<iwakura0613>
How do I install C devs, I think I am doing it wrong
<iwakura0613>
Such as curses.h
takeda has joined #nixos
Supersonic has quit [Ping timeout: 252 seconds]
Supersonic has joined #nixos
justbeingglad has joined #nixos
silver has quit [Read error: Connection reset by peer]
<jasom>
iwakura0613: if you set the library as a dependency in your nix expression, the build environment should have the proper headers in the include path already. If you're doing a manual build of something, perhaps nix-shell will do what you want?
<infinisil>
iwakura0613: Use your mouse to click the link
<iwakura0613>
I did
<iwakura0613>
How does that get me curses.h to build with make
<infinisil>
You lack a basic understanding of Nix, get that first
<infinisil>
iwakura0613: The answer to your question is to add ncurses to your buildInputs, but the pills will get you to that answer and many more as well
<iwakura0613>
Alright, I will look at buildInputs
drakonis_ has joined #nixos
<ekleog>
iwakura0613: you really should read the pills, they're great :)
kisik21 has quit [Ping timeout: 252 seconds]
lassulus_ has joined #nixos
<iwakura0613>
is pills referring to red pills?
<ekleog>
idk
lassulus has quit [Ping timeout: 240 seconds]
lassulus_ is now known as lassulus
iwakura0613 has quit [Remote host closed the connection]
ThatDocsLady has quit [Remote host closed the connection]
<{^_^}>
jaagr/polybar#1405 (by JonathanReeve, 37 minutes ago, open): Custom script appears to be broken on fish (with polybar running as a service)
filterfish__ has quit [Ping timeout: 240 seconds]
joehh has joined #nixos
ThatDocsLady_ has joined #nixos
ThatDocsLady has quit [Ping timeout: 252 seconds]
<dmj`>
Hi, I’m setting some environment variables in a nixos module, some are abosulte paths on the machine. I’ve noticed NixOS turns them into file paths inside the /nix/store
<dmj`>
environment.ENV_VAR = /home/dmj/path/to/db
<dmj`>
turns into ENV_VAR=/nix/store/<hash> when I call env
<dmj`>
why is this?
<emily>
because that's what filepaths do as nix expressions
<emily>
you can quote it if you want it to be a literal string
<emily>
otherwise paths you reference get copied to the store
jmeredith has joined #nixos
jonreeve has quit [Ping timeout: 246 seconds]
<dmj`>
oh
<dmj`>
emily: thanks :)
<dmj`>
late night
<emily>
^_^
graphene has quit [Read error: Connection reset by peer]
drakonis_ has quit [Remote host closed the connection]
hiroshi has quit [Ping timeout: 246 seconds]
hiroshi has joined #nixos
ted_ has quit [Ping timeout: 272 seconds]
filterfish has quit [Read error: Connection reset by peer]
<elvishjerricco>
I'm trying to debug why my NixOS config is producing a different build right now, so I'm loading it in the nix repl and poking around the resulting `options` and `config`. Is there any way to see all the NixOS `imports` that were used?
hiroshi- has joined #nixos
endformationage has quit [Quit: WeeChat 1.9.1]
hiroshi has quit [Ping timeout: 240 seconds]
hiroshi- is now known as hiroshi
justbeingglad has quit [Quit: Leaving.]
binaryphile has joined #nixos
b has joined #nixos
ted_ has joined #nixos
binaryphile has quit [Ping timeout: 240 seconds]
<manveru>
i'm having issues with the keybase module, all i get in the logs is `keybase.service: Failed to run 'start' task: Permission denied`
seanparsons has joined #nixos
seanparsons has quit [Read error: Connection reset by peer]
<manveru>
it works when i run it myself, but the user service fails for some reason
<{^_^}>
To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected.
<justanotheruser>
will most of the nixcon 2018 talks be on youtube?
<manveru>
justanotheruser: yeah
<justanotheruser>
thanks
seanparsons has joined #nixos
filterfish has joined #nixos
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
jmeredith has quit [Quit: Connection closed for inactivity]
<manveru>
i really wish nix repl was fixed :|
graphene has quit [Remote host closed the connection]
trcc has joined #nixos
trcc has quit [Remote host closed the connection]
trcc has joined #nixos
<ekleog>
manveru: add `strace` in front of the command line of the service?
<manveru>
so it looks like i messed up my /var/lib permissions
<manveru>
and not all services fix it on startup
<manveru>
i didn't preserve permissions when i copied it from my old disk :(
hyper_ch2 has joined #nixos
Izorkin has joined #nixos
jbgi has joined #nixos
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
periklis has joined #nixos
Thra11 has joined #nixos
<manveru>
ekleog: for some reason strace won't work either
<manveru>
all i can see is `kbfs.service: Job kbfs.service/start failed with result 'dependency'.`
<Glenn>
Wondering if anyone here is using nixops with libvirtd, and happens to have a working example of filesystem passthrough using deployment.libvirtd.extraDevicesXML?
<Mic92>
How can I ignore ~/.nixpkgs/config.nix in scripts?
nschoe has joined #nixos
<ekleog>
manveru: isn't that systemd's way of telling you a dependency of kbfs.service failed to start?
<manveru>
ekleog: it has no dependencies...
<ekleog>
oh.
<ekleog>
do an echo in the script actually display?
<manveru>
wait, that's wrong
<ekleog>
Mic92: iirc the technique for overlays is to re-import nixpkgs with an explicit overlay argument, I'd guess the same can be done with ~/.nixpkgs/config.nix?
<manveru>
keybase has no deps, but kbfs does
<ekleog>
Mic92: yeah, there appears to be a `config` parameter to nixpkgs, if you set it to the right thing I think it should disable the auto-loading from ~/.nixpkgs/config.nix
logzet has joined #nixos
<manveru>
there should also be a way to up the log level of systemd
<teto>
Glenn: I mount folders in mapped mode and run qemu with myself as user
<ekleog>
Mic92: that's weird :/
<teto>
(via a nixops+libvirtd setup)
* ekleog
gotta go, unfortunately, would love a ping if you get to the bottom of it
<Glenn>
teto: why do you do it that way? Were you unable to get passthrough working? (This is my first go at sharing files between host and guest, so I'm a bit clueless at the moment.)
