<{^_^}>
[nixpkgs] @lheckemann opened pull request #50976 → slang: respect TERMINFO_DIRS and ignore FHS paths → https://git.io/fp0ma
nocoolna- has quit [Ping timeout: 250 seconds]
<srhb>
tathougies: Hopefully you'll be paying that cost very rarely and mostly be doing regular, non-IFD builds, or Hydra gets strictly very non-informative about what it's doing. :)
nocoolnametom has joined #nixos
<srhb>
tathougies: (Sadly that means no huge callCabal2nix collections or similar fun stuff)
booglewoogle has quit [Remote host closed the connection]
<infinisil>
How I thought of this: I'm annoyed at how I have to manually unpack stuff when I nix-build -A hello.src
<sphalerite>
not a counterexample, but using tarballs rather than dirs allows using upstream checksums when available
<infinisil>
sphalerite: We could still sha256 the tarball itself, but wrap it in an unpack derivation
<infinisil>
Or just deliver the unpack phase as an attribute
<sphalerite>
infinisil: tar xf result isn't that hard :p alternatively, nix-shell '<nixpkgs>' -A hello --run 'unpackPhase'
<infinisil>
Of the source
<gchristensen>
there is precedent for what you're saying, of course, fetchzip for example
<infinisil>
sphalerite: Problem is when there's a different format, which occasionally happens
<sphalerite>
infinisil: that means using twice the disk space
<Mic92>
sphalerite: I missed the context
<infinisil>
sphalerite: Yeah, that's why I'm thinking an attribute for the unpack phase would be better
vidbina has quit [Ping timeout: 250 seconds]
rprije has quit [Ping timeout: 268 seconds]
<sphalerite>
infinisil: what's wrong with nix-shell '<nixpkgs>' -A hello --run unpackPhase ?
<infinisil>
sphalerite: It feels wrong!
<gchristensen>
why? :)
<sphalerite>
Mic92: font package which you added hydraPlatforms = []; to due to size. It's becoming fixed-output, thus I think we can put it back on hydra since the space use is much more constant than if it changed every time a dep changes
<sphalerite>
infinisil: but it's right!
<gchristensen>
extracting all tarballs by default would cause the cache and store to be much much larger
<infinisil>
gchristensen: I mean, with unpackPhase as an attribute to the source derivation this wouldn't happen
<sphalerite>
the cache might actually be smaller because yay xz (and a lot of upstream tarballs are still bz2/gz[citation needed]). But yeah the store
<infinisil>
Or how about just wrapping the source tarball with an unpack derivation, but preferring local build for it?
<infinisil>
Wouldn't that work?
<infinisil>
I guess it's one more derivation per source, which isn't very good
<infinisil>
Anyways, I like the idea, would probably be implemented with an unpackPhase attribute or so
<sphalerite>
I'm not a big fan myself, don't see a lot of benefit to it
<infinisil>
sphalerite: I'm thinking it would be nice to put the commands to unpack it directly in the fetchers, so fetchFromGitHub would untargz it, fetchzip do the thing it needs to do, we could have a `fetchdeb` which does a `dpkg-deb -x` on the fetched url
<sphalerite>
fetchFromGitHub already unpacks it
<infinisil>
Ah right, see!
<sphalerite>
fetchzip also unpacks
<clever>
infinisil: note, that fetchurl takes the hash of the .tar.gz, but fetchzip and fetchFromGitHub take the hash of the nar
<infinisil>
Yeah
<clever>
and things like the hackage db and yarn, store hashes of .tar.gz files
<infinisil>
Hmm, are there more examples
<clever>
so if you force everybody to unpack, you loose the hashes upstream provides
<clever>
and a lot of automation breaks
acarrico has quit [Ping timeout: 250 seconds]
<sphalerite>
clever: that's what I already said :p
<clever>
also, at one time, chromium had a seperate derivation to unpack
<clever>
i heard it took 12 hours to copy it from the build slave, to hydra, and back to another slave
<infinisil>
I repeat: Only an attribute for the unpackPhase
<infinisil>
passthru
<infinisil>
No change
<clever>
ah
<clever>
the zip setup hook already handles stuff like that for you
acarrico has joined #nixos
<infinisil>
We could have an `fetchfile` that just creates a directory with the file in it
<infinisil>
clever: Yeah, but my point is that this really doesn't have anything to do with the package derivation
<sphalerite>
one thing that bothers me is that the kernel gets unpacked twice for a kernel build, once for the config and once for the build. That's a case where a separate unpack drv might be nice
<infinisil>
How to unpack a source is entirely dependent on the distribution format
Mr_Keyser_Soze has quit [Ping timeout: 252 seconds]
<infinisil>
We could also have a `combine { a = fetchzip { ... }; b = fetchurl { ... }; }` that could replace $srcs, which I never really understood
<infinisil>
Well combine would really just be a simple attrset -> dir conversion (I have code for that somewhere)
<sphalerite>
unrelated: it would be nice if xfce could work right from a user profile
<bbarker>
I was reading about nix containers, and wondered if there is a way to import a nix expression over http, so that container specs could be stored in a repo somewhere and consumed easily in configuration.nix; this has more general uses though - would allow for nixpkgs to use nix expressions defined anywhere, just like it can already download code hosted anywhere. Not saying nix expressions should typically be hosted outside of nixpkgs,
<bbarker>
but there are use cases like this, i think
<simpson>
bbarker: Yeah, lots of Nix CLI tools which take local filenames will also take HTTP URLs.
<lo_mlatu>
Is there an equivalent of 'guix environment --container' in nix that can run a command in a *temporary* container?
<bbarker>
simpson: but currently, a nix expression can't import another expression over http?
<bbarker>
I like how nix containers appear to be multi-user, a bit like singularity though system-wide by default
<ottidmes>
gchristensen: its just that the implementation being used, some set of python scripts, just dump a lot of unnecessary data in the logs, and it is rather a leaky abstraction (I have seen multiple python errors or other internals spilling out)
<gchristensen>
it is using acme, no? or simp_le?
<ottidmes>
gchristensen: simp_le yes
* emily
would be happy to see acme-client nixos support
* gchristensen
would love to see dns-01 support
<ottidmes>
I managed to lock myself out a local server (so luckily I could still access it directly), because jail2ban was not configured to ignore 192.168.0.0/16 and I made a mistake in a SFTP account (which keeps trying)
<ottidmes>
gchristensen: dns-01 is also a lets encrypt client?
<gchristensen>
dns-01 is a specific type of challenge LE supports (using DNS instead of the HTTP challenge)
<ottidmes>
I just tried modifying the ignoreip setting, but I get with `sudo fail2ban-client get DEFAULT ignoreip`: Sorry but the jail 'DEFAULT' does not exist, any idea?
<ottidmes>
gchristensen: that sounds nice, its not much of a hassle, but I rather remove those extra bits of nginx config if I can
<gchristensen>
it is much more complicated to setup.
<clever>
gchristensen: do any records involved in dns-01 have to be updated at regular intervals?
<gchristensen>
yes
<clever>
so you need to give every machine an automated way to update dns records about its own domain
<gchristensen>
each system runnin a dns-01 challenge has to be able to update the DNS record
<ottidmes>
gchristensen: yeah, I am reading about it, you really need an API to update your DNS records if you want to use it
<clever>
gchristensen: that sounds like a pain
<gchristensen>
it is a bit of a pain, but also you can't really use http-based challenges for HA setups
<clever>
some of my dns hosters only have an api to change the addr behind A and AAAA
<clever>
but no way to change TXT records
<clever>
the only solution i can see is to chain NS records for subdomains and grant a dynamic ip control over some things
<clever>
but that will likely bleed thru into the domains you can authorize
<{^_^}>
ofborg/infrastructure#10 (by grahamc, 14 weeks ago, open): Hacked up port to NixOS 18.03 and also ACME-DNS-01 LetsEncrypt for RabbitMQ
<ottidmes>
Ah, the DEFAULT jail cannot be queried like that, only actual jails, sudo fail2ban-client get ssh-iptables ignoreip, worked, confirming that later settings overwrite existing ones
<ottidmes>
emily: yeah, just because its possible, does not mean they should have... its not meant to implement software in...
cyraxjoe has joined #nixos
<Acou_Bass>
hey everyone, for a while now my nixos rebuilds have failed due to movit failing to build... from what i can pick out, the only package i use that uses movit is kdenlive, and ive removed that from my configuration.nix but its still trying to rebuild/install movit + kdenlive (can see both in the output)... i see there was a fix pushed in github 5 days ago but nix still seems to want to build the old movit (im
<Acou_Bass>
running nixos-instable) - probably a case of me missing something dumb, can someone assist? :D
<ottidmes>
Acou_Bass: You should go for the usual suspects, if you use nix-channel, do you make sure to run nixos-rebuild and nix-channel as root?
<Acou_Bass>
well im not running nix-channel, ive already been running unstable hehe, i just do sudo nixos-rebuild boot --upgrade, which i thought did all the upgrading stuff for me
<v0|d>
Acou_Bass: how about checking out master/staging and doing NIX_PATH=nixpkgs=./my-nixpkgs nixos-rebuild test
<ottidmes>
I am off to sleep, good night
<v0|d>
ottidmes: night.
