channels
phreedom has quit [Ping timeout: 240 seconds]
<_alice_>
That finally did it!
<yegortimoshenko>
_alice_: i've just built it too :-)
<MP2E>
nice!
<_alice_>
I used to use Arch for like 4 years. I ran into spooky bugs I couldn't google like this a couple times a week and I usually had to do something hacky. First problem I've had got fixed in minutes, thanks guys
jrolfs has joined #nixos
<_alice_>
I've only been using nix for like a week and a half so it makes sense that I'm not a wizard yet, but how do I get to you guys
<_alice_>
In terms of level of understanding
<yegortimoshenko>
_alice_: contribute!
<_alice_>
The nix manual and wiki IME have been extremely underwhelming but the people here are wizards
jrolfs__ has joined #nixos
<MP2E>
bit of an odd day, I'm sure our maintainers were pressured to backport the newest kernel quickly because of the meltdown bug, generally things are a bit more stable :)
<MP2E>
yeah the documentation is spread around a bit, the story is a bit complicated. We had an old legacy wiki, and a while back it was decided to discontinue to wiki in favor of contributing more to the manuals. But then we didn't have a good place for odd fixes here and there, which a wiki is good at
<MP2E>
so now we have a wiki again but with a lot of info copied over from the old wiki
<samueldr>
there is a wiki page about the story of the wiki!
<MP2E>
generally speaking, I google for some documentation, then use the tool grep or rg to check the source tree and dive right in, and ask questions here if that fails
<MP2E>
diving into the source sounds scary but there are some really well written packages that showcase solutions for most packaging problems you'll run into
<MP2E>
diving into nix can be quite fun
<samueldr>
yeah, that's something that may hamper some documentation effort... once you know enough, it sometimes is just as easy to look at the nix sources :S
<MP2E>
yeah I tend to do that :v oops
<samueldr>
(imho)
<srk>
heh, pretty hard to google hail
<samueldr>
as if hail hydra woule help :)
<srk>
got used to hydra nix, but hail hydra nix .. :D
<MP2E>
hahah
<srk>
won't give right answer either :D
phreedom has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] thoughtpolice pushed 1 new commit to master: https://git.io/vNvUJ
<samueldr>
most people conflates x86 with x86_64 since there's virtually been no x86 hardware released for years
chreekat has joined #nixos
<eacameron>
samueldr: Thank you!
<yegortimoshenko>
spectre is a bug in most out-of-order execution chips, not just from intel
<MP2E>
4.14.11 has the KPTI patch which fixes the intel vulnerability yes, it is in the release channel right now, but some kernel modules may be broken due to a backport from 4.15 landing in 4.14.9 which requires libelf. The issues are all fixed on nixos-unstable and git master, but I don't think everything has been backported to the release channels quite yet
<samueldr>
weirdly, I was able to build with nvidia without issue on 17.09, with updated channel
<eacameron>
samueldr: Do you know if older channels are slated to get this update too?
<_alice_>
Hmm yeah idk if this is expected behavior but I still can't build after nix-channel --update
<samueldr>
AFAIK, anything before 17.03 definitely won't, it probably won't hit 17.03
<yegortimoshenko>
_alice_: you might be able to drop this hacky fix and revert it back to `boot.kernelPackages = pkgs.linuxPackages_latest` if you update nixos channel. also, issue that forced the latest kernel has been fixed, and will be available in a few days, e.g. if you run nixos-rebuild with --upgrade flag
<yegortimoshenko>
that's the same problem back again :-(
<MP2E>
yep that's the "module fixes not being backported from nixos-unstable" thing I was talking about :<
<_alice_>
oshit
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] fpletz pushed 2 new commits to master: https://git.io/vNvU6
<NixOS_GitHub>
nixpkgs/master f8fd0b7 Franz Pletz: zcash: 1.0.12 -> 1.0.13...
<samueldr>
I'm still weirded out by the fact that I haven't hit any issue
<MP2E>
still, glad you pointed that out, we gotta know which ones are broken
<yegortimoshenko>
MP2E: not broken in master, my guess is that _alice_ might have stale nixos channel
<MP2E>
ah yeah, that would explain some things!
<_alice_>
Oh no, what's that mean and how do i fix it
<yegortimoshenko>
_alice_: run `sudo nixos-rebuild --upgrade switch`, you can also drop (or comment) that nasty snippet and revert it to `boot.kernelPackages = pkgs.linuxPackages_latest;`
<_alice_>
Done, will this fuck me later? Or is this a one-time thing that I won't have to clean up in the future
<yegortimoshenko>
if there are any other broken modules, i'll fix them right away. there has been a kernel cleanup just a few days ago, and things are wrecked.
<yegortimoshenko>
_alice_: this is a one-time thing.
<_alice_>
Awesome
macslayer has joined #nixos
steshaw has quit [Quit: Connection closed for inactivity]
jrolfs__ has joined #nixos
jrolfs has joined #nixos
atrx has joined #nixos
macslayer has quit [Ping timeout: 256 seconds]
atrx_ has quit [Ping timeout: 248 seconds]
macslayer has joined #nixos
coot has joined #nixos
schoppenhauer has quit [Ping timeout: 272 seconds]
schoppenhauer has joined #nixos
chreekat has quit [Ping timeout: 265 seconds]
chreekat has joined #nixos
yegortimoshenko has left #nixos ["ERC (IRC client for Emacs 27.0.50)"]
jrolfs__ has quit [Ping timeout: 264 seconds]
jrolfs has quit [Ping timeout: 248 seconds]
mizu_no_oto has quit [Quit: Computer has gone to sleep.]
macslayer has quit [Ping timeout: 248 seconds]
asuryawanshi has joined #nixos
<_alice_>
I have a question, I've heard that it's possible to reproduce an entire Nix system, is this true? When I installed nix I made an oopsie and made my root directory too small, can I live-resize btrfs volumes to shrink home and grow root, or would I need to reinstall and recreate the entire system?
pjan_ has joined #nixos
jrolfs has joined #nixos
jrolfs__ has joined #nixos
srhb has quit [Quit: Quit]
srhb has joined #nixos
<samueldr>
for the system, it is relatively easy, as long as you have the configuration.nix (and dependents)
jrolfs has quit [Ping timeout: 248 seconds]
jrolfs__ has quit [Ping timeout: 260 seconds]
<samueldr>
I'm keeping four computers synchronized through one git repo, only thing I did manually was setup the filesystems
asuryawanshi has quit [Remote host closed the connection]
<samueldr>
unless you had something more specific you wanted to know, _alice_
<srhb>
_alice_: Note that the usual caveats apply when modifying partitions. If you don't backup, make sure you're ready to make peace with your losses. :-)
<_alice_>
Thanks for the info <3
<hyphon81>
The nvidia driver 387.22 can be built, so I'd like to use it. But bumblebee use the default driver even if I wrote bumblebee.override { nvidia_x11 = new_driver;}.
<vaibhavsagar>
ertes: if you're using fetchFromGitHub it's equivalent to `nix-prefetch-url --unpack https://github/<owner>/<repo>/archive/<sha1>.tar.gz`
Sonarpulse has joined #nixos
<hyphon81>
Hmm, I can't use cuda immediately.
<ertes>
vaibhavsagar: no, i only reference local copies
<vaibhavsagar>
fair enough
sary has quit [Ping timeout: 240 seconds]
sary has joined #nixos
hals has joined #nixos
orivej has joined #nixos
hyphon81 has quit [Remote host closed the connection]
jb55 has quit [Quit: WeeChat 1.9]
jb55 has joined #nixos
hyphon81 has joined #nixos
blahdodo has quit [Quit: Bye bye]
asuryawanshi has joined #nixos
ertes has quit [Quit: Bye!]
hyphon81 has quit [Remote host closed the connection]
ertes has joined #nixos
asuryawanshi has quit [Ping timeout: 240 seconds]
b0ng0x36 has joined #nixos
<MP2E>
I'm late, but if you're using local copies, I assume you want the hash to avoid unnecessary rebuilds. Another way of doing this is to use 'src = lib.cleanSource ~/local/path/to/source;'
<MP2E>
(in your nix derivation for that specific package)
jrolfs__ has joined #nixos
oida has joined #nixos
orivej has quit [Ping timeout: 240 seconds]
jrolfs has joined #nixos
blahdodo has joined #nixos
coot has quit [Quit: coot]
blahdodo has quit [Quit: Bye bye]
chreekat has quit [Ping timeout: 250 seconds]
chreekat has joined #nixos
blahdodo has joined #nixos
oida has quit [Ping timeout: 265 seconds]
zzamboni has joined #nixos
jrolfs__ has quit [Ping timeout: 240 seconds]
jrolfs has quit [Ping timeout: 240 seconds]
periklis has joined #nixos
phreedom has quit [Quit: No Ping reply in 180 seconds.]
