samueldr changed the topic of #nixos to: NixCon 2018 - 25-27 Oct In London https://nixcon2018.org/ || NixOS 18.09 released https://discourse.nixos.org/t/1076 || https://nixos.org || Latest NixOS: https://nixos.org/nixos/download.html || Latest Nix: https://nixos.org/nix/download.html || Logs: https://logs.nix.samueldr.com/nixos/ || #nixos-dev, #nix-darwin, #nixos-aarch64, #nixos-chat, #nixcon
<{^_^}> [nixpkgs] @qolii opened pull request #48648 → eternal-terminal: 4.1.2 -> 5.1.6. → https://git.io/fxaCN
sigmundv has joined #nixos
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/bfb61a77092 (from 2 hours ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
<fiatjaf> what exactly does mkDerivation does?
<gchristensen> you might be interested in reading https://nixos.org/nixos/nix-pills/
<simpson> That link is quite good. The short version is that it computes some attributes based on the package environment that `mkDerivation` belongs to, typically `stdenv`, and puts that together with your original attributes to form a new attrset.
<{^_^}> [nixpkgs] @jtojnar closed pull request #45834 → eternal-terminal: 4.1.2 -> 5.1.0 → https://git.io/fAcp3
<aleph-> Ugh, and my idea isn't working. Bollocks
<fiatjaf> I think I'll have to read the entire stuff :P
<aleph-> Still can't find a damn way to run bundix in my derivation rather then befire,
rprije has joined #nixos
Rusty1 has joined #nixos
init_6 has quit []
sigmundv__ has joined #nixos
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
ma27 has quit [Quit: WeeChat 2.2]
ma27 has joined #nixos
hamishmack has joined #nixos
goibhniu has quit [Ping timeout: 252 seconds]
mayhewluke has quit [Ping timeout: 272 seconds]
mayhewluke has joined #nixos
fragamus has joined #nixos
<{^_^}> [nixpkgs] @NeQuissimus pushed to master « sbt: 1.2.4 -> 1.2.6 »: https://git.io/fxalA
<{^_^}> [nixpkgs] @NeQuissimus pushed to release-18.09 « sbt: 1.2.4 -> 1.2.6 »: https://git.io/fxalp
Mateon2 has joined #nixos
Mateon1 has quit [Ping timeout: 245 seconds]
Mateon2 is now known as Mateon1
lassulus_ has joined #nixos
emily has quit [Ping timeout: 250 seconds]
Supersonic has quit [Disconnected by services]
Supersonic112 has joined #nixos
<{^_^}> [nixpkgs] @jerith666 opened pull request #48649 → jdk10: remove special handling for arm → https://git.io/fxa8a
Supersonic112 is now known as Supersonic
lassulus has quit [Ping timeout: 244 seconds]
lassulus_ is now known as lassulus
dvim has quit [Ping timeout: 245 seconds]
<{^_^}> [nixpkgs] @marsam opened pull request #48650 → ruby: 2.3.7 -> 2.3.8, 2.4.5 -> 2.4.5, 2.5.1 -> 2.5.2 → https://git.io/fxa8h
<aleph-> Anybody have trouble with using the chromecast plugin with vlc?
<{^_^}> [nixpkgs] @romildo opened pull request #48651 → deepin-movie-reborn: init at 3.2.10 → https://git.io/fxa4m
<aleph-> Nevermind, definitely not the vlc package.
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
silver has quit [Read error: Connection reset by peer]
talyz has quit [Read error: Connection reset by peer]
jtojnar has quit [Read error: Connection reset by peer]
etu has quit [Read error: Connection reset by peer]
talyz has joined #nixos
etu has joined #nixos
magnetophon has quit [Remote host closed the connection]
jtojnar has joined #nixos
drakonis_ has joined #nixos
drakonis has quit [Ping timeout: 276 seconds]
aiwakura has quit [Quit: ...]
drakonis has joined #nixos
snajpa has quit [Excess Flood]
snajpa has joined #nixos
drakonis_ has quit [Ping timeout: 250 seconds]
dvim has joined #nixos
oida has quit [Quit: byez]
romildo has quit [Quit: Leaving]
oida has joined #nixos
saphira__ has joined #nixos
emily has joined #nixos
Supersonic has quit [Ping timeout: 252 seconds]
fragamus has joined #nixos
Supersonic has joined #nixos
joy has joined #nixos
justan0theruser has joined #nixos
justanotheruser has quit [Ping timeout: 272 seconds]
joy has quit [Client Quit]
sigmundv__ has quit [Ping timeout: 244 seconds]
drakonis_ has joined #nixos
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/41905d631f0 (from 3 hours ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
<{^_^}> Channel nixpkgs-unstable advanced to https://github.com/NixOS/nixpkgs/commit/ac7bf94f6df (from 3 days ago, history: https://channels.nix.gsc.io/nixpkgs-unstable)
sigmundv has quit [Ping timeout: 252 seconds]
Dedalo has joined #nixos
PolarIntersect has quit [Ping timeout: 252 seconds]
<{^_^}> [nixpkgs] @marsam opened pull request #48652 → pytest: fix python 3.5 build → https://git.io/fxa0K
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/81f5c2698a8 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
<metalrex> metal
metalrex has quit [Quit: Leaving]
jperras has quit [Quit: WeeChat 2.2]
slack1256 has joined #nixos
carlosdagos has joined #nixos
dvim has quit [Ping timeout: 272 seconds]
<{^_^}> [nixpkgs] @jtojnar pushed 158 commits to gnome-3.30: https://git.io/fxau0
<rprije> There's a haskell package I want to get a newer version of off github (https://github.com/haskell-servant/servant-auth/tree/servant-auth-server-0.4.1.0). I used fetchFromGit but I'm getting cabal2nix error "Failed to fetch source" even though the location it says it downloaded to has a complete git clone. I think the error might be because there's no .cabal file at the top, but instead a cabal.project. How can I get this to
<rprije> work?
midchildan has joined #nixos
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @jtojnar merged pull request #46613 → xpra: port to gtk3 → https://git.io/fAiso
<{^_^}> [nixpkgs] @jtojnar pushed 3 commits to master: https://git.io/fxazJ
<elvishjerricco> rprije: Check out cabal2nix's --subpath argument
<rprije> Cool. How could I make use of this within a nix expression built using fetchFromGitHub?
<rprije> btw, elvishjerricco I saw your cabal2nix issue #286 which seems related?
<{^_^}> https://github.com/NixOS/nixpkgs/issues/286 (by johnnyangle, 5 years ago, closed): ghc-7.0.4-binary build failure: ghc-cabal unsupported operation
<rprije> Not that nixpkgs issue. Thanks for trying, {^_^}
<elvishjerricco> rprije: Yea, but I'd say that's supplemental. What does your expression look like now?
<rprije> It's a straight up pkgs.fetchFromGitHub with attributes owner, repo, rev and sha256.
<elvishjerricco> rprije: So you're not using cabal2nix manually?
<rprije> It's an obelisk project. I think, with low confidence, that it's calling out to cabal2nix under tho hood.
<elvishjerricco> Ahhh
<elvishjerricco> rprije: Just do `"${fetchFromGitHub { ... }}/SUBDIRNAME"`
<rprije> "unexpected DOLLAR_CURLY". I'll paste up my default.nix.
<elvishjerricco> rprije: You need the double quotes. The dollar thing interpolates the fetchFromGitHub result into a string literal, so we're basically just going from `/nix/store/...-source` to `/nix/store/...-source/SUBDIRNAME`
hamishmack has quit [Ping timeout: 250 seconds]
PolarIntersect has joined #nixos
mayhewluke has quit [Ping timeout: 245 seconds]
mayhewluke has joined #nixos
<rprije> (Updated that paste. Accidental double paste due to janky mouse)
<rprije> Ah, quotation error probably...
pie_ has quit [Ping timeout: 246 seconds]
<rprije> I'm guessing it's nested quotation. I need to run and pick my kid up from school. Thanks for your help, elvishjerricco. If you have no further suggestions, I'll see if fixing the nested quotation works later.
<elvishjerricco> rprije: I would expect what you have there to work
drakonis_ has quit [Read error: Connection reset by peer]
Rusty1 has quit [Quit: Konversation terminated!]
fragamus has joined #nixos
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/81f5c2698a8 (from 4 hours ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
smolboye has quit [Ping timeout: 252 seconds]
Dedalo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
smolboye has joined #nixos
<rprije> elvishjerricco, that was the lead I needed, thanks a bunch for helping me get past that blocker. I lifted out the fetchFromGitHub into a let expression for re-use and that also solved the nested quotation. On to other errors now.
rprije has quit [Ping timeout: 252 seconds]
<{^_^}> [hydra] @kquick opened pull request #603 → Added job/PROJECT/JOBSET/JOB/latest-outpath endpoint. → https://git.io/fxa2r
<Church-> Hey stupid question, no way to pass arguments to a package when doing a install right? A la "nix-env -i PKG arg1 arg2" and have the args pushed onto buildInputs?
jasongrossman has joined #nixos
nschoe has joined #nixos
<infinisil> Church-: nah, you need to override it like normal in Nix
<infinisil> E.g. via an overlay or config.nix
<Church-> Gotcha
nschoe has quit [Ping timeout: 252 seconds]
amosbird has quit [Quit: ZNC 1.7.0 - https://znc.in]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
sir_guy_carleton has quit [Quit: WeeChat 2.0]
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
astronavt has joined #nixos
amosbird has joined #nixos
<{^_^}> [nixpkgs] @vbgl opened pull request #48653 → why3: 1.0.0 -> 1.1.0 → https://git.io/fxaoz
endformationage has quit [Quit: WeeChat 1.9.1]
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
amosbird has quit [Max SendQ exceeded]
amosbird has joined #nixos
<rsa> hmm, nix-shell -p freeglut, then cmake: "Could NOT find GLUT (missing: GLUT_glut_LIBRARY GLUT_INCLUDE_DIR)"
alex`` has joined #nixos
Ariakenom has joined #nixos
hyper_ch2 has joined #nixos
emily has quit [Ping timeout: 252 seconds]
astronavt has quit [Quit: Leaving]
jackdk has quit [Ping timeout: 244 seconds]
hotfuzz has joined #nixos
smolboye has quit [Ping timeout: 276 seconds]
hotfuzz_ has quit [Ping timeout: 272 seconds]
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
fragamus has joined #nixos
Thra11 has joined #nixos
patrl has joined #nixos
Itkovian has joined #nixos
Thra11 has quit [Ping timeout: 260 seconds]
brejoc has joined #nixos
reinzelmann has joined #nixos
slack1256 has quit [Remote host closed the connection]
patrl has quit [Ping timeout: 260 seconds]
<{^_^}> [nixpkgs] @Infinisil merged pull request #45030 → nvidia_x11_beta: reinit at 410.57 → https://git.io/fNN4x
<{^_^}> [nixpkgs] @Infinisil pushed 2 commits to master: https://git.io/fxaPE
orivej has joined #nixos
smolboye has joined #nixos
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<jluttine> I'm on nixos-unstable and haven't updated in a while. I now tried to update but "nixos-rebuild boot" raises error that "nix-repl has been removed". Yeah, I know it's removed but I would still like to be able to update my system.. Any help?
<jluttine> (I did "nix-channel --update" before that)
<etu> jluttine: nix-repl has been replaced by "repl" in nix aka "nix repl"
<etu> So it's built in
<manveru> jluttine: remove it from your systemPackages
lonokhov has joined #nixos
<infinisil> The error should mention nix repl
<infinisil> > nix-repl
<{^_^}> nix-repl has been removed because it's not maintained anymore, use `nix repl` instead. Also see https://github.com/NixOS/nixpkgs/pull/44903
<jluttine> manveru: oh! :D i didn't realise it was there, thanks!
<jluttine> I thought nixos-rebuild was broken
kittyAlana has joined #nixos
<kittyAlana> Hi people
thc202 has joined #nixos
<kittyAlana> So quick question, I want to install NixOS but I can't seem to find GPG-signed hashes of the releases; how should I go about verifying the authenticity of the offered iso files?
ThatDocsLady has joined #nixos
<etu> kittyAlana: There's a sha256 served over https, people in general are happy with that
<jasongrossman> kittyAlana: etu means at https://nixos.org/nixos/download.html
<kittyAlana> etu: I did notice that, however most OSes also sign the hashes so that I can verify them without trusting infrastructure, is that not available on NixOS?
<jasongrossman> kittyAlana: No.
<kittyAlana> :( ouchie... ok well thanks for helping and I'll uhh figure out what I'm gonna do thanks
<symphorien> kittyAlana: if you have nix installed you can build the iso yourself rather easily
<symphorien> It might even build reproducibly (no idea)
<kittyAlana> symphorien: Fair enough, but if Git commits aren't signed wouldn't I be back at the same problem? I mean theoretically I could just read the src but that's a lot of work and I have... work to do :(
orivej has quit [Ping timeout: 246 seconds]
<symphorien> Well you have the same problem with gpg signatures of releases
<etu> kittyAlana: We all have things that we would like to improve in this project. But many things really lacks man-hours
<symphorien> You can't realistically expect the signer to read the whole source code
ckauhaus has joined #nixos
<sphalerite> kittyAlana: yeah we had some discussions about commit signing recently
<kittyAlana> I see...
