<ottidmes>
elvishjerricco: But it is likely ~/.dmrc is just provided based on the state you linked
<ottidmes>
elvishjerricco: So in order to actually change it, you probably have to change the state file rather than being able to change it via ~/.dmrc, but you could experiment and see what happens
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nix] dtzWill opened pull request #1944: Don't throw in destructor, happens in nix-daemon when client disappears. (master...fix/activity-destructor-exception) https://git.io/vA9Qp
NixOS_GitHub has left #nixos [#nixos]
BlessJah has quit [Ping timeout: 240 seconds]
pxc has quit [Ping timeout: 245 seconds]
alex`` has quit [Quit: WeeChat 2.0.1]
johnw has joined #nixos
<tnks>
I'm open to some suggestion here. I tried a "nix copy --to ssh://nix@my-nix-cache /nix/store/..." and I'm still getting "cannot add path... because it lacks a valid signature"
<tnks>
I did a "nix copy-sigs -s https://cache.nixos.org --all" and it did something, but didn't seem to help with all paths.
ambro718 has quit [Quit: Konversation terminated!]
sahabi has joined #nixos
<ottidmes>
tnks: I had the same problem with substitutors, I would love to know the solution to that error message as well, I ended up just going back to Nix 1.x for now
<dtz>
is your remote user a trusted-user on the remote host? That's probably easiest way to avoid
BlessJah has joined #nixos
<dtz>
well, I think so anyway :)
<tnks>
ottidmes: fortunately this channel is logged and indexed, and I found clever's advice to someone else there.
<tnks>
I'm playing around with the `--option signed-binary-caches ""` advice he gave there.
<ottidmes>
tnks: Setting require-sigs would also probably work, but I do not consider that a real solution
<ottidmes>
dtz: The systems I have tried to make it work on have the same set of users which are all trusted
johnw has quit [Ping timeout: 265 seconds]
<dtz>
bummer :)
<ottidmes>
dtz: Indeed, thanks for the suggestion anyway, and clue is welcome :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz opened pull request #36272: nixos doc: document the installation process from other distros as well as NIXOS_LUSTRATE (master...nixos-lustrate-doc) https://git.io/vA975
NixOS_GitHub has left #nixos [#nixos]
<tnks>
ottidmes: you seem to know more about this than I. Who's making these signatures?
<tnks>
I don't know who's making them, and who's checking them.
<tnks>
From the same machine, I can do a nix copy --to file:///tmp/cache, but not --to ssh://nix@my-nix-cache.
dan_b has quit [Ping timeout: 256 seconds]
<tnks>
so it's a little bit confusing for me. Are the signatures not checked when copying to a file on the same machine?
<ottidmes>
tnks: I don't know that much either, but I believe it is nix-store that is responsible for doing so. If you check the Nix manual for secret-key-files, it basically says as much: "These are used to sign locally-built paths. They can be generated using nix-store --generate-binary-cache-key."
<ottidmes>
tnks: I basically have the same confusion as you do. I also expect them to be signed the moment they are served, but I am not sure what to do to make it work. I already set that secret-key-files and the public equivalent with a generated key as described, but that seemed to have no effect
ivanivan has quit [Quit: WeeChat 2.0]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] timokau opened pull request #36273: sage: Make build more platform independant (master...sage-fat-binary) https://git.io/vA95t
NixOS_GitHub has left #nixos [#nixos]
<tnks>
ottidmes: cool, well, I didn't do that even. So I'll probably read more docs, and try.
<tnks>
maybe get stuck where you're at.
Acou_Bass has quit [Quit: byeeeeeeeeeeeeeee]
<ottidmes>
tnks: Hopefully I have just missed something
Acou_Bass has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] 7c6f434c closed pull request #36273: sage: Make build more platform independant (master...sage-fat-binary) https://git.io/vA95t
freeman42x]NixOS has quit [Ping timeout: 252 seconds]
nixer101 has joined #nixos
spear2 has quit [Remote host closed the connection]
<nixer101>
Hi! Is there a www page or tool that allows to see the version of the same package across at least current stable + unstable channels?
pxc has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] oxij opened pull request #36274: nixos: nixos-generate-config: document all the common things (master...nixos/doc-generate-config) https://git.io/vA9FZ
NixOS_GitHub has left #nixos [#nixos]
<tnks>
is there a nice command to see the signature for a path?
<tnks>
it's not in /nix/store, right?
<tnks>
I'm guessing it's in the binary database somewhere.
ottidmes has quit [Ping timeout: 248 seconds]
<clever>
tnks: its in db.sqlite
<clever>
nix-store --query --hash
<clever>
oh, but thats only the hash, not the signature
<clever>
yeah, i think only the binary cache has the signature
Arcaelyx_ has joined #nixos
<tnks>
clever: years ago, out of curiosity, I went into the sqlite tables with a client.
<tnks>
the tables were not normalized in too crazy a way.
<gemishhood>
wrong. I tried to install it in a nixshell, but had no luck.
<clever>
nick_l: what about with |grep nix
<gemishhood>
Sorry about that. I ment to say Hey, trying to download ghc-mod. I using this command: nix-env -f '<nixpkgs>' -iA haskellPackages.ghc-mod and get this error: https://pastebin.com/nGJZW5vM. I have no idea where I went wrong. I tried to install it in a nixshell, but had no luck.
<nick_l>
clever: various daemons, but nothing what you are looking for.
Arcaelyx_ has quit [Ping timeout: 240 seconds]
<clever>
nick_l: can you pastebin the `ps -eH x` from the machine running nixops?
<tnks>
clever: is it possible the signature from a cache.nixos.org binary is corrupted?
<clever>
dmj`: your late to the miso party :P
<gchristensen>
possible? yes
<tnks>
gchristensen: what's the best way to test that theory?
<gchristensen>
tnks: but S3 / CloudFront are really good at not doing that. I don't know, it has never happened to me
<gchristensen>
their durability is in the range of 99.999999999%
<tnks>
gchristensen: I've followed as much of the recommended directions as I can to get "nix copy" working, and getting this still:
<tnks>
cat /run/secrets/nix-signing-sec \
<tnks>
| tr -d '\n' | /etc/nix/signing-key.sec
nuncanada has quit [Read error: Connection reset by peer]
<tnks>
(sorry, wrong paste again).
<tnks>
I get this still: error: cannot add path '/nix/store/4w2wvcxzyxpdi3w5x92f42ck8jcrng1x-python3.6-requests-2.18.4' because it lacks a valid signature
<prismate>
hi, what does the [m] mean after a nickname?
muzzy has joined #nixos
<gchristensen>
it means those people are on IRC via Matrix.org
<prismate>
gchristensen: thx
<gchristensen>
you're welcome :)
mbrgm has quit [Ping timeout: 252 seconds]
mbrgm has joined #nixos
<tnks>
okay, so it was trusted-users that wasn't set right.
<tnks>
I'm caching with "nix copy"!
<nick_l>
clever: I found the root cause for my issues \o/. Amazon documents their routing conditions in a terrible, terrible way.
<nixer101>
Hi! Is there a www page or tool that shows package version across standard channels?
<lejonet>
gchristensen: Good speech :)
<clever>
nick_l: ah
sigmundv_ has quit [Ping timeout: 248 seconds]
<clever>
tnks: i believe trusted users can just bypass the signature checks entirely
<gchristensen>
lejonet: yeah :)
<nick_l>
clever: they claim that an elastic ip is required to get routing in a public subnet to work, but infact it just requires *a* public IP.
<clever>
nick_l: yeah, ive often ran things without an elastic ip or vpn
<clever>
it just gets a new random ip every time you boot
<nick_l>
clever: it's somewhat of an abstraction leak.
<gchristensen>
it is a pretty important rule
<nick_l>
What is?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] oxij opened pull request #36275: lib: move maintainers-list.nix into maintainers (master...lib/maintainers-list) https://git.io/vA9AU
NixOS_GitHub has left #nixos [#nixos]
<gchristensen>
requiring you have a public IP to have public routing
Bunk1 has joined #nixos
<nick_l>
A public ip says that you can also be reached, but if you are just interested in getting bits from the internet a NAT gateway would also be fine.
<nick_l>
In AWS you still need to manually connect a NAT gateway to a particular VPC which is nothing more but an implementation detail.
<gchristensen>
a pretty important one given the architectural and performance implications of the various options
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] eqyiel opened pull request #36276: desmume: avoid errors with with -fpermissive (master...fix-desmume) https://git.io/vA9AL
NixOS_GitHub has left #nixos [#nixos]
<gchristensen>
AWS isn't so much about abstracting away reality when you're working on those levels
<gchristensen>
and to establish a connection you must be able to be talked to, anyway
<nick_l>
It seems a limitation that I cannot just specify performance targets and that the AWS architecture compiler then does the required work.
<gchristensen>
that isn't anything AWS claims to do ever
Bunk1 has left #nixos ["WeeChat 1.7.1"]
<nick_l>
No, but I am saying that I would like to have something like that.
<gchristensen>
ok but it isn't a leaked abstraction
<gchristensen>
since they never claimed that abstraction in the first place
<nick_l>
Out of interest, what are the performance implications you talked about?
<gchristensen>
well if your instance has no public IP but you setup a NAT gateway instead to share a single one, you're banking on the performance of that single gateway instance, or in the case of redundant setups the performance of the individual nodes theere
<gchristensen>
additionally the increased blast radius of those systems should they fail
<nick_l>
OK, I was aware of those issues. Thank you.
<gchristensen>
whereas you can choose to use a public IP per instance and depend on AWS' reverse NAT system, which is generally pretty good and distributed, and not really have to worry about how you're distributing load to your own gateways
<gchristensen>
and then lean on the (pretty reliable) firewall for isolation
muzzy has quit [Ping timeout: 240 seconds]
<gchristensen>
sure
<nick_l>
10Gb/s is quite a lot for the smallish scale on which we are currently operating.
<gchristensen>
yeah
<nick_l>
I.e., a nat gateway setup is slightly more secure.
muzzy has joined #nixos
<gchristensen>
could be if you adequately maintain it
<nick_l>
(in certain cases)
<gchristensen>
like everything else in AWS / life it is a big fat It Depends
<nick_l>
I meant one of those AWS managed NAT gateways.
<Fare>
in an unstable-YYYY-MM-DD version, should that be the version of the latest modification to the upstream source, or to the recipe?
<gchristensen>
Fare: typically the date of the commit or release was from
<Fare>
so if I change a recipe to a package from 2017, which date shall I use?
<Fare>
do I use unstable-2017-08-09-2 or something ?
<gchristensen>
the date is when the source was committed / released, not when the nix expression was written
<Fare>
to signify my updated recipe?
muzzy_ has joined #nixos
<Fare>
or .2 instead of -2 ?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] romildo opened pull request #36277: deepin-icon-theme: move to deepin meta package (master...deepin) https://git.io/vA9An
NixOS_GitHub has left #nixos [#nixos]
nixer101 has quit [Quit: Konversation terminated!]
<gchristensen>
example if I were packaging Linux Kernel 1.0-beta today it'd be like unstable-1994-03-14
<Fare>
what if you re-package it better tomorrow?
<Fare>
(did you know that date by heart or did you just look it up?)
hotfuzz has quit [Ping timeout: 265 seconds]
<gchristensen>
I looked it up :)
<gchristensen>
I don't think we typically add a suffix for when the packaging changes
<Fare>
shouldn't we?
<Fare>
I mean, how will nix-env -u or its replacement know to update stuff?
muzzy has quit [Ping timeout: 256 seconds]
<gchristensen>
you have a good point, I don't know
<Fare>
and BTW, where does it look up the list of packages to update??
