<nDuff>
infinisil, ...is there a way to provide multiple examples? spec can be one of several things -- a mount point, a key=value pair (with a key of LABEL, PARTLABEL, UUID, or others), &c; it's hard to accurately represent with just one example = "..." value.
<bsima>
clever: no, they are different hashes
<bsima>
but i'm on the same git branch, same version of macOS
<infinisil>
nDuff: Unfortunately no, would like to be able to do that too
equalunique has quit [Ping timeout: 272 seconds]
<ottidmes>
how can I make my derivation not use make, when I use buildPhase or installPhase it assumes make, I know that is the default, but how can I provide my own? I specify my installPhase by just doing installPhase = ''...''; I am confused because previous packages did not insist on make if I overwrote the phase
<ottidmes>
is it a nix shell thing?
jperras has joined #nixos
<infinisil>
ottidmes: Overwrite buildPhase as well?
<ottidmes>
infinisil: I already did initially, but then it fails on something similar, let me try again
<ottidmes>
also if I use nix-build rather than nix-shell the phases myself, I get: can't find file to patch at input line 3, I guess maybe something to do with srcRoot?
<infinisil>
Phew, not sure
<infinisil>
It seems that make should only run if it can find a makefile
<ottidmes>
infinisil: no Makefile, doing nothing (when defining it as buildPhase), while it actually is: buildPhase = '' ( source common/lib/modules/fglrx/build_mod/make.sh ) '';
<{^_^}>
[nixpkgs] @sorki opened pull request #50809 → wireguard: don't modprobe if boot.isContainer is set → https://git.io/fpWzz
<infinisil>
ottidmes: Huh, what's your full nix file?
goibhniu has quit [Ping timeout: 268 seconds]
aleph- has quit [Ping timeout: 244 seconds]
<ottidmes>
infinisil: just the regular phases, except that one, that one is based on a patched script, its kinda ugly and does not fit with the rest, so I kept it separate
<infinisil>
ottidmes: Wild guess: Could Nix interpret the `build` attribute as something special?
<infinisil>
I know `builder = ` has special meaning
<infinisil>
Probably better in any case to only use derivation attributes when you absolutely need them, and put everything in the `let in`. That way it can't influence it
<ottidmes>
infinisil: good point, will fix that
equalunique has joined #nixos
<nDuff>
Hmm. Before we merge the bees PR, I should probably also pick a lower default log verbosity. 6 is what upstream uses, yes, but it's unreasonably excessive.
<ottidmes>
infinisil: eval $buildPhase instead of the function buildPhase seemed to be the reason
<infinisil>
nDuff: Is there a problem with having too many logs? Maybe they intentionally put it this high by default so users reporting errors have the logs they need
<nDuff>
True 'nuff. Will leave it as-is, then.
equalunique has quit [Read error: Connection reset by peer]
<infinisil>
ottidmes: Huh, not getting that
<ottidmes>
infinisil: from the nixpkgs manual: "Each phase can be overridden in its entirety either by setting the environment variable namePhase to a string containing some shell commands to be executed, or by redefining the shell function namePhase."
rpg has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
equalunique has joined #nixos
<nDuff>
infinisil, ...re: the wrapper, I'm running this code on my primary build machine, so money-where-my-mouth-is. :)
<infinisil>
Yeah I noticed your shell code is quiet sophisticated
<infinisil>
Uses stuff I didn't even know existed
equalunique has quit [Ping timeout: 252 seconds]
<infinisil>
options[${piece%%=*}]=${piece#*=} <-- What is that incarnation of the devil?!
<mdash>
infinisil: i see you've discovered sh
<nDuff>
Heh. An associative array assignment with a parameter expansion on each side. ${piece%%=*} removes the longest substring matching =* from the end of the contents of piece; ${piece#*=} removes the shortest substring matching *= from the beginning.
<slack1256>
So it can tell me at what revision where all the profiles/channels 2 weeks ago.
<ottidmes>
slack1256: probably, but I dont know anything about it, just wanted to tell you that you maybe could use the Notice messages of this IRC channel to figure that out
<ottidmes>
gchristensen: no region zoom function? (I did that with my graph when using highcharts)
<gchristensen>
show me how?
<slack1256>
That's not it. I want a local log that tell me what generation was the default, or when did a rollback happen so I can recover the state of a system.
<slack1256>
You know, as with git reflog
<ottidmes>
gchristensen: hmm, I will try and see if I can find it somewhere, its been a while since I wrote that
<ottidmes>
slack1256: I pretty sure channels are just git checkouts, but I dont use nix-channel, so I am not 100% and cannot check, but if they are then you probably could just use actual git reflog
<clever>
bsima: use nix-copy-closure ti copy one to the other box, then nix-diff them
<clever>
slack1256: ls -lh /nix/var/nix/profiles/per-user/clever/channels*
mayhewluke has quit [Ping timeout: 272 seconds]
jackjennings has quit [Quit: Connection closed for inactivity]
jperras has joined #nixos
mayhewluke has joined #nixos
hyper_ch has quit [Ping timeout: 240 seconds]
<slack1256>
That tells me creation date. Maybe I rollbacked and used the previous generation for two more months. Then a year from now I will think I was using the wrong generation on november.
<clever>
and channel generation 8 happens to point to a dae9c...
<slack1256>
Yeah, you can recover from that!
<clever>
ottidmes: how does it fail?
acarrico has quit [Ping timeout: 240 seconds]
<ottidmes>
clever: builder for '/nix/store/zf1j8659x7sca4v7169623rfgqzgz6wf-radeon-crimson-15.12-15.302.drv' failed with exit code 1 (the line before is an echo from the build script, but it should not exit with 1 anywhere near that code without others echos)
<ottidmes>
clever: file /nix/store/mz2s1k1dwbdyvh3wpkw67hw6iwdadx3p-linux-4.18.17-dev/lib/modules/4.18.17/build/include/generated/autoconf.h says: SMP=1 (is the line before)
<clever>
ottidmes: add a set -x to the script
ninjin has quit [Remote host closed the connection]
<clever>
the stdenv sets a lot of special flags like exiting if any command returns a non-zero status
Chiliparrot has quit [Ping timeout: 252 seconds]
hedning has quit [Quit: hedning]
<ottidmes>
clever: awesome, now I only have to write a new x11 video driver module and I can test whether I can now run ati_unfree on 4.18 :)
cyounkins has joined #nixos
<ottidmes>
clever: if you use bash explicitly in a phase, would you add it as a build input?
<clever>
bash is part of the stdenv
cyounkin_ has joined #nixos
<ottidmes>
clever: I know, but I thought maybe just like gcc, if I use it explicitly, I am better of making it explicit in the dependencies as well, but I guess you cannot really replace bash, and if you do, it will be done in such a way that its still safe, so I will just keep it implicit then
<tobiasBora>
Hello,
equalunique has quit [Ping timeout: 252 seconds]
cyounkins has quit [Ping timeout: 252 seconds]
<tobiasBora>
I'd like to know, I need to have the "verboselogs" library to load some scripts. However, I tried pkgs.python3.withPackages + verboselogs, but it says that verboselogs does not exist.
<ottidmes>
Is there anyway to add a kernel package to nixpkgs without adding it to top-level? I do see a lib.makeExtensible, so I guess so, but I am not quite sure how
equalunique has joined #nixos
cyounkin_ has quit [Remote host closed the connection]
<ottidmes>
I am rebooting with my repackaged video driver, here is hoping it immediately works
<clever>
slack1256: no real way to know what something was built from, but you can try running nix-build -I nixpkgs=/foo -A bar on each channel generation, to see which one makes the version you want
<clever>
bl
<clever>
bbl*
Supersonic has quit [Ping timeout: 252 seconds]
<gchristensen>
does nixpkgs contain a tool to parse out an email's header on the cli?
<ottidmes>
It was too good to be true for it to work immediately, but still, it loaded the module just fine, and errors with stacktraces and such, only that it restarts a few time in a row
Supersonic has joined #nixos
<ottidmes>
(missing an important word, _no_ errors and stacktraces and such)
<mdash>
ottidmes: mmm, amdgpu driver no good for you?
<ottidmes>
mdash: nope, I tried all of them, none work, except modesetting and ati_unfree (under kernel 4.4), there is a huge bugzilla ticket for it, but without any progress in years
slack1256 has quit [Remote host closed the connection]
<ottidmes>
mdash: but since Arch Linux supports ati_unfree for kernel 4.18, I am trying to make NixOS version of ati_unfree to also work under 4.18
<mdash>
ottidmes: aha.
thc202 has quit [Ping timeout: 240 seconds]
<ottidmes>
mdash: it compiles under 4.18 now, and it loads, but I see no real errors unfortunately, I rather had a big red error... now it just restarts the display manager a few times until it finally gives up
<mdash>
ottidmes: i had similarly disappointing experiences trying to get amdgpu-pro working.
aleph- has joined #nixos
<{^_^}>
[nixpkgs] @peterhoeg opened pull request #50817 → pythonPackages.pyupdate: init at 0.2.16 → https://git.io/fpWrD
<ottidmes>
mdash: with them I get a black screen with a underscore, for eternity... with radeon it really errors, like a log full of errors, and with my updated ati_unfree it still shows me the login TTY
<mdash>
which gpu do you have?