<fearlessKim[m]>
ertes: google for fetchGitHashless, this way you don't need a hash
jrolfs has joined #nixos
<fearlessKim[m]>
(I wish that function were in nixpkgs)
phreedom has joined #nixos
dan_b has joined #nixos
jrolfs has quit [Ping timeout: 256 seconds]
jmiven has quit [Quit: co'o]
jmiven has joined #nixos
orivej has joined #nixos
zzamboni has quit [Quit: Leaving.]
sigmundv__ has joined #nixos
jrolfs__ has joined #nixos
zzamboni has joined #nixos
jrolfs__ has quit [Ping timeout: 252 seconds]
chreekat has quit [Ping timeout: 250 seconds]
chreekat has joined #nixos
orivej has quit [Ping timeout: 264 seconds]
jrolfs has joined #nixos
jrolfs__ has joined #nixos
slyfox has quit [Quit: :)]
therp has joined #nixos
la_putin has joined #nixos
jrolfs has quit [Ping timeout: 252 seconds]
Itkovian has joined #nixos
jrolfs__ has quit [Ping timeout: 252 seconds]
zzamboni has quit [Read error: Connection reset by peer]
zzamboni1 has joined #nixos
el_putin has quit [Read error: Connection reset by peer]
jrolfs__ has joined #nixos
jrolfs has joined #nixos
asuryawanshi has joined #nixos
slyfox has joined #nixos
jrolfs has quit [Ping timeout: 256 seconds]
jrolfs__ has quit [Ping timeout: 260 seconds]
steshaw has joined #nixos
asuryawanshi has quit [Remote host closed the connection]
asuryawanshi has joined #nixos
typetetris has joined #nixos
orivej has joined #nixos
sigmundv__ has quit [Ping timeout: 252 seconds]
klntsky has joined #nixos
Tucky has joined #nixos
asuryawanshi has quit [Ping timeout: 248 seconds]
asuryawanshi has joined #nixos
therp has quit [Remote host closed the connection]
jensens has joined #nixos
dan_b has quit [Ping timeout: 248 seconds]
asuryawanshi has quit [Ping timeout: 240 seconds]
hotfuzz_ has joined #nixos
hotfuzz has quit [Ping timeout: 265 seconds]
zzamboni1 has quit [Quit: Leaving.]
jrolfs has joined #nixos
jrolfs__ has joined #nixos
<vaibhavsagar>
can I override gcc for a mkDerivation?
jrolfs__ has quit [Ping timeout: 248 seconds]
<LnL>
yes, adding to buildInputs usually works
jrolfs has quit [Ping timeout: 268 seconds]
b0ng0x36 has quit [Ping timeout: 240 seconds]
<LnL>
otherwise use overrideCC
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vNvGm
<NixOS_GitHub>
nixpkgs/master e538e00 Maximilian Bosch: test-driver: support testing user units...
<vaibhavsagar>
but I think I need it wrapped if I want to overrideCC
jrolfs has joined #nixos
jrolfs__ has joined #nixos
i-am-the-slime has joined #nixos
jrolfs has quit [Ping timeout: 240 seconds]
DUszx has joined #nixos
jrolfs__ has quit [Ping timeout: 248 seconds]
asuryawanshi has quit [Remote host closed the connection]
asuryawanshi has joined #nixos
Arcaelyx_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<LnL>
you'll loose things like cc.isGNU if you do that, maybe that's causing issues
<LnL>
what's the exact error?
<vaibhavsagar>
error: attribute ‘gcc’ missing, at /nix/store/gjh2ipc9nm9n0wi805l796574nw0bm35-nixos-17.09.2600.0b30c1dd4c6/nixos/pkgs/build-support/cc-wrapper/default.nix:51:27
justanotheruser has quit [Ping timeout: 240 seconds]
<vaibhavsagar>
because 'cc.gcc' doesn't exist(???)
<LnL>
yeah I think so
<vaibhavsagar>
this makes no sense to me though
betaboon has joined #nixos
<vaibhavsagar>
there's stdenv.cc
<vaibhavsagar>
and stdenv.cc.cc
<vaibhavsagar>
but cc.gcc?
typetetris has joined #nixos
* LnL
wants to kill default_cxx_stdlib_compile
ThatDocsLady has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peterhoeg opened pull request #33415: hyperv-daemons: package and nixos module (master...p/hv) https://git.io/vNvWb
NixOS_GitHub has left #nixos [#nixos]
klntsky has quit [Ping timeout: 272 seconds]
FRidh has joined #nixos
jrolfs__ has joined #nixos
jrolfs has joined #nixos
zzamboni has joined #nixos
pjan_ has joined #nixos
pjan_ has quit [Client Quit]
chreekat has quit [Ping timeout: 255 seconds]
chreekat has joined #nixos
jrolfs has quit [Ping timeout: 256 seconds]
<LnL>
vaibhavsagar: pretty sure adding isGNU = true; will fix that
<vaibhavsagar>
adding it where, sorry?
jrolfs__ has quit [Ping timeout: 264 seconds]
<LnL>
the extra attributes of runCommand
<vaibhavsagar>
wrapCC takes only one argument AFAIK which is the unwrapped CC
<vaibhavsagar>
ah
<vaibhavsagar>
wow, it worked!
<LnL>
the cc-wrapper has some weird logic to make clang use stdlibc++ on linux
zzamboni has quit [Quit: Leaving.]
samtoday has joined #nixos
<samtoday>
Is nixos.org down or is that just for me?
zzamboni has joined #nixos
hyphon81 has joined #nixos
oahong has quit [Ping timeout: 260 seconds]
swayf has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
<hyphon81>
The nix-channels seems busy?
oahong has joined #nixos
coot has joined #nixos
<srhb>
hyphon81: What does that mean?
<srhb>
samtoday: Looks like it's down.
atrx has quit [Ping timeout: 240 seconds]
<hyphon81>
srhb: I can not update nix-channel.
<srhb>
hyphon81: Probably the same issue, outage on nixos.org
<srhb>
I wonder if that's cloudfront borking out.
<samtoday>
Unfortunate
<srhb>
Hm, no, that's probably only the actual artifacts..
<hyphon81>
Oh, it's unfortunately.
<dhess>
well that seems like a sign it's time to sleep
puckipedia has quit [Quit: *eh*]
ebzzry has joined #nixos
<ebzzry>
What happened to nixos.org?
<srhb>
Possibly an AWS reboot. Not a lot of information yet. :)
<DUszx>
i would like to use nix-shell to provide a environment including all dependencies to get my webapp running. part of the webapp is nginx, and i need to configure it. i want to access the file `mime.types` which is installed, but in `${pkgs.nginx}`. is there a way to locally generate a config file with access to this variable? thx!
<srhb>
DUszx: So all the machinery for generating an nginx config is NixOS-specific, but you can borrow from there.
<srhb>
DUszx: And of course you can reference "${pkgs.nginx}/whatever/file" as you see fit in your shell.nix file
asuryawanshi has quit [Ping timeout: 252 seconds]
<DUszx>
srhb: i already new about `shellHook` but i did not know that variable interpolation is available there. very cool. so i will just build my config file with some bash scripts started from there, or is there a better way?
<srhb>
DUszx: It's a matter of taste I guess. I'd probably set up a NixOS container for this sort of thing, so I get access to the NixOS goodies for setting up nginx, but without that I don't really know of a nice way.
SOO7 has joined #nixos
ent has joined #nixos
<niksnut>
looks like nixos.org did not survive the first reboot in > 3 years
<srhb>
RIP. :)
<aminechikhaoui>
:D
<ent>
ah, I just had to join the channel and I got the answer :)
mekeor has quit [Quit: digital revolution = cryptoanarchism + cybercommunism]
<DUszx>
srhb: okay. thanks a lot! i will ask a search engine about 'nixos container' and see if i can wrap my head around this
<mpickering>
Is there a sensible way to specify multiple inputs for a derivation?
<srhb>
DUszx: It will only help you if you have NixOS already though.
ixxie has joined #nixos
<nwspk>
DUszx: NixOS containers are just systemd-nspawn containers with a bit of nixification
jrolfs__ has joined #nixos
periklis has quit [Ping timeout: 265 seconds]
jrolfs has joined #nixos
<DUszx>
srhb: oh. it's a pity :-/ i just want to use the nix-pkgs as a dependency manager, so i don't have the whole os
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] idontgetoutmuch closed pull request #33334: Add the python package 'us' and update 'jellyfish' (master...master) https://git.io/vbhUh
NixOS_GitHub has left #nixos [#nixos]
typetetris has quit [Quit: Page closed]
<ixxie>
To what extent is it a security risk to have my NixOS configs on github?
<srhb>
ixxie: Uh... Does it contain secrets?
<ixxie>
no, but what I am concerned about is the extra information an attacker may have on my system
<srhb>
Well, if that concerns you, it's a security concern.
<ixxie>
they may be able to deduce the versions of all my packages
<srhb>
Especially if you're pinning, yes.
<ixxie>
yeah
<ixxie>
I am not pinning though
<ixxie>
so thats good I guess
brodul has quit [Quit: My hovercraft is full of eels!!]
brodul has joined #nixos
__Sander__ has joined #nixos
<nwspk>
I can't fetch updates because nixos.org is down. Is there some kind of redundancy like on other distributions?
asuryawanshi has joined #nixos
puckipedia has joined #nixos
<srhb>
nwspk: You mean you cannot update your channel, right? I don't think the binary cache is down.
<nwspk>
srhb: yes
<srhb>
nwspk: If it's very important to you, you can always fetch nixpkgs from github at whatever revision you want and point nixos-rebuild at that.