<gchristensen>
I've never used nix-env, so this isn't really something I'm aware of
<gchristensen>
I'm off for the night. good night :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Profpatsch closed pull request #34842: lib.maintainers: maintainer is now a set (master...maintainers) https://git.io/vAt5A
NixOS_GitHub has left #nixos [#nixos]
<Fare>
nity nite!
<gchristensen>
Profpatsch: don't forget to wait for ofborg to finish checking, PRs are failingchecks b/c of the meta
<gchristensen>
I think we should revert your PR until the checks pass
<Profpatsch>
Why is it broken, though?
* Fare
is updating his script that was updating the gerbil recipe, so it can also update the gerbil-unstable and gambit and gambit-unstable recipes
<Profpatsch>
There shouldn’t be any changes to the final meta fields.
<gchristensen>
I don't know but your PR failed checks
<gchristensen>
Profpatsch: mind if we revert and then revert again, and fix until it passes?
<Profpatsch>
It did? As far as I could see everything was green when I pushed?
<Profpatsch>
sure
<gchristensen>
looked like there was a final patch pushed at the eend that broke
<Profpatsch>
Hm, maybe that was the rebase
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] grahamc created revert-36119-maintainer-reformat (+5 new commits): https://git.io/vA9AR
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/revert-36119-maintainer-reformat 3e55c5d Graham Christensen: Revert "lib/maintainers: rename file to maintainers-list.nix"...
<NixOS_GitHub>
nixpkgs/revert-36119-maintainer-reformat 4321760 Graham Christensen: Revert "lib/maintainers: add new maintainers before maintainers merge"...
<gchristensen>
ok I'm going to bed, thanks for fixing it up Profpatsch
Supersonic has quit [Quit: Bye]
Supersonic has joined #nixos
<Profpatsch>
Thanks for noticing. :)
<Mic92>
gchristensen: To refine my questions: I assumed I cannot just attach to your message queue with my own bot that allows unfree packages and get unfree package requests commands routed. But is it possible to have my own queue?
halfbit has joined #nixos
<Mic92>
and maybe own github account
abathur has joined #nixos
acertain has quit [Ping timeout: 252 seconds]
<abathur>
anyone around? fishing for a little direction/troubleshooting on getting set up to hack on a project
acertain has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vA9pY
<NixOS_GitHub>
nixpkgs/master ec4f17c Milan Svoboda: kitty: 0.7.1 -> 0.8.0
<NixOS_GitHub>
nixpkgs/master 688aaf1 Ruben Maher: desmume: avoid errors with with -fpermissive...
NixOS_GitHub has left #nixos [#nixos]
schoppenhauer has joined #nixos
<abathur>
Mic92: fair
<abathur>
I've just typed it out a few times sans response, so trying to figure out if anyone's around first
<abathur>
in short-ish, I have a fork of doxygen that I was hacking on before I installed nixos, but which happens to have a nixpkg, and which I am trying to set myself up to continue on; I'm developing an experimental feature and iteratively testing it on the task of generating docs for another project
<Mic92>
abathur: you can use a nix-shell, if you need to work with forks of software. let give you an example
<abathur>
roughly the questions are 1.) I assume I should be (I am) trying to override the existing nixpkgs derivation for doxygen
muzzy__ has joined #nixos
<abathur>
2.) in terms of close build cycles, should I (as you say) be building in nix-shell and just using the local resulting binary, or be building with nix-build/env?
<abathur>
(I'll assume you just answered that one--it's what I've been trying)
<Mic92>
that allows you to specify all dependencies including your doxygen fork
<abathur>
and 3.) I've been getting a successful build within nix-shell, but then getting errors via nix-build on a missing sqlite3.h, despite including sqlite as a build input and declaring a cmake flag pointing at the correct sqlite3 includes path
muzzy_ has quit [Ping timeout: 256 seconds]
<abathur>
yeah, I've got a pretty simple one set up now, I may have to use a generic paste, not logged in on github on this system
<cmcdragonkai1>
What was the alternative to buildInputs?
<Mic92>
the latter question, I cannot answer without an example
<abathur>
I got the impression that the point of a nix-shell was that it wasn't actually going to build, so the build-inputs were what you'd actually have available internally?
<Mic92>
cmcdragonkai1: I think there was propagatedUserEnvPkgs. But this should be avoided usually
<Mic92>
runtime deps are usually expressed differently
<cmcdragonkai1>
buildInputs is apparently for runtime actually..
<Mic92>
for example by linking
<cmcdragonkai1>
The docs say it can be problematic in that when cross compiling, foreign executables can clobber native ones on the PATH
<Mic92>
cmcdragonkai1: buildInputs become runtime dependencies, if they are referenced in the file
<Mic92>
*package
<abathur>
*also not at all sure about my use of cleanSourceFilter, but any attempts to use nix-build were giving me grief about the old cMakeCache and cMakeLists files
<cmcdragonkai1>
So I have a package...
<cmcdragonkai1>
This package expects there to be commands avialable on the PATH
<cmcdragonkai1>
when it runs
<abathur>
and putting it in did get it to stop complaining (though it fails later on the sqlite3.h
<Mic92>
cmcdragonkai1: are you looking for nativeBuildInputs?
<cmcdragonkai1>
Should this other package which exposes the commands be `buildInputs` or `propagatedBuildInputs`?
<Mic92>
abathur: if you use nix-build with this file, you are building doxygen. Is this what you want?
<abathur>
at some point, though I'm not 100% sure if it's ideal that I just build/use it within a nix-shell or build it external to
<Mic92>
cmcdragonkai1: I think makeWrapper should work.
<Mic92>
abathur: personally I prefer nix-shell. I combine it with direnv to have my build environments at my fingertips
<abathur>
pre-nixos, basically, I hack a little on an experimental feature within my doxygen fork, rebuild, copy over the new binary, and run that binary to generate docs for a different project, then inspect the docs to see if they're matching what they should, and then iterate again
dnovosel has joined #nixos
muzzy__ has quit [Ping timeout: 276 seconds]
<abathur>
so my first intuition was to try nix-shell, but I wasn't sure if I was starting to grow beyond what it is designed for once I had to start manually referencing the produced binary by path
<ryantm>
It worked fine in my nix-repl tests though.
<ryantm>
Oops I mean, `nix repl`!
<Mic92>
ryantm: What was the substitute you have used before? Maybe there should be a fallback in case an older nix was used, something like builtins.splitVersion ? <fallback-expression>
<Mic92>
otherwise upgrading for some people might become painful
<Mic92>
I think we did this replacement also for other builtins
pikachurr has joined #nixos
<pikachurr>
hi
<pikachurr>
i am trying to update nixpkgs file for keepassxc, which is a password management software
<ryantm>
Mic92: ok
<Mic92>
ryantm: I thought borg was using nix 2.0 as well. Maybe I am wrong
<pikachurr>
the current version is 2.2.4 i think which does not support their latest database encryption
<Mic92>
abathur: I have an fix for you
<pikachurr>
i am trying to update 'version' and 'sha256' in nixpkgs but it always tells me the sha is wrong
<abathur>
if it doesn't work I may have another paste in a few
<blankhart>
is anyone aware of a haskell project using nix, with a ghcjs client + shared library, and a ghc server + shared library? the piece that is stumping me is how to set up a nix-shell for both the client + shared piece (or server + shared) since you can only have a single nix derivation to start the shell
<Mic92>
abathur: it did for me locally
<Mic92>
pikachurr: there is an open pr, you can adapt
<blankhart>
there seem to be very complex solutions (like the reflex platform) but i am looking for a minimal example
<pikachurr>
can someone tell me how do i get the correct hash
<Mic92>
abathur sorry, I cannot help you, I don't have your source.
<abathur>
nod
<abathur>
I don't think it should be the source, but I understand
<abathur>
doxygen changed make process back in 1.8.10, but nix stable is on at least 1.8.11, so the underlying process should be the same for my fork at .13, but not getting something hooked up right
jtojnar has quit [Remote host closed the connection]
<Mic92>
$NIX_CFLAGS_COMPILE is used to find header files
<Mic92>
sqlite should be in there
<abathur>
oh
<Mic92>
sqlite.h
<Mic92>
adding sqlite to buildInputs will also add it to NIX_CFLAGS_COMPILE
<abathur>
yeah, it seems to
<abathur>
when I wasn't trying to build within shell setup I could see it within the shell
<abathur>
it just isn't getting identified when it counts
<pikachurr>
Mic92 it builds, thanks
<abathur>
is it a given that the cMakeFlags var would for certainly be passed along?
<Mic92>
I don't understand
<abathur>
I assumed since the underlying derivation was already specifying cmakeFlags =
<abathur>
that adding to it is the correct idiom for adding additional flags to pass along?
<Mic92>
yes. but usually it should not be necessary to specify this manually. Also note, if you calling manually cmake, you have to add $cmakeFlags manually
<abathur>
hmm, that's a good question
<abathur>
how does the cmake cycle work when the shell derivation is specifying the build?
<abathur>
Maybe this is an incorrect path cached somewhere in cmake stuff? I'm just a cargo-cultist once it gets that far down
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 1 new commit to master: https://git.io/vA9hX
NixOS_GitHub has left #nixos [#nixos]
<Mic92>
usually sphalerite is doing that. But is still in early in the morning
<abathur>
despite my belief in santa, that didn't work either; running nix-build on your gist above now
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] CMCDragonkai opened pull request #36280: gpredict: Added hamlib to buildInputs to control radios, and wrapped … (master...gpredict) https://git.io/vA9h5
NixOS_GitHub has left #nixos [#nixos]
<Mic92>
then nix-build -I nixpkgs=$(realpath /path/nixpkgs/checkout) should do it
<abathur>
tarball did clear
<abathur>
bog
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vA9hb
<NixOS_GitHub>
nixpkgs/master 9449782 Peter Schuller: signal-desktop: 1.3.0 -> 1.5.2
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vA9jv
<NixOS_GitHub>
nixpkgs/master 30ba063 Roger Qiu: gpredict: Added hamlib to buildInputs to control radios, and wrapped with wrapGAppsHook to fix gnome errors
<mfiano>
Can anyone recommend me their favorite nixpkg for monitoring bandwidth on the cli?
<abathur>
Mic92: Copied your last gist, which got past nix-build, replaced pasted it in after `let doxygen = `, ran nix-shell, and built through clean to a nix-shell, though it still claims to be 1.8.14, and my fork's git describe is just 1_8_13-*
<Mic92>
mfiano: bmon
dnovosel has quit [Ping timeout: 245 seconds]
<mfiano>
Thanks. I've only ever known of nethogs, and was looking for alternatives
<Mic92>
I use nethogs too
<Mic92>
but it is more connection oriented
<mfiano>
What do you like about bmon?
<Mic92>
I use it for long-term statistics on a VPN server
<mfiano>
Ah, I like that bmon doesn't need root privs
gemishhood has quit [Ping timeout: 268 seconds]
prismate has quit [Quit: WeeChat 0.3.8]
jtojnar has quit [Remote host closed the connection]
<hyper_ch>
Hmmmmm, nixos unstable is more current than nixos-unstable small....
<abathur>
Mic92: not sure, but assuming my attempt to specify the sqlite3 include path was breaking it; in any case, that appears to have worked (cementing my cargo-cult membership)
<abathur>
Mic92: Thanks much for your time/help/patience
<Mic92>
another satisfied user
pikachurr has quit [Quit: leaving]
Fare has quit [Ping timeout: 252 seconds]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master fbaa334 Will Dietz: gecode_3: use bash to run "configure", fix error...