<ottidmes>
ATI Radeon HD7870 XT (its an inbetween card, which probably causes radeon to fail)
acarrico has joined #nixos
jmeredith has quit [Quit: Connection closed for inactivity]
<mdash>
ah, same series as mine
<ottidmes>
mdash: same series, but internally considered of the next series, its weird
<mdash>
(7770 XT)
<mdash>
fortunately bitcoin price is coming down so maybe gpu prices will too
<ottidmes>
I bought it second hand because it supported my 4k display
<ottidmes>
mdash: thats what I am hoping too, if I wanted a high end at the time, it would have cost me almost as much as the actual whole desktop at the time cost me...
<ottidmes>
mdash: I found a bug in my nix code, so I am going to reboot again, wish me luck!
<ottidmes>
mdash: whohooh!! I am typing this under: Linux 4.18.17 and ati_unfree :D
<mdash>
ottidmes: congrats :D
<ottidmes>
well, my version of ati_unfree: radeon-crimson (based on both the Arch Linux package and the existing ati_unfree)
<jackdk>
I am frustrated that this is _still_ the state of graphics under linux. I'm planning my next purchase and am hoping to keep off nvidia because of their general attitude. usually I get the beefiest laptop I can with intel graphics, but they all go to hybrid or nvidia as you max them out
<mdash>
jackdk: i get the impression newer cards do better with the new open source amd driver.
<ottidmes>
ah ok, then you are in luck and have a normal GPU of that series, mine is a bit weird and I tried your setup as well, did not work :( ah well, ati_unfree is good enough for me, its just that I wanted a recent kernel
rpg has joined #nixos
Brejic has joined #nixos
equalunique has quit [Read error: Connection reset by peer]
<kyren>
is there a way to tell nix-shell to actually evaluate the given derivation with -A rather than the dependencies of that derivation?
<{^_^}>
[nixpkgs] @delroth opened pull request #50823 → nixos.tests.keymap: use new name of the colemak/en-latin9 keymap → https://git.io/fpWKR
hlolli_ has quit [Ping timeout: 246 seconds]
<kyren>
what I'm actually trying to do is build a derivation that is not in nixpkgs and make it available to a shell, if there's some easier way of doing this
<kyren>
I think I can do it using a dummy derivation as an argument to -E, but that seems super wrong
<delroth>
nix-shell -p ?
<kyren>
I think that only works for things inside nixpkgs
<delroth>
ahh, possibly
<ottidmes>
kyren: I use: nix-shell-this='nix-shell --expr '\''with import <nixpkgs> {}; callPackage ./. {}'\' and nix-build-this='nix-build --expr '\''with import <nixpkgs> {}; callPackage ./. {}'\' (in the directory containing the default.nix)
<kyren>
ah, okay yeah using a dummy derivation seems to be the only way then?
<kyren>
if that's actually what's going on there, I think I'm following the details but it's very possible that I'm confused
<ottidmes>
kyren: ah, I get now, let me try
<ottidmes>
kyren: after reading the manpage, creating a dummy is basically what nix-shell -p does, and you meant that you wanted to do nix-shell -p my-pkg-outside-nixpkgs, right?
<ottidmes>
so given that, we can combine that with my thing
<kyren>
it makes sense, that's basically what I was asking
<kyren>
I knew I could do it that way but it felt gross, but I guess it's not actually gross and that's just the way it's done
drakonis has joined #nixos
romanofs1iWork has quit [Quit: leaving]
drakonis1 has quit [Quit: WeeChat 2.2]
<ottidmes>
kyren: so if you want it to behave like nix-shell -p, it would become something like: nix-shell --expr 'with import <nixpkgs> {}; runCommand "dummy" { buildInputs = [ (callPackage ./. {}) ]; }' (untested)
<ottidmes>
kyren: you might want to turn it into a shell function instead, so that you can pass it an argument containing the path to your nix file, rather than assuming ./default.nix (which is what ./. is)
rpg has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
mayhewluke has quit [Ping timeout: 252 seconds]
mayhewluke has joined #nixos
jperras has quit [Ping timeout: 264 seconds]
jperras has joined #nixos
vmandela has joined #nixos
vmandela_ has joined #nixos
vmandela_ has quit [Client Quit]
worldofpeace has quit [Ping timeout: 244 seconds]
jpdoyle has joined #nixos
<jpdoyle>
Is there a way to get `nixos-rebuild` to not verify SSL certificates?
vmandela has quit [Ping timeout: 240 seconds]
<jpdoyle>
I have a pre-nix-2.0 machine with expired CA certs and I haven't been able to get it to either receive packages from a nearby computer I have as a binary cache, or use CA certs I pulled from that computer, or ignore CA certs completely
jtojnar has joined #nixos
jperras has quit [Ping timeout: 268 seconds]
worldofpeace has joined #nixos
worldofpeace has quit [Read error: Connection reset by peer]
worldofpeace_ has joined #nixos
jperras has joined #nixos
random_yanek has joined #nixos
rauno has joined #nixos
drakonis has quit [Remote host closed the connection]
<MasseR>
I have a remote builder set up, but it's not always accessible to me. Can I have by default distributedBuilds = false; and then when doing 'nix build' specify that for this specific build I want to use the remote builder?
<locallycompact>
Specifically the #INT_MAX example
<locallycompact>
But I get
<locallycompact>
Symbol "#INT_MAX" not found
<locallycompact>
user error (Could not call foreign function "#INT_MAX" with args [])
<locallycompact>
Is this nix-related or?
civodul has joined #nixos
<MasseR>
Can I combine multiple $src? I have a use case where I'm using hpack with a yaml include directive for a relative path that's outside of the project dir
<MasseR>
So basically when running hpack in the nix sandbox, it complains that it can't find that file
freeman42x]NixOS has joined #nixos
<schmittlauch[m]>
I just read the NixOS paper and now have some questions about wrappers, when and how they're used:
<schmittlauch[m]>
According to the paper, Nix has a way of detecting runtime dependencies between packages (and their binaries) and tries to substitute/ fix them up already at build. But at the same time I see a heavy usage of shellscript-wrappers in nixpkgs, adjusting the PATH, PYTHON_PATH and other env vars before launching the actual binary. So when are wrappers necessary/ the better/ more convenient approach?
jperras has quit [Ping timeout: 268 seconds]
jperras has joined #nixos
xelxebar has joined #nixos
mayhewluke has quit [Ping timeout: 244 seconds]
mayhewluke has joined #nixos
xelxebar has quit [Client Quit]
palo has joined #nixos
srl295 has quit [Quit: Connection closed for inactivity]
<srhb>
schmittlauch[m]: The automatic "detection" is really very simple -- we look for store paths in the output of a given derivation.
freeman42x]NixOS has quit [Ping timeout: 276 seconds]
jperras has quit [Ping timeout: 244 seconds]
<srhb>
If the mere presence of a store path is not sufficient for a given runtime dependency, or its store path isn't even in the output of the dependent, that won't suffice.
<srhb>
Without being a python-nix expert, I will assume there's two issues: 1) the full store path of a given python dependency won't necessarily be present in the output and 2) the existence of a dependency store path does not mean we automatically get a python interpreter that knows about that dependent.
<schmittlauch[m]>
srhb: and for store-paths to appear in there, the build process already needed to acquire the runtime-dependency's path (e.g. in configure phase), so if the program instead just called the program by name it needs to be wrapped or patched, right?
<srhb>
schmittlauch[m]: Right.
<tilpner>
Huh, ntpd sort of works, but is off by exactly (to the minute) 40 years
<srhb>
schmittlauch[m]: As an example of a place where the automatic detection works really well: Linked libraries. Binaries will contain the exact store path of their dependencies, and nix needs no further information to track them.
<schmittlauch[m]>
srhb: Funny that something essential like this isn't mentioned in the paper. Or was this approach only introduced after 2008?
<srhb>
schmittlauch[m]: I think the paper is biased towards lower level things. The approach is, eventually, the exact same for python: The wrapper ends up containing the store paths of the dependencies, and thus automatic detection works.
orivej has joined #nixos
<srhb>
So wrapping becomes a way of helping the detection actually work for things that don't behave like eg. linked libraries.
__Sander__ has joined #nixos
<srhb>
schmittlauch[m]: That is, reducing one problem to the already solved one. :)
<schmittlauch[m]>
srhb: last question: Is wrapping a program already part of the stdenv default process, or do I need to `wrapProgram` explicitly for runtime binary-call program dependencies to work? (additionally to putting them into buildInputs?
<srhb>
schmittlauch[m]: If the full store paths of the runtime dependencies are already present in your output, nix will register the dependencies automatically.
