<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47303 → ghc, ghcjs: Get rid of extraneous alex, happy, and hscolour args → https://git.io/fANWJ
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47304 → ghc, ghcjs: Get rid of extraneous alex, happy, and hscolour args for 18.09 → https://git.io/fANWT
page_ has quit [Ping timeout: 252 seconds]
page has joined #nixos
asymmetric_ has quit [Ping timeout: 244 seconds]
Myrl-saki has joined #nixos
mizu_no_oto has joined #nixos
Fare has joined #nixos
<{^_^}>
[nixpkgs] @Ericson2314 merged pull request #47304 → ghc, ghcjs: Get rid of extraneous alex, happy, and hscolour args for 18.09 → https://git.io/fANWT
<{^_^}>
[nixpkgs] @Ericson2314 pushed 4 commits to release-18.09: https://git.io/fANWD
<{^_^}>
[nixpkgs] @Ericson2314 merged pull request #47303 → ghc, ghcjs: Get rid of extraneous alex, happy, and hscolour args → https://git.io/fANWJ
<samueldr>
hmm, mildly inconvenienced. nixos-rebuild switch --install-bootloader doesn't seem to be installing the bootloader, I'm unsure the best way to debug
<samueldr>
quick note: grub2 on ARM, let's assume the grub2 EFI on ARM will work, I just want nixos to copy the files at the right location
cheshircat has quit [Ping timeout: 264 seconds]
jperras has joined #nixos
mayhewluke has quit [Ping timeout: 252 seconds]
mayhewluke has joined #nixos
<clever>
samueldr: is boot.loader.grub.efi.enable set?
dycan has joined #nixos
<clever>
efiSupport = true i mean
<samueldr>
yes, I was just building and found the issue
andreabedini has joined #nixos
<clever>
what was it?
<samueldr>
having extlinux generation enabled AND grub will not error out, both will set system.build.installBootLoader
<clever>
ah, that should be a fatal error
<samueldr>
or so I would have thought
<samueldr>
once I removed extlinux generation the grub install script ran
<samueldr>
(with errors, but that's another issue)
<samueldr>
(0% free ought to be an issue)
<clever>
grub just sets installBootLoader normally
<samueldr>
the only thing I did is unset scan_dev_for_extlinux in u-boot, then ran `boot`
<gammarray>
stupid question: how do i update my nixos packages to the latest versions seen on github? my configuration.nix file uses 18.03, but several packages i depend on are still running older versions than what i see in the nixpkgs repo
<clever>
and yeah, you sort of need a list for installBootloader, to be able to install both u-boot and grub2
<emily>
u-boot -> efi -> grub -> linux -> kexec -> windows
<samueldr>
clever: nixos doesn't know about u-boot
Supersonic has quit [Ping timeout: 260 seconds]
<samueldr>
well, it's not a known bootloader
<clever>
samueldr: having a proper list in installBootLoader would allow you to setup a uboot+efi module, and enable both uboot+efi and grub+efi
<samueldr>
but you're right if one would want to manage it through nixos in a u-boot+EFI world
<samueldr>
this is some exciting development
<samueldr>
$ dmesg | grep efi -> [ 0.000000] efi: EFI v2.70 by Das U-Boot
<samueldr>
-> This document provides information about U-Boot running on top of EFI
<samueldr>
*scheming intensifies*
<emily>
:D
<samueldr>
(seems u-boot can deal with both sides of the coin; I opened the wrong README)
<emily>
please make grub run the u-boot it just booted from
andreabedini has joined #nixos
<{^_^}>
[nixpkgs] @globin pushed 12 commits to release-18.09: https://git.io/fAN4u
graphene has quit [Remote host closed the connection]
<clever>
oh, anoyingly, grub-efi cant chainload any legacy os
<clever>
likely, because the CSM is potentially missing
<samueldr>
what kind of dark scheming were you thinking of?
andreabedini has quit [Client Quit]
graphene has joined #nixos
<clever>
i switched my dual-boot desktop to boot nixos in efi, but then discovered win7 still used legacy and lacks a boot.efi
<samueldr>
oh, that's annoying
<clever>
so i have to tweak bios settings, or return to pure legacy, every time i want windows
<samueldr>
how's windows these days? just boot and win7-rebuild switch once you changed the setting?
<clever>
lol
<clever>
i have a boot.loader.grub.extraEntries that adds the correct chainload (legacy only) to the grub.cfg
<clever>
so i can just select it from the main grub menu
<{^_^}>
[nixpkgs] @orivej opened pull request #47307 → protobuf3_6: init at 3.6.1 → https://git.io/fAN4V
<samueldr>
hmm, annoyingly BOTH uefi readmes are for u-boot-on-uefi, not u-boot's efi support :/
dycan has quit [Remote host closed the connection]
<samueldr>
(I think)
<samueldr>
oh no, misread
<samueldr>
As of U-Boot v2018.03 UEFI variables are not persisted and cannot be set at runtime.
<clever>
dang
<samueldr>
though u-boot *does* have EFI services implemented
gammarray has quit [Remote host closed the connection]
<samueldr>
so a clever individual probably can implement that
carlosdagos has joined #nixos
<clever>
yeah
<samueldr>
-> Some of the U-Boot devices are mapped as UEFI devices
<samueldr>
I don't know enough about EFI, linux and such things, but could this help on a board where mainline linux can't use one of the listed devices, but u-boot can?
<clever>
linux doesnt really use much of the efi services
<clever>
those are only for the bootloader level stuff
<samueldr>
bummer
<clever>
performance reasons
<clever>
samueldr: early in the boot, the firmware is doing a lot of things, has exclusive control over drives, gpu, and usb, and provides a lot of features
<clever>
samueldr: but when linux boots, it runs ExitBootServices() which shuts down most of that, and limits you to just the efi vars, and some very basic stuff
<clever>
and then linux has permission to manage the previously mentioned devices
<samueldr>
thanks for the 1000' view :)
<samueldr>
it would have been an amazing cheat
<clever>
also of note, there is a function in the efi tables, that just returns a boolean, saying if secureboot is on or not
<clever>
but as you have seen, a machine without secureboot can just run something like uboot, and then uboot is free to lie and claim secureboot is "on"
<clever>
i think the only point of that function, is to decide if you should verify other binaries, before you execute them
<clever>
for example, so grub can ask the firmware, is linux.xz correctly signed?
<samueldr>
yeah, that I knew
<samueldr>
or like the signed shim to run anything
<samueldr>
(or have I misremembered/misunderstood what that was)
<adetokunbo>
I am using nixpkgs on Ubuntu. I'm installing something I built locally into the nix-store, and I'm trying to use it in another nix-build without rebuilding it.
wpcarro has quit [Ping timeout: 260 seconds]
<adetokunbo>
I think that should be possible, but my new nix-expr rebuilds the installed package every time.
<clever>
adetokunbo: you need to refer to the nix expression that built it using import or callPackage
<clever>
adetokunbo: if your leaving a result symlink in its source dir, then the source is going to change every time you build it, and nix will always have to rebuild it
<clever>
lib.cleanSource can clean that up
<adetokunbo>
clever: thanks!
<adetokunbo>
clever: what I was doing was using nix-install -f {installed-package.nix} to install into the nix store
<clever>
ive never used nix-install
<clever>
i just use nix-build for building things in the store, and nix-env -f foo.nix -iA bar, if i want it installed into my profile
<adetokunbo>
clever: sorry, my mistake
<adetokunbo>
clever: I mean nix-env -f --install
oldandwise has joined #nixos
<clever>
i also try to avoid using nix-env when testing things
<clever>
i just nix-build and ./result/bin/foo to test things
<adetokunbo>
clever: but to re-use the built artifact, I need "nix-env -f foo.nix -iA bar", right ?
<clever>
nope
<clever>
if you want to use it in another expression, you just import or callPackage the nix file that made it
<markus1189>
I have to use a program that extracts it's own executable into a tmp folder (starting an embedded mongo db) which of course fails on nixos. It seems like there is no easy way change that program, is there any way to get this running on NixOS?
<hyper_ch2>
srhb: I was thinking that it would be about the same as chromium
<clever>
chpatrick: ah, you have 2 nixos channels, and a nixpkgs channel, thats going to cause all kinds of weird things
<srhb>
hyper_ch2: That would certainly be easier. :)
trcc has quit [Ping timeout: 250 seconds]
<clever>
chpatrick: do `nix-channel --remove nixos ; nix-channel --remove nixpkgs ; nix-channel --update` all without root
<hyper_ch2>
I might give it a try... just copy chromium nix expression and just give ungoogle sources for it
<chpatrick>
clever: ok, now there's nothing in --list
<chpatrick>
update just printed "unpacking channels..."
<adamantium>
anyone know how to spin up a basic nix autoscaling ec2 server
<clever>
chpatrick: and now `ls -l ~/.nix-defexpr/channels` should only have a manifest.nix
<adamantium>
i'm curious what the nix file would look like
<chpatrick>
clever: that's right
<clever>
chpatrick: and now everything should be using the same nixpkgs version, no more confusion
<chpatrick>
clever: doesn't seem like it unfortunately :(
<chpatrick>
still the same old packages
<chpatrick>
should I re-add nixos maybe?