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 2 new commits to master: https://git.io/vA9j4
davidlt_ has quit [Read error: Connection reset by peer]
davidlt has joined #nixos
<mfiano>
Something in nixos is overriding the alias I have for `ls` in environment.shellAliases. It's setting `alias ls='ls --color=tty'` and that's not what I have in my config. Anyone know what/where that could be happening?
pie___ has quit [Remote host closed the connection]
pie___ has joined #nixos
shikiryogy has joined #nixos
acertain has quit [Ping timeout: 256 seconds]
jtojnar has joined #nixos
<shikiryogy>
Hi guys, pretty new to nixos. I want to install a newer version of a package, that I know is in master, but isn't in the stable version. What is currently to most painless way to do so?
<hyper_ch>
shikiryogy: maybe use unstable instead of stable
<mfiano>
shikiryogy: Check to see if it is in unstable. Unstable is pretty stable, as a lot of checks have to pass for it to become pushed for availability
<shikiryogy>
mfiano: we are talking about unstable-aarch64, right? It is in there. How to install only this specific package from there? I am talking about elixir 1.6, if it makes any difference.
<mfiano>
I was talking about the official nixos-unstable channel. I'm not familiar with the aarch64 channel.
<sphalerite>
yaaaaay finally managed to update my chromebook after more than a month xP
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master 9415c5f Franz Pletz: hashcat: 4.0.1 -> 4.1.0
<NixOS_GitHub>
nixpkgs/master 175e2a4 Franz Pletz: altcoins.dero: 0.11.3 -> 0.11.5
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] fpletz pushed 2 new commits to master: https://git.io/vAHfx
Itkovian has joined #nixos
<chocopuff298>
sphalerite, gchristensen: just a quick update, I realized recently that I might be too young to participate in GSoC rip, but I'll definitely still play around with the idea over the summmer
chocopuff298 is now known as chocopuff
<chocopuff>
I only turn 18 a few weeks into the program
Itkovian has quit [Client Quit]
<hyper_ch>
back in the day, when I was 18, there was no GSoC
<sphalerite>
aw, that's a shame
<sphalerite>
next year! :)
<chocopuff>
it's alright! Don't need GSoC to still work on FOSS!
<chocopuff>
and yeah, next year too!
<hyper_ch>
sphalerite: you need to fix unstable small... it's not advancing
<sphalerite>
hyper_ch: why don't you :)
<mfiano>
yay for unstable being caught up again
<hyper_ch>
because your github/nix/nixos fu is so much stronger than mine
<hyper_ch>
(and I have no idea why it's not advancing)
<hyper_ch>
mfiano: I still need one commit into unstable - tmux fix
<mfiano>
Oh yay. Updated to unstable and my bootloader is broken now and can't reboot
<mfiano>
error: file '/root/boot/grub/i386-pc/normal.mod' not found.
<mfiano>
grub rescue>_
<hyper_ch>
I also just "downgraded" from unstable small to unstable and grub was not broken for me
<mfiano>
Yeah something is suspicious about that /root/ directory prepended
<mfiano>
I'm not sure how to boot to fix it though
<hyper_ch>
you probably just did it wrong
<hyper_ch>
mfiano: live cd :)
<mfiano>
I hope not. This hardware would take hours to fix that then
<hyper_ch>
rollback your zfs snapshot
periklis has joined #nixos
Itkovian has joined #nixos
<sphalerite>
mfiano: you should be able to fix it from the live system without nixos-install
<mfiano>
sphalerite: Well I did `grub-install --recheck --root-directory=/mnt /dev/mmcblk0` from the live system and it got my grub menu back, but booting kernel panics with "Attempted to kill init!"
<mfiano>
sphalerite: What did you have in mind that isn't nixos-install?
<sphalerite>
well it sort of is nixos-install but it won't need to build your system — nixos-install --chroot, then nixos-rebuild boot
<mfiano>
hmm?
<mfiano>
i'll read about that flag
<sphalerite>
nixos-install --chroot basically gives you a shell in the installed system
<sphalerite>
mfiano: if you want to switch to unstable, try building another unstable configuration *then* a stable one again (both times with nixos-rebuild boot, not switch)
<sphalerite>
then try selecting the unstable one from the bootloader and see if it works
<mfiano>
This wasn't an issue with switching to unstable. This was an issue of not having /boot mounted when I did the rebuild :/
<mfiano>
so it wrote the MBR but not the data
<mfiano>
(this machine doesn't support EFI...well it does but locked down with no CSM)
<sphalerite>
aaah
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<sphalerite>
wait but if it has no CSM then how are you booting grub-pc?
<sphalerite>
wtf… warning: substituter 'local' does not have a valid signature for path '/nix/store/zk4ghyk5zpklknw73nc6visxxf1hnz4b-file-5.32'
<mfiano>
well it lets me switch to legacy, but using EFI just presents this fancy gui on boot with "No disk"
<sphalerite>
ah so it does have the CSM but doesn't let you do anything with the actual EFI
<mfiano>
Ok, so I rebuilt unstable with boot mounted this time...and i have a lot of text about wpa_supplicant erroring
<mfiano>
the systemd service that is
<sphalerite>
you used switch rather than boot?
<mfiano>
yeah oops
<sphalerite>
yeah I don't recommend switching across long version distances
<sphalerite>
but what are the errors?
<mfiano>
something happened. my /home is now empty...and it's not even another partiiton
<mfiano>
I'll take a picture
<sphalerite>
Oh you know what? It's quite simple. The laptop is possessed.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 4 new commits to master: https://git.io/vAHkM
<NixOS_GitHub>
nixpkgs/master a2b8d8f Vladimír Čunát: nixos/pump.io: also comment-out the uid
<mfiano>
yeah i should. i also want to learn luks for this device
<mfiano>
but right now i just want to boot to configure some other stuff first
<sphalerite>
do you need unstable for a partiuclar reason?
<MichaelRaskin>
mfiano: if documentation conveys the PAIN properly, it can still save some people — at least from trying, or maybe even from buying this specific model.
<mfiano>
yeah, because the rest of my imported config files use options that have changed since stable...and also some stuff i can't build on stable that i need
<mfiano>
MichaelRaskin: Point taken. It really depends on how sickened I am with this hardware by the time I either get it working correctly, or throw it in the garbage
<mfiano>
it's showing 1 partition that is the size of the disk, that has EFI GPT next to it...not the size of any of the partitions
<mfiano>
but fdisk looks fine on the chrooted livecd
<sphalerite>
try writing a file full of zeros on the filesystem in the first partition
<sphalerite>
until it's full
<sphalerite>
and then removing the file, then running fdisk on it again
<mfiano>
If I do that I'll be back to 3 days ago trying to get this hardware running, and the installer takes ages in tmpfs on this thing
<ottidmes>
My NixOS configuration is divided in multiple shared projects, so hostX includes configs from e.g. sharedA and sharedC, where sharedC refers to sharedB, what I run into with this approach though, is that in Nix everything is fully evaluated, you cannot access a value as it is at that point in the config, which makes sense, but it is problematic when I want to share library functions between those projects. If
<ottidmes>
I add a libs attrset to my nixpkgs overlay and have each of those sharedX projects add their relevant functions, when using libs, it wants to evaluate to contains all overlayed libs
<ottidmes>
Which causes infinite recursion
jorge-jbs is now known as ElGoreLoco
<sphalerite>
mfiano: no, I don't mean overwriting any important data
<sphalerite>
mfiano: I just mean zeroing the unused bits of the first partition
<sphalerite>
so mount /dev/mmcblk0p1 /mnt ; dd if=/dev/zero of=/mnt/zeros ; rm /mnt/zeros ; umount /mnt
<sphalerite>
then run fdisk on it again
<mfiano>
Oh you mean my 2mb bios boot partition, not the 1st partition that fdisk in debug1mounts is wrongly reporting as the full disk
<ottidmes>
I know of a solution, just being explicit of every intermediate libs, so dont extend libs itself in each overlay of those shared projects, but just be very explicit about extending and naming the intermediates, so I can safely use the intermediate libs values
<ottidmes>
I was wondering, are there any better ways?
<sphalerite>
mfiano: oh it's a bios boot partition? Yeah no do it with the first filesystem one
<mfiano>
the first is a vfat partition
<ottidmes>
sphalerite: mfiano: Doesn't gdisk have a option for that in advanced mode, to purge the GPT safely
<ottidmes>
sphalerite: expert mode with x, and then z: "Zap (destroy) the GPT data structures and exit."
<mfiano>
"Found valid GPT with protective MBR; using GPT"
rosa has joined #nixos
<sphalerite>
oh so the partitions are defined in the GPT?
<sphalerite>
Yeah then don't do that xD
<mfiano>
hmm?
<mfiano>
says MBR is protective, and GPT is present
<ottidmes>
mfiano: but you should read the manpage about it, it can potentially harm an existing mbr partition table
<sphalerite>
and the partitions are defined in the GPT, right?
<mfiano>
fdisk says it's GPT, yes
<sphalerite>
so where are you getting the one big partition again?
<mfiano>
I told you, that's only fdisk inside boot.debug1mounts
<mfiano>
not in the livecd or chrooted system
<sphalerite>
aaah right
<sphalerite>
that's probably busybox's fdisk and doesn't support GPT
rosa has quit [Client Quit]
<sphalerite>
so it's normal behaviour
<mfiano>
so right now i'm chrooted into my root from the livecd and ran gdisk. it's telling me the GPT is present and MBR is protective. Not sure what that means or what to do :)
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] shlevy opened pull request #36287: lib/tests: Add check-eval.nix to run simple tests. (master...lib-tests-default) https://git.io/vAHqs
NixOS_GitHub has left #nixos [#nixos]
<sphalerite>
me neither, but we've determined that the one-big-partition thing was a red herring :p
<mfiano>
ok well i just built stable and added it as a boot option
<mfiano>
let me see if that still works heh
michas_ has joined #nixos
<mfiano>
nope
<mfiano>
Attempted to kill init!
<sphalerite>
and you had mounted /boot when rebuilding right?
<mfiano>
yes. to be honest at this point i have the needed legacy boot files on the correct boot partition AND on the root partition at /boot
<mfiano>
just to be sure
Itkovian has joined #nixos
<mfiano>
i think i see what's going on
<mfiano>
one moment
<mfiano>
Yeah I see the problem and it explains a lot
<sphalerite>
well? The suspense is killing me? :p
<mfiano>
My store is located on the btrfs root sub-volume. At some point my config changed and it's mounting a nix-store sub-volume on top of that, which explained why the store was empty.
<sphalerite>
aaaaah
<mfiano>
I'm transferring like 10gb over to the nix-store subvolume
<mfiano>
Once again, I'm dumb
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] jfrankenau opened pull request #36288: scantailor-advanced: init at 1.0.12 (master...init-scantailor-advanced) https://git.io/vAHmW
NixOS_GitHub has left #nixos [#nixos]
abathur has quit [Ping timeout: 265 seconds]
<mfiano>
sphalerite: Thanks for the help. That fixed it
<mfiano>
booted into unstable
<sphalerit>
AAaah wtf my OOM killer is going berserk
<avn_>
folks, what is closure-info, and why it failed to build on some .attrs.sh? (today's master)
<manveru>
in the user systemd it's `unix:path=/run/user/1000/bus`, but should be `unix:abstract=/tmp/dbus-gRMDpUXoXb,guid=70de431e958e1b32afd26cf65a9ac94a`
clefru has joined #nixos
<manveru>
now i just need to figure out where this is set...