<srhb>
schmittlauch[m]: If not, you need to do the wrapping, or something similar, to bring in the store paths of the dependencies yourself.
<yl[m]>
has anyone here deployed a windows server on a NixOps managed machine? What virtualization system did you use?
<srhb>
schmittlauch[m]: You can always just build and check if you have runtime deps missing post-hoc.
<schmittlauch[m]>
srhb: but if an application calls a tool just by name, not by the full (store) path, the PATH env needs to be modified -- probably by a wrapper
<srhb>
schmittlauch[m]: Indeed.
<srhb>
schmittlauch[m]: That's up to you (if it isn't handled by an automatic fixup, as joko linked to above)
<joko>
If you don't override fixup phase, it mainly applies patchelf and rewrites interpreter paths
<schmittlauch[m]>
thx a lot. I knew there was something missing when reading the paper (:
xelxebar has joined #nixos
<srhb>
schmittlauch[m]: All our helpers basically reduce to the "essential method" as outlined in the paper, but we definitely have a ton of helpers for making that happen, depending on the ecosystem.
<srhb>
C and Python are very different beasts, after all.
<schmittlauch[m]>
Fantastic Beasts and how to link them
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
Myrl-saki has joined #nixos
Tucky has joined #nixos
locallycompact has quit [Remote host closed the connection]
<srhb>
gchristensen: "no space left on device" and other fun stuff https://logs.nix.ci/?key=nixos/nixpkgs.50823&attempt_id=f4ff461c-eebd-4db8-b517-31a82cccfdcd :(
<MasseR>
schmittlauch[m]: not sure if I'm answering your question, but if there is for example a python script in the $out directory that has +x, the #!/usr/bin/python or similar will be converted automatically to a nix store path -> automatic detection works
<MasseR>
no explicit wrapping needed in that case
<{^_^}>
[nixpkgs] @srhb merged pull request #50823 → nixos.tests.keymap: use new name of the colemak/en-latin9 keymap → https://git.io/fpWKR
<{^_^}>
[nixpkgs] @pmiddend opened pull request #50834 → pyCA: init at 2.1 → https://git.io/fpWFu
xelxebar has joined #nixos
xelxebar has quit [Client Quit]
Phillemann has joined #nixos
<Phillemann>
I'm trying to update the activemq package, to which belongs a service. How can I test this service with my new activemq package?
<Phillemann>
The service simply uses "with pkgs;" and then references activemq.
<hyper_ch2>
Mic92: instead of using a key on the root partition, how about also using a password to unlock a second pool and have it import in the postCommand section before the "echo zfs load-key -a" is issued? that way you'd get 2 prompts for password but it will be ready then to directly mount datasets
xelxebar has joined #nixos
<{^_^}>
[nixpkgs] @Mic92 opened pull request #50835 → Go cross compilation (the compiler) → https://git.io/fpWNJ
mkoenig has quit [Remote host closed the connection]
<Mic92>
zimbatm: hyper_ch2: I guess this could work.
<WilliamHamilton[>
if I use this command `nix-shell -p "with import <nixpkgs> {}; pkgs.haskellPackages.ghcWithPackages (p: [(pkgs.haskellPackages.callCabal2nix /home/carlo/code/haskell/forks/explicit-sharing)])" --run ghci`
<gchristensen>
"Mentally prepare myself to cross-compile rust." :'D hahaha
mayhewluke has joined #nixos
<cryptix>
hi! can somebody tell me where nixops keeps it's db/state? i build something using nixpkgs master that I can't destroy... https://github.com/NixOS/nixops/issues/1052
<{^_^}>
nixops#1052 (by cryptix, 4 minutes ago, open): error: called without required argument 'pkgs'
<tilpner>
Try ~/.nixops
<cryptix>
that... was too easy. thanks tilpner. yea I see the sqlite file and locks
jperras has quit [Ping timeout: 244 seconds]
<LnL>
gchristensen: oh, that works?
<exarkun22>
huh ... "error: a 'armv7l-linux' is required to build '/nix/store/qx65g3d85dl053yg3x2znslcqwbs5zsj-linux-4.18.12.drv', but I am a 'x86_64-linux'" ... after building 800 other packages for armv7l-linux...
<gchristensen>
you need to add big-parallel to the features field of your your /etc/nix/machine file
<exarkun22>
:(
fendor has joined #nixos
<exarkun22>
ten hours lost
<gchristensen>
nothing should be lost?
<gchristensen>
unless this error was thrown 10 hours ago and sat idle for 10hrs
<exarkun22>
that
<etu>
Or the current build was building for 10 hours and failed?
<exarkun22>
teach me to ever sleep, ever
<gchristensen>
the current build would not fail with that error
jperras has joined #nixos
jasongrossman has quit [Read error: Connection reset by peer]
<gchristensen>
ouch, exarkun22 :(
<exarkun22>
on the plus side, now I won't miss any of the excitement of watching linux build on a 125 bogomip qemu-arm.
* exarkun22
has flashbacks to 1997
<tilpner>
Building linux 4.20-rc1 with default config on qemu-user for aarch64 took me 5.5h
<tilpner>
Good luck :/
jperras has quit [Ping timeout: 264 seconds]
<exarkun22>
tilpner: thanks :)
<tilpner>
(I have since been cross-compiling them, which is faster)
<exarkun22>
o/` tii-ii-iime is on my side ... yes it is o/`
<exarkun22>
tilpner: yea cross compiling would be awesome! I can't wait for nixos to not use perl anywhere.
<tilpner>
Building perl natively + cross-compiling linux might still be faster than qemu-user compiling linux
<tilpner>
No wait, that doesn't make sense. What's your problem with perl?
max___ has joined #nixos
jperras has joined #nixos
<symphorien>
I wonder if an overlay is enough to have "cross compiled everything except native perl"
max___ has left #nixos [#nixos]
max___ has joined #nixos
<tilpner>
You can definitely mix qemu-user compiled and cross-compiled packages in a system config
alex`` has quit [Ping timeout: 264 seconds]
jperras has quit [Ping timeout: 252 seconds]
<max___>
I am having a bit of trouble of getting my LUA_PATH set, so I created a nix expression (https://gist.github.com/eugeneia/44b88a6fcbc937e1139def37f4b85ee5) and want to be able to nix-shell test.nix and then then luajit -l luacheck (nix-shell -p luajit luaPackages.luacheck works as expected, what’s the difference?)
max___ has quit [Quit: max___]
thekolb_ has joined #nixos
<thekolb_>
I am having a bit of trouble of getting my LUA_PATH set, so I created a nix expression (https://gist.github.com/eugeneia/44b88a6fcbc937e1139def37f4b85ee5) and want to be able to nix-shell test.nix and then then luajit -l luacheck (nix-shell -p luajit luaPackages.luacheck works as expected, what’s the difference?)
<avn>
exarkun22: if you like meditating on build logs, you can rebuild chromium ;)
<MasseR>
What's the difference between fetchGit and pkgs.fetchgit?
<thekolb_>
ok here I go again (sorry if this is a duplicate message, IRC woes...), I have this nix expression (https://gist.github.com/eugeneia/44b88a6fcbc937e1139def37f4b85ee5) and I would expect it to behave (when called with nix-shell) exactly as nix-shell -p luajit luaPackages.luacheck, but alas when using the nix expression LUA_PAtH is not set. What is the difference?
<exarkun22>
tilpner: So I could do that and set `boot.kernelPackages = crossPkgs.linuxPackages_latest;` (instead of pkgs.linuxPackages_latest`) and then I would get native-compiled-everything-except-cross-compiled-linux?
iyzsong has joined #nixos
<tilpner>
Yes
EarlDeLaWarr has joined #nixos
<exarkun22>
It feels like a pretty wonky abstraction violation (encoding details of my build system into the logical definition of my host) ... but maybe that's okay.
<tilpner>
I use it with nixpkgs.localSystem = lib.systems.examples.aarch4-multiplatform;
<hyperfekt>
Is there any way to execute a command with a certain nixpkgs as the environment? Specifically I'm trying to use 'carnix build' which uses nix to build a project, but creates a file which takes a package as argument that doesn't exist in stable yet. I tried "nix-shell -p carnix --command "carnix build" '<nixos-unstable>'" but I still get "error: undefined variable 'buildRustCrateHelpers'"
<thekolb_>
why would buildLuaPackage build a lua 5.2 package even though I have it in a "let lua = luajit in"?
<ottidmes>
I have updated ati_unfree to work with kernel 4.18, but I do get one error every time I start a GPU using program (although it still seems to function fine). I have no experience with fixing such errors, so I have no idea how to approach it. I tried googling it, but that did not help. Here is the error: https://gist.github.com/ottidmes/ab4e1f51e2c3ef592799de5e0d2f4771
<thekolb_>
I.e. the lua.version inside the build is 5.1, but luaPackages.getLuaPath <myderivation> returns a path for 5.2?
ng0 has joined #nixos
<ottidmes>
thekolb_: use luaPackages insead maybe?