<clever>
chpatrick: no, one min
<clever>
chpatrick: what is the last-mod on the most recent channel in `ls -l /nix/var/nix/profiles/per-user/root` ?
<chpatrick>
I have to say I've been using nix for one year now and this channel subscription stuff is still really confusing for me :(
<chpatrick>
clever: all 2017
<clever>
chpatrick: you simply havent ran `nix-channel --update` as root in a year
<srhb>
chpatrick: Don't feel bad, channels are a bit confusing.
<chpatrick>
clever: so when does root count and when does non-root count?
<chpatrick>
I mean ideally root shouldn't be involved in what packages my user has right?
<{^_^}>
[nixpkgs] @dezgeg merged pull request #47187 → U-Boot: Add Orange Pi Zero Plus2 (H5) build → https://git.io/fAdyl
<{^_^}>
[nixpkgs] @dezgeg pushed commit from @samueldr to master « U-Boot: Add Orange Pi Zero Plus2 (H5) build »: https://git.io/fANap
<srhb>
Yeah, root's channels do count normally
<clever>
chpatrick: root's channels are the default for when your user lacks channels
<chpatrick>
I see
<clever>
chpatrick: and having a nixos channel on both root and your user just leads to confusion, because now you have 2 different versions of what "nixos" means
<clever>
and having the nixpkgs-unstable on your user also leads to confusion, because you have to run --update twice, as each user
<clever>
if you do want to use nixpkgs-unstable, you can add it to root, but name it something other then nixpkgs, since that name is a bit special
<hyper_ch2>
srhb: looking at the nix expression.... iiiiieeeeeeks
<clever>
chpatrick: also, for extra confusion points, --add takes url&name, but --list gives name&url!
<chpatrick>
clever: thanks that helps a lot
trcc has joined #nixos
<chpatrick>
maybe I just couldn't find it but I wish this was documented a bit better
<clever>
chpatrick: first, `echo $NIX_PATH`
<clever>
`/nix/var/nix/profiles/per-user/root/channels` is at the end for me, so every channel on root is in the path, and <unstable> would find what the above command created
<clever>
but, `nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos` is near the start, so <nixpkgs> is forcibly mapped to the nixos channel on root
<clever>
so you will have trouble using a channel named nixpkgs
<clever>
`/home/clever/.nix-defexpr/channels` is also at the very start, so my personal channels have top priority
<chpatrick>
I see
<clever>
so a channel named nixpkgs, only works on non-root users, when accessed via <nixpkgs>
<realrokka>
i trying to package https://github.com/gmn/nanotts/blob/master/Makefile ... the build finishes, but ./result is empty while I can tell from the cc output that everything is getting build, thix is the default.nix so far https://pastebin.com/9psdpiwg , for comparsion the arch PKGBUILD which just runs make without arguments and cps the resulting bin to /bin nothing more
<clever>
but nix-env -iA CHANNEL.package, follows entirely different rules
<clever>
nix-env basically ignores NIX_PATH, and will recursively search ~/.nix-defexpr/ for directories containing a default.nix, and then use the dir names
<chpatrick>
clever: if root also has no subscriptions, will that make everyone use the same packages as configuration.nix?
<clever>
if root has no channels, then nixos-rebuild will fail
<clever>
enless you specially modify NIX_PATH via nix.nixPath
<chpatrick>
okay thank you
<hyper_ch2>
srhb: however the build instructions seem pretty muchj straight forward for ungoogled
<srhb>
hyper_ch2: That might not be the case in NIx though :)
<hyper_ch2>
:)
<hyper_ch2>
srhb: # Use "export ..." for AR, NM, CC, CXX, or others to specify the compiler to use --> what are those?
<srhb>
hyper_ch2: Various toolchain components. cc and cxx are used as aliases for the c and c++ compiler respectively,
patrl has joined #nixos
<hyper_ch2>
srhb: but what are the differences of them? it seem you can use any of those compilers
<srhb>
hyper_ch2: Huh? They're not all compilers, and there are no duplicates in the list you mentioned
<hyper_ch2>
srhb: I have no idea... # Use "export ..." for AR, NM, CC, CXX, or others to specify the compiler to use ---> it says in the instructions to export ... to set the compiler to use
<clever>
hyper_ch2: the stdenv in nix already sets all of those
<hyper_ch2>
clever: just trying to understand the build instructions on the website :)
<srhb>
hyper_ch2: It can probably use several toolchains, eg. llvm vs standard gnu suite etc.
<hyper_ch2>
ok :)
<hyper_ch2>
maybe I should try to compile it first on my last remaining debian system
<{^_^}>
[nixpkgs] @aneeshusa opened pull request #47310 → vagrant: Clean up Gemfile → https://git.io/fANwv
sir_guy_carleton has quit [Quit: WeeChat 2.0]
WilliButz has joined #nixos
asymmetric_ has joined #nixos
<hyper_ch2>
ok... debian stable is not a good choice... and it seems like really hard to get that to compile on nixos :(
<jonge>
hey there, i have a very slick default.nix file in my c++ make project. when i inject a new stdenv like `stdenv = pkgs.makeStaticBinaries (pkgs.makeStaticLibraries pkgs.stdenv)`, i need to tell my default.nix to use glibc.static as buildInputs, too. otherwise it won't work. but i don't really want to change the default.nix in order to build it statically. any ideas what i am doing wrong?
<teto>
I can't get to complete a fetchFromGitHub, it always ends up with "HTTP server doesn't seem to support byte ranges. Cannot resume". I suspect it's because I try to download an archive of a custom linux kernel which takes time for github to generate and by the time it completes, curl can't resume ?! any way aroud that ?
<tilpner>
teto - Paste the expression, I'll try and see if it's the same here
<{^_^}>
[nixpkgs] @Mic92 merged pull request #47260 → go: Remove pkg/obj directory from the build outputs. → https://git.io/fAFMC
<clever>
but you need to also make sure postgresql builds them in the first place
<clever>
check the build log and confirm what its doing
<jonge>
clever: this is what i interpreted from reading the source, too. but it did not happen, so i also added --disable-shared to the configureflags, currently waiting for the build to see if it fixes things
pie___ has quit [Read error: Connection reset by peer]
pie___ has joined #nixos
<jonge>
clever: will it automatically build openssl and everything in static, too, or do i need to handle this separately on top of everything?
<clever>
you need to override everything in the stack to be static
<Ashy>
has anyone here had any success with qtcreator on nixos?
georges-duperon has joined #nixos
<jonge>
clever: so i will be doing the same thing for openssl etc. etc. and every package that has no .static attribute will be more work for me, right?
<{^_^}>
[nixpkgs] @Mic92 pushed commit from @pacien to release-18.09 « matrix-synapse: 0.33.3.1 -> 0.33.5 »: https://git.io/fANXC
<Ashy>
i'd like to play with some of the desktop and android examples but can't get any of the examples to show up in the qtcreator ide
sigmundv__ has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @aneeshusa opened pull request #47312 → [WIP] Update openssh to 7.8p1, disable DSA host keys in client-side config → https://git.io/fANXB
sigmundv has joined #nixos
amosbird_ is now known as amosbird
<{^_^}>
[nixpkgs] @xeji pushed to release-18.09 « Revert "virtualization/qemu-vm: fix and improve virtio/scsi switching" »: https://git.io/fANX6
<{^_^}>
[nixpkgs] @srhb pushed to master « Revert "virtualization/qemu-vm: fix and improve virtio/scsi switching" »: https://git.io/fANXd
_lawlesseel has quit [Ping timeout: 256 seconds]
jackdk has quit [Ping timeout: 264 seconds]
fendor has joined #nixos
<teto>
,karma
<teto>
not sure how it works but can someone give knight tilpner some karma plz :) ?
<sphalerite>
tilpner++
<{^_^}>
tilpner's karma got increased to 9
<tilpner>
I think I'd like some help with pulseaudio over karma :/
<tilpner>
/sys/module/snd_hda_intel/parameters/power_save_controller = N
<tilpner>
^ from tlp-stat
<teto>
yep pulseaudio works fine for me on unstable
<goibhniu>
is there a pattern to when pulseaudio stops working? e.g. plugging in a monitor?
ciil has joined #nixos
<goibhniu>
(it could be switching to another interface)
<tilpner>
goibhniu - No, nothing special I can think of
<goibhniu>
when it stops working again, let's debug!
georges-duperon has quit [Ping timeout: 252 seconds]
<tilpner>
It it currently stopped, but let me first do power things
* goibhniu
hasn't had problems with pulseaudio since running ubuntu ... many many moons ago
<goibhniu>
you stop it?
<goibhniu>
or there just isn't audio playing at the moment?
trcc has quit [Remote host closed the connection]
kiloreux has quit [Ping timeout: 240 seconds]
<sphalerite>
goibhniu: do you have highlights on audio-related keywords? :D
trcc has joined #nixos
<goibhniu>
hehe ... I'm triggered by people harshing on PA, for some reason I cannot explain ... I just <3 PA
<tilpner>
goibhniu - I was listening to spotify, and then the music stopped. Now when I try playing a song with mpv (which usually works), it says "[ao/pulse] The stream is suspended. Bailing out."
<sphalerite>
uuuugh that reminds me of the firefox pulseaudio fix and oxij's really aggressive opposition to it
<goibhniu>
tilpner: just to be sure I understand ... do you manually stop or pause it some times?