<kittyAlana> Sorry for the ellipsis I'm just tired it's not meant to be rude
<etu> kittyAlana: It's all fine :-)
v0|d has joined #nixos
<kittyAlana> I guess I'll just keep NixOS to my not-super-critical computers its fine I have like 50 thousand computers
<kittyAlana> ;3
Itkovian has joined #nixos
<sphalerite> kittyAlana: :) I wouldn't be surprised if guix were a bit more disciplined about that sort of stuff, so that might be an option if you don't need any proprietary software
<kittyAlana> Proprietary software = bad :3
<jasongrossman> sphalerite and kittyAlana: I don't like proprietary software, but guix seems to me to be much less mature.
<kittyAlana> but I rly like the aesthetic of NixOS
<kittyAlana> Guix seems like a... how should I put this
<sphalerite> kittyAlana: also, re signing CD images, it can't even really happen, or at least it wouldn't be a person signing it, since the ISOs are updated frequently to match the current state of the relevant channel
<kittyAlana> Stereotypical GNU project
<sphalerite> haha
<jasongrossman> kittyAlana: I agree, and for small projects I think that's a good thing, but not for an OS.
<etu> jasongrossman: What about Hurd?
<etu> </joke>
<kittyAlana> I haven't read the channel rules abt political discussions, but I don't like GNU. GNU software seem to universally be bad...
mayhewluke has quit [Ping timeout: 272 seconds]
<jasongrossman> kittyAlana: I don't think we have any rules about politics, but we have #nixos-chat for off-topic things. I think most of us are in both rooms.
<kittyAlana> ok I see!
<etu> jasongrossman: 498 compared to 66 clients though ;)
<sphalerite> GNU GuixSD/Hurd go go go
<jasongrossman> Well, most of us who count. :-)
fragamus has quit [Ping timeout: 260 seconds]
mayhewluke has joined #nixos
<{^_^}> [nixpkgs] @Mic92 merged pull request #48649 → jdk10: remove special handling for arm → https://git.io/fxa8a
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxayn
kimat has joined #nixos
goibhniu has joined #nixos
johanot has joined #nixos
Lears has joined #nixos
saphira__ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
[Leary] has quit [Ping timeout: 252 seconds]
<{^_^}> [nixpkgs] @lheckemann merged pull request #48631 → grafana: 5.2.4 -> 5.3.1 → https://git.io/fx2Rp
<{^_^}> [nixpkgs] @lheckemann pushed 2 commits to master: https://git.io/fxaSC
kimat has quit [Quit: Quit]
ThatDocsLady has quit [Quit: Leaving]
appi has joined #nixos
appi has quit [Client Quit]
Itkovian has quit [Read error: Connection reset by peer]
<{^_^}> [nixpkgs] @Profpatsch merged pull request #48492 → bazel: 0.17.1 -> 0.18.0 → https://git.io/fxutH
<{^_^}> [nixpkgs] @Profpatsch pushed commit from @uri-canva to master « bazel: 0.17.1 -> 0.18.0 »: https://git.io/fxa96
appi has joined #nixos
kittyAlana has quit [Ping timeout: 256 seconds]
Itkovian has joined #nixos
<{^_^}> [nixpkgs] @codefionn closed pull request #48635 → tor-browser-bundle-bin: Added download link → https://git.io/fx21L
pointfourone_ has joined #nixos
carlosdagos has quit [Quit: Connection closed for inactivity]
<{^_^}> [nixpkgs] @adisbladis pushed 3 commits to master: https://git.io/fxaQB
<{^_^}> [nixpkgs] @adisbladis merged pull request #48639 → nixos/pulseaudio: Add extraModules config option → https://git.io/fx2b9
pointfourone has quit [Ping timeout: 250 seconds]
appi has quit [Ping timeout: 268 seconds]
worldofpeace has quit [Ping timeout: 246 seconds]
arjen-jonathan has joined #nixos
arjen-jonathan has quit [Client Quit]
[Leary] has joined #nixos
Lears has quit [Ping timeout: 268 seconds]
mmercier has joined #nixos
<{^_^}> [nixpkgs] @FRidh merged pull request #48633 → Refactor another ~100 package from python-packages.nix -> python-modules → https://git.io/fx2rJ
<{^_^}> [nixpkgs] @FRidh pushed 111 commits to staging: https://git.io/fxa7M
FRidh has joined #nixos
<{^_^}> [nixpkgs] @FRidh merged pull request #48652 → pytest: fix python 3.5 build → https://git.io/fxa0K
<{^_^}> [nixpkgs] @FRidh pushed 2 commits to master: https://git.io/fxa5G
Streetwalrus has quit [Quit: ZNC 1.6.5 - http://znc.in]
Streetwalrus has joined #nixos
smolboye has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @FRidh pushed 2 commits to release-18.09: https://git.io/fxa5X
<{^_^}> [nixpkgs] @FRidh closed pull request #48646 → Create CONTRIBUTION.md → https://git.io/fxa3D
Unode has quit [Ping timeout: 272 seconds]
<{^_^}> [nixpkgs] @dywedir opened pull request #48656 → bat: 0.7.1 -> 0.8.0 → https://git.io/fxadV
<{^_^}> [nixpkgs] @FRidh merged pull request #48306 → Staging next → https://git.io/fxBXd
<{^_^}> [nixpkgs] @FRidh pushed 33 commits to master: https://git.io/fxadb
smolboye has joined #nixos
Unode has joined #nixos
<{^_^}> [nixpkgs] @FRidh closed pull request #47878 → kbd: Renamed norwegian dvorak keymap to dvorak-no. → https://git.io/fxYfA
<{^_^}> [nixpkgs] @xeji pushed commit from @makefu to master « bento4: init at 1.5.1-624 (#47632) »: https://git.io/fxabe
<{^_^}> [nixpkgs] @xeji merged pull request #47632 → bento4: init at 1.5.1-624 → https://git.io/fxUhq
<{^_^}> [nixpkgs] @xeji merged pull request #48651 → deepin-movie-reborn: init at 3.2.10 → https://git.io/fxa4m
<{^_^}> [nixpkgs] @xeji pushed commit from @romildo to master « deepin-movie-reborn: init at 3.2.10 (#48651) »: https://git.io/fxabq
__monty__ has joined #nixos
sigmundv__ has joined #nixos
<{^_^}> [nixpkgs] @FRidh pushed 121 commits to staging: https://git.io/fxabp
<{^_^}> [nixpkgs] @FRidh pushed 517 commits to staging-next: https://git.io/fxaNU
Izorkin has quit [Remote host closed the connection]
Izorkin has joined #nixos
simukis has joined #nixos
Ariakenom has quit [Ping timeout: 268 seconds]
Izorkin has quit [Quit: ZNC 1.7.1 - https://znc.in]
orivej has joined #nixos
<{^_^}> [nixpkgs] @jtojnar pushed 3 commits to master: https://git.io/fxaxh
<{^_^}> [nixpkgs] @jtojnar merged pull request #48648 → eternal-terminal: 4.1.2 -> 5.1.6. → https://git.io/fxaCN
cmacrae has joined #nixos
__Sander__ has joined #nixos
<joko> clever: hello, I noticed in your hydra-configs repository, you have both nix and json files for each project. I thought that only a json file was necessary. Are you using the nix one just to generate the latter?
TweyII has joined #nixos
<TweyII> Why does nix-prefetch-git &c. result in JSON syntax instead of Nix?
<{^_^}> Channel nixos-18.09 advanced to https://github.com/NixOS/nixpkgs/commit/81f5c2698a8 (from 10 hours ago, history: https://channels.nix.gsc.io/nixos-18.09)
<qyliss^work> TweyII: probably because JSON is easier to generate, and Nix can read it?
<TweyII> I always use them to generate my Nix expressions and have to convert the JSON into Nix :(
<srhb> TweyII: `fromJSON (readFile ...` is not that much worse than `import` :)
hamishmack has joined #nixos
Ariakenom has joined #nixos
<Myrl-saki> Hm.
<Myrl-saki> Is my nixops outdated?
<Myrl-saki> Tells me that it's setting the state version to 18.03
<joko> Myrl-saki: this should be a nixos option and it is ok to keep it so, it marks how some services were initialised since you created your machine
<{^_^}> nixops#972 (by nh2, 16 weeks ago, open): DO NOT MERGE: Nix 2 out of memory workaround
<Myrl-saki> joko: Yeah, true, but this is a new deployment.
<Myrl-saki> ./nixos/modules/virtualisation/ec2-amis.nix
<Myrl-saki> Ah!
<Myrl-saki> 3 days ago.
<Myrl-saki> That's weird. When did I update lol
<Myrl-saki> Date: Sun Oct 14 10:26:38 2018 -0400
<Myrl-saki> I guess I updated just a day earlier than I should have. :P
<TweyII> srhb: It's true, but I don't usually put my source in a separate file
<TweyII> srhb: I guess I could do fromJSON '' … '' but that seems unpleasant
iyzsong has joined #nixos
pointfourone_ has left #nixos ["Leaving"]
Izorkin has joined #nixos
<srhb> TweyII: Putting it in a file allows you to just dump it by redirecting the output to a file, which is nice
<srhb> TweyII: Which in turn allows you to easily script updating the has/ref to the latest
<srhb> hash*
Izorkin has quit [Quit: ZNC 1.7.1 - https://znc.in]
Izorkin has joined #nixos
mayhewluke has quit [Ping timeout: 260 seconds]
iyzsong has quit [Ping timeout: 244 seconds]
mayhewluke has joined #nixos
<{^_^}> [nixpkgs] @volth opened pull request #48658 → nixos/sshd: restart on "sshd_config" change → https://git.io/fxVfr
kimat has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
kimat has quit [Client Quit]
kimat has joined #nixos
kimat has quit [Client Quit]
kimat has joined #nixos
nbardiuk has joined #nixos
nbardiuk has quit [Client Quit]
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
bandali has quit [Changing host]
bandali has joined #nixos
<jonge> hey there. i have a nix expression that _needs_ the certificate bundle because it operates a python app that uses liburl2. so i added SSL_CERT_FILE = "/etc/ssl/cert.pem"; to the derivation which makes it work on my mac. but this is of course not portable. what would be the portable way?
<srhb> jonge: Probably if system == .. then ... else ...
<srhb> I don't know of an attribute that captures this.
strobelight has quit [Ping timeout: 276 seconds]
<srhb> And I don't know of a portable way to detect it. Quite ugly...
<srhb> jonge: Discussion here might help a bit: https://github.com/NixOS/nixpkgs/issues/8247
<{^_^}> #8247 (by vcunat, 3 years ago, open): SSL certificates: figure out how libs/apps find them by default
<jonge> on nixos it's /etc/ssl/certs/ca-bundle.crt, but that is composed from the system's config's bundle composition, and i guess that is not available from a nix expression that is run e.g. on my hydra instance, right?
<srhb> jonge: Depends, but usually you're correct.
<{^_^}> [nixpkgs] @Mic92 merged pull request #48656 → bat: 0.7.1 -> 0.8.0 → https://git.io/fxadV
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxVTj
<{^_^}> [nixpkgs] @Mic92 pushed commit from @shreyanshk to release-18.09 « hugo: apply upstream patch to call rst2html directly on Nix »: https://git.io/fxVkB
hyper_ch2 has quit [Quit: Page closed]
<avn> jonge: use `SSL_CERT_FILE = ${pkgs.ca_cert}/etc/ssl/cert.pem` (Chek real package name and file path first. I don't remembe them exactly)
<azazel> is there an explanation of how callPackage function works somewhere? Like which arguments it can supply ...
patrl has joined #nixos
<{^_^}> [nixpkgs] @akru opened pull request #48659 → parity: 1.11.10 -> 2.0.8; parity-beta: 2.0.3 -> 2.1.3 → https://git.io/fxVIa
<srhb> azazel: There are multiple callPackages around the tree. The general paradigm is that they autofill arguments in the argset from the surrounding scope
<srhb> azazel: That is, pkgs.callPackage will autosupply any argument in an argset that is contained in pkgs
<srhb> azazel: haskellPackages.callPackage will autofill any argument that is in haskellPackages, etc.
<srhb> azazel: Perhaps I should say "containing attrset" rather than "scope"
<azazel> yes, i did a git grep "callPackage =" and I saw that there are a fair number of implementations....
<srhb> azazel: But basically, they ask for the name of every attribute in the function passed to them, and then they pass every attribute that is required by that function and is also in callPackage's attrset (pkgs, haskellPackages, ...)
<srhb> azazel: Essentially the intersection of the called function's arguments and the "sibling" attrs to callPackage :)
ent has quit [Ping timeout: 252 seconds]
ent has joined #nixos
revtintin has joined #nixos
<azazel> srhb: thanks... will the specialized versions fallback to a filling in like pkgs.callPackage does if nothing from their "scope" matches? will functions that take "simple args" like "stdenv: lib:" (instead of "{stdenv, lib}") will be filled in as well?
<joko> I am trying to use nix repl with a file and I get: error: cannot auto-call a function that has an argument without a default value, even if I use the --argstr flag, any idea what's wrong?
<srhb> azazel: I don't know whether any of them do that. it's easy to implement though.
<{^_^}> [nixpkgs] @NeQuissimus pushed 3 commits to master: https://git.io/fxVt7
<{^_^}> [nixpkgs] @NeQuissimus pushed 2 commits to release-18.03: https://git.io/fxVtF
<{^_^}> [nixpkgs] @NeQuissimus pushed 3 commits to release-18.09: https://git.io/fxVtb
reinzelmann has quit [Quit: Leaving]
<{^_^}> [nixpkgs] @lheckemann opened pull request #48660 → libssh: 0.7.6 -> 0.8.4 → https://git.io/fxVtj
random_yanek has quit [Ping timeout: 245 seconds]
random_yanek has joined #nixos
random_yanek has quit [Max SendQ exceeded]
Tucky has joined #nixos
iyzsong has joined #nixos
genesis has quit [Remote host closed the connection]
nD5Xjz_ has quit [Ping timeout: 272 seconds]
sir_guy_carleton has joined #nixos
hyper_ch2 has joined #nixos
robstr has joined #nixos
Izorkin has joined #nixos
<robstr> Hey, trying to build a custom vmdk but I'm not able to login.. https://gist.github.com/rsoeldner/c4c92fd0800903e9978c2d9a24c48da4 am I doing something entirely wrong ?