<clever>
v0|d: that is likely to break its ability to find <nixos-config>, -I nixpkgs=./my-nixpkgs would be better
<v0|d>
clever: -I is not listed among man of nixos-rebuild
ottidmes has quit [Quit: WeeChat 2.2]
<clever>
v0|d: In addition, nixos-rebuild accepts various Nix-related flags, including --max-jobs / -j, --show-trace, --keep-failed, --keep-going and --verbose / -v. See the Nix manual for details.
<Acou_Bass>
still doesn't really help explain why it's trying to install kdenlive (and by extension movit) when I've not got it in my configuration
<clever>
Acou_Bass: does kdenlive fail?
<Acou_Bass>
but yeah i could try checking out master to test it
<Acou_Bass>
the build? well, it's the nixos-rebuild that fails not just kdenlive itself but yes it lists kdenlive and movit as failed to build at the bottom
<clever>
Acou_Bass: it will also list what dependended on movit and kdenlive
<clever>
and those explain why its being built
<Acou_Bass>
lists movit, mlt, kdenlive, system-path then nixos-system-yadayada :P
<clever>
then you have one of movit, mlt, or kdenlive, in your systemPackages
<clever>
Acou_Bass: what does this output? nix eval '(with import <nixpkgs/nixos>{}; map (x: x.name) config.environment.systemPackages)'
<Acou_Bass>
kdenlive is installed on my sistem right now but ive deleted it from the systemPackages list to try and get the system to rebuild :P OK ill try that command 1 sec
<Acou_Bass>
hmm lemme dump that into a txt file... its a long list!
<clever>
its about 10+ lines line with word-wrap here
<Acou_Bass>
yeah
<Acou_Bass>
kdenlive is in there sure enough (but isnt that just because i have it installed right now?)
<clever>
no
<Acou_Bass>
huh
<clever>
that command prints what the configuration.nix wants in the next build
<clever>
so its still in your config file
<Acou_Bass>
how weird... i wonder where kdenlive is being pulled in then, ive 100% removed it from the file
<Acou_Bass>
must be something else thats pulling it in?
<Acou_Bass>
so wait, my massive block of KDE applications is pointless because i basically already have them listed via pkgs.kdeApplications); ? that never used to be the case hehe
<clever>
WhittlesJr: you overrode the unpackPhase, so nothing is unpacking $src
<clever>
WhittlesJr: also, fetchFromGitHub does exactly what you want already
<WhittlesJr>
But then it's not really a package, right? Or does it not need to be?
<clever>
WhittlesJr: fetchFromGitHub is already a package
fusion809 has joined #nixos
<clever>
and src= almost always points to a package
<Acou_Bass>
eyy, rebuilt upgrade successfully \o/ thanks a lot clever, fresh pair of eyes wins out
<WhittlesJr>
clever: Ahhhhhh so I don't need to use mkDerivation at all. That works, thank you!
<clever>
WhittlesJr: fetchFromGitHub is already based on mkDerivation, a variant that just downloads from github and extracts to $out
<WhittlesJr>
clever: I see I see.
mayhewluke has quit [Ping timeout: 252 seconds]
alex_giusi_tiri has joined #nixos
mayhewluke has joined #nixos
<simpson>
With kubenix, is there a way to get a listing of available resources and whatnot? Perhaps a way to examine stuff in the REPL?
WhittlesJr has quit [Ping timeout: 256 seconds]
freeman42x]NixOS has quit [Ping timeout: 245 seconds]
phreedom_ has joined #nixos
phreedom has quit [Remote host closed the connection]
<simpson>
Okay, I managed to get a thing deployed. That wasn't too bad. I need to get some per-cluster variables in there; maybe I need a jq postprocessing?
<simpson>
Also I need the beta version of RBAC instead of the alpha version. So probably I need the 1.10 version of the k8s API. How would I do that?
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/fp0nY
rprije has joined #nixos
<{^_^}>
[nixpkgs] @hyperfekt opened pull request #50979 → [WIP] nixos/redshift: rework to use config file → https://git.io/fp0nc
<teto>
(anyone at vimconf ?)
<{^_^}>
[nixpkgs] @worldofpeace pushed commit from @zraexy to release-18.09 « marble: Fix include install to dev output »: https://git.io/fp0nr
Rusty1 has quit [Quit: Konversation terminated!]
<tathougies>
Suppose I have a derivation that I use in nix-shell, and I want to make a derivation that runs a command in this nix shell and then copies the result to the output directory. How would I do that? Can I jsut set 'nativeBuildInputs' to the shell derivation/
lo_mlatu has quit [Quit: Connection closed for inactivity]
rprije has quit [Ping timeout: 268 seconds]
endformationage has quit [Ping timeout: 252 seconds]
jasongrossman has joined #nixos
palo1 has joined #nixos
palo has quit [Ping timeout: 240 seconds]
jasongrossman has quit [Ping timeout: 272 seconds]
<sphalerite>
Hi folks. Trying to run steam and getting "glXChooseVisual Failed". Any ideas?
<sphalerite>
srhb: you know steam things right? :^)
init_6 has joined #nixos
<andi->
I guess you enabled the 32bit library support for opengl?
<andi->
(hardware.opengl.driSupport32Bit)
<sphalerite>
aaaah I don't think I did
* sphalerite
does so
<sphalerite>
I'm guessing that's it, thanks!
<sphalerite>
much better :)
<andi->
sphalerite: checkt his page: https://nixos.wiki/wiki/Steam you might want to have 32bit pulse as well.. not sure if I ever did and worked fine for me so far
<{^_^}>
[nixpkgs] @FRidh merged pull request #49602 → pyjwt: fix tests to work with pytest >= 3.9.0 → https://git.io/fxAnM
<{^_^}>
[nixpkgs] @FRidh pushed commit from @dtzWill to staging « pyjwt: fix tests to work with pytest >= 3.9.0 »: https://git.io/fp08T
<{^_^}>
[nixpkgs] @FRidh pushed 115 commits to staging-next: https://git.io/fp08L
<init_6>
Hi all. Thx for the steam-run! I was able to run witcher 2 ^_^
<{^_^}>
[nixpkgs] @c0bw3b pushed commit from @nyanloutre to master « wpscan: init at 3.4.0 »: https://git.io/fp046
<GiGa>
sphalerite: Ones created via nixos-container
<GiGa>
sphalerite: For some reason /var/lib/containers is now empty :'(
<sphalerite>
GiGa: that's very odd
<GiGa>
Indeed
<sphalerite>
GiGa: did you have something mounted there or something?
<sphalerite>
Do you have backups?
<GiGa>
Only thing I'm doing differently is I'm in XFCE rather than Gnome3, which won't have changed the filesystem. Nothing mounted there. Yes, have the same containers on another device fortunately
<GiGa>
Very odd
<{^_^}>
[nixpkgs] @FRidh pushed 3 commits to python-unstable: https://git.io/fp0Bf
<{^_^}>
[nixpkgs] @FRidh opened pull request #50983 → buildPython*: add updateScript to passthru → https://git.io/fp0RC
kenshinCH has joined #nixos
irdr has quit [Remote host closed the connection]
<kenshinCH>
I'm trying to package a python package that, in the test phase, needs to download some files. But it seems that in that phase there is no network access :/ In `checkPhase` I added a wget, just to make sure, and I got `unable to resolve host github.com'
irdr has joined #nixos
<FRidh>
kenshinCH: builds, including testing, needs to be pure. You should not download anything during the build. The sandbox enforces this.
<kenshinCH>
FRidh: so I just skip the tests?
<FRidh>
kenshinCH: depends. You could fetch them before, and add them as fixed-output derivations, like we do with the source of packages e.g.
<FRidh>
how much effort do you want to put in it
<kenshinCH>
low-ish :p
<kenshinCH>
but if you can point to an example, I'll take a look
<FRidh>
kenshinCH: often we also download patches, and apply those to the source. That's also quite similar.
<{^_^}>
[nixpkgs] @lheckemann merged pull request #49808 → steamPackages.steam-runtime-wrapped: don't include all of gcc → https://git.io/fpvTG
<{^_^}>
[nixpkgs] @peti pushed 3 commits to haskell-updates: https://git.io/fp0RN
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « haskell-brick: update override for ghc-8.6.x to the latest version »: https://git.io/fp0Rp
booglewoogle has joined #nixos
<sphalerite>
,activationScripts = you do not want to use activationScripts usually! A bad activation script can cause your system to fail to boot in surprising ways. Prefer a oneshot systemd service.
<{^_^}>
activationScripts defined
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fp00e
<sphalerite>
clever: you're my main source on this, please improve the factoid if you have any improvements to make :)
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « all-cabal-hashes: update to Hackage at 2018-11-24T11:28:53Z »: https://git.io/fp00T
<sphalerite>
,activationScripts = you do not want to use activationScripts usually! A bad activation script can cause your system to fail to boot in surprising ways, particularly because it runs at a very early stage of boot. A script that works with nixos-rebuild switch may break your system for the next boot!