<Mic92>
ekleog: simple reason, the file was deleted to early
<teto>
Glenn: I didn't want to run qemu as root, which makes passthrough boring since I couldn't run sudo commands on shared files anymore etc
<teto>
if you run qemu as root, passhtrough is the way to go i believe
jbgi has quit [Ping timeout: 246 seconds]
<Glenn>
It looks like qemu running as root is the default behaviour, so that's probably what I'm doing
<kenshinCH>
I'm trying to run this example https://github.com/vikpe/react-webpack-typescript-starter using node2nix. The environment is created properly, as far as I can tell, but webpack-dev-server is not in the path - I can run it, however, specifying the full path to the nix store. What am I missing?
<{^_^}>
keybase/keybase-issues#1593 (by pkirkovsky, 3 years ago, open): Implement user blocking
nefix has joined #nixos
<elvishjerricco>
Alright, I got tinc up and running! This is insanely cool. I can use the same address and just magically get a local connection speed to my desktop whenever my laptop is at home.
<manveru>
etu: ok, i guess some people care about that :)
<etu>
But keybase motivated me to get a smartcard and now I do "proper" gpg usage with keysignings and such instead :p
<etu>
So I got something good from it
<manveru>
well, i have no issue with normally using gpg
<manveru>
but keybase is just convenient for shared folders and repos, so i use it for that
<srhb>
,tell jtojnar: At a first guess, it's because you have to populate a largely empty store in order to start building anything. Making images that are mostly ready to deal with the build is one way to go about this. Better yet would probably be to share a store across builds.
<{^_^}>
srhb: I'll pass that on to jtojnar:
<etu>
srhb: I think the colon after the nick will make it fail
<srhb>
etu: Thanks :)
<srhb>
,tell jtojnar At a first guess, it's because you have to populate a largely empty store in order to start building anything. Making images that are mostly ready to deal with the build is one way to go about this. Better yet would probably be to share a store across builds.
<{^_^}>
srhb: I'll pass that on to jtojnar
jtojnar has joined #nixos
ArahaelPi has joined #nixos
<c15ade4>
elvishjerricco: thats awesome, I have just setup wireguard but have the problem of a pointless roundtrip when I am at home
DigitalKiwi has quit [Quit: DigitalKiwi]
<srhb>
lezed1: Taking this to #nixos since it seems to be a general question about how to package python, not deep in the design of NixOS itself :) Can you share your expression?
<lezed1>
srhb: Ah, I guess I messed up the split of the channels. I'll push my expression to GitHub so I can link directly to the code
f0i has joined #nixos
<srhb>
It's not completely obvious. #nixos-dev is more about wide-ranging changes to the overall design, not single packages (unless perhaps it's about something deep like stdenv)
thibm has joined #nixos
DigitalKiwi has joined #nixos
<mpickering>
Has anyone used the `aws` command line tool? All the commands fail for me
<mpickering>
sanity-check: "": file is missing. (Format: AccessKeyID\nSecretAccessKey\n)
<srhb>
mpickering: I have, yes
<elvishjerricco>
as have i. Never had a problem on nixos with it.
<srhb>
mpickering: Moving the config files that I know of away does not produce that error for me (on nixos-unstable)
__Sander__ has joined #nixos
<mpickering>
What is the package called?
<srhb>
mpickering: awscli
<mpickering>
Is it just `aws` or is there another one?
<mpickering>
it's unfortunate that aws is the wrong thing
<srhb>
mpickering: Yes, I wonder what it's even supposed to be
<mpickering>
I think a cli for aws
<mpickering>
but it looked very outdated
<srhb>
Maybe it should be removed...
<srhb>
(I think awscli is the right name for the aws cli still)
ArahaelPi has quit [Read error: Connection reset by peer]
nefix has quit [Quit: Lost terminal]
<srhb>
lezed1: That part is the driver itself, right
<lezed1>
srhb: Looking at it more, I think setting the pythonpath did work, but the current error is `ValueError: Namespace Gdk not available`, which is gnome related
<srhb>
Oh ugh..
<lezed1>
that commit has expressions for the kernel driver and python libraries that accompany it
<lezed1>
I think some more env variables get set up in the shell, I can see what it sets
<srhb>
lezed1: You might also want to use --pure to make sure you're not leaking stuff into it?
<lezed1>
Is there a better way to do that?
<srhb>
I think that's a generally accepted way, though I'm no expert at python packaging. fwiw I think it's normal to prefix rather than suffix though, since first entries take precedence.
<srhb>
(Just in case something else is on the path already)
thibm has quit [Quit: WeeChat 2.0]
<lezed1>
okay, I changed that
<lezed1>
I also tested in pure, and it works
arahael1 has joined #nixos
<srhb>
Good.
<lezed1>
so it's something not set globally
thibm has joined #nixos
<lezed1>
`GI_TYPELIB_PATH` seems to be the magic missing variable
<{^_^}>
jtojnar: 22 minutes, 27 seconds ago <srhb> At a first guess, it's because you have to populate a largely empty store in order to start building anything. Making images that are mostly ready to deal with the build is one way to go about this. Better yet would probably be to share a store across builds.
<jtojnar>
lezed1: adding wrapGAppsHook to nativeBuildInputs will wrap the program and set the variable
<srhb>
That thing has always mystified me, good to know. :D
<jtojnar>
srhb: is it fine to just cache /nix/store? I would worry about it bloating over time with the builds itself
<jtojnar>
also not sure if it is compatible with using latest nixos/nix image
<srhb>
jtojnar: I'm not sure how to do it with the image exactly. The sad thing is that it would basically _just work_ without using dockerized builds, of course.
<jtojnar>
also I think the cache can be cleared after some periods inactivity
<srhb>
jtojnar: But yes, since the gitlab ci doesn't know of any of the Hydra gc root tricks, it's a bit more difficult to keep just the latest around.
<srhb>
But it might be acceptable to just have the occasional gc and the subsequent build take longer.