<nwspk>
Oh.. ehm yes, of course. Thanks.
<srhb>
:)
chreekat has quit [Ping timeout: 252 seconds]
chreekat has joined #nixos
sary has quit [Ping timeout: 264 seconds]
NixOS_GitHub has joined #nixos
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] the-kenny opened pull request #33416: Emacs `site-lisp` subdirectory support (master...emacs-site-lisp-subdirectory-support) https://git.io/vNvuJ
<markus1199>
can somebody explain to me the use of 'runCommand'? I sometimes see it with a name and also often only with "dummy"
<symphorien>
I think it puts the output of the command in a file named after this parameter
<symphorien>
sometimes you just don't care about the name
orivej has quit [Ping timeout: 246 seconds]
orivej has joined #nixos
<markus1199>
symphorien: aha makes sense :)
sigmundv__ has joined #nixos
nico202 has joined #nixos
davidcl has joined #nixos
<srhb>
symphorien markus1199: It doesn't put anything in a file by itself, but you get $out to play around with
<srhb>
iirc.
ma27 has quit [Ping timeout: 252 seconds]
orivej has quit [Ping timeout: 260 seconds]
i-am-the-slime has quit [Ping timeout: 260 seconds]
<davidcl>
hi all, I have issues accessing https://nixos.org ; is there any known issue on the server or does it comes from my network ?
<mpickering>
it is down
jrolfs__ has quit [Ping timeout: 255 seconds]
jrolfs has quit [Ping timeout: 255 seconds]
michaelpj_ has joined #nixos
<markus1199>
srhb: I think I recall that I saw most of the "dummy" usage with nix-shell
<markus1199>
I guess it is only used to pull in dependencies for the shell
<srhb>
markus1199: That's one handy usage at least. It's used a lot.
<markus1199>
playing with it on nix-repl, `:b runCommand "foo" {} "echo foo"` does indeed not produce any outpout on it's onw
<srhb>
At least transitively :)
orivej has joined #nixos
<srhb>
"echo foo > $out" should
<markus1199>
Okay I think this makes it a little more clear ;)
nico202 has quit [Quit: Leaving]
Yotam has joined #nixos
<Yotam>
I am have a wxHaskell project that I can't use nix integration with stack to build because of a bug with ldconfig, is there a way for me to just build it using only stack?
ma27 has joined #nixos
jensens has quit [Ping timeout: 264 seconds]
<Orbstheorem>
Hi, I have a question that is more systemd-related but I tryed on #systemd without luck so maybe you could help: I have units {a,b,c}.service
<Orbstheorem>
a.service is oneshot, has RemainAfterExit=yes, PrivateNetwork=yes, MountFlags = "private" and eventually runs "mount -t sysfs %i-sysfs /sysfs"
<Orbstheorem>
b.service is oneshot, has Requires,RequiredBy,After=a.service and RemainAfterExit=yes
<Orbstheorem>
c.service is DBus, has After,BindsTo=b.service, JoinsNamespaceOf=a.service, PrivateNetwork=yes, MountFlags="private"
<Orbstheorem>
I would like c.service to see the sysfs mounted by a.service, but this is not the case. They are in the same network namespace though (tested with nsenter --all -t ${pid of c.service})
<Orbstheorem>
How can I access the mnt namespace of a.service in c.service?
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos
nithor_ is now known as nithor
nithor has quit [Changing host]
nithor has joined #nixos
jensens has joined #nixos
<srhb>
Orbstheorem: The manual seems to imply that PrivateTmp needs to be set to true explicitly in order to share it
<srhb>
via JoinsNamespaceO
<srhb>
Of*
orivej has quit [Ping timeout: 240 seconds]
asdfoiawe has joined #nixos
asdfoiawe has quit [Client Quit]
asdfoiawe has joined #nixos
fendor has joined #nixos
<marek>
niksnut: you are serious nixos.org hasn't been rebooted in 3+ years? :)
<niksnut>
yup
<fendor>
uhmmm, did nixos.org die?
<srhb>
fendor: Yup.
jensens has quit [Ping timeout: 260 seconds]
aarvar has joined #nixos
<fendor>
what happened? :(
<srhb>
fendor: It didn't survive the (aws-mandated) reboot.
<gchristensen>
niksnut: can I help? do you need help?
Synthetica has joined #nixos
erictapen has quit [Remote host closed the connection]
erictapen has joined #nixos
Tucky has quit [Quit: WeeChat 2.0.1]
pjan_ has joined #nixos
arianvp2 has joined #nixos
Neo-- has joined #nixos
<fendor>
nice
chreekat has quit [Ping timeout: 240 seconds]
<ocharles>
gchristensen: if you can tweet as nixos, I think that would be worth doing
<gchristensen>
I can't
<gchristensen>
I don't even know who can :o fpletz do you know?
<ocharles>
Updating the topic here would also be a good idea to avoid the "Is nixos.org down?"
<fpletz>
maybe garbas?
<gchristensen>
garbas sounds promising
chreekat has joined #nixos
<fpletz>
in the meantime: channel releases are also available on https://channels.nixos.community/ and independant of nixos.org, so new channels releases do happen there
<garbas>
gchristensen: fpletz: dont have access to nixos_org account
<garbas>
niksnut: is maybe rob sitting next to you? :)
raving has joined #nixos
raving has quit [Client Quit]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Ma27 opened pull request #33418: test-driver: mention `$user` argument in the NixOS manual and the Impala release notes (master...test-driver/mention-changes-in-manual) https://git.io/vNvVp
NixOS_GitHub has left #nixos [#nixos]
raving has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] domenkozar closed pull request #1773: Fix RPM builds by increasing VM memory size (master...fix-hydra-rpm-builds) https://git.io/vbjTJ
NixOS_GitHub has left #nixos [#nixos]
jrolfs has joined #nixos
<Orbstheorem>
srhb: I PrivateNetwork,PrivateTmp=yes MountFlags=private on a,b,c and still nothing :(
<aminechikhaoui>
gchristensen: you guys planning on sending something about the spectre/meltdown thingy, for instance I don't know if the kernel patches that are available so far are backported to all LTS versions or certain and if that's applied in nixpkgs or not
asuryawanshi has quit [Remote host closed the connection]
asuryawanshi has joined #nixos
<ocharles>
yay, --upgrade time
phobic5 has joined #nixos
noxid has joined #nixos
<noxid>
whats wrong with nixos.org?
<gchristensen>
noxid: it should be good now, what are you seeing?
<noxid>
ah, up again. Sorry, browser chache...
<noxid>
may I ask what the issue was?
<gchristensen>
a reboot for KAISER / KPTI patches :)
<srhb>
What's the modular way of settings nixpkgs in a nixos module? nixos/lib/eval-config.nix contains this comment for the pkgs argument: "is this argument needed any more? The pkgs argument can be set modularly anyway."
<noxid>
I see
<noxid>
thanks :)
samtoday has quit [Ping timeout: 248 seconds]
<betaboon>
hello #nixos. I'm currently struggling with getting fetchgitprivate to work. I'm using nixops in a nix-shell somewhat like this: https://gist.github.com/betaboon/0e8ec16fc6a3c35331239fd43ea8a821 . i created a password-less ssh-keypair and added the public key as a deploy key to the github-repository that i want to fetch from. but i keep running into "no such identity: ...../id_rsa: Permission denied". does
<andi->
Anyone successfully using the gnome-bluetooth tools with nixos-unstable? I am running in some obscure gtk error (Namespace Gtk not available)
<betaboon>
lewo``: yeah i looked at that, i prefer not to use a github-only solution + i prefer using ssh-keys
tusj has joined #nixos
chreekat has quit [Ping timeout: 252 seconds]
chreekat has joined #nixos
<lewo``>
betaboon: at least, you can write your own fetcher by passing your key in an environment variable. You can look for impureEnvVars in https://nixos.org/releases/nix/nix-0.11/manual. But I agree, this is not really convenient...
asdfoiawe has quit [Remote host closed the connection]
jensens has quit [Ping timeout: 268 seconds]
asuryawanshi has quit [Remote host closed the connection]
ThatDocsLady has quit [Remote host closed the connection]
ThatDocsLady has joined #nixos
sary has quit [Ping timeout: 264 seconds]
user__ has joined #nixos
dupndrop has quit [Ping timeout: 240 seconds]
oahong has quit [Remote host closed the connection]
i-am-the-slime has quit [Ping timeout: 252 seconds]
Isorkin has quit [Ping timeout: 240 seconds]
oahong has joined #nixos
macslayer has joined #nixos
seanparsons has quit [Quit: ZNC 1.6.5 - http://znc.in]
macslayer has quit [Remote host closed the connection]
<mg_>
down again?
zzamboni has quit [Ping timeout: 268 seconds]
<joko>
Hello, I would like to place some directories in a common parent, so that programs could scan the parent and find all the proper files. Any ideas on how to do so with Nix?
<lassulus>
hmm, seems also down for me
seanparsons has joined #nixos
rotaerk has quit [Ping timeout: 252 seconds]
<ixxie>
joko I am not sure I understand the question
<BlessJah>
gchristensen: ERROR: cannot verify nixos.org's certificate, issued by ‘CN=www.example.com,O=Dis,L=Springfield,ST=Denial,C=NL’:
<srhb>
gchristensen: Which certs? Is chrome lying to me?