<{^_^}>
activationScripts redefined, was defined as: you do not want to use activationScripts usually! A bad activation script can cause your system to fail to boot in surprising ways. Prefer a oneshot systemd service.
<sphalerite>
,activationScripts = you do not want to use activationScripts usually! A bad activation script can cause your system to fail to boot in surprising ways, particularly because it runs at a very early stage of boot. A script that works with nixos-rebuild switch may break your system for the next boot! Prefer a oneshot systemd service.
<{^_^}>
activationScripts redefined, was defined as: you do not want to use activationScripts usually! A bad activation script can cause your system to fail to boot in surprising ways. Prefer a oneshot systemd service.
Chiliparrot has joined #nixos
<__monty__>
andi-: Not on NixOS actually. I was thinking a nix expression that produces a directory tree with the right permissions.
<__monty__>
It doesn't sound like what nix usually does though so I'm not sure it's possible/practical?
<andi->
sicne you can not really generate outputs with special permissons I think you are not getting anything fro nix here.. maybe rendering a shell script that then does what you need..
realrokka has quit [Read error: Connection reset by peer]
booglewoogle has quit [Remote host closed the connection]
<__monty__>
Alright, thanks for confirming my suspicion.
<dsx>
Is there a nice NixOS-like way to handle dotfiles in ~/?
erratic has joined #nixos
<__monty__>
dsx: Home-manager is usually recommended.
<{^_^}>
dsx: There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
NightTrain has quit [Ping timeout: 252 seconds]
<dsx>
Thanks!
b has joined #nixos
sigmundv has joined #nixos
freeman42x]NixOS has joined #nixos
feep has joined #nixos
<feep>
yo
<feep>
I'm trying to update cura to 3.6.0
Mateon3 has joined #nixos
Mateon1 has quit [Ping timeout: 244 seconds]
Mateon3 is now known as Mateon1
<feep>
I have an overlay defined and included in /etc/nixos/configuration.nix
<{^_^}>
nix#1625 (by tobiasBora, 1 year ago, closed): Does not pass tests
hamishmack has quit [Ping timeout: 250 seconds]
ekleog has joined #nixos
<NinjaTrappeur>
ottidmes, thanks. Yeah, I've already seen it, the install script radically changed since january 2017 :( But yeah, ultimately the problem is around the chroot namespace, that's for sure. I just can't find what's wrong. I need a personal server, so I'll ditch this whole test env and install something else
<NinjaTrappeur>
I'll try to reproduce and fix this locally later on hopefully
worknonwork has joined #nixos
<sphalerite>
,declarative
<{^_^}>
There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
darthfork has joined #nixos
<sphalerite>
,declarative = There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile https://git.io/fp0aU ; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<{^_^}>
declarative redefined, was defined as: There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<sphalerite>
,declarative
<{^_^}>
There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<sphalerite>
,declarative = There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile https://git.io/fp0aU ; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<{^_^}>
declarative redefined, was defined as: There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<sphalerite>
,declarative
<{^_^}>
There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile <link to do, sphalerite!>; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<infinisil>
Sorry
darthfork has quit [Remote host closed the connection]
<ottidmes>
sphalerite: Know that the bot is also in #bottest
<infinisil>
It's broken for some reason
<sphalerite>
ottidmes: I do :p
<sphalerite>
ottidmes: I was hoping this would be trivial and just allow people to see that I've finally done the buildEnv thing
<ottidmes>
sphalerite: in that case, ignore my remark, and good job!
<sphalerite>
infinisil: can you just put the new contents in the file manually? :P
<infinisil>
sphalerite: Yes, hold on
<infinisil>
,declarative
<{^_^}>
There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile https://git.io/fp0aU ; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
<infinisil>
Gonna try to figure out what's going on with this
hio has joined #nixos
<hio>
Is NixOS ready for primetime?
<simpson>
hio: Yes.
<feep>
alright, I got cura to work
* feep
closes ~50 nix related tabs
<hio>
Can it defeat Clearlinux and CoreOS too, or just Ubuntu and CentOS type distros?
Itkovian has joined #nixos
<feep>
define "defeat"
<ottidmes>
Just curious, but those bots I assume just read an IRC channel and respond if they see a message matching an enquiry to them, in this case, a comma prefix, but what if there are multiple bots using that in e.g. #bottest, wont you get multiple bots responding to the same command?
<simpson>
hio: Some people do use NixOS as a container host or a k8s base, and some people use it to replace traditional Ubuntu installations. It's just Nix and systemd.
<simpson>
ottidmes: Yes.
<ottidmes>
simpson: good, then it makes sense to me, and if bots would go insane in e.g. #nixos, they would just be kicked I assume, so its not really a problem
<simpson>
ottidmes: Presumably, yes. How to deal with mutually-interacting bots is an old and difficult open problem.
<infinisil>
hio: I'm not sure why people think Nix is like Haskell. The only thing that's the same is that both languages are purely functional, and nothing else
<ottidmes>
hio: I think that is a biased view, just because functional programming languages have been used mainly in academia before becoming more mainstream today, that does not mean its any more difficult than what you probably consider easy to use languages (they are only easy, because after learning them the hard way, you are now very familiar with them)
<infinisil>
hio: But yes, NixOS is totally usable for non-functional people, you can get through without ever thinking about functional programming at all
<simpson>
hio: You can write expressions in the standard Nix expression language, which doesn't have much to do with Haskell other than basic features like having functions and lazy-by-default evaluation.
<ottidmes>
hio: you should see it more like a JSON like language extended with some features to make it more like programming language, the data it produces is than fed to the Nix tools to e.g. build you a package
<hio>
Okay, does Nix have an IDE with full autocomplete?
<feep>
anyway, gonna go fry some eggs, then onwards to actually trying with a curaengine fork so I can actually try and fix the thing I wanted to fix
<hio>
because if it doesnt, that will annoy me a lot because I feel like you should have used XML with XSL schema and then I would have intellisense
<erratic>
Hio spacemacs has a nixos layer
<erratic>
I use that
<erratic>
It works pretty well
<hio>
I dont use these super old software products like Vim and Emacs. I prefer VSCode and QtCreator
<ma27>
jtojnar: sorry, seen too late:) I agree with changing to libsecret, but I'm not sure why we want to enable it by default (I added a wrapper, so overriding the gnome-keyring option doesn't cause a rebuild of the package
<erratic>
Its mot seemless but it works with a little fucking with
<dramforever>
You have very strong expectations for software I suppose
<hio>
I'm purposefully acting like a casual user in order to portray a real life event that occurs 200 times a day probably when a clueless ubuntu user would try out NixOS and gets forever scared because of these important issues that I bring up. I would actually expect to be thanked instead of run out of here
<simpson>
hio: Please don't be a help vampire, thanks.
<erratic>
Hio yeah i figured but its getting boring :) we are all competent nixos users
<dramforever>
The problem is that it's going to take quite a while before you can install NixOS without reading a manual
<hio>
I am providing valuable feedback
<simpson>
hio: No you aren't.
<sphalerite>
hio: we are fully aware that nixos is completely unsuitable for clueless ubuntu users.
<sphalerite>
hio: you're telling us that the sky is blue.
<erratic>
Lol
<hio>
See here is the problem, you have baited me. Remember my first question?
<hio>
I asked whether this distro is ready for prime time or not
<hio>
you said YES
<hio>
Then I asked if it is only for intellectuals
<simpson>
hio: Yes. You're talking to people who do NixOS in production. Right now.
<hio>
once again you heavily implied that anybody could use it
<dramforever>
Hmm
<simpson>
Just because *you* can't use it, doesn't mean that others don't.
<erratic>
Hio theres some stuff about it like drives me nuts
<hio>
ok lets hear it erratic
ixxie has joined #nixos
<dramforever>
hio: not sure what you're trying to say
<simpson>
erratic: Don't feed, please.
<hio>
I would like to know real world problems with NixOS before I spend more of my time on it. Is that really too much to ask?
<sphalerite>
erratic: same! The trolls in #nixos for one drive me nuts.
peacememories has joined #nixos
<hio>
ok I think this isnt a live environment, the manual doesnt mention anything about installing it
<hio>
wait now it does, chapter 2.3
<hio>
I have to mount stuff on the command line?
<simpson>
hio: And I'd like for you to learn to read the manual. Apparently that *is* too much to ask, though. It's software, so of course there are problems.
<hio>
are you serious, I installed NixOS twice before and it was never this hard
<simpson>
Are *you* serious!?
<hio>
yes, it was never this hard
<dramforever>
You mean you tried two other Linux distributions?
<ottidmes>
simpson: don't feed :P
<erratic>
Hio its easier to start with than using chef or ansible .. or puppet imho
<hio>
ok give me a second, im typing in the commands now to install
<erratic>
I donno if you’re familiar but those are damn involved
<erratic>
And nix makes what would be a pile of cookbooks, settings, and a whole server something i can do with one file allbeit only to some degree, and not always without problems
<dramforever>
The installation instructions for Arch has even more command steps... I think they're doing fine?