<srhb>
jtojnar: I don't know exactly how the gitlab ci caching works, but could you maybe just cache a directory of gcroots? And then maybe name the root after the branch and overwrite it on each subsequent build?
<lezed1>
Are you asking about caching `/nix/store` in GitLab CI builds? I have done that and can give you the config for it I believe
<srhb>
lezed1: Please do share, that would definitely help jtojnar's use case :)
<Phlogistique>
Hi! How can I refer to the current nix-shell generated environment? For example to run "nix-env -q"
kini has quit [Remote host closed the connection]
<srhb>
Phlogistique: I don't think there's any way to do that. It isn't a profile in the regular sense.
kini has joined #nixos
nly has joined #nixos
<lezed1>
With GitLab you have to copy all of `/nix/store` into a path in your repo and cache that
<lezed1>
also, things get huge really quickly
<siers>
Would nix packages build on android, if one had root?
<srhb>
lezed1: Shouldn't the build be able to add a gc root for the (succesful) build environment and collect garbage?
<srhb>
And keep that root around of course.
<lezed1>
yeah, you could definitely start pruning it to keep it manageable, I never went that route and stopped using the caching because it wasn't helping (I just verify that you can evaluate all my machine expressions, I don't build them on GitLab)
<srhb>
lezed1: How do you reuse the store dir though? Copy it back or use some of the proot features?
<lezed1>
the cache puts it into your repo somewhere, then you can copy it over to the correct location at /
<selfsymmetric-mu>
What's the right way to override `mesonFlags` for a package? Should I overrideDerivation on the package, or on meson itself?
nckx has quit [Quit: Updating my GNU GuixSD server — gnu.org/s/guix]
timj1 has joined #nixos
nckx has joined #nixos
<selfsymmetric-mu>
I'm doing `overrideAttrs (oldAttrs: rec { mesonFlags = [ "--buildtype=debugoptimized" ];});` but I know that's not working because I can put garbage in the `mesonFlag` argument and it doesn't error out.
timj has quit [Ping timeout: 240 seconds]
<kenshinCH>
I'm lost trying to use node2nix for a simple(?) react-typescript project with webpack. Can anyone help?
trcc has quit [Remote host closed the connection]
trcc has joined #nixos
trcc has quit [Read error: Connection reset by peer]
<jtojnar>
hmm, nix-hash probably is not what I am after
ThatDocsLady_ has joined #nixos
<drp>
whats up with these programs.<app>.enable options? I haven't seen these before, it seems for programs.java it includes the JAVA_HOME variable, why not just have that as part of the packages? I think I've missed this devopment/only just learned enough to see
ThatDocsLady has quit [Ping timeout: 250 seconds]
<Mic92_>
drp: nix-env is limited to data in /nix. nixos modules provide functionality for everything else.
kenshinCH has quit [Read error: Connection reset by peer]
qyliss has joined #nixos
qyliss^work has joined #nixos
jperras has quit [Ping timeout: 246 seconds]
<drp>
so if I add java to my systemPackages i can't run jars that expect JAVA_HOME but if I do programs.java.enable I can?
<Mic92_>
drp: usually we try to wrap most applications in nixpkgs upfront to have JAVA_HOME set.
<Mic92_>
if you run your own non-packaged ones, you might want to use the module instead
kenshinCH has joined #nixos
<drp>
Mic92_: Thank you! That cleared it up for me. I was looking at running yacy, it seems programs.java will help me if I don't want to create my own nix package
<Mic92_>
drp: if you ever plan, there is a nixpkgs manual chapter on java. If you package ready-build jars it is not much nix to write.
<das_j>
Hi, is there a way to override the name of a `runCommand` derivation? I tried .override { name = "whatever"; }, but it fails because it says that attribute "override" is missing
<{^_^}>
[nixpkgs] @dotlambda opened pull request #45783 → buttersink: move out of pythonPackages → https://git.io/fAn9U
<das_j>
In particular, I'm trying to do something like environment.systemPackages = (manual.manpages.override { name = "my-manpages"; });
<mpickering>
overrideAttrs?
<das_j>
mpickering: I thought so as well, but this results in error: attempt to call something which is not a function but a set
kisik21 has joined #nixos
<mpickering>
what is your code?
<andi->
...overrideAttrs (old: { name = "bar"; })
<das_j>
Oh well, I forgot the parameter...
<das_j>
andi-: Thank you, this way it works!
<{^_^}>
[nixpkgs] @oxij opened pull request #45784 → nixos/shells: Avoid overriding the environment for other child shells → https://git.io/fAnHL
<gchristensen>
OfBorg will be undergoing some maintenance very soon and may have a bit of down-time. If you notice problems, please drop by #nixos-borg. Some are to be expected, but please be proactive in reporting them.
<das_j>
Okay, weird. maybe somebody can help me here, this makes no sense at all to me. I changed the name of the manual which caued the manual to be rebuilt. However, the line `optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList);` (nixos/nixpkgs/nixos/doc/manual/default.nix:79) fails with "in 'toFile': the file 'options.xml' cannot refer to derivation outputs". What? How can this be built?
chreekat has quit [Ping timeout: 252 seconds]
Lears has quit [Ping timeout: 240 seconds]
<gchristensen>
maybe you can share your code
<das_j>
If I look at the nix source code, this seems to happen when toFile tries to write a derivation. But toXML shouldn't return a derivation IMO
<gchristensen>
usually this is a problem with a Nix option referring directly to a package
<jtojnar>
I guess I will just have to delete the image manually for now
<jtojnar>
and use the same name
<das_j>
gchristensen: My code is (from inside a module): environment.systemPackages = (manual.manpages.overrideAttrs (old: { name = "my-manpages"; }));
chreekat has joined #nixos
<das_j>
I change the name to force nix to rebuild the manual so configuration.nix also contains the options of my modules
<Phlogistique>
srhb: alright, thanks!
<gchristensen>
what version of nixpkgs are you based on?
<das_j>
18.03
<das_j>
or do you mean the commit?
<gchristensen>
the commit
<gchristensen>
why would you need to force the manual to rebuild to contain your options? that shouldn't be required
<das_j>
.git-revision from nixpkgs contains edd63e05d1e37ed3fb9623aca25c874014d9778ccat
<gchristensen>
and: what are the options of your modules? there is clearly more going on than just the one change, and I'm betting one of your options has the problem.