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
nD5Xjz has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
<makefu> robstr: isnt vmdk for vmware? you've imported virtualbox
<makefu> ah, you are converting
<sir_guy_carleton> so i want to change my current 18.03 install to 18.09 in place. is that recommended? also, are they any more steps beyond changing the channel and system.stateVersion?
<makefu> mhh, the vbox works?
<robstr> makefu: at least I'm able to boot this machone with virtualbox, but loggin in (ssh or direct) doesnt work
Izorkin has quit [Client Quit]
<makefu> sir_guy_carleton: you probably should not change stateVersion unless you do not care about migration issues
<makefu> robstr: ssh is running, right?
alex`` has quit [Ping timeout: 252 seconds]
alex`` has joined #nixos
<makefu> can you check with nmap?
patrl has quit [Ping timeout: 268 seconds]
<robstr> makefu: yes, and while this was not possible, i added `initialPassword = "bla"` and tried tirectly
<clever> joko: hydra needs a path to the json, to describe what nix file powers the jobset, and then that nix file generates more json (dynamically), to describe the jobset
<sir_guy_carleton> makefu: okay, thanks. i do plan on reinstalling the whole system, since i would like to get rid of windows from this machine
<{^_^}> [nixpkgs] @peti pushed 3 commits to haskell-updates: https://git.io/fxVY3
<joko> clever: got it, thanks ;)
random_yanek has joined #nixos
random_yanek has quit [Max SendQ exceeded]
<joko> Is it possible that hydra evaluates stuff in another way than the one of nix repl?
Izorkin has joined #nixos
<{^_^}> [nixpkgs] @baracoder opened pull request #48661 → nvidia_x11: 390.87 -> 410.66 → https://git.io/fxVY5
alex`` has quit [Ping timeout: 272 seconds]
Izorkin has quit [Client Quit]
sir_guy_carleton has quit [Quit: WeeChat 2.0]
alex`` has joined #nixos
effsquared has joined #nixos
<clever> joko: it evals with restricted mode on
<clever> joko: this replicates how hydra does an eval
<clever> no special system services required
<clever> bbl
<srhb> clever: Reminds me, how's the bors integration working out for you?
<srhb> Ah, later then
<srhb> :)
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/09195057114 (from 4 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
genesis has joined #nixos
<{^_^}> [nixpkgs] @cocreature opened pull request #48662 → btrbk: 0.26.1 -> 0.27.0 → https://git.io/fxVOi
strobelight has joined #nixos
<effsquared> Hi, I am currently trying to package the lenovo-throttling-fix, which comes with its own systemd service file. I installed it to $out/etc/systemd/system, but it is not available to me via systemctl. What is the right way to package a systemd service?
<srhb> EffSquared: It's not something we do much, instead relying on autogenerating them via the NixOS systemd module
<joko> EffSquared: try to add your packages to systemd.packages
<joko> your package *
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fxV3c
<effsquared> joko: So derivatives in general do not 'install' services?
<effsquared> joko: Or if I want to use a service of a derivative, I have to add it to my NixOS config?
Dedalo has joined #nixos
<effsquared> joko: I assume with autogeneration, you mean adding the service description to your nix config.
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<TweyII> srhb: That is true
<genesis> hi, i lose opengl working since i 've updated to jellyfish, /run/opengl-driver/lib/dri seems correct, any idea?
<TweyII> srhb: Nobody in nixpkgs seems to do that though :( Feels like I'd get things rejected
Izorkin has joined #nixos
<srhb> TweyII: nixpkgs is forbidden from doing IFD.
<srhb> TweyII: Is that what you're doing?
jasongrossman has joined #nixos
<TweyII> srhb: No, I'm not
<srhb> TweyII: For regular derivations, there's plenty of places that pull in deps from json if they're not easy to just define in-nix.
<TweyII> Fair. I guess I just haven't encountered one yet.
<srhb> But yeah, if you're trying to get out of a basic src blob, probably not. :)
<srhb> TweyII: find -name '*.json'
<TweyII> It would still be nice to have a --nix option to nix-prefetch-*
<TweyII> Or maybe there should just be a json2nix tool to pipe through, hm.
<srhb> Sure. You can easily write one using runCommand for instance.
<TweyII> Yeah.
random_yanek has joined #nixos
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « haskell-haddock-api: disable broken override »: https://git.io/fxVGT
jtojnar has quit [Ping timeout: 244 seconds]
<effsquared> @azazel: Indeed, that seems to be a basic version of the fix. I was aiming for this: https://github.com/erpalma/lenovo-throttling-fix
Izorkin has quit [Quit: ZNC 1.7.1 - https://znc.in]
Izorkin has joined #nixos
<effsquared> azazel: It is howeve the first time I have heard of the nixos-hardware channel
<teto> the doc of lib/fixed-points.nix:extends says "Modify the contents of an explicitly recursive attribute set in a way that"m how do I make the set "explicitly recursive" ? I do like recurseIntoAttrs ?
<joko> EffSquared: derivatives in general do not install systemd services globally, you have to expose them somehow
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
<joko> EffSquared: srhb mentioned autogeneration
Izorkin has quit [Client Quit]
<srhb> EffSquared: Here's a tiny module you can look at: nixpkgs/nixos/modules/services/ttys/gpm.nix -- scroll to the bottom (the config = ... bit) to see how a simple systemd service might be created using the systemd module. :)
<srhb> (Completely arbitrary example with not too many lines)
<Taneb> How likely is GHC 8.4.4 to be backported to nixpkgs 18.09?
<srhb> Taneb: Quite.
jtojnar has joined #nixos
patrl has joined #nixos
<__monty__> Would be pretty shocking if a month old distro wasn't updating a compiler with a major bug.
<srhb> __monty__: Are you talking about the enum bug? Is that not 8.6.x?
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
hyper_ch2 has quit [Ping timeout: 256 seconds]
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
<__monty__> Ah, I was. Thought this release was prompted by that. Looking at the release notes though, several serious bugs in `text` were fixed and a serious bug regarding LLVM code generation related to floating point expressions.
<__monty__> So I should have said s/a major bug/some serious bugs
<ivan> where does nixpkgs enable hash-based pycs for python?
<ivan> I ripgrepped everything I could think of
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
<srhb> __monty__: Right.. :)
<{^_^}> [nixpkgs] @jtojnar pushed 2 commits to gnome-3.30: https://git.io/fxVnd
<mkaito> can one read environment variables into nix variables, say, in shell.nix?
<srhb> mkaito: Yeah, builtins.getEnv
<mkaito> <3
<srhb> mkaito: Be mindful of impurities. :)
<mkaito> yep thanks
<TweyII> srhb: Enum bug?
leotaku has joined #nixos
<TweyII> Ooh, thanks
<TweyII> That's pretty nasty
lonokhov has quit [Quit: WeeChat 2.2]
pie_ has joined #nixos
hyper_ch2 has joined #nixos
<leotaku> Can anyone here tell me what the difference is between emacsPackagesGen/Ng/NgFor/NgGen?
<rawtaz> spelling, for sure
<rawtaz> but i have a tingling suspicion there's more to it
<leotaku> Most tutorials online seem to recommend using Melpa, should I just go with emacsMelpa then?
<infinisil> > viewSource emacsPackagesGen
<{^_^}> value is a function while a set was expected, at (string):182:32
<sphalerite> leotaku: emacsPackagesFor (emacsPackagesGen is an alias for it) is the function which, given an emacs, generates the legacy package set for it
<sphalerite> leotaku: emacsPackagesNg is probably what you want
Izorkin has joined #nixos
<sphalerite> leotaku: it includes all of melpa AFAIU
camsbury has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
haitlah has joined #nixos
haitlah has left #nixos [#nixos]
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
haitlah has joined #nixos
<haitlah> Heyaaa guys
sir_guy_carleton has joined #nixos
<haitlah> Trying to mess with NixOS again
<srhb> Careful, or NixOS will mess with you!
<haitlah> Any help would be appreciated. I would like to have a derivation which would be a postgresql database frozen
<haitlah> I mean having the DB right in the store
<haitlah> I managed to have my derivation working (having my postgres running inside my installPhase)
<haitlah> But my binary that populate the db needs access to internet
<haitlah> And fail miserably
<srhb> haitlah: Is the source file stable?
<srhb> As in, whatever it fetches from the internet.
<haitlah> srhb: What do you mean by stable
<srhb> haitlah: Whether you can fetch it in a way so that it's always bit-for-bit identical.
<srhb> haitlah: If so, you can just use the regular fetchers to get it.
<haitlah> Yup I could but the binary is defined by the parameters I give to the binary
<srhb> haitlah: Otherwise, you're not allowed to use the network (with sandboxing on, which I really caution against disabling)
<srhb> haitlah: Can't you use the regular fetchers and point your binary at the local artifact?
<haitlah> srhb: So the best practive would be to have a derivation of my zip and using it directly with the binary
<srhb> Yes.
<haitlah> srhb: the binary is locally saved yes
<haitlah> So I run my binary first and nix build after
<haitlah> Giving it the path
<haitlah> That is better ?
<haitlah> Btw why don't we have access to internet if the fetchers have
<adisbladis> haitlah: Because networking is an impurity, it would make every build possibly non-reproducible.
<haitlah> adisbladis: okay, so the fetchers have a restricted acces which is considered as deterministic thanks to the sha256 etc ?
<gchristensen> exactly. anything can have network access as long as it can tell Nix exactly what it will produce (by sha256 etc)
<adisbladis> haitlah: Yes. It's called a fixed-output derivation. The sha256 in the case of sources is the exact expected sha of the output
<haitlah> ok guys thanks again for your precious help like always
patrl has quit [Ping timeout: 250 seconds]
<{^_^}> [nixpkgs] @alyssais opened pull request #48664 → postgresql11: init at 11.0 → https://git.io/fxVWR
Izorkin has quit [Quit: ZNC 1.7.1 - https://znc.in]
<{^_^}> [nixpkgs] @zimbatm merged pull request #48650 → ruby: 2.3.7 -> 2.3.8, 2.4.4 -> 2.4.5, 2.5.1 -> 2.5.2 → https://git.io/fxa8h
<{^_^}> [nixpkgs] @zimbatm pushed 4 commits to master: https://git.io/fxVWu
Izorkin has joined #nixos
<sphalerite> haitlah: on-disk representation of the database is very likely to be non-deterministic, which isn't disallowed, but is undesirable
<sphalerite> haitlah: generating SQL deterministically as your output might be better
<sphalerite> up to you of course though :)
<{^_^}> [nixpkgs] @zimbatm pushed to release-18.09 « Merge pull request #48650 from marsam/feature/update-ruby »: https://git.io/fxVW9
<leotaku> sphalerite: What does "legacy package set" mean?
<sphalerite> leotaku: what we had before the auto-generated MELPA package set
<haitlah> sphalerite: the on-disk won't interfer with the store hash no ?
jperras has joined #nixos
<haitlah> sphalerite: I don't mind having some differents bits, the database is static and take some 30 mints to build, i'd like to have it stored for cross projects build in the CI
<gchristensen> haitlah: it won't, but it can be nice to be able to know your build is deterministic :)
<sphalerite> ^
<sphalerite> yeah it won't break anything, just that it's nice to be able to build the same thing in two places and get the same result
<haitlah> Well, then nixos is not deterministic at all since you don't write a same store twice in the same place in the disk
<sphalerite> since they're (hopefully) still semantically equivalent I suppose it's not that much of a worry with your thing
<haitlah> :trololol:
<sphalerite> haitlah: the files are the same though ;)(
<sphalerite> which is what matters
<sphalerite> well, actually not all of nixos is deterministic
<haitlah> Yeah I know you're right
<sphalerite> but we try :D
<haitlah> nixos is awesome
<haitlah> I believe in it
<haitlah> i will be helping when comfortable enough
<gchristensen> wonderful :D
jabranham has joined #nixos
iyzsong has quit [Ping timeout: 252 seconds]
<sir_guy_carleton> hmm, upgrading to jellyfish seems to have broken steam-run, saying it cannot find drivers, although steam itself runs fine
<sir_guy_carleton> http://termbin.com/fy5j
Izorkin has quit [Quit: ZNC 1.7.1 - https://znc.in]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
effsquared has quit [Ping timeout: 276 seconds]
Izorkin has quit [Client Quit]
Izorkin has joined #nixos
Izorkin has quit [Client Quit]
effsquared has joined #nixos
<__monty__> I remember something about steam-run for a day or two ago.
<hyper_ch2> if there were only log files of this channel...
<qyliss^work> sir_guy_carleton: Have you read https://nixos.wiki/wiki/Steam?
<qyliss^work> It mentions some stuff about drivers
<sir_guy_carleton> qyliss^work: i have; it was working perfectly until i upgraded
Izorkin has joined #nixos
<sir_guy_carleton> hyper_ch2: there are logs for channel, i will go look at them now
vaibhavsagar has joined #nixos
<{^_^}> [nixpkgs] @dtzWill opened pull request #48666 → nghttp2: 1.32.0 -> 1.34.0 → https://git.io/fxVBe
<rawtaz> hyper_ch2: there are, if you run a proper client and set up of your irc communication
<hyper_ch2> there's also logs of #nixos on the world wide intertubes
<rawtaz> yes, unfortunately.
