<infinisil>
Btw, if anybody needs a public DNS server and doesn't want to use google's 8.8.8.8, have a look at https://www.quad9.net/ (9.9.9.9), it's very privacy focused and blocks malicious domains
dan_b has quit [Ping timeout: 268 seconds]
<joepie91_to_go_>
obligatory note that malware blocking is already done in browsers through safe browsing, doing so by hostname is imperfect, and 'privacy focused' only works insofar you trust the provider :)
<joepie91_to_go_>
the presentation on the site definitely makes me suspicious
<infinisil>
"safe browsing"?
pie__ has joined #nixos
<fnlkj>
browsers, how?
aarvar has quit [Ping timeout: 268 seconds]
pie_ has quit [Read error: Connection reset by peer]
<joepie91_to_go_>
infinisil: built-in feature of every major browser by now (afaik) that has a local blacklist of malicious domains
<fnlkj>
in FF u may have to manually specify DNS thru about:config for example I believe, if like using a ssh tunnel or socks..hmh
<joepie91_to_go_>
and going to such a domain will throw up a warning screen
<fnlkj>
that's bad it sounds, like a memory hog
<joepie91_to_go_>
behind-the-scenes connections to them are outright disallowed
<fnlkj>
also i don't like censorship
<joepie91_to_go_>
it's not
<infinisil>
joepie91_to_go_: Yeah but local blacklist doesn't help much if it's ever changing
<joepie91_to_go_>
the blacklist gets updated regularly
<joepie91_to_go_>
most browsers use the one provided by Google
<fnlkj>
wont they be fed to their dns servers as well,supposedly some anti-malware properties i thought? (unsure)..hm
<infinisil>
joepie91_to_go_: "Quad9 will check the site against IBM X-Force threat intelligence that includes 800+ terabytes of threat intelligence data including 40B+ analyzed web pages and images and 17 million spam and phishing attacks monitored daily."
<joepie91_to_go_>
yeah, those are fancy-looking numbers but it tells me nothing of value :)
<fnlkj>
in browser,... besides those dependant on exetrnal connections for their blocklists, i think every browser ive tried so far and noticed such on, had it built-in and thus taking a nice fat chunk of ram
<joepie91_to_go_>
sorry, I've been doing infosec-y stuff for too long to assign any value to claims like this anymore
<joepie91_to_go_>
it's marketing prose
<fnlkj>
How do you completly evade these block-lists?
<joepie91_to_go_>
tells you nothing about how it compares to other approaches, what their coverage is, etc.
<joepie91_to_go_>
it's just all the big numbers they could come up with
<fnlkj>
SOme times I intentionally seek out threat-feed sites and the maliciou - then often merely suspected, showing signs correlating with that of some malware possibly - for curiosity for example....
<infinisil>
joepie91_to_go_: The fact that they are founded by IBM (and more) and have about 150 centers around the globe and their FAQ and Blog makes me trust them
<fnlkj>
also, it would be Very easy to plant malware and learn the criteria for listing a site there as a means of maliciously having a host taken down
<infinisil>
Much more than Google at least
<joepie91_to_go_>
infinisil: I mean, sure, you can choose to do so, but I would distrust them immediately on the basis that they are *actively marketing* a thing that presumably produces no income
<joepie91_to_go_>
so what's the business model?
<fnlkj>
u do have a point...IBM is one of few I've heard much bad about at all...ever.....
<joepie91_to_go_>
"we get analytics" is not sufficiently convincing to me
<fnlkj>
I dont like it either, yeah..... they get some from it, shaping what we're served of content.........hmmm
<joepie91_to_go_>
especially since they are anonymized analytics and the value of "how many people try to access malware domains" is information of pretty limited value
<fnlkj>
no its not, it could be very valuable to some i think..
<joepie91_to_go_>
in the bigger picture, its value is near zero if you already have the 'threat intelligence' to build this list in the first place
<joepie91_to_go_>
so this really doesn't adequately explain their business model
<joepie91_to_go_>
anyway, I need to sleep
<fnlkj>
if ure in the business able to judge which are likely most profitable at the time,if a notable amount of ppl are likely inclined to potentially become a $, and use it to see/consider trends etc
<fnlkj>
pretty sure that massive amount of blocks does include much else...
<fnlkj>
and what they do let through, assuming they've have control of that.... who knows, mnaybe occasionally NSA or whoever would pay wel for a targeted brwoser-exploit or w/e to go with such data frmo time to time :d
<infinisil>
joepie91_to_go_: Valid point
<fnlkj>
Also, mind you the amount of malware domains that are being found and filtered out by the best algoritgthms.. far frmo enough to deter those into that stuff, and massive amounts still drive the business as has been
jperras has joined #nixos
<fnlkj>
best assume the worst, hope for the best.. expect compromise, comartmentalize and use nesten virtualization with verious secured keys and key-devices for each, never having more than one open at a time, requiring all for opening some other.. n such, using FDE etc. of various kind around each layer...besides some personal touch / custom stuff too ofc..!
<fnlkj>
...hmm.. also... hmm, but, as i've found...... . . . the birds are spies ! . . .