<das_j>
I don't know, but it doesn't contain the options so I assume I need to force it
__monty__ has joined #nixos
<das_j>
I add some modules by including them, I'll look for the code. However, I doubt it's because of modules because `${manual.optionsJSON}` works and gives me a JSON including my modules
<das_j>
So it's `imports = (import ./3modules)` and default.nix in 3modules is just a list of paths, like module-list.nix
<srhb>
So what happened is: last-succesful was at the rev that nixpkgs-channels/nixos-unstable is now at. So a) update nixos.org b) update nixpkgs-channels to that. a) failed, b) succeeded. Then, last-succesful went BACK in time to where nixos.org is now at, so we will not ever hit the rev that channels/nixos-unstable is at now.
<gchristensen>
Most of the OfBorg infrastruture is now updated. I'm now begining the upgrade procedure for the core of the infrastructure. New messages to ofborg will be lost while it is down. It should only take a few minutes. https://butt.holdings
ciil has joined #nixos
<chreekat>
Given a haskell package with a pkgconfig-depends, nix-build and 'nix-shell --run "cabal new-build" both work -- but new-repl fails with a ghc panic about a missing symbol that should be supplied by the pkgconfig'd library. Nix problem? cabal problem?
carlosdagos has quit [Quit: Connection closed for inactivity]
<{^_^}>
nixos-channel-scripts#22 (by samueldr, 4 days ago, merged): Fixes channel going back in time due to incomplete change.
* samueldr
failed to see the previous discussion that was much better
<samueldr>
there was a sea of changes though :)
<samueldr>
but yeah, basically, last-successful != most recent changes successful within hydra
<samueldr>
(apparently)
jabranham has joined #nixos
<gchristensen>
Due to an upstream provider issue, the final piece of maintenance won't be performed today. We're done with today's maintenance and everything should be okay.
<ryantm>
I don't see any references to "last-successful" in your PR either.
<samueldr>
hm, yeah, sorry, kinda jumped the gun here :/ but this shouldn't happen anymore
<ryantm>
This will be the first NixOS release since I started doing nixpkgs-update/r-ryantm. I hope we didn't break a bunch of stuff that unstable people don't test!
<{^_^}>
[nixpkgs] @dotlambda opened pull request #45789 → buildbot: use python3Packages → https://git.io/fAcem
<gchristensen>
ryantm: it'll be an experience for sure
<Zajcev>
guys ... any documentation to help me understand nixos basics? ... how does it work, channels, store, what is NIX_PATH and what is it for and how to use, etc etc etc ... I'm honestly lost ...
<Zajcev>
thanks
<cransom>
have you read the nix pills?
<Zajcev>
nope, only nixos manual and nixops manuale yet
<cransom>
the pills are highly recommended.
<Zajcev>
start with pills?
<cransom>
you can kind of drive the system without knowing whats underneath, but you'll hit an impass if you don't have a little knowledge of the system underneath
<ekleog>
<elvishjerricco> It does that chroot stuff by default. How does that ever work if this file isn't also visible? <-- yeah, I still haven't understood whether tinc was broken, or if that was the tinc module, so haven't tried to fix it yet. you've already found the services.tinc.networks.[…].chroot, or so it seems :)
ThatDocsLady_ has quit [Ping timeout: 246 seconds]
sigmundv__ has quit [Ping timeout: 252 seconds]
akamaus has joined #nixos
<akamaus>
hello
<johanot>
JonReed: I meant the source code of a package. For some packages, it is very easy to just grab the literal github url from a package nix-file. In other cases, for complicated packages, it's not.
<akamaus>
what's the proper way to excape @ in indented strings (I mean ones enclosed in double single-quotes)?
<cransom>
i don't recall @ being a special character, there should be no need to escape it
worldofpeace has joined #nixos
<akamaus>
@cransom, looks like manual skips it, but
<akamaus>
nix-repl> let a= '' RP_NEW=join_by : \${RP\@:2\} '' ; in a
<akamaus>
results in error
gspia has quit [Quit: Leaving]
__Sander__ has quit [Quit: Konversation terminated!]
<cransom>
it's not complaining about the @
<cransom>
> let a= '' RP_NEW=join_by : ''${RP@:2} '' ; in a
<{^_^}>
"RP_NEW=join_by : ${RP@:2} "
<akamaus>
hmm, probably another variant did
<cransom>
is that what you were looking for?
<akamaus>
let a= '' RP_NEW=join_by : \${RP[@]:2} '' ; in a
<JonReed>
johanot: Some packages will not have an `src` though (or can something else like `srcs`). Or the source can be already build somewhere previously and then passed to an expression. It can also be inside `let in` expression and be build there somehow before being passed to the mkDerivation.
<JonReed>
johanot: For those that do have `src`, you can go to `nix repl "<nixpkgs>"` and go `:b redshift.drvAttrs.src` which will output the path for the source
kenshinC1 has joined #nixos
<JonReed>
johanot: I used `redshift` package because firefox doesn't have `src` attribute
FRidh has quit [Remote host closed the connection]
chaker has joined #nixos
jbgi has joined #nixos
<chaker>
Hey, What's the type of `nodes.machine` in nixops? Is't "machine"? Because I'm trying to add some configuration and even though I set the type of the resource option to `types.nullOr (types.either types.str (resource "machine"));` The evaluation of the deployment fail with "error: The option value `destination' in `<unknown-file>' is not of type `null or string or resource of type ‘machine’'."
mayhewluke has quit [Ping timeout: 245 seconds]
mayhewluke has joined #nixos
<kini>
On https://nixos.wiki/wiki/NixOS_on_ZFS#Known_issues it says that as of march 2014, one shouldn't use a zvol as a swap device. But the arch wiki and the zfsonlinux project itself both seem to say this is fine to do. Was this a nixos-specific problem, or is our wiki just outdated?
chreekat has joined #nixos
<sphalerite>
kini: not a nixos-specific problem. AFAIK it's still not recommended, I'd suggest asking #zfsonlinux. What's your source on "this is ok"?