<gchristensen>
probably cached, srhb
<srhb>
:|
<lassulus>
everything is fine here now
<gchristensen>
wat
sary has joined #nixos
<symphorien>
I confirm certs are bad
<gchristensen>
BlessJah, ben: fixed?
<hyphon81>
fine now
<Synthetica>
Did qt5: 5.9.1 -> 5.9.3 break basically all qt applications for anyone else?
<symphorien>
ah yes a reload did the trick
<BlessJah>
gchristensen: fixed
zzamboni has joined #nixos
<joko>
ixxie: I have something like pkgA/share, pkgB/share, where pkgX is the nix store path. I would like to have a metapackage (?) or so, so that I place symlinks of the share dirs inside pkgMeta/share... Hope it's more understandable now
<gchristensen>
niksnut: sorry, false alarm, something went weird for a minute.
klntsky has quit [Remote host closed the connection]
jrolfs__ has joined #nixos
phobic5 has quit [Changing host]
phobic5 has joined #nixos
jrolfs has joined #nixos
<niksnut>
gchristensen: yes my bad
<lassulus>
sounds like it was the preliminary self-signed certificate before letsencrypt kicked in
<srhb>
joko: buildEnv does exactly that.
<joko>
srhb: Do you have any nix file I could read?
<gchristensen>
niksnut: ahh ok :D
<gchristensen>
the nixos community is fast
<Synthetica>
I get errors like "[FATAL] Cannot mix incompatible Qt library (version 0x50901) with this library (version 0x50903) -- [(null)]" on both apps I tried (albert and wireshark)
<joko>
srhb: I am talking about system packages, though, I am not sure how buildEnv could fit
dan_b has joined #nixos
zzamboni has quit [Remote host closed the connection]
<srhb>
joko: Hmm, not sure why that would change anything?
<Synthetica>
BlessJah: Is there a way to at least fix it on my machine?
<srhb>
joko: (What do you mean by system packages?)
<BlessJah>
Synthetica: solution was to remove all packages depending on qt and installing them again
<Synthetica>
-_-
<joko>
srhb: I mean packages that will eventually face environment.systemPackages or so
peacememories has joined #nixos
<Synthetica>
Is there a way to list all the packages I would need to remove?
<srhb>
joko: I still don't see why that has any bearing on it. can you elaborate on your concern?
raynold has quit [Quit: Connection closed for inactivity]
<joko>
srhb: And would that be ok with circular dependencies?
<srhb>
joko: Errrrrrr... As in packageA depends on pkgMeta?
<joko>
srhb: ok, let me explain a bit more....
<joko>
srhb: yes
<srhb>
Please :-)
<BlessJah>
Synthetica: there is nixpkgs issue opened somewhere
<joko>
I am trying to package pacemaker and some other packages (resource-agents etc.) and all those packages deploy stuff on a shared directory called OCF_ROOT. I was wondering how to approach this
<srhb>
If you can create it deterministically you could create it out-of-band (ie. pkgC) and make both of them depend on that at build or runtime.
<joko>
srhb: But how to create it out-of-band when its contents are going to be symlinks of directories found in the packages?
<srhb>
I would factor it out entirely, if possible.
<srhb>
ie. not include it in either pkgA or pkgB
<srhb>
They need this common env at runtime thought, right?
<srhb>
though*
fyuuri has joined #nixos
<joko>
srhb: Yes... The installation also tries to create the directories, set permissions etc., but I guess I could patch this part
<samae>
Hi, I need to run an application dependant on Centos7 filesystem tree, with NixOS as a host, and in an automated way. What would be the most fitting container tool?
<Synthetica>
chroot?
<deltasquared>
Synthetica: well, with a bit of boilerplate, yeah
<samae>
I tried buildFHSUserEnv already, but /etc is not writable in this case
pjan_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<samae>
(this application thinks it's the absolute king of the hill btw)
<deltasquared>
samae: we talking complex-runs-as-root thing here?
fendor has quit [Ping timeout: 248 seconds]
<samae>
almost, but not running as root fortunately
<Lisanna>
samae: could you make /etc a symlink to somewhere else like /var?
<samae>
Well, I… am lost
<samae>
Lisanna: what do you mean?
<mpickering>
Is there a way to compose overrides together? Which is to say to compose two functions "self: super: ..." such that the overrides combine rather than overwrite each other?
mekeor has joined #nixos
Lisanna_ has joined #nixos
<srhb>
mpickering: Isn't that the usual behaviour?
<Lisanna_>
samae: I mean, with buildFhsUserEnv, maybe you could have /etc be a symlink to some directory tree on /var, so that it can actually write to it
<mpickering>
I am currently using // which is not right?
knupfer has quit [Ping timeout: 276 seconds]
knupfer1 is now known as knupfer
jrolfs__ has joined #nixos
<srhb>
mpickering: If those were overlays that are both loaded (from wherever your overlays are loaded) I think they just compose automagically, with self being the fixpoint.
<mpickering>
they are not overlays
<mpickering>
they are haskell package overrides
<srhb>
Can they become overlays? :-)
<samae>
Lisanna_: you mean, write a modified version of buildFhsUserEnv?
<mpickering>
I don't think so?
Lisanna has quit [Ping timeout: 260 seconds]
<samae>
Yeah I could
<Lisanna_>
samae: if buildFhsUserEnv can't do that, I'm pretty sure environment.etc can create symlinks *inside* of /etc
alexteves has joined #nixos
ebzzry has quit [Ping timeout: 248 seconds]
uwap has joined #nixos
<srhb>
Maybe chrootenv could help.
<samae>
oh, actually it's not /etc that is symlinked, but /etc/systemd ^^
i-am-the-slime has joined #nixos
<srhb>
ow.
<samae>
I think from there I don't have a choice but to go container
<samae>
This app wants to write new units
<samae>
What's the best way to run declarative non-nixos containers?
hals has quit [Ping timeout: 248 seconds]
<samae>
srhb: you're right, I could maybe build something on top of chrootenv
<betaboon>
I'm still completly lost on working with private github-repos on nix-multi-user systems (some macos, some nixos, some ubuntu) i would be realy thankful for any pointers and hints
<gchristensen>
betaboon: IMO? clone the repos outside of nix, then use fetchgit pointing to the local dir, skip Nix handling the secrets
<disasm>
samae: I was playing with systemd.nspawn to run a centos 7 container but never got it completely working right
nuncanada has joined #nixos
<disasm>
gchristensen: genius :) I might have to try that with some private repos
<drp>
the docs say nixos-container isn't secure due to no root seperation, is this still true? If so what is the recommended way? lxd or libvirt containers?
<samae>
disasm: do you feel it's feasable?
<betaboon>
gchristensen: that doesn't sound like a suitable option for my case. some more context: we're using nixops to deploy (into local containers, into local virtualbox and into ec2). we're maintaining a nixpkgs-overlay which holds our own packages and those are hosted in (several) private github-repos. i would realy prefer to have the team just clone the single repo which holds the nixops deployments. we're
<betaboon>
providing a shell.nix for the deployment environment which references a pinned-rev of nixpkgs-channels and i want to have the same pinning mechanism for the overlay.
deltasquared has left #nixos ["my internets, no!"]
<samae>
at least imperatively it works without too much trouble (systemd-nspawn and centos7)
<betaboon>
I'm currently trying to get fetchFromGitHub private=true working. but struggling there too :(
peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<gchristensen>
betaboon: yeah, I hear that, it is an unfortunately very difficult case to handle
<betaboon>
gchristensen: it just feels so hard to believe that noone has gotten that kind of usecase to work yet. it seems so common :/
chreekat has quit [Ping timeout: 240 seconds]
<disasm>
samae: most definitely. I had it working with systemd-nspawn -b -D - My reason for doing it though got resolved so never got it fully working in configuration.nix
chreekat has joined #nixos
<disasm>
and it ran, I just never got networking working to the point I could login to it
<srhb>
betaboon: Maybe you can pretend it's a public repo and use an OAuth token with https cloning?
<srhb>
betaboon: (I never got it to work either)
szicari has joined #nixos
<betaboon>
fetchFromGitHub states it wants a username and password in the nix-daemon env-vars. i am trying to use an access-token there, since I'm using 2FA. but I'm not sure how to get those env-vars to the nix-daemon :/
<srhb>
betaboon: Alternatively you could automate mirroring of the repository and lock that one down via networking rather than ssh keys.
hyphon81 has quit [Quit: No Ping reply in 180 seconds.]
<gchristensen>
betaboon: you could have an script which pulls all the repos then runs nix-build
<gchristensen>
IMO, this is likely the easiest way
Tucky has quit [Quit: WeeChat 2.0.1]
hyphon81 has joined #nixos
cement has joined #nixos
justanotheruser has joined #nixos
justanotheruser has quit [Client Quit]
jrolfs has quit [Ping timeout: 256 seconds]
jrolfs__ has quit [Ping timeout: 250 seconds]
ThatDocsLady_ has joined #nixos
<betaboon>
thanks for all the input. i will try out some of those ideas for sure.
