<ottidmes>
clever: thanks, that should be easy enough to convert to my use case: next-server 192.168.2.61; I assume that is a next DHCP to check, just specifying the router (the normal DHCP server) without any next-server that should be enough for me, right? (I just want a few static entries and default the rest as normal)
<clever>
ottidmes: nope, thats the tftp server for network booting
<clever>
any entry not listed in the static ones will use the range specified by the range option
Rusty1 has joined #nixos
Taneb has quit [Quit: I seem to have stopped.]
<ottidmes>
clever: I was wondering about that too, I have 4 new VPSes, if I want to netboot them, from my understanding so far, they need to have a bootloader installed that supports it and I need a special tftp server to provide an image from, correct? its not something basic VPS providers provide, right?
<clever>
ottidmes: most of the time, the bios is able to netboot without any special software being installed
<clever>
ottidmes: it will query the dhcp server, and then download the file specified by "filename" from "next-server"
<clever>
in my case, the if statement on 143 doesnt match, so "undionly.kpxe" from 192.168.2.61
<clever>
that contains an ipxe binary, which will re-query the dhcp server, and the new query matches the if statement now
<ottidmes>
clever: but from my perspective, I have a VPS running a Arch Linux installer right now, how to go from there to a netbooted install. Right now the easiest solution seems to just copy over a kexec tarball to boot into, but I curious if I could use true netboot in this case too
<clever>
ottidmes: ah, in the case of a VPS, you would need to mess with the boot order in the vm config
<clever>
which the hoster may (or may not) give control over
<clever>
ipxe also has a linux-kernel type image, which you can shove into /boot and wire grub into
perique has joined #nixos
<clever>
but then it will rely on the "filename" from the dhcp server, except...
<clever>
ottidmes: if you override ipxe, and set the EMBED var, you can bake an ipxe script into the binary
<clever>
then it just never does the normal dhcp auto-boot
<clever>
in this example,the script will require signed binaries, dhcp, fetch another script, verify the signature, and execute it
<ottidmes>
clever: yeah OK, so its possible, but I basically need to install something first, to then install netboot as a possibilty, to then netboot and install the real OS, then its no contender for the tarball approach
<clever>
ottidmes: you just need to install grub to /boot with an ipxe.lkrn
<clever>
no real os needs to exist
<ottidmes>
clever: hmm, no need to then reboot? because I dont mind a temp /boot, but if I have to format the disk create a /boot and ipxe.lkrn, then the tarball approach still has a clear edge
Radivarig has quit [Ping timeout: 244 seconds]
<clever>
ottidmes: as long as you can write to the current /boot partition, you can do it without a reboot
<clever>
kexec was just a shortcut to skip having to do that
<clever>
depends on if you want to keep booting from the network, or just kexec an installer and then install normally
<ottidmes>
clever: its just for the installation
<clever>
kexec then, simpler
<ottidmes>
clever: ok, makes sense, I would have been using netboot not as intended, since the servers will not keep running them from memory, but on your particular device it does, so there its a nice fit
<ottidmes>
clever: just curious, on your device, do you have a /boot or did you setup the BIOS?
<clever>
on the kexec'd ones, or the netboot ones?
<ottidmes>
latter
<clever>
no need for a /boot, or even a harddrive at all, for proper netboot
<ottidmes>
kexec does not really need any special setup, does it? (I have not been doing anything special at least)
<clever>
no special setup at all
<ottidmes>
clever: that is, if you have access to boot order setup and such?
<clever>
kexec doesnt care about boot order at all
<clever>
it just directly runs a kernel
<clever>
but boot order may matter when your done, to make the new install boot
<ottidmes>
clever: sorry, my "that is, if you have access to boot order setup and such?" was targetted at "no need for a /boot, or even a harddrive at all, for proper netboot"
<clever>
that will depend on the defaults in the firmware as well
<clever>
it might be setup to try network when hdd fails
<clever>
you just need to experiment
<ottidmes>
clever: and that is what you do on your netboot device, using the BIOS/firmware after having experimented with it
<clever>
yeah
<ottidmes>
ok, cool, thanks for all the explanation! definitely something I am going to try when I have a device for which it is useful
<ottidmes>
clever++++
<{^_^}>
clever++'s karma got increased to 1
<ottidmes>
clever++
<{^_^}>
clever's karma got increased to 51
betaboon has quit [Quit: WeeChat 2.2]
<clever>
infinisil: regex bug detected!