<rawtaz> FWIW i have found steam-run in my logs for the channel two days ago
<tilpner> Botbot is shutting down, use https://logs.nix.samueldr.com/nixos/
<hyper_ch2> it is
<gchristensen> tilpner: they are?
<gchristensen> oh. hrm :(
<tilpner> The search never really worked for me, I prefer whitequarks version
sir_guy_carleton has quit [Quit: WeeChat 2.2]
<tilpner> (The one hosted at the location mentioned in the topic)
<rawtaz> "we have come to realize that publishing peoples conversations in rooms they explicitly chose to join is not the right thing to do, so we have decided to shut down the service." - nice!
<Cheery> I made a seal of quality for documentation: https://twitter.com/HenriTuhola/status/1052929730679361536
hyper_ch2 has quit [Quit: Page closed]
<Cheery> anyway the pills were better
<tilpner> :/
<rawtaz> were? i hope youre not saying that they're removed or will be removed
silver has joined #nixos
<rawtaz> pills is a really good concept :)
<{^_^}> [nixpkgs] @dtzWill opened pull request #48667 → linux-firmware: 2018-08-25 -> 2018-10-17 → https://git.io/fxVB5
<Cheery> since nix defines a language, where's the reference documentation?
<manveru> Cheery: it's part of the nix manual
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<Cheery> also, I get that the /nix/store contains scripts, and you got commands and things there.. for different builds
<Cheery> yet you don't have docs for those?
<Cheery> for ex. the autotools have been generalized.. I guesss. Also makefile builds
<gchristensen> those are part of Nixpkgs, not Nix
Acou_Bass has quit [Ping timeout: 268 seconds]
jabranham has joined #nixos
o1lo01ol1o has joined #nixos
<o1lo01ol1o> is there a canonical way / path for a "shared" folder? Ie, someplace to which I could point NIX_PATH in order to impurely provide some credentials to various users?
<Cheery> gchristensen: all right.. they seem to be there
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fxV0q
erasmas has joined #nixos
mayhewluke has quit [Ping timeout: 252 seconds]
mayhewluke has joined #nixos
justbeingglad has joined #nixos
justbeingglad has left #nixos [#nixos]
<catern> is it still possible to use a shell script to describe how to do remote builds?
<catern> Requiring that the build be orchestrated by ssh is... highly limiting
effsquared has quit [Ping timeout: 244 seconds]
Dedalo has quit [Quit: Textual IRC Client: www.textualapp.com]
<o1lo01ol1o> can someone remind me of the syntax to run something as a user?
tilpner has quit [Remote host closed the connection]
endformationage has joined #nixos
<brodul> Hi, I am debugging something
<sphalerite> catern: I don't think it is. You'd probably have to do a remote store implementation as a nix plugin. Or maaaaaybe you can do some trickery to make it talk to a "fake" daemon
effsquared has joined #nixos
<{^_^}> nix#2478 (by brodul, 3 days ago, open): Available packages empty (nix-env -qa is empty)
<sphalerite> catern: not sure either of those things would be much fun though
<brodul> can someone post me the content of ~/.nix-defexpr/channels/manifest.nix
<sphalerite> brodul: I think running `nix-channel --update` should fix it
johanot has quit [Quit: WeeChat 2.2]
<sphalerite> oh or maybe not…
<catern> Unrelated question, is there a way to do a nix-instantiate for nix-shell?
<brodul> sphalerite: tnx it worked I had to remove the ~/.nix-defexpr/
<catern> i.e. I want to see the low-level derivation needed to make a nix-shell, before actually building it
<brodul> logout login and update the channel
<sphalerite> \o/
<brodul> tnx
<sphalerite> catern: IN_NIX_SHELL=1 nix-instantiate shell.nix
amfl_ has joined #nixos
effsquared has quit [Ping timeout: 260 seconds]
<catern> sphalerite: waat
tilpner has joined #nixos
<{^_^}> [nixpkgs] @Mic92 merged pull request #48571 → Openafs security updates → https://git.io/fxzzv
<{^_^}> [nixpkgs] @Mic92 pushed 5 commits to master: https://git.io/fxVuN
<catern> sphalerite: how does that make sense? :)
<sphalerite> catern: the IN_NIX_SHELL env var is the only difference when evaluating for a build vs evaluating for a shell
<{^_^}> [nixpkgs] @roconnor merged pull request #48644 → trezord: 2.0.19 -> 2.0.24 → https://git.io/fxakj
<{^_^}> [nixpkgs] @roconnor pushed 2 commits to master: https://git.io/fxVzJ
Ariakenom has quit [Ping timeout: 252 seconds]
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « haskell-texmath: drop obsolete override »: https://git.io/fxVzt
<sphalerite> catern: usually just nix-instantiate shell.nix is enough, but some stuff nastily uses IN_NIX_SHELL (often through lib.inNixShell)
<catern> sphalerite: I think you misunderstand what I'm asking
amfl has quit [Ping timeout: 246 seconds]
<catern> when I run "nix-shell" on a normal derivation, I get output which is different from running "nix-build"
TweyII has quit [Ping timeout: 272 seconds]
<catern> specifically I get put into a shell is the most obvious different, but also the build isn't actually run :)
<catern> I assume that shell's environment is built up through a Nix expression right?
sir_guy_carleton has joined #nixos
<catern> in which case, how do I run nix-instantiate on the Nix expression that builds up the environment for the shell which is run by nix-shell?
<sphalerite> catern: yes, but that expression isn't any different from the one that gets built
<sphalerite> catern: i.e. if you do nix-shell '<nixpkgs>' -A hello it's literlaly just the env vars from the hello derivation that get used
<catern> sphalerite: yes, but nix-shell must be doing something additional to the expression
<catern> i.e. nix-shell can't just be running nix-instantiate or nix-build on that expression
<catern> ok let me be more concrete
<sphalerite> it realises all the drv's dependencies and spawns a shell whose environment contains all the variables defined by the drv
<catern> a file called "with import <nixpkgs> {}; stdenv.mkDerivation { name = "foo"; buildInputs = [ patchelf ];"
<sphalerite> s/called/with the contents/ I presume
<catern> urgh: with import <nixpkgs> {}; stdenv.mkDerivation { name = "foo"; buildInputs = [ patchelf ]; }
<catern> in package.nix
<catern> I run "IN_NIX_SHELL=1 nix-instantiate package.nix", then nix-build on the output
TweyII has joined #nixos
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<catern> I get a build failure because I didn't specify src
<catern> I run nix-shell package.nix
<catern> I successfully enter a shell containing the variables for that drv
<catern> 1: Is it true that this shell is built using a Nix expression? 2: How do I get the Nix expression describing that shell?
<catern> The Nix expression describing that shell can't be exactly the same as what's in package.nix, because package.nix fails to build - it must be some additional processing over package.nix
<sphalerite> no it literally just looks at the drv, realises all the dependencies, and spawns bash with some extra rc stuff
<catern> Oh :(
<sphalerite> the drv never gets built for nix-shell
<catern> Where does this extra rc come from?
<catern> I know that this stuff is package-dependent because, for example, Python packages run python setup.py develop
cmacrae has quit [Remote host closed the connection]
<catern> So it must be doing more than just "nix-instantiate package.nix; look at the low level derivation and iterate over all the inputs and realise them all; put them all in the environment"
<sphalerite> in this case it'll be the shellHook defined by the python stuff
<sphalerite> oh yeah and the hardcoded stdenv setup
<sphalerite> 🙈
<catern> wow it is actually just doing that :(
<catern> Disappointing :)
<catern> Wouldn't it be more principled to build a derivation on the fly describing the shell?
<catern> I think that would be more flexible...
<sphalerite> yeah. You could even implement it on top of nix
<catern> like, maybe nix-shell could then just build "(expression).shell"
<sphalerite> nix-shell-ng
<catern> and then source the contents
<catern> (or execute the contents I guess)
<catern> I guess at some point of genericness it becomes "nix run, but it also knows how to run what you built"
<Cheery> mm.. I was thinking about one thing. If I need to get custom builds or custom config for the system, and it happens to fit into the /nix/store -thing.. I can?
<Cheery> it felt like packaging of stuff didn't need to be shared, when I tried this.
<{^_^}> [nixpkgs] @mhusnulwardi opened pull request #48669 → README.md → https://git.io/fxVav
waleee has joined #nixos
__Sander__ has quit [Quit: Konversation terminated!]
sir_guy_carleton has quit [Quit: WeeChat 2.2]
emily has joined #nixos
drakonis1 has joined #nixos
<o1lo01ol1o> I need to test the ssh capabilities of a user. How can I ssh as that user?
<{^_^}> [nixpkgs] @dtzWill opened pull request #48670 → radiotray-ng: 0.2.3 -> 0.2.4 → https://git.io/fxVV9
<bpye> Hey, how well is ZFS encryption working for those here using it? (if anyone?)
<sphalerit> hyper_ch uses it and enjoys it
Dedalo has joined #nixos
trevorriles has joined #nixos
<bpye> Installing NixOS on my NAS, currently I use ZFS with no encryption however given that encryption is now an option tempted to give it a go
<hyper_ch> bpye: sphalerit: doesn't everyone use it?
Itkovian has joined #nixos
<hyper_ch> bpye: there's a good article in the wiki, even with remote unlocking
<bpye> hyper_ch: Heh, NixOS is still the only OS (I guess Arch?) that packages it as far as I am aware
<bpye> Yeah I saw that
<bpye> Kept trying to setup Ansible to be idempotent but realised Nix was probably closer to what I wanted
<hyper_ch> I use it now on my office server, home server, notebook, 2 remote vpn servers
<makefu> zfs is extremely stream-lined and easy to use under nixos
<hyper_ch> the only thing is to make sure to use legacy as mountpoint and define them in the hardwareconfiguration.nix
<bpye> Got it
<bpye> Also wondering, is there a mechanism for building a NixOS image for use in say, a VM?
<hyper_ch> bpye: you can build your custom nixos-iso (e.g. with integrated zfs support) and you can also make use of clever's kexec
<hyper_ch> and kexec can be used if you use got a remote dedi server or vm with pre-installed iso and can't easily load your custom iso for installation: https://nixos.wiki/wiki/Install_NixOS_on_a_Server_With_a_Different_Filesystem
<hyper_ch> basically you build a "not so small" ramdisk, copy it to the server and tell server to reboot with that ramdisk
<sphalerite> bpye: yes, nixos has support for building a few kinds of VM image
<sphalerite> also CD images
Synthetica has quit [Quit: Connection closed for inactivity]
bohadi has joined #nixos
<hyper_ch> nixops seems also very nice but I've never used it
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVrr
haitlah has quit [Remote host closed the connection]
<bpye> I would like to use NixOps but I think I'll settle for just getting NixOS installed first as my first target is just my home server
<sphalerite> bpye: it generally has the ability to build disk images, and by the looks of it there are specific modules for buildign images suitable for deployment to azure, brightbox, ec2, GCE, parallels, qemu (this one definitely works well), virtualbox, vmware and xen
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<bpye> sphalerite: Are there docs for that? I would be interested to try and build a suitable image for the DigitalOcean custom images feature...
<sphalerite> bpye: #39076
<{^_^}> https://github.com/NixOS/nixpkgs/issues/39076 (by wmertens, 26 weeks ago, open): Support user-data in minimal ISO image (Was: Add cloud-init service to minimal ISO)
<bpye> Yep, that would do it
Itkovian has quit [Read error: Connection reset by peer]
<Cheery> actually.. I think I say that I like this.
<bpye> Although with DigitalOcean it is possible to avoid cloud-init and just pull from their metadata service, it's straight forward enough and has endpoints that will provide you hostname and ssh public keys and such seperately
<Cheery> it's not entirely like it should be, but it's toward a better direction
<Cheery> and it's clear when I tried it. The thing just pumped itself up. inflated up like a balloon
<Cheery> instead of inflating up like a corpse and then deflating.
<Cheery> which means that it probably takes less effort to maintain this system.
Ariakenom has joined #nixos
orivej has quit [Ping timeout: 272 seconds]
<Cheery> there was a guy badmouthing nix, but he proposed funtoo as a substitute, then I checked what funtoo is
<catern> sphalerite: btw about build hooks, so you said the build hook mechanism is removed, should this be closed then? https://github.com/NixOS/nix/issues/1221
<{^_^}> nix#1221 (by edolstra, 1 year ago, open): Remove the build hook mechanism
mmercier has quit [Quit: mmercier]
TweyIII has joined #nixos
<sphalerite> catern: actually no, the build hook mechanism is still there
<sphalerite> it's just not necessary for plain distributed builds anymore, because of the ssh-ng store
<catern> huh, but then how does one actually hook into it?
<catern> NIX_BUILD_HOOK has been removed from the nix source
<sphalerite> using the build-hook setting
<sphalerite> in nix.conf or on the command line
<sphalerite> by the looks of it.
<catern> aha, I see, thank you
* sphalerite needs to reduce the frequency of punctuation newlines
<sphalerite> don't want to get Sigyn'd!
<hyper_ch> I didn't know there was a shortage of newlines
TweyII has quit [Ping timeout: 272 seconds]
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxV6Y
judson has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @dtzWill opened pull request #48671 → imlib2: 1.5.0 -> 1.5.1 → https://git.io/fxV64
<drakonis1> someone suggested funtoo over nix?