<goibhniu>
aye, that stuff concerns me too ... but I haven't experienced a problem with it personally
<tilpner>
goibhniu - Yes, I pause the music sometimes. But that's not what happened. When I click play in spotify, it says "Can't play the current song", which is not a good error. It's not restricted to spotify, there's no sound at all anymore
<tilpner>
But it's not playing without sound, it's... waiting to play, forever
<tobiasBora>
Hello,
<tobiasBora>
I just realized that notifications are not enabled on my KDE desktop
<goibhniu>
tilpner: ah, I mean, do you pause pulseaudio, e.g. with pasuspender ... I guess not
<tilpner>
No, I don't think I do. This is the first time hearing of pasuspender
<tobiasBora>
I tried to look at "notification" in the package list, but I can find plenty of them. (libnotify, notify-osd, notify-desktop,
<goibhniu>
cool
<tobiasBora>
Which one should I install?
fendor has quit [Remote host closed the connection]
<sphalerite>
tobiasBora: I think it should be integrated normally
<sphalerite>
tobiasBora: does `nix run nixpkgs.libnotify -c notify-send hello` work?
<goibhniu>
tilpner: can you run pavucontrol, to see what's happening
<tobiasBora>
sphalerite: Hum... Well signal at least does not
<tobiasBora>
sorry
<tobiasBora>
your command seems to work yes
<sphalerite>
tobiasBora: nothing to be sorry about!
<{^_^}>
[nixpkgs] @xeji pushed commit from @r-ryantm to staging « nspr: 4.19 -> 4.20 (#46227) »: https://git.io/fANDU
<tobiasBora>
but signal fails to notify me. So either it uses a different notify system, or I didn't checked the good box in the configuration
<sphalerite>
tobiasBora: it's just a stab in the dark, but maybe adding libnotify to the signal expression would be enough to fix it
<Taneb>
Is there a way to have a path to something in the nix store without using builtins.toPath? I'm currently doing "${caffe.src}/src/proto"
<tobiasBora>
sphalerite: I confirm that notifications are enabled on signal side
fendor has joined #nixos
<sphalerite>
Taneb: that should work without builtins.toPath
<tobiasBora>
sphalerite: ok, I will try, thanks
<tilpner>
goibhniu - Uhhh... this is weird. I open pavucontrol, seeing nothing wrong. Then I wanted to take a screenshot to show you. I had forgotten what my keybind for that was, and I tried super+print, and suddenly... sound!
<goibhniu>
oh dear
<tilpner>
goibhniu - Pressing super+print again pauses everything
<goibhniu>
a true heisenbug
<goibhniu>
nice!
booglewoogle has joined #nixos
<tilpner>
I'll first check my config, it's probably user error
<Taneb>
sphalerite: oh really? Thanks
<sphalerite>
Taneb: toPath shouldn't be necessary most of the time
<teto>
so I suppose distributedBuilds won't work in sandboxed mode ?
<sphalerite>
teto: yes it will
revtintin has quit [Quit: WeeChat 1.9.1]
<sphalerite>
teto: the sandboxing then happens on the build machines if they're configured that way
<sphalerite>
the "build distribution" is a layer outside the sandboxing, so to speak
redj has joined #nixos
<teto>
sphalerite: I ask because I can't get it to work. I see in journalctl "Unexpected nix daemon error: writing to file: Broken pipe" not sure that's related
<sphalerite>
teto: can you ssh to the machines as root?
<eeva>
Quick question: nixops creates keys dir with owner root:keys and mod 0750 (https://github.com/NixOS/nixops/blob/master/nix/keys.nix#L189) For instance, I want to give mopidy some secrets it needs, but ofc it cannot read a file inside the dir, since it cannot list the keys dir. How do you guys solve that?
jperras has joined #nixos
kiloreux has quit [Ping timeout: 252 seconds]
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « mumble: build with -std=c++11 »: https://git.io/fANd7
jperras has quit [Ping timeout: 244 seconds]
<sphalerite>
eeva: you don't need list (r) permission to access a file within a directory
carlosdagos has quit [Quit: Connection closed for inactivity]
adamt has joined #nixos
jsgrant has quit [Quit: leaving]
<adamt>
Hiya. When signing derivations for my own binary cache, should I sign first (in /nix/store/..) before nix copying, or sign *after* nix copying the derivations?
<adamt>
Also, the first one probably wouldn't even work
<sphalerite>
adamt: both ways work. But I usually set secret-key-files so they're signed right when they get built
<adamt>
sphalerite: Ah, so by configuring the nix daemon directly I don't have to worry about signing afterwards. That's much simpler.
<adamt>
Which probably also solves my issue of the CI user not being allowed to do the signing in the store (you are not privileged to add signatures)
<siers>
sphalerite, autoRepeatInterval/Delay does not make it persist :(
iyzsong has joined #nixos
<tilpner>
Hi! Has anyone successfully used services.xserver.displayManager.xpra? I would like a sample config :/
<sphalerite>
siers: aww. I don't know what else might help
<siers>
sphalerite, well at least now someone else besides me knows :)
<markus1189>
clever: is your suggestion to add libredirect to the LD_PRELOAD and use NIX_REDIRECTS to patch the libraries used by the executable? I assume I can just export those from the shell to check if it works
<teto>
sphalerite: so I can connect via ssh. I've tried the test recommended by the wiki ( nix ping-store --store ssh://iij_mptcp succeeds, well it retruns 0 output while before it emitted an error ), now I run `nix-build -A my_lenovo_kernel ~/nixpkgs --max-jobs 0 -vvvvv` and it says `considering building on remote machine ... hook reply is 'decline'`. How can I find out why "decline" ? according to github issues, it
<teto>
can fail due to missing features on the remote builder but the error isn't printed so it's kinda hard to guess
<{^_^}>
[nixpkgs] @endgame opened pull request #47313 → ultimate-oldschool-pc-font-pack: simplify using fetchzip → https://git.io/fANAf
<sphalerite>
teto: what are you trying to build?
<adamt>
How can I see who signed a nar in my cache? Just to verify that it works.
<teto>
sphalerite: a linux kernel
<teto>
hum it seems to work better with a simpler package
<LnL>
adamt: nix path-info --sigs <store-path>
<teto>
like if I try to build iperf, it seems to use the builder until it fails with "error: unexpected end-of-file"
<adamt>
LnL: But that doesn't work with nix archives that isn't in /nix/store :-)
<sphalerite>
teto: yep linux wants big-parallel
<sphalerite>
adamt: yes it does, just pass --store
<LnL>
adamt: oh a nar
<sphalerite>
oh wait
<sphalerite>
nars don't have signatures
<sphalerite>
they're in the corresponding narinfo
<teto>
the error might be because " imported archive ... lacks signature"
<tobiasBora>
I tried to "nix-build signal.nix" it, but it tells me "error: cannot auto-call a function that has an argument without a default value ('stdenv')
<tobiasBora>
"
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « qradiolink: enable parallel building »: https://git.io/fANxf
<srhb>
tobiasBora: In general, you want a small wrapper like: { pkgs ? import <nixpkgs> {} }: pkgs.callPackage ./default.nix {}
<markus1189>
clever: but that won't get around the wrong ELF interpreter, right?
<srhb>
tobiasBora: callPackage will fin in the arguments for the function if they're in the pkgs scope
<srhb>
tobiasBora: Uh, signal.nix in your example, not default.nix :)
<sphalerite>
tobiasBora: if you've got a nixpkgs checkout, nix build -f path/to/nixpkgs signal
<srhb>
tobiasBora: You can also specify that on the command line
<markus1189>
the 'program' is a java library that starts an embedded mongo db by extracting a mongo executable into the /tmp folder and starts it. The executable is newly created on every run and removed afterwards
<tobiasBora>
srhb: any reason there is not directly one command that automatically happend this? Seems pretty useful in practice no?
<tobiasBora>
sphalerite: interesting
<sphalerite>
tobiasBora: usually you'd build it from nixpkgs itself, where it's composed in all-packages.nix
<srhb>
tobiasBora: Yet simple enough that a small shell alias will do it for you :)
<tobiasBora>
srhb: sure, but it should be also easy enough to just add one option in nix-build no? ^^
<tobiasBora>
sphalerite: so you mean you directly clone pkgs, and then run you nix-build -f ... signal command?
<srhb>
tobiasBora: callPackage is essentially implementation detail in nixpkgs.
<sphalerite>
tobiasBora: yes, because you need to do that if you're going to contribute your notification fix to nixpkgs anyway ;)
<srhb>
tobiasBora: So easy, sure, but I don't think it's a good idea. :)
<tobiasBora>
sphalerite: makes sense
<tobiasBora>
srhb: implementation detail? what do you mean?
<srhb>
tobiasBora: callPackage is just a function in nixpkgs
<srhb>
tobiasBora: You might build things that aren't in nixpkgs with nix-build
<srhb>
tobiasBora: Or work with functions that don't intend to be called from the scope of pkgs
<srhb>
tobiasBora: In which case callPackage is just another function, nothing fundamental.
<tobiasBora>
srhb: sure. Then in these case just don't use the custom flag :P
<kai_w>
If I do `my_python = pkgs.python3.override { packageOverrides = {pytorch = ...} }` and then `my_python.callPackage ./foo.nix {}`, for some reason both the original and overridden pytorch get built, why?