<ottidmes>
oh, you are at the same level as g c h r i s t e n s e n (no need to ping)
graphene has quit [Remote host closed the connection]
<werbitt>
Hello, I'm on mac, the only channel I'm following is nixpkgs-18.09-darwin. When I 'nix-env -i cabal2nix' it tries to build from source and fails, shouldn't it just download the binary?
graphene has joined #nixos
jperras has quit [Ping timeout: 244 seconds]
<{^_^}>
[nixpkgs] @timor opened pull request #51301 → libretro.dolphin: add missing dependencies to fix build → https://git.io/fpos4
<bbarker_home>
werbitt, could be the latest version you are using isn't built and cached, though that's just a guess on my part
<ottidmes>
werbitt: I am not very familiar with MacOS and NixOS support for it, but I know that the darwin channels have lower priority and so will have less available in the cache
<bbarker_home>
might be good to submit a bug report in any case
<ottidmes>
werbitt: I believe nixos-18.09-darwin is also a thing, maybe more luck there in regards to prebuild stuff?
<clever>
if the build does fail on hydra, then it simply wont be in the cache
<clever>
and then it builds it locally, and fails once more
doyougnu has quit [Ping timeout: 252 seconds]
<bbarker_home>
got a quick question, trying to understand this code, cause I believe it may be misbehaving
<bbarker_home>
local contribDir=$out/lib/ats2-postiats-*/ ;
<bbarker_home>
mkdir -p $contribDir ;
<bbarker_home>
tar -xzf "${contrib}" --strip-components 1 -C $contribDir ;
<bbarker_home>
first of all, it seems a bit odd that mkdir is happening after what appears to be glob completion
<bbarker_home>
also, the resulting directory in nixpkgs is wrong, currently it is:
<{^_^}>
[nixpkgs] @thoughtpolice pushed 2 commits to master: https://git.io/fpoGn
pkx3 has joined #nixos
sanscoeu_ has joined #nixos
jtojnar has joined #nixos
perique has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<simpson>
I've got a Haskell package. It has a definition in nixpkgs. I want to test some local changes to that package. Can I get a ghci with my package?
alex`` has quit [Ping timeout: 246 seconds]
<simpson>
Concretely, if it matters, I'm hacking on https://github.com/erewok/servant-py and I want ghci so I can interactively examine some stuff.
sanscoeur has quit [Ping timeout: 268 seconds]
sanscoeu_ has quit [Ping timeout: 268 seconds]
<clever>
simpson: nix-shell -E 'with import <nixpkgs> {}; (haskellPackages.callCabal2nix "servant-py" ./. {}).env" then `runhaskell Setup.hs configure` and `runhaskell Setup.hs repl`
acarrico has joined #nixos
<simpson>
clever: Hot damn. Well done. And I can even import modules besides the default.
<simpson>
clever++
<{^_^}>
clever's karma got increased to 52
<clever>
as long as the deps are compatible with whats in haskellPackages, you can use that against any cabal file you want
<clever>
and if you drop .env, you can use nix-build on it
cyounkins has quit [Remote host closed the connection]
pie___ has joined #nixos
fragamus has joined #nixos
pie__ has quit [Remote host closed the connection]
aither has quit [Ping timeout: 268 seconds]
goibhniu has quit [Ping timeout: 250 seconds]
Adluc has quit [Ping timeout: 252 seconds]
<jophish>
angerman: When cross compiling, do you know if there's a way to get rid of the dependency on the cross compiling gcc
<jophish>
it's hooked in through glibc
<clever>
anothertest: you may be better off using a more custom kernel+initrd pair like the netboot.nix code, and just not having a disk image at all
<angerman>
jophish: in nix? Why would glibc bring in gcc? I know that muslc breaks down install size brutally (clever just showed me the other day), never thought that was due to gcc though.