<drakonis1> hmm wow
<{^_^}> [nixpkgs] @Ericson2314 merged pull request #45328 → [WIP] xorg: allow overriding via overrideScope → https://git.io/fAvG5
<{^_^}> [nixpkgs] @Ericson2314 pushed 8 commits to master: https://git.io/fxV6D
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxV6H
<{^_^}> [nixpkgs] @dtzWill opened pull request #48672 → w3m: 20161120 -> 20180125 → https://git.io/fxVis
<{^_^}> [nixpkgs] @Ericson2314 opened pull request #48673 → xorg: allow overriding via overrideScope' for 18.09 → https://git.io/fxVia
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVPJ
<o1lo01ol1o> okay: nix-build (...): Can't open user config file /root/.ssh/config: No such file or directory. however, /root/.ssh/* is -rw-r--r-- and StrictHostKeyChecking=no in the config. Why can't that directory be found by whatever is running the build?
<cransom> sandbox.
<o1lo01ol1o> am I in sandbox? nix-info: system: "x86_64-linux", multi-user?: yes, version: nix-env (Nix) 2.1.3, channels(root): "nixos-18.09-18.09.892.c06f5302f63, nixpkgs-19.03pre155263.20c4986c4dd", nixpkgs: /root/.nix-defexpr/channels/nixpkgs
<o1lo01ol1o> and NIX_PATH includes ssh-config-file=/root/.ssh/config
<cransom> `nix show-config | grep sandbox`
<o1lo01ol1o> ahhh, yes, i am in sandbox!
<o1lo01ol1o> so how can I get that ssh config to whatever needs it?
<o1lo01ol1o> cransom: is that possible?
<cransom> you'll have to turn it off. especially if your derivation is trying to ssh somewhere.
<o1lo01ol1o> are there major effects of that? like will hydra become super complex?
Acou_Bass has joined #nixos
<cransom> you technically lose purity enforcement since jobs can get to pays outside of the store
<o1lo01ol1o> right, ok.
<cransom> s/pays/paths/
<o1lo01ol1o> so if I pass --no-sandbox to build I get : Can't open user config file /root/.ssh/config: Permission denied
<o1lo01ol1o> and if I chmod 777 on that directory it's still denied.
<o1lo01ol1o> cransom: should I symlink those keys somewhere? I thought they could be world readable (644)?
<o1lo01ol1o> or can they not be owned by root slash in /root ?
elgoosy has joined #nixos
effsquared has joined #nixos
<cransom> can non root users even look at files in ~root?
<o1lo01ol1o> well, is there a good "shared" - ish place to put them?
<cransom> the store.
Thra11 has joined #nixos
<o1lo01ol1o> lol, i guess that should be obvious, how would one do taht?
effsquared has quit [Remote host closed the connection]
effsquared has joined #nixos
lostman has quit [Quit: Connection closed for inactivity]
<eacameron> Does --builders not work for configuring remote builders on macOS anymore?
<eacameron> It used to work but after using newer install of nix on macos it's like nix-build completely ignores it.
<catern> are there any standard techniques for speeding up nix-instantiate? I have a large number of nix files which I want to run instantiate on
<catern> they all should use the same copy of Nixpkgs
<catern> do I have to just, generate a file importing them all into a set and then instantiate that?
<catern> or importing them all into a list I guess is neater
<catern> also, is there a way to do nix-instantiate specifying a store URL?
TweyIV has joined #nixos
sigmundv__ has quit [Ping timeout: 272 seconds]
<sphalerite> catern: nix-instantiate --store foo
<sphalerite> catern: note that instantiating with remote stores is horrendously slow, since it goes through the connection's latency for each individual drv
<sphalerite> if you're instantiating the whole of nixos for example, it's no fun at all
TweyIII has quit [Ping timeout: 272 seconds]
<sphalerite> catern: but yes, putting everything in one file ought to improve evaluation performance by making use of the import cache
<catern> hmm I see, I don't know if I can avoid instantiating with a remote store here
<catern> I don't see why nix-instantiate needs to go to the remote store for every single drv - you mean every single drv in the expression tree right?
<catern> like, if the top-level high-level-derivation evalutes to low level derivation X, and derivation X is in the remote store, shouldn't there be only a single round trip to check that X is in the remote store?
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVyd
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fxVyh
grokkingStuff has joined #nixos
reinzelmann has joined #nixos
<grokkingStuff> So I'm trying to install NixOS on my surface pro using the livecd. Keep getting issues regarding the creation of symlinks and chmodding it isn't a permitted operation
<grokkingStuff> Which channel do I go to?
<catern> sphalerite: oh argh I see now, from reading the thesis it's clear that given the evaluation model of Nix, instantiate's side effect of putting things in the store, happens from the "bottom up", not from the top-level expression down
<sphalerit> catern: yep because everything about the inputs needs to be known to compute the drv hash
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxV9v
<catern> sphalerit: yes, but the side effect of checking the Nix store could be done lazily
<catern> er, the side effect of putting the low level derivation in the Nix store, I mean
<jluttine> anyone using zsh-prezto in nixos? i'm wondering how to install it.. i did "nix-shell -p zsh-prezto" but there's no zsh available.. how to start using it?
<catern> i.e. it could be delayed until the actual Nix evaluation (which is cheap) was completely finished
<catern> then you'd save a bunch of time because you wouldn't have to put things in the store if they were already there
<{^_^}> [nixpkgs] @Mic92 pushed 4 commits to release-18.09: https://git.io/fxV9m
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxV93
<catern> hmm, which raises the question: is there a way to do a "pure" nix-instantiate which does not actually touch the store?
<catern> but *does* "instantiate" low level derivations into their true form - just doesn't put them into the store
<sphalerit> catern: oh yeah true
sir_guy_carleton has joined #nixos
<sphalerit> catern: ought to be possible! Though I don't think there's any existing code for it
<catern> I wonder how much of a speedup for general evaluation speed that would give?
<grokkingStuff> hey guys, is there a channel to help noobs install nixos?
<catern> hm actually, here's an even more direct concept
<catern> instead of using a remote store, just run nix-instantiate with a store in ~/mynix or whatever - a local filesystem store owned by you - and then as a followup do a nix-copy to the remote store
<{^_^}> [nixpkgs] @veprbl opened pull request #48674 → MCFM: init at 8.2 → https://git.io/fxV9S
<catern> and then that suggests a further optimization: an "in-memory store" which is only dumped to disk as a single-file at the end of evaluation
<sir_guy_carleton> grokkingStuff: i think this is it, unless i'm mistaken
Itkovian has joined #nixos
<{^_^}> [nixpkgs] @Mic92 merged pull request #48645 → hcloud: 1.6.1 -> 1.9.1 → https://git.io/fxamu
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxV9h
<grokkingStuff> awesome, so i'm in the right place
<catern> if you did nix-instantiate with an in-memory store which was dumped to disk at the ened (or probably to stdout or whatever), and then nix copy'd that to your real store, I think that might have a speedup
TweyIV has quit [Ping timeout: 252 seconds]
<bgamari_> gchristensen, does Nix use Packet.net iSCSI block storage service?
<gchristensen> bgamari_: I don't know if anyone has used iSCSI block storage on Packet with NixOS... are you in need? if yes, we could PM.
<bgamari_> gchristensen, indeed I am
<clever> ive also done iscsi locally
<gchristensen> clever: can you send me info about that?
<clever> one sec
jabranham has joined #nixos
<gchristensen> nice
<clever> gchristensen: this pre-dates the proper network support in the initrd, and will connect the block device on bootup
<clever> and this runs iscsid after bootup
<clever> i believe that daemon is responsible for handling reconnects
<hodapp> initrd? there's a term I rarely see anymore
<betaboon> infinisil: remember my question yesterday about automatically assigning ports to services within a range?i tried to adopt your suggestions. which somewhat works. but ofc i cant access those assigned ports from anywhere else. any suggestions ?
pie_ has quit [Read error: Connection reset by peer]
<clever> gchristensen: i was also using sanboot in ipxe, to perform a legacy boot against the MBR of an iscsi device
pie__ has joined #nixos
<clever> gchristensen: and ipxe rewrites the legacy bios api, so when grub tries to read the "local" hdd, iscsi is used instead
<clever> so grub doesnt even know its a network boot situation
<gchristensen> this is great, thank you
<clever> iscsistart is a special staticly linked binary, that deals with connecting the kernel module, without a long-term daemon
<clever> i initially wrote that for my rpi's because of nfs trouble, and /boot was on the SD card
<clever> and i later ported it to my laptop, which had grub in the MBR of the iscsi device, and nixos made it trivial to apply the same module to an entirely different arch
<infinisil> betaboon: If you have this port option declared as a nixos option it should be accessible from elsewhere via the `config` argument
patrl has joined #nixos
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @Mic92 merged pull request #48653 → why3: 1.0.0 -> 1.1.0 → https://git.io/fxaoz
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxVQ4
bohadi has quit [Quit: WeeChat 2.2]
trevorriles has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
vaibhavsagar has quit [Read error: Connection reset by peer]
vaibhavsagar has joined #nixos
<drakonis1> okay so, i need to upgrade the system packages
<drakonis1> i can only do that with a rebuild right?
<o1lo01ol1o> what's the system default NIX_PATH value?
<drakonis1> gotta enable the nvidia beta drivers
<aleph-> So was just curious is there any way to run bundix in a derivation and then import it? So I can import my gems, run bundix and create my gemdir and then set my gemdir in the next step when actually packaging my ruby app?
<sir_guy_carleton> in the steam-run fhs, where are dri libraries?
<bgamari_> it would be nice if there were a convenient way to temporarily disable ACME
<bgamari_> and rather just use a self-signed certificate in its place
<bgamari_> for, e.g., a staging server
<betaboon> infinisil: i guess I'm missing a critical piece in my head. this is what i got: https://gist.github.com/betaboon/1d97b72fae8a97cf1270347d8e50074d
<infinisil> betaboon: Wait, what's your goal?
<infinisil> Ah, um
<betaboon> infinisil: to be able to configure stuff like in the configuration.nix in that gist
* infinisil thinks
<aleph-> bgamari_: Could just use the acme staging server.
<{^_^}> [nixpkgs] @veprbl opened pull request #48675 → xfitter: runtime fixes → https://git.io/fxV7b
<betaboon> kalbasit[m]: are you refering to the possibility of defining modules yourself?
<kalbasit[m]> betaboon: yes
<kalbasit[m]> if you look under modules in my repo. Both nixos and home are defined as modules controlled by the config.mine options
<betaboon> kalbasit[m]: I'm talking about the following scenario: i have a module which allows enabling N services. i want those N services to have unique ports assigned.
amfl_ has quit [Quit: WeeChat 1.6]
<infinisil> Actually this port assigning might be a bit more trouble
<infinisil> I'm thinking of infinite recursion
amfl has joined #nixos
<betaboon> infinisil: yeah that's somewhat my feeling as well
<kalbasit[m]> betaboon: oh. something like automatic ports assignment?
<betaboon> kalbasit[m]: correct
<kalbasit[m]> betaboon: not sure if that's doable or even good to do. I would just write an assertion on the config to make sure the ports are unique so the build would fail if the ports conflict
<betaboon> infinisil: as long as i don't have to access those assigned port from outside my module your proposed solution works fine
<infinisil> So the real problem here is: Assigning different port for each service is a stateful action, but the NixOS module system doesn't have anything to handle state
<infinisil> And everything that tries to work around this might give infinite recursion
<sphalerite> infinisil: what about a system like the uid/gid mapping?
<infinisil> sphalerite: Yeah that would work, but then it's not automatic anymore
<clever> systemd is already able to auto-generate a uid for services, which it will destroy at service shutdown
<sphalerite> infinisil: I bet systemd has a feature for it! :p
<infinisil> Oh, the ports need to be static though
<infinisil> not at runtime
<infinisil> at NixOS eval time
<betaboon> yep. they need to be static at eval-time
<infinisil> Something that would work is
<clever> you could have a list like config.portmappings = [ foo ];
<infinisil> Declare your services outside the module system and import them all at once while assigning ports to them
<clever> and then at some point in the eval, you iterate over the list, and give each a unique number, based on what else is in the config
<clever> and let lazyness figure it out
<betaboon> clever sphalerite you could take a look at the gist i posted. that demonstrates what i am trying to achieve
elgoosy has quit [Remote host closed the connection]
rmra has joined #nixos
<infinisil> betaboon: My suggestion is: Go for the out-of-module-system thing. Has a bit less flexibility, but it might be the only way
<betaboon> infinisil: i guess that will not work in my situation as i am actually in the following situation: i have N services and M hosts, each of those host might run any combination of services.
patrl has quit [Ping timeout: 252 seconds]
<betaboon> infinisil: and yeah currently N <= 50 M<=100. so it might work. but there is a point where it doesnt
<infinisil> Ohh I might have the solution
<sir_guy_carleton> hmm, it looks like my copy of steam-run isn't properly linking to the libraries, even though it is in steam-run-fhs in the nix store, any ideas on what is happening?
mayhewluke has quit [Ping timeout: 245 seconds]
<infinisil> betaboon: `mkOption { ...; apply = merged: <transformation that assigns ports for services whose port is null>; }`
<gchristensen> clever: multipathd is segfaulting :(
<gchristensen> but it doens't even realize it until I ctrl-c it
<infinisil> betaboon: `apply` is a function that gets applied to the result after merging, but before it appears in the final `config`
mayhewluke has joined #nixos
<aminechikhaoui> Hi, I was trying to use a 32 bit javaws from the pkgsi686Linux.ipmiview pkg but not sure why ldd shows a missing libX11 lib eventhough I can see it's in the RPATH
<infinisil> betaboon: So you combine that with `port = mkOption { type = types.nullOr types.ints.u16; }` and bam, it might just work
<bgamari_> aleph-, ahh, great point
<betaboon> infinisil: just looking in nixpkgs for usages of apply
<clever> gchristensen: what was multipathd for?