<tobiasBora>
srhb: but anyway, i guess sphalerite method is good enough
<srhb>
tobiasBora: I don't think nix-build should really special case nixpkgs. :)
simukis has joined #nixos
<adamt>
LnL: I just get the path followed by "ultimate" when running `nix path-info --sigs /nix/store/fpfb6qd48gxinqp6ydr7i5x76azwksr1-morph`, both before and after adding an extra signing key. Is that expected?
<sphalerite>
srhb: like nix-shell does? :p
<srhb>
sphalerite: Yes.
<srhb>
(and you know that) :-P
<sphalerite>
should it though?
<srhb>
No.
<sphalerite>
<devil's advocate> so nix-shell -p shouldn't exist?
<gchristensen>
probably not
<srhb>
sphalerite: Not in its current form, no.
<sphalerite>
long live nix run :D
<srhb>
But you could imagine providing a callPackage-like that you can then feed the attribute name you want
<srhb>
Similar to all the withPackages things.
<sphalerite>
srhb: like mkShell? Or…
<srhb>
All the tools need to support function application and function arguments much better imo.
<srhb>
So that everything can just be nix-shell expr -- "pkgs: ... " or something similar
<kandinski>
I might have to reinstall nixOS because I don't seem to be able to upgrade without it compiling the world. I don't know what it is that I've bolloxed, but I'm pretty sure that Firefox 62 is compiled in the caches.
<srhb>
kandinski: Reinstalling will probably do nothing to save you :)
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « syslogng: enable parallel building »: https://git.io/fANxj
<sphalerite>
kandinski: does /etc/nix/nix.conf contain a line with "substituters = "?
<goibhniu>
kandinski: what does nix-info say?
<kandinski>
srhb: sigh, but thanks
<srhb>
kandinski: At least, not unless you nuke all your configuration, in which case you could just as well not reinstall :P
<srhb>
The curse of reproducible setups -- once you have an issue, turning it off and on again will do nothing!
<srhb>
So yes, looks like they were wrong prior to May 27.
<kandinski>
yeah, grrr
<kandinski>
well, I'll be repasting my CPU soon
<kandinski>
because I've been cooking the laptop, seriously
<srhb>
Sucks!
<kandinski>
so it goes!
<kandinski>
it's a learning experience imho
<srhb>
Definitely. I hope you manage to sort it out easily with the instructions above. :)
mayhewluke has joined #nixos
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « altcoins.bitcoin-abc: enable parallel building »: https://git.io/fANhS
<tobiasBora>
sphalerite: your solution for notify works, thanks, I'll do a PR
trcc has quit [Ping timeout: 250 seconds]
<jasongrossman>
sphalerite++
<{^_^}>
sphalerite's karma got increased to 24
<sphalerite>
tobiasBora: yay!
patrl has joined #nixos
<kandinski>
srhb: thanks
<kandinski>
how come it's "substituters" on the command line, but "binaryCaches" in configuration.nix?
<srhb>
kandinski: Hysterical raisins
<srhb>
kandinski: substituters was part of the Nix 2.0 revamp
pareidolia has joined #nixos
<kandinski>
srhb: and that's funny?
<srhb>
kandinski: No, it's a little impractical.
<pareidolia>
I can't build networkmanager because of a checksum failure. A hash for a patch file doesn't match. Anyone getting this problem? I just did nix-channel --udpate with no avail.
<kandinski>
still compiling firefox
<Orbstheorem>
Hello, I'm trying to get android studio to work with my androidsdk derivation
<srhb>
kandinski: The NixOS module has all sorts of ${if isNix20 then ...}
<kandinski>
srhb: I see.
<Orbstheorem>
It complains it can't use the specified path because it's readonly
<Orbstheorem>
any hints? ^^
<kandinski>
pareidolia: I had that issue too.
<srhb>
kandinski: Did you change the option and rebuild passing --options substituters https://cache.nixos.org on the command line to nixos-rebuild ?
<sphalerite>
tobiasBora: the `nix` comamnd is a new interface, still subject to change
trcc has joined #nixos
<sphalerite>
tobiasBora: it provides fancy things like a progress indicator and a consistent UI between all the commands
<LnL>
I wish the new ui would have dropped the channel prefix tho :/
<infinisil>
LnL: +1 to that
Kelppo has joined #nixos
<kandinski>
srhb: nothing to aplogise for, you are awesome. For a while I was also maintaining my own backported tree, so I thought it was normal that I was compiling so much. It's only when I moved to stock derivation trees that I started to wonder whether something was wrong.
<gchristensen>
ouch :)
<LnL>
infinisil: I made an issue for it, but I doubt it's going to happen
<kandinski>
gchristensen: it's a learning curve
<srhb>
kandinski: Yeah, getting a feel for when and when not you can expect binary caches is a bit of a black box at times. One gets quite good at predicting it correctly though :)
orivej has quit [Ping timeout: 252 seconds]
<gchristensen>
every. time. if you change your kernel config *stares*
<srhb>
:D
<sphalerite>
gchristensen: what if you build the kernel with nix-shell until you've got it fine-tuned right?
trcc has quit [Ping timeout: 240 seconds]
donguri has joined #nixos
<gchristensen>
hard to do that when I need to put it in to a netboot initrd
<donguri>
I'm having some trouble with Cabal/Nix integration. I can nix-shell and then cabal repl fine, but cabal --enable-nix repl gets me this error message:
<donguri>
error: syntax error, unexpected ',', expecting ')', at /nix/store/blybqszbgcv7xnahzvs7ica2q4ncfcpm-interactive-mixolydia-0.1.0.0-environment.drv:1:15
phreedom has quit [Ping timeout: 256 seconds]
phreedom_ has joined #nixos
<kandinski>
srhb: how are trusted-substituters called in configuration.nix?
<kandinski>
I do because I tried to pass --option substituters https://cache.nixos.org to nix as user, and it complained there were no trusted-substituters and exited.
<srhb>
kandinski: No, trusted-substituters is for substituters you don't want enabled normally but you do want untrusted users to be able to activate them explicitly on the command line
alex``` has joined #nixos
<kandinski>
srhb: I see
<kandinski>
I've been compiling the whole of rust just to get fd, ripgrep, etc
<kandinski>
but now
<kandinski>
\o/
<srhb>
:)
<kandinski>
it's an 8-year-old i7
<kandinski>
nice, this was a goal for today, thanks a lot. I might try and install Obelisk again later...
<srhb>
Welcome. If you do run into problems please do reach out.
<kandinski>
well, now I can maybe try and fix common (shared) issues!
<kandinski>
I wanted to package the drivers for my printer, to begin with. Selfish, but useful fr others too.
realrokka has quit [Quit: rip]
<kandinski>
or maybe the network-manager issue that pareidolia and I have hit upon
<kandinski>
(I found it when I was trying to backport network-manager from unstable into 18.03 to see whether that would fix an issue with handling .ovpn configurations (https://github.com/NixOS/nixpkgs/issues/46729)
<teto>
sphalerite: got the remote builder working, the build processed it printed on the console right ? that's cool !
<sphalerite>
\o/
<sphalerite>
yeah well actually the way it passes the build log through is a bug buuuuuuut lol
<teto>
still sad that nixos-rebuild --help prints only half of the available options. I had to look on the internet to find how to disable remote builders
patrl has joined #nixos
<sphalerite>
" In addition, nixos-rebuild accepts various Nix-related flags, including --max-jobs / -j, --show-trace, --keep-failed, --keep-going and --verbose / -v. See the Nix manual for details."
<teto>
yeah I didn't expect the log to be printed but I like it
graphene has quit [Remote host closed the connection]
<sphalerite>
:')
graphene has joined #nixos
<teto>
I used --options builders '' which is not listed there :p and not sure where to find the nix manual. Also nixos-rebuild --help doesn't use a pager so you gotta scrollback
<srhb>
teto: It'll be man nix.conf for those things
<kandinski>
srhb: so now, even if I rebuild from my own tree with some backports, it should still find most things in the caches, and only build the backported derivations, correct?
<srhb>
kandinski: Yes, everything that is already built by one of your substituters will just be downloaded.
<srhb>
kandinski: So as long as you dont override libc or something, you'll be fine most of the time. ;)
deltasquared has joined #nixos
trcc has joined #nixos
phreedom_ has quit [Ping timeout: 256 seconds]
phreedom has joined #nixos
<teto>
so what happens once you get enough karma ? free massage at nixcon ?
<srhb>
teto: You level up and gain the ability to gaze through the Veil, seeing for the first time what the world would be in its true, functional glory.
<etu>
teto: The ability to read and understand the entire manual.
<deltasquared>
what's that, a universal law of physics operating over the previous state of the universe?
trcc has quit [Remote host closed the connection]
trcc has joined #nixos
<worldofpeace>
cake
<{^_^}>
[nixpkgs] @alyssais opened pull request #47316 → nix: move perl-bindings inside common function → https://git.io/fAAJz
trcc has quit [Ping timeout: 245 seconds]
donguri has quit [Quit: Leaving]
kai_w has quit [Quit: Konversation terminated!]