<fnlkj>
shh..!
semilattice has quit [Remote host closed the connection]
<infinisil>
fnlkj: You can use #nixos-chat for extended offtopic things
<infinisil>
And joepie91_to_go_ ^^
<fnlkj>
o. my apologies
joepie91_to_go_ has quit [Ping timeout: 260 seconds]
<acowley>
LnL: Where would I set that so that users of the compiler pick it up?
<LnL>
ah like that
<acowley>
Yeah, I get a ton of warnings about include paths not being used
<acowley>
Well, "ton" ~ 10
<LnL>
if it's only used within nix it could be done with a setup-hook
<acowley>
Which I can easily turn off myself, but I don't think they're informative
<acowley>
Okay, yeah
xcmw has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
tertle||eltret has joined #nixos
pxc has joined #nixos
Ariakenom has quit [Read error: Connection reset by peer]
pxc has quit [Ping timeout: 264 seconds]
xcmw has joined #nixos
mbrgm has quit [Ping timeout: 256 seconds]
kerrhau has joined #nixos
kerrhau has quit [Changing host]
kerrhau has joined #nixos
<acowley>
Navigating this whole clang-derivative thing has been a bit disconcerting. It seems sort of natural for projects out there to have a build that produces a compiler and then uses that compiler to build some libraries. But we need wrapper scripts to make up for non-canonical locations for stuff. The problem then is fitting the wrapper generation into the upstream build.
<acowley>
The way I did it for this compiler involves some pretty iffy patching for the libraries part of the build because the upstream build process uses the build-tree compiler to build the libraries.
mbrgm has joined #nixos
<acowley>
So not only did I have to hack their build script into two pieces, I then needed to reconstruct an approximation of the build tree expected by the second half of the build script.
<acowley>
I'd have felt better if I could instead insert nix-specific wrapper generation into their build script.
Supersonic112 has joined #nixos
Supersonic has quit [Disconnected by services]
<acowley>
Like, they have "buildCompiler; buildLibs;" and I patch it to "buildCompiler; makeWrappers; buildLibs;". Instead I need separate nix derivations because of the way ccWrapperFun works.
Supersonic112 is now known as Supersonic
<acowley>
LnL: The setupHook worked, btw, thanks for suggesting it.
<monokrome>
Hmm... I have custom versions of some tools I use, for instance DWM. Is there a way to set up my nix configuration to use the custom built DWM as my window manager instead of the system DWM?
M3lst4d-en has joined #nixos
<infinisil>
monokrome: Just use the dwm module but add an overlay that changes the dwm package to your custom version
simukis has quit [Ping timeout: 256 seconds]
xcmw has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Cale_ has quit [Remote host closed the connection]
jrolfs has quit [Ping timeout: 256 seconds]
blonkhart has joined #nixos
jrolfs has joined #nixos
<zybell_>
acowley: I would say if you need to modify an upstream textfile/shellscript provide upstream with a marker patch. 2 special constructed lines are sufficient. Example(without quotes):"# - -","# - -" Pls note the number of spaces. Patch can insert and remove compatible patches between such lines in any order.
<zybell_>
And any number.
<acowley>
zybell_: That's an interesting idea! Why not make the comment lines a bit more descriptive to discourage someone coming along and removing them?
jrolfs has quit [Ping timeout: 255 seconds]
<zybell_>
You can do so. The secret is in the number and pos of spaces.
<monokrome>
infinisil: hmm okay! I'll look into how that works. Thank you :)
kmicklas has quit [Ping timeout: 240 seconds]
<zybell_>
I did not find a good description that prevented good meaning people from 'making it read better', formatting away the spaces.
nuncanada has joined #nixos
<zybell_>
But you may have success, where I failed.
* monokrome
installed zlib but compiling Python still seemingly can't find it :|
migy_ has joined #nixos
<clever>
!libraries
pxc has joined #nixos
<clever>
!librarys
chrios has joined #nixos
chrios_ has quit [Ping timeout: 264 seconds]
<monokrome>
!libraries
* monokrome
explodes
<clever>
monokrome: i cant rmember the right keyword for the bot, but installing libraries wont fix compile problems, nix doesnt work like that
<monokrome>
.libraries
<clever>
monokrome: and also, why are you trying to compile python?
<monokrome>
clever: Shouldn't it install them so that they are feferencable in /usr/lib?
<monokrome>
doing `CFLAGS=-lz` seems to fix it, but now it says that a tmpfs doesn't have enough space to build Python. Does nix-shell create a temporary tmpfs to build in? And - if so - is there a way to increase the size of it?
<monokrome>
Iis it just me, or does the manual not show how to make an overlay?
<andrewrk>
what package has the suggestion for the package to install when a binary is not found?
<clacke[m]>
dtz: thx
jperras has joined #nixos
<clacke[m]>
That was supposed to have been fixed for "1.12", i.e. 2.0
<clacke[m]>
I'm using 2.0pre on both platforms.
raynold has quit [Quit: Connection closed for inactivity]
<clacke[m]>
so that's odd
scribbler has quit [Quit: scribbler]
lord| has joined #nixos
davidlt has joined #nixos
jperras has quit [Ping timeout: 248 seconds]
Lisanna has joined #nixos
<Lisanna>
has anyone ever used localhost as a remote builder? I just tried it and it doesn't seem to work.