<erratic>
And if documentation is what bugs you then id suggest trying gentoo >_> portage is easily the best package manager ive ever used and documentation for it is pretty scarce sometimes for eclasses
<erratic>
You have to find examples in ebuilds
<erratic>
P
<dramforever>
hio: If you want to install and try NixOS we can help you through it
<erratic>
Lol also i use arch docs for gentoo sometimes
<hio>
i could swear it was never this hard or maybe I never tried to actually install it and I was always in the live environment
<dramforever>
Oh
<dramforever>
maybe you downloaded the virtual machine image?
<dramforever>
that .ova file
<capisce>
hio: what are your reasons for wanting to use NixOS in the first place?
<erratic>
Something that kinda bugs me about the livecd is that it doesnt come with zfs progs and you have to edit the nix file and rebuild the live image ehich if you try to do without swap.. RIP
<erratic>
I have a pretty decent readme there if you want to try it
<hio>
what kind of weird VIM is this, i cant get out again
<ottidmes>
hio: partition your drives the way you like (see the manual, or any resource about it, like mentioned the Arch wiki tends to be very informative), then mount your system like you normally would, except relative to /mnt rather than /, the rest is just generate a initial config, tweak it as needed (all in the manual), and install it with a single command, it was easier for me than Arch was at the time
<dramforever>
I think Arch is still like 'that'...
<hio>
ok i have my first problem with the installation process
<samueldr>
hio: what's wrong with the vim on the iso?
<hio>
the manual says "mount /dev/disk/by-label/nixos /mnt"
<infinisil>
Bitten by unnamed arguments..
<hio>
but for me the path doesnt exist
<hio>
the iso is in this path: "/dev/disk/by-label/NIXOS_ISO"
<sphalerite>
infinisil: neat
<dramforever>
You need to start from the beginning of chapter 2
<ottidmes>
dramforever: Never said otherwise, it was just a few more steps involved compared to Arch (at least at the time), I have not used Arch other than to bootstrap NixOS in years now :P
<samueldr>
hio: could you share which instructions you used to partition?
<dramforever>
From partitioning the disk
<dramforever>
I think hio just went straight to 2.3
<hio>
I didnt partition anything
<dramforever>
Well yeah you do need to do that yourself...
<dramforever>
Well, 2.2 Partitioning and formatting: 'The NixOS installer doesn’t do any partitioning or formatting, so you need to do that yourself.'
<samueldr>
2.2 in the nixos manual shares a known working setup to partition, it's not the only way, but the rest of the installation section assumes these were followed
<hio>
ok what about 2.2.1 and 2.2.2. I need to do them both or just one of them? because they both seem to be about partitioning boot stuff
<samueldr>
you will need to do only one of 2.2.1 or 2.2.2
<dramforever>
Do you know whether you're booting from UEFI or MBR?
<samueldr>
as the last sentence of 2.2 says: "The recommended partition scheme differs depending if the computer uses Legacy Boot or UEFI.
<hio>
ok feedback: The manual should really say that samueldr
<hio>
ok sorry i guess it does
<hio>
but it should say so at the start of 2.2.1
<samueldr>
and the last sentence of 2.2.[1,2] tells to continue to 2.2.3, just in case
<hio>
what should I pick, zfs or xfs?
<hio>
i think xfs
<dramforever>
Which part are you in now?
<hio>
that's just a general question
<dramforever>
Oh okay
<hio>
ok now it is giving me an error
<hio>
after the "# parted /dev/sda -- mkpart primary linux-swap -8GiB 100%"
<hio>
"Error: partitions 1 on /dev/sda have been written but we have been unable to inform the kernel of the change, probably because it is already in use. Asa result the old partition willr emain in use. You should reboot before making further changes. Ignore/Cancel?"
<dramforever>
Wait, are you sure you want to install to /dev/sda?
<hio>
why not, this is a VM
<dramforever>
Hmm
<dramforever>
That's weird
<dramforever>
New disk, I'm assuming?
<hio>
it's on VMplayer, sure
<hio>
okay, i still get an error even though I did all the previous steps now
<hio>
nixos-generate-config --root /mnt
<hio>
ERROR: not a subvolume: /mnt/boot
<hio>
that directory exists though
<dramforever>
did you mount the boot partition to /mnt/boot ?
<hio>
yeah i did "mount /dev/disk/by-label/boot /mnt/boot", already mounted it says
<hio>
oh i think i know, it says that the filesystem is read only at /mnt/etc
peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<dramforever>
Never saw that message before. Did you use ext4 for root and fat32 for boot, as the manual said to?
<hio>
yeah I just copy pasted it all of course
<hio>
it says: "writing /mnt/etc/nixos/hardware-configuration.nix... mkdir /mnt/etc: Read-only file system at /run/current-system/sw/bin/nixos-generate-config line 524"
<dramforever>
Might be related to the parted problem earlier
<dramforever>
Can you try restarting the VM?
<hio>
wait a second, isnt it obvious? everything in a live environment is ready only right?
<hio>
read* only
<ottidmes>
hio: maybe umount /mnt/boot and /mnt, check your partition table again if all is right, and remount?
<dramforever>
hio: no because /mnt should be the disk you install to
<dramforever>
somehow it was mounted read only
<ottidmes>
hio: only the /nix/store and what is symlinked to it
<hio>
see the reason why people dont like command line installations is precisely because of stuff like this. it never works easily and if it did then you would just hide it behind a bash script so I could run it all in one go
<hio>
the keyboard is also not in my locale
<hio>
and i cant resize the vm, it's a tiny window
<hio>
all issues because there is no real graphical installer that does all this annoying stuff for me automatically
<infinisil>
hio: Do you have time and skills to create a graphical installer? If so, we need you!
<MichaelRaskin>
I hate graphical installers because they make partitioning exactly like I want more complicated
<infinisil>
MichaelRaskin: There should always be a terminal fallback
<MichaelRaskin>
xrandr --output default --mode 1024x768 should probably helpe resize the VM
<ottidmes>
MichaelRaskin: I am with you on that one! The only Linux distributions I liked did so
<MichaelRaskin>
setxkbmap should help with keyboard layout, I guess.
GiGa has quit [Quit: Leaving]
freeman42x]NixOS has joined #nixos
<hio>
ok i deleted all the partitions and redid the steps, i must have mixed up the uefi and mbr steps before
<hio>
now how do I add gnome 3 to the configuration.nix?
<hio>
i just copy paste the whole thing from github?
<dramforever>
you pick one of the displayManager list and one of the {window,desktop}Manager list
<dramforever>
I mean, you do see KDE in the example config, right?
<dramforever>
uncomment the lines and change plasma5 to gnome3, and change sddm to lightdm
<hio>
yeah it made me angry to see KDE but not gnome3
<dramforever>
Also 'Enable the X11 windowing system.'
<dramforever>
That wasn't entirely obvious I suppose
migy has quit [Quit: migy]
<dramforever>
The whole purpose of the file you linked is that you can just services.xserver.desktopManager.gnome3.enable = true; instead of pasting the whole thing
migy has joined #nixos
drakonis_ has joined #nixos
drakonis1 has quit [Ping timeout: 250 seconds]
<booglewoogle>
ooof. I've got a peculiar situation and can't seem to find an explanation on my own. I'm (still..) trying to get this expression -- https://hastebin.com/umiganafev.bash -- to work properly. i've recreated the script that installs the program on other distros in the expression, so this isn't wholly standard procedure. now what's kinda weird, but maybe just some error in my script recreation: it installs, but the version of
<booglewoogle>
the executable is wrong. what's REALLY weird though: entering a nix-shell in an empty dir with just the expression (as default.nix), then going `unpackPhase; cd source; patchPhase; buildPhase` leaves me with completely fine binaries. but in the expression I've specified that only these 3 phases are done?
<booglewoogle>
so from what I understand the normal installation via nix-rebuild should leave me with the same stuff
<dramforever>
Can you do genericBuild in the nix-shell?
<booglewoogle>
lemme try
<dramforever>
And I feel like you're missing installPhase
alex`` has joined #nixos
<booglewoogle>
yeah, I've had all phases in there before with the same error. since doing only these 3 phases in nix-shell worked, I afterwards removed any other phases from the expression because I thought "ok, maybe one of the other phases I didn't run in the nix-shell messed something up"
<dramforever>
I see, you're installing in postBuild
<booglewoogle>
yep
<booglewoogle>
because overriding the phase like so `installPhase = '' foo '';` didn't work -- it would still run `make install` at some point which it mustn't. so I took the phase out and moved the essential parts to postBuild
<dramforever>
huh, what did you mean by 'the version of the executable is wrong'
<booglewoogle>
currently genericBuilding, gonna take a while
betaboon has joined #nixos
<ottidmes>
booglewoogle: if you run installPhase via nix-shell, it executes the function that does the generic installPhase, you have to run something like: eval $installPhase instead
<ottidmes>
booglewoogle: that is, if you overwrite if for your own
<dramforever>
genericBuild should end with being unable to install stuff to $prefix due to lack of permissions
<booglewoogle>
ottidmes: aah, okay, I see. that explains that
<hio>
NixOS still hasnt installed correctly, this is how it looks now after installation and reboot: https://imgur.com/a/XiEJzFV
<dramforever>
When you get there check the binaries that weren't installed
<WilliamHamilton[>
which package is the android suite so that I can do `adb reboot ...`? I don't find it in the online search or in nox
<ottidmes>
,locate adb
<{^_^}>
Found in packages: msf, axis2, oh-my-zsh, androidndk, bashCompletion, python27Packages.pwntools
<booglewoogle>
dramforever: the binary I get in the end from nixos-rebuild is fasterMelee 5.0, I need 5.9 though. the installation script does this, it patches the cmakelists and adds files for version 5.9.