ThatDocsLady has quit [Read error: Connection reset by peer]
<betaboon>
FYI i just got fetchFromGitHub with private=true working by generating an access-token in github and providing username+accesstoken to nix-daemon using nix.envVars. not beautiful but working. (+ignoring all the security questions that might come to mind with doing it this way ...)
<gchristensen>
is that easier or harder to coordinate across all platforms than having script securely fetch the deps?
johnsonav has joined #nixos
hyphon81 has quit [Ping timeout: 252 seconds]
<betaboon>
gchristensen: assuming that i have macos-developers already touch the nix-daemon launch-configuration (for a local virtualbox-build-slave) it should be easy on macos (4 more xml-lines) not quite sure how to achieve the same for my ubuntu-developers.
<betaboon>
gchristensen: so answering your question: this seems way easier than maintaining a script and introducing how-to-information to everyone of the team.
<gchristensen>
I would disagree, but that is okay
MercurialAlchemi has joined #nixos
<betaboon>
tho I am having security concerns with this way. far from optimal non the less
<betaboon>
gchristensen: there are several perspectives i have in mind where i would disagree with myself on this as well xD
<gchristensen>
my approach would involve a git clone --bare and then periodic `git fetch` on it, you'd still `fetchgit` from the local bare version and if they haven't updated recently enough, the fetchgit will fail
ma27 has quit [Ping timeout: 240 seconds]
<betaboon>
taking psycho-social conditions of our team into consideration i find this approach more suited xD
<gchristensen>
:o
mujx[m] has joined #nixos
<srhb>
gchristensen: fail how?
<srhb>
gchristensen: Oh, because the revision isn't there.
<gchristensen>
right
<srhb>
Yeah, it's not a bad solution.
<betaboon>
IMHO the nix-universe should improve on this front in order to be more "business-compatible". (holding down some puke while writing those words tho ....)
<macslayer>
Hmmm I think I have a good feature request. `nixos-rebuild` is supposed to reload services and such in order to update the running system to the newly-installed one. However, running KDE, I find myself running `kbuildsycoca5` every time in order to update the Applications menu and have it include packages that I've just recently installed.
<gchristensen>
I agree *restrains himself from going in to pitch mode*
<gchristensen>
betaboon: ^
<betaboon>
^^
<betaboon>
luckily in my current employment i can always pull the magic-cyber-ninja-card xD
zzamboni has quit [Quit: Leaving.]
spietz has joined #nixos
johnsonav has quit [Remote host closed the connection]
<mpickering>
if I type nixpkgs.${arg} then should I be able to pass "foo.bar.baz" as arg to access a nested attribute?
<mpickering>
it doesn't seem to work unless I am doing something wrong
<gchristensen>
no, that would access nixpkgs."foo.bar.baz" which is not equal to nixpkgs.foo.bar.baz
<mpickering>
how can I access nixpkgs.foo.bar.baz or nixpkgs.qux depending on an argument?
<gchristensen>
is if argument == "qux" then nixpkgs.qux else nixpkgs.foo.bar.baz too static?
<mpickering>
I modified my overlay to create a top level alias for the nested attributes which achieves a similar thing
johnsonav has joined #nixos
<tilpner>
Could pass a function pkgs: pkgs.foo.bar.baz to select a package
<tilpner>
(But pkgs."${something}" works too
<tilpner>
)
<gchristensen>
maybe you could use Forbidden Functions (ie: slow) to do it, like `splitString` (or something) and then there is a function in lib/attrsets.nix which can take ["foo" "bar" "baz"] and get pkgs.foo.bar.baz
<tilpner>
(Oh, sorry, not with a path > 1)
<mpickering>
being a bit static is fine for my purposes. I just need to choose between three compiler package sets
<tilpner>
lib.attrByPath (lib.splitString "." "lxqt.qterminal") null pkgs works as expected
peacememories has joined #nixos
<i-am-the-slime>
if I have a record which is made up of a few bools
<i-am-the-slime>
how can I generate a list of all possible instances of it ?
<vaibhavsagar>
I'm trying to override the gcc a haskell package uses
<mpickering>
yes it's different
<srhb>
nliadm: It was updated on the 2nd of january, unstable just needs to pass tests.
<nliadm>
how did a bad version get through in the first place? I guess maybe it got taken down from elpa
<srhb>
nliadm: Presumably, that's exactly what happened.
<mpickering>
vaibhavsagar: what is the actual problem?
<etu>
nliadm: Yeah, things change at remote places may break things. font-lock-plus is currently broken since 1st of January because the hash is wrong since update of copyright-dates and such. That is also fixed but not in nixos-unstable yet.
<nliadm>
ah, the dangers of unstable
<srhb>
nliadm: Could happen on stable as well :)
<nliadm>
I should really have my environment two-tier'd
<vaibhavsagar>
mpickering: I'm trying to statically link a haskell binary
<adisbladis>
Some upstreams are worse than others
<vaibhavsagar>
and I'm getting the error from the top of the gist
<srhb>
adisbladis: Adobe, Spotify... :-)
<etu>
nliadm: (I also updated font-lock-plus to use specific revisions from emacs-wiki instead of the latest file, so I hope it won't happen again)
<vaibhavsagar>
I suspect it's a -fPIC thing and the crtbeginT.o/crtbeginS.o swap might make a difference
<srhb>
Oracle. x_x
<mpickering>
ok I can't help sorry
<adisbladis>
srhb: The package etu was talking about was from emacswiki which tends to break often :/
<etu>
Discord is quite horrible as well
<etu>
They allow you to get old versions, but it doesn't work.
<vaibhavsagar>
mpickering: thanks anyway :)
<srhb>
:(
<adisbladis>
srhb: Btw. Was it you I met at 34c3
<adisbladis>
I think its you from the github picture
<adisbladis>
But not sure
<srhb>
adisbladis: As far as I know, I wasn't there!
<srhb>
Next time :-)
<gchristensen>
I'm still
<gchristensen>
oops
<etu>
srhb: woha, weird if adisbladis met you there then :D
<srhb>
I should change that photo, it's old. :-P
<adisbladis>
Ahh :) Then someone who looks very similar
<adisbladis>
Haha mine is from 28c3
<etu>
Also, god damn those emacs wiki packages...
<etu>
All of them
<srhb>
heh!
<gchristensen>
yeah, that wiki-as-a-package-source thing is really terrifying
<etu>
But the dude maintaining them doesn't want to use git.
<adisbladis>
gchristensen: At least we have hashes
<etu>
I was a bit involved in that discussion at melpa and some people have been trying to convince that person for like 10 years to use anything that isn't just emacs-wiki :/
<gchristensen>
asserting they're at least point-in-time sketchy :P
<adisbladis>
Putting some make up on the pig :)
<etu>
gchristensen: At least it has diffs and that you can get specific revisions...
<etu>
And with hashs we can at least assure that the same revision isn't changed...
<srhb>
Oh, they're mutating the revisions?
<srhb>
!FUN!
<etu>
I don't think they are
<etu>
But if they do, we can see it :)
<adisbladis>
More exciting that way
<srhb>
:P
<vaibhavsagar>
how do I override a makeOverridable package?
<vaibhavsagar>
e.g haskell.lib.mkDerivation
<vaibhavsagar>
I want to do `mkDerivation.override { stdenv = stdenv'; }`
<vaibhavsagar>
does that work?
<srhb>
vaibhavsagar: I think that exact example is in the nixpkgs haskell infra docs.
<srhb>
Lemme check
<etu>
I found a package that can't be built... nixpkgs.steamcontroller :/
<etu>
"builder for ‘/nix/store/58h7ic8x6a7aa3wpw8v7n5kvlyy7mgrj-python3.6-libusb1-1.6.4.drv’ failed with exit code 1" is the actual problem though
<tilpner>
etu - Seems fixed on master
<adisbladis>
Works for me (tm)
<tilpner>
And nixos-unstable-small
<vaibhavsagar>
srhb: so I have to do it like `mkDerivation.override {overrides = self: super: {self.stdenv = stdenv';};}`?
<etu>
tilpner: Ah, nice :)
<etu>
adisbladis: Because you're a mad man that runs his laptop on master.
<tilpner>
Why limit yourself to one channel, when you can have dozens? c.c
<srhb>
vaibhavsagar: it would be stdenv =, not self.stdenv =, but no, I'm not sure that would work either now...
ma27 has joined #nixos
asuryawanshi has joined #nixos
<vaibhavsagar>
I'm getting "value is a function while a set was expected" errors now
<rnhmjoj[m]>
etu: steamcontroller it's actually my fault
<Lisanna_>
Hey #nixos, I've just received a SSD to use with my Nix machine. I'm thinking the most beneficial points to mount to speed up large file builds would be /nix and /tmp. Are there any other locations, or are those the two big ones?