<Lisanna>
What I think is happening is the local nix-build command has a lock on the output path, and when it tries to do the remote build, that lock is being held by the local process, so it prints "waiting for locks or build slots..."
<clever>
Lisanna: i think nix just assumes the local machine supports all features
<Lisanna>
clever yeah, which also sucks :p
<andrewrk>
the time has come again
<andrewrk>
when my /boot drive filled up and it's been long enough since last time that I don't know how to fix it
<clever>
andrewrk: grub or systemd-boot?
<andrewrk>
systemd-boot
nuncanada has quit [Read error: Connection reset by peer]
<andrewrk>
it's EFI
<samueldr>
clever: it differs?
<clever>
andrewrk: youll need to GC some old system profiles with nix-collect-garbage --delete-older-than, manually delete a few kernels from /boot, and re-run nixos-rebuild switch/boot
endformationage has quit [Ping timeout: 260 seconds]
<clever>
andrewrk: no real way to know, but nixos-rebuild will remake any that matter
endformationage has joined #nixos
<andrewrk>
ok I'm going to delete all of them
<andrewrk>
rebooting, let's see if it works
<andrewrk>
clever, hmm maybe something else is going on here. when I rebooted, nixos-version got reverted to Hummingbird (older). it was on Jellyfish when I restarted
<andrewrk>
I feel like I've had this problem and solved it before but I don't remember what it was. I thought it was the EFI thing.
<clever>
andrewrk: ive seen that happen if you have the wrong thing (or nothing) mounted to /boot
<monokrome>
Do I need to fork NixOS/nixpkgs to create an overlay?
<clever>
monokrome: no
<monokrome>
Is that how it works?
<monokrome>
Oh, hmm
<clever>
monokrome: the whole point of overlays is so you dont have to fork it
<clever>
you should also have ran it after mounting /boot during the installation
<andrewrk>
I have the partition, it's just not mounted
<clever>
manually mount it, and re-run nixos-generate-config
<clever>
then nixos-rebuild switch
<{^_^}>
[nixpkgs] @dtzWill opened pull request #38168 → epoxy: explicitly search libGL path as fallback → https://git.io/vxopr
<samueldr>
(I personally would `mv /boot /delete-me-boot ; mkdir /boot` beforehand just to make sure the mount point is an empty dir, but that's probably optional)
<monokrome>
clever: So, does `nixos-rebuild switch` somehow know to look in my HOME directory to build overlays?
<clever>
monokrome: nixos only obeys the overlays in nixpkgs.overlays
<monokrome>
oic
jperras has quit [Ping timeout: 264 seconds]
<monokrome>
The chapter doesn't cover how to build the ones in ~/.config/ - is there a way to do that?
<clever>
the same way it only obeys the config in nixpkgs.config
<andrewrk>
clever and samueldr - thanks! I think that solved the problem
<fnlkj>
oo.. sorry im , eh.. just n00bin around this neck of the woods for once.. unsure how/why i got here.....was gna try nixos just din get round to it just yet. Sorry to say im a nab to this all n can't help ya with dat im afraid
<neonfuz>
yeah no problem lmao
<fnlkj>
:d =)
<neonfuz>
I'm just here asking everyone
<fnlkj>
mm,hopefully some1 else will pop in with better input momentarily.. ^_^
<{^_^}>
[nixpkgs] @dtzWill opened pull request #38179 → powertop: patch for musl → https://git.io/vxKes
<{^_^}>
→ a3df96b3 by @dtzWill: powertop: patch for musl
<{^_^}>
→ a9af5f6b by @dtzWill: Merge pull request #38179 from dtzWill/fix/powertop-strerror_r-musl
abrxs has quit [Ping timeout: 260 seconds]
oida has joined #nixos
jperras has joined #nixos
<Lisanna>
when doing a nixops deploy for the first time with multiple machines, nixops stacks the password prompts on top of eachother. this seems really silly, and I've never been able to get it to accept passwords when it does that. is there a way to fix this?
<{^_^}>
→ 26f537ff by @dtzWill: swift: 4.0.3 -> 4.1
<{^_^}>
→ 25b81a05 by @dtzWill: swift: loosen platforms to all linux other than known-bad i686
<{^_^}>
→ 136a6d94 by @dtzWill: Merge pull request #38172 from dtzWill/update/swift-4.1
pxc has joined #nixos
taktoa has joined #nixos
pxc has quit [Ping timeout: 248 seconds]
<taktoa>
mpickering: I'm trying to use your ghcWithIndexer Kythe branch of nixpkgs but running the `serve` executable produced by `haskellPackages.ghcWithIndexer (p: [p.vector])` gives an error about the Kythe LevelDB database being on a read-only filesystem
<taktoa>
I'm going to try copying it into a tempdir or something but if you have any idea what's going on I'd be happy to hear it
<__monty__>
So turns out there's a problem with mDNS in nix. I can't resolve avahi .local domains with firefox or opera installed by nix. Discussion leading up to this and some details: https://bugzilla.mozilla.org/show_bug.cgi?id=1439780#c38
<sphalerite>
Lisanna: not really. I'd find this useful for instance for establishing the trust through my yubikey initially, but not needing it for later deploys, for instance
<__monty__>
clever: So there's no way to get support in nix outside of nixos?