<WilliamHamilton[>
ottidmes: androidndk?
<ottidmes>
WilliamHamilton[: guess so
<WilliamHamilton[>
thanks, will try
aanderse has quit [Ping timeout: 252 seconds]
<dramforever>
hio: is the screenshot booted from the hard drive and logged in to root?
<clever>
hio: that is totally normal, you have the xterm desktop manager enabled
<clever>
hio: you need to either disable xterm, or select a different DE at the login screen
<dramforever>
What's your /etc/nixos/configuration.nix now?
<ottidmes>
clever: I have been using $out consistently in my packages, and now see $prefix being used, I checked the generic setup and see that it indeed usually is set to $out, should I be using $prefix instead?
<hio>
clever, there is no other thing available. it just says "other.." with 0 items in the dropdown
<hio>
dramforever: yes, it is after login with root
<dramforever>
So lightdm seems to be working
<clever>
ottidmes: i still prefer using $out, i think $prefix is from FHS, and goes along with things like --prefix=/usr/
<dramforever>
hio: so what's your /etc/nixos/configuration.nix like now?
<clever>
hio: did you enable a different desktopManager?
<dramforever>
The grand file
<hio>
termbin.com/h5hc
<clever>
gnome3 is enabled
<clever>
hio: try also adding services.xserver.desktopManager.xterm.enable = false; and nixos-rebuild switch
<dramforever>
Install the one you want with nix-env -iA nixos.open-vm-tools-headless
<hio>
has anyone tested this, it doesnt seem to work for me. Maybe it installs the wrong way, it probably has to start system services etc. Does nixos allow that by default? Because firefox and chromium got installed into some weird subfolder too, they arent in the start menu
<WilliamHamilton[>
clever: mine is `crw-rw-r-- 1 root root 189, 147 Nov 24 19:01 002/020`, so also world readable
<clever>
WilliamHamilton[: if you `adb kill-server` then try again as root, does it work?
<clever>
hio: you have to logout and log back in form gnome3 to detect things being installed
<dramforever>
In KDE I just do kbuildsycoca5 after installing
<dramforever>
it, among other things, refreshes the application list cache
<WilliamHamilton[>
clever: it works indeed, I forgot I had to kill the server when I try to start it non root! Thanks!
<clever>
WilliamHamilton[: that confirms that the problem is linux permissions
<clever>
WilliamHamilton[: try `strace -f -o logfiles adb device ; sleep 5; adb kill-server ; grep EPERM logfile` as non-root, after pre-killing it
<dramforever>
hio: sounds like restarting gnome-shell with Alt-F2 and typing 'r' there will work will work
<booglewoogle>
dramforever: I've run genericBuild in the nix-shell. everything worked fine, correct version.
<dramforever>
huh
<dramforever>
But that's about exactly how nix-build does it
<booglewoogle>
something's there
<booglewoogle>
something's different
<booglewoogle>
and it becomes critical in this nix expression
<booglewoogle>
but I can't tell what it is
alex`` has quit [Ping timeout: 244 seconds]
<dramforever>
maybe it's something else
<booglewoogle>
hmm
<dramforever>
how are you installing it?
<dramforever>
like, what did you do to get the wrong version?
mayhewluke has quit [Ping timeout: 250 seconds]
<dramforever>
also, an idea that would take some time again: try doing something like your-thing --version at the end of postBuild
alex`` has joined #nixos
<dramforever>
If that prints the wrong version then yes it's 'something's different'
<booglewoogle>
just rebuilding with the expression in my configuration.nix. i.e. "fasterMelee" in systemPackages and letting `fasterMelee = with import <nixpkgs>{}; callPackage ./fasterMelee.nix {};`
<clever>
booglewoogle: you already have a pkgs imported, so you should be able to just pkgs.callPackage
<booglewoogle>
oh I had the let statement above { config, pkgs, ... }:
<dramforever>
shouldn't have caused this
mayhewluke has joined #nixos
<booglewoogle>
but yeah, I think that should be OK, in, comparable to genericBuilding in the corresponding nix-shell?
<dramforever>
I'm starting to feel like it's being built but not actually used
<dramforever>
Can you try nix-build?
<clever>
booglewoogle: can i see the expressionthat your trying to fix?
<dramforever>
nix-build -E '(import <nixpkgs> {}).callPackage ./fasterMelee.nix {}' or something like that
<clever>
bit strange that your not using the installPhase
<dramforever>
'had some problems earlier'
<clever>
and why are you running cmake in prebuild?
<booglewoogle>
I'm avoiding installPhase because it ran make install in the nix-shell even thought it mustn't. I've now learned that was because I ran the wrong installPhase there.
yyadavalli has joined #nixos
<clever>
ah
<clever>
yeah, `installPhase` always refers to the function, not your override
<booglewoogle>
cmake like that, because i wanted to get out of the configurePhase to be sure it's not the culprit
<hio>
the openvmware tools dont work for me :/
<hio>
cant resize or copy paste from host
<clever>
booglewoogle: the cmakeFlags var does that for you
<yyadavalli>
Hi, I'm trying to install postgresql 11 on my nixos 18.09 machine. I am unable to find the package name? Can someone please help?
<booglewoogle>
the expression, like it is there, is the result of a lot of debugging attempts with nix-shell
<dramforever>
hio: services.vmwareGuest.enable = true; in your /etc/nixos/configuration.nix
<booglewoogle>
clever: i've got that link open. :) -- yeah, I know about cmakeFlags and had it like that, but I wanted to get rid of the configurePhase just in case.
<dramforever>
Otherwise nix-env just installs it but never enables it
<booglewoogle>
and yeah, it does build the correct binaries with genericBuild from a nix-shell on this expression, but it doesn't when I nixos-rebuild.
<dramforever>
booglewoogle: at this point it feels like you should just override builder altogether :)
<booglewoogle>
dramforever: you're probably right, I didn't/don't really feel confident enough for that though, heh. I don't understand everything in the setup hook and don't want to miss critical parts
<dramforever>
don't forget nixos-rebuild switch and probably a restart
<clever>
/nix/store/xql1swlhkw4gry13vk1p0jvcaq48bmdy-glib-2.56.0-dev/include/glib-2.0/glib/gtypes.h:32:10: fatal error: glibconfig.h: No such file or directory #include <glibconfig.h>
<yyadavalli>
Ok thanks, can I get it from nixpkgs unstable? what should be the value for services.postgresql.package in that case?
<dramforever>
booglewoogle: don't worry, make it work first, fix later
<hubbypa>
Read that. But I’m trying to install as an example unstable.vimPlugins.papercolor-theme. I seem to be able to only install the ones that prefix with nixos.vimPlugins.*
<vasarmilan>
hi! i have installed NixOPs on NixOS 19.03 via environment.systemPackages; however, using the example from the documentation (https://nixos.org/nixops/manual/#idm140737318599728) yields error "Exception: unable to activate new configuration". does anyone have an idea what went wrong? thank you!
<hubbypa>
If I put ‘papercolor-theme’ in my plugin list then I get “undefined variable ‘paper color-theme’”
<dramforever>
maybe just unstable.vimPlugins.papercolor-theme?
<hubbypa>
Tried that too. “Undefined variable ‘unstable’”
<{^_^}>
[nixpkgs] @nlewo opened pull request #50990 → Increase nix-instantiate heap size in eval-release.sh → https://git.io/fp06W
klntsky has quit [Quit: WeeChat 2.2]
<hio>
dramforever: wow, it worked! awesome
<clever>
hubbypa: you need to first unstable = import <nixpkgs-unstable> {};
<hubbypa>
Ok thanks. I’ll try that.
<clever>
booglewoogle: mv: cannot stat 'Ishiiruka/build/Binaries/': No such file or directory
<clever>
51 postBuild = ''
<clever>
52 mv Ishiiruka/build/Binaries/ bin/
<booglewoogle>
still building with nix-build, 85%. after I started that I replaced the glib and gtk2 with glib.dev and gtk.dev in the identifiers
<booglewoogle>
umm
<booglewoogle>
hmm
<clever>
i'm also cleaning up other bits nearby...
<hubbypa>
clever: thanks. Working great. Learned another thing about nix now too.