<ottidmes>
clever: probably stupid question, but for my dhcp server to work, do I need to do anything special, i.e. how do I make sure that my server dhcp is used rather than that over my router, or do I need to disable the one on the router for it to work?
<{^_^}>
[nixpkgs] @thoughtpolice opened pull request #51306 → nixos/cockroachdb: create new service → https://git.io/fponX
<jophish>
actually, it seems to be coming in from multiple places
<clever>
ottidmes: in general, its simpler to just disable all other competing dhcp servers
<clever>
ottidmes: and nothing says the dhcp has to be ran on the router, just make sure to configure the nixos one to use the right gateway, dns, and ip range
<angerman>
jophish: I doubt glibc should depend on gcc.
<angerman>
I'd claim that was a defect in nix
<jophish>
running strings over a shared object in glibc shows /nix/store/7dambbqcvyc79ipwln2ys3yvcfll16zb-armv7l-unknown-linux-gnueabihf-stage-static-gcc-debug-7.3.0/lib/gcc/armv7l-unknown-linux-gnueabihf/7.3.0/include
<clever>
jophish: nix why-depends automates that step for you
<jophish>
oh great, good to know
<jophish>
thanks clever
magbo has joined #nixos
<magbo>
Dear all, did anyone manage to run puppeteer to program headless Chrome on NixOS? If so, can you please give me a hint as for how to do that. It seems like the way that puppeteer is packaged downloads chrome to ./node_modules, but it can't find dinamic libraries in nix store :(
<clever>
magbo: patchelf, in the nixpkgs manual
<jophish>
I see now that the resulting binary has /nix/store/0x1q1v96gk73a3x1d54wdl6yhjay21i8-armv7l-unknown-linux-gnueabihf-stage-final-gcc-debug-7.3.0/armv7l-unknown-linux-gnueabihf/lib in its RUNPATH
<magbo>
clever: that's clever.
<angerman>
jophish: I doubt that's really needed
<jophish>
well, they are arm so files
<jophish>
is it possible to compile haskell programs with musl?
<clever>
jophish: it reduced my closure from 38mb to 2mb, and removed all dependencies
<clever>
angerman: apple would like to say otherwise, lol
<angerman>
clever: fck apple
<clever>
:D
<jophish>
hhe, my closure is about 600MB :)
* angerman
likes pears better anyway.
srk has quit [Ping timeout: 246 seconds]
<angerman>
nh2: yea, thanks for all the muslc stuff.
<ottidmes>
clever: wow, that went easier than expected! its working, I just disabled my DHCP on my router and my laptop got the IP address I assigned in my servers DHCP server, cool :D
<nh2>
angerman: some of your patches made it possible
<angerman>
nh2: I really want to build some static ghc with muslc. Just need to ensure I can still build non-muslc libs/bins
<angerman>
nh2: that one should in principle be distribution independent; while still be able to build/link against distribution stuff.
<nh2>
angerman: I have thought about it, but I'm wondering if there's a benefit: Given that ghc is more than one program anyway, couldn't one just also ship libc and ld-linux-x86-64.so with it?
<nh2>
clever: I care as much about OSX as I care about Windows XP :D People choose their own ways to waste time, and most people I know that fell for the OSX hype are back on Linux by now
<clever>
:D
hellrazor has joined #nixos
<angerman>
nh2: that's hurtful!
<nh2>
Apple pulls this very sensible strategy of "static builds are discouraged ... and dynamic builds too" (link library size restriction). What then is encouraged? I think the answer must be ... NodeJS!
coconnor has joined #nixos
<angerman>
the link library size restriction isn't so bad, if you don't try to pollute everything with RPATHs and stop naming your libraries arbitrarily stupid.
doyougnu has quit [Ping timeout: 268 seconds]
hellrazo1 has quit [Ping timeout: 246 seconds]
jperras has quit [Quit: WeeChat 2.2]
<nh2>
angerman: all solutions to it look like ugly workarounds to me, it seems like a huge "let's waste people's time" action. Arbitrary limits don't force people to make better programs, you have to teach them
ng0_ has joined #nixos
<clever>
ive also found funny bugs in darwin, which ive reported, and never heard back from them on
<nh2>
angerman: also don't get me wrong, I think building *for* OSX is still important simply because end users use it (also because Linux UIs are just bad), but building *on* OSX doesn't seem like a clever idea to me from a developer perspective
snajpa has joined #nixos
<clever>
if the info.plist file in your .app has xml errors, the app will silently hang on startup, and just do absolutely nothing
<angerman>
nh2: I still think it's not an arbitrary limit, I think its due to their intent to do pre-link caching and having a fixed-size pre-link cache per library.
