<infinisil>
drakonis1: Can't I just set the default with an overlay?
<drakonis1>
now, i've thought about that
<samueldr>
bsima: I would guess it's an attrset of the parameters for `fetchGit` which match to a specific nixpkgs revision (given the comment right before)
<clever>
samueldr: have fun patching every cabal2nix output if you want to convert - to _
<samueldr>
(though I must say that I prefer having dashes in identifiers, even though it means funny maths)
<samueldr>
clever: no don't want to :)
<clever>
> a:b
<{^_^}>
"a:b"
<clever>
> a: b
<{^_^}>
<LAMBDA>
<clever>
explain that! :D
<samueldr>
"poor" url matching semantics :D
<clever>
exactly, i learned that trick from domen
<samueldr>
learned it while looking at making a nix parser :)
<samueldr>
> a:/**/b
<{^_^}>
"a:/**/b"
<clever>
lol
<samueldr>
> a:/* */b
<{^_^}>
value is a string while an integer was expected, at (string):202:1
<clever>
:D
<samueldr>
> a:/* b*/c
<{^_^}>
attempt to call something which is not a function but a string, at (string):202:1
Lisanna has quit [Quit: Lisanna]
<samueldr>
(maybe the main scope is getting crowded)
<simpson>
When we were first designing Monte's syntax, I wanted to bring over ES's XML/HTML literals and regex literals, and we ended up not doing it and requiring quasiquotation instead. This turned out to be such a good idea.
<samueldr>
the "naked URLs" are imho the only wart I don't think add much
<simpson>
Embedding too many DSLs into a single language's syntax without some sort of quotation marker just makes it impossible for humans to read.
<infinisil>
I like how Haskell does it
<simpson>
Haskell's pretty rough with the user-definable operators, just because of the way that it forces the parser to carry context forward.
<clever>
infinisil: i at least want a Q monad that lacks IO
<infinisil>
clever: Why would you not want IO? You can always go lower, but once you're out of IO you can't get back!
<clever>
infinisil: i want to be able to run template haskell on the "wrong" platform, to make cross-compile simpler
<clever>
infinisil: 90% of the time, your TH doesnt need IO
<emily>
regexp literals have the unfortunate effect of encouraging people to use regexps
<clever>
but because you have it, there is no safe way for the compiler to know if running it on the wrong platform will have side-effects
Supersonic has quit [Ping timeout: 260 seconds]
<infinisil>
clever: I see, makes sense
<clever>
a variant that lacks IO, cant have side effects, so its perfectly safe to run in different contexts, because its now pure
o1lo01ol1o has joined #nixos
<infinisil>
clever: Or it could even have certain side effects, probably, via some effect system
<simpson>
emily: Indeed. From the erights archives: http://erights.org/elang/grammar/quasi-overview.html "I always hated a lot of Perl code for being so hard to read. I took pride in how readable E was by comparison. That is, until I started heavily using Regular expressions. My code became a dense gobbledygook of punctuation characters that reminded several folks of APL."
<fiatjaf>
I'm doing a project that uses both haskell and javascript. how can I create a derivation that includes both the haskell packages and the javascript packages I need to build my thing?
<fiatjaf>
I'm currently just doing the haskell side of it, creating a derivation with haskellPackages.callPackage and so on
<infinisil>
Split out all packages from nixpkgs, such that all that's left is the infrastructure to build them, like stdenv, buildHaskellPackage, fetchFromGitHub, etc.
<infinisil>
Then all those version update commits don't go to the main one, and it would be cleaner all throughout
<infinisil>
Of course there's the problem of non-monorepos with keeping stuff in sync, but still, would be cool
<drakonis1>
that sounds alright, but you gotta get it through the folks that don't want breaking change first
<drakonis1>
this is a thing that trips me, why is channel management so difficult?
<clever>
drakonis1: it sounds like you previously added a channel to your user, then deleted it, and nix-channel is glitching a bit and wont let you remove it
<clever>
drakonis1: what does `ls -lh /home/drakonis/.nix-defexpr/channels` report?
<clever>
if you `rm /nix/var/nix/profiles/per-user/drakonis/channels*` then the problem will go away, as will any ability to do rollbacks for the non-root channels
<drakonis1>
hmm
<drakonis1>
i have solved it by just adding a user channel again
<clever>
that also works
<clever>
i think the bug is that you need to --update to make it notice the removable of any channel
<clever>
but --update wont run if you have zero channels to update
<drakonis1>
hooray it works
<drakonis1>
but its still not acquiring the fresh versions
<clever>
now what does `nix-build '<nixpkgs>' -A gzdoom` and `nix-instantiate --find-file nixpkgs` report?
<drakonis1>
/nix/var/nix/profiles/per-user/root/channels/nixos for my user
<drakonis1>
it still yields 3.5.1 though
<drakonis1>
i think this might be more of a home-manager issue though
<drakonis1>
let me try something
<clever>
home-manager shouldnt have any impact on nix-build
<clever>
drakonis1: the same is true for the latest commit of nixos-unstable!
<clever>
and nixpkgs-unstable too
<drakonis1>
ah wait really?
<drakonis1>
i thought it was supposed to already have it
<clever>
only nixos-unstable-small has 3.6.0
<drakonis1>
oh :| well okay
<clever>
hydra is waiting for all of nixpkgs to build before updating nixos-unstable
<drakonis1>
it landed 4 days ago
<drakonis1>
ah right
<drakonis1>
nixpkgs is also at 4 days ago
<clever>
if you switch to the nixos-unstable-small channel, you can get it early, at the cost of having to compile a few more things
<drakonis1>
i'm a dunce
<drakonis1>
i didn't realize that during the fervor of getting things to work
<drakonis1>
but lesson learned i suppose
<emily>
clever: wouldn't "more things" there include, like, large desktop software?
<drakonis1>
i feel like an unruly child
<clever>
emily: depends mostly on what hydra has and hasnt built
<drakonis1>
could anyone clarify to me how cachix is supposed to work?
<drakonis1>
see if i'm missing something
<drakonis1>
its a nix binary cache service, but not one that about anyone can use like the nixpkgs cache
<clever>
drakonis1: you build your packages on something like travis, using normal nix-build, and then push it to cachix, and then you (and others) can use that as a binary cache
<drakonis1>
not available publicly right?