<booglewoogle>
clever: all I can think of there is that I enter the source folder after the unpackPhase. but just entering the shell and doing genericBuild, for example, builds the expression fine for me
<booglewoogle>
it's also currently building via nix-build -E '(import <nixpkgs> {}).callPackage ./fasterMelee.nix {}'
<clever>
booglewoogle: also building it the same way
[Leary] has joined #nixos
<booglewoogle>
huh
<booglewoogle>
ah that's postBuild
<booglewoogle>
hmm
Lears has quit [Read error: No route to host]
<booglewoogle>
oh
<booglewoogle>
whoops
<booglewoogle>
I may have removed one too many lines when I removed my debug echos before uploading
<booglewoogle>
there should be a cd ../.. between line 51 and 52
<{^_^}>
Ultimaker/CuraEngine#919 (by FeepingCreature, 12 seconds ago, open): When printing raft, use last position of previous layer to plan next layer.
<ottidmes>
infinisil: I prefer stable by default, and I use unstable explicitly for those few packages I need to be sure I am running the latest all the time
<booglewoogle>
the seds are from line 198ff
<booglewoogle>
(only those because we're interested in version 5.9 only)
<clever>
booglewoogle: i'm confirming them now...
<infinisil>
ottidmes: Hmm I guess that's a good point
<ottidmes>
infinisil: And I even have some for which master is not bleeding edge enough, so I guess I have 3 layers in place
<infinisil>
ottidmes: Huh, you mean like unmerged PRs?
<clever>
booglewoogle: it will only run lines 147-162, if git is tound
<clever>
booglewoogle: if git is not found, it will grab the 5 on 166, and the 0 on 167
cyounkins has joined #nixos
drakonis1 has joined #nixos
<clever>
so all of the sed's to replace git calls arent needed
<ottidmes>
infinisil: In the case of bitwarden_rs its also something I should create a PR for, but I am not sure how to go about Rust packages. I was only able to make it work with Rust on unstable (which probably should be ok, since PR are mostly done on master, but still)
<booglewoogle>
clever: OOOOOOOOOOOOOOOOOOOOOOOOOOOH, and that's why out of a nix-shell it works correctly
<booglewoogle>
clever: man
<clever>
booglewoogle: your shell isnt pure, and git leaked in
<booglewoogle>
yeah
<booglewoogle>
it all makes sense
<booglewoogle>
you actually got to the bottom of it
<booglewoogle>
wow
<clever>
sed -i 's|DOLPHIN_VERSION_MINOR "0"|DOLPHIN_VERSION_MINOR "9"|g' CMakeLists.txt
<clever>
thats also why i prefer testing with nix-build interatively, and adding commands to the nix file, for nix to run at the right time for me
<clever>
its slower, but more pure
<clever>
booglewoogle: also, your fetching the fmconfig from the git master, that will break very fast
drakonis_ has quit [Ping timeout: 250 seconds]
<booglewoogle>
clever: oh, I didn't even know that, I thought interactive building was what the shell was, among other things, for
<clever>
thats usually what nix-shell is for, but some packages have nasty surprises in them
drakonis_ has joined #nixos
Mr_Keyser_Soze has joined #nixos
<booglewoogle>
okay, I just took that from the script aswell. seems like there are no other branches though?
<clever>
hio: when you install something with nix-env -i, it will read ~/.nix-profile/manifest.nix, mutate it (add a new package), then build a new profile from that, and update the symlink that .nix-profile is pointing to
<clever>
that new profile contains the new version of manifest.nix
<hio>
actually, ~/.nix-profile is a broken link on my computer
<clever>
hio: it will be a broken symlink if you have never nix-env -i'd something before
<simpson>
hio: There are dozens of folks who give time to maintain the collection of packages as a whole, and hundred(s?) more who have contributed package descriptions.
<clever>
hio: in that case, it will generate a new profile with only the thing you just installed, and fix the symlink
cyounkins has quit [Remote host closed the connection]
<hio>
can Nix really replace ansible and jenkins? lets say I wrote a website with java libraries. Is the best way to make my own Nix package and then always update that package? But I think I would need to deploy to a private nix package registry if that exists
<clever>
hio: you dont really need a package registry, you can just load custom nix files locally
<clever>
for both nixos and nixops, you can just add an overlay to nixpkgs.overlays to add custom packages to it
<hio>
ok but in case you dont know, jenkins pulls my source code from git and then builds it and then copies it over, starts services etc. I need to code all that up somewhere so that it happens automatically on every git commit = new build
<simpson>
There *are* a few different ways to have private registries, if you need them.
<hio>
maybe I still need jenkins, idk. I was just asking
<clever>
hio: if you want something to happen on every new commit, you need something like hydra or travis
<clever>
if you just want it to happen on-demand, you can do it locally
<hio>
hydra is hard to google, can you give me a more specific term?
<clever>
booglewoogle: ok, it runs, but ive definitely broken things, all the images are missing
<booglewoogle>
clever: oh, whoops. that's gotta be related to the seds then, right?
<clever>
booglewoogle: nope, i removed a lot of other things
<booglewoogle>
i'm still in the build process with my original expr + glib fix + git
<booglewoogle>
oh, okay
<clever>
model name : AMD FX(tm)-8350 Eight-Core Processor
<clever>
i think thats why i'm winning every race
<dramforever>
hio: you might want to know that Non-root users can install stuff with nix-env -i as well
<clever>
hio: yeah, all users can install any program
<dramforever>
There's /nix/var/nix/profiles/default/bin in $PATH in everyone's environment and root's ~/.nix-profile is /nix/var/nix/profiles/default, so nix-env -i as root will install stuff for everyone
<dramforever>
But if you nix-env -i as yourself you install to your own ~/.nix-profile
<dramforever>
Thought this might have confused you
<clever>
booglewoogle: graphics are back, and gist updated
<infinisil>
Argh, is there a way to get callCabal2nix to work even without a .git directory??
<infinisil>
Well indirectly
<clever>
infinisil: it shouldnt need a .git
<infinisil>
I'm trying to do `import (builtins.fetchGit { url = "https://github.com/haskell-nix/hnix"; rev = "2e4e5e00779a6b167881109ad95e22055d5e43e7"; }) { inherit pkgs; }`
<infinisil>
But that fails with cabal2nix: user error (Failed to fetch source. Does this source exist? Source {sourceUrl = "/nix/store/ywp560hsh6chcq4ijsg77nhl20ji2ccc-gg7mrbc10lav93q1j5bsvq90518zmvwc-source", sourceRevision = "", sourceHash = Guess "", sourceCabalDir = ""})
<clever>
infinisil: if you ls that dir, does it have a cabal file?
<booglewoogle>
clever: my build finished just now, successfully with 5.9! gonna try your gist now
<infinisil>
clever: Doesn't have a single file in it
<infinisil>
...
<infinisil>
Ohhhhhhh
<ottidmes>
How do people deal with encryption in servers in the context of unexpected reboots by the server provider? Would it be safe enough to send a request to a machine I trust that then makes a SSH connection with the locked server and unlocks it?
<clever>
infinisil: what args did you run callCabal2nix with?
<infinisil>
Hold on
<MichaelRaskin>
ottidmes: what is your threat model?
<MichaelRaskin>
I mean, if you want to protect against mindless grabbing all of the HDDs in a DC, it is one model; if you do want to protect against directed and malicious tampering, how can you be sure that you don't ssh to a server with modified /boot?
<clever>
infinisil: callCabal2nix always does a filterSource pass, to only allow hnix.cabal for example
<clever>
infinisil: so it doesnt redo the cabal2nix needlessly
<clever>
if you give it the wrong name, then you get an empty dir
<ottidmes>
MichaelRaskin: yeah, so it would be your first case
<infinisil>
clever: , name ? builtins.baseNameOf root
<infinisil>
developPackage ^^
<infinisil>
And the root in this case is a /nix/store/... path
<infinisil>
So maybe that's something to do with it
<clever>
infinisil: the name of root, will change to be hash-source
<clever>
you must set name = "hnix"; in that default.nix
<MichaelRaskin>
ottidmes: so you assume that if the machine is booted inside the DC with its correct IP, everything should be OK?
<ottidmes>
MichaelRaskin: how would protect against the latter anyway, I have to trust the data center, encryption in a virtualized environment is hackable, a simple USB stick could replace my /boot etc.
<clever>
ottidmes: TPM maybe?
<clever>
ottidmes: if used correctly, the TPM verifies that nothing in the boot process is modified (nixops deploy will now be a major pain in the ass)
<clever>
and if the OS is properly hardened, it will be difficult to get in after it boots, even with physical access
<infinisil>
clever: Ahh nice that worked
NinjaTrappeur has quit [Quit: WeeChat 2.3]
<infinisil>
I guess I'll make a PR for it
<infinisil>
Hold on
<ottidmes>
clever: more difficult, but still doable, so I guess, if I am ever to be targeted by a serious party, that those measures will fail at some point to
<infinisil>
Yeah that worked
<infinisil>
clever++
<{^_^}>
clever's karma got increased to 48
<booglewoogle>
oh right
<booglewoogle>
clever++
<{^_^}>
clever's karma got increased to 49
<ottidmes>
MichaelRaskin: but yes, that was my idea, if its still inside the DC, it should be OK
<clever>
:D
<ottidmes>
I am intergrating clever's kexec boot in my code, so, lets get him to 50:
<ottidmes>
clever++
<{^_^}>
clever's karma got increased to 50
<dramforever>
You're clever
<MichaelRaskin>
ottidmes: then if you SSH inside DC (known-IP + SSH key check) to unlock, it seems to be OK by your definition of threat model
<dramforever>
Nothing beats a nice pun like that
<dramforever>
A... clever pun :)
<dramforever>
Sorry
<infinisil>
dramforever: I'm sure he hasn't ever heard that one before
<infinisil>
:)
<MichaelRaskin>
infinisil: indeed, he normally _reads_ that one.