<clever>
__monty__: ah, outside of nixos, not sure, the nix ld.so doesnt look in places like /usr/lib so the nss modules that the host os setup wont be found so easily
<clever>
__monty__: and i think it already relied on nscd in nixos, to get them loaded right
* clever
heads to bed
<MichaelRaskin>
neonfuz: you have since found mesa_drivers, right?
<lostman>
quick question. nix supports building docker images. will that work on mac? that is does nix 1) build on host, package closure into docker image or 2) build inside docker, copy closure out to final container?
jperras has quit [Ping timeout: 256 seconds]
<vaibhavsagar>
lostman: I would expect it to, and I think it does 1)
<lostman>
@vaibhavsagar yeah I thought that might be the case
<vaibhavsagar>
puffnfresh uses Nix on Macs IIRC so he would be able to tell you more
joepie91_to_go_ has quit [Changing host]
joepie91_to_go_ has joined #nixos
<Lisanna>
...tfw you ask for your package on darwin instead of linux and nix seamlessly takes care of it
ericsagnes has quit [Ping timeout: 260 seconds]
dbe has quit [Ping timeout: 256 seconds]
<unlmtd>
I dont get any keys deployed from `deployment.keys` nixops option. `nixops send keys` doesnt give any error.
<unlmtd>
might be because im using a PR that still doesnt pass all the tests
i-am-the-slime has quit [Quit: Konversation terminated!]
<vaibhavsagar>
what are you trying to accomplish that involves exporting the whole /nix/store?
Neo-- has joined #nixos
<lostman>
@vaibhavsagar IIRC I ran into some problems with tar so was wondering whether nix-store --export would be more appropriate. but it seems to want specific paths
jperras has quit [Ping timeout: 240 seconds]
<vaibhavsagar>
you can set up a machine as a binary cache with nix-serve
<vaibhavsagar>
I think nix-serve uses bzip2 when transferring
knupfer has quit [Remote host closed the connection]
Lisanna has quit [Quit: Lisanna]
goibhniu has quit [Ping timeout: 264 seconds]
Neo-- has quit [Ping timeout: 256 seconds]
<LnL>
lostman: nix-store --dump
simukis has joined #nixos
<LnL>
hmm no, thought there was an operation for it
<bkchr[m]>
Hi, I want to update a package to use the meson build system. In the fixup phase, something move folder /include and after that wants to move a folder in /include to the installation dir, but the second step fails. Anyone an idea how I could debug this?
<srhb>
bkchr[m]: Does the installation dir exist? Try injecting some ls on all the relevant paths.
<{^_^}>
[nixpkgs] @vbgl pushed commit from @ryantm to master « ocamlPackages.js_of_ocaml: 3.0.0 -> 3.1.0 »: https://git.io/vxKLk
psychic1 has joined #nixos
<srhb>
bkchr[m]: I think there's some weird setup-hook interaction here. setting outputInclude = "out" removes the issue (but of course, include is now in the wrong place)
<fusion809>
Hi folks, on openSUSE Tumbleweed I decided to install Nix with the quick install (curl https://nixos.org/nix/install | sh). The problem is that when I run `nix-channel --update` I get `warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable/binary-cache-url': Peer certificate cannot be authenticated with given CA certificates (60); retrying in 257 ms` repeated over and over, except with the retry time increaed
<srhb>
If your user is able to verify that, at least..
<fusion809>
I installed it as user so the 'sudo' parts of the command are N/A, but I removed the sudo from the start of those lines and na it didn't fix it.
vaninwagen has quit [Quit: Connection closed for inactivity]
<Profpatsch>
davidak[m]: You want to help with the testing stuff?
<srhb>
fusion809: I'm sorry, I'm not sure how that certificate validation works. It *might* be dependent on the certificates being available to the system curl, but (that's disappointing, and) I'm honestly not sure
coot_ has quit [Quit: coot_]
<{^_^}>
[nixpkgs] @etu opened pull request #38207 → Move some python modules from python-packages.nix → https://git.io/vxKtb
<fusion809>
Thanks, well the main app I wanted to install with Nix I was able to get working by manipulating existing binaries for Debian (e.g. changing environment vars, decompressing packages to a dir, etc.)
fusion809 has quit [Quit: fusion809]
coot_ has joined #nixos
ericsagnes has quit [Ping timeout: 260 seconds]
jperras has joined #nixos
scribbler has quit [Ping timeout: 276 seconds]
<bkchr[m]>
srhb: I think I found the bug in the package. I will try to create a patch :)
jperras has quit [Ping timeout: 276 seconds]
<srhb>
bkchr[m]: Do tell, if you figure it out. :-) I'm quite qurious now.
<fearlessKim[m]>
did any recent commit remove setenv from nix-shell ? I have a cmake stopping because setenv is not available. It doesnt seem to have been changed the last year
<fearlessKim[m]>
shrb hum my bad the error seems unrelated to setenv in fact, cmake throws a SEND_ERROR so it's not fatal, the error must have been here forever but I never noticed. The real error is sthg else, I 'll investigate
<bkchr[m]>
I'm trying to port the gstreamer stuff to meson, gstreamer itself now works. And now I'm on the base plugin and get the following includedir:
<srhb>
chisui: bkchr[m]: I think the unstable-small test set is also smaller than unstable, so there's _less_ testing being done
xcmw has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
tertle||eltret has quit [Quit: Connection closed for inactivity]
stepcut has joined #nixos
<romildo>
I need help packaging https://github.com/linuxdeepin/go-lib, the Deepin GoLang Library (a library containing many useful go routines for things such as glib, gettext, archive, graphic, etc.), but I am not a Go programmer. I am looking for help.