<clever>
its an opt-in thing
bzLem0n has joined #nixos
<drakonis1>
can't just cherry pick anything
<drakonis1>
a better question, i can't "find" any of them, can i?
<clever>
i dont think so
<clever>
somebody that runs one has to tell you about its url and public key
{`-`}_ has joined #nixos
copumpkin has joined #nixos
<drakonis1>
thanks and good night
{`-`} has quit [Remote host closed the connection]
drakonis has quit [Remote host closed the connection]
fragamus has joined #nixos
endformationage has quit [Quit: WeeChat 1.9.1]
bzLem0n has joined #nixos
<{^_^}>
[nix] @noteed opened pull request #2482 → Add a --keep-successful flag to nix-build. → https://git.io/fxogk
bzLem0n has quit [Client Quit]
<{^_^}>
[nixpkgs] @uri-canva opened pull request #48737 → pythonPackages.gyp: add Xcode 10 support → https://git.io/fxogL
hodapp has quit [Ping timeout: 272 seconds]
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
mayhewluke has quit [Ping timeout: 252 seconds]
<colemickens>
Has there been consideration to changing the output truncation that the newer "nix [tool]"s do?
mayhewluke has joined #nixos
<sir_guy_carleton>
nixos-rebuild isn't letting me use the unstable version of steam despite me setting allowUnfree to true
<sphalerite>
colemickens: not that I know of, although I've seen other complaints about it.
sb0 has quit [Ping timeout: 276 seconds]
fragamus has joined #nixos
sb0 has joined #nixos
alex`` has joined #nixos
Izorkin has quit [Ping timeout: 268 seconds]
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Izorkin has joined #nixos
Dedalo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
fragamus has joined #nixos
jedahan has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
sir_guy_carleton has quit [Quit: WeeChat 2.2]
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<dmj`>
hpc shows a blank coverage report when using doCoverage
<dmj`>
any idea how to get a coverage report using nix
<sphalerite>
I've managed to get a nix daemon running with a chroot store as far as I can tell by running NIX_STATE_DIR=/tmp/root/state /tmp/nix/bin/nix-daemon --daemon --store /tmp/root
<sphalerite>
How can I get nix to use this daemon rather than the system daemon?
Itkovian has joined #nixos
nD5Xjz has quit [Ping timeout: 252 seconds]
jasongrossman has joined #nixos
<sphalerite>
ok I needed to pass the same NIX_STATE_DIR and NIX_REMOTE=daemon to the client process
<sphalerite>
ummm actually building stuff doesn't work
<sphalerite>
error: while setting up the build environment: getting attributes of path '': No such file or directory
<sphalerite>
If anyone knows how to proceed please do let me know :)
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
jtojnar has quit [Read error: Connection reset by peer]
FRidh has joined #nixos
nbardiuk has joined #nixos
<fiatjaf>
I'm doing a project that uses both haskell and javascript. how can I create a derivation that includes both the haskell packages and the javascript packages I need to build my thing?
<fiatjaf>
I'm currently just doing the haskell side of it, creating a derivation with haskellPackages.callPackage and so on
jasongrossman has joined #nixos
silver has joined #nixos
jtojnar has joined #nixos
Itkovian has joined #nixos
Rajsun has joined #nixos
obadz has quit [Ping timeout: 268 seconds]
Phillemann has joined #nixos
<Phillemann>
I'd like to examine the closure of my application to see if there's anything superfluous in there.
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<srhb>
And -qr
<tilpner>
-qr, not -qR?
<tilpner>
Isn't -r realise?
<Phillemann>
Ah, wouldn't have thought to be in nix-store. Thanks, I'll try!
<Phillemann>
Wait, how do I read this --tree command? It shows my store path at the top and then, for example, fontconfig. That's not a direct dependency for my application.
obadz has joined #nixos
mojjoo has joined #nixos
jtojnar has quit [Quit: jtojnar]
jtojnar has joined #nixos
<mojjoo>
hi.. I'm switching from 18.03 to 18.09... Unfortunately, I'm getting build errors in several packages that depend on haskell stuff ("Setup: Encountered missing dependencies: base >=4.2 && <4.11")... Somehow, I remember that I had the same thing some time ago, but I forgot how to fix it :)
<{^_^}>
[nixpkgs] @c0bw3b pushed commit from @r-ryantm to master « flatbuffers: 1.8.0 -> 1.10.0 (#48521) »: https://git.io/fxoye
Guanin_ has joined #nixos
Guanin has quit [Ping timeout: 260 seconds]
<cocreature>
mojjoo: same error that I told you about earlier. base < 4.11 means that it won’t work with GHC 8.4
<mekeor>
i'm not sure if i want to run NixOS or Debian on my server but i'm not sure whether you could help me decide that as i still don't exactly now what i'm gonna use it for
<simpson>
mekeor: What would be an advantage of Debian over NixOS?
<Unode>
mekeor: install debian, install nix. If later you change your mind you can easily convert it to nixos.
shabius has joined #nixos
<mekeor>
simpson: it feels like debian can offer more stability, security, more packages, wider support.
<Unode>
hi guys, I'm trying to write a nixos service. If I need to execute a command for setup what would be the right step/location to do so?
<{^_^}>
[nixos-artwork] @sala98 opened pull request #41 → New Wallpaper for NixOS → https://git.io/fxoy7
<mekeor>
i will probably use nginx for a static website; i might use wordpress and nextcloud; i'd like to run a irc-client; maybe a research tool written in php...
<simpson>
mekeor: To take those point by point: Nix is definitely more stable and includes a modicum of *reproducibility* which Debian lacks. Debian's security process has more people, for sure. nixpkgs probably is missing a package you need; do you have a list? And "support" could mean anything~
<simpson>
All of those things are possible on NixOS, sure.
<mekeor>
hmm. yeah.
<mekeor>
okay, i go for nixos :3
* Unode
peeks into the future to count how many hairs mekeor has left
<mekeor>
hahaha :D
alex`` has quit [Ping timeout: 272 seconds]
alex`` has joined #nixos
<avn>
Unode: even after 2 years of nixos I affraid to _convert_ production server to nixos ;)
civodul has joined #nixos
<hyper_ch>
why?