<betaboon> infinisil: you might be up to something
<clever> aminechikhaoui: is the entry in rpath 32 or 64bit?
<gchristensen> clever: I think it manages different paths to the data store.
<clever> gchristensen: i never used that, just a single ip:port in my setup
<aminechikhaoui> clever: yeah seems so
<aminechikhaoui> I mean it's 32 bit
<betaboon> infinisil: are you suggesting to add that at the options.mymodule.services-level ?
<gchristensen> yeah, I think I need it here
<drakonis1> https://discourse.nixos.org/t/installing-nvidia-vulkan-drivers-instead-of-default-nvidia/1164/ i looked into this thread for a solution but it doesn't seem like it works?
<infinisil> betaboon: `options.mymodule.services = mkOption { apply = ...; `
<gchristensen> [1302470.199503] multipathd[3280]: segfault at 1c00001 ip 00007f1ae01b7476 sp 00007ffcceb3b870 error 4 in libmultipath.so.0[7f1ae01a2000+43000]
endformationage has quit [Ping timeout: 268 seconds]
<betaboon> infinisil: lemme try
<drakonis1> i set my video driver to nvidiaBeta then tried a rebuild but then it didn't work
* infinisil is 99% sure that's gonna work
<drakonis1> the module wasn't rebuilt
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxVdh
<{^_^}> [nixpkgs] @Mic92 merged pull request #48580 → cquery: 2018-08-08 -> 2018-10-14 (llvm6 -> llvm7) → https://git.io/fxzys
<clever> gchristensen: try getting a backtrace
sigmundv has joined #nixos
<aminechikhaoui> clever: oh actually seems like getting pkgsi686Linux.ipmiview doesn't actually get the 32 bit binaries
<aminechikhaoui> as the pkg is pulling the binaries from elsewhere and applying patchelf to them
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVF8
<clever> aminechikhaoui: the package should have an assert in it then, to refuse to build in 32bit mode
<sphalerite> clever: noooo not assert!
<sphalerite> meta.platforms!
<clever> both i feel
<clever> some people flip on enablebroken to bypass platforms
<clever> it doesnt even have a platforms entry!
<clever> it could try building on darwin!!
<sphalerite> nowadays it's allowUnsupportedSystem. And sure they do, but that's their fault
<sphalerite> allow broken stuff, get broken stuff.
<clever> ftp://ftp.supermicro.com/utility/IPMIView/Linux/
<clever> i also see 2 tars in this folder, one 64bit, the other "not 64bit"
<clever> aminechikhaoui: perhaps you can just fix 32bit support?
<aminechikhaoui> oh sweet
<aminechikhaoui> will try that
<clever> and also ensure the meta.platforms only supports linux, so it wont try to build on mac
Dedalo has quit [Quit: Textual IRC Client: www.textualapp.com]
<betaboon> infinisil: ... and ... drumroll ... you're a genius :D
<infinisil> \o/
<betaboon> infinisil: does that look correct to you ?
<infinisil> betaboon: Although, I'm wondering why it doesn't give an error because you didn't set any port to begin with (not even a default)
<betaboon> infinisil: on line 16 the default port is defined
<betaboon> (which in my real module will ofc be configurable)
<infinisil> Hehe you just changed the gist
<infinisil> But it's on line 9?
<infinisil> `default = null;`
<betaboon> infinisil: just fixed it. saw that i forgot to change that in the gist.
robstr has quit [Ping timeout: 256 seconds]
<betaboon> infinisil: yes.
<betaboon> that's pretty much exactly like i wanted it :D
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVbD
kreisys has quit [Quit: Textual IRC Client: www.textualapp.com]
elgoosy has joined #nixos
trevorriles has joined #nixos
<betaboon> TIL: about the apply-function of mkOption :D thanks infinisil
<{^_^}> [cabal2nix] @peti pushed to master « stack: choose production build flags for this package »: https://git.io/fxVAv
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fxVAs
chreekat has joined #nixos
kiloreux__ has joined #nixos
<infinisil> Glad I could help :)
<infinisil> That's probably the most legitimate usage for apply I've ever seen
<betaboon> infinisil: knowing about that makes alot of things way nices. eg assigning a stateDir based on the service within a defined directory
plakband has joined #nixos
<infinisil> That however is probably better solved without apply
<betaboon> infinisil: how come ?
<infinisil> But rather with a `config` section (in the submodule) where you set an option based on another one
kiloreux_ has quit [Ping timeout: 252 seconds]
<infinisil> The reason we needed apply is because it needs to get the view of all the submodule attrs at once and the decision for each of them could depend on each other.
<plakband> My spotify has been broken since 18.09, giving a missing "swrast_dri.so" error. Has anybody else run into this and solved it? It doesn't appear to be fixed by enabling opengl.driSupport32bit or adding a mesa package.
<infinisil> But just a single option in a submodule that depends on another option in the submodule doesn't need that
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/2f82603dbdc (from 5 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
<infinisil> The disadvantage of using apply is that you have no idea what the defaults are (and it indeed doesn't make any sense to have a default in your case)
<infinisil> You don't have that disadvantage if you use a config section with mkDefault
elgoosy has quit [Read error: Connection reset by peer]
<infinisil> So I encourage to use that wherever possible
JosW has joined #nixos
<infinisil> And only use apply where you have a scenario such as the port one
<betaboon> infinisil: I'm thinking about this case: define a base directory on the module-level (eg /var/lib/mymodule) which gets extended based on the service-name (eg /var/lib/mymodule/service1) while keeping the possibility of the directory being explicitly assigned for specific services (eg mymodule.datawhore.stateDir = /mnt/verybigdisk) !?
<infinisil> Yeah that's totally possible without apply
elgoosy has joined #nixos
<infinisil> betaboon: `types.submodule ({ name, ... }: { ... })` will result in name being the name of the attribute of the service
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVxW
<betaboon> infinisil: was just about to ask exactly that :D
robstr has joined #nixos
<betaboon> infinisil: what would be your opinion on the following case: have an option `openFirewall` on the module and the service-level, where the service-level takes precedency?
<infinisil> plakband: No idea, can you add a new issue? ( https://github.com/NixOS/nixpkgs/issues/new ) NixGL could solve that for now, probably https://github.com/guibou/nixGL
<{^_^}> [nixpkgs] @costrouc opened pull request #48676 → pythonPackages.numpy: refactor adding mkl support → https://git.io/fxVxD
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « ghc-8.6.x: update overrides »: https://git.io/fxVx7
<infinisil> betaboon: Can be implemented either by having a default value `null` on the service-level signify an unset value, or some fancy module level things
<infinisil> (no need to use apply for that though, if you're asking because of that)
<betaboon> yeah that was the intention of the question
<infinisil> firewall.allowedTCPPorts = map (s: if isNull s.openFirewall then cfg.openFirewall else s.openFirewall) config.mymodule.services;
<betaboon> but yeah. no need for apply as there would be no need to get the effective value of that option somewhere else, other from the implementation of the module itsel, right ?
<infinisil> firewall.allowedTCPPorts = map (s: if isNull s.openFirewall then cfg.openFirewall else s.openFirewall) (attrValues config.mymodule.services);
<plakband> infinisil: thanks, I'll open an issue
<infinisil> betaboon: Yeah something like that
goibhniu has quit [Ping timeout: 272 seconds]
<betaboon> infinisil: thank you very much for the insight :)
<infinisil> :)
sauyon has joined #nixos
Thra11 has quit [Ping timeout: 250 seconds]
<robstr> Hey, I'm using `builtins.fetchGit`, is there a common way to add `callPackage` to a specific file inside the result ? I'm building a vm and want to add the derivation of a repository, not the content
<gchristensen> let mything = builtins.fetchGit; in pkgs.callPackage "${mything}/foo.nix" {}...sure
<sauyon> would it be possible to somehow prevent applications compiled with fdr as a dependency from using the library shipped with fdr? Its libstdc++ doesn't have CXXABI_1.3.9.
<clever> robstr: callPackage ("${builtins.fetchGit {...}}/foo.nix") {}
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/09195057114 (from 10 hours ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
<robstr> clever: is this the common way, looks strange :P
<{^_^}> [nixpkgs] @Infinisil merged pull request #48619 → Update bcachefs (cherry pick for 18.09) → https://git.io/fx2kV
<{^_^}> [nixpkgs] @Infinisil pushed 3 commits to release-18.09: https://git.io/fxVpH
<clever> robstr: fairly common
plakband has quit [Quit: WeeChat 2.2]
<gchristensen> it would be strange to embed the fetchGit directly in the string
<infinisil> sauyon: Overlays can override something for everything else
<robstr> gchristensen: you mean like it is done in the example from clever ?
grumble has quit [Quit: Didn't like XP. Going back to Win 2k for my IRC VM. It's bigger, it's bolder, it's rougher, it's tougher. In other words, sucker, there is no other!]
<gchristensen> yeah, but see my message before
<infinisil> sauyon: So e.g. if you set `fdr = null;` everything using fdr would fail to build, transitively
<robstr> gchristensen: whup haven't seen it thanks
boogiewoogie has joined #nixos
<sauyon> I'm actually trying to use the fdr library, and kind of hoping that the new libstdc++ is ABI-compatible
<infinisil> sauyon: I'm not sure I understand the library problem, what exactly is the problem?
<sauyon> ./blah ... /nix/store/...fdr-4.2.3/lib/libstdc++...: version: 'CXXABI_1.3.9' not found
<sauyon> linker is linking against the libstdc++ included with the fdr package
grumble has joined #nixos
grokkingStuff has quit [Quit: grokkingStuff]
<sauyon> I could probably go into the gcc wrapper and manually move around linker flags but that seems like a poor way to do it
boogiewoogie has quit [Quit: Leaving]
justbeingglad has joined #nixos
justbeingglad has left #nixos [#nixos]
FRidh has quit [Quit: Konversation terminated!]
<robstr> gchristensen: Does it make a difference if i write it like this https://gist.github.com/rsoeldner/aa7e917a38e7a63aafa62eb5a0e6601b ? or should i nest it ?
MP2E has joined #nixos
<Izorkin> How to replace variant - ++ optional disableIPv6 [ --disable-ipv6 ]; to new variant with stdenv.lib.enableFeature
Aerobit has joined #nixos
<Aerobit> hey all! i'm having a hard time writing a derivation for an open-source package. it has an AUR PKGBUILD, which I'm trying to use for reference, but I'm not quite sure where files should go with nix - binaries go in $out/bin, but what about .desktop files and things in /share?
<infinisil> sauyon: Hmm not sure, but if you know how to override it to fix it, then an overlay will work
<infinisil> Izorkin: Read the docs to enableFeature
<{^_^}> [nixpkgs] @Izorkin opened pull request #48678 → znc: add option to enable unicode support → https://git.io/fxVjV
chreekat has quit [Ping timeout: 245 seconds]
duncan^ has quit [Quit: Hwyl fawr, fy nghariad]
<{^_^}> Channel nixos-18.09 advanced to https://github.com/NixOS/nixpkgs/commit/09195057114 (from 11 hours ago, history: https://channels.nix.gsc.io/nixos-18.09)
lawlesseel has joined #nixos
<infinisil> Aerobit: .desktop files go into $out/share/applications
<Aerobit> cool
<Aerobit> ty
reinzelmann has quit [Quit: Leaving]
<{^_^}> [nixpkgs] @Ericson2314 merged pull request #48602 → Set CMAKE_SYSTEM_* for cross compiling → https://git.io/fxgzd
<{^_^}> [nixpkgs] @Ericson2314 pushed 18 commits to master: https://git.io/fxwv6
<infinisil> Aerobit: Check out `nix eval -f '<nixpkgs/nixos>' config.environment.pathsToLink` to see what paths in $out are linked by default
<infinisil> Gives a clue to where to put stuff
waleee has quit [Quit: WeeChat 2.2]
<clever> and thats specific to just what you put in systemPackages
<clever> nix-env has different rules
betaboon has quit [Quit: WeeChat 2.0]
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/cb996fdb60a (from 5 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
<Izorkin> infinisil: could not understand (
<clever> Aerobit: also, if you documentation.info.enable = false; then systemPackages may omit the $out/share/doc paths
<infinisil> Izorkin: Try the function out in nix repl
<infinisil> Should give you an understanding of how it works
<clever> the same for documentation.man.enable, which also requests $out/share/doc, lol
<clever> so you would have to disable several options to get rid of doc!
<infinisil> Izorkin: nix repl '<nixpkgs/lib>'
<Izorkin> ok
justan0theruser has quit [Ping timeout: 244 seconds]
Aerobit has quit [Quit: WeeChat 2.2]
<drakonis1> i'm starting to think that i'm building the entire linux kernel atm just for webkit
<sauyon> sounds about right
effsquared has quit [Ping timeout: 245 seconds]
<robstr> Whats the way to pass a file to `nix-build` and copy it to a specific point (I'm building a vm and want to copy a config file to the users home directory)? Do I need to create a new derivation ?
<{^_^}> [nix] @KaiHa closed pull request #2375 → Set NIX_REMOTE to unix-socket path; fixes #2372 → https://git.io/fAmSs
<gchristensen> nix-build ./my-thing.nix --out-link /home/robstr/my-thing-built
sigmundv has quit [Ping timeout: 252 seconds]
<drakonis1> ah really, i need webkit for a fresh and up to date nvidia settings
<{^_^}> [nixpkgs] @markuskowa opened pull request #48680 → Add licenses → https://git.io/fxwJM
<robstr> gchristensen: I have a build process creating a nixos vm and I want to copy a specific configuration file on this machine. Do I need to create a `stdenv.mkDerivation` or is there something like copyTo ?