<betaboon>
does anyone have an example how to use the current yarn2nix to build a angular6 application ? oO
iyzsong-x has joined #nixos
<infinisil>
[2018-05-26 20:24:58] <gchristensen> 25 points gets you a sticker, 100 points gets you a t-shirt, 1000 verified points gets you a free trip to nixcon *restrictions apply, must be verifiable points, given by grateful people, in channels I'm in
<infinisil>
teto: ^
<gchristensen>
I was wondering when you'd bring it up :)
<infinisil>
:P
<infinisil>
Had to look it up in the logs
jasongrossman has quit [Ping timeout: 260 seconds]
iyzsong has quit [Ping timeout: 240 seconds]
<infinisil>
,loot = [2018-05-26 20:24:58] <gchristensen> 25 points gets you a sticker, 100 points gets you a t-shirt, 1000 verified points gets you a free trip to nixcon *restrictions apply, must be verifiable points, given by grateful people, in channels I'm in
<{^_^}>
loot defined
orivej has joined #nixos
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « altcoins.litecoin: enable parallel building »: https://git.io/fAAUX
<etu>
haha :)
<infinisil>
We shall not forget!
* etu
has nixos-styckers from redbubble he needs to put on his laptop
<zimbatm>
can someone update the topic for nixcon? CfP is actually closed now
<betaboon>
symphorien: yeah something like that seems to be usefull :D
<betaboon>
is there a possible-today(tm)-solution ? XD
<hyper_ch2>
hmmmmmm, if possible, stuff should be packaged/compiled from source right?
<srhb>
hyper_ch2: Yep.
<qyliss^work>
betaboon: there is if you use a local nixpkgs checkout you can apply that patch to :P
<hyper_ch2>
srhb: still thinking about ungoogled chrome - there's a nice portable binary
<Mic92>
betaboon: already works for me, but I haven't wrote the documentation yet.
<srhb>
hyper_ch2: Availability of a nice binary isn't usually a sufficient argument. :)
<qyliss^work>
(highly recommend it - trying out experimental stuff really easily is so nice)
<hyper_ch2>
srhb: for me it is :)
<srhb>
hyper_ch2: Sure, what I meant was: Just don't expect inclusion in nixpkgs without weightier arguments. :)
<etu>
hyper_ch2: you can always have an expression in your config to have that package available for you :)
globin has quit [Remote host closed the connection]
<hyper_ch2>
etu: when I have more time I'll probably try to write a proper expression.... I was just hoping I could use the chromium one and then just adjust sources and a few things... but even the chromium expressions are so complicated :)
graphene has quit [Remote host closed the connection]
<hyper_ch2>
and what ungoogled does - as far as I've seen - is basically a wrapper to modify sources a lot and then compile
<teto>
infinisil: cool stuff. There is space between 100 and 1000 for further bonuses. 500 points, the printed version of eelco's thesis; 250 points, the 3d printed smile of ofborg's pic
graphene has joined #nixos
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
orivej has quit [Ping timeout: 260 seconds]
<gchristensen>
happy to do the 500pt one, 3d printed smile is probably expensi/e
<gchristensen>
and if you're close to 1k I need to be saving my money for your trip :)
jasongrossman has quit [Ping timeout: 252 seconds]
silver has joined #nixos
<srhb>
Is there a nice wrapper somewhere for building store paths from other store paths, but rewriting within them? Ie. a la symlinkJoin but [{ Src, Dest }] -> Out
<Jetien>
Hi, is it possible to use hydra builds to create other derivations _without_ access to the original nix expressions for the build? I'd rather ference the .nixpkg urls directly. What I'm trying to accomplish is to define nixos/nixops configurations with selected builds installed.
<srhb>
Jetien: I thought .nixpkg was essentially completely deprecated.
wpcarro has quit [Remote host closed the connection]
<srhb>
Maybe I'm wrong.
romildo has quit [Ping timeout: 244 seconds]
wpcarro has joined #nixos
<Jetien>
srhb: Ah i see. Maybe there is another solution? My use case should be pretty common
<manveru>
gchristensen: but i should be able to setup remote builders from that docker container to do this for me, right?
<srhb>
Jetien: And I don't know how you'd do it. :)
<srhb>
Jetien: It sounds to me like it involves building a reference graph from scratch.
samrose has joined #nixos
<Jetien>
srhb: Hmm. Maybe my use case can be generalized to: I want to build nixos config with a derviation installed which can be build from a release.nix from a private repo at a specific commit. If i remember correctly I had issues with fetchGit when I just provide a commit hash, not a tag/branch. For github this works, but there is fetchGithub.
worldofpeace has quit [Remote host closed the connection]
<srhb>
Jetien: It should absolutely be possible to just import (fetchGit ... release.nix) provided you have the necessary access
<samrose>
anyone have some nixos apparmor examples?
<srhb>
Jetien: Might be easier to solve credentials with builtins.fetchgit
<fendor>
is it possible that the latest npm package is neither in stable nor in unstable?
<srhb>
Jetien: And you also may have to modify your Hydra config a bit to allow IFD.
<{^_^}>
[nixpkgs] @xeji pushed commit from @smaret to master « gildas: 20180801_a -> 20180901_a (#46159) »: https://git.io/fAAYw
<gchristensen>
is there a way to add a program (which happens to be written in python) to a nix shell without having the package added to the PYTHONPATH and stuff?
<srhb>
fendor: I don't know the specifics of that ecosystem, sorry :)
<zduch4c>
a) how to disable the touchpad entirely, using declarative syntax? It still detects my touchpad as a PS/2 device, even though I don't have synaptics turned on
<zduch4c>
b) how do I list the Emacs packages available on NixOS?
<xok>
I've got a website written in Perl ( using Dancer framework )...
<xok>
can anyone help me understand how to automate the deployment process for this website and install all the required CPAN modules for Perl?..
<adisbladis>
domenkozar: How is your user logged in?
<adisbladis>
And what does $XDG_RUNTIME_DIR say?
<domenkozar>
the problem is, TMPDIR points there
<domenkozar>
but only in nix-shell
polman has quit [Ping timeout: 244 seconds]
akamaus has joined #nixos
polman has joined #nixos
<elvishjerricco>
Anyone using Nix on macOS Mojave? This issue suggests it works, but I'm interested in experience reports: https://github.com/NixOS/nix/issues/2244
<akamaus>
Hi there. I'm working on packaging pytorch. Right now package works in regular nix-shell environment but fails in --pure because it depends on one particular cuda library which lives in /run/opengl-driver/lib and comes from LD_LIBRARY_PATH which is void in pure env. Can anyone help with it? It's documented here: https://github.com/NixOS/nixpkgs/issues/46032
<worldofpeace>
lol, how can I make nixops not stop nix-daemon and networking (on deploy sometimes)?
<cransom>
i should clarify though, working meaning, it's not a seamless update. you either have to prepare your nix ahead of time or re-install after the upgrade. but it still works.
<romildo>
What is an easy way of testing a PR submitted by another person on my local system, and eventually update (or suggest an update to) it?
patrl has joined #nixos
<akamaus>
romildo, just clone the branch and run nix-shell -I 'nixpkgs=<path to repo>' -p package-to-test
<teto>
romildo: I install git-extras that adds a command "git pr" so I can do "git pr 3240" and build upon it. You can define your own alias but git-extras has some fun binaries
<{^_^}>
[nixpkgs] @xeji pushed commit from @worldofpeace to master « lollypop: 0.9.522 -> 0.9.601 (#47344) »: https://git.io/fAAaE
makefu has quit [Ping timeout: 264 seconds]
<emily>
has there been any thought given to shipping a network manager of some description on the minimal install image so that installation on laptops doesn't involve a bunch of wpa_supplicant fiddling?
<emily>
just the NetworkManager curses interface or such would be far nicer.
chpatrick has quit [Quit: Connection closed for inactivity]
<worldofpeace>
I'm not actually sure what way you should get the NetworkManager curses interface. I assumed that it would be a package in env. I guess you'd need to use the networkmanager module then.
orivej has quit [Ping timeout: 252 seconds]
<wpcarro>
is there a way to define a command in `shell.nix` that gets run as soon as the shell boots up? Like if I wanted to jump into a REPL or something?
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
<symphorien>
shellHook
<symphorien>
iirc
<wpcarro>
symphorien: that sounds promising
<wpcarro>
ty
Ariakenom has joined #nixos
<{^_^}>
[nixpkgs] @gnidorah opened pull request #47351 → telegram-desktop: support opening urls under wayland → https://git.io/fAASp
<samueldr>
:( it's woefully out of date right now :/
<samueldr>
I had hopes it wouldn't need to be kept there, and in that hope removed the streamlining I had for manual updates...
<samueldr>
(hopes it would be on the main website at some point)
<azazel>
that's a pity!
wpcarro has quit [Remote host closed the connection]
<buckley310>
I'm attempting to get the VMware Horizon client running as a nix package, but its not quite working. Something seems to be still hardcoded looking for "/usr/lib/...". Is anyone here good at these? :) https://gist.github.com/buckley310/6a5f77461a91cd5918ffdfe0f8a02b03
<buckley310>
(the package is gross, but im new, and i want to get it working now and make it nice later...)
<ashkitten>
how do i create a local package for small scripts i write that require dependencies?