<vaibhavsagar>
this error message is next to useless in actually helping me fix the problem :(
<joepie91>
Lisanna_: your user dir
<joepie91>
(assuming a desktop workload)
<mpickering>
where is fetchFromGithub defined?
ssmike has quit [Ping timeout: 248 seconds]
<Lisanna_>
joepie91: no, this is a Nix build machine
<rnhmjoj[m]>
etu: fortunately fridh fixed the issue with libusb1 a little later but isteamcontroller is still broken in unstable
<gchristensen>
Lisanna_: /nix needs to be on the same partition as / fwiw
<joepie91>
Lisanna_: probably not the answer you were looking for, but things like browsers store a ton of cache data there
<joepie91>
ah
<tilpner>
mpickering - all-packages.nix IIRC
<clever>
mpickering: all-packages.nix
<joepie91>
Lisanna_: possibly /var if you're running a database or such
<Lisanna_>
gchristensen: I have at least one NixOS sytem where /nix is definitely not on the same partition (or even disk!) as /
<gchristensen>
oh, hrm, I thought it did need to ... maybe that is just for AWS?
<etu>
rnhmjoj[m]: As long it's fixed in master I'm happy :)
<etu>
rnhmjoj[m]: I also noticed that sc-controller is in master and not yet unstable :)
jcbrand_ has joined #nixos
<tilpner>
It is in unstable-small!
<joepie91>
Lisanna_: anyway, if it's *just* for Nix builds then /tmp and /nix should be sufficient, if it's something like a Hydra server backed by PostgreSQL then you may want /var on the SSD as well since iirc that's where PostgreSQL's data files are stored
<rnhmjoj[m]>
etu: yep, it only added a couple days ago
<joepie91>
iirc all Nix builds occur in /tmp
<etu>
tilpner: Maybe I should get that and use both unstable and unstable-small :p
<etu>
rnhmjoj[m]: Looking forward to next update of unstable, it will contain linux-steam-integration from solus as well :>
hotfuzz_ has quit [Ping timeout: 265 seconds]
<Lisanna_>
joepie91: yeah, it's mainly just for Nix builds. Specifically, disk operations in runInLinuxVM are *really* slow right now,
<mpickering>
Is it possible only fetch a subdir or is there a function I can fetchFromGitHub and then another function to cd into the right subdirectory?
<Lisanna_>
that's the specific thing I'm trying to speed up here
<srhb>
iirc the file system backing the vms sometimes has huge performance implications.
<LnL>
gchristensen: why is that, should be fine as long as /nix and /nix/store are configured in fileSystems
<LnL>
no?
<gchristensen>
I have no idea where I got that idea :P
<tilpner>
mpickering - src = let repo = fetchFromGitHub { ... }; in "${repo}/subdir";
<Lisanna_>
Okay, so /nix and /tmp, and this should in theory improve disk throughput in runInLinuxVM (lots of small file reads / writes from the disk that's loaded in the vm)
<joepie91>
Lisanna_: from a cursory read, seems /nix + /tmp will be sufficient for that
<Lisanna_>
cool
dieggsy has joined #nixos
<andromeda-galaxy>
I just started trying out nix 1.12 on a NixOS machine. In the new 'nix build' command, is there a way to build an attribute of the current directory's default.nix without having to specify -f.? ''nix build' tries to build the entire contents of default.nix, and 'nix build foo' tries to build foo taken from.... something somewhere in nixpkgs or something? I can't quite tell. AlGenerally, are the
<andromeda-galaxy>
resolutin rues for "installables" documented anywhere? E.g. how is the 'nixpkgs' resolved in 'nix run nixpkgs.hello'. And finally, for 'nix run', is there a way to get a shell with the dependencies of a derivation and its phases/environment, like there was with 'nix-shell'?
<mpickering>
works perfectly thank you tilpner
Itkovian_ has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master a3cb76c adisbladis: Merge pull request #33419 from markus1189/scalafmt-1-4-0...
<NixOS_GitHub>
[nixpkgs] adisbladis pushed 2 new commits to master: https://git.io/vNfLH
<NixOS_GitHub>
nixpkgs/master 4e4b3a6 Markus Hauck: scalafmt: 1.3.0 -> 1.4.0
NixOS_GitHub has left #nixos [#nixos]
<Lisanna_>
andromeda-galaxy: what's the beahvior of regular nix run? does it not do that?
Itkovian has quit [Ping timeout: 252 seconds]
<andromeda-galaxy>
Lisanna_: if I run 'nix run' in a directory with default.nix (like I used to for nix-shell), it tries to build the package and then give me a shell including the package---instead of a shell with the build tools/phases to let me step through the build myself/debug it/etc.
betaboon has quit [Quit: WeeChat 1.9.1]
<andromeda-galaxy>
(this also breaks haskell development environments afaict)
<Lisanna_>
okay, thanks. That's awesome for my use cases, I'm glad that that's changing ^^
erasmas has joined #nixos
<srhb>
andromeda-galaxy: afaik nix run is like nix-shell -p, nix-shell is (still) like nix-shell.
<andromeda-galaxy>
srhb: oh, okay---I thought that everything was supposed to be migrated to 'nix subcommand', so I wanted to check if the functionality was there... okay, I'll just still use nix-shell then
<FRidh>
they're indeed complementary
<FRidh>
andromeda-galaxy: likely a nix shell at some point
<andromeda-galaxy>
FRidh: okay, great, thanks for the info!
<FRidh>
srhb: nix run does not run any setup hook. e.g. `nix-shell -p python` will sow certain PYTHON* env vars, whereas `nix run nixpkgs.python`
<FRidh>
won't
<srhb>
FRidh: Aha, thank you. :)
<srhb>
That'll be... Confusing.
<FRidh>
The hooks are for building a derivation. You are not building a derivation with nix run.
chreekat has quit [Ping timeout: 276 seconds]
<srhb>
We'll see. :P
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vbgl pushed 1 new commit to master: https://git.io/vNfqQ
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 83110ac Vincent Laporte: ocamlPackages.notty: 0.1.1a -> 0.2.1...
chreekat has joined #nixos
the-kenny has quit [Quit: WeeChat 1.9.1]
cinimod has joined #nixos
i-am-the-slime has quit [Ping timeout: 248 seconds]
<cinimod>
I am trying to build a Haskell package which uses `gsl`
pkill9 has joined #nixos
<cinimod>
I have a derivation which specifies this dependency
<NixOS_GitHub>
[nixpkgs] mpickering opened pull request #33425: Use self rather than super to make stringbuilder overridable (master...stringbuilder) https://git.io/vNfm0
<shlevy>
Sonarpulse: Any idea how to fix emacsWithPackages? It uses findInputs in a way that is now broken
<Sonarpulse>
shlevy: right I should do that
<Sonarpulse>
either implement basically old findInputs
<Sonarpulse>
or redesign
<Sonarpulse>
shlevy: ...I feel like propagated-user-env-pkgs was never the right file for this?
<shlevy>
Sonarpulse: I didn't write it :P I'm just a user
ncl28 has joined #nixos
<shlevy>
Sonarpulse: as a quick fix can we resurrect findInputs as findInputsOld or something?
<shlevy>
And then find the right way?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peti closed pull request #33425: Use self rather than super to make stringbuilder overridable (master...stringbuilder) https://git.io/vNfm0
NixOS_GitHub has left #nixos [#nixos]
dan_b has quit [Ping timeout: 268 seconds]
dieggsy has quit [Remote host closed the connection]
ssmike has joined #nixos
Arcaelyx has joined #nixos
dieggsy has joined #nixos
dan_b has joined #nixos
<Sonarpulse>
shlevy: yeah probably gonna do something like that
klntsky has quit [Remote host closed the connection]
<rnhmjoj[m]>
makefu: clone nixpkgs, get the current revision from nixos-version, eg 18.03.git.9e49117 -> 9e49117, cd nixpkgs, git checkout 9e49117, git cherry-pick 1e129a3, sudo nixos-rebuild -I nixpkgs=$HOME/src/nixpkgs
<makefu>
rnhmjoj[m]: this is what i did
<makefu>
resulting in the pasted error
<gchristensen>
or just use 17.09 :)
<nixy>
Out of curiosity I just ran `nix-env -qaP .*linuxPackages.*` to look at linux versions
<nixy>
It looks like this caused nix-env to use all the memory, fail and cause the system to OOM
jrolfs has joined #nixos
jrolfs__ has joined #nixos
<clever>
nixy: run nix-repl '<nixpkgs>' and try to tab-complete linuxPackages
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] nlewo opened pull request #33426: go-protobuf: init at 2018-01-04 (master...pr/go-protobuf) https://git.io/vNfGk
NixOS_GitHub has left #nixos [#nixos]
<nixy>
clever: Thanks, just what I was looking for
<makefu>
gchristensen no can do, too much stuff i need in unstable already
<gchristensen>
some of one, some of the other?
<srhb>
makefu: Looks like that's an exim problem?
<makefu>
srhb: thing is, that without exim it explodes in another package with "strip: command not found"
<srhb>
Huh.
<srhb>
Can't reproduce.
<srhb>
Must be something in your config.
<makefu>
shiet
<srhb>
I'm based on f59a0f7 by the way.
<rnhmjoj[m]>
makefu: are you positive you only added the kernel patch?
klntsky has quit [Remote host closed the connection]
<andromeda-galaxy>
nix 1.12 also seems to break some ocaml package building for me? ocamlbuild --use-ocamlfind prints out "Exception Sys_error("/tmp/nix-build-<pkgname>.drv-0/<dir>/sail.native: Permission denied"
<makefu>
rnhmjoj[m]: of course not, i just chose the commit right after the kernel patch
klntsky has joined #nixos
<srhb>
makefu: Hang on, you checked out master at some commit instead of cherrying?