<ottidmes>
thekolb_: copy paste did not work: luajitPackages
<ottidmes>
thekolb_: or if you want to use your own special build of luajit, you have to check pkgs/top-level/all-packages.nix and you will see: luajitPackages = recurseIntoAttrs (callPackage ./lua-packages.nix { lua = luajit; }); and that luaPackages = lua52Packages; (hence it using 5.2)
<kai_w>
I have package_a, which depends on package_b, specifically it loads a .so from package_b at runtime. How do I make sure package_b is available in the sandbox for everything that depends on package_a?
cyounkins has joined #nixos
<clever>
kai_w: add it to either the rpath or the LD_LIBRARY_PATH
<thekolb_>
ottidmes: thanks, I didn’t even know luajitPackages existed
<bbarker>
I'm guessing the answer is no, but it is it possible to specify in configuration.nix some commands to be executed one time, or to specify the existence of symbolic links, e.g.: ln -s /run/current-system/sw/bin/chown /bin/chown ?
<symphorien>
systemd-tmpfiles can probably do this
<ottidmes>
bbarker: activationScripts or a systemd service
Itkovian has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
cyounkin_ has joined #nixos
boogiewoogie has joined #nixos
<Orbstheorem>
when watching the nixcon videos, many people say stuff like “before hearing what's been planned for nix”. Are they talking about the Nix roadmap video or was it another talk not in the yt channel?
cyounkins has quit [Ping timeout: 252 seconds]
CcxWrk has joined #nixos
<bbarker>
ottidmes - thanks! activationScripts seems to work nicely
<clever>
bbarker: just be carefull that you dont crash in an activation script
<clever>
bbarker: that can result in systemd not being found
<{^_^}>
[nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fplGY
<bbarker>
clever, ah, good to know
<clever>
a few months ago, somebody tried doing network in an activation script
<clever>
and he then went without rebooting for months, so it worked at nixos-rebuild time
<clever>
and then when he finally did reboot, it didnt come up
waleee has joined #nixos
<infinisil>
gchristensen: Are you using ZNC?
<infinisil>
The module settings in ZNC are stateful, and I've been annoyed by this for a while
<clever>
infinisil: it looks like just weechat
<infinisil>
Every time I set up a new server and need my config, i have to manually copy the config files over or reset everything
<infinisil>
I'm gonna generate those with Nix instead now, having it also declarative with NixOS
<infinisil>
clever: ZNC is an entire IRC server itself, so you can use any client with it
<clever>
infinisil: but when it connects to a given network (like freenode), it has to have some kind of reply to ctcp version
<clever>
and gchristensen responds with weechat when ctcp version'd
<infinisil>
Not sure what's the problem
vasarmilan has joined #nixos
<vasarmilan>
hi! version 18.09 graphical installer does not boot with error msg "mount: mounting /dev/loop0 on /mnt-root/nix/.ro-store failed: Invalid argument", it has worked previously (i used 18.03 on that machine for a while), do you have any idea what can be the problem?
drakonis has joined #nixos
<Taneb>
clever: I think ZNC just forwards that to connected clients
<{^_^}>
[hydra] @rbvermaa pushed to master « Add duration to Slack notification. »: https://git.io/fplZ9
<clever>
Taneb: but if no clients are connedted, it has to answer with something
<clever>
Taneb: and if 2 clients are connected, which client answers?
<clever>
vasarmilan: how did you image the iso onto the usb?
<vasarmilan>
clever: using dd (checksum is all right)
<clever>
vasarmilan: and it was written to the root of the device?
<vasarmilan>
I used the command "dd if=... of=/dev/sdb bs=4M"
<clever>
i would expect that to work
Phillemann has left #nixos ["WeeChat 2.3"]
iyzsong has quit [Ping timeout: 252 seconds]
<vasarmilan>
clever: it has worked before
<vasarmilan>
also there is a message "squashfs: SQUASHFS error: unable to read id index table", if that's useful
<vasarmilan>
before the invalid argument one
ottidmes has quit [Quit: WeeChat 2.2]
<exarkun22>
done ...
<clever>
vasarmilan: my only guess is that using bs=4mb, you cut the image short
<clever>
vasarmilan: try a bs=1024?
<vasarmilan>
clever: i have tried that too, same :(
Itkovian has joined #nixos
Itkovian has quit [Client Quit]
<clever>
vasarmilan: try downloading a different iso?
<vasarmilan>
clever: same with iso nixos-graphical-19.03pre159472.80738ed9dc0-x86_64-linux.iso
<samueldr>
just verified locally, nixos-graphical-18.09.1373.50fb6820759-x86_64-linux.iso boots without issue in qemu
<samueldr>
if you have another spare usb drive, I would recommend trying it
<samueldr>
just in case
<{^_^}>
[nixpkgs] @florianjacob opened pull request #50841 → nvidia_legacy_340: update to make it compatible with current kernel → https://git.io/fplcr
hyper_ch2 has quit [Ping timeout: 256 seconds]
qtoni has joined #nixos
thekolb_ has quit [Ping timeout: 256 seconds]
leotaku has joined #nixos
qtoni has quit [Ping timeout: 268 seconds]
vbernat has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @leo60228 opened pull request #50842 → msbuild: init at 15.8 → https://git.io/fplli
<vasarmilan>
samueldr: tried with two different (other) USB sticks, I first thought the other one was faulty, none of them even start to boot.
<vasarmilan>
could this be a hardware issue with my laptop?
hedning has quit [Quit: hedning]
<gchristensen>
infinisil: whats up?
hedning has joined #nixos
<infinisil>
gchristensen: Huh?
<gchristensen>
infinisil: you asked if I was using ZNC (I'm not, I don't grok how to really use it)
qtoni has joined #nixos
<infinisil>
Ah, just wanted to ask because if you do you might have the same frustrations with it as me
m0rphism has quit [Quit: WeeChat 2.2]
qtoni has quit [Ping timeout: 245 seconds]
acarrico has joined #nixos
<gchristensen>
got it :) I found ZNC too frustrating to really deal with, so I just went back to weechat in screen
fendor has quit [Remote host closed the connection]
<Taneb>
I use a ZNC server which I don't administrate
fendor has joined #nixos
lesh has joined #nixos
hyper_ch2 has quit [Ping timeout: 256 seconds]
lfish has joined #nixos
<vasarmilan>
samueldr, clever: dd-ing once again after reboot and on another stick worked... so probably there was a problem writing it to the USB. thank you for your time!
reinhardt has quit [Quit: Leaving]
<lfish>
hello, I am using nixos 17.09, I started having problems with the version of nix and nixpkgs not matching. I updated nix to version 2.1.3, but the old nix-daemon keeps spawning and I get errors of standard functions not being supoprted
<lfish>
any idea on how to solve this, set the daemon of the newer version to spawn if possible?
pip3000 has joined #nixos
<pip3000>
Hello. I need help with python on nixos. I want to run this tool: https://github.com/rvalles/brntool. When i execute the python script i get an error: ModuleNotFoundError: No module named 'serial'
<pip3000>
I've already changed shebang to .../.nix-profile/bin/python
Lisanna has joined #nixos
<pip3000>
and installed the pyserial nixos package
<Lisanna>
do I need anything other than "services.xserver.enable = true" and "services.xserver.desktopManager.gnome3.enable = true" to get the gnome point-and-click desktop?
<{^_^}>
[nix] @KaiHa opened pull request #2551 → repl: give user the choice between libeditline and libreadline → https://git.io/fplRE
<vasarmilan>
pip3000: try with nix-shell -p python37Packages.serial (with your python version instead of 37)
r5d has quit [Ping timeout: 264 seconds]
<pip3000>
thanks vasarmilan
aminechikhaoui has quit [Excess Flood]
aminechikhaoui has joined #nixos
jabranham has joined #nixos
jD91mZM2 has joined #nixos
<{^_^}>
[nix] @edolstra merged pull request #2551 → repl: give user the choice between libeditline and libreadline → https://git.io/fplRE
Lisanna has quit [Remote host closed the connection]
erasmas has joined #nixos
cyounkin_ has quit [Remote host closed the connection]
cyounkins has joined #nixos
raghdam has joined #nixos
raghdam has quit [Client Quit]
<lesh>
hi, I've broken my bash profile on kvm/nixops deployed servers, how would I go about rolling back this change? further deploys report errors as the profile doesn't load correctly..