<MichaelRaskin>
clever: or do you use TTS with IRC?
<booglewoogle>
am I just not seeing it, or is this something different in fasterMelee's code?
<booglewoogle>
in the latter case I'd hit up the maintainer, he'll know what he did there huh
<clever>
MichaelRaskin: raw irssi in xterm
<clever>
booglewoogle: i also noticed that bug, but havent looked into the cause just yet
metastance has quit [Quit: WeeChat 2.3]
metastance has joined #nixos
jtojnar has quit [Read error: Connection reset by peer]
<booglewoogle>
clever: ah, alright! :)
<MichaelRaskin>
Now I suddenly realise that ii is probably the best IRC client for attaching TTS.
jtojnar has joined #nixos
metastance has quit [Client Quit]
<infinisil>
Ugh, does builtins.fetchGit not support submodules? :/
umbaws has joined #nixos
<clever>
infinisil: why are you not using pkgs.fetchgit?
<infinisil>
Dem evaluation fetches!
<infinisil>
Um, preeval
<infinisil>
IFD bad
bgamari has joined #nixos
<infinisil>
I guess if builtins.fetchGit doesn't support it I'll have to use that one instead
<bgamari>
domenkozar, have you successfully used the debian 8 disk image to build things?
<infinisil>
The builtins are nice, but they are so limited
<bgamari>
domenkozar, it looks to me like there may be coreutils incompatibility
<bgamari>
domenkozar, namely updateSourceDateEpoch relies on the --zero-terminated flag of tail
<bgamari>
domenkozar, which the version of tail shipped with debian 8 appears not to support
<infinisil>
clever: Also, no need to provide a sha258 with builtins.fetchGit
shpx has joined #nixos
<dramforever>
What does IFD stand for?
<ottidmes>
MichaelRaskin: clever: I am wondering, could I do better than the known IP + SSH, considering I use run of the mill KVM VPSes? They will be LUKS encrypted except for boot
<MichaelRaskin>
Import from derivation
<domenkozar>
bgamari: haven't used debian8, I think
<clever>
dramforever: import from derivation
<ottidmes>
Import From Derivation (IFD)
<dramforever>
Ah
<infinisil>
People
<infinisil>
,IFD
<bgamari>
domenkozar, I see
<{^_^}>
import-from-derivation (IFD) is when you evaluate nix from a derivation result, for example `import (pkgs.writeText "n" "1 + 1")` will evaluate to 2
<infinisil>
^^^
<ottidmes>
lol
<dramforever>
That was much simpler than I expected
<hio>
Ok, I have a complaint: [pc@nixos:~]$ time nix-env -qa java ""error: selector 'java' matches no derivations "real0m7.896s""
<hio>
8 sec just to tell me that java doesnt exist even though it does, in the form of openjdk10
<ldlework>
hio, a big feature of NixOS is reproducability - instead of typing package manager commands into the CLI (which you can do) you can write down your system configruation instead
<ldlework>
Then you can build that configuration anywhere.
<ldlework>
Say your laptop is stolen.
<ldlework>
or waterlogged or whatever
<hio>
yeah I get it, that's why I said that I like NixOS but that doesnt change the fact that it's needlessly complicated to the usr
<hio>
user*
<mpickering>
domenkozar: So I think your profile just shows the same as before, that megaparsec is allocating things to do with error messages it never needs as the parse succeeds.
<dramforever>
needlessly complicated, yes I would agree, but I'm not sure 'I just want "cmd install X; cmd remove X; cmd search X"' is going to come true any time
<dramforever>
Like, is that even comparable
<ldlework>
you can definitely use Nix that way
<booglewoogle>
hio: you do have those though. for your user environment: install = `nix-env -iA X`, remove=`nix-env -e X`, search=`nix-env -qaP X`. you just have more, and more elegant, options than with other OS
<domenkozar>
mpickering: I wonder if we can make those error more lazy
<dramforever>
I just said 'Please run fstrim and run it every tuesday'
<dramforever>
I didn't even say 'install fstrim'. That was inferred
jb55 has quit [Quit: WeeChat 2.2]
<dramforever>
I think it goes in a different axis than 'install, remove, search'
<timclassic>
Hmm, is there an easy way to add a new kernel module to linuxPackagesFor from an overlay?
<ldlework>
I don't really agree. Using services is not "inferring" the installation of related packages. It's all formalized under Nix-lang modules. And all of those modules are to do with installing (or not) packages.
* timclassic
just noticed the `lib.makeExtensible` in there, looking into it ...
<dramforever>
Well
<ldlework>
The thing that Nix adds ontop is configuration.
<dramforever>
I suppose you know what I mean
<ldlework>
I do, but we're dealing with a new person and I feel like this hand-waving is probably MORE confusing.
<dramforever>
I was trying to say that the configuration is done in a different way than 'cmd install X'
fusion809 has quit [Ping timeout: 260 seconds]
<ldlework>
To get started with Nix, you should at least know how to install, remove, and search for packages.
<dramforever>
Well I guess I have a different understanding of 'infer' :(
<ldlework>
"deduce or conclude (information) from evidence and reasoning rather than from explicit statements."
<ldlework>
my point was that it is all interrelated nix-lang expressions and so is explicit all the way down
<mpickering>
(aka, the reason why they are not gced)
<domenkozar>
thanks
<mpickering>
if you could understand how the error handling in megaparsec works though that would probably go a long way to reducing memory usage
<mpickering>
LAG + VOID are both bad
<domenkozar>
I hope Mark can help us :)
<MichaelRaskin>
Package removal is a bit messed up by default, though (in my opinion)
<ldlework>
no gc?
<MichaelRaskin>
(-iA is obviously the way to _install_, but to remove you still need package name)
Mr_Keyser_Soze has quit [Ping timeout: 240 seconds]
<ldlework>
i definitely get confused about how to refer to packages sometimes
<MichaelRaskin>
When I was using Nix to let a coworker install something quickly, I just gave him a wrapper script that did both operations via attribute name
<infinisil>
,fancy-uninstall MichaelRaskin
<{^_^}>
MichaelRaskin: Fancy way to uninstall packages, needs fzf installed: nix-env -q | fzf | xargs -I{} nix-env -e {}
<MichaelRaskin>
infinisil: not a full solution, because it doesn't handle the case when newer Nixpkgs has different package names for the same attribute names
<infinisil>
MichaelRaskin: I think you can't even install them if that's the case?
<infinisil>
Well the later one overrides the earlier one
<dramforever>
I think it makes sense that attribute names can't necessarily be used to uninstall
<dramforever>
after evaluating nix-lang expressions, the attribute names lose their meaning
pareidolia has joined #nixos
<__monty__>
infinisil: But the old one can stay around if you install with nix-env.
Mr_Keyser_Soze has joined #nixos
betaboon has quit [Quit: WeeChat 2.2]
<infinisil>
Eh, if a nix file would be tracked for installations, installing would just be `++ [ pkgs.foo ]` and uninstalling removing the foo again
<pareidolia>
Can someone point me to some documentation on how to include packages from a private channel in configuration.nix?
<dramforever>
Yeah I think I saw a 'nix-rebuild' script somewhere
<ottidmes>
because they were just used to copy from?
<mpickering>
I also thought that -hd -hblag was quite useful as it gives you the name of the closure
<mpickering>
which can point you to somewhere in the source code quite directly
<mpickering>
this is what I did, it pointed me to a function making an error and then I decided it was reasonable that the space leak could be attributed to error tracking stuff
<clever>
ottidmes: without unsafeDiscardStringContext, the kernel cmdline depends on the rootfs, and more then doubles the size of the tar
<hio>
pareidolia: nobody knows, this is all very complex
<clever>
ottidmes: and for nuke-refs, the kernel has some paths in it, that are only useful for development, that bring in more deps
<pareidolia>
hio: Seriously? It's dead easy in Gentoo
<hio>
well I dont know, that's for sure
<ottidmes>
clever: Alright, thanks for clearing that up. Now I am curious if nuking/discarding others like initrd also help in anyway, or did you already try that?
<infinisil>
pareidolia: "private channel"?
<clever>
ottidmes: the initrd is compressed, which breaks nix's dep checks
<ottidmes>
clever: I also got: echo '${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets' > $out/append-initrd-secrets, could I win anything there?
<mpickering>
So then `-hr -hcnixString` perhaps will narrow it down to the biggest case
<infinisil>
pareidolia: Well you probably know how to include packages from a normal nixos channel, right?