<Unode>
avn: there are good things and bad things. It all boils down to feature overlap.
<hyper_ch>
avn: what do you need on the production server?
<Unode>
like... I'm currently trying to figure out how to run a command required to setup files for starting a server component. Having a nixos service means running this somewhere before the service starts. Was highjacking preStart in systemd but this is no longer an option, so still looking or a better way...
<hyper_ch>
why is systemd no longer an option?
<Unode>
I'm pretty sure there is one but I just haven't found it yet. The NixOS manual has info from the users perspective and this is more on the dev side so not that helpful in this case.
<Unode>
hyper_ch: the script calls to commands that aren't in scope/PATH.
<Unode>
for instance, 'hostname'
<avn>
hyper_ch: is my personal mail gateway ;)
<Unode>
avn: a little of FUD in that case?
iyzsong has quit [Ping timeout: 260 seconds]
<hyper_ch>
Unode: still fail to see how server components need to be setup
<avn>
Unode: yep.
<Unode>
hyper_ch: files need to be created for the server to start. Think of it as 'setup.sh' that ships with the software and should be run befor 'start_server'
<Unode>
among other things, it generates SSL certificates and creates the necessary files in the right (relative) location.
<hyper_ch>
why would it need to create ssl certs........
<hyper_ch>
too lazy... why not just move it to a vm that starts after nixos ist started
<Unode>
...
<avn>
Unode: so you need pre-generate your cert, and ship them as part of your nix deployment (as well as all setup.sh should be ported as nix-expressions)
<Unode>
avn: well in this case I'm happy to just use self-signed certs. So more like creating them before starting burp's server daemon.
<Unode>
there's a burp_ca script that takes care of this but it fails to run during preStart
<avn>
Then split your setup.sh to build-time part (move to .nix) and run-time (fix and run once of boot)
<Unode>
avn: I don't want to tamper with the setup.sh script. It's part of the software. Also don't want to reinvent the script by rewriting it in nix. It shouldn't be necessary, plus doing so makes it too brittle and subject to breakage with upstream changes.
endformationage has joined #nixos
<srhb>
Unode: Backing up a bit... Why not just bring the things you're missing for preStart into the PATH of that script?
<Unode>
srhb: That's what I'm currently doing but by setting PATH=${pkgs.busybox}/bin:$PATH manually in preStart.
<srhb>
Unode: There's also a systemd.services.?.path setting
<Unode>
Though I figure this is something that should be fixed in the burp package itself no?
<srhb>
Unode: Takes a list of packages and puts them all on the service's PATH. I forget whether it affects preStart though, but I would think so.
<Unode>
ah that's useful. I'll grep for examples in the source
<srhb>
Unode: Sure, you can wrap the script too in the build
<Unode>
thanks!
<srhb>
Unode: wrapProgram can greate a simple path wrapper, essentially renaming foo to .foo and creating a new foo script that calls .foo with extra variables etc.
<srhb>
(There's a lot of wrap* helpers)
<Unode>
but those are for packages not services right?
<srhb>
Right, in this case you would wrap setup.sh in the build.
azdle has quit [Remote host closed the connection]
<srhb>
Unode: so that the wrapper ensures that the runtime deps are properly PATH'ed.
<Unode>
yup. I'll be doing that afterwards. For now fiddling with $PATH is progress
<srhb>
Righto.
<Unode>
thanks for the pointers
<srhb>
Welcome.
Mr_Keyser_Soze has joined #nixos
<Unode>
srhb: so but just to be clear. Is preStart the de-facto way of running anything before a service? With conditionals for 'is it the first time I'm doing this'?
azdle has joined #nixos
elgoosy has quit [Remote host closed the connection]
Mr_Keyser_Soze has quit [Ping timeout: 245 seconds]
<avn>
Unode: btw very similiar stuff, which need copying of config from /nix/store to /var is a cups. Making pre-configured cups is a nightmare
<srhb>
Unode: That's a very common use of it, yes.
Mr_Keyser_Soze has joined #nixos
<srhb>
Unode: from eg. the postgresql preStart: if ! test -e ${cfg.dataDir}/PG_VERSION; then ...
Guanin_ has quit [Ping timeout: 272 seconds]
<Unode>
avn: cups I'll have a look. This one is not that easy either. I'm actually not sure yet if I can pre-configure it all. At the moment I'm aiming at having the server and client running.
elgoosy has joined #nixos
<Unode>
There's a server<->client pairing step that I don't think it's automatable unless both client & server live on the same filesystem.
<Unode>
which should not be how a backup system works :P
<avn>
Unode: I worked-around cups by dropping pre-cooked config, but it works not on all machines
<Unode>
srhb: I see. I'll work along those lines then.
<avn>
look on bup as backup software, if looks fun, and don't require any super-special (and you can unbackup just with git (at least it promized))
Phillemann has left #nixos ["WeeChat 2.2"]
<{^_^}>
[nixpkgs] @Ma27 opened pull request #48750 → vimPlugins.clang_complete: fix path to libclang.so → https://git.io/fxo9w
Mr_Keyser_Soze has quit [Ping timeout: 245 seconds]
jedahan has joined #nixos
<Unode>
I've been using burp for years. Simple, lightweight. I've had the client working on nixos since I opened the pull request above but the server component was never finished. Trying to get that done now to remove the WIP.
<dhess>
clever: absent the "boot.kernelParams" declaration in the kexec build from nix-test, I assume systemd/udev will just do their thing like any "normal" NixOS boot?