JosW has quit [Quit: KVIrc 4.2.0 Equilibrium http://www.kvirc.net/]
<gchristensen> hmm not sure what to say, builds can't do things like copy files to arbitrary places, just to one place.
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<clever> robstr: the only thing a derivation can copy to is $out
<clever> robstr: it will never be able to write to /home
<robstr> ok, this works too, thank you
<auri_> Hello! Can I ask questions about cabal2nix here, or should I go to #nixos-dev?
<sphalerite> auri_: here is good
<auri_> Oh, thanks. I can't figure this weird issue with hpack and cabal2nix
<auri_> every time I run a build hpack complain about the cabal file being modified
<auri_> so I have to modify the generated expression to contain --force in preConfigure
<auri_> I tried outputting the cabal file by calling a script from preConfigure
<auri_> no changes at all
judson has joined #nixos
robstr has quit [Ping timeout: 256 seconds]
<judson> I'm trying to get a dnscrypt-proxy setup going that I'm happy with. My current frustration is that NetworkManager wants to run dnsmasq, but I want to run a dnsmasq that I can configure.
<judson> I read that there's a way to configure NM's dnsmasq with a config dir. Maybe just splatting into environment.etc is enough?
<Izorkin> infinisil: so right? - withIPv6 ? true / (stdenv.lib.enableFeature withIPv6 "ipv6") ?
<sphalerite> judson: maybe also just setting networking.networkmanager.dhcp to "none" or something. Just checking if that's a thing
<{^_^}> [nixpkgs] @tex opened pull request #48681 → Fix wings runtime failure. → https://git.io/fxwkt
<sphalerite> judson: um. Never mind me, that was my sleep-deprived brain misreading dhclient as dnsmasq…
<sauyon> so I solved my issue by just deleting the libstdc++ that's bundled with fdr4 - should a change like that be merged? I don't really like the way that FDR ships all of its shared libraries, but I'm not sure what a solution would be.
<sphalerite> sauyon: yes that sounds sensible. I'd suggest ccing the maintainer if any
<sphalerite> >fdr.meta.maintainers
<sphalerite> > fdr.meta.maintainers
<{^_^}> [ <CODE> ]
effsquared has joined #nixos
<sphalerite> > lib.elemAt 1 fdr.meta.maintainers
<{^_^}> value is a list while an integer was expected, at (string):202:1
nadley has quit [Remote host closed the connection]
<sphalerite> > lib.elemAt fdr.meta.maintainers 1
<{^_^}> list index 1 is out of bounds, at (string):202:1
<sphalerite> > lib.elemAt fdr.meta.maintainers 0
<{^_^}> { email = "me@nickhu.co.uk"; github = "nickhu"; name = "Nick Hu"; }
<sphalerite> > builtins.toJSON fdr.meta.maintainers
<{^_^}> "[{\"email\":\"me@nickhu.co.uk\",\"github\":\"nickhu\",\"name\":\"Nick Hu\"}]"
<sphalerite> that's slightly neater I guess…
<{^_^}> [nixpkgs] @Infinisil merged pull request #48678 → znc: add option to enable unicode support → https://git.io/fxVjV
<{^_^}> [nixpkgs] @Infinisil pushed 2 commits to master: https://git.io/fxwIZ
<infinisil> Izorkin: Well, does it do the thing you'd expect for both `withIPv6 = true;` and `false`?
<Izorkin> infinisil: partially. withIPv6 = false worked normal. If withIPv6 = true - need an empty value. Configureflags "--enable-ipv6" not supported
<run500> im having trouble cross compiling python modules, e.g. nix-build -E "with import <nixpkgs> { crossSystem = (import <nixpkgs/lib>).systems.examples.aarch64-multiplatform;}; pythonPackages.setuptools"
<infinisil> Izorkin: Ah well then you still need `optional` and it's probably not worth using enableFeature
<run500> is this supposed to be working?
<infinisil> run500: There's a new and easier way to cross compile: `nix-build -A pkgsCross.aarch64-multiplatform.pythonPackages.setuptools`
<run500> ah, thats nicer, but same error: python2.7: cannot execute binary file: Exec format error
orivej has joined #nixos
<clever> *tries*
<infinisil> run500: Yeah that's a cross compilation error, the build hasn't been adapted to work with it
<infinisil> apparently
* clever activates cheat mode
endformationage has joined #nixos
nbardiuk has joined #nixos
<o1lo01ol1o> is it possible to cross compile to ios on nixos without sending the build to a machine running osx?
<Izorkin> infinisil: thats variant normal? https://pastebin.com/hR5NTKTn with enableFeature and optional ?
<clever> o1lo01ol1o: last time i looked into that kind of problem (before getting into nixos), i read that you must have a darwin machine signing the binary after it has been compiled
<infinisil> Izorkin: Looks fine to me
<clever> o1lo01ol1o: because apple has to be apple :P
<o1lo01ol1o> gotcha, so basically need a build machine with osx running the nix shell
<clever> o1lo01ol1o: yeah
<drakonis1> you can also set up a osx vm to build it up
<drakonis1> if you're into breaking the eula
<clever> i was using macincloud.com at the time to get my ios app built
<o1lo01ol1o> would an aws AMI break EUlA?
<drakonis1> to be honest
<drakonis1> who knows
<clever> o1lo01ol1o: the only legal way to run macos, is on mac hardware
<o1lo01ol1o> ah, ok then
<clever> a vm on linux on mac hardware is "ok"
<clever> run500: curretly building the above setuptools...
<clever> /nix/store/hi7b399mz31439b7zd7v855iv5q0n0da-aarch64-unknown-linux-gnu-binutils-2.30/bin/aarch64-unknown-linux-gnu-ld: cannot find -lpython2.7
<{^_^}> [nixpkgs] @Mic92 opened pull request #48682 → tinc: remove unnecessary networking.interfaces → https://git.io/fxwtg
<{^_^}> [nixpkgs] @Izorkin opened pull request #48683 → znc: add configure options → https://git.io/fxwt1
<{^_^}> [nixpkgs] @Mic92 merged pull request #48681 → wings: Fix runtime failure. → https://git.io/fxwkt
<{^_^}> [nixpkgs] @Mic92 pushed commit from @tex to master « wings: fix runtime failure. (#48681) »: https://git.io/fxwqf
trevorriles has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @Mic92 pushed commit from @tex to release-18.09 « wings: fix runtime failure. (#48681) »: https://git.io/fxwqq
<{^_^}> [nixpkgs] @whohoho opened pull request #48684 → Jack tools → https://git.io/fxwq3
<{^_^}> [nixpkgs] @Mic92 merged pull request #48565 → Sasview: unstable -> 4.2.0 → https://git.io/fxzZo
<{^_^}> [nixpkgs] @Mic92 pushed 3 commits to master: https://git.io/fxwqW
<run500> clever: interesting, different error. i got it compiling by adding buildPackages.python to nativeBuildInputs and invoking ${buildPackages.python.interpreter} in installPhase
<run500> it seems in general python packages do not support cross compile
<clever> run500: i also got yours near the end
<clever> i'm testing my cheat now...
<sauyon> >
<{^_^}> [nixpkgs] @jtojnar closed pull request #48548 → gvfs: Fix-up paths to gio binary → https://git.io/fxuHw
Ariakenom has quit [Quit: Leaving]
<{^_^}> [nixpkgs] @jtojnar merged pull request #48600 → gstreamer: 1.14.2 -> 1.14.4 → https://git.io/fxg02
<{^_^}> [nixpkgs] @jtojnar pushed 15 commits to staging: https://git.io/fxwmG
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/c7e7e16b3ee (from 6 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
judson has quit [Remote host closed the connection]
<jabranham> Anyone run nixos on a raspberry pi 3? How's the experience? Thinking about converting my little pi server to nixos.
<clever> run500: my cheat half works, https://github.com/cleverca22/nixos-configs/blob/master/qemu.nix and qemu-user.aarch64 = true; allows me to run aarch64 binaries on my x86 machine, so when the cross-compile screws up and tries to run the arm python, it "works"
<clever> run500: but that arm python cant `import io`, so the build fails
simukis has quit [Quit: simukis]
<drakonis1> y'all
<{^_^}> [nixpkgs] @xeji merged pull request #48576 → dde-polkit-agent: init at 0.2.1; dpa-ext-gnomekeyring: init at 0.1.0 → https://git.io/fxzK2
<{^_^}> [nixpkgs] @xeji pushed 3 commits to master: https://git.io/fxwYe
astronavt has joined #nixos
jedahan has joined #nixos
[Leary] has quit [Remote host closed the connection]
Lears has joined #nixos
<{^_^}> [nixpkgs] @Mic92 merged pull request #48667 → linux-firmware: 2018-08-25 -> 2018-10-17 → https://git.io/fxVB5
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fxwY9
<{^_^}> [nixpkgs] @xeji merged pull request #48615 → chromium: propagate stdenv for "chromium.override{ stdenv=gcc8Stdenv; }" → https://git.io/fxgNY
<{^_^}> [nixpkgs] @xeji pushed commit from @volth to master « chromium: propagate stdenv for "chromium.override{ stdenv=gcc8Stdenv; }" (#48615) »: https://git.io/fxwYx
grp has joined #nixos
<{^_^}> [nixpkgs] @xeji merged pull request #48670 → radiotray-ng: 0.2.3 -> 0.2.4 → https://git.io/fxVV9
<{^_^}> [nixpkgs] @xeji pushed commit from @dtzWill to master « radiotray-ng: 0.2.3 -> 0.2.4 (#48670) »: https://git.io/fxwOm
astronavt has quit [Quit: Leaving]
<grp> I have a service I'm giving a .conf file that gets automatically copied to the store. However, I need that conf to reference pkgs.whatever/bin/somebinary for a hook. How should I do that? I thought of using substituteInPlace, but seems I need to define a derivation for the conf file, or is it another way to do it?
Growpotkin has joined #nixos
<Growpotkin> Has anyone gotten hdevtools to play nicely with nix-shell?
<Growpotkin> Mine is always trying to reference the system-wide cabal instead of whatever I have going on in my shell.
<{^_^}> [nixpkgs] @dtzWill opened pull request #48685 → range-v3: 0.3.7 -> 0.4.0 → https://git.io/fxw38
<o1lo01ol1o> I have some ssh configuration files (keys, known_hosts, etc) in a non-root user's directory. They are set to 644, appended to the NIX_PATH, and owned by the non-root user. However, my build --no-sandbox fails to have permissions for the config: Can't open user config file /home/foo/bar/config: Permission denied. However, the root user, who's ssh config points to the same keys, can clone the repository without a problem. How can I make
<o1lo01ol1o> the builders have access to these configs?
<clever> o1lo01ol1o: you want to use builtins.fetchGit now, its a lot safer and simpler
<o1lo01ol1o> clever: I can't, this is a complex nix deployment. It works on another nixmachine, just none of the one's I seem to setup.
<clever> o1lo01ol1o: are you calling toString anywhere?
<o1lo01ol1o> clever: I've done nothing to the (elsewhere working) default.nix. There may be some toString usages in there somewhere.
alex`` has quit [Ping timeout: 245 seconds]
<clever> o1lo01ol1o: what exactly have you added to NIX_PATH?
<o1lo01ol1o> clever: ssh-config-file=/home/foo/bar/config
<clever> o1lo01ol1o: ah, with fetchGitPrivate?
<o1lo01ol1o> yes
justbeingglad has joined #nixos
justbeingglad has left #nixos [#nixos]
<clever> o1lo01ol1o: this is how i got fetchGitPrivate to work with ssh agents
<clever> the trick is having a socket in /tmp that the nixbld user has permission to
<clever> because the build runs as nixbld1, it lacks access to read /home/foo, even with sandboxing off
<clever> but /tmp is a common shared space
<clever> and i prefer agents, so your not sharing the key with every single build
<o1lo01ol1o> I read that the AUTH_SOCKET requirement had been fixed and that SSH builders didn't need to declare sockets now . . ..
<clever> that fix is via builtins.fetchGit, which runs the clone as your user, not in any sandbox or specialized user
<o1lo01ol1o> clever: there are agents for some of these requirements (ie, ssh://git@) and fetchGitPrivate for others
<o1lo01ol1o> Should I move the ssh files to /tmp?
<clever> you could, but be aware that every single nix build will have permission to read those keys
<clever> oh, and the machine where it works, is that nixos?
<o1lo01ol1o> yes, nixos
<clever> strange
<o1lo01ol1o> if I have to put them where the builders can see them, they have to be world-readable, no?
chreekat has joined #nixos
<clever> you could also make the directory owned by the nixbld group, and not be world-readable
<clever> but basically any user on the machine can run nix-build, which then runs the user-provided commands as a member of nixbld, and they are still semi-world-readable
<o1lo01ol1o> Yeah, I get that, but I'm not sure I can see a way around it at the moment.
<clever> whats preventing you from using builtins.fetchGit instead?
<o1lo01ol1o> several thousand lines of nix expressions and repositories I don't have access to beyond an ssh key.
<clever> pre-existing ones, or ones you can only fetch with git@host?
<o1lo01ol1o> both
silver_ has joined #nixos
<grp> clever: I need to insert the nix-store path of a package in a conf file I'm providing a service (this conf gets thrown into the nix-store). I thought of using substituteAll or something like that but seems they are only available at the shell level, so would need to make a derivation just to install the patched conf. What's the recommended way to do this?