<risci>
how do i install updates to applications that are not yet in the nixpkgs repo
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] grahamc deleted revert-36278-revert-36119-maintainer-reformat at ddfff8c: https://git.io/vAHYh
NixOS_GitHub has left #nixos [#nixos]
<risci>
the application in particular is 'keepassxc' and i need version 2.3.0
<risci>
the part of building the updated application is done. But the system won't add it to the PATH
boxofrox has quit [Ping timeout: 256 seconds]
<ottidmes>
risci: You could modify the package in a local nixpkgs checkout, or you could overwrite the package in with an overlay (nixpkgs.overlays = [ (self: super: { package = super.callPackage ./path/to/updated/copy/of/package/description { }; }) ])
<typeggzero>
how can I use my wacom tablet, it need kernel 4.14. My problem is that release 17.09 has only 4.13 supported. And I can't use unstable because of the nvidia graphics card.
<ixxie>
so, my device won't mount on any of my profiles (or at least the handful I checked)
<sphalerite>
typeggzero: pretty sure you can get 4.14 on 17.09
<ixxie>
sphalerite: now it just tells me 'an error occured at stage 1 of the boot process, which must mount the root filesystem on /mnt-root' but this time it gives me the option to launch an interactive shell
<ottidmes>
risci: But the example I gave with nixpkgs.overlays would have gone in you configuration.nix (i.e. your Nixos configuration), but as you can read in the manual, there are multiple locations where you are able to extend nixpkgs, just know that if you extend it in your NixOS configuration, your extensions will only be available within your NixOS configuration, so if you expect to install it with nix-env, you
<ottidmes>
will not get the update
<typeggzero>
if I upgrade with that line, do I get the 4.15?
<sphalerite>
ixxie: yeah. Check /dev/ to see if the device is in fact there
<sphalerite>
typeggzero: yes
<typeggzero>
perfect ty
<ottidmes>
typeggzero: You might still want to use 4.14, since it is an LTS release, you would do that with: boot.kernelPackages = pkgs.linuxPackages_4_14;
<risci>
i do want to be able to receive future updates from official repo, it's just this time i need to skip ahead
<risci>
thanks, the links are useful
<mfiano>
anyone familiar with wpa supplicant? trying to run wpa_cli and it says it cant connect to wpa supplicant
<typeggzero>
ottidmes: ty, I will adjust my config to 4.14
<sphalerite>
well that's the thing, DHCP isn't wpa_supplicant's responsibility
<mfiano>
Right
<sphalerite>
you'd need to make dhcpcd running conditional on the network that you're on or something, and I don't know how you'd fetch that information
coot_ has joined #nixos
<mfiano>
why can't this be like netctl :/
<sphalerite>
or maybe you can make dhcpcd set a static IP address until it gets DHCP… or something… idk
<mfiano>
it let me connect to wifi with static or dhcp
coot has quit [Ping timeout: 256 seconds]
<sphalerite>
you can do that with network-manager
<mfiano>
I didn't see a way.
gemishhood has quit [Ping timeout: 268 seconds]
<sphalerite>
enable network-manager, run nmtui, and it will let you edit each connection's settings
niklob has joined #nixos
<mfiano>
I assume I can still use wpa_supplicant with it so that I can roam to different networks automatically?
<sphalerite>
network-manager does the roaming for you
<sphalerite>
and you cna prioritise networks with it too I *think*
<mfiano>
Ok, a little heavy weight but if nothing like netctl exists for NixOS I'm fine with it if it works
<sphalerite>
if you use network-manager you shouldn't touch wpa_supplicant yourself
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] xeji opened pull request #36292: [WIP] xen: add v 4.10 (master...xen-4-10) https://git.io/vAH34
NixOS_GitHub has left #nixos [#nixos]
<mfiano>
Ok
robstr has joined #nixos
Supersonic has quit [Quit: Bye]
Supersonic has joined #nixos
<sphalerite>
fetchzip is the canonical way in nixpkgs of fetching a possibly non-deterministic tarball with deterministic contents, right?
<mfiano>
sphalerite: Well network-manager works, but when I disconnect from my home network, it's not connecting to my phone's hotspot. i have to specifically tell it to
<MichaelRaskin>
I would look at fetchTarball first
niklob has quit [Ping timeout: 240 seconds]
<lejonet>
Hmm, is there a generic "create a file at /path/to/file and give it this content: ''content'';" for nix, similar as to environment.etc?
<sphalerite>
mfiano: if you manually disconnect?
<sphalerite>
MichaelRaskin: isn't that the built-in one that only supports passing a hash in 2.0?
<sphalerite>
lejonet: no
cross has joined #nixos
coot_ has quit [Ping timeout: 256 seconds]
<MichaelRaskin>
Hm
<lejonet>
sphalerite: That kindof sucks, would be neat to put stuff that isn't in /etc with the config too
robstr has quit [Remote host closed the connection]
<MichaelRaskin>
We do have builtins shadowed by nixpkgs-defined fetchers, but apparently fetchTarball is builtin-only, my bad
robstr has joined #nixos
<MichaelRaskin>
Hm, fetchzip isn't zip-specific, it just happens to enforce zip support.
<sphalerite>
lejonet: the thing is that stuff that relies on paths in arbitrary paths in the filesystem isn't really great. If it's config, it should be in /etc and if it's state it's not nixos's job to manage it
<mfiano>
sphalerite: Ah yeah, if i manually deactivate a connection in nmtui it doesn't hop over to the other one, but if a hotspot goes down, then it does
<lejonet>
sphalerite: tho I guess that is due to the fact that nix wants stuff in /nix/store, and putting stuff that aren't directly nix-related there would odd
<mfiano>
heh...i suppose that is usable, though unfortunate
<sphalerite>
mfiano: yep
<lejonet>
sphalerite: Mhm
<mfiano>
nothing like what i was spoiled with on Arch though
<ottidmes>
lejonet: And then there is of course home-manager, which obviously limits itself to the home directory, but that might be enough for your use case
<lejonet>
ottidmes: Yeah, seeing as there is a builtin toFiles and such, creating a module for it wouldn't be that hard
<lejonet>
ottidmes: Nah, home-manager wouldn't work in this case, but it was merely a wondering, because I can also add stuff directly in the config instead of relying on a file and I'll just do that instead
<lejonet>
(I'm configuring logstash and was thinking that either I use the list type of translations or use nix to put a yaml file with the translation somewhere, so just going to do the former)
robstr has quit [Ping timeout: 256 seconds]
<sphalerite>
lejonet: that sounds like static stuff which can live in the nix store
Mateon1 has quit [Quit: Mateon1]
<lejonet>
sphalerite: in theory yes, and I guess I could put the file in /etc, dunno why that didn't cross my mind :P
<ottidmes>
lejonet: I have plenty calls to files outside of the nix store in my configuration, e.g. private keys and such, which you generally do not want in your store, but I have to rethink that approach a bit, because I now have too much files outside the nix store, causing e.g. my custom installer to complain that it cannot find certain files (the absolute paths that is pointed to, doesnt exist on the installer)
<sphalerite>
lejonet: so you'd just generate logstash's config using nix, and stick translations: ${pkgs.writeText "translations.yaml" ''contents go here''} in it or something
Mateon1 has joined #nixos
<lejonet>
sphalerite: the conf supports defining a dictionary in the logstash conf directly too, so I'll just do that so :)
<lejonet>
ottidmes: yeah, secret management is a tad harder, but if you use nixops, it has a system for that (I'm using nixops)
<ottidmes>
lejonet: sphalerite: you can also just point to translations.yaml in the dir local to your config, ${./translations.yaml} will generate a copy in the nix store
<michas_>
Hi, What exactly is the difference between `nix-env -i` and `nix-env -iA`? How do I find out the valid arguments in both cases? (is there any good documentation about that topic?)
<ixxie_>
yo! So, where should I put a web application's running environment in a NixOS server? /var/www or /srv?
<ixxie_>
or maybe even /var/srv
<sphalerite>
up to you really
<sphalerite>
we don't follow FHS anyway :p
<ixxie_>
sweet
<gchristensen>
tbh most of my sites' content doesn't change and so they live in the nix store
<sphalerite>
not to say that FHS is a bad idea. So maybe /var for statey stuff
<sphalerite>
yeah and the nix store for static stuff!
<risci>
i think i am not supposed to input whole package.nix configuration in an overlay.
<michas_>
sphalerite: Thanks. But I think I am still missing some basic background to really understand this. What is the difference between a package and an attribute? Where in nixpkgs do I find those things?
<sphalerite>
michas_: the nix pills might be a good read if you want an in-depth introduction to it
<nick_l>
Are aws instance profiles supposed to work on nixops deployed machines? Do I need to install something to make them work? I can see that the instance has an instance role associated with it, but it doesn't seem to have any impact.
<clefru>
michas_: I usually run "nix-env -qaP > /tmp/allpkgs". this gives me all attributes (-iA) and all package names (-i) to search through
niklob has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] sjau opened pull request #36293: sqlite: Raising max variable number and max expr depth values (master...master) https://git.io/vAHGi
<gchristensen>
ideally we'd have a nixpkgs impl of splitVersion for when builtins doesn't have it
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Mic92 opened pull request #36294: primecoin: remove as it seems no longer maintained (master...primecoins) https://git.io/vAHG9
NixOS_GitHub has left #nixos [#nixos]
<ryantm>
gchristensen: Ok. That's what Mic92 said I should do too.
<gchristensen>
cool
azdle has joined #nixos
<gchristensen>
I think it is helpful to have this check on the old nix actually... though I'm not sure how to maintain that long term
<Mic92>
there is nix1 still in the repo
<gchristensen>
by the way, I'm likely to be taking down ofborg for a couple hours today to migrate it to a new home
<gchristensen>
it could be done in zero downtime, but that would require far more time than I want to devote to that
<Mic92>
will the queue be still filled?
<gchristensen>
yeah, it'll still queue the work and it'll pick the jobs up again at the end
<hyper_ch>
the end is neigh :)
risci has left #nixos [#nixos]
<ryantm>
Mic92: I'm not familiar with using the ? operator. Do I need to do `if builtins ? splitVersion then builtins.splitVersion else lib.strings.splitString ".";` or is there a more concise way of using it?
<sphalerite>
ryantm: `builtins.splitVersion or lib,strings.splitString "."`
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] dywedir opened pull request #36295: feh: 2.24 -> 2.25 (master...feh) https://git.io/vAHZk
NixOS_GitHub has left #nixos [#nixos]
<hyper_ch>
so, I wonder when my super important PR gets merged :)
prismate has joined #nixos
<ryantm>
sphalerite: thanks!
prismate has left #nixos ["WeeChat 0.3.8"]
<Mic92>
sphalerite: (builtins . splitVersion or (bar: ["1" "2"])) "1.2"
<Mic92>
ah, you got your answer already
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] Ma27 opened pull request #36296: nixos/gnome-keyring: add option to enable the daemon as systemd service (master...run-gnome-keyring-independently) https://git.io/vAHZz
NixOS_GitHub has left #nixos [#nixos]
<sphalerite>
why are so many of my store paths corrupted D:
<lejonet>
sphalerite: Gone over to the dark side, they has
<hyper_ch>
sphalerite: you did it wrong
<hyper_ch>
do you use zfs?
abathur has joined #nixos
<sphalerite>
hyper_ch: usually, yes. On my chromebook, where all the corrupted paths are, no.