<dhess>
hyper_ch: huh I'm pretty certain I've used that driver on my physical boxes before without specifying it
<dhess>
but it couldn't hurt I guess
<dhess>
cle
<hyper_ch>
first boot kexec, then get minimal config, then run my installer script for zfs setup and have nixos installed..... then boot into encrypted zfs server, expand config
<dhess>
clever: tanks
<dhess>
h
<hyper_ch>
dhess: as said, I had issues when I omitted it
<dhess>
hyper_ch: ok I'll add it, thanks for the hints
<hyper_ch>
dhess: I remember why... because I need to access the box at the initrd stage to submit zfs encryption password ;)
<hyper_ch>
so maybe forget about what I said ;)
<dhess>
hehe
<clever>
hyper_ch: after booting with kexec, check `lspci -vvv` it will tell you which driver owns each device
<dhess>
there is an IPMI SOL-in-browser for this thing but I'll be damned if I can figure out how to authenticate to it
<hyper_ch>
my kimsufi box just has 4gb
<dhess>
hyper_ch: hehe
<dhess>
I may just have to resort to installing Java and running their awful KVM applet
<clever>
dhess: it could be worse, ive had to install both windows xp and 7, just to get a mess of activex applets to work
Mic92 has joined #nixos
<dhess>
oh my christ Windows XP
<clever>
yes
<clever>
the remote cdrom part only works under xp
<clever>
and the remote console only works under 7
<hyper_ch>
clever: btw, I managed to install root zfs on a debian server with UEFI where I use the zfs sdx9 partition as ESP so that I don't have to use a seperate /boot partition
<hyper_ch>
clever: debian stable zfs ist only 0.6.5 - so no encryption and it's just web und email server
<clever>
i'm not entirely sure what zfs intends for that reserved partition, but if it works, it works, lol
<clever>
also of note, if you let zfs paritition the disk like that, it sets a magic "whole disk" flag that cant normally be set
<hyper_ch>
clever: in #zfsonlinux tehy told me it's because sometimes drives of same size aren't quite same size
<clever>
and that causes zfs to mess with performance controls of the entire sda
<hyper_ch>
so they take a bit off
<clever>
ahh
<hyper_ch>
so all xTB drives will match when making mirror
Mic92 has quit []
Mic92 has joined #nixos
<hyper_ch>
so, it's prefect to use as ESP partition
mayhewluke has quit [Ping timeout: 252 seconds]
<nkaretnikov>
How do I enter nix-shell without querying the network? It just keeps trying over and over again. And I can’t find the right option to disable this.
<clever>
hyper_ch: it can also be used as a bios boot partition for legacy booting
Ariakenom_ has joined #nixos
<hyper_ch>
clever: 8MB is a bit small
<clever>
hyper_ch: bios boot only needs <1mb
<clever>
hyper_ch: it serves the same purpose as the ESP
<hyper_ch>
ok :)
<hyper_ch>
I'm so confused about all of that :)
<clever>
when booting on MBR, grub will shove stage 1.5 between sector 1 and partition 1, in the "unused" space
<hyper_ch>
but this is actually my first uefi installation ;)
<bpye>
If a project is hard to build as a NixOS package (Go 1.11 modules seem... tricky to get working with the sandbox network restrictions), is my best bet to download a binary and make the package from that :(
<hyper_ch>
everything else still runs on bios
<clever>
GPT uses more then 1 sector for its partition table, so that same range is now unsafe to use
<clever>
and they decided to ban using "unused" space :P
Dedalo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<clever>
so you now need a dedicated partition for that, called the bios boot partition
mayhewluke has joined #nixos
<clever>
it has no fs, cant be mounted, cant be formatted, and just holds raw x86 assembly code
<dhess>
every time I need to do something like this I curse the BIOS vendors for being stuck in the 80s
<clever>
hyper_ch: in your exact case, it would contain the grub kernel, the zfs drivers for grub, and maybe the luks drivers
<hyper_ch>
clever: thx for the explanation
<hyper_ch>
no luks drivers :)
<clever>
that is the bare minimum grub needs to mount the real /boot
<avn>
Folks, can anyone share some common texlive.combine expression suitable for pdf, xelatex and european languages (but without esoteric stuff like runes and asian/african languages)
Ariakenom has quit [Ping timeout: 244 seconds]
<hyper_ch>
people in #zfsonlinux also said, that the method I used won't allow for all features to be supported of zfs
astrofog has quit [Remote host closed the connection]
<bpye>
You end up with a file like https://github.com/miniflux/miniflux/blob/master/go.mod - each dependency there can specify it's own as you might expect, meaning you need to get a list of all these deps that are needed in the build
<avn>
bpye: possible go2nix can be expanded to underthand that (if it not support it yet), so it will resolve all source dependencies to fixed derivations
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<bpye>
Yeah I've been looking at go2nix and dep2nix but I'm struggling a little to understand the projects
erratic has joined #nixos
<avn>
bpye: they just analyze go sources, determine dependencies and make .nix locking all source dependencies.
<bpye>
Oh yeah, I knew that, however I guess I'm struggling to find out how they do that :)
<jtojnar>
how do libraries get to rpath again? and how can I disable it?
<bpye>
It seems like we need to populate $GOPATH/pkg/mod/cache/download ourselves using the suitable derivations for grabbing source code, the annoyance here is that within that you have to generate various files too
<avn>
bpye: he usually hanging around this channel, so you know whom direct questions ;)
<clever>
jtojnar: i believe cc-wrapper sets some rpath flags when calling the real gcc
<bpye>
If I mix architectures, say I have an Arm64 R Pi and an x86_64 box, will NixOps handle that?
<clever>
bpye: yes
<bpye>
Okay, was just wondering since NixOps seems to do at least some of the build operation on the machine you are running NixOps?
<clever>
bpye: you just need to set the right nixpkgs.system.localSystem param for each machine
<clever>
bpye: it will need build slaves of the right arch to perform those steps
<hyper_ch>
avn: the solution I chose was using /dev/sd[x]9 as ESP partition when I create a zfs pool over the whole drive
<clever>
bpye: a lot like deploying nixops from a mac machine
<avn>
hyper_ch: I used /dev/disk/by-name/*-part0 for ESP and *-part1 for pool (use two 1TB in mirror)
<jtojnar>
clever: do not see anything saying rpath in there
<dhess>
yay kexec worked!
<hyper_ch>
but by creating a zfs pool out of a partition, you'll get another partition,r ight?
<jtojnar>
clever: is there some simple way to disable all the hacks attempting to fix badly written software?