<bkchr[m]>
jtojnar: any idea how I could find this file?
<{^_^}>
[nixpkgs] @vcunat pushed commit from @qknight to release-18.03 « user/group assertion to not exceed the 32 character limit »: https://git.io/vxKYb
lambdamu has joined #nixos
<__monty__>
Silly question, what package can I find the ping command in?
<__monty__>
srhb: I know, we've been over this before : ), creating the index stalls my computer, probably because 2GB is not enough memory for anyone : s
<srhb>
__monty__: Oh! Meh!
<bkchr[m]>
jtojnar: okay, any know simple fix?
<srhb>
__monty__: Sorry, I didn't remember.
<srhb>
(And I'll probably forget again... :-P)
<__monty__>
np
<srhb>
We should ship a default index...
<jtojnar>
bkchr[m]: unfortunately, the only possibility is patching the meson.build, replacing the whole formatted string with get_option('includedir')
<jtojnar>
and we will need to increase our lobbying pressure, to convince Meson to change this :-/
<bkchr[m]>
is there any lobbying issue in upstream? :D
<jluttine>
does anyone know how to play channels.conf files on nixos? i have usb dvb-c and i w_scanned channels to channels.conf. i tried opening this file with vlc and mplayer but neither showed anything although the file contains many channels..
<{^_^}>
[systemd] @shlevy pushed commit from @whot to nixos-v238 « udev: don't label high-button mice as joysticks (#8493) »: https://git.io/vxK3R
<mkaito>
seems to me like the terminfo for `rxvt-unicode-256color` is not being installed. `infocmp` shows it correctly. Putting it in `~/.terminfo` works. I guess it's not propagated to the user env?
<timokau[m]>
Dezgeg: Thanks!
acarrico has joined #nixos
sigmundv has joined #nixos
<mkaito>
or maybe not. The correct stuff seems to be present in $TERMINFO and $TERMINFO_DIRS. So a better question is, why is tmux not picking it up?
<das_j>
I'd love to switch to zfs on nixos, but I don't want to run it on my SSDs unless discard works
<Dezgeg>
have you actually measured that enabling trim benefits things?
<infinisil>
Yeah ^^ I wouldn't try running zfs on an unmerged, unfinished PR..
<das_j>
infinisil: I'm running the patch on my arch machines for a few months now, no problems. However, I'd rather use NixOS everywhere
Ridout has quit [Ping timeout: 268 seconds]
<das_j>
Dezgeg: The problem is mainly that it degrades the SSD pretty fast
<infinisil>
Well then
<Dezgeg>
just curious, is that based on some actual measurements or hearsay?
<infinisil>
I think a normal patch override should work
<Dezgeg>
it does get bit trickier than the usual overrideAttrs since it's inside linuxPackages I think
<das_j>
Dezgeg: Yes, this is exactly my problem
<srhb>
Dezgeg: What, that it degrades the lifetime of the SSD? Isn't that why TRIM exists?
<das_j>
I think it's mainly heresay
<das_j>
I never had actual problems, however I'm doing TRIM everywhere
yann-kaelig has joined #nixos
<infinisil>
das_j: Worst case scenario you could just change nixpkgs directly
orivej has quit [Ping timeout: 240 seconds]
ma27 has quit [Ping timeout: 256 seconds]
<Dezgeg>
just asking since a few months ago I was listening to a presentation from an XFS developer who implemented it for XFS and it was very disk-dependent whether enabling TRIM actually made performance worse
<{^_^}>
[nixpkgs] @matklad opened pull request #38229 → Major update of various JetBrains IDEs → https://git.io/vxKZs
<srhb>
das_j: I wonder, can't you just use linuxPackagesFor to create a small set with just zfs and the right kernel, and then // that with the default linuxPackages?
<srhb>
Though I remember last time I tried something like that, it was a bit of a rabbit hole... :-P
<__monty__>
mkaito: Let me know if you find out more about TERMINFO, friend mentioned those problems are most of what's keeping them from really using nix.
<{^_^}>
[nixpkgs] @dezgeg pushed to unstable-aarch64 « WIP: sd-image on aarch64 hydra job work »: https://git.io/vxKnA
aveltras has quit [Quit: Page closed]
NickHu_ has quit [Ping timeout: 256 seconds]
jperras has joined #nixos
<das_j>
Um, how do I override a version of a package? I currently have super.myPkg.override { version = "1.0.0"; }, but that seems to be an unexpected argument
<makefu>
Dezgeg: ^ means that the sdimage will now be officially built by hydra?
<makefu>
Dezgeg: yesterday i had more luck with my builtin 4g instead of the abysmal wifi in the train (apparently not called wifionice for nothing ...)