<clever>
but, this can only happen if you use non-apple build tools (qmake) which dont validate the xml when packaging
<clever>
(or you modify the xml after packaging)
<angerman>
clever: right, if you use a *working* toolchain, it won't happen because people know what to validate :p
<angerman>
nh2: you *can* do recursive linking on macOS, and that's what -dead_strip_dylibs does (removes all non directly linked dylibs)
<clever>
angerman: in my case, the boss hired a windows dev to make the client, and when things neared completion, sprang "oh, i want mac support" on us :P
<angerman>
that cuts out *alot* of your deeper dependency tree.
<clever>
angerman: and then when mac support started to come along, "surprise, i want mobile support to!"
<angerman>
clever: the boss hired a macOS dev to make windows software on linux.
<nh2>
angerman: I din't understand the bit about TH though, why would TH work worse with a shipped glibc than with static linking?
ng0 has quit [Ping timeout: 256 seconds]
<angerman>
nh2: if GHC is statically linked against muslc, but tries to load a dynamically linked library against some other libc to execute some arbitrary code, won't that potentially be a recipe for disaster?
<jophish>
ok, compiling armv7l-linux-musl ghc
<ottidmes>
clever: so you gave up and build a web client :P
<jophish>
still a little weird the behavior I got with glib
fusion809 has quit [Ping timeout: 264 seconds]
<jophish>
I am using a nixpkgs checkout from october, I
<clever>
ottidmes: i rewrote the entire client in QT, since it can compile to android, ios, linux, osx, windows, and a dozen others :P
<angerman>
jophish: I think it's a bug in nix. But as I have no time to look into it right now, I can't claim I know for certain.
<jophish>
I'm assuming there've been no big changes here since then
srk has joined #nixos
<angerman>
clever: you could have used C# :p
<clever>
the main problem, is that QT has a desktop ui by default
<clever>
so the mobile versions looked and behaved like desktop apps
<clever>
multiple windows (but the window manager is missing), scroll bars that work oposite of mobile
<nh2>
two things I don't get about it: (a) your example has a statically linked ghc at play, but what I referred to has only a shipped dynlinked ghc against libc (b) where shall the other libc come from? What I'm thinking would use the shipped glibc for all GHC activities
<angerman>
nh2: sorry, I didn't get your libc swapping in/out. I just wanted a fully static ghc.
Hotkeys has joined #nixos
<nh2>
angerman: my idea was to just deliver the glibc the ghc bindist is built with, inside the bindist
<ottidmes>
clever: linux/osx/windows I can understand, but it also properly working on smartphones the way you expect, would have been surprising to me with qt, and license wise, can you just use qt for commercial use for free?
<nh2>
ottidmes: Qt is LGPL, so if you opensource any changes you make to the Qt .so, that should be fine
<clever>
ottidmes: i dont remember what the details of the licensing where
<clever>
ottidmes: but i did have to compile a custom QT, because of more apple reasons
<clever>
ottidmes: apple does not allow openssl to be staticly (or dynamicly) linked into your apps
<ottidmes>
nh2: good of them to try and make it as clear as possible
<nh2>
I guess people don't buy your stuff if they can't figure out what they have to buy
<gchristensen>
anyone familiar with carnix and what-not? I'm having not a nice time :( compiling libc 0.2.44 exits with thread 'main' panicked at 'Failed to get rustc version', libcore/option.rs:1000:5 with rust from nixpkgs-unstable
<ottidmes>
nh2: and makes people less likely to use your free products, so less branding/lockin reach
<Ralith>
gchristensen: my experience is that they are very dubiously maintained
<gchristensen>
carnix?