<clever>
jtojnar: you could use gcc.cc, rather then gcc, as your compiler
<dhess>
clever: I'm keeping a tally of every time I boot a machine with kexec and if I ever meet you IRL, I will buy you a beer for each one
<clever>
dhess: i'm on my way to nixcon next week
<dhess>
clever: I am not :( I'm actually moving to London soon, but not until November
<dhess>
bad timing. Hopefully next year
<Unode>
clever: presenting something?
<clever>
Unode: not planning on that
<{^_^}>
[nixpkgs] @Ericson2314 merged pull request #48673 → xorg: allow overriding via overrideScope' for 18.09 → https://git.io/fxVia
<{^_^}>
[nixpkgs] @Ericson2314 pushed 9 commits to release-18.09: https://git.io/fxoFq
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Unode>
in a service with a client+server component, what's the recommended way to conditionally run additional preStart steps if both components are enabled?
<avn>
Folks, how I can figure out if some stuff /nix/var/logs are from non-existant packages?
<avn>
I suspect, that some files there are from old builds, which not exists anymore
fragamus has joined #nixos
<Unode>
avn: logrotate them until they are gone?
<avn>
Unode: it definelly won't work for nix build logs
<Unode>
oh nevermind I read /var/log not /nix/var/log
<Unode>
aren't those garbage collected ?
revtintin has quit [Quit: WeeChat 1.9.1]
<dhess>
I have a system with 2 drives and it boots from EFI. As far as I know it's not possible to use mdadm to raid1 the 2 EFI boot partitions like I would do with an MBR system and grub.
<dhess>
So is there any way to get NixOS to write to both partitions when it updates /boot
<dhess>
?
<dhess>
for redundancy
<hyper_ch>
yes
<hyper_ch>
ah, no
<hyper_ch>
dhess: what I do is mount one locally and run regular rsync from a to b
revtintin has joined #nixos
<dhess>
hyper_ch: maybe I'll write a module to do that
justbeingglad has joined #nixos
justbeingglad has left #nixos [#nixos]
<hyper_ch>
dhess: I do that now on the new debian server ;)
<{^_^}>
[nixpkgs] @pbogdan opened pull request #48754 → debootstrap: fix up paths to {chroot,unshare}, small clean up → https://git.io/fxobc
<infinisil>
hyper_ch: Well, you first clone nixpkgs, then add the nixpkgs-channels remote and fetch it, check out the nixos-unstable channel of that, then rebuild your NixOS with `-I nixpkgs=/path/to/nixpkgs`
<infinisil>
I wrote this from memory in 30 seconds, so there might be minor mistakes
<hyper_ch>
infinisil: but where does commit into that?
<clever>
hyper_ch: there is a def i know, that only ever uses `git add --all`, i have seen him commit lock files to the repo, luckily, the code uses flock and doesnt care
<infinisil>
hyper_ch: That comes later, first try that
<clever>
dev*
<hyper_ch>
just recently learnt how to use flock in bash
<hyper_ch>
infinisil: I'm now at the rebuild step... but now I'd need your commit because it will fail again otherwise and I get kicked out here
<infinisil>
hyper_ch: Ah right
<hyper_ch>
infinisil: I just mannualy edit that file
kiloreux_ has quit [Read error: Connection reset by peer]
kiloreux_ has joined #nixos
alex`` has quit [Ping timeout: 252 seconds]
<hyper_ch>
it is
plakband has quit [Client Quit]
<hyper_ch>
I guess it did not rebuild it because the hash of the acutal znc expression didn't change
<hyper_ch>
since you just changed the config options
alex`` has joined #nixos
ekleog has joined #nixos
<infinisil>
hyper_ch: You can see the config file in use at /home/hyper/.znc/configs/znc.conf
<hyper_ch>
did not change
<infinisil>
This should now have the SSLCertFile thing at the very bottom
plakband has joined #nixos
<Thra11>
How do transient failures on hydra.nixos.org get resolved? Suspect this rustc build was oom-killed: https://hydra.nixos.org/build/82950500/nixlog/1/tail . Don't know if re-triggering it would simply result in the same failure due to lack of memory on the build server.
<infinisil>
hyper_ch: Did the file change with the `config.services.znc.configFile` build command result?
<hyper_ch>
infinisil: it did change
<{^_^}>
[nixpkgs] @FRidh pushed 65 commits to staging-18.09: https://git.io/fxohI
<infinisil>
I won't discuss offtopic stuff here though
Ariakenom has joined #nixos
Ariakenom_ has quit [Ping timeout: 252 seconds]
<hyper_ch>
you merged it into master? oO
<infinisil>
Yeah?
aleph- has joined #nixos
eisbaer-north has quit [Ping timeout: 252 seconds]
Leo` has quit [Ping timeout: 264 seconds]
<hyper_ch>
why not directly merge it?
<infinisil>
hyper_ch: Huh? I did directly merge it
<aleph->
So question, trying to build a ruby package and I keep getting this error: "nix/store/i6vl5lwlz5jbkg4r6p340dwmj6fha3xq-stdenv-linux/setup: line 1291: binary: command not found"
<aleph->
Nix file is here
<hyper_ch>
why wait for feedback from me?
<aleph->
nix/store/i6vl5lwlz5jbkg4r6p340dwmj6fha3xq-stdenv-linux/setup: line 1291: binary: command not found
<clever>
aleph-: you are running the command binary, with 2 args
<infinisil>
hyper_ch: Ah you mean why not directly commit it to master. There's many reasons for that:
<aleph->
The two args being the expansion of gems and ruby, clever?
<clever>
aleph-: you also dont have to set the system attribute, thats likely to cause issues down the road
<infinisil>
PR's are more visible and are intended to be looked at by more people. More eyes see more potential mistakes
<clever>
aleph-: the 2 args being '=' and the expansion of '$out/bin/install.sh'
<clever>
aleph-: the spaces around the = make it a command, not a variable assignment
<infinisil>
- Changes should be tested first
<aleph->
God dangit
<clever>
aleph-: also, you want to indent that entire heredoc, to match the nearby lines
<infinisil>
- GitHub synchronizes merges, committing to master doesn't have that
<infinisil>
- In PR's the ofborg bot can do some checks/builds
<infinisil>
hyper_ch: ^
<hyper_ch>
ok
<aleph->
clever: Noted, so fixing the assignment fixed my build issue. My question now is, in regards the two scripts I call in my install phase. prod.sh and db.sh.Is it able to pull those in from the local directory? Or am I better just setting them via heredoc in the install phase as well?