<pkill9>
does anyone use Nix Package Manager or NixOS instead of Guix or GuixSD for any reasons other than lack of hardware support/software available on Guix/GuixSD?
justan0theruser has quit [Quit: WeeChat 1.9.1]
Rusty1_ has quit [Quit: Konversation terminated!]
<srhb>
pkill9: Yes.
<srhb>
pkill9: (For instance, I prefer the Nix language)
<pkill9>
what do you prefer about it?
<srhb>
It feels more ML-ish.
<pkill9>
what's ML?
justanotheruser has joined #nixos
<neonfuz>
is running a nix-env off nixpkgs-unstable stupid?
<srhb>
It's mostly a family of languages these days. I like the syntax.
<srhb>
I miss the types :-)
<pkill9>
ah
<neonfuz>
like ocaml and haskell
<srhb>
Yeah.
<neonfuz>
if you've heard of those
<pkill9>
think i might install NixOS at some point
<pkill9>
srhb: my impression was that people generally tolerate the NixOS language but choose it due to larger package selection
<pkill9>
i dunno of other benefits, like perhaps Nix is faster
<pkill9>
my main gripe with it is the command line interface
pxc has joined #nixos
cransom has joined #nixos
<pkill9>
i should just make a wrapper tbh
Ariakenom has quit [Ping timeout: 240 seconds]
jperras has joined #nixos
alhariel has quit [Remote host closed the connection]
<Bogdacutu>
anyone know how much space I would need for a full nixpkgs release? I'm curious about setting up an armv7l build farm, but forgot about storage :)
<infinisil>
fresheyeball: Have you opened an issue?
<tmplt>
Are packages requiring files in nix-store welcome to nixpkgs, or should I just place it in an overlay? I believe other users could want this, but mirroring the required tarball might break against the program's eula.
<fresheyeball>
I think this means its finding the package
jperras has quit [Ping timeout: 240 seconds]
<fresheyeball>
and there is an error between the .h and the .o
<fresheyeball>
is my intuition correct?
<infinisil>
fresheyeball: I think it's okay to open issues in nixpkgs for that thing, I mean you're using nixpkgs' infrastructure, and one of its goal is to be usable
<fresheyeball>
infinisil: ok
<infinisil>
(I have no idea about this stuff though, so I can't help you much with that)
<fresheyeball>
infinisil: I guess I would rather power through and submit a PR
<Mateon1>
Yeah, I do use it. I've switched the default channel to unstable, rather than adding the unstable channel separately, so I don't think it applies
stanibanani has joined #nixos
<Mateon1>
Ah, this is crippling
stanibanani has quit [Remote host closed the connection]
<Mateon1>
I can't do nix-env -q -a to see what the package name is
stanibanani has joined #nixos
<Mateon1>
I'm getting "attribute nixStable2 missing", for `nix.package = pkgs.nixStable2`
pxc has joined #nixos
<LnL>
yeah -qa also breaks because of the placeholder usage
stanibanani has quit [Remote host closed the connection]
<LnL>
are you using the 17.09 stable channel for your system?
stanibanani has joined #nixos
leotaku has joined #nixos
<Mateon1>
No, I've switched to unstable, haven't done an update and switch in a couple of months though, except for minor manual package updates
<LnL>
if you use unstable nix2 is the default
<Mateon1>
Maybe I can re-add the stable channel for now, but I'm afraid of breaking something
<Mateon1>
Well, apparently not, since my nix version is 1.11.15
Moredread has joined #nixos
<LnL>
can you run nix-info
<Moredread>
I't like to try out the new stable channel, but I want to use the same config for 17.09 too. I need a new option that isn't available on 17.09, so building nixos there fails. Is there a way to only define a config option when it exists?
<akscram>
I cannot figure out why nixos-install generates incorrect /mnt/etc/fstab ignoring my configuration of fileSystems in /mnt/etc/nixos/hardware-configuration.nix with zfs for "/" but using UUID of the partition currently mounted as "/".
pqqq has joined #nixos
<pqqq>
Is there an `isNixOs` analogue to `stdenv.isDarwin`? It's surprisingly hard to find
blankhart has quit [Ping timeout: 260 seconds]
<LnL>
no there are only platform conditionals, so stdenv.isLinux
ma27 has joined #nixos
<pqqq>
What's the best way to make the inclusion of `pkgs.glibcLocales` conditional then? Seems like it's only relevant for NixOS?
<pqqq>
So I should make it conditional on `isLinux`?
<LnL>
but a nix package shouldn't depend on the locales of another distro
<LnL>
yep
<leotaku>
I can set nixPath to a git checkout in configuration.nix to install systemPackages from that rev, how would I do that for packages installed with nix-env/by users?
blankhart has joined #nixos
tertle||eltret has joined #nixos
raynold has joined #nixos
hiratara has quit [Ping timeout: 256 seconds]
<ottidmes>
leotaku: If you set the nixpkgs checkout via nix.nixPath (i.e. [ "nixpkgs=/your/checkout" ]) and you use nix-env --file '<nixpkgs>' it should work
civodul has quit [Quit: ERC (IRC client for Emacs 25.3.1)]
<leotaku>
ottidmes: ok, but isn't there a way to point nix-env to the system nixpkgs by default?