<cyounkins>
`# mount | grep 'run/user'` = `tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=404692k,mode=700)`
<cyounkins>
Where do I find what is creating the above tmpfs? It is too small, causing "nix-shell -p nox --run "nox-review wip"" to fail due to out of space on the tmpfs
<illegalprime>
I have nixos on a raspberry pi 2 and followed the template for the nix config. I rebuilt with dezgeg's cache but nix started trying to build gtk+ and a lot of strange stuff. I just have the template + ssh saved in configuration.nix
<vasarmilan>
i have succesfully installed nixOS 18.09 (or at least it seems so), however, NixOS stage 1 fails with the following: "mounting unionfs on /mnt-root/nix/store failed: No such device". any idea?
jtojnar has joined #nixos
ottidmes has joined #nixos
endformationage has joined #nixos
<cyounkins>
Answer for my question above for posterity: RuntimeDirectorySize= in /etc/systemd/logind.conf Can set services.logind.extraConfig = ''RuntimeDirectorySize=50%''
<lfish>
how do I kill the current nix-daemon and spawn a new one in nixos?
<{^_^}>
[nixpkgs] @romildo opened pull request #50844 → zafiro-icons: init at 0.7.2 → https://git.io/fplzK
<Mic92>
illegalprime: you might need to find out what channel revision the cache was built with and it also not contain all packages.
<lfish>
cyounkins: I have two versions of nix installed (my bad, I guess), do you know how can I set which one should spawn its daemon?
asymmetric has joined #nixos
<asymmetric>
is anyone else having trouble with the git-credential-cache daemon on nixos?
<cyounkins>
lfish: Sorry, no I don't.
<asymmetric>
i don't know if it doesn't start or what, but my credentials don't get saved, although it's configured in my ~/.gitconfig
<boogiewoogie>
hey, I'm trying to package something. I think I'm almost there, except the build process isn't regular. instead, a script named 'setup' sitting in the source folder has to be run. I'm using https://pastebin.com/51Q6gewE as default.nix, and doing `buildPhase` in the nix-shell tells me there's nothing to build. what to change?
<ajs124>
boogiewoogie, you can just override the buildPhase
<Mic92>
I could need a sometimes a builder for macOS compared what we have for aarch64.
<gchristensen>
yes, having a decent macos machine would be nice, but tragically not allowed
<mdash>
they stopped making them years ago
<vasarmilan>
cyounkins: thanks, but can you show me how should I run this file? I booted into the installation media, cloned the repo and ran the file; but it fails with "mkdir: command not found" (line 71), so I guess PATH is not correctly set
asymmetric has quit [Ping timeout: 252 seconds]
<illegalprime>
Mic92: Jo
<illegalprime>
oops, meant to say Mic92 jophish gchristensen, thank you! I'll try that
<cyounkins>
vasarmilan: I'm sorry I wasn't clear. It appear that script is the stage 1 loader. You had said it failed during stage 1. I was hoping you could tell me how far into the script it got.
<cyounkins>
You need not clone the repo and run it.
<illegalprime>
all I really want is to enable ssh on my pi. I think it's failing at building libtiff, which is needed by some other UI library. But I didn't specify any UI
<hyperfekt>
I need some help. My symlinks are somehow fucked up in a weird way. Entries in the KDE app launcher won't update to reflect changes after switching configurations and neither will desktop files. Maybe related, maybe not, the link to the binary in $PATH is to an outdated version from an old unstable instead of the current one in unstable despite running the rebuild with --upgrade. I am very confused.
<Mic92>
hyperfekt: this happend to me, when moving packages from configuration.nix to my own profile.
<Mic92>
logging out and restarting the display-manager also helps sometimes to fix kde services.
<goibhniu>
hyperfekt: try running kbuildsycoca5
equalunique has quit [Ping timeout: 244 seconds]
mekeor has joined #nixos
<kreisys>
Is there any way I can stop Hydra from complaining about attributes that aren't derivations? https://pastebin.com/7rKZQYTG
equalunique has joined #nixos
asymmetric has joined #nixos
<hyperfekt>
Mic92: I rebooted in between just to make sure. kbuildsycoca5 gives '"applications.menu" not found in ()' Curiously, packages are still installed via configuration.nix, but I did set some configs via home-manager, but made sure to prevent it from installing any packages - also it doesn't touch the package that's being all weird.
<{^_^}>
#20776 (by FRidh, 1 year ago, open): Application launcher menu is not updated
<Mic92>
Mhm there is no infrastructure yet in nixos to do this automatically
<{^_^}>
[nixpkgs] @7c6f434c pushed to release-18.09 « Merge pull request #50839 from taku0/flashplayer-31.0.0.153 »: https://git.io/fploE
<Mic92>
maybe some user service.
<vasarmilan>
cyounkins: it seems to fail in line 501 if I understand it correctly
<hyperfekt>
goibhniu: Either that or not running kbuildsycoca5 as root did the trick -_-
<hyperfekt>
Now I'm still wondering how the hell I can get a version in my $PATH that is not in stable, but was committed to master 17 days ago, when nixos-unstable is 2 days old and I'm taking it from there (yes, I'm doing --upgrade)? That shouldn't even be possible.
<jpdoyle>
gchristensen: Figured out the thing that was going on with the certificate errors -- turns out the machine had its hardware clock set to 2167, so it thought all the certs had expired
max3raza has quit [Quit: ZNC 1.6.3+deb1ubuntu0.1 - http://znc.in]
goibhniu has quit [Ping timeout: 246 seconds]
<hyperfekt>
sudo nix-channel --list shows 'nixos-unstable https://nixos.org/channels/nixos-unstable', and I'm doing 'unstable = import <nixos-unstable> {};' and then 'environment.systemPackages = with pkgs; [ unstable.brave ]'. The start menu not updating I can understand as a bug, but this is making me go insane. If I import nixpkgs from a directory instead, it works just fine.
<gchristensen>
jpdoyle: hah!
lfish has quit [Quit: Page closed]
<hyperfekt>
The only thing I can imagine is a bug in either nix or the channels, but that's rather unlikely. Crucially, it is being installed from that line, because if I comment it out I get no binary at all.
max3raza has joined #nixos
<cyounkins>
vasarmilan: Hmm give me a few. It would be good to find where that script is on the drive, and then add `set -x` to it.
<joko>
hyperfekt: have you initialized the channel, as in sudo nix-channel --update nixos-unstable?
<hyperfekt>
joko: I've been using that channel to get the same package before (with the correct version), but I'll gladly reinitialize it.
<joko>
hyperfekt: oh, and are you sure pkgs.unstable.brave is valid?
<joko>
It might be unstable.pkgs.brave
<hyperfekt>
No, I'd rather hope it's not. I'm using the with for other packages that I left out here. It should just come from the unstable that I have in a let.
<joko>
or wait, unstablePkgs = import <nixos-unstable> {}; and environment.systemPackages = [ unstablePkgs.brave ];
<cyounkins>
vasarmilan: looks like it should be at `/nix/store/*-nixos-18.09*/nixos/nixos/modules/system/boot/stage-1-init.sh` Perhaps someone else could explain how that is mounted? On my working machine it appears /dev/sda3 is mounted as both / and /nix/store
sigmundv has quit [Ping timeout: 250 seconds]
chimay has quit [Ping timeout: 268 seconds]
<hyperfekt>
Yeah, that's (minus the with pkgs for other packages ) what I'm doing. I'm just getting a very wrong result.
rpg has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<joko>
hyperfekt: how about environment.systemPackages = with pkgs; [ ... ] ++ [ unstablePkgs.brave ];
jperras has quit [Quit: WeeChat 2.2]
<symphorien>
cyounkins: the latter is a normal (it is a bind mount)
<hyperfekt>
joko: Okay, apparently reinitializing the channel seems to have fixed it - despite me definitely having been on a sufficiently up-to-date version to get it before. super fucking weird
<joko>
alright :D
<cyounkins>
vasarmilan: Try adding one of those or both as kernel args. It should be in the nixos manual how to do that.
<hyperfekt>
joko: Thanks for your help! :)
goibhniu has joined #nixos
<cyounkins>
vasarmilan: Once there, it should print out each command. I'm not sure what is missing for the unionfs mount.
chimay has joined #nixos
Ariakenom has joined #nixos
<hyperfekt>
joko: I know what it was. I had used master before because unstable only recently updated. If in doubt, weirdness is more likely to lie in the human brain than the computer.
<hyperfekt>
joko: Still, the --upgrade doesn't seem to have done its job for some reason.
<vasarmilan>
cyounkins: ok, thanks! I'll try that. but I've also found the following in my (auto-generated) hardware-configuration.nix file: filesystems."/nix/store" = {device = "unionfs";...
<hyperfekt>
joko++
<{^_^}>
joko's karma got increased to 3
<vasarmilan>
so I try removing that before.
<hyperfekt>
goibhniu++
<{^_^}>
goibhniu's karma got increased to 2
<vasarmilan>
cyounkins: as I haven't found that expression in the example hardware-configurations on the internet, so maybe it shouldn't be there... and somehow there was a problem with generating the config
<cyounkins>
vasarmilan: What is the rest of it?
<cyounkins>
By that I mean the definition for /nix/store
<vasarmilan>
what I'm trying now is that I commented out everything but the definiton of /mnt/ and /mnt/boot, and changed them to / and /boot
<vasarmilan>
as that seemed more similar to the hardware-configuration.nix files that I saw online...
asymmetric has quit [Ping timeout: 260 seconds]
<cyounkins>
vasarmilan: was that hardware-configuration generated by nixos-generate-config ?