<clever>
aleph-: if you do ${./db.sh}, then nix will dynamically copy those into /nix/store/ and insert the new storepath
<aleph->
Gotcha, cool.
<clever>
aleph-: src = ./.; is doing the exact same thing
<aleph->
Oh, doy.
<{^_^}>
[nixpkgs] @fpletz opened pull request #48758 → docker-machine-kvm: 0.8.2 -> 0.10.0, docker-machine-kvm2: use minikube source → https://git.io/fxojr
<aleph->
Hmm, to figure out how to have it autorun... since just adding exec "rails server" at the end doesn't work.
<clever>
aleph-: /bin/bash doesnt exist on nixos, you want #!${stdenv.shell}
<aleph->
Ah, noted. Thanks, forgot that.
<clever>
bash also cheats, and will run itself on anything that looks like a shell script but technically isnt working
<clever>
so it hides such mistakes when in a console
<{^_^}>
[nix-mode] @matthewbauer pushed to master « Add dependency on json-mode »: https://git.io/fxoj9
<aleph->
clever: So from what I can tell all this is doing is setting up the environment, what would then be the way to execute my script set to $binary?
<aleph->
Could I pass it as an arg to builder?
<clever>
aleph-: does it need to be executed at build-time or runtime?
<aleph->
Ideally at the end of build time.
<clever>
aleph-: then just run it after you chmod +x it
<clever>
and note, that it will only have +w to $out, and wont have any access to DB's
<aleph->
Bollocks.
<clever>
you may need a nixos module, and a systemd service
<aleph->
And thus this gets more complicated.
<aleph->
Guess so, trying to package up a fairly popular link aggregator and then have it completely set up via one command, db, db accounts, build and populate the db, and then run the rails app.
kp__ has quit [Quit: WeeChat 2.2]
<clever>
aleph-: definitely sounds like you need a systemd service
<clever>
does it still fail with the new file in the above gist?
<clacke[m]>
I have no idea how you figured that out, and I have no idea why it failed and why it works now, but thanks a whole bunch. And you were quick, too.
<drakonis>
so, what's the optimal way for running OS containers
<srid>
in regards to `networking.firewall.logRefusedConnections` - where does it actually log?
<clever>
srid: dmesg and journalctl
<clacke[m]>
lesson for next time: go onto #NixOS five hours earlier
<srid>
clever: thanks; in source I see: `ip46tables -A nixos-fw-log-refuse -p tcp --syn -j LOG --log-level info --log-prefix "rejected connection: "`
<srid>
So I did `journalctl | grep rejected` (and `dmesg | grep rejected`) which is empty output; implying the firewall has not rejected any connections (so I'll have to look elsewhere as to why ssh from outside just hangs ...)
<clever>
srid: run tcpdump against the given interface, filtered to port 22, then try to ssh into it
<clever>
srid: nixos also allows 22 thru the firewall automatically
<clever>
srid: are the client and server on the same network?
catch22 has joined #nixos
<srid>
ok, started tcpdump ... oh weird, ssh now started working instantly.
eisbaer-north has joined #nixos
<srid>
but if it happens again, i'll jump to tcpdump for debugging. maybe our wifi router is behaving erratically
<srid>
clever: yup, same network. my large goal here is to configure dynamic dns, so I can ssh to my 'workstation laptop' from outside (coffee shops, etc.).
<clever>
srid: ah, my home IP is stable enough that i just port-forward once and just setup a fairly static dns
<srid>
i think my laptop IP is stable enough as well, so i have configured port forwarding in the ISP router, which also has a place to configure automatic dyn dns (noip) updates. verified it to be working so far for ports like 8000, though last time i checked it was hanging on ssh (22). gotta try it again this time.
<__monty__>
Toxvpn?
<clever>
srid: ah, another thing to be aware of, port forwarding often doesnt work when your inside the same network
<clever>
srid: if you try to connect to 22 of the public ip, from within the network, some routers (including nixos NAT) wont forward it back into the lan
<srid>
although I don't mind carrying heavy laptop (it helps develop muscles :P ) i'm not a fan of the P71 non-centered keyboard layout, which gets annoying when working with it on the lap. so thinking of just taking my macbookpro15 as a 'thin client' to coffee shops.
<srid>
clever: yea; i use the intenal IP when ssh'ing from the same network, and the dyndns address when ssh'ing from outside.
<clever>
srid: toxvpn would also be an option, then you have a fixed ip for both situations
<srid>
clever: how does toxvpn work, if two nodes are on different network? how do they talk to each other without central server?
<srid>
say node1 is my thinkpad running on home wifi. and node2 is the macbook running in coffee shop
<drakonis>
i ran debootstrap and i'm getting some /bin/true errors
<clever>
srid: it uses some bootstrap nodes to connect to a DHT, where it will then discover the other node's public ip, and then uses udp hole punching to form a connection
cnidario has quit [Remote host closed the connection]
<srid>
ah, it has to *public* IP?
<clever>
srid: it will auto-discover the public ip of the other machine, and connect to it, even if you dont forward ports
<srid>
i see
<srid>
so if I ssh from coffee shop, my connection is hopped from some intermediary?
<clever>
it will use the intermediary nodes to discover the ip of the house, then connect directly to it
<srid>
but 'ip of the house' is the router, not my thinkpad
<mpickering>
urlretrieve is failing in python for me because of SSL verification errors, do I have to add a dependency on cacert or something like this?
<clever>
srid: when the thinkpad connects out on udp, the router dynamicaly sets up a reverse route for the udp replies
<clever>
srid: and that will allow traffic back into the thinkpad, on the router ip
<clever>
thats just how ipv4 and NAT works
<srid>
oh. hmm. need to up my networking knowledge :P
<srid>
so about your "you have a fixed ip for both situations" - those internal IPs (of the nodes) have to be distinct.
<clever>
yeah
<srid>
dyndns is not required either?