<rnhmjoj[m]>
makefu: you create a branch at the point your system was workign fine, then add the kernel patch on top of that
<makefu>
i think i will have to do this ...
<srhb>
Hehe.
<makefu>
i was just hoping for master to not be broken
<srhb>
That's a very rare condition, judging by hydra :-)
dieggsy has quit [Remote host closed the connection]
<rnhmjoj[m]>
taking a random commit from master is definitely going to surprise you in some way
<makefu>
maybe as a good resolution for this year may be to not have a broken master?
<srhb>
That sort of defies the point.
<srhb>
Then something else is just master.
asuryawanshi has quit [Remote host closed the connection]
<srhb>
This is why we have channels. :)
bigvalen has joined #nixos
<rnhmjoj[m]>
master is not a channel
asuryawanshi has joined #nixos
jrolfs__ has quit [Ping timeout: 260 seconds]
jrolfs has quit [Ping timeout: 248 seconds]
Tobba has joined #nixos
<gchristensen>
makefu: I'm trying :P
<samueldr>
git checkout master; git checkout -b not-master ← that should do it
<srhb>
samueldr: I prefer git checkout -b \"stable\"
<srhb>
Pronounced with shifty eyes.
<gchristensen>
you're devious, srhb
<srhb>
:-)
<rnhmjoj[m]>
anyway did you try benchmarking the patch? i'm seeing some amazing ~64% slowdown on i/o, extremetly pathological test though.
<samueldr>
no, I didn't know *what* to benchmark... since it's for desktop use, and I generally don't run pathological benchmarks
<samueldr>
(though, it'll be easy to go in/out of the patched kernel with generations!)
<rnhmjoj[m]>
i'm trying three things basically: dd with a very small buffer, x265 placebo, games. Fortunately games and video conversion it's not affected
ssmike has quit [Remote host closed the connection]
<fpletz>
arianvp: don't use linuxPackages.wireguard, just wireguard for the cli tool
dan_b has quit [Ping timeout: 248 seconds]
<srhb>
Oh, no.
<arianvp>
oh git it. thanks fpletz
jrolfs__ has joined #nixos
jrolfs has joined #nixos
jb55 has joined #nixos
alexteves has quit [Remote host closed the connection]
orivej has quit [Quit: No Ping reply in 180 seconds.]
pSub has quit [Read error: Connection reset by peer]
orivej has joined #nixos
chreekat has quit [Ping timeout: 246 seconds]
chreekat has joined #nixos
fyuuri has joined #nixos
jrolfs__ has quit [Ping timeout: 264 seconds]
jrolfs has quit [Ping timeout: 268 seconds]
matrium has joined #nixos
jrolfs has joined #nixos
jrolfs__ has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vdemeester opened pull request #33427: go-symbols: init at 20170206-5a7f759 (master...init-go-symbols) https://git.io/vNfcm
NixOS_GitHub has left #nixos [#nixos]
alexteves has joined #nixos
coot has quit [Read error: Connection reset by peer]
jrolfs has quit [Ping timeout: 252 seconds]
jrolfs__ has quit [Ping timeout: 256 seconds]
coot has joined #nixos
erasmas has quit [Quit: leaving]
goibhniu has quit [Ping timeout: 248 seconds]
evangeline has quit [Ping timeout: 252 seconds]
evangeline has joined #nixos
erasmas has joined #nixos
sary has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vdemeester opened pull request #33428: go-outline: init at 20170804-9e9d089 (master...init-go-outline) https://git.io/vNfCG
NixOS_GitHub has left #nixos [#nixos]
jrolfs has joined #nixos
alexteves_ has joined #nixos
jrolfs__ has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vdemeester opened pull request #33429: gomodifytags: init at 20171214-2064415 (master...init-gomodifytags) https://git.io/vNfCX
NixOS_GitHub has left #nixos [#nixos]
alexteves has quit [Ping timeout: 255 seconds]
sigmundv__ has quit [Ping timeout: 248 seconds]
<matrium>
hi, I followed the "How to create Nix builds for your own private Haskell packages" section in the NixOS manual and am able to build my project using nix-build. But when running nix-shell, there's neither cabal nor ghc in my path
<gchristensen>
vaibhavsagar might be able to help, matrium :)
zzamboni has joined #nixos
tmaekawa has joined #nixos
tmaekawa has quit [Client Quit]
phobic5 has quit [Remote host closed the connection]
oida has joined #nixos
digitalmentat has quit [Quit: Leaving]
<mpickering>
matrium: Can you perhaps paste the files you have and say which commands you're running?
<mpickering>
What are you running nix-shell on?
<matrium>
I've generated my project.nix using cabal2nix
<matrium>
I'm running nix-shell in the project's directory without any arguments
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vdemeester opened pull request #33430: gopkgs: init at 20171229-b2ea2ec (master...init-gopkgs) https://git.io/vNflD
NixOS_GitHub has left #nixos [#nixos]
<Ralith>
are there any helpers for uploading closures to a S3 bucket for use as a binary cache without wasting time reuploading data that's already there?
<gchristensen>
use aws's s3 sync program, it'll be smart about it
<Ralith>
thanks!
asuryawanshi has quit [Ping timeout: 276 seconds]
primeos has quit [Ping timeout: 240 seconds]
<gchristensen>
yep!
<Ralith>
hm
<Ralith>
I don't suppose there's a way to avoid wasting time even bundling them up in a .nar.xz?
jcbrand_ has left #nixos ["Disconnected: closed"]
<mpickering>
matrium: So ghc is in my path when I try what you have
<mpickering>
but cabal isn't but that makes sense as cabal isn't used to build the package
<gchristensen>
Ralith: that is a critical step :)
<Ralith>
oh well
raynold has joined #nixos
<mpickering>
Usually what I do when developing is "cabal2nix . --shell > shell.nix"
<mpickering>
but I don't think that's your problem
<Ralith>
why is it?
NixOS_GitHub has joined #nixos
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 96f07d6 Daniel Fullmer: john: Fix extra utility programs
<NixOS_GitHub>
[nixpkgs] joachifm pushed 2 new commits to master: https://git.io/vNf8B
<NixOS_GitHub>
nixpkgs/master 24e8c38 Joachim F: Merge pull request #33257 from danielfullmer/john-utils...
<mpickering>
It says "in which you can use cabal configure and cabal build to develop your code", which is true, if cabal is available
<clever>
mpickering: cabal is available, as a haskell library
<clever>
you need a Setup.hs that imports it
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vdemeester opened pull request #33431: gotests: init at 1.5.2 (master...init-gotests) https://git.io/vNf4G
NixOS_GitHub has left #nixos [#nixos]
<mpickering>
we're talking about cabal-install here
macslayer has quit [Ping timeout: 248 seconds]
jrolfs__ has quit [Ping timeout: 240 seconds]
jrolfs has quit [Ping timeout: 248 seconds]
peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Synthetica has quit [Quit: Connection closed for inactivity]
chreekat has quit [Ping timeout: 252 seconds]
chreekat has joined #nixos
fyuuri has joined #nixos
dieggsy has joined #nixos
orivej has quit [Ping timeout: 255 seconds]
<Havvy>
Are there any derivations that pull binaries from crates.io?
dieggsy has quit [Remote host closed the connection]
Acou_Bass has quit [Ping timeout: 255 seconds]
zzamboni has quit [Quit: Leaving.]
orivej has joined #nixos
<maurer>
Does crates.io publish binaries now?
<maurer>
(that would seem odd to me, givne how adamant rust is that they do not have a stable rlib format)
Acou_Bass has joined #nixos
<simendsjo>
I see Intel is shipping microcode updates for CPUs to mitigate Meltdown/Spectre/Both. I have `hardware.cpu.intel.updateMicrocode = true` in my configuration. Is that all that is necessary to receive these microcodes? Or do I need to use nixpkgs from github or similar?
zzamboni has joined #nixos
<Havvy>
maurer: Well, source code for binaries.
<maurer>
Oh, OK
<Ralith>
gchristensen: I don't suppose you have any advice for using a *private* S3 bucket as a binary cache?
<niksnut>
Ralith: we use a private S3 binary store at work, what do you want to know?
<Ralith>
niksnut: I'm interested in hearing approaches people take to integrating it with CI and deployment pipelines
<Ralith>
my current feeling is that the natural way to proceed is to put your nix expressions in version control alongside source, have your build servers use nix-push and upload that to s3, and use s3 as a dumb binary cache; I'm a bit fuzzy on how access control to S3 is accomplished
<niksnut>
we actually switched to the S3 binary cache recently so that we didn't have to copy closures off our hydra server manually
<niksnut>
and because the hydra server (despite having a 3 TB disk) was constantly running out of disk space
<Ralith>
then deployment is just done by checking out the desired revision of git and operating on the expressions therein
<niksnut>
right
<niksnut>
the only tricky thing is when you're using nix-daemon, because then you need to make sure that the daemon can access the AWS credentials
jrolfs has quit [Ping timeout: 248 seconds]
jrolfs__ has joined #nixos
jrolfs has joined #nixos
oida has joined #nixos
<Ralith>
if you're using S3 as a binary cache, any authentication must be embedded in the URL you supply in your config, right?
mrkgnao has quit [Ping timeout: 260 seconds]
jcbrand_ has joined #nixos
<niksnut>
no
<gchristensen>
IIRC Nix can talk to the metadata api to get creds
<niksnut>
you just use s3://bucket-name or maybe s3://bucket-name?aws-profile=<profile-name> if you have multiple profiles in ~/.aws
<niksnut>
it will then get the credentials from ~/.aws, the AWS_* environment variables or from the metadata server
<codedmart>
I did a haskellOverride in ~/.nixpkgs/config.nix. When I use that package in nix-shell I am seeing this `warning: dumping very large path (> 256 MiB); this may run out of memory`? Is there something I am doing wrong? Is that a problem?