<{^_^}>
[nixpkgs] @xeji pushed commit from @r-ryantm to master « weston: 4.0.0 -> 5.0.0 (#45798) »: https://git.io/fAcBS
<sphalerite>
oh yeah, there's also the bit where if you need swap you probably can't afford zfs ram-wise.All I know is hearsay though, I haven't tried it myself.
<kini>
I'm trying to set up nixos on my new laptop, and I need to be using LUKS for policy reasons, so I'm wondering if I should just skip the LVM layer and directly give ZFS the LUKS volume. But then I'd need to put swap on a zvol, I guess, hence the question.
<sphalerite>
Anyway, there shouldn't be any nixos-specific issues with zfs AFAIK
<sphalerite>
kini: you could also have multiple LUKS volumes. For swap you don't even need a persistent key unless you use susepnd-to-disk, so no complication of adding a passphrase (just use a random key on each boot)
<sphalerite>
s/adding a passphrase/unlocking multiple volumes on boot/
<kini>
I will probably suspend-to-disk from time to time unfortunately
<sphalerite>
then another option is a setup like I have — I have 3 luks partitions, one is the key for the other two
grp has joined #nixos
<sphalerite>
or swap on zvol, but I've said what I know about that :)
<maurer>
kini: Do you have multiple physical disks?
<kini>
nope, just one SSD
<maurer>
Do you have a remote zfs server you intend to use zfs send/recv with?
<kini>
hmm, nope
<maurer>
I would advise against ZFS
<maurer>
It's great, and I use it
<maurer>
but without multiple disks, send/recv, or a big ol' server to use dedup
<maurer>
you're basically just buying checksumming at the expense of a lot of configuration arcana
<kini>
What would you recommend instead? The main thing I like from what I've heard about zfs (I have yet to actually use it) is the snapshotting feature, which can be useful even if I don't send the snapshots anywhere
<maurer>
How often do you want to take snapshots?
<maurer>
If you only want to keep a couple around, LVM has a snapshot feature that should work fine
<maurer>
If you do actually want to do, say, daily snapshots, then ZFS makes sense
<kini>
probably on an exponential dropoff kind of schedule, i.e. daily for week, then weekly for a month, then monthly for a year, then yearly, or something like that
<maurer>
OK, yeah, if you want that kind of schedule, ZFS is actually buying you something
<maurer>
I just wanted to make sure you were going to get something for your configuration work
<sphalerite>
maurer: I use zfs send/recv with an external USB disk
<kini>
I mean, it's not essential but I've worked on NASes which had such a snapshotting schedule and it was nice to be able to go back in time to look for stuff that went missing :)
<maurer>
sphalerite: Yeah, I listed send/recv as a benefit? My claim about a big'ol server was for deduping
<maurer>
kini: My ZFS guy has informed me:
<sphalerite>
yeah just that it doesn't need to be with a remote server :)
<maurer>
it has no immediate known deadlocks, but a couple of eventual deadlocks that haven't been debugged because they happen infrequently.
<maurer>
It's safe on illumos and FBSD, mostly safe on Linux unless you get into exciting memory pressure.
<maurer>
So, if you're only using the swap to suspsend, you're probably fine
<maurer>
if you want to use the swap in order to actually swap, you should probably avoid the zvol for safety
<gchristensen>
the problem with that scenario is you always only use it to suspend until you don't :)
<kini>
deduping seems to require more RAM than I have, and doesn't seem like it would buy me much in practice, though it sounds like a cool idea :) How many duplicated fs pages is the average desktop-class user going to really have, I wonder
<gchristensen>
don't use dedup
<kini>
maurer: yeah, I've definitely spilled over into swap when having too many tabs open in firefox before, so I guess I'll avoid the zvol...
<kini>
LVM on LUKS it is
<{^_^}>
[nixpkgs] @jtojnar pushed to master « deadbeefPlugins.infobar: init at 1.4 »: https://git.io/fAcRi
f0i has quit [Remote host closed the connection]
<sphalerite>
kini: what about the multi-partition setup I mentioned?
<maurer>
kini: Yeah, do not dedup on a non-server
<maurer>
people keep turning it on and it's rarely what you want
<sphalerite>
I'm not sure if it makes a noticeable difference in practice, but to me putting zfs in LVM feels icky :p
<maurer>
gchristensen: when I used to use suspend-to-disk, my solution was that my suspend button ran swapon
<maurer>
gchristensen: and resuming ran swapoff
<gchristensen>
nice
<maurer>
(I am opinionated on swap, and think that it should only be used for suspend or on servers)
<maurer>
(I'd prefer my programs to just go down hard if they need memory and can't have it than for my system to thrash)
<kini>
sphalerite: sounds cool, but a single unlockable LVM partition seems simpler to work with in practice :)
<maurer>
kini: The other option you can consider is that LVM does have a snapshotting feature
<kini>
maurer: but if zfs on linux breaks under "exciting memory pressure", then isn't a total lack of swap just as likely to cause problems as swap being on a zvol?
<sphalerite>
kini: no, because then the OOM killer comes in. I think.
<fgaz>
is there a read equivalent to writeText?
<maurer>
kini: When it's swap, this means that you go to allocate more memory than you have
<maurer>
then are in a memory pressure situation, and must perform a zfs write to resolve it
<fgaz>
I'm trying to prepend a string to a file and put the result in the store
<maurer>
fgaz: readFile
<kini>
I see, the problem is that actually swapping out a page causes more memory pressure
<maurer>
kini: Yeah. Basically, you need more memory than you have to perform the swap
<kini>
Maybe I'll try just not having swap, then... I don't run important long-term computations locally on my laptop anyway, so stuff getting OOM-killed should theoretically not bother me, but I guess I'll see how it goes :P
<kini>
Unrelated question -- do people use NixOps to set up their desktop/laptop machines, or is it really only suitable for servers?