hiratara has joined #nixos
<ottidmes>
leotaku: Not that I am aware, I just use an alias for it
<leotaku>
ottidmes: ok, thanks
Mateon1 has quit [Ping timeout: 248 seconds]
<puffnfresh>
lostman: I'm working on making macOS spin up a LinuxKit VM whenever you want to build Linux software
Mateon1 has joined #nixos
<puffnfresh>
got this somewhat working
nuncanada has joined #nixos
<lostman>
@puffnfresh that's cool! never heard of linuxkit. I've seen hyperkit. that's what minkube uses on Mac
Lisanna has joined #nixos
<puffnfresh>
shlevy: I added some debug statements and can see ssh-ng is still sending settings - I have no idea how
<puffnfresh>
I've got a hack on the other side: ignore most settings in nix-daemon
<puffnfresh>
don't know if this is reasonable
rindolf has quit [Ping timeout: 276 seconds]
<puffnfresh>
lostman: yeah LinuxKit uses HyperKit
<puffnfresh>
LinuxKit is kinda Docker without Docker
<lostman>
normally I wouldn't want to build linux containers on mac. mac hardware is usually not up to date :( but it's useful for testing. I have a file that builds docker container and it's annoying that I have to spin some vm to test whether it works
<lostman>
what I want at the end of the day is CI/CD building minimal docker containers and pushing them to some registry
jperras has joined #nixos
<lostman>
another question... I'm setting up nix-serve on a ubuntu box running jenkins. do I need to set up nix to be multi-user? or is nix-serve read-only and doesn't need anything special?
goibhniu has quit [Ping timeout: 268 seconds]
yann-kaelig has joined #nixos
<Dezgeg>
it is read-only
yann-kaelig has quit [Client Quit]
<Dezgeg>
well, I guess it needs to lock the paths to prevent them to be garbage collected when it's serving them... but just run it as the same user as your jenkins
<{^_^}>
[nixpkgs] @symphorien opened pull request #38260 → tamarin-prover: install vim syntax highlighting files → https://git.io/vxKrh
Jackneilll has quit [Remote host closed the connection]
Jackneilll has joined #nixos
isHavvy has quit [Remote host closed the connection]
isHavvy has joined #nixos
<leotaku>
krita on nixos-unstable errors for me complaining about a wrong hash, does anyone else have this problem?
<Guest57550>
hi all, I'm trying to boot the graphical livecd on a new lenovo x1 yoga and getting "timed out waiting for device /dev/root, trying to mount anyway"
tgunb has quit [Ping timeout: 240 seconds]
Jackneilll has quit [Remote host closed the connection]
Jackneilll has joined #nixos
<Guest57550>
I can see usb-SanDisk_Ultra_Fit_[...] in /dev/disk/by-id/, so it's at least seeing the liveUSB device
hamishmack has quit [Quit: hamishmack]
<Guest57550>
mount /dev/sda1 /mnt-root works too... hmm
<Guest57550>
but I don't know how to encourage the boot process to find it
<Lisanna>
wtf, this is so strange... on this machine and only this machine, whenever I try to install NixOS with EFI, the first generation install from the USB stick boots fine, but as soon as I deploy and create a new generation, it can't find the bzImage in the EFI directory
<Lisanna>
but I checked manually and it's there :/
endformationage has quit [Ping timeout: 264 seconds]
<Lisanna>
anyone know any EFI debugging tips
endformationage has joined #nixos
<Lisanna>
magic incantations I can put into the EFI shell and find out what's wrong
<LnL>
don't really know anything about it, but there's boot.loader.efi.canTouchEfiVariables that sometimes magically fixes problems
<Lisanna>
LnL that's set
sanscoeu_ has joined #nixos
<Lisanna>
(the nixos-generate-config automatically sets that when you boot the install media with UEFI)
<Lisanna>
the strange thing is I can keep booting the old bzImage from Generation 1 all day, but the bzImage from Generation 2 that was created with a nixops build doesn't want to work
<`_>
infinisil: sigh... the partition wasn't flagged as bootable
<Lisanna>
guess I can just do a non-EFI install... but that sucks since I have to give the grub device name in the logical nixos config ):
endformationage has quit [Ping timeout: 264 seconds]
obadz- has joined #nixos
<clever>
Lisanna: yeah, nixops is a bit of a pain when your not dealing with uniform install conditions
semilattice has joined #nixos
<benny>
Lisanna: probably doesn't help, but canTouchEfiVariables has to be false on my system, but that's an error that occurs on switch time not on boot time (I have to boot the disk, not the I imagine created EFI boot menu entry)
endformationage has joined #nixos
<Lisanna>
benny that's interesting, I might try that.
semilattice has quit [Remote host closed the connection]
aarvar has quit [Ping timeout: 255 seconds]
<infinisil>
Hmm.. Maybe I should ask for merge rights, I'd like to help bring this huge number of PR's down, and these version updates are easy to review
<obadz->
gchristensen: wow I hadn't realized you wrote ofborg in rust. very cool!
semilattice has joined #nixos
jperras has joined #nixos
<Lisanna>
benny canTouchEfiVariables is set to true on both generations though, so that's strange.
justan0theruser has joined #nixos
<Lisanna>
I wonder if the "Not found" error doesn't actually mean that the file wasn't physically found, but that there was some other problem with it.