<clever>
yeah, you can just ignore dyndns
<srid>
(well, it would be - for accessing http)
<srid>
(as in, letting the outside world access my http services)
<clever>
192.168.0.0/16, 10.0.0.0/8 and 172.16.0.0/12 are the 3 official "private" networks, that will never be used on the web
<clever>
192.168.0 .1 and .2 are commonly used for home routers
<clever>
.123 is high enough up there that it has a low chance of conflicting
<clever>
if you ever wind up in an internet cafe that is using 192.168.123, then the vpn will only cause problems when refering to 192.168.123.64, and the rest of the cafe machines will work as-normal
<clever>
it will force .123.64 to use the VPN variant of that ip, and ignore whatever the cafe had there
<clever>
and usually, your only needing the router, which is generally x.y.z.1
<clever>
so its not likely to cause issues
<clever>
and you also have the entire 10.x.y.z space
<__monty__>
So it's not foolproof, just highly unlikely?
<{^_^}>
#48754 (by pbogdan, 3 hours ago, open): debootstrap: fix up paths to {chroot,unshare}, small clean up
<clever>
__monty__: the hamachi VPN was originally using the 5.x.y.z range, because that was under some special reserved (do not use) area on the internet
<clever>
so the IP's where technically public, but unused
<clever>
about 4 years ago, it ceased being reserved, random sites got IP's in that block, and they just never loaded for me
<nkaretnikov>
i'm trying out the haskell gloss library in a nix-shell and it doesn't work (black screen) while it does work with new-build. has anyone seen anything like this? i bet some package is written without macos support or something. any tips on where to look would be appreciated.
<clever>
__monty__: in the case of hamachi, it routed the entire 5.x.y.z to the vpn, and broke the whole IP block
<clever>
__monty__: but toxvpn only routes the IP's peers have, and it wont break the whole range
<__monty__>
nkaretnikov: If a package wasn't buildable on mac os you wouldn't be able to get into the nix-shell.
<nkaretnikov>
__monty__: well, something certainly isn't right. it's definitely a build/shared-libraries issue. because i can't think of anything else that might cause this
<__monty__>
clever: Interesting. Maybe 172... is the way to go, seems less pervasive than 192... and 10...?
spear2 has joined #nixos
<__monty__>
nkaretnikov: Maybe it's because of opengl? Some programs need the nixgl wrapper to run.
<spear2>
what can i do if nixos-rebuild switch --upgrade is running out of memory?
<nkaretnikov>
__monty__: yes, it could be. what's the nixgl wrapper?
nDuff has joined #nixos
<__monty__>
nkaretnikov: https://github.com/guibou/nixGL No idea how to apply it to development with nix-shell though. I guess you'd run your program with `nixGL program`?
<nkaretnikov>
__monty__: okay, let me try that.
<judson>
We already froze for 18.09, huh?
<nDuff>
Does the Nix language have something equivalent to varargs support? I want to pass all arguments my function is called with through to another function, but then modify that function's returned value (so I can't just return that function directly).
<vcunat>
judson: 18.09 was released, if that's what you mean
<{^_^}>
vcunat: 1 week, 1 day ago <gchristensen> ping me about your mac =)
<__monty__>
spear2: I get around memory issues with a remote build host. Swap might be an (albeit terrible) option?
<judson>
Oh, nifty.
<vcunat>
you may evaluate (and also build) on another machine, then just nix-copy-closure the result and activate on target
<judson>
I've got this enormous module for my local config to get unbound+dnscrypt-proxy2+docker all playing nice, and I'm wondering what of it I should PR into nixpkgs.
romildo has joined #nixos
<spear2>
__monty__: if i keep re-running the command it seems to be making progress
<vcunat>
oh, it's not just during evaluation?
<vcunat>
You can reduce --max-jobs and --cores
vcunat has quit [Quit: Leaving.]
<dmj`>
anyone use nixops w/ aws
* judson
raises hand
<judson>
dmj`, what's up?
<dmj`>
judson: just trying to get the trivial-ec2.nix setup
<dmj`>
judson: but get The specified instance type can only be used in a VPC. A subnet ID or network interface ID is required to carry out the request.
<dmj`>
judson: just want something basic, only a single server
<dmj`>
judson: AWS somewhat recently required new instances to run in VPCs, part of their monetization gorging strategy
<judson>
No? Less that 12 months I think
<spear2>
__monty__: guess not, can't get past Copying path '/nix/store/...ghc-8.2.2' from https://cache.nixos.org' ... error: Nix daemon out of memory
<spear2>
i have 4G of ram though? how much does nixos need?
<spear2>
--max-jobs 1 --cores 1 didn't seem to help
<{^_^}>
[nixpkgs] @sjmackenzie opened pull request #48760 → ndn-cpp: new pkg → https://git.io/fxKTH
<romildo>
I am updating elementary-icon-theme, which started using the meson build system. Installation phase is failing:
<romildo>
Failed to run install script '/usr/bin/env python3 /build/source/meson/symlink.py --src share/icons/elementary/actions --dest share/icons/elementary/actions@2x'
<romildo>
FAILED: meson-install
<romildo>
Any clues on how to discover why it is failing?
<dmj`>
judson: how did you do it then
<dmj`>
:)
<spear2>
wait, does there need to be something in configuration.nix to use swap space? i know it was set up when i installed nixos
<spear2>
still, swap partition is only 4G additional, hopefully that is enough
<__monty__>
spear2: Don't thisk so. Check with something like lsblk?
<romildo>
How do I tell meson to be verbose at the install phase?
<__monty__>
I've built ghc-8.2.2 with 2G ram so it should be enough, yeah.
<spear2>
__monty__: i see the partition, but MOUNTPOINT is blank
<__monty__>
spear2: Try swapon, then check again?
<spear2>
ok now it says [SWAP] under mount point, maybe configuration.nix needs the line `swapDevices = [ { device = "/var/swap"; size = 4096; } ];`?
<spear2>
seems to be working =]
wpcarro has joined #nixos
roconnor has quit [Quit: Konversation terminated!]
<__monty__>
spear2: I'd recommend against having it enabled by default. It's often not something you want on a personal machine. Trashing is super likely.