<sphalerite>
fgaz: note that builtins.readFile is impure or may be a form of IFD (if you're reading from a store path). In the latter case, this means it's not allowed in nixpkgs and won't work well with remote builds
<maurer>
I don't see anything that would _prevent_ it from working well for desktop/laptops, but I only use it for servers
<maurer>
(re: nixops)
<kini>
I figured that if I'm trying to manage my whole system via declarative configuration, it would be nice if I could set up low level stuff like the partition table, LUKS, etc. declaratively as well, but maybe that's going overboard
<maurer>
So, _that_ stuff nixops can't do for non-cloud systems
<maurer>
nixops on bare metal works under the assumption it can ssh in and switch
<{^_^}>
#21403 (by aszlig, 1 year ago, open): [WIP] NixOS integration of nixpart
<maurer>
Yeah, as sphalerite pointed out, that would be cool, but belong in nixos, not nixops
<aszlig>
maurer: that was specifically also for nixops
<maurer>
Oh, I see
<aszlig>
maurer: it's used there already
<aszlig>
maurer: but the monkey-patched ugly version 0.4
<maurer>
Wait, can I repartition a ssh-targeted machine through nixops now?
simukis has quit [Quit: simukis]
<sphalerite>
I doubt it
<aszlig>
maurer: not yet
<maurer>
Well, thanks for your work.
<sphalerite>
it would need to boot switch root into a tmpfs and stuff to do that
<sphalerite>
possible, but fiddly to say the least
<aszlig>
maurer: but yeah, i intend to pick up work on 1.0 the upcoming month
<maurer>
Pivoting onto a ramdisk is not the end of the world
simukis has joined #nixos
<maurer>
it is finicky though
<sphalerite>
and when it goes wrong the real pain begins :p
<aszlig>
maurer: you could kexec into a systemd with initrd and do the partitioning there if kexec is available
<kini>
if one could require the user to manually boot into a ramdisk environment with sshd, then I guess it should be possible (?)
<aszlig>
s/systemd/system/
<sphalerite>
aszlig: I don't think kexec is necessary really?
<sphalerite>
kini: you don't need to boot into it initially, you can switch root from a running system as well
<aszlig>
sphalerite: it's only necessary if you want to repartition the currently running system
<kini>
ah, didn't realize that
<sphalerite>
aszlig: good point!
<sphalerite>
aszlig: did I hear blue-green boot?
<maurer>
aszlig: What goes wrong if you just pivot root rather than kexec?
<aszlig>
clever has done some work on this
<sphalerite>
aszlig: but my point was that you don't need to kexec, you can keep the current kernel and just switch roots and unmount all the normal filesystems
smolboye has quit [Read error: Connection reset by peer]
smolboye has joined #nixos
Thra11 has quit [Ping timeout: 240 seconds]
<mpickering>
Has anyone run selenium in nix-build before? Is this even possible?
<mpickering>
I should have just strung together my nix scripts with a makefile
<{^_^}>
[nixpkgs] @rycee pushed commit from @arcadio to release-18.03 « nixos: stumpwm: switch from package marked as broken to working quicklisp package (#40501) »: https://git.io/fAcuz
<cryptix>
can somebody tell me how what constitues a `nix channel`? I want to package some software apart from the nixpkgs tree. I tried nixpkg overlays but it looks like this is more usefull to override paramteters of other pkgs in the channel
<ldlework>
i feel like channels are an underbaked feature
orivej has joined #nixos
<cryptix>
ldlework: not the kind of encouragment I was hoping for but still good to know.. : )
<ldlework>
cryptix: you can just make a nix expression that exports an attrset containing a bunch of derivations
<ldlework>
that is pretty easy to use by people with things like fetchFromGithub, etc
timj has joined #nixos
<samueldr>
ldlework: could you explain a bit how they are underbaked?
<ldlework>
samueldr: everyone ends up pinning nixpkgs anyway
balsoft is now known as balsoft[away]
balsoft[away] is now known as balsoft
<samueldr>
ldlework: channels are not necessarily for a full nixpkgs checkout
<ldlework>
i don't know what that means
<ldlework>
but i just notice that not many people are using channels
<samueldr>
you can use concurrent channels with different sources
<samueldr>
but the main issue is that there aren't much tooling (that I know of) around making custom channels
<ldlework>
so underbaked.
<samueldr>
right now most consumers of channels make them using a hydra server
<sphalerite>
ldlework: a whole bunch of people use channels for their nixos!
<sphalerite>
I do myself
<gchristensen>
indeed!
<infinisil>
Yeah, I'd think about 99% use the channels
<sphalerite>
also channel:nixos-unstable and friends are really handy
<gchristensen>
I use channels to distribute software to users inside a big company.
<samueldr>
gchristensen, sphalerite (never made my own channel) "A Nix channel is just a URL that points to a place that contains a set of Nix expressions and a manifest" from https://nixos.org/nix/manual/#sec-channels
<infinisil>
A bit less people use nix-channel though, but still the channels commits
<ldlework>
sure, people use it for the nixos...
<ldlework>
kinda misses the thrust of my statement
<ldlework>
but i'll shutup, channels are great and popular!
<sphalerite>
no I'll agree they're not great!
trcc has joined #nixos
<infinisil>
sphalerite: I mean, the channels themselves are pretty good, just not nix-channel, right?
<cryptix>
i tried to read man nix-channel but I still have no idea what should go into the default.nix for it
<sphalerite>
infinisil: I'm not sure about that bit
<infinisil>
sphalerite: What's bad on channels themselves? It's really just a set of releases in shorter intervals
<fgaz>
Anyone knows how to get the nixos containers to connect to the internet? I set up networking.nat as described in the manual but still nothing :-/
<sphalerite>
infinisil: ideally channels.nix.gsc.io wouldn't be necessary
<ldlework>
apparently, gchristensen thinks that my observation about nix-channels is purely to tear down an important and valued feature of nix and that my "jab" didn't land very well
<infinisil>
sphalerite: Ah yeah, I'll attribute that deficiency to git
<ldlework>
and that they've recieved "numerous" complaints about my contributions here
<ldlework>
well, those are over
<ldlework>
gchristensen: hope that was your intention
<sphalerite>
fgaz: nothing meaning? What does `ip a` say inside and outside the containers? Can you show us the relevant bits of your config?