<vasarmilan>
cyounkins: yes
<hyperfekt>
vasarmilan: The cause of the /mnt prefixes likely was running nixos-generate-config without --root /mnt
<cyounkins>
Interesting. That seems like a bug because the unionfs doesn't specify what to union
<vasarmilan>
hyperfekt: oohh I see, that was probably it...
<cyounkins>
Ah good call
<cyounkins>
Did you say the config generation erred?
<vasarmilan>
hyperfekt, cyounkins: I re-generated it using the --root argument and now it doesn't have the definition with unionfs and all the others...
<vasarmilan>
so it'll probably work like this
<vasarmilan>
cyounkins: the config generation was fine, I just used the --dir flag as there was already files in /mnt/etc/nixos
<vasarmilan>
thank you! and sorry for making such a dumb mistake :D
rpg has joined #nixos
<cyounkins>
Glad to help
<hyperfekt>
vasarmilan: You say without unionfs? Isn't that where your store is supposed to lie? I mean, I'm not going to complain if it works now.
<hyperfekt>
vasarmilan: Just trying to make sure you didn't just forget to mount it before generating.
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fplX9
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fplXd
<{^_^}>
[cabal2nix] @peti pushed to master « Alias pkg-config build tool to pkgconfig. »: https://git.io/fpl1l
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fpl1a
cyounkin_ has joined #nixos
<{^_^}>
[nixpkgs] @cyounkins opened pull request #50849 → nixos/systemd: add StartLimitIntervalSec to unit config → https://git.io/fpl1S
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « haskell-fltkhs: re-enable the build »: https://git.io/fpl1d
<vasarmilan>
hyperfekt: I did mount /dev/sda1, there is no such line, only "/" and "/boot" is defined in fileSystems. install is running now so we'll see if it works
cyounkins has quit [Ping timeout: 260 seconds]
cryptix has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @peti pushed 5 commits to haskell-updates: https://git.io/fplMq
dbmikus has joined #nixos
xelxebar_ has quit [Ping timeout: 252 seconds]
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
<{^_^}>
[nixpkgs] @delroth opened pull request #50850 → kpcli: fix wrong program name in prompt (#50845) → https://git.io/fplDI
<laerling>
Hello. I am trying to set up an encrypted home for one user on my NixOS machine, but I can't seem to figure out how to properly use the configuration option users.users.<name?>.cryptHomeLuks. Nothing I have tried seems to work. I expect the home partition to be encrypted exactly when the corresponding user logs in and the LUKS key to be identical t
<laerling>
o the password the user has to use. Are my assumptions correct? If so, how do I use the aforementioned configuration option? Thanks for your time.
c0bw3b_ has joined #nixos
leotaku has quit [Ping timeout: 260 seconds]
<ottidmes>
laerling: I have no experience with cryptHomeLuks, I could however help you with a config in which you yourself unlock the partition with a command, which is what I use for all my LUKS devices and should also work for a home partition
<{^_^}>
[nix] @edolstra merged pull request #2216 → download: if there are active requests, never sleep for 10s → https://git.io/vh2IR
<laerling>
ottidmes: When exactly would the unlocking occur? Would it occur as an extra step after logging in with the user? Because it sounds like you're unlocking and mounting manually.
lassulus has quit [Ping timeout: 252 seconds]
lassulus has joined #nixos
<laerling>
This is the corresponding nix file as it is right now. Notice some commented options, which I already tried. https://pastebin.com/raw/wVFsWfi8
rpg has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<ottidmes>
laerling: only manually in that I have to manually enter the password
<ottidmes>
laerling: never used pam_mount myself (that I know of), how is it supposed to behave, do you know? As in, where does the password come from? You have to enter that somewhere in the boot process I assume, but since its pam related, I am not sure
<shreyansh_k>
Hi, is there a way to avoid recompiling virtualbox+extensions everytime I install/upgrade it?
<laerling>
ottidmes: I don't really know either. I had only my naive assumptions. But the pointer to pam_mount may already help me a bit more, I'll see what I can find about it.
<laerling>
ottidmes: How did you find that particular point in the nixpkgs repo? I'm asking so I know how to search for that myself, because when I last searched nixpkgs I did not find this occurence.
rauno has quit [Remote host closed the connection]
<ottidmes>
laerling: Did you search with github's search? I no longer use it, because it sometimes missed my search terms even though it did exist. I just found it in my local nixpkgs checkout by searching through it with Sublime Text (I find its search still a bit better than that of VS Code)
<ottidmes>
laerling: then I searched the file in google (nixpkgs pam_mount.nix), which pointed me to the file on github (quite a roundabout way, but it works)
<laerling>
ottidmes: Yes, I did. Ah, I see. Anyway, I would like to see your setup, because it sounds more like what I want than pam_mount.nix
alex`` has quit [Ping timeout: 268 seconds]
<{^_^}>
[nix] @KaiHa opened pull request #2552 → Fix issues in systemv init script → https://git.io/fpl9E
lassulus has quit [Remote host closed the connection]
<ottidmes>
laerling: You can run whatever in preLVMCommands, just make sure that the binaries you use are inside the initrd (e.g. I copy over cryptsetup to it), and normally I have more code that makes sure that I will not have to force a reboot after failing 3 times
<jabranham>
Is there a resource somewhere that walks me through updating something in nixpkgs?
<boogiewoogie>
hey, when I try to enter a nix-shell with this default.nix https://pastebin.com/PTFGBPuj, I get "error: cannot auto-call a function that has an argument without a default value ('stdenv')". when I look at some expressions in nixpkgs using this input pattern, they don't specify default values on every single input. what's the catch?
<ottidmes>
cyounkin_: this should probably work: types.str // { name = "withoutTrailingSlash"; description = "string without trailing slash"; check = x: isString x && !(hasSuffix "/" x); }
<cyounkin_>
ottidmes: I was just coming up with that myself! Thanks! Would it be OK to add that to lib/types.nix ?
<clever>
boogiewoogie: you want to remove the function on line 7 of the pastebin
<ottidmes>
cyounkin_: in your local checkout's lib/types.nix, sure, but its probably too nich to merge into upstream
<boogiewoogie>
clever: okay.. thank you. then this wasn't what I was doing wrong
<ottidmes>
boogiewoogie: I would remove the let and nixpkgs import and just keep your default.nix as you would normally, and just run: nix-shell --expr 'with import <nixpkgs> {}; callPackage ./default.nix {}'
<clever>
you can also put the above into a new file called default.nix, and rename the old one to pkg.nix
<boogiewoogie>
ottidmes: I'm trying to work the package into my nixpkgs though, doesn't this not work in that case?
<ottidmes>
boogiewoogie: the opposite, doing it that way makes it so that you can easily add it, because this way it is a normal valid package
<boogiewoogie>
ottidmes: oh, okay. seems like I mixed some more things up then. :p thanks
laerling has quit [Remote host closed the connection]
<ottidmes>
boogiewoogie: for example, the only line I need to add a package in my nixpkgs (via an overlay) is: linuxpba = super.callPackage ./linuxpba { }; which is basically what happens in pkgs/top-level/all-packages.nix on a much larger scale
<boogiewoogie>
ottidmes: oh, I see! thanks!
asymmetric has joined #nixos
vasarmilan has quit [Quit: Page closed]
equalunique has joined #nixos
ottidmes has quit [Quit: WeeChat 2.2]
chimay has quit [Ping timeout: 252 seconds]
fendor has quit [Ping timeout: 244 seconds]
<tilpner>
Aww, why is nixpkgsFun hidden from users :(
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<tilpner>
I really need that right now, it would be the cleanest way to reimport nixpkgs for a different system while keeping the overlays
<mightybyte>
Anyone know how to do a nix build inside a docker container but in a way that the nix store is kept on the host machine?
<mightybyte>
I was thinking about doing this so that I can build Linux binaries on my Mac and have all the dependencies get added to the nix store to avoid rebuilds and cache downloads.
<exarkun22>
`-v /nix/store:/nix/store` ? Not that I'm sure that will accomplish your goal.
<tilpner>
Oh... how did I not see that? I've been scrolling around the manpage for minutes!
<tilpner>
Thanks :)
<clever>
tilpner: also of note, nixos will do a boot.kernelPackages.extend somewhere
<clever>
so any changes you do via // get undone
<jackjennings>
Anyone know why this might be the case when trying to read a deployment key? `head: cannot open '/run/keys/datadog_api_key' for reading: Permission denied`. The key _is_ configured to use `user` and `group` datadog (created by the datadog-agent service), but the systemd service still doesn't seem to want to read this file
<jackjennings>
Puzzled…
asymmetric has quit [Ping timeout: 264 seconds]
<clever>
jackjennings: what does `ls -lh` report for that path?