<mpickering>
or `-hb -hcnixSTring`
<clever>
ottidmes: thats just writing the path of a bash script to the $out, for nixos-rebuild ot use later
<clever>
ottidmes: so when nixos-rebuild boot updates /boot, it can inject secrets
<pareidolia>
infinisil: You mean nix-rebuild will respond to "export NIX_PATH=custompkgs=/path/to/custom/dir/default.nix:$NIX_PATH" etc?
<domenkozar>
hnix: internal error: Invalid object *c in pop()
<domenkozar>
(GHC version 8.4.4 for x86_64_unknown_linux)
shpx has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<mpickering>
oh retainer profiling is broken on 8.4
<domenkozar>
that is with -hr -hcnixString
<pareidolia>
infinisil: If I version bump a package that's also in nixpkgs, how will it know which to choose?
<mpickering>
which is why I was using 8.6
<domenkozar>
ah :P
<infinisil>
pareidolia: nixos-rebuild not, NixOS only uses <nixpkgs>. If you want to use custompkgs on your path, then you need to use <custompkgs>
<infinisil>
pareidolia: So `mypackage = (import <custompkgs> ...).foo`
<mpickering>
I used -hd and then searched for the name of the closure in the dumped stg
<infinisil>
Or so
<ottidmes>
clever: I was thinking about dependencies of that script, but I guess I actually want to keep those, they would impact the functioning of the script
phreedom_ has quit [Remote host closed the connection]
<LnL>
sure, that also works
phreedom has joined #nixos
WhittlesJr has joined #nixos
<LnL>
but writing an override correctly is usually a little bit harder, depends on how comfortable you are with nix expressions
<pareidolia>
LnL: What's the most idiomatic way?
<WhittlesJr>
Trivial question: how do I get the first non-null value between two values? In clojure it's just `(or a b)`, but in nix `a || b` returns boolean true if a is truthy.
<clever>
i have put the entire installer into the initrd before, lol
<dsx>
I'm not pressed for disk space ;)
steshaw has joined #nixos
<v0|d>
dsx: this is ram not disk, initial ram disk
<dsx>
Yeah, right. It has been a long day today.
<dsx>
Although, RAM is also plenty on this one
<v0|d>
fwiw, initrd is free'd after boot, so no worries.
technoidX has quit [Ping timeout: 250 seconds]
<dsx>
doesn't seem to be working =\
<pareidolia>
LnL: What version should I call a package if I just base it on a Git revision?
<samueldr>
genrerally unstable-YYYY-MM-DD
<pareidolia>
Thanks :)
<ottidmes>
clever: any difference between netbootRamdisk and initialRamdisk? (I have used initialRamdisk for netboots in the past)
<samueldr>
and pareidolia, date of the commit, not current day :)
<LnL>
pareidolia: it's not strictly required, but if you don't change the name you get a hello-2.10 package that's actually 2.11 so it's best to avoid confusion
drakonis1 has joined #nixos
<v0|d>
dsx: https://pastebin.com/geuTnDgc , this might not work if you have 3.0 hub (ie new board), then try xhci_hcd
<dsx>
v0|d: thanks, I'll try
<v0|d>
dsx: also try inserting to other receptacles, some boards have usb 1.1 ports and other 2.0 ports.
<dsx>
I think I have only usb3 on this one. It's hard to see
drakonis_ has quit [Ping timeout: 252 seconds]
<v0|d>
dsx: if thats the case you'll see xHCI in lspci/lsmod/dmesg.
<clever>
ottidmes: netbootRamdisk is a modified initialRamdisk, that includes the entire rootfs in the initrd
<erratic>
is it possible to commit some really trivial changes to networking.firewall.allowedTCPPorts without having to completely rebuild the entire OS when running nixos-rebuild switch
<v0|d>
prob xhci_pci is the name of the root hub module
<erratic>
I dont have enough disk space to do a full rebuild
<erratic>
which is what its trying to do
<v0|d>
xhci_hcd is the driver.
<pareidolia>
The 000000... hash really is a distinguished value, isn't it?
<dsx>
>8 x USB 2.0/1.1 port(s) (8 at mid-board)
<dsx>
That's why I can't find them
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
<erratic>
is there any way to persist firewall exceptions specified in the configuration.nix without a nix-rebuild switch
<erratic>
win 1949
<ottidmes>
clever: Ah, since I haven't used kexec directly myself for a while, it took a while to let it sink in what you meant, but thinking about it, my kexec only had the things inside the initrd, no /nix/store, and checking nixpkgs I now see that netbootRamdisk indeed adds /nix-store.squashfs to the initrd
<clever>
ottidmes: yeah
<clever>
ottidmes: you would need a rootfs on a parition to boot without that
<clever>
and the whole point is to install nixos on a parition :P
<ottidmes>
clever: the reason I am confused is that I have a rescue kexec thing, that does not use it netbootRamdisk, and it too is completely in memory and from what I can remember it worked fine
<pareidolia>
Does the applyPatches function exist?
<clever>
ottidmes: is that rescue for nixos or another distro?
<ottidmes>
nixos
<clever>
/home/clever/apps/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix: applyPatches = pnames: if pnames == [] then null else
<clever>
/home/clever/apps/nixpkgs/pkgs/os-specific/linux/nvidia-x11/default.nix: in applyPatches [ "fix-typos" ];
<clever>
pareidolia: it seems to only exist in one spot, in an nvidia driver
<ottidmes>
clever: but I havent used it in a long time, so I might just misremember, and it might not have worked at the time
__monty__ has quit [Quit: leaving]
<ottidmes>
clever: the only kexec I used with any frequency is that inside my sedutil (SSD builtin encryption) unlock partition, but that only uses things explicitly copied, I guess I need netbootRamdisk for /nix/store to be available
<pareidolia>
Argh. I upgraded to 18.09 and now postgres' initdb won't work any more
<pareidolia>
initdb: invalid locale settings; check LANG and LC_* environment variables
<dsx>
YES!
orivej has quit [Ping timeout: 240 seconds]
<dsx>
It works now.
<dsx>
v0|d: thanks!
<v0|d>
dsx: :)
<dsx>
It took me JUST 10 hours to install linux on this machine.
<ottidmes>
pareidolia: I am curious about that error as well, I am still getting: bin/man: can't set the locale; make sure $LC_* and $LANG are correct, I guess I could try setting LC_ALL=en_US.UTF-8, since $LANG is already set as such
<leotaku>
"builtins.fetchGit" seems to, among other things, return a nix-store path to the source, how would I most easily get the derivation that describes that path?
<{^_^}>
[nixpkgs] @c0bw3b pushed commit from @r-ryantm to master « synthv1: 0.9.2 -> 0.9.3 »: https://git.io/fp09C
<gchristensen>
leotaku: builtins.fetchGit doesn't involve a Derivation.
<infinisil>
pareidolia: Use `patches = drv.patches or [] ++ ...`
<infinisil>
It doesn't need to have a patches field
<pareidolia>
Undefined is falsy aha
<infinisil>
No
<infinisil>
"or" doesn't have anything to do with false or true
ixxie has quit [Ping timeout: 240 seconds]
<leotaku>
oh, ok. I just assumed everything in the nix store came from a derivation
<pareidolia>
Custom syntax, ok
<pareidolia>
It works
<gchristensen>
leotaku: builtins.fetchGit is your nix-build client running `git` and then returning ./path/to/the/checkout which is then copied to the store
<leotaku>
so I probably want a derivation that just points to that checkout then? Is that somehow possible?
<gchristensen>
no, because by the time fetchGit returns it is already copied to the store
alex_giusi_tiri has joined #nixos
<leotaku>
so what should I do then?
<infinisil>
leotaku: Just use fetchGit { ... } directly! Or (fetchGit { ... }).outPath if you must
<gchristensen>
I don't know, what is it you're trying to get done? (what is the X to the question Y)
<leotaku>
I want to make a derivation from a source pulled directly from git, so I can use/refer to it in other derivations.
<infinisil>
leotaku: Yeah you don't need a derivation for that, you just need the source in the nix store, and that's what fetchGit gives you
<infinisil>
Try it out and see if you get any problems with it
<cyounkins>
I have a local copy of nixpkgs, but when I try to `nixos-rebuild -I nixpkgs=~/nixpkgs/ switch` I get `trace: version 19.03.git.1902a25 does not appear in name nixos-version` - Can someone point me to how this should be done? I was previously on the nixos-unstable channel.
<infinisil>
Doesn't really have anything to do with the error, ignore that
<gchristensen>
that trace probably isn't the actual error, can you paste all the output?
<leotaku>
infinisil: but if I for example want to pass the source as a buildInput, i would have to have it in derivation form, right? I know I can manually extract the path from "builtins.fetchGit" but I would much rather just work with derivations, as that seems to be the natural way nixpkgs is structured.
<infinisil>
,tias leotaku
<{^_^}>
leotaku: Try it and see! (then tell us what you saw)
<{^_^}>
[nixpkgs] @c0bw3b opened pull request #51001 → Treewide: use more HTTPS-enabled sources → https://git.io/fp09Q