<cryptix>
oh wow.. looks like I kicked a hornet nest
<ldlework>
(I have only ever tried to contribute to the thinking around nix's rough edges as a user, nix something I absolutely love and spend all my time on - no I'm just a bad faith actor trying to tear it down)
<ldlework>
cryptix: i was just trying to give you my impression - my mistake
<cryptix>
ideally I just want to supply a hand full of packages and software and coordinate with some people until we are comfortable with supplying them to manline nixpkgs.. but maybe we will just live on some branch of nixpkgs and rebase ourselfs crazy? o_o
<sphalerite>
infinisil: not sure I'm a fan of that as it was, since it had no facilities for updating at all AFAIK
<infinisil>
sphalerite: Ah, might need some reworking then
<cryptix>
so I oculd have a `all-packages/default.nix` like thing and add more packages to the repo... I think I got down the wrong rabbit whole when looking into nixpkg-overlays
<cryptix>
okay one more question then: is there a good overview or example of _what form_ that root default.nix should have? maybe i need to swollow more nix pills but I'm still getting confused by lazy evaluation... some of my nix code works for nix-shell others only for nix-build/nix-env and when I try to put it all together it mostly just burns down with confusing errors
work_ has quit [Quit: Connection closed for inactivity]
<tilpner>
I have a case where a "nix copy"ed file on the destination does not match the source file. How do I force a retransmission? cc clever, I talked about this a few times
kenshinC1 has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @dotlambda pushed 89 commits to staging-next: https://git.io/fAcwH
<infinisil>
tilpner: You could just delete it on the target
<tilpner>
infinisil - How? Last time I tried, I killed the entire server and had to reinstall
<infinisil>
nix-store --delete
<tilpner>
It's still live
<Dezgeg>
maybe nix-store --repair-path
<tilpner>
And --ignore-liveness kills things
<infinisil>
Oh so you copied it over and are already using it?
<tilpner>
Now I could redeploy with the service disabled, so that it's dead, but that's ugly
<Dezgeg>
but maybe you should first see what/why it differs so the bug can be figured out
<tilpner>
infinisil - A systemd service depends on it
<tilpner>
Dezgeg - It happens more frequently with a bad connection
<tilpner>
A few hours ago, I did a nix copy on wifi, maybe that caused it
masterdonx has joined #nixos
<tilpner>
Dezgeg - Oh, and --repair-path doesn't work. Destination has no idea how to rebuild it
<Dezgeg>
yes but what are the differences? a bit flip? missing file? zero-byte file?
<tilpner>
Hash differs, file length matches
grumble has quit [Quit: brb]
<Dezgeg>
diff the hexdump -C of it or something like that
<{^_^}>
[nixpkgs] @dotlambda pushed 37 commits to python-unstable: https://git.io/fAcrT
orivej has quit [Ping timeout: 252 seconds]
<infinisil>
nix copy should have a feature to verify that no errors were transmitted
<infinisil>
And try again if there were errors
trcc has quit [Remote host closed the connection]
<tilpner>
It's a fairly small diff, the differences are concentrated in a few parts
<tilpner>
Dezgeg - How certain are you that the hash is copied, and not just recomputed on the receiving side?
<Dezgeg>
well no, I am not certain
rfold has quit [Ping timeout: 245 seconds]
<Dezgeg>
case wopAddToStore: calls LocalStore::addToStore() which has a check like: throw Error("hash mismatch importing path '%s'; expected hash '%s', got '%s'",
jtojnar has joined #nixos
grumble has quit [Quit: grumble]
grumble has joined #nixos
hyper_ch has quit [Read error: Connection reset by peer]
ldlework has left #nixos ["WeeChat 2.0"]
hyper_ch has joined #nixos
balsoft has quit [Ping timeout: 240 seconds]
<tilpner>
Hmm, commited 2018-03-16, while 2.0.4 was released 2018-05-31
wpcarro has joined #nixos
TheAceOfHearts has quit [Quit: TheAceOfHearts]
<wpcarro>
I'm currently trying to read someone else's .nix file to understand how I can port my Emacs to nix. I'm having trouble understanding things things like `emacsPackagesNg`, `emacsWithPackages`, `autostartEmacsDaemon`.... where can I look to learn more about these things? I think at this stage, I'm just not sure how I can help myself, but I'm eager to learn
<wpcarro>
I'm working through 8 and the 20 Nix Pills, and I'm comfortable with the Nix language itself. Just trying to figure out how to navigate the ecosystem...
<{^_^}>
[nixpkgs] @dotlambda pushed to python-unstable « python.pkgs.natsort: no pyflakes and pep8 checks »: https://git.io/fAciv
<wpcarro>
I've tried searching online for a starter guide to porting something like a Vim config or Emacs config to Nix, but to no avail...
<vaibhavsagar>
wpcarro: it doesn't sound like this is well documented, so you might need to look at the source of nixpkgs to learn more
sphalerit has joined #nixos
<vaibhavsagar>
either that or ask someone who is well-versed in the emacs nixpkgs stuff to explain it to you
<wpcarro>
vaibhavsagar: happy to do that. What's the best way to do that? The other day I cloned the repo and grepped it locally...
<wpcarro>
But that felt suboptimal
<sphalerit>
fgaz: sorry for disappearing, back now
<vaibhavsagar>
that's pretty good, I often google "nixpkgs <blah>" too
<wpcarro>
ok so I'm not crazy... that's good
<wpcarro>
thanks for the pointers
<vaibhavsagar>
I'm not aware of any Nix tags tools
<wpcarro>
for like goto-definition etc?
<vaibhavsagar>
yeah
<wpcarro>
that'd be fantastic
<wpcarro>
idk how it'd be version resolution, but that sounds awesome
<sphalerit>
fgaz: I don't actually know much about nixos containers, could you paste your relevant config as well?
<wpcarro>
vaibhavsagar: so are all of the files listed here available in camelCase form within a .nix file?