<jackjennings>
`-rw------- 1 datadog datadog 33 Nov 20 20:04 datadog_api_key`
<clever>
jackjennings: and `grep User /etc/systemd/system/datadog-agent.service` ?
<jackjennings>
`User=datadog`
<symphorien>
does /run/keys have x ?
<clever>
ls -lhd /run/keys/
<jackjennings>
`drwxr-x--- 2 root keys 0 Nov 20 20:04 /run/keys/`
<clever>
yeah, theres the proboem
<clever>
you have to add the datadog user to the keys group, to be able to even look inside /run/keys/
<jackjennings>
🙏
<{^_^}>
[nixpkgs] @c0bw3b merged pull request #50614 → Cleanup of dead packages after Gna.org closure → https://git.io/fpcKa
<boogiewoogie>
hey. I can successfully build ithis default.nix https://pastebin.com/4gCn8Q8d in a nix-shell. however, without lines 8 and 9, it fails due to not finding certain glib/gtk2 paths. I'm wondering why this is.. to be precise: what's the difference between glib and pkgs.glib here?
<clever>
boogiewoogie: pkgs.glib and glib should be identical
<clever>
> pkgs.glib == glib
<{^_^}>
true
<clever>
> pkgs == pkgs.pkgs.pkgs.pkgs
<{^_^}>
error: syntax error, unexpected '=', at (string):120:9
hyper_ch has joined #nixos
<clever>
not sure why that 2nd example failed to parse
<clever>
boogiewoogie: oh, the rec on line 3
<clever>
boogiewoogie: that causes glib = glib; to refer to itself
<clever>
you usually dont need rec in most cases
<clever>
the version= on line 6 is also not doing anything
<clever>
boogiewoogie: and on line 29, you could just run sed on ${glib} itself, (a nix var) rather then \${glib} (a bash var), then you can just delete line 8
<boogiewoogie>
clever: oh, right, it actually doesn't. but I'm not done with my expression yet! --- but consider this: https://pastebin.com/6dQnnVWh. it's a shell.nix I've used to get into a shell that can run the setup script. the script positively fails without lines 5 and 6. no rec here
<clever>
but some compares can suceed, and others throw
<infinisil>
No, impure
<clever>
depending on if they are identical or identical :P
<infinisil>
Yeah, it does seem like a bad idea after all imo
<{^_^}>
[nixpkgs] @cyounkins opened pull request #50857 → update-users-groups.pl: create intermediate home directories as 0755 → https://git.io/fpljC
<infinisil>
`let a = throw "hi"; b = throw "hi"; in a == b` would fail
<infinisil>
But `let a = throw "hi"; in a == a` would succeed
<clever>
yeah
fendor has joined #nixos
<clever>
as would b=a; in a==b
<infinisil>
Yee
<hyper_ch>
Mic92: hmmmm, it didn't work.... I did add echo "zpool import tankXXX; zfs load-key -a; ....." but it never showed anything and it wasn't imported..... also adding like echo "echo 'import tankxxx'; zpool import tankxxx; echo 'import tankxxx done'; zfs load-key -a; ..." didn't help
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos
kai_w_ has joined #nixos
halfbit has joined #nixos
<typetetris>
I would like to add something to the `nix` manual, but the section is reproduced in three different files in the repository https://github.com/NixOS/nix, there is `doc/manual/manual.html` and `doc/manual/manual.xmli` and `doc/manual/packages/binary-cache-substituters.xml`, which one should I adapt, is there tooling to regenerate the other ones?
<gchristensen>
typetetris: the xmli and html file is generated from the .xml file, and aren't checked in
<typetetris>
wow, sorry `git clean -dfx` solved it. Didn't look at .gitignore
<mpickering>
Given a derivation d and a string "s" is there a way to get the path of the output d.s?
<cyounkin_>
Should I be squash/amending commits that are for a github pull request?
<clever>
that also works, depends on what your doing
<mpickering>
I didn't try that as I didn't think it should work?
<infinisil>
`let foo = "s"; in d.${foo}` is exactly the same as `d.s`
<mpickering>
a string is a different thing to an attribute name?
<infinisil>
AH I see
<infinisil>
> let theattrIwant = "foo"; attrs = { foo = "bar"; }; in attrs.${theattrIwant}
<{^_^}>
"bar"
<infinisil>
mpickering: You want that? ^
vk3wtf has quit [Ping timeout: 252 seconds]
equalunique has quit [Ping timeout: 268 seconds]
drakonis has joined #nixos
equalunique has joined #nixos
<gchristensen>
lib.getOutput , too
fendor has quit [Ping timeout: 268 seconds]
hyperfekt has quit [Ping timeout: 256 seconds]
xeji has joined #nixos
hamishmack has joined #nixos
<kai_w_>
as far as I can tell, nixos-unstable has no kernel packages in the cache for aarch64, or have I got something set up wrong? they were there a few channel updates ago
equalunique has quit [Ping timeout: 260 seconds]
lfish has joined #nixos
equalunique has joined #nixos
<hark>
j/win 53
equalunique has quit [Ping timeout: 246 seconds]
<lfish>
hello. Is changing files in /etc/systemd/system in nixos done the same way as in other distros?
cyounkins has quit [Remote host closed the connection]
cyounkins has joined #nixos
<clever>
lfish: the entire /etc/systemd dir is read-only, all changes must be defined in coniguration.nix
<clever>
configuration.nix*
equalunique has joined #nixos
fendor has joined #nixos
<lfish>
I can't run nixos-rebuild because it is seeing al older version of nixos, that's why I want to change the nix-daemon
<lfish>
it is seeing al older version of nix*
<clever>
lfish: if you `unset NIX_REMOTE`, it wont connect to the nix-daemon
cyounkins has quit [Ping timeout: 240 seconds]
equalunique has quit [Ping timeout: 240 seconds]
<lfish>
I keep the same error message... what does nixos-rebuild actually run anyway?
<clever>
lfish: what is the full output of nixos-rebuild?
<clever>
lfish: --fast turns on --show-trace automatically
<clever>
lfish: let me double-check the source
<clever>
lfish: try `sudo -i` then `_NIXOS_REBUILD_REEXEC=1 nixos-rebuild boot --fast`
metastance has quit [Quit: WeeChat 2.3]
endformationage has quit [Ping timeout: 268 seconds]
switchy has left #nixos ["WeeChat 2.3"]
<Mic92>
globin: do you think we could get a NixOS banner this year on #35c3 (cc @makefu)
<{^_^}>
https://github.com/NixOS/nixpkgs/pull/35 (by cillianderoiste, 6 years ago, closed): Add calf - audio effects plugin pack and lv2 - audio plugin standard
<boogiewoogie>
hmm, when I try to install this expression https://pastebin.com/wM3WzXEt into my store, it's failing due to inability to resolve host github.com (a script is run where more files are fetched). is this normal behaviour?
<Unode>
is there any way to figure out "why" nix-store --verify --check-contents reports a different hash? That is what is different from when the hash was first created?
<Unode>
hey clever. I haven't got to using your chrooted nix setup yet (time limitations). But in any case, do you have any intentions of making that available through nixpkgs and perhaps have its own section in the nix/nixos manual?
<viric>
ls
<viric>
oops
<gchristensen>
. .. bin
<viric>
focus focus
<gchristensen>
focus: command not found
<{^_^}>
[nixpkgs] @jtojnar closed pull request #50323 → cmake: add ctest support to setup hook → https://git.io/fpOUm
nDuff has joined #nixos
<Unode>
viric: you should check your filesystem. duplicated names are usually a bad sign.
<infinisil>
boogiewoogie: Btw, a lot of people dislike pastebin because it's bloated and can display ads. Lots are using https://gist.github.com/ or https://hastebin.com/ instead :)
<clever>
i prefer gist because it shows diffs and i can fork things and edi
<Unode>
when nix produces a hash for a package, does it consider the full content of the folder or only files it knows were created during the compilation/test phase?
<clever>
Unode: it is just the hash of the NAR for that path
<Unode>
i.e. does it hash while the build-dir is still in $TMPDIR or just after it moves the result of the compilation into the store?
<clever>
Unode: it hashes $out after the builder process has exited
<clever>
so there is no way for the builder to then modify it in race conditions
<Unode>
$out recursively I take it?
<nDuff>
Unode, ...fixed-output or other? AIUI (plenty of people here who can correct me if I'm wrong), the hash of a non-fixed-output derivation isn't based on the contents of $out at all.
<clever>
Unode: yeah
<nDuff>
Unode, ...but only based on the build code, and the hash of the inputs thereto.
<Unode>
clever, nDuff so the reason I'm getting at this is the following
<clever>
the hash in $out, for a non-fixed derivation, is the hash of the attrs passed to mkDerivation
<gchristensen>
nDuff: the store path yes, but nix also hashes the output for verification later
jackjennings has quit [Quit: Connection closed for inactivity]
<Unode>
I have a setup built on a custom location /share (not /nix) so I build everything locally. For performance and I/O reasons I build on /dev/shm. So far so good.