<hyper_ch>
"this wouldn't have happened with zfs" :)
<sphalerite>
I also wouldn't have any RAM left with zfs :)
coot_ has quit [Quit: coot_]
<hyper_ch>
just put in 2x 16GB sticks and you're all set
<sphalerite>
the RAM is soldered on
abathur has quit [Client Quit]
<hyper_ch>
unsolder it :)
<sphalerite>
I might be able to fit two RAM sticks in the case, but they're not going to do much there.
<ottidmes>
I am always confused with all the different locations where to put things like env variables or other init scripts. I just ran into the problem that an env var was not set when I ran a script as root, so is my understanding correct that without `sudo -E` I will have add the variables I want to be always available via environment.sessionVariables instead of environment.variables?
typeggze1o has joined #nixos
<ottidmes>
Eh, "when I ran a script as root" I meant "when I ran a script with sudo"
<sphalerite>
michas_: -f '<nixpkgs>' -iA rkt for maximum portability, but yes nix-env -iA nixos.rkt should work too
<ottidmes>
michas_: Do yourself a favor and just add environment.shellAliases.nix-env = "nix-env --file '\\''<nixpkgs>'\\''"; in your configuration.nix
<ij>
How do I make `nix repl' evaluate my result, e.g. [ [1] [2] ], fully?
<sphalerite>
ij: --strict
<nick_l>
michas_: their command is wrong inded
<sphalerite>
oh wait in the repl
<ij>
nix repl rocks btw
<sphalerite>
ij: :p it
<nick_l>
michas_: it's great when people put untested commands in documentation.
<ottidmes>
ij: One way would be to do: builtins.toXML or toJSON
<ij>
nice
<michas_>
nick_l: maybe they first set the alias ottidmes suggested.
<nick_l>
michas_: that would still be a mistake.
<ij>
sphalerite, Where did you find that doe?
<sphalerite>
ij: :h
<sphalerite>
err :?
<sphalerite>
and I found :? because it prints "Type :? for help." when you start it
Guest1991 has quit [Quit: WeeChat 2.0.1]
<ij>
I should've hesitatated and thought before reaching the channel. I could've found it.
<symphorien>
michas_: I don't know anything about rkt but I seems like something requiring a service, so a module : https://nixos.org/nixos/options.html#rkt so they probably should recommend to enable the service instead
<sphalerite>
ij: :p
<ij>
sphalerite, yeah, :p works
hamishmack has quit [Quit: hamishmack]
<sphalerite>
oh dear, that was supposed to be a smiley
<ij>
pun intended
<sphalerite>
xD
aminb has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master f62131c Tim Steinbach: linux: 4.9.85 -> 4.9.86
<NixOS_GitHub>
nixpkgs/master 3bc423a Tim Steinbach: linux: 4.4.119 -> 4.4.120
<NixOS_GitHub>
[nixpkgs] NeQuissimus pushed 3 new commits to master: https://git.io/vAHcL
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 4eb7945 Tim Steinbach: linux: 4.14.23 -> 4.14.24
hamishmack has joined #nixos
Drakonis[m] has quit [Changing host]
Drakonis[m] has joined #nixos
Drakonis[m] has joined #nixos
raynold has quit [Quit: Connection closed for inactivity]
<genesis>
i move my binary from /bin to a /usr/share/mame/ and now it failed to find libSDL2-2.0.so.0 , can i come from a behaviour of nix-env that doesn't do magic when not in bin ?
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] fpletz pushed 2 new commits to master: https://git.io/vAHWT
<NixOS_GitHub>
nixpkgs/master f51d9e3 Franz Pletz: Merge pull request #36298 from bachp/gitlab-runner-10.5.0...
NixOS_GitHub has left #nixos [#nixos]
<sphalerite>
genesis: neither of those sound like nix store paths.
<michas_>
symphorien: Thanks, good point. fixed.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master 440c24e Franz Pletz: prometheus-alertmanager: 0.13.0 -> 0.14.0
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] fpletz pushed 1 new commit to master: https://git.io/vAHWI
<genesis>
sphalerite : only sdl2 on 75 shared library is not found, btw i can show you the derivation i try
<sphalerite>
genesis: oh, it wouldn't be nix-env, but stdenv does patch executables in $out/bin and not in $out/share to have the RPATH for finding their library dependencies
<genesis>
yes, but it's ambigous when it shrink it "shrinking /nix/store/csji3s9dncmkljdk7iigba5288ync9sv-mame-0.195/usr/share/mame/amstrad64"
acertain has joined #nixos
<sphalerite>
try putting it in $out/libexec instead
<sphalerite>
also usually we don't have $out/usr/share, but $out/share
<genesis>
yes, i donno well about how is organise filesystem on nixos, i need the binary in the directory since it searsh in it, that's why arch use kind of wrapper too
mbrgm has joined #nixos
<sphalerite>
I was under the impression that it took a bunch of options telling it where to look for stuff?
<sphalerite>
As opposed to searching wherever it lives
<genesis>
i'm not very satisfy, in fact, this wrapper try to ignore mame.ini complexity forcing path at cmdline
<genesis>
on gentoo they generate a config and fix it, but in both case, it will not work on a nix system
jqtrde has joined #nixos
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
ThatOtherGuy has quit [Ping timeout: 248 seconds]
<bgamari->
has nix ping-store smply not made it into the nix available in nixpkgs yet?
alex`` has quit [Quit: WeeChat 2.0.1]
<mkaito>
I'm writing a package for a java servlet, that should just download the .war file and put it in the nix store, so I can later reference it in services.tomcat.webapps. Do I use mkDerivation? If so, how do I tell it to just do nothing and just download?
<mfiano>
Is there an easy way to declaratively define github's public keys for known_hosts?
<blankhart>
is the difference in terminology between "overlay" and "override" that the overlay is the function, and the override is the attribute?
<ottidmes>
mfiano: I was wondering something similar, haven't tried it yet, but I guess we should be able to get it to work with the GlobalKnownHostsFile ssh option in programs.ssh.extraConfig and assign it: /etc/ssh/ssh_known_hosts /etc/ssh/github_known_hosts, for example
<blankhart>
or is it that overlay is used to refer to modification of package sets, and override is used to refer to modification of individual packages
<symphorien>
blankhart: I would rather say the second
yann-kaelig has left #nixos [#nixos]
<blankhart>
thanks
NixOS_GitHub has joined #nixos
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 9dc62dd obadz: Merge pull request #36272 from obadz/nixos-lustrate-doc...
<NixOS_GitHub>
nixpkgs/master 7af0aa8 obadz: nixos doc: document the installation process from other distros as well as NIXOS_LUSTRATE
<NixOS_GitHub>
[nixpkgs] obadz pushed 3 new commits to master: https://git.io/vAH48
<NixOS_GitHub>
nixpkgs/master 80ea345 obadz: nixos-enter: specify absolute path to bash...
mizu_no_oto has joined #nixos
kelleyNif has joined #nixos
nuncanada has quit [Read error: Connection reset by peer]
robstr has joined #nixos
mizu_no_oto has quit [Client Quit]
fendor has joined #nixos
Itkovian has joined #nixos
Itkovian has quit [Client Quit]
<blankhart>
i suppose an "overlay" can also add new packages without overriding anything
<symphorien>
yes
<clever>
it can even be used to just store generic strings or any other nix value inside the pkgs set
<ottidmes>
I use it to store my libs for example
<clever>
ive also seen overlays/overrides used to set pkgs.unstable to contain the entire nixpkgs from the unstable channel
<clever>
so pkgs.hello is the stable version and pkgs.unstable.hello is unstable
<ottidmes>
yep, got that too, if you do, make sure to pass a config explicitly if you do not have NIXPKGS_CONFIG set, if you e.g. want to allow unfree packages
<clever>
pkgs.config is the config from the parent of the overlay
<clever>
so you could do self: super: { unstable = import <unstable> { config = self.config; }; }
<clever>
then it will always be whatever config the nixpkgs it came from is using
<ottidmes>
clever: Which could be a feature, or asking about problems, if you still use packageOverrides, you probably do not want to do that
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] vcunat pushed 2 new commits to master: https://git.io/vAH4x
<NixOS_GitHub>
nixpkgs/master 498374a Vladimír Čunát: Merge #35554: nixos/opengl: unhide and document
NixOS_GitHub has left #nixos [#nixos]
<clever>
yeah, both sets of packages will have the same packageOverrides
<ottidmes>
clever: But to have a consistent nixpkgs config throughout your system, you would still need NIXPKGS_CONFIG right? If you want nix-* to use the same
<clever>
ottidmes: you can just do nixpkgs.config = /home/clever/.config/nixpkgs/config.nix; in configuration.nix
<ottidmes>
clever: But then what about root, I guess you could use symlinks to work around that
<ottidmes>
I will just stick with NIXPKGS_CONFIG for now, needs less work
<clever>
i have ran into nasty problems before when the file behind $NIXPKGS_CONFIG was made, and i hadnt seen the option before
<clever>
nixos just entirely ignored config.nix with no obvious cause
<blankhart>
if anyone else comes in here with a question like the one i asked last night, i think the answer is https://github.com/basvandijk/nix-workshop - it even uses miso, but doesn't seem to be widely linked yet
civodul has joined #nixos
<lassulus>
is there a way, for nixos-rebuild switch, to abort if stuff gets build locally?
<vcunat>
ctrl+c :-)
asuryawanshi has joined #nixos
<vcunat>
Currently nix can't really differentiate simple builds (e.g. just creating config files) from "real" builds.
asuryawanshi has quit [Remote host closed the connection]
<sphalerite>
lassulus: you can prevent stuff from being built locally at all using --max-jobs 0
<mfiano>
Would someone mind trying to reproduce a bug for me?
<MichaelRaskin>
Really depends on the kind of the bug
<i-am-the-slime>
I don't really know what these numbers mean
<i-am-the-slime>
Can I check for the relevant versions and tell you?
<elvishjerricco>
Hm -i doesn't seem to work in `nix run`. It fails with `unable to exec 'bash'`
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master 431d05c Daniel Frank: burp 2.1.28 -> 2.1.30
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vAHRx
<vcunat>
if you're on recent unstable, it will be 17.3.3
<vcunat>
but I don't know how that Intel regression was supposed to manifest
<earldouglas>
Is there a way to get the working directory in a derivation? I need to override a make flag with the temp dir of the build.
<i-am-the-slime>
If I use glx with compton I get some slowness from time to time
<i-am-the-slime>
so I went back to the derault which is xrender I think
fez has joined #nixos
<mfiano>
How would I concatenate a new line into services.xserver.displayManager.sessionCommands that was previously defined in another file that I import?
<coconnor>
earldouglas: are you looking for "NIX_BUILD_TOP contains the path of the temporary directory for this build."
<i-am-the-slime>
vcunat: I think under KDE I can run two monitors quite fine.
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vAH0F
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master 6f07315 Anders Kaseorg: Give working advice for running nix-prefetch-url...
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vAHEv
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] ElvishJerricco opened pull request #36300: LightDM: Set default user session when possible. (master...lightdm-default-user-session) https://git.io/vAHEJ
<i-am-the-slime>
So some people are using xmonad and multiple screens?
NixOS_GitHub has joined #nixos
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 8b07381 Ruben Maher: gnome-3: remove ibus from corePackages...
<NixOS_GitHub>
[nixpkgs] jtojnar pushed 1 new commit to master: https://git.io/vAHE7
robstr has quit [Remote host closed the connection]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vAHEA
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master f81e87b Ryan Mulligan: openimageio: 1.7.17 -> 1.8.8...
MP2E has joined #nixos
asuryawanshi has joined #nixos
PMS has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz closed pull request #33731: nixos/gnome3: use ibus from i18n.inputMethod (master...gnome3-fix-ibus) https://git.io/vNOiZ
NixOS_GitHub has left #nixos [#nixos]
robstr has joined #nixos
<obadz>
ryantm: incredible what you did with repology!