<NixOS_GitHub>
[nixpkgs] dtzWill opened pull request #33436: mendeley: fix gconf errors, minor cleanup (master...fix/mendeley-gconf) https://git.io/vNfik
NixOS_GitHub has left #nixos [#nixos]
asuryawa_ has quit [Remote host closed the connection]
macslayer has joined #nixos
orivej has quit [Ping timeout: 264 seconds]
globin has quit [Remote host closed the connection]
<mudri[m]>
I'm on a slightly modified nixos-unstable, and I have a Haskell package that's failing one of its tests. Is that because of my modifications, or are Haskell packages not tested before nixos-unstable is updated?
klntsky has quit [Remote host closed the connection]
sary has joined #nixos
<gchristensen>
mudri[m]: haskell packages are not tested before nixos-unstable is updated
<gchristensen>
but also it could be due to your changes
globin has joined #nixos
klntsky has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] LnL7 opened pull request #33437: rust: darwin sandbox build (master...darwin-sandbox-rust) https://git.io/vNfPw
<tilpner>
Ralith - Pick channel names from https://nixos.org/channels/ . Make sure not to copy URL from *.cloudfront.net redirection, as I'm not sure how static that is
<Ralith>
tilpner: I did manage to google that up; I'm wondering if there's a friendly-looking page with links to those somewhere, that I can hand out to my coworkers
<tilpner>
Are you allowed to give them an overlay instead?
<Ralith>
not super friendly :/
<Ralith>
I feel like the cloudfront wackiness must be fixable
<tilpner>
Ralith - With an overlay they could e.g. nix-shell -p nixos-unstable-small.ghc, without looking up any URLs. And you could help with/explain the onetime setup
mekeor has joined #nixos
jcbrand_ has left #nixos ["Disconnected: closed"]
hiratara has joined #nixos
<dhess>
gchristensen: there is a bug in the bot where that history URL it provdides includes the closing ")" character
<Ralith>
joko: yeah, that works, but given the existence of officially hosted tarballs I was hoping for better
<Ralith>
LnL: ooh, neat
<Ralith>
tilpner: that is a good idea, thanks
<gchristensen>
dhess: strictly speaking, I think that is a bug in your client, since the `)` is closing an earlier `(` ... but I can see how that is worth fixing
asuryawanshi has joined #nixos
<tilpner>
Ralith - Unfortunately you may have to do more than just an overlay if you want them to be able to use these overlayed channels from nixos-config, nix-env and nix-shell :/
<dhess>
gchristensen: oh yeah duh :) this isn't HTML after all
<dhess>
sorry, that was a think-o
* tilpner
still doesn't see why defexpr can't be removed
<Ralith>
is 1.12 expected any time soon? seems like I've been hearing about how much better it'll be for like a year
macslayer has quit [Ping timeout: 260 seconds]
AluisioASG has quit [Remote host closed the connection]
asuryawanshi has quit [Ping timeout: 248 seconds]
AluisioASG has joined #nixos
el_putin has quit [Read error: Connection reset by peer]
el_putin has joined #nixos
jrolfs has quit [Ping timeout: 264 seconds]
<joko>
ok, I think I could use binutils-unwrapped, but inside a script it's not replaced with the nix store path, any ideas?
jrolfs__ has quit [Ping timeout: 265 seconds]
coot has quit [Quit: coot]
orivej has quit [Ping timeout: 248 seconds]
klntsky has quit [Ping timeout: 272 seconds]
nithor has quit [Ping timeout: 276 seconds]
sary has joined #nixos
jrolfs has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] kevlar1818 opened pull request #33439: nixos/netdata: support adding extra packages to service PATH (master...netdata_extraPackages) https://git.io/vNfH0
NixOS_GitHub has left #nixos [#nixos]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] iblech opened pull request #33440: signal-desktop: fix URL to Debian package (fixes #33401) (master...patch-4) https://git.io/vNfHa
<dtz>
joko: sounds like an oversight/bug? Although IIRC objcopy and strip are actually 99% the same binary they just have a different value for some global like "isObjCopy = 1" (not even kidding) :D
jrolfs has quit [Ping timeout: 248 seconds]
<dtz>
joko: so you might be able to just use strip with different flags? O:) but seems like a bug to me
<dhess>
so anyway, Hydra will act as a BC, or do I need to run nix-serve as well?
sary has quit [Ping timeout: 248 seconds]
<gchristensen>
I think it can be a BC
<catern>
dhess: you don't need Hydra to have a binary cache of custom packages; and you can just set up a caching proxy to cache.nixos.org
<dhess>
infinisil: ahh I see. I did not know about that. In any case, I already have a nix-serve and it's working great.
<gchristensen>
no, I KNOW it can, I just don't know how to make it do so
<dhess>
catern: I don't think you understand. I already have a Hydra. It's not there to be just a binary cache, it already serves a useful and intentional purpose.
<infinisil>
Ah, nix-serve is an http cache i see
sary has joined #nixos
<catern>
ok ok
<dhess>
so what I would like to know is, can it do the BC part as well.
grumble has quit [Quit: We all eat lies when our hearts are hungry]
cement has quit [Ping timeout: 265 seconds]
<dhess>
well there's at least one way to find out
ma27 has quit [Ping timeout: 240 seconds]
tester123 has quit [Ping timeout: 260 seconds]
<MP2E>
just a heads up, firefox 57.0.4 is released upstream, includes some mitigations for the recent Spectre and Meltdown vulnerabilities
<MP2E>
not famliiar with the firefox nix expression but i'll take a crack at updating and push if all goes well
<gchristensen>
MP2E: should be easy, there is a script to run updaters. please check the
<MP2E>
will do!
<gchristensen>
MP2E: -bin one as well as just firefox
<MP2E>
aha I see the script in firefox-bin
Acou_Bass has quit [Ping timeout: 240 seconds]
grumble has joined #nixos
jrolfs__ has quit [Ping timeout: 248 seconds]
jrolfs has quit [Ping timeout: 248 seconds]
Myrl-saki has quit [Ping timeout: 248 seconds]
Acou_Bass has joined #nixos
ssmike has quit [Ping timeout: 264 seconds]
sary has quit [Ping timeout: 240 seconds]
cocreature has quit [Quit: A monad is just a monoid in the category of endofunctors, what's the problem?]
spietz has quit [Ping timeout: 252 seconds]
macslayer has joined #nixos
knupfer has quit [Ping timeout: 248 seconds]
<macslayer>
Is NixOS going to adopt the KAISER patch for the kernel?
<mpickering>
Is there perhaps a way to gc downloaded derivations but keep derivations which had to be built and then put those in the cache?
cocreature has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] LnL7 opened pull request #33441: pcsclite: fix darwin build (master...darwin-pcslite) https://git.io/vNfAC
NixOS_GitHub has left #nixos [#nixos]
jrolfs has joined #nixos
jrolfs__ has joined #nixos
<dhess>
macslayer: KAISER is in 4.14.11, right? If so, nixos-unstable-small has that kernel, at least.
<mpickering>
I was also wondering whether the overlays section of the user guide should be moved to be more prominent rather than section 11 after the section about language specific package practices
<mpickering>
It seems to be the best way now to augment the package set
<gchristensen>
macslayer: nixos-17.09 has kaiser patches for linuxPackages_latest, however for the time being we're waiting for kernel.org to release patched kernels for 4.9 and 4.4
<dhess>
LnL: does nix-darwin support creating users?
sigmundv has quit [Ping timeout: 256 seconds]
<LnL>
not at the moment
<dhess>
LnL: ok, how about compatiblity with the new multi-user installer. I assume that is all kosher, with nix-daemon etc?
pjan_ has joined #nixos
nithor has joined #nixos
cocreature has quit [Quit: A monad is just a monoid in the category of endofunctors, what's the problem?]
jb55 has joined #nixos
<LnL>
the bootstrap script (or nix installer) will create the build users for you
<LnL>
there's also an option to manage the daemon
<dhess>
I just ran the nix installer on a new Mac so all of that is done. I'm just wondering whether nix-darwin works with it. I remember there were some issues with nix-daemon before the multiuser installer was the standard install
cocreature has joined #nixos
<dhess>
LnL: I ask because I'm about to add this Mac to my Hydra as a remote builder, and I'm wondering whether I should install nix-darwin on it, as well.
<dhess>
to make some of the config more declarative and less "by hand"