<mdash>
ashkitten: pretty easy to just write a derivation for them
<worldofpeace>
buckley310: If you really really don't care about it being pretty and just want it to work you could use `buildFHSUserEnv`
<buckley310>
i have used that for some other things, i guess this time i figured i would do it properly and maybe it has a shot of getting pulled upstream
<buckley310>
its just frustrating that it even opens, it just dies when i try to connect to a server xD
<worldofpeace>
Ahh I see. That is really best since everyone can benefit from it.
<azazel>
worldofpeace: what are you referring to?
wpcarro has joined #nixos
<halfbit>
so is ubuntu trying to do something like nix with its whole snap system?
<halfbit>
my experience with snap so far is... not good
<buckley310>
snap is more like docker than nix...
<worldofpeace>
azazel: <buckley310> i have used that for some other things, i guess this time i figured i would do it properly and maybe it has a shot of getting pulled upstream
<{^_^}>
[nixpkgs] @orivej opened pull request #47353 → protobuf: default to 3.6 → https://git.io/fAAbP
<azazel>
halfbit: one of the problems with snap is that you can't setup your own repository...
<buckley310>
i have used the sandbox/chroot stuff to get some other apps to work, but i wanted to try and get Horizon packaged properly
fendor has joined #nixos
<elvishjerricco>
Is there a way to repair a path by rebuilding it?
wpcarro has quit [Ping timeout: 252 seconds]
<elvishjerricco>
I can't delete the path since it's in many generations that I'd like to keep.
<buckley310>
what happenned to it that it needs rebuilding?
fendor has quit [Ping timeout: 252 seconds]
<elvishjerricco>
buckley310: I honestly do not know.
<elvishjerricco>
But it fails `nix verify`
<worldofpeace>
.locate bin/readelf
<kalbasit[m]>
I'm trying to create a `default.nix` that will be used with `nix-shell`, but I also need it to install the environment in the docker container for the CI `nix-env -f default.nix -i`. I have so far https://gist.github.com/kalbasit/935c49f2799d27c6983f24719f339934 but it's not running because `src` and `srcs`. How can I make this work?
<infinisil>
worldofpeace: it's a comma
<worldofpeace>
,locate bin/readelf
<{^_^}>
Found in packages: arduino, androidndk, avrbinutils, arduino_core, gcc-arm-embedded, binutils-unwrapped
<elvishjerricco>
infinisil: Yep, just discovered that does rebuilds :) The docs say it only redownloads and "If no substitutes are available, then repair is not possible."
<infinisil>
kalbasit[m]: Use pkgs.buildEnv { name = "foo"; paths = [ ... ]; }
patrl has quit [Ping timeout: 252 seconds]
<kalbasit[m]>
infinisil: within the gccStdenv.mkDerivation?
<infinisil>
kalbasit[m]: Oh wait, you want it to be nix-shellable and also have the environment nix-buildable?
<worldofpeace>
buckley310: Any reason you're only patching vmware-view
<kalbasit[m]>
infinisil: yes I'm considering that, if not I'll have to nix-shell within CI commands
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47355 → numpy: gfortran and pytest should be nativeBuildInputs → https://git.io/fAAAE
<infinisil>
Hum not sure actually, but try playing around with buildEnv. It also takes a buildInputs argument
<infinisil>
Probably would be cleaner to separate this though
<buckley310>
worldofpeace, theres a single patchelf, and then another spot where i do `find|grep|xargs patchelf`
<kalbasit[m]>
infinisil: understood, I'll probably do that then
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47356 → numpy: gfortran and pytest should be nativeBuildInputs → https://git.io/fAAAr
<kalbasit[m]>
infinisil: do you have an example of a derivation that I can `nix-env -f <file> -i` but only install the buildInputs? (meaning no src and no out really)
<infinisil>
buildInputs aren't stuff to install though, these are different things
<infinisil>
buildInputs are what it needs to build the derivation, while the stuff it installs is the result in $out
<infinisil>
Ah yeah, it can work I think though, but I don't have an example
<infinisil>
Well not entirely, because stuff like setup scripts isn't run in $out
<infinisil>
But only when in a buildInput
<kalbasit[m]>
I thought buildInputs are what we call runtime dependencies and nativeBuildInputs are what required to build the derivation no?
<kalbasit[m]>
man these are confusing!
<infinisil>
Eh close I guess, it's complicated indeed
<azazel>
kalbasit[m]: you should give a read to the nixpkgs manual
<kalbasit[m]>
azazel: I did, it wasn't very helpful and it's just a lot to digest
<azazel>
kalbasit[m]: it has a section that explains the xxInputs members
<Dezgeg>
just put everything into buildInputs and you'll be fine
<worldofpeace>
buckley310: maybe add `libudpProxyLib.so` to LD_LIBRARY_PATH
<catern>
is there a way to sign a NAR so that it can be imported by a non-trusted user?
<gchristensen>
given an attrset, can I create a new attrset with specific keys _removed_?
<buckley310>
worldofpeace, i did try that but it doesnt seem to work :|
<catern>
it seems to me that there's no way to have signed Nix artifacts other than through a binary cache, is that right?
<elvishjerricco>
catern: Yea, but an admin has to add the public key to /etc/nix/nix.conf
<elvishjerricco>
catern: No, look at `nix sign-paths`
<catern>
elvishjerricco: sure, but how do you do it from the user perspective
<catern>
ah hm
<catern>
then how do you import them?
<elvishjerricco>
catern: Hm. There may be an easier way with the `nix-store` command, but I'd just do `nix-store --store file://$(pwd)/foo --import && nix copy --from file://$(pwd)/foo --all`
<catern>
elvishjerricco: can you use nix copy to replace the first nix-store operation as well?
<elvishjerricco>
catern: From a nar archive file? Dunno
<catern>
elvishjerricco: oh, no, I mean, I have a real store first I guess
<catern>
so I'd do `nix copy --to file://$(pwd)/foo [whatever]` right?
<elvishjerricco>
catern: I'm a bit confused. I thought you were asking how to import a nar as an untrusted user
<catern>
elvishjerricco: well, I was only asking about a NAR because I assumed that was the best way to serialize a store path
<buckley310>
worldofpeace, no, i just ran it after it was built with the library path variable
<{^_^}>
[nixpkgs] @Ericson2314 pushed 30 commits to staging-18.09: https://git.io/fAApc
<{^_^}>
[nixpkgs] @coreyoconnor opened pull request #47357 → firefox: disable auto updates using distribution policies. → https://git.io/fAApC
<catern>
elvishjerricco: but it sounds like it's best to serialize the store path into a file:// based local binary cache
<elvishjerricco>
catern: Oh, so you have some other store with a path that doesn't have your signature, and you'd like to copy a signed version into your local store?
<{^_^}>
[nixpkgs] @xeji pushed commit from @dylex to master « python.pkgs.cheroot: fix setup patch URL (#47320) (#47354) »: https://git.io/fAAp2
<{^_^}>
[nixpkgs] @Ericson2314 pushed 182 commits to staging: https://git.io/fAApV
<catern>
elvishjerricco: no, I have store X with store path A, which is signed with key K; then I want to create some self-contained file F out of that store path A; then I want to copy from F into store Y which trusts key K
trcc has joined #nixos
<catern>
elvishjerricco: it seemed to me that F would be a NAR, but it seems like there's no way for NARs to be signed
<elvishjerricco>
catern: What is this self contained file F? Is it just meant to be some serialization of A?
<catern>
elvishjerricco: F can be anything, I don't care what it is
<elvishjerricco>
catern: Then what purpose is F supposed to serve? What is to be copied from F to Y?
<catern>
elvishjerricco: er, sorry, store path A should be copied from F to Y
<catern>
the desired end result is that Y contains store path A
abueide has joined #nixos
<elvishjerricco>
catern: Ok, so it sounds like F is a serialization of A :)
<catern>
well, sure :)
<catern>
I just wanted to express that I don't care how F works
<elvishjerricco>
catern: In that case, yea F is probably best suited as a file:// binary cache
<elvishjerricco>
catern: You can tarball it up to move it around
<elvishjerricco>
more easily, that is
<catern>
hm, how do I specify a store to operate on for nix sign-paths?
<elvishjerricco>
catern: You should be able to do `nix copy --from X --to file:///path/to/foo`, and then you should be able to check that `foo` has signatures with `nix path-info --sigs`
<elvishjerricco>
catern: If X already has the signature, you shouldn't need to sign it yourself, right?
<catern>
elvishjerricco: yes that's true but I guess I'm wondering what scenario the signature wouldn't already be present
wpcarro has joined #nixos
wpcarro has quit [Read error: Connection reset by peer]
<elvishjerricco>
catern: Well, if you're doing your own builds on X, you'll need to sign it there. You can do `nix sign-paths --store X ...`, or you can set `secret-key-files` in `nix.conf` to have all your builds automatically signed.
<catern>
I see, I see
<catern>
Makes sense, thanks
<catern>
All your builds - that includes fixed-output builds, such as with add-to-store or nix-prefetch-url?
<catern>
(well those aren't fixed-output builds, but those are the ones I'm concernde about)
<elvishjerricco>
catern: You can probably set `--secret-key-files foo` on the command line at build time if you don't want the key persisted on your disk, also.
<elvishjerricco>
catern: Anything that's fixed output will not need to be checked against signatures
<elvishjerricco>
I dunno if Nix discards the signatures on fixed output derivations though
<catern>
elvishjerricco: okay, thank you, this is very helpful!