<samueldr>
with the nixos options system, is there a way to "lib.mkForce" remove a submodule? setting it to null (obviously?) doesn't work as null isn't a submodule
asuryawanshi has quit [Ping timeout: 240 seconds]
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to master: https://git.io/vAHu3
<NixOS_GitHub>
nixpkgs/master 08ce0ff Ryan Mulligan: sabnzbd: 1.2.1 -> 2.3.2...
NixOS_GitHub has left #nixos [#nixos]
<joko>
i-am-the-slime: I am using xmonad on a dual monitor setup in office
<tnks>
What's Hydra's approach to distributing a cache across multiple nodes?
<tnks>
I think I figured out my problem. I think sandboxing was doing it's job and preventing a configuration file from being visible to the nix-daemon.
<blankhart>
i'd think of an expression as in other functional languages as consisting of either data or a function; a string, list, attrset would come under data. the only thing it can't be is a procedural statement
<blankhart>
one of the confusing things to me as a beginner is the proliferation of semicolons in an expression-based language (contrasting Haskell/Scala)
endformationage has joined #nixos
BlessJah has joined #nixos
<blankhart>
the use of colons to demarcate function arguments also seems to me an odd choice because it resembles the syntax for declarative definitions of attributes
<symphorien>
then yes when you `import ./foo.nix` you get only one value
<blankhart>
got it, thanks - yeah `import` is what i was thinking about
i-am-the-slime has quit [Remote host closed the connection]
<rycee>
manveru: In hm I've tried to work around this as much as possible but some breakage may occur especially with services started through dbus activation.
johnsonav has left #nixos ["ERC (IRC client for Emacs 25.3.1)"]
<clever>
tnks: for the nixos cache, yeah
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to staging: https://git.io/vAHgu
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/staging 3734c63 Ryan Mulligan: libkate: 0.3.8 -> 0.4.1...
<clever>
but if somebody was garbage collecting their own cache, and the build was not bit-for-bit reproducable, the narhash would come out different, resulting in a new signature for the new nar
m0rphism has joined #nixos
<clever>
cache.nixos.org lacks garbage collection, so that cant really happen
<i-am-the-slime>
What do I need to do to make QT applications use the Breeze theme when I'm not running KDE?
<clever>
tnks: basically, its a transparent http proxy for binary caches, with support to query several caches behind the scenes
<i-am-the-slime>
I could configure the gnome stuff with lxappearance
<sphalerite>
mfiano: I think it's intended to only be used overridden, like polybar.override {i3Support = true;}
<clever>
tnks: so you fire up a cache-cache instance, put it into your binary-caches list, and it will proxy all requests upstream, and cache all replies
muzzy__ has quit [Ping timeout: 240 seconds]
<clever>
tnks: currently, it can only cache the narinfo files
<tnks>
nice.
<mfiano>
sphalerite: I see, thanks
spear2 has joined #nixos
<tnks>
okay, wife exploding now... I'll try to look at logs if someone has the answers to all my problems.
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz pushed 1 new commit to staging: https://git.io/vAHaM
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/staging b0ff7ca Ryan Mulligan: http-parser: 2.7.0 -> 2.8.0...
<mfiano>
sphalerite: `nixpkgs.config.polybar = pkgs.polybar.override { i3Support = true; }` should this work?
<joko>
mfiano: where do you have polybar in your configuration?
<sphalerite>
mfiano: no. Put `(polybar.override {i3Support = true;})` in your systemPackages or your user profile expression
<sphalerite>
or polybar = super.polybar.override {i3Support = true;}; in an overlay
<jtojnar>
coconnor: but it is quite simple to follow, it just traverses the selected packages and if they have updateScript attribute, it will run the script
<ma27>
jtojnar: what I did solved my issue between IntelliJ and their native keychain implementation. I'll have to confirm that the PAM method works as well (wasn't aware of it, can test it tomorrow), then I'd close my PR :)
<jtojnar>
ma27: if it works, I think it would be preferable to adding another service
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
nixpkgs/master 75d4499 Luka Blašković: openresty: 1.9.3.1 -> 1.13.6.1 (#36289)
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
[nixpkgs] Mic92 pushed 1 new commit to master: https://git.io/vAHwb
<ma27>
jtojnar: ACK, will have a look at it tomorrow
asuryawanshi has joined #nixos
Myrl-sak1 has joined #nixos
<Myrl-sak1>
Fuck me. I deleted nmy nix store using `nix-store --delete`
<Myrl-sak1>
I have a paper to pass to.
<Myrl-sak1>
too
<Myrl-sak1>
Well
seanparsons has quit [Read error: Connection reset by peer]
leat has joined #nixos
<Myrl-sak1>
At least I hope that that's the only thing that got deleted.
<makefu>
Myrl-sak1: you cannot delete any path which is still in used by any of your roots. so it should be fine :)
<Myrl-sak1>
makefu: I ignored liveness
<makefu>
geez :D
<Myrl-sak1>
I literally can't even boot my initn ow.
<makefu>
nix-store -Q --realize <path-you-lost>
<Myrl-sak1>
Ugh
<Myrl-sak1>
makefu: My PATH was also broken.
<Myrl-sak1>
And I forgot first rule of broken PATH. Don't reboot.
<makefu>
you can boot into live and simply re-install with the config you have
<Myrl-sak1>
makefu: I'm trying to do that.
asuryawanshi has quit [Ping timeout: 240 seconds]
<Myrl-sak1>
How do I netboot from local?
94KAADP9H has joined #nixos
21WAADPRD has left #nixos [#nixos]
<21WAADPRD>
nixpkgs/master a9d0778 Ryan Mulligan: lib: add versions library
<94KAADP9H>
[nixpkgs] Mic92 closed pull request #36168: a single version attribute for expressions previously using "majorVersion" (master...majorminor) https://git.io/vAMMN
<makefu>
you can also try to find binaries with 'ls /nix/store/*/bin/nox-store' or something
<Myrl-sak1>
Oh wait, that wouldn't work either considering I have propreitory...
<Myrl-sak1>
makefu: `ls` was not found.
<clever>
Myrl-sak1: echo instead
<Myrl-sak1>
True.
<makefu>
great idea
<Myrl-sak1>
I shouldn't have rebooted. I'm stupid.
<clever>
Myrl-sak1: you shouldnt have forced it either
ma27 has quit [Quit: WeeChat 2.0]
<clever>
ive done it, it breaks a lot :P
<makefu>
that
<Myrl-sak1>
This is why I'll fail as a sysadmin.
<makefu>
simply trust nix
<Myrl-sak1>
clever: My /nix/store had a broken file, I think.
ma27 has joined #nixos
<Myrl-sak1>
Which doesn't seem likely, but it happened.
<clever>
Myrl-sak1: if you boot from any install media for nixos, you can mount your FS's to /mnt, and re-run nixos-install to repair it from the existing configuration.nix
<clever>
Myrl-sak1: that is what --repair-path is for
<makefu>
clever: such an awesome snipped. thanks a lot for sharing. i am pretty sure there are many more gems out there. we just need a place to keep them (not only in bookmarks)
<clever>
Myrl-sak1: you have to add it to the imports section of configuration.nix, and set the 2 nixos options on lines 35&40
ma27 has quit [Ping timeout: 240 seconds]
<clever>
Myrl-sak1: network.wan must be set to the name of the internet facing NIC
<clever>
Myrl-sak1: network.lan must be set to the NIC facing the broken machine, which should be an ethernet card
<elvishjerricco>
Xianwen: I'd take a look at the other `desktopManager` implementations and see if you can just make a new nixos module inspired by them
i-am-the-slime has quit [Quit: Konversation terminated!]
<Xianwen>
clever: Okay! Thank you!
<Xianwen>
elvishjerricco: Yeah.
lexwhere has joined #nixos
<Myrl-sak1>
clever: I only have to import your nix file, and netboot_server.network{wan,lan}, right?
<Xianwen>
That wolud be interesting. Could you point me to a github source code page, if it is convenient for you?
<clever>
Xianwen: just copy that to /etc/nixos/cwm.nix, replace all dwm's with cwm's, and add imports = [ ./cwm.nix ]; to the configuration.nix, and it should become a valid option
<Myrl-sak1>
clever: I believe UEFI boot was the wrong option?
<17WAAV2S6>
nixpkgs/master c73cfd5 Alex Griffin: mblaze: 0.3.1 -> 0.3.2
<clever>
Myrl-sak1: netboot_server.nix doesnt support EFI currently
<Myrl-sak1>
clever: Ah, no wonder. It worked when I enabled legacy.
<Myrl-sak1>
clever: Thanks. It's booting now. I'll have to think this through.
<clever>
Myrl-sak1: there is also a minor problem, since your booting via legacy, configuring efi will be a bit more tricky, but we can assume that the efivars are already setup
<clever>
Myrl-sak1: just leave your configuration.nix as-is, and mount the right partition under /mnt/boot/
<Myrl-sak1>
Inerestingly, /mnt/nix/store is actually still populated.
<Myrl-sak1>
So I didn't nuke everything.
<clever>
yeah, you didnt delete everything
<clever>
but you did delete everything that refered to the path you where deleting
<Xianwen>
clever: Thank you! I'm trying it out now!
<Myrl-sak1>
clever: I tried using generations from literally months ago but they also didn't work.
<lexwhere>
what you think about the idea to deliver to end user an huge binary installer, that could unpack offline your app with all shared lib deps to /nix/store ? the installer could be compiled of binary caches pulled from cache.nixos.org
<clever>
Myrl-sak1: if you dont nix-channel --update often, a single force can delete months worth of generations
<clever>
lexwhere: i'm actually working on something just like that, that uses namespaces to put it at ~/nix/
<Myrl-sak1>
clever: Makes sense. I tried updating nixpkgs, but it was more of a hassle, so I just didn't.
<lexwhere>
clever may I see the code, github?
<Myrl-sak1>
clever: I got the /mnt file hierarchy now.
<clever>
Myrl-sak1: networking.nat does that automatically
<lejonet>
clever: yeah, I've used optional and optionalAttrs, but only when optionally merging lists and attrs and didn't know if they were general enough
<Myrl-sak1>
clever: Yeah, probably a problem on my installation.
<Myrl-sak1>
I'll look into this later.
<Myrl-sak1>
clever: How do I use my machine as a bincache?
<clever>
Myrl-sak1: youll need to adjust the /etc/nix/nix.conf on the host, and add the url and pubkey for the cache
<Myrl-sak1>
clever: How about using buildMachines?
shabius has joined #nixos
<clever>
Myrl-sak1: you can also set those in nix.conf and /etc/nix/machines
<clever>
i dont remember if nixos-rebuild works inside that netboot image
<Myrl-sak1>
Ah.
pxc has quit [Ping timeout: 256 seconds]
<lexwhere>
I wasn't knew\aware such project nix-bundle exist... thnx 4 letting me know, I've googled it, will bookmark it and will follow updates. maybe someday I'll try to build delivery around it, as AppImage replacement
fragamus has joined #nixos
<clever>
Myrl-sak1: but if it breaks, you can always plug the cable in again and reboot from the image again
<Myrl-sak1>
clever: Just a question. What did I delete?
<Myrl-sak1>
clever: I deleted a library, which was full of '\0'
<Myrl-sak1>
Yeah, I'll need a shittonne of swap for this.
<clever>
nix 2.0's copy command can help, but it needs better docs
<MichaelRaskin>
Hm, I guess in my case having a fat initramfs, which is literally more than a hundred MiBs and has a lot of tools, would make the recovery trivial.
<clever>
Myrl-sak1: both rescue and netboot do that, the entire rootfs is a squashfs in the initrd
<clever>
MichaelRaskin: oops, wrong tab-complete
<clever>
MichaelRaskin: rescue-boot puts the kernel&initrd into /boot and adds a grub option for recovery
mkoenig has joined #nixos
leat has quit [Ping timeout: 240 seconds]
<clever>
netboot-server configures full network booting with the same images
<MichaelRaskin>
I mean, my default initramfs is usable as a recovery.
<clever>
ah
<clever>
rescue-boot gives you that option, while not slowing down normal boots
<MichaelRaskin>
With Nix 2.0 maybe I should also put Nix itself there.
<clever>
it takes an extra 20 or 30 seconds just to unpack that fat initrd
<MichaelRaskin>
On good hardware below 20
<MichaelRaskin>
I just don't want to carefully make sure I do not forget anything useful from initramfs.
mkoenig_ has quit [Ping timeout: 256 seconds]
Xianwen has quit [Ping timeout: 260 seconds]
<lexwhere>
I have a problem: when I invoke 'nix-shell myFHSenv.nix' it tries to compile source, which take HUGE amount of time. how I can enforce usage of binaries?
<Myrl-sak1>
clever: Ping
<clever>
Myrl-sak1: pong
<Myrl-sak1>
clever: ramfs won't work with swap?
<Myrl-sak1>
Or loop?
<Myrl-sak1>
I'm not sure what my /nix is rn.
pie___ has joined #nixos
<clever>
Myrl-sak1: check df -h, youll see a .rw-store
<clever>
Myrl-sak1: mount -o remount,size=2G /path/to/that
<Myrl-sak1>
Mkay.
<clever>
as long as the size is under ram+swap, it should be safe
<Myrl-sak1>
clever: Thanks. I'm really appreciating all the help.
<clever>
maybe leave a gig or 2 free for apps to use
knupfer has joined #nixos
robstr has joined #nixos
<gchristensen>
clever: ouch
<gchristensen>
clever: things are going to be very ugly when GitHub is no longer the cool joint in town, and starts to fail
<gchristensen>
security groups make fools of us all :)
<zandy[m]>
thanks clever !!
<clever>
* SSL certificate problem: self signed certificate
<clever>
zandy[m]: i believe you need to restart nginx now
<gchristensen>
heads up: ofborg will stop processing new tasks for a little bit while I move its infra.
<makefu>
and probably the acme service as well
knupfer has quit [Remote host closed the connection]
<clever>
makefu: the acme one runs itself on rebuild-switch, and at regular intervals
robstr has quit [Remote host closed the connection]
<zandy[m]>
hmm
<zandy[m]>
i restarted nginx like this: systemctl restart nginx
<clever>
makefu: but nginx has to come up with an example.com cert for acme to work, and acme doesnt reload nginx
knupfer has joined #nixos
<tnks>
hmm... I'm not sure the priority on nix-serve can be configured.
<clever>
zandy[m]: check `journalctl`, scroll to the end and see if there are any acme related errors
<clever>
tnks: yeah, its hard-coded to 30, youll either want a package-override, or a reverse proxy that serves a different nix-cache-info and proxies the rest
coot_ has joined #nixos
<zandy[m]>
i don't see anything about acme
<tnks>
clever: seems easier to patch the source and rebuild it.
<clever>
zandy[m]: scroll up some, maybe an hour or 2
<zandy[m]>
i guess my very simple nix configuration doesn't get my cert signed by a CA?
<tnks>
clever: what I'm noticing is the cost of bzipping everything seems like it's slower than my network delay.
<tnks>
at which point, I think nix-serve should have a higher number than cache.nixos.org.
<makefu>
zandy[m]: it should as you have enabled acme (letsencrypt)
acertain has quit [Ping timeout: 260 seconds]
<clever>
tnks: you can either patch it to use bzip2 -1 which is faster, or just change out the entire compression algo for something faster
<Myrl-sak1>
clever: nixos-install fails due to nix.conf, what should I do with that?
<zandy[m]>
oh yeah nix-channel --update fixed it :)
<clever>
Myrl-sak1: what exactly does it fail with?
lord| is now known as often
often is now known as lord|
<Myrl-sak1>
clever: nixos-install registers to the mounted nix/store even at failure, right?
<Myrl-sak1>
Oh god no
<Myrl-sak1>
Welps. Time to do this again.
dcci has joined #nixos
<Myrl-sak1>
Oh wait no.
<Myrl-sak1>
I have nixos-install --chroot working.
{^_^} has quit [Remote host closed the connection]
{^_^} has joined #nixos
{^_^} has quit [Changing host]
{^_^} has joined #nixos
chisui has quit [Ping timeout: 260 seconds]
endformationage has quit [Ping timeout: 268 seconds]
ryanartecona has joined #nixos
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] volth closed pull request #28348: androidsdk: put license hashes to nix store (master...androidsdk-license-hashes-in-nixstore) https://git.io/v7xxU
NixOS_GitHub has left #nixos [#nixos]
hiratara has quit [Ping timeout: 252 seconds]
Synthetica has joined #nixos
<Synthetica>
I get `warning: unknown setting 'signed-binary-caches'` when I'm trying to `sudo nixos-rebuild switch`, anyone else getting that?
pxc has joined #nixos
<Myrl-sak1>
So
<clefru>
Synthetica: same here.
<Myrl-sak1>
My /mnt/nix/store seems to be complete.
<clefru>
probably the nix-2.0 upgrade
<Myrl-sak1>
But --chroot nixos-rebuild doesn't work
<Myrl-sak1>
Err
<Myrl-sak1>
nixos-install -chroot
<Myrl-sak1>
nixos-rebuild switch
<Myrl-sak1>
Gets me "parent directory does not exist"
hiratara has joined #nixos
<Synthetica>
clefru: But I'm not on 2.0 according to `nix-env --version'
<Synthetica>
`1.11.16
<clever>
Myrl-sak1: try a cd / after you chroot
<clever>
Myrl-sak1: or try just normal nixos-install
acertain has quit [Ping timeout: 260 seconds]
alex`` has quit [Quit: WeeChat 2.0.1]
orivej has quit [Ping timeout: 240 seconds]
acertain has joined #nixos
lexwhere has quit [Ping timeout: 260 seconds]
<Myrl-sak1>
clever: Is it safe to delete /nix/var/nix/profiles?
<Myrl-sak1>
It's interfering with my nixos-rebuild
<clever>
Myrl-sak1: that will reset all generations, so nix-env and nixos state is wiped clean
<Myrl-sak1>
clever: I mean a system-*-link
<clever>
those are safer to just wipe
<Myrl-sak1>
"too few arguments" on nixos-rebuild switch
muzzy__ has quit [Ping timeout: 245 seconds]
<Myrl-sak1>
Oh wait. Fixed it.
<Myrl-sak1>
Or not.
jtojnar has quit [Quit: jtojnar]
acertain has quit [Ping timeout: 260 seconds]
jtojnar has joined #nixos
<ryantm>
Synthetica: yes im getting that warning too
acertain has joined #nixos
Neo-- has quit [Ping timeout: 260 seconds]
<Myrl-sak1>
Yep, i get a too few arguments error out of nowhere.
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
nioncode has joined #nixos
<clefru>
Synthetica: nixos-rebuild doesn't use the installed nix version for evaluation I think.
<Synthetica>
(It turned out to just take longer than I expected, it wasn't blocking)
<Synthetica>
Even though I'm now running into #36268
FRidh2 has quit [Quit: Konversation terminated!]
<gchristensen>
ofborg will process new commands starting now. I'm still working on setting up evaluators and builders on the new infra
<nioncode>
I'm preparing a PR for making conky compile with pulseaudio support. however, when trying to build my modified module (nix-build -A conky), I receive gcc errors (e.g.: dynamic exception specifications are deprecated in C++11 [-Wdeprecated]). I assume conky gets built with a compiler that is too new and does not have a C++ standard set explicitly. these are my first days with nix[os], so I don't know what to do
<nioncode>
now. can somebody aid me in the right direction?
oahong has quit [Ping timeout: 240 seconds]
<manveru>
why does it treat warnings as errors?
knupfer has quit [Ping timeout: 276 seconds]
<nioncode>
I don't know, but there are also 'proper' errors in there, e.g.: 'function' in namespace 'std' does not name a template type
kelleyNif has quit [Quit: Leaving.]
<Ralith>
is there a standard way to get nix to give me a debug build of a library?
oahong has joined #nixos
<nioncode>
actually the compilation seems to be an upstream issue (#422), but how did conky then end up in the binary cache?
kelleyNif has joined #nixos
joelpet has quit [Remote host closed the connection]
<Dezgeg>
maybe it only happens in code which is not build if pulseaudio support isn't enabled?
<tnks>
clever: why rotate the key? It seems like that would just break caches, right?
ottidmes has joined #nixos
<clever>
just an optional thing you could do
<clever>
you would have to share every public you have made, and publish them ahead of time
<clever>
but it would add some timestamp like features
<tnks>
yeah, I see what you mean.
<clever>
the secret for 2017 has been destroyed, so no matter how badly it gets exploited, you can trust the signatures from 2017
<clever>
as an example
<tnks>
okay, so not have to rewrite all the old signatures, and just serve them up as new ones as accessed?
<tnks>
lazily?
asuryawanshi has joined #nixos
<tnks>
I might not be following exactly.
<clever>
sign things when they are built, and maybe also add extra signatures over time?
<ottidmes>
clever: So far I have only used kexec within the initrd where I do some cleanup, but not much, do you know what is the best practice here. Should I try to safely kill and unmount as much as possible before kexec'ing?
<tnks>
clever: can the sqlite table handle multiple signatures?
<clever>
ottidmes: kill isnt really needed, but umount/close all filesystems, and sync, before you kexec
lopsided98 has quit [Remote host closed the connection]
<clever>
tnks: i think the code mentioned it being a space seperated list
<tnks>
clever: interesting.
<tnks>
so when I do 'nix copy-sigs -s https://a -s https://b --all) it might get signatures from a, b, or both?
<gchristensen>
update: I _think_ all ofborg things should be normal now.
lopsided98 has joined #nixos
<tnks>
and the signatures from a and b might even be the same?
jackdk has left #nixos [#nixos]
<clever>
tnks: yeah
<ottidmes>
clever: Yeah, that is actually what I am doing in the initrd right now as well, I only killed the processes as well when I did that kernel poweroff in initrd
<tnks>
clever: okay, I think I'm on a path now to reverse engineer the sqlite tables, and the Perl code base.
<tnks>
well, maybe not reverse, but look at the code and play around with it all.
<clever>
tnks: id also check to see if you can query the signature over the nix-daemon protocol
<clever>
tnks: the same way you can nix-store --query --hash
<tnks>
clever: is the nix-daemon protocol documented somewhere?
<tnks>
or just in code?
<clever>
tnks: only in code
<ottidmes>
clever: Is what you are discussing related to the warning I got when trying out Nix 2.0 with substitutors: warning: substituter 'ssh://root@server' does not have a valid signature for path
<tnks>
clever: where's the code?
asuryawanshi has quit [Ping timeout: 240 seconds]
<clever>
tnks: one min
<clever>
ottidmes: not sure
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] joachifm pushed 2 new commits to master: https://git.io/vAHy7
<NixOS_GitHub>
nixpkgs/master da134f8 Roel van Dijk: opencv: flag to enable tbb...
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/master 28b48fd Joachim F: Merge pull request #36170 from LumiGuide/feat-opencv-tbb...
<clever>
tnks: if nix is ran as root, it will directly use local-store
<clever>
tnks: if nix is ran without root, it uses the nix-daemon protocol over a unix socket to proxy everything over, and the daemon uses local-store
<clever>
tnks: and a similar protocol us used for `ssh user@host nix-store --serve [--write]`
<clever>
so you can push/pull closures, and initiate builds remotely
<tnks>
there's some kind of ssh-ng:// too.
<tnks>
which I think uses 'nix-daemon --stdio'
<clever>
ah, that sounds new
<tnks>
next generation, it says.
fragamus has joined #nixos
<clever>
related, nix-store isnt always in $PATH for non-interactive shells
<elvishjerricco>
Looking into having Hydra push the cache to S3. How does it know the AWS credentials required? Just environment variables?
pxc has quit [Ping timeout: 252 seconds]
<clever>
so if you 'ssh user@host' nix works fine, but if you 'ssh user@host nix-store --help' it fails
<clever>
which causes issues with build slaves
<tnks>
clever: just to avoid annoyances with ssh keys, I was hoping to just have a simple HTTP-based service.
<clever>
tnks: yeah, plain http is best for a simple binary cache
<tnks>
I'm using the ssh-style substituter for 'nix copy --to' to get binaries from my builder to my cache.
<tnks>
I think, at the end of the day, we just need a modernized nix-serve alternative.
<ottidmes>
tnks: How did you prevent the valid signature for path error for that?
<clever>
ottidmes: oh, that error, is your nix-daemon on 1.11 still?
MichaelRaskin has quit [Ping timeout: 260 seconds]
<tnks>
ottidmes: I haven't debugged it all... but it works in a Docker cluster... but doesn't work when I connect to that cluster from a laptop.
<ottidmes>
clever: Not sure, I downgraded back to 1.11 after giving up, but I did restart nix-daemon after upgrading to 2.0pre
<clever>
ottidmes: is the client 2.0 still? realpath $(which nix-store)
fouric has quit [Quit: WeeChat 1.9.1]
<tnks>
All my work is piloting a 2.0-is-here world.
<tnks>
So even this hypothetical nix-serve replacement I'm talking about. I have no real interest making it backwards compatible with Nix 1.0.
<ottidmes>
clever: When I was trying to fix the error, they all reported 2.0pre for their version, I did not check the paths, but I doubt that they would point to 1.11 and report 2.0pre as version
fouric has joined #nixos
aarvar has left #nixos [#nixos]
<clever>
ottidmes: double-check to see what nix-store your using on each user
<avn_>
tnks: so nix-serve don't works with 2,0?
<tnks>
avn_: it works... but hasn't been modernized to take advantage of the new signatures design.
<elvishjerricco>
Am I going to need to read Hydra source code to figure out how it authenticates with S3?
<clever>
avn_: nix 2.0 saves signatures to db.sqlite when it downloads things, but nix-serve still re-signs everything it serves
<tnks>
avn_: so unless you ignore signatures altogether, it spins a lot of CPU bzipping everything, not to mention the calculation isn't really needed if there's already signatures in the Nix store.
<ottidmes>
clever: I updated all 3 test machines and double checked with nix-store --version at the time, are you sure it has to do with version mismatch, I mean, I think it is just misconfiguration on my end somewhere, shouldn't I have to specify with which key it should sign? I did set secret-key-files though, but since it is plural files, I doubt it is used to sign
<clever>
ottidmes: oh, is this with local builds, or copying between machines?
winem_ has quit [Quit: No Ping reply in 180 seconds.]
<avn_>
I see, just I use nix-serve to roll-out builds to others my in-house machine (I actually should use nixops here I think)
<ottidmes>
clever: 3 machines, 2 function as cache as well, so just copying between machines to prevent building costly things
<clever>
ottidmes: for the binary caches, try to query the http://host/hash.narinfo file with curl
<tobiasBora>
Hello !
<ottidmes>
clever: I had it working with nix-serve and binary caches, but not with substituters = ssh://root@server for example
<clever>
ottidmes: ah, ive only gotten signing working with nix-serve and hydra
<acertain>
is there any way to get nix-shell to take a package set (i.e. nix-shell -p qt5)?
<tobiasBora>
I was curious to know if some work has been done to port nix on android phones. I can't find anything on google
<clever>
acertain: i think you can nix-shell -p '(lib.attrValues qt5)'
<ottidmes>
clever: That was a puzzle as wel, but that puzzle I did solve (confusingly in Nix 2.0 the /etc/nix/signing-key.sec is not used for signing, the binary cache key had to be used, it was documented, but I assumed wrong initially)
kelleyNif has quit [Quit: Leaving.]
Fare has quit [Ping timeout: 256 seconds]
<clever>
ottidmes: got a link to those docs?
kelleyNif has joined #nixos
<tnks>
ottidmes: I wasn't using a substituter with the ssh:// protocol.
<ottidmes>
tnks: Ah, too bad
<tnks>
I was using 'nix copy --to ssh://... /nix/store/parth'
<tnks>
that worked for me with the keys set up right and the right settings in /etc/nix/nix.conf.
<clever>
tnks: which fields did you have to fill in?
<ottidmes>
clever: https://nixos.org/nix/manual/#ch-files (search for secret-key-files) or if you meant the docs about setting up nix-serve correctly under 1.11, I have that as well
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] peterhoeg pushed 10 new commits to staging: https://git.io/vAHSQ
<NixOS_GitHub>
nixpkgs/staging 9c64494 Peter Hoeg: appdaemon: init at 3.0.0b4
<NixOS_GitHub>
nixpkgs/staging 2ca4e73 Peter Hoeg: pythonPackages.aiohttp-jinja2: init at 0.16.0
NixOS_GitHub has left #nixos [#nixos]
<NixOS_GitHub>
nixpkgs/staging 91456c6 Peter Hoeg: pythonPackages.sseclient: init at 0.0.19
<tnks>
clever: it might have been overkill, but I did "trusted-users = *', secret-key-files, and trusted-public-keys.
<clever>
ive had no issues with the old nix-serve
<tnks>
the only issues I have with nix-serve is the ones we've been talking about.
<clever>
tnks: trusted-users are allowed to import unsigned paths
<tnks>
clever: are you sure? because when I had the wrong keys, it complained about bad signatures, even with trusted users.
<tnks>
I can run that test again, though.
aborsu has joined #nixos
<clever>
maybe 2.0 changes things some
<clever>
but with 1.11,nix-copy-closure with a trusted user on the receiving end, just ignores the signatures
jqtrde_ has joined #nixos
<clever>
so you can either --to root@foo, or sudo nix-copy-closure --from source
<clever>
or add the right user to trusted
<jqtrde_>
vim
<clever>
:q!
<jqtrde_>
ha, sry :)
jqtrde_ has quit [Quit: WeeChat 2.0.1]
<tnks>
I really need to look at the sqlite database to see signatures.
<ottidmes>
tnks: I had set secret-key-files and trusted-public-keys on both machines with the same values, maybe that was not allowed, I could try just setting the secret-key-files on the serving host and the trusted-public-keys on the receivers
<tnks>
this is driving me crazy with it being so opaque.
ryanartecona has quit [Quit: ryanartecona]
<tnks>
ottidmes: no, I did the same thing (same values on both), and it worked.
<ottidmes>
tnks: And did you set /etc/nix/signing-key.sec?
<tnks>
ottidmes: I put it in a different place, but yeah.
<tnks>
/etc/nix/signing-key.sec used to be the old OpenSSL way of signing things.
<tnks>
so if you had the wrong-style key there, things might not work.
<clever>
the nix-store man page shows how to generate the pair
<Lisanna>
nix-push --link: "This only works if dest-dir is on the same filesystem as the Nix store."
<ottidmes>
tnks: Yeah I first used that key naively for secret-key-files, but it complained about a corrupt private key file, because it should have had the format used by binary cache keys
<Lisanna>
Isn't /nix by default kept on its own filesystem?
<clever>
Lisanna: yeah, that doesnt really work then
coconnor has quit [Remote host closed the connection]
<Lisanna>
so only people who manually configure their /nix/store mount can take advantage of that?
<ottidmes>
tnks: I am going to give it another try and remove /etc/nix/signing-key.sec, maybe it interferes
mizu_no_oto has joined #nixos
b has joined #nixos
fenedor has quit [Read error: Connection reset by peer]
<Myrl-sak1>
clever: I got it working now. Once again, thanks. Learned a few things. Such as not forcing the nix store.
mizu_no_oto has quit [Quit: Computer has gone to sleep.]
<tnks>
what's the difference between /nix/var/nix/binary-cache-v3.sqlite and /nix/var/nix/db/db.sqlite?
<clever>
Myrl-sak1: also, nix-store --query --roots tells you why its alive
<tnks>
my sqlite3 client can't read the later.
<clever>
tnks: binary-cache-v3 is a cache of what is present on the binary caches
<clever>
tnks: db.sqlite is the entire state of /nix/store/
<tnks>
clever: where are binary caches?
<clever>
tnks: cache.nixos.org and friends
<tnks>
oh, I see.
<Lisanna>
What are strategies for managing the size of a nix binary cache (e.g. as produced by nix-push or nix copy --to file://)?
<ottidmes>
tnks: And with nix-serve your machine can act as a binary cache as well
kelleyNif has quit [Quit: Leaving.]
kelleyNif has joined #nixos
<tnks>
ottidmes: right. I see these tables with sqlite3.
<nioncode>
so I've now successfully built conky with g++ 7.3.0 on ArchLinux, but it still fails on nixos with the error message: 'function' in namespace 'std' does not name a template type
<nioncode>
how can I debug this further?
<tnks>
I need another client to open db.sqlite? I just guessing.
<Lisanna>
e.g., how does hydra prevent its binary cache from getting too big?
kelleyNif has quit [Client Quit]
kelleyNif has joined #nixos
aborsu has quit [Quit: aborsu]
jqtrde_ has joined #nixos
<clever>
[nix-shell:/nix/var/nix/db]# sqlite3 db.sqlite 'select sigs from ValidPaths where path = "/nix/store/b46sv85mp79xww7q31fv3cpz0c0zbw2n-daedalus"'
<obadz>
Lisanna: it doesn't. S3 can take it :')
<clever>
tnks: this, as root, is how i view a sig, right now, its an empty value since its not signed
kelleyNif has quit [Client Quit]
<tnks>
clever: oh, yeah, maybe I need to be root.
kelleyNif has joined #nixos
<Lisanna>
obadz well my workstation can't ):
<clever>
tnks: i believe you need write to the directory to grab the right lock files for opening
<tnks>
clever: okay.
<tnks>
it worked as a normal user for the binary cache index db.
kelleyNif has quit [Client Quit]
<Lisanna>
"nix-shell -p nixUnstable --run nix-store --help" makes me very sad
NixOS_GitHub has joined #nixos
<NixOS_GitHub>
[nixpkgs] obadz closed pull request #36300: LightDM: Set default user session when possible. (master...lightdm-default-user-session) https://git.io/vAHEJ
NixOS_GitHub has left #nixos [#nixos]
<clever>
tnks: aha, i set secret-key-files in nix.conf, deleted a store path, then re-built it with nix-build, now db.sqlite contains a signature
<clever>
tnks: so nix-daemon is already signing things after the builds finish, if configured
<tnks>
clever: yeah, I think so too.
asuryawanshi has joined #nixos
<tnks>
clever: having sqlite3 to inspect it really helpful.