<wpcarro>
I haven't been able to boot into a NixOS that I've built for about two weeks. I've been casually trying to debug it but I haven't had enough time to dig into the problem, so I've been using a derivation that I built a month ago or so and dealing with it. I'm trying to revisit this now though since I need to be able to make updates to my config. Anyways, whenever I try to boot into one of my newly created
<wpcarro>
derivations, I get an error about the RNG (random number generator). It just hangs here forever and I need to force my laptop to shutdown. I'm eager to fix this but don't really have the necessary debug skills. Any pointers are graciously accepted.
<wpcarro>
It all started when I tried to use `pkgs.linuxPackages_latest` for my kernel. I also switched from 18.03 to 18.09 for nixos channel. I imagine that either or both of these contributed to the issue. When I run `sudo nixos-rebuild switch`, I see a bunch of messages about "collisions". Are collisions okay? I've been ignoring these messages until now
youssefhabri has joined #nixos
<clever>
wpcarro: depends on what is colliding
<wpcarro>
I'm seeing about 50+ collisions
<wpcarro>
I'm beginning to think I should just go back to 18.03
<clever>
wpcarro: what is one of the things colliding?
<judson>
dmj` I don't know if it makes a difference, but my ec2 config and my NixOS config are separate. So my equivalent of awsBox just takes { resources } as an argument.
jaeckel has quit [Ping timeout: 245 seconds]
<dmj`>
judson: that wouldn’t make a difference
<dmj`>
judson: the error is literally from AWS itself
<wpcarro>
clever: collision between `/nix/store/j8qwpsg6gsw473l2cnlnmxal27ijjmz2-busybox-1.28.1/sbin/mkfs.ext2' and `/nix/store/lf059hksqx8lr8ybglpk3zrizk7nxk2c-e2fsprogs-1.44.1-bin/sbin/mkfs.ext2'
<clever>
wpcarro: do you have busybox in your systemPackages?
<wpcarro>
clever: I do
<judson>
And I just confirmed, that instance is running in a VPC
<clever>
wpcarro: remove that, it will cause a large number of problems
<wpcarro>
clever: interesting... okay I'll remove. Should I stay on 18.09 for the time being as well?
<clever>
wpcarro: yeah
romildo has quit [Quit: Leaving]
<wpcarro>
clever: okay. rebuilding now. Should I keep an eye open for additional collisions?
<srid>
I get collisions as well (to do with `git`), but I don't have busybox.
<wpcarro>
clever: Idk if this is problematic or related to the errors I've seen, but I've been seeing a perl warning about locale settings being unset. Specifically `LANGUAGE = (unset), LC_ALL = (unset)`
<clever>
wpcarro: ive just been ignoring those
<clever>
srid: you might have 2 copies of git in your systemPackages
<srid>
clever:
<srid>
is it a bug that nix doesn't resolve duplicates automatically?
<clever>
srid: depends on exactly how they differ, can you paste a single line of the conflict?
<srid>
(i see another `gitAndTools.gitFull` from our shared work nix configuration)
<wpcarro>
clever: looks like removing busybox was enough to fix the boot issues! I was originally switching to 18.09 (nixos) and 4.18 (kernel) was to avoid my WiFi dropping everytime my computer slept. Hopefully now that issue is resolved as well. Should find out shortly!
nDuff has quit [Quit: zzz]
<clever>
wpcarro: busybox includes duplicates for a large number of util, that behave in slightly different ways
<wpcarro>
clever: nice... useful to know it's problematic
<clever>
and anoyingly, nix-env tells you to install it for all of those utils
<{^_^}>
[nixpkgs] @xeji pushed commit from @volth to master « perlPackages.NetSSHPerl: init at 2.14 (#48729) »: https://git.io/fxKt7
<Unode>
error: in 'toFile': the file 'options.xml' cannot refer to derivation outputs, at /var/nixpkgs-channels/nixos/nixos/doc/manual/default.nix:80:16
<clever>
Unode: need to use pkgs.writeText (or writeTextFile) when the string has deps
<Unode>
clever: I am.
<Unode>
burp_CA_conf = pkgs.writeText "CA.cnf" ... later used as default = "${burp_CA_conf}"
<clever>
Unode: also, if your default value ever contains a storepath, you must do something special
<Unode>
special?
<clever>
Unode: you must also set defaultText to a string, containing the same expression
<clever>
so the manual can show the expression, rather then the storepath
<Unode>
not sure what that means
<Unode>
can you elaborate?
<clever>
default = pkgs.writeText "CA.cnf" ...; causes the documentation to just say default = /nix/store/foo-CA.cnf
<clever>
which is both useless, and causes the manual to depend on things it shouldnt
<clever>
so you need to also defaultText = ''pkgs.writeText "CA.cnf" ...'';
<clever>
then the manual can correctly render what the default is
<avn>
Unode: toString, not toFile probably
<avn>
but I not sure, I always very relaxed to doc stuff ;)
<fiatjaf>
I'm doing a project that uses both haskell and javascript. how can I create a derivation that includes both the haskell packages and the javascript packages I need to build my thing?
<fiatjaf>
I'm currently just doing the haskell side of it, creating a derivation with haskellPackages.callPackage and so on
<Unode>
clever: I'm still not entirely sure I understand. The mkOption in this context is meant to be a path to a file. However this file is also being generated through nix...
jtojnar has quit [Quit: jtojnar]
<Unode>
so if I understand what you are saying, the default of this mkOption should not be a file at all but the content instead?
<{^_^}>
[nixpkgs] @zraexy opened pull request #48764 → marble: Fix include install to dev output → https://git.io/fxKqO
<clever>
Unode: it should be the path
<clever>
but that path is winding up in the docs, causing your error
<clever>
so you also need a defaultText, that contains the same nix code as default, but quoted
<Unode>
clever: but then I'd be duplicating the text no?
<clever>
yes
<clever>
with the example i just linked, the documentation would just say "default is "/nix/store/29vz9534lcvj8hw0qycf4pm9sz89zac6-ferm-2.4.1"" which doesnt mean much
<clever>
but adding in defaultText, makes the docs claim "default is pkgs.ferm" which means a lot more
<Unode>
ok, I think I see what you mean.
<Unode>
though duplicating the text is something I don't like. Let me see if I can work around that. Thanks for your guidance, I see the issue now.
<clever>
you could also just have a string explaining what the default is doing