<sphalerit>
vaibhavsagar: wpcarro: jDsomething has a project to do a nix parser in rust which seems to be going in the direction of an LSP server for it
<wpcarro>
things like haskellPackages, emacsPackages look familiar to me
<wpcarro>
sphalerit: two things I love: Rust, LSP
<vaibhavsagar>
sphalerit: I think HNix might eventually help here
<wpcarro>
might help if a base parser written using a PEG or something could be shared b/w the C++ codebase and the Rust project
grp has joined #nixos
<infinisil>
I might soon have a go with creating a nixpkgs indexer, it's actually very with my deprecation RFC I'm writing
<wpcarro>
Also trying to figure out how Nix chooses which version of Emacs to even use from a .nix file... doesn't look like any of the examples I've looked at specifiy
<infinisil>
wpcarro: emacsPackagesNgGen is the most general function: It takes an emacs package as the first argument and a set of packages as the second argument. It creates a set of emacs packages for that emacs version
<fgaz>
Linus: well, it's literally an empty container, so there isn't much to paste
<infinisil>
wpcarro: emacs*PackagesNg is just the first argument applies, e.g. emacs25PackagesNg is emacsPackagesNgGen with emacs25 passed to it
<infinisil>
wpcarro: And emacs*Packages is with the second argument passed as well
jbgi has quit [Ping timeout: 240 seconds]
<infinisil>
The former 2 exist for when you want to do emacs customization
<wpcarro>
infinisil: interesting... so emacsPackagesNgGen takes an argument like emacs25, which is a nix package hosting an Emacs version, and then resolves the set of packages to that version?
<infinisil>
wpcarro: Something like that, I don't know the details
<wpcarro>
infinisil: if so, that makes a lot of sense
<wpcarro>
All I'm trying to do atm is write some .nix file that allows me to start a nix-shell that has emacs in it with one package...
<wpcarro>
I figure if I can do that, I can eventually port my entire config
<{^_^}>
[nixpkgs] @vincentbernat opened pull request #45810 → nixos/nginx: ensure TLS OCSP stapling works out of the box with LE → https://git.io/fAcXL
<infinisil>
wpcarro: A good way to find the source of stuff (that's how I found this out), is to use ripgrep in nixpkgs, e.g. `rg 'emacsPackages = '` to find the definition of emacsPackages
jbgi has joined #nixos
<infinisil>
wpcarro: Ah, yeah hold on
<fgaz>
sphalerite: oops, I used your matrix display name. There are two messages up there
<wpcarro>
infinisil: good idea. I did that the other day to find out `meta = ` stuff for docs. I may write a bunch of cheap shell helpers to query this stuff
<{^_^}>
[nixpkgs] @Nadrieril opened pull request #45811 → nixos/usbguard: ensure the audit log file can be created → https://git.io/fAcXs
<wpcarro>
ah so I'd run stuff like that from within a nix-repl?
<infinisil>
wpcarro: Yeah, or via nix-instantiate --eval -E '1 + 2' (that evals nix)
Xal has joined #nixos
<infinisil>
Or nix eval '(1 + 2)'
justbeingglad has joined #nixos
<fzer00>
Hello everyone, new NixOs user here. I have a question about installing python libraries and am getting more unconfident that i know how to do it the more i read. The example in the manual (https://nixos.org/nixpkgs/manual/#python) says to create a seperate .nix file. Can anyone share an example with many libraries?
justbeingglad has left #nixos [#nixos]
<fzer00>
Second question. Would you build out the same sort of package ecosystem declaration for a language like ELM as you would with python?
das_j has joined #nixos
jbgi has quit [Ping timeout: 240 seconds]
<wpcarro>
infinisil: thanks so much
<wpcarro>
infinisil: just tried to run this: nix-instantiate --eval -E 'builtins.unsafeGetAttrPos "emacsWithPackages" pkgs' but got an error about pkgs not being available
<wpcarro>
I imagine that's because it isn't globally available like it was in the repl you ran it on in here?
<{^_^}>
[nixpkgs] @dasJ opened pull request #45813 → nixos/dhcpcd: Expose less information to servers → https://git.io/fAcMe
<JonReed>
fzer00: What do you mean by "many libraries"? There is already an example there.
<JonReed>
fzer00: You can drop into an environment by either using a command like `nix-shell -E "with import <nixpkgs> {}; python.withPackages (ps: with ps; [ numpy toolz ])" `
<JonReed>
fzer00: Or having the same expression as .nix file and calling nix-shell on it
<fzer00>
JonReed: the manual says that you can list numpy an toolz like that because they are in the nix package repos, but that isn't the same whay i would do it if i wanted a python package like dash (https://pypi.org/project/dash/), is it?
<fzer00>
JonReed: Thank you for the example. So LnL is adding this information in his mixpkgs definition, but this doesn't necessarily mean it has to be added to the NixStore (not local store), right?
<fzer00>
LnL: that gist was yours, right? if so, this means that you are building the package dynamically and it may or may not be in NixPackages, right?
simukis has quit [Quit: simukis]
v0|d has joined #nixos
<LnL>
yeah, those 2 I defined are not (or where not at the time)
<LnL>
but all their dependencies already existed
<wpcarro>
Is there a good way to hide a directory from nix-shell? I'm trying to sandbox but a lot of my existing packages are leaking through
<wpcarro>
I tried the --pure option, but that didn't seem to work
<fzer00>
JonReed: I think i understand now. It looks like Python and Haskell have good representation on NixPackages, but what would you do with ELM, Clojure, etc?
<JonReed>
fzer00: You can check how support is implemented by browsing nixpkgs repo
<kiloreux>
I installed all my python depencies through pypi2nix. And was hoping I could take advantage of that param to add opencv to that installation
<clever>
kiloreux: passthru is basically the same as (stdenv.mkDerivation { ... }) // { foo = "bar"; }
<clever>
it allows you to do .foo on the derivation to get the value, but the derivation itself has no clue its there, the value wont impact the computation of $out, and it doesnt have to be a flat string
justanotheruser has quit [Quit: WeeChat 2.0]
justanotheruser has joined #nixos
<kiloreux>
I see. So if I want to include opencv with my python custom derivation (that has my other packages). I just have to include the pythonPath there for my derivation ?
balsoft[away] has quit [Ping timeout: 252 seconds]
<clever>
kiloreux: probably
jabranham has quit [Remote host closed the connection]