<grp> (I'm giving nix the path to the verbatim conf file, which is automatically copied to the store)
strobelight has quit [Ping timeout: 246 seconds]
<clever> grp: pkgs.substituteAll can do things for you
<{^_^}> [nixpkgs] @xeji pushed 24 commits to master: https://git.io/fxws5
<{^_^}> [nixpkgs] @xeji merged pull request #48680 → Add licenses → https://git.io/fxwJM
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/ff2b5ea471e (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
<clever> grp: basically, just pkgs.substituteAll { key = "value"; key2 = pkgs.hello; name = "foo"; src = ./foo.txt; }
<clever> and then it will replace @key@ and @key2@ within foo.txt
<grp> I see
silver has quit [Ping timeout: 252 seconds]
aleph- has quit [Ping timeout: 268 seconds]
<clever> grp: though i just put the entire vim config into a single string: https://github.com/cleverca22/nixos-configs/blob/master/vim.nix#L16
<clever> ah, you meant verbatim, not vim, lol
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<grp> clever: also, is there a builtin or lib function that handles text blocks interpolation indenting? I've implemented my own to get things running, but I plan to submit a pull request soon to add a couple of modules, and I'd like to stay orthodox
<o1lo01ol1o> clever: I chgrp'd the directory to nixbld with permissions of -rw-r--r--. Still permission denied.
<{^_^}> [nixpkgs] @markuskowa merged pull request #48513 → gpxsee: 5.18 -> 6.2 → https://git.io/fxuRf
<{^_^}> [nixpkgs] @markuskowa pushed 2 commits to master: https://git.io/fxwGm
<clever> o1lo01ol1o: you need execute on directories to access files within them
<clever> o1lo01ol1o: read only allows you to ls the directory itself
chreekat has quit [Ping timeout: 245 seconds]
<clever> o1lo01ol1o: you also need execute on every parent up to /
<o1lo01ol1o> clever: do the directories need any user/group ownership?
<clever> o1lo01ol1o: you just need execute on the directories, either via the user bits (if your the owner), the group bits (if your in the same group), or the other bits (for when your not an owner or group)
<clever> how you get execute on each dir is up to you
<{^_^}> [nixpkgs] @dtzWill opened pull request #48686 → libinput-gestures: 2.33 -> 2.38, fixup → https://git.io/fxwGM
<clever> since the builds can run as any member of the nixbld group, the user bits wont really work
<clever> so you need to either use the group bits and the nixbld group, or the other bits
<o1lo01ol1o> clever: right, I don't love giving __7 on /home/ though
<clever> you can mix them as well, so /home and /home/foo are o+x
<clever> you dont have to give it o+rwx
<clever> just o+x is enough
mayhewluke has quit [Ping timeout: 250 seconds]
<clever> so the directories can be o+x, and then the file is g+r
<clever> but if you have any o+r files in $HOME (the default is rwxr-xr-x for me), and an attacker knows the exact name, he can read them
sauyon has quit [Quit: WeeChat 2.2]
mayhewluke has joined #nixos
drakonis1 has quit [Quit: WeeChat 2.2]
<o1lo01ol1o> clever: and /tmp get's garbage collected, right?
<clever> depends on the config
<clever> `boot.tmpOnTmpfs` tells nixos to mount a tmpfs to /tmp, so all files are held in ram and lost at shutdown
<clever> in the past, i have seen my redhat9 machine just delete everything on bootup, which has resulted in the machine hanging for 2 hours, because i rebooted it so little :P
<clever> nixos doesnt clean it up on boot
silver_ is now known as silver
drakonis_ has joined #nixos
<{^_^}> [nixpkgs] @danielrutz opened pull request #48687 → Add port type → https://git.io/fxwZ2
<o1lo01ol1o> right ok. So this is all toghether not a great way to deal with these keys. I have o+x on all directories up to /home/foo/sshstuff/ and -rw-r--r-- on all the files, owned by foo and member of nixbld but i'm still getting permission denied.
<o1lo01ol1o> wait, no, now it's no such file or directory
<o1lo01ol1o> ok, some progress
<clever> if its in the nixbld group, then you dont need o+r on the keys
<o1lo01ol1o> right, just hadn't gotten around to rmoving that yet
drakonis has quit [Ping timeout: 268 seconds]
astronavt has joined #nixos
mskalski has quit [Quit: bye]
mskalski has joined #nixos
ajs124 has quit [Quit: Gateway shutdown]
effsquared has quit [Ping timeout: 250 seconds]
jedahan has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
jackdk has joined #nixos
rprije has joined #nixos
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/d97e5e11159 (from 3 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
grp has quit [Quit: box shutting down...]
erasmas has quit [Quit: leaving]
<{^_^}> [nixpkgs] @ElvishJerricco opened pull request #48688 → haskellPackages.shellFor: Add nativeBuildInputs [Fixes #48435] → https://git.io/fxwWT
<gchristensen> "whats a shellfor"
<clever> gchristensen: its used by things like haskellPackages.yaml.env
<gchristensen> sorry :)
vaibhavsagar has quit [Ping timeout: 244 seconds]
o1lo01ol1o has quit [Ping timeout: 252 seconds]
Mateon1 has quit [Ping timeout: 244 seconds]
Mateon1 has joined #nixos
dukedave has joined #nixos
jperras has quit [Ping timeout: 268 seconds]
nD5Xjz has quit [Ping timeout: 272 seconds]
<dukedave> I'm getting a `Missing dependency on a foreign library` error when trying to use stack's nix integration. I'm a nix newbie, could anyone suggest a way to identify where the problem is? https://gist.github.com/dukedave/ba9c2ae527fee048a24f6066d306ddac
<rawtaz> dukedave: what is "stack" in this case?
<rawtaz> not stackoverflow, i suppose
nD5Xjz has joined #nixos
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/9779809e050 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
nbardiuk has quit [Ping timeout: 244 seconds]
nbardiuk has joined #nixos
<{^_^}> [nixpkgs] @Tmplt opened pull request #48689 → nixos/compton: fix corrupt colours with Mesa 18 on AMD → https://git.io/fxw8j
jperras has joined #nixos
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
tbenst has joined #nixos
<{^_^}> [nixpkgs] @ElvishJerricco opened pull request #48690 → haskellPackages.cabal-macosx: Tests don't build with Cabal >= 2.2 → https://git.io/fxw4Z
<tbenst> hello! I'm a new nixpkg user on Ubuntu 18.04, and wondering if anyone knows where I can find nix.conf?
nD5Xjz has quit [Ping timeout: 246 seconds]
<tbenst> In home, I only have .nix-channels .nix-defexpr .nix-profile
<gchristensen> tbenst: you might not have one, but it would be at /etc/nix/nix.conf
<tbenst> no /etc/nix either
<tbenst> .nix-profile symlinks to /nix/var/nix/profiles/per-user/USER/profile
<gchristensen> well maybe you just don't have one, you don't strictly need one. what are you looking for?
<tbenst> I'd like to sync nix pkgs across multiple machines
<tbenst> so would idealy like one declarative file that I can then use to build
apaul1729 has joined #nixos
<jackdk> rawtaz I think it's the haskell build tool
<rawtaz> hmm >.o
<jackdk> dukedave: my ~/.stack/config.yaml contains the following https://pastebin.com/2cv4BUgc
<gchristensen> tbenst: ah, a nix.conf doesn't do that, anyway. a nix.conf only configures nix, not any sort of environments.
<jackdk> you may need to add native libs that you want available to there, noting that some of those libs will have multiple outputs (e.g., pcre.dev)
<rawtaz> dukedave: oh, i see
<jackdk> ,locate libGL.so
nD5Xjz has joined #nixos
<{^_^}> Found in packages: libglvnd, primusLib, libGLU_combined
<gchristensen> https://nixos.wiki/wiki/FAQ/Why_not_use_nix-env_-i_foo%3F might be helpful, tbenst, not sure.
<jackdk> but in all honesty, I gave up keeping stack well-behaved on nixos, switched to managing all deps with nix, building with cabal new-build and am much happier
<jackdk> also I gained access to ghcjs
worldofpeace has joined #nixos
<tbenst> gchristensen, ah I see. Is there an equivalent to /mnt/etc/nixos/configuration.nix for nix-env?
<gchristensen> the overlay from LnL linked in that link might helpful
<dukedave> @jackdk ah good insight, thank you. So my next trick would be to find out what nix package provides GL (I guess that's why you asked 'locate'?)
<jackdk> dukedave: exactly. If any of those are already in your store then that's also a good indicator
<tbenst> thanks gchristensen, that looks like what I want. So if I understand right, I would create an overlay (my_overlay.nix file), then run `nix-build my_overlay.nix`?
<infinisil> jackdk: libGL.so is in pkgs.libGL too, nix-index has a bug that prevents it from finding that
nbardiuk has quit [Ping timeout: 268 seconds]
nbardiuk has joined #nixos
<dukedave> jackdk: To be sure, nixpkgs should pull in dependencies though, right?
<jackdk> infinisil: thank you. That seems to evaluate to mesa_noglu, which has a dev output also, so I think dukedave will want libGL and libGL.dev in the config.yaml
<jackdk> dukedave: not sure. it will certainly install the deps to teh store but I don't know if it gives you the deps in the nix-shell that stack will use
<tbenst> I
<dukedave> Okay, let me try that (libGL package). Can disregard my dependencies question, I thought the missing GL error was coming from opencv3, but it is not.
<tbenst> gchristensen, I'm having the same issue as https://gist.github.com/LnL7/570349866bb69467d0caf5cb175faa74#gistcomment-2228733, not sure how to add my_overlay.nix to search path?
mskalski has quit [Quit: bye]
mskalski has joined #nixos
<tbenst> gchristensen, thanks so much! You inferred all my mistakes correctly and got it running. :D. Do you know if theres a way to save / dump things installed by nix-env -i to this file, or is there some other workflow you would recommend?
<tbenst> a workflow equivalent of `npm install --save-prod mypackage` if that analogy makes sense?
<gchristensen> tbenst: there is no way to saveto it, you'll have to recreate what you have
<gchristensen> (nix-env -q)
<tbenst> gchristensen, I'm now getting `command not found: nix-env` after running `nix-env -f '<nixpkgs>' -r -iA userPackages`
<clever> tbenst: nix wasnt in your userPackages list, so the -r uninstalled nix
<gchristensen> clever: can you continue helping? I'm half way through cooking something :)
__monty__ has quit [Quit: leaving]
<clever> tbenst: if you look in /nix/var/nix/profiles/something/profiles-something-link/bin youll find a nix-env you can use to try again with a newer userPackages
<tbenst> haha oops :O
<clever> gchristensen: sure, what was the problem?
<clever> ah, with tbenst
<gchristensen> declarative user envs via https://gist.github.com/LnL7/570349866bb69467d0caf5cb175faa74 for tbenst
<clever> tbenst: when using that outside of nixos, you will want to add nix = self.nix; to the userPackages
vk3wtf has joined #nixos
apaul1729 has quit [Ping timeout: 268 seconds]
<colemickens> That's sort of in the FAQ too under "How can I manage software..." https://nixos.wiki/wiki/FAQ
<colemickens> Just interesting, I found it when searching "userPackages" to see if it was a special convention.
<colemickens> slightly different solution
<clever> colemickens: in the case of that gist, you are telling nix-env to install an attrset, so it will just install every attr of the set, and all will appear in `nix-env -q`
<colemickens> That's what the FAQ entry is doing too, unless I'm severely misunderstanding.
<colemickens> It's neat, but I just load everything into my system anyway with my nixos-configuration.nix
<clever> colemickens: the faq is using buildEnv to merge things into a single package, and then `nix-env -q` only shows "user-packages"
<colemickens> Oh.
<clever> the faq also lacks a script that saves you from having to remember the magic incantation of `nix-env -iA userPackages -f '<nixpkgs>'`
<colemickens> :/ I see now. Thank you.
* colemickens nods
* colemickens wonders if we should update the FAQ
<colemickens> or augment it
<gchristensen> maybe so!
<clever> yeah, we could update it
slyfox has quit [Ping timeout: 246 seconds]
slyfox has joined #nixos
nbardiuk has quit [Ping timeout: 268 seconds]
<tbenst> clever, I made a new gist here: https://gist.github.com/tbenst/0e2c7bd0219eda87e3915182071f224b and I must be missing something super obvious as getting error: syntax error, unexpected $end
<clever> tbenst: does the error give a line number?
fragamus has joined #nixos
<tbenst> clever tb.nix:1:1
<colemickens> gchristensen: have you considered auto-merging based on labels/approval status for nixpkgs?
<clever> tbenst: what is the exact command you ran?
<tbenst> clever `curl https://gist.github.com/tbenst/0e2c7bd0219eda87e3915182071f224b/raw -o ~/.config/nixpkgs/overlays/tb.nix` and then `/nix/var/nix/profiles/per-user/tbenst/profile-6-link/bin/nix-env -f '<nixpkgs>' -r -iA userPackages`
<clever> tbenst: ls -lh ~/.config/nixpkgs/overlays/tb.nix
<tbenst> clever: -rw-r--r-- 1 tbenst tbenst 0 Oct 18 16:52 /home/tbenst/.config/nixpkgs/overlays/tb.nix
<clever> that file is 0 bytes in size
<clever> your curl command didnt work right
<tbenst> good catch
<tbenst> must be missing the redirect
<clever> `curl https://gist.github.com/tbenst/0e2c7bd0219eda87e3915182071f224b/raw -v` confirms that, 301 redirect
<tbenst> -L fixes