<Unode>
However every once in a while certain packages report a hash mismatch with --verify --check-contents.
<clever>
Unode: nfs?
<Unode>
In addition to the above setup I have /share on NFS, yes
<Unode>
so I was wondering about .nfsXXX files
<clever>
Unode: the nfs server dynamicaly generates some .nfs files in random dirs, and those break the hash
<Unode>
clever: t
<Unode>
that was my guess as well
<Unode>
Is there any way to prevent that from happening?
<Unode>
such as, tell nix to ignore .nfs files inside $out?
<clever>
mount the nix store read-only?
<clever>
mount /share/nix/store /share/nix/store --bind -o ro
xeji has quit [Quit: WeeChat 2.2]
nDuff has quit [Quit: ...]
<Unode>
clever: I don't have root access so I can't do that, but even if I did, how would I write to the store then?
<clever>
Unode: nix-daemon will remount it r/w when starting a build, if nix-daemon was running as root
<thekolb_>
Sadly neither of the two seems to be the culprit :O
eeva has quit [Ping timeout: 260 seconds]
<joko>
thekolb_: how about totally overriding the fixup phase? This is where ELFs get modified by default
<thekolb_>
is that called fixupPhase?
<clever>
yeah
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
<thekolb_>
Doesn’t seem to do anything.
alex`` has quit [Quit: WeeChat 2.3]
thumphries has joined #nixos
dbmikus has quit [Ping timeout: 252 seconds]
<thumphries>
hey - is this the right place to talk about haskellPackages?
steshaw has joined #nixos
sanscoeur has quit [Ping timeout: 246 seconds]
<thekolb_>
Weird... so if I do nix-shell --pure the binary still works after buildPhase... what else could be happening? I use makeWrapper to set a LD_LIBRARY_PATH but AFAIK that doesn’t affect the original binary...
dbmikus has joined #nixos
<{^_^}>
[nixpkgs] @jwiegley pushed to master « coqPackages: New expressions: StructTact, InfSeqExt, Cheerios, Verdi »: https://git.io/fp8OC
<Unode>
thekolb_: are you on nixos? If not I'd guess something in your environment is causing the breakage
<{^_^}>
[nixpkgs] @markuskowa opened pull request #50862 → nixos/slurm: set slurmd KillMode and add extraConfigPaths → https://git.io/fp8Ol
slack1256 has joined #nixos
ng0 has quit [Ping timeout: 256 seconds]
equalunique has quit [Ping timeout: 264 seconds]
<thekolb_>
Unode: yeah no, I am on an ubuntu derivate. Environment is what I am guessing too...
ng0 has joined #nixos
dbmikus has quit [Client Quit]
<Unode>
thekolb_: if --pure fixes it, it's most certainly environment. That or a binary/lib from the system is being used instead of one from nix.
equalunique has joined #nixos
<Unode>
thekolb_: sanitize $LD_ variables and $PATH
<thumphries>
specifically, I am trying to build `haskellPackages.glirc`. it has a custom setup and seems to fail because of an incorrect package-db
<thekolb_>
Unode: --pure doesn’t "fix" it, I just can’t reproduce the breakage in nix-shell, even with --pure
<clever>
thekolb_: at the end of the buildPhase, try patchelf --print-rpath
<Unode>
thumphries: here should be ok, #haskell may also be of use, a github issue might work best if the failure is present on simply trying to install the package.
<clever>
thekolb_: and then after nix-build breaks it, print the rpath again, has it changed?
<Unode>
thekolb_: failing to reproduce often == fixing it :P
kai_w_ has quit [Quit: Konversation terminated!]
<Unode>
thekolb_: can you run a 'broken' binary from that same shell where it works?
lfish has quit [Ping timeout: 256 seconds]
<Unode>
thekolb_: if yes, then instead of something from the environment you could be missing a dependency in nix
<thekolb_>
Unode: good tip!
equalunique has quit [Ping timeout: 252 seconds]
<Unode>
thekolb_: sometimes you need to explicitly patchelf something. Can't remember when but I had to do this once or twice
jabranham has quit [Remote host closed the connection]
<ryantm>
Is it not possible to disable sandbox builds on NixOS? I tried `nix-build --option sandbox false -A mattermost` and added a __noChroot = true; into the derivation and it produced an error message saying sandbox was set to true.
lfish has joined #nixos
<symphorien>
You need to be a trusted user iirc
<lfish>
clever: that last one worked! thank you!
<ryantm>
symphorien: Oh, that makes sense.
<Unode>
thekolb_: try also 'ldd binary' to spot what it's being linked against
<clever>
lfish: once youve upgraded, youll want to `nix-env -e nix`, since having nix installed like that can cause problems
equalunique has joined #nixos
<{^_^}>
[nixos-org-configurations] @grahamc pushed 8 commits to graham/prometheus: https://git.io/fp83C
lfish has quit [Ping timeout: 256 seconds]
<thekolb_>
clever: Unode: it all matches up except the addresses printed by ldd, it is infact the same binary (sha256sum), I assume what I get with nix-shell buildPhase is a different binary than what I get with nix-build
Ariakenom has quit [Quit: Leaving]
<clever>
thekolb_: try just setting a custom buildPhase or postBuild, that will sha256 the binary
erasmas has quit [Quit: leaving]
<{^_^}>
[nixpkgs] @marsam opened pull request #50863 → pythonPackages.aws-google-auth: init at 0.0.29 → https://git.io/fp83h
<bbarker>
Was thinking just now about hosting some nixpkgs-aware containers that mount the /nix/store; idea is that the containers wouldn't be installing any packages themselves but just interact with the /nix/store in a read only way. Does that sound like it should go fairly smoothly?
<bbarker>
(the host /nix/store would be NixOS)
<thekolb_>
clever: its the same binary...
<bbarker>
I already have nixpkgs working in some containers but would like to have things shared to reduce disk usage
<Unode>
thekolb_: does it break if you su - to a different user?
c0bw3b_ has quit [Remote host closed the connection]
<Unode>
bbarker: depending on what kind of access you need, read-only may block some requests. Assuming there's no nix-daemon and such
lfish has joined #nixos
<bbarker>
Unode, I'd be ok with it not being read-only, but then I can't think of ways to keep users from doing bad things to the /nix/store that doesn't go through the nix-* commands
<Unode>
clever: what was that 'unshare' incantation you recommended the other day to mount a custom location ? Can't seem to find it in my logs
<thekolb_>
Unode: huh, yes it does!
<thekolb_>
wat
<Unode>
thekolb_: sounds like you have some rogue library in the system messing things up
<thekolb_>
but... how? how does the effective uid affect running the binary?
ng0 has quit [Quit: Alexa, when is the end of world?]
<thekolb_>
So the binary works only for the user who built it? :O
<Unode>
bbarker: what kind of access exactly do you want to give your users? if it's just querying for packages I'm not sure there's much advantage. nix-build and nix-shell will fail. If is running things from the store, read-only should be fine.
goibhniu has quit [Ping timeout: 240 seconds]
<Unode>
thekolb_: when you say it does, does==break or work?
mekeor has joined #nixos
<bbarker>
Unode, yes, I think for these cases I can live with them not using nix commands at all
<bbarker>
and just running things
<thekolb_>
Unode: does=break, i.e. I did nix-shell --pure buildPhase (binary works), su -s /bin/bash - nobody and the binary stops working
<Unode>
bbarker: then mounting /nix/store is like mounting any other location
<Unode>
thekolb_: when you say stop working, what's the error exactly?
<thekolb_>
Unode: Can't resolve foreign symbol "stat_cffi_wrap"
rpg has joined #nixos
<thekolb_>
(its something weird common lisp specific)
<Unode>
thekolb_: ok that's a clear dynamic linking problem
<Unode>
basically the wrong lib is being used when you run it outside the shell
<Unode>
you need to patchelf the right -rpath into the binary so that it uses the lib from nix, even when running outside a --pure environment
jtojnar has quit [Ping timeout: 252 seconds]
<Unode>
thekolb_: does anything of what I said makes sense? :) I was also confused when it happened to me the first time. Then I fell in love with patchelf and dropped LD_LIBRARY_PATH from my environment entirely and have been living much happier since
<thekolb_>
Unode: it does, you are amazingly helpful
<Unode>
clever: already hinted at the issue above. You were being mislead by the fact that the binary had the same sha hash. The fact that the libs were different in ldd was the key
<thekolb_>
Well the fun thing is, the libs aren’t different in ldd, this application does dark magic and comes with its own dynamic library loader... its tricky :-) but I think I am on the path to success now!
<Unode>
thekolb_: dark magic always carries risks to the final user :)
<clever>
thekolb_: are you sure its not just normal dlopen()?
<clever>
dlopen wont be detected by ldd
<Unode>
clever: seems like I can't mount /custom/nix to /nix in my setup. unshare -m fails with Operation not permitted.
<Unode>
without -m works fine though
<clever>
Unode: if you lack root, you must unshare both the user and mount namespaces