<elvishjerricco>
catern: Happy to help :)
<elvishjerricco>
Is there a way to get Nix 2.1 in 18.03?
samrose_ has joined #nixos
abueide has quit [Ping timeout: 272 seconds]
graphene has quit [Remote host closed the connection]
<Mic92>
would be a good execuse to ditch my irc client + bitlbee and replace it with something modern.
<MichaelRaskin>
Are you interested in the Skype bridge there?
<tilpner>
Mic92 - I'm not sure how self-hosted IRC bridging works
<MichaelRaskin>
Single-user one should, why not
<Mic92>
MichaelRaskin: I am not sure if what's there state of development they are, that's why I was hoping that someone already have experience with it.
<MichaelRaskin>
I know that 1) Skype puppet needed some patching to start, 2) I am not sure why, but it seems to run out of RAM sometimes
<Mic92>
I guess I will give some more months to stabilize.
<tilpner>
MichaelRaskin - I don't see how. If you join a room that's already bridges to IRC, their bridge wouldn't know you want to bridge yourself, right?
<Mic92>
*give them some
<MichaelRaskin>
I am not sure which of the projects are still active
<tilpner>
And then you're stuck the slow und unstable matrix.org IRC bridge :/
<MichaelRaskin>
tilpner: I meant a single-user bridge that doesn't know and doesn't care about any further connections, just let you store the IRC chatlogs on a matrix homeserver
<tilpner>
MichaelRaskin - So a read-only bridge from the Matrix perspective? That's not sufficient to replace your IRC client with :/
<MichaelRaskin>
tilpner: what you say in the bridge-room, gets said by the other side of the bot
<tilpner>
My concern is that the matrix.org-hosted bridges are unreliable, and I see no easy way to disable their bridging for just myself and supplement it with a faster bridge
<tilpner>
I understand the concept of bridging, the problem only occurs when there are multiple IRC bridges to the same room
* tilpner
-> #nixos-chat
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47360 → python-*: Format `pythonPackages` bindings → https://git.io/fAxUF
<{^_^}>
[nixpkgs] @volth closed pull request #47358 → perl: add devel version at 5.29.3 → https://git.io/fAxvQ
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #47361 → python-*: Format `pythonPackages` bindings for 18.09 → https://git.io/fAxTT
hlolli has joined #nixos
<Ralith>
tilpner: you can host your own bridge, you just need your own copy of the room to go with it
<tilpner>
Ralith - But doesn't that stop you from interacting with the Matrix users in that room? (Also, join #nixos-chat)
<clever>
nixops will also allow its own key in the nixos it deploys
<clever>
so you only need to do that once
<sphalerite>
yeah
<samrose__>
thnx tilpner !
Thra11 has joined #nixos
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
Anton-Latukha has quit [Ping timeout: 240 seconds]
alex`` has joined #nixos
<wpcarro>
Is there a preferred way to handle secrets for environment variables (e.g. web tokens)? I was thinking about storing each token in a file and reading that file at build time and then git-ignoring that file. I'm guessing Nix may already have a more elegant solution though. Integration with GPG would be excellent.
Anton-Latukha has joined #nixos
<wpcarro>
Right now I just have `readFile ./path/to/secret.txt`, which is okay
<infinisil>
Unfortunately I must disappoint you, there's no elegant way for secrets in Nix: nix#8
<infinisil>
I'm pretty sure there's no way to have secrets for a build unless you want to go impure (and disable sandboxing or some other trickery)
<nDuff>
Hmm -- I think I'm misunderstanding something here. I was under the impression that if I defined, say, config_template=./foobar inside my default.nix, I could refer to ${config_template} to get a fully-qualified path to foobar inside a '' ''-quoted string with a build step.
<kiloreux>
Is it possible to make nix binaries available for other nix users without running multi user install ? (On ubuntu)
<infinisil>
nDuff: That should indeed give you a path, but a /nix/store/<hash>... one
<nDuff>
That's what I expect too, but what I'm actually getting is an "error: undefined variable 'config_template' error.
* nDuff
does another typo-checking pass.
<infinisil>
Add a `rec` after your mkDerivation
<nDuff>
ahh!
<{^_^}>
[nixpkgs] @Mic92 merged pull request #47351 → tdesktop: support opening urls under wayland → https://git.io/fAASp
<infinisil>
Yeah, attrset names aren't automatically in scope
<{^_^}>
[nixpkgs] @Mic92 pushed commit from @gnidorah to release-18.09 « tdesktop: support opening urls under wayland »: https://git.io/fAxt3
<{^_^}>
[nixpkgs] @LnL7 merged pull request #47214 → podofo: fix library linkage on Darwin → https://git.io/fAFIw
<{^_^}>
[nixpkgs] @LnL7 pushed commit from @mroi to master « podofo: fix library linkage on Darwin (#47214) »: https://git.io/fAxtc
hotfuzz has quit [Ping timeout: 245 seconds]
camsbury has joined #nixos
<elvishjerricco>
wpcarro, worldofpeace: Yea that article has been working well for me for a while now. I still want something nicer, I just haven't figured anything better out yet
<wpcarro>
I've seen `--run` and `--command` flags to `nix-shell` to execute shell commands in a nix-shell. Is there a way to do this from a nix expression? Similar to `$(echo blah)` from shell?
<wpcarro>
elvishjerricco: good to hear. I need to overhaul the way I manage secrets one of these days
<judson>
I can't find an issue already for this, and I'm trying to find the gap in my understanding: I'm getting 'error: syntax error, unexpected ':', expecting '.' or '=', at ...' out of a builtins.fromJSON. The relevant line of JSON looks like "url": "git@github.com:nyarly/wagthepig.git"
wpcarro has quit [Remote host closed the connection]
klntsky has quit [Ping timeout: 256 seconds]
wpcarro has joined #nixos
<{^_^}>
[nixpkgs] @LnL7 opened pull request #47366 → broken darwin packages (f) → https://git.io/fAxOC
<wpcarro>
does anyone here successfully use Nix with Drone CI? We're having a hard time caching the /nix/store and mounting it and our CI is getting clobbered bc we need to download so much to populate the empty store :/
klntsky has joined #nixos
<hlolli>
For some reason, after uninstalling nvidia to get musinix working, disabled my num lock key compleatly. If I'm in emacs they enable/disable overwrite mode, or holding them down moves the mouse. Googleing this tells me to change this in gnome, but gnome-setting doesn't work at all for any setting. I'm on i3. Any tips to disable this "mouse-keys" so I can start typing numbers again on my laptop's keypad?
<gchristensen>
wpcarro: some people use cachix.org to help with that
<infinisil>
gchristensen: Won't help with having to download a lot
<infinisil>
I'm assuming they're talking about cache downloads
<wpcarro>
I'd love the /nix/store dir to persist between builds
<wpcarro>
and right now, we cannot seem to get that to work...
<wpcarro>
This isn't necessarily a Nix issue though. Just wondering if anyone here successfully uses it with Drone CI
<tilpner>
wpcarro - #drone-ci might know more about caching
<wpcarro>
tilpner: yeah I'll head over there
abueide has quit [Ping timeout: 252 seconds]
abueide has joined #nixos
xeji has joined #nixos
__monty__ has joined #nixos
kyren has quit [Read error: Connection reset by peer]
grp has joined #nixos
wpcarro has quit [Remote host closed the connection]
<elvishjerricco>
wpcarro: If you can cache an individual file more easily, you can `nix copy --all --too file:///path/to/dir` and tar up the dir to save. Then untar and `nix copy --all --from file:///path/to/dir` to restore.
wpcarro has joined #nixos
wpcarro has quit [Remote host closed the connection]
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
<cransom>
you can also do things like configure s3 credentials and on build finish, nix copy --all --to s3://bucket/mycache
grp has quit [Ping timeout: 252 seconds]
<elvishjerricco>
cransom: Yea, if you're willing to give CI credentials to an S3 bucket, it might be best to just copy everything up, since then you can just use the bucket as a substituter to avoid copying more than is neededl
grp has joined #nixos
<elvishjerricco>
Would work with any remote store, like ssh(-ng)
<cransom>
yeah. it wouldn't really be any better than cachix if the problem is pushing/pulling files down though.
xok has quit [Quit: Leaving.]
<elvishjerricco>
cransom: Except that cachix doesn't have any kind of private or authenticated thing, right?
<cransom>
it might support it but it's not publicly advertised. at least according to the homepage.
<theseriousadult>
How do I add happy as a dependency in a nix file?
<meejah>
hi folks, I'm looking at some Nix things a colleage did; where do I find documentation for things available/allowed in .nix files? Specifically I'm looking for deployment.virtualbox.* to see if I can set networking-type in a virtualbox vm
graphene has quit [Remote host closed the connection]
<elvishjerricco>
meejah: The manuals are going to be your best friends.
graphene has joined #nixos
<elvishjerricco>
You're using both NixOS and NixOps. The former is an OS and configuration system, and the later is a deployment system.
<elvishjerricco>
meejah: For questions about syntax and the low level build system, check out the Nix manual, and for questions about writing your own packages, check out the nixpkgs manual
<meejah>
elvishjerricco: okay, thanks
<infinisil>
theseriousadult: How do you normally add dependencies?
<elvishjerricco>
meejah: Sorry to basically dump four books on you :P I don't really know the answer to your specific question
<meejah>
the "virtualbox" section is light on details in nixops/manual -- (I guess I'm hoping for "here's all the options you can specify" but not finding it?)
patrl has joined #nixos
<nek0>
hi folks
<theseriousadult>
infinisil: normally I try finding the package name by using nox, then add the name to buildInputs in my shell.nix file
georges-duperon has quit [Ping timeout: 252 seconds]
<theseriousadult>
That didn't work this time because nox doesn't index haskellPackages I guess
<nek0>
has anyone ever built and installed the digimend kernel modules?
<theseriousadult>
just adding haskellPackages.happy worked though
<elvishjerricco>
meejah: Hm... Looking through the nixops manual, it seems there are some undocumented options :/ That's disappointing.
<{^_^}>
[nixpkgs] @Mic92 opened pull request #47368 → vimPlugins.vim-husk: init at 2015-11-29 → https://git.io/fAxZW
<meejah>
elvishjerricco: okay, thanks. I guess I'll wait until my colleage is back online and ask them ;)
<meejah>
ah, cool, seems like the answer for most options is "just use vmFlags". So I think the answer to my question is: deployment.virtualbox.vmFlags = "--nic1 bridged";
wpcarro has joined #nixos
<elvishjerricco>
meejah: Sounds about right :)
<hlolli>
just to test out a potential solution to my question above, how could I run this command `gsettings set org.gnome.desktop.a11y.keyboard mousekeys-enable false` when I don't have gsettings, some nixos option that provides this?
<adamantium>
Hey, looking at the zfs install guide, Question-- For UEFI systems, what is the point of raiding /boot ext4 since you cannot raid the efi partition.
<adamantium>
Seems like still a pretty bad single point of failure?
<hlolli>
worldofpeace: thanks for replying. I googled an alternative command. "xset -led 13" but it doesn't work, leaning towards a deeper screen conf screwup, digging deeper...
<worldofpeace>
hlolli: you can do `nix-shell -p glib.dev --run "gsettings set org.gnome.desktop.a11y.keyboard mousekeys-enable false"` because the executable is in a different output
<cransom>
adamantium: thats not how i run my boot, but i don't see an issue with raid1 for /boot. either disk would be able to boot from that partition.
<hlolli>
nice thanks (whishing there was a thumbs up on irc as not to add another line :P )
<hlolli>
yup confirms my suspicion of timeconsumeing xorg problem, going to restart, see you in cyberspace
<vaibhavsagar>
srhb: I just enabled the service, I'm not sure what you mean about putting my secrets in the Nix store
hlolli has quit [Remote host closed the connection]
<srhb>
vaibhavsagar: The fact that you mentioned a read only filesystem preventing you from modifying a file with "secret" in its name made me think that you had injected secrets into the nix store :)
<srhb>
vaibhavsagar: (Rendering them non-secrets insofar as they are world readable)
<vaibhavsagar>
how are they world readable?
<{^_^}>
[nixpkgs] @olynch opened pull request #47370 → Added TEXMF variable to environment for tex wrappers, fixes #19279 → https://git.io/fAxCD
<srhb>
vaibhavsagar: Every file in the nix store is.
<vaibhavsagar>
wait what?
<srhb>
vaibhavsagar: Yup.
<srhb>
Hence the nono on secrets.
<vaibhavsagar>
I know it's a bad idea to put secrets in the nix store
<vaibhavsagar>
but how are they world readable?
Rusty1 has joined #nixos
<cransom>
and that would be why.
<srhb>
vaibhavsagar: world readable as in every user on the system, not restricted to root.
lopsided98 has quit [Quit: Disconnected]
<vaibhavsagar>
okay, that I did know
<srhb>
Ah, that's the usual meaning of world readable, not "uploaded to the interwebs without your knowing" thankfully :D
<vaibhavsagar>
yeah, I was very confused for a moment there
<srhb>
Sorry :p
<vaibhavsagar>
no worries
lopsided98 has joined #nixos
<vaibhavsagar>
my last job was a lot of systems administration with Nix, so I would have had to let them know
<vaibhavsagar>
I'm getting the error message from NetworkManager
<vaibhavsagar>
Sep 25 17:58:13 nixos NetworkManager[951]: <warn> [1537912693.2172] vpn-connection[0x20667c0,d017d8f9-bf3a-4d28-925f-5f1da2d4c8d9,"New vpn connection",0]: VPN connection: failed to connect: 'Could not open /etc/ipsec.secrets'
<srhb>
vaibhavsagar: So, wait, is this not using services.strongswan at all?
<vaibhavsagar>
I have it enabled, but I'm trying to configure it with networkmanager
<vaibhavsagar>
could that be the cause of my issue?
<srhb>
vaibhavsagar: Possibly, network-manager is even more of a black box to me to be honest.
<vaibhavsagar>
fair enough!
hakujin has joined #nixos
shabius has quit [Remote host closed the connection]
<srhb>
vaibhavsagar: Does the file actually exist and look like a bunch of "include somefiles" ?
<vaibhavsagar>
the file exists, but is empty
<srhb>
vaibhavsagar: That's what the services.strongswan.secrets list should do
shabius has joined #nixos
<vaibhavsagar>
ahh
<Ralith>
NetworkManager is usually it's own thing
<Ralith>
if you want to use it, disable the service
<srhb>
Ralith: Makes sense.
<hakujin>
I'm sure this is a popular topic: what's the story re: nix & macOS mojave? seems the current installer won't upgrade an existing multi-user installation. is single-user the correct default now?
shabius has quit [Max SendQ exceeded]
<elvishjerricco>
hakujin: Single user is the default now with the installer, but my opinion is that multi-user is superior (just harder to setup)
shabius has joined #nixos
<elvishjerricco>
You can pass `--daemon` to the installer to do multi-user
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<elvishjerricco>
yea, stdenv has become quite the mess
brejoc has quit [Ping timeout: 240 seconds]
<elvishjerricco>
The new `deps*` matrix is very silly to me. It should have just been an actual matrix data structure...
vaibhavsagar__ has quit [Ping timeout: 252 seconds]
<{^_^}>
[nixpkgs] @volth opened pull request #47373 → net_snmp: build with default perl → https://git.io/fAx8x
hlolli has quit [Remote host closed the connection]
hamishmack has joined #nixos
mayhewluke has quit [Ping timeout: 252 seconds]
mayhewluke has joined #nixos
goibhniu has quit [Ping timeout: 276 seconds]
Denommus has joined #nixos
worldofpeace has quit [Remote host closed the connection]
<elvishjerricco>
Is there a way to *delete* signatures from a nix store? I think `nix sign-paths` is signing paths that `nix verify` is failing to verify
<elvishjerricco>
Particularly .drv files
<elvishjerricco>
and seemingly any other add-to-store file.
<clever>
elvishjerricco: what about just removing the entire path? `nix-store --delete`, and dont use force
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<elvishjerricco>
clever: Well I really don't want to / can't delete the paths
<elvishjerricco>
And trying `nix-store --delete` without forcing them to be deleted does not delete signatures
edwtjo has quit [Ping timeout: 272 seconds]
<clever>
elvishjerricco: i think the only way to remove signatures is to run sqlite3 against /nix/var/nix/db/db.sqlite and update the column to remove them
<clever>
elvishjerricco: just make sure to backup the file first, because if you corrupt the db, your entire /nix/ has to be reset
<elvishjerricco>
clever: lame. Whatever, it's not an actual solution to my problem anyway :P
theseriousadult has quit [Quit: Leaving]
edwtjo has joined #nixos
lopsided98 has quit [Quit: Disconnected]
lopsided98 has joined #nixos
<judson>
"The option `...' is used but not defined." seems misleading too, when it means that the option is defined but a value has not been provided.
<clever>
the option is defined, and used, but has no default and no value assigned, is a better way to put it
<Myrl-saki>
judson: The option is declared but not defined?
<Myrl-saki>
I mean, technically, there's no such thing as undefined, but..
__monty__ has quit [Quit: leaving]
<Myrl-saki>
error: The option `virtualisation.virtualbox.host.arstarts' defined in `/etc/nixos/configuration.nix' does not exist.
<Myrl-saki>
Yeah, defined in this case seems to be "provided a value for."
<elvishjerricco>
clever: Ah, we may have an overflow! If `maxSigs` is just `INT_MAX` or whatever, then the fact that `validSigs++` occurs afterwards would be overflow.
<{^_^}>
[nixpkgs] @taku0 opened pull request #47375 → oraclejdk: remove version 10 → https://git.io/fAx0p
nDuff has quit [Quit: zzz]
Kelppo has joined #nixos
lostman has joined #nixos
erasmas has quit [Quit: leaving]
<lostman>
hi all. i have some issues with nixops. maybe someone can help? 1) it complains that system.nixos.stateVersion is not set. Where do I set it? and 2) when it copies closure from my host OS it is using the uid of my host OS user (single user nix install on Ubuntu). So everything ends up horribly broken. How can I make it copy and chown to root or nixbld or something?
semilattice has joined #nixos
<semilattice>
Anyone here use discord?
Ariakenom has quit [Read error: Connection reset by peer]