justan0theruser has quit [Client Quit]
obadz- has quit [Quit: WeeChat 2.0]
<Lisanna>
(as linux programs do love to abuse that error in errno usage at least)
justan0theruser has joined #nixos
<obadz>
domenkozar: will try, thanks!
ma27 has quit [Quit: WeeChat 2.0]
Jestr has quit [Ping timeout: 240 seconds]
<benny>
Lisanna: I also get file not found or something error - I get it when I switch or build with it set to true
justanotheruser has quit [Ping timeout: 260 seconds]
ma27 has joined #nixos
<Lisanna>
benny alright, lemee try with it off
<Lisanna>
also I'm building from some random 18.03pre version of nixos
<Lisanna>
I wonder if there are breakages or instabilities with the thing that builds the bzImage and puts it in /boot
<Lisanna>
(I have no idea what part of nixpkgs does that)
<clever>
Lisanna: nix builds the bzimage, it would wind up in a place like /run/current-system/kernel
<clever>
Lisanna: and then the bootloader scripts in nixos deal with copying it to /boot/
<Lisanna>
benny thanks for the suggestion, unfortunately that didn't seem to fix it
ma27 has quit [Client Quit]
ma27 has joined #nixos
<benny>
you could always give a different boot loader a try, in case grub-install fails and results in those errors
<benny>
I use systemd-boot.enable = true;
jperras has quit [Ping timeout: 264 seconds]
<Lisanna>
benny I am too, that's the default
migy has quit [Ping timeout: 264 seconds]
<Lisanna>
meh I'm just going to do a non-UEFI install and hope it works
<Lisanna>
I don't have time to learn enough about EFI to debug this myself
migy has joined #nixos
<benny>
what's the best way to diff two generations? I'm doing -G X; -qP > x.pkgs; -G Y; -qP > y.pkgs
fendor has quit [Read error: Connection reset by peer]
jperras has quit [Ping timeout: 264 seconds]
<srhb>
benny: nix-diff gen1 gen2
<zybell_>
Lisanna:because EFI can't boot a bzImage directly, there has to be a bootloader between. The question is One bl for all bzImg or One bl per bzImg? One bl per should be visible in the EFI-Boot-Menu, One bl for all needs a config to tell which bzImg to boot. If that isn't changed, the old bzImg boots indep of the nr of installed bzImg.
<Lisanna>
zybell_ my motherboard's boot manager gives me a single "EFI System" (or something like that) entry for booting, and then choosing that takes me to the NixOS generation selection screen
<clever>
Lisanna: the nixos generation menu is the bootloader
asuryawanshi has quit [Remote host closed the connection]
krey has joined #nixos
<Lisanna>
zybell_ so my motherboard's boot manager might be screwed up to cause that situation?
<clever>
Lisanna: is /boot correctly mounted when you do the nixops deploy?
<Lisanna>
clever yes, I can even ls it and see that the new bzImage for the new generation is created there
<Lisanna>
in EFI/nixos
<Lisanna>
and the name matches what it says it can't find when I try to boot
ma27 has quit [Ping timeout: 276 seconds]
<krey>
if there are several packages providing a command, how is it decided which one's put in my path?
Bogdacutu has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<clever>
krey: are all of them installed?
<Lisanna>
krey the priority of the package
<krey>
e.g. sage seems to have taken over my python
<clever>
krey: then its down to the priority, i also try to avoid causing duplicates like that
<Lisanna>
"priority"
knupfer has quit [Remote host closed the connection]
knupfer has joined #nixos
<zybell_>
No you are only in the One for all situation, and have to look for the config-file of the bootloader.Thats not EFI anymore but systemd-boot. You need to debug that.
<obadz>
domenkozar: that worked. thanks! we should probably put some module-level checks that enforces that only one is set… I'll have a go.
<Lisanna>
zybell_ is that located in /boot?
<benny>
srhb: that seems to be more for derivation, I wasn't clear: I meant nix-env profile generations
<krey>
clever: how do you deal with this? Is there a packageOverride or something?
<clever>
krey: just dont install the things that cause it to duplicate up
<krey>
clever: what exactly do you mean by "not installing"?
<zybell_>
but systemd including systemd-boot is not my strong suit. Nevertheless I would expect to find all related files in /boot.
<krey>
clever: using nix-shell -p?
`_ has quit [Quit: WeeChat 2.0]
<clever>
krey: if your using -p, you cant set the priority that easily, but the priority is based on the order as well
<Lisanna>
zybell_ okay, thank you for giving me some background information on this <3
<clever>
krey: so just move things to another point in the list
<puffnfresh>
I see the warning message from RemoteStore and none from SSHStore
<krey>
clever: I'm not using nix-shell, sorry, it was just a thought
<krey>
clever: in my environment.systemPackages, sage comes before python
<clever>
krey: why are you installing python?
jtojnar has quit [Remote host closed the connection]
<lostman>
I'm trying to set up nix-serve as trusted cache. I generated key with `nix-store --generate ...` and I'm starting nix-serve with `NIX_SECRET...` set. But when I do nix-build `nix-build --option extra-binary-caches http://localhost:5000 --option binary-cache-public-keys XYZ` it tells me "ignoring untrusted substituter http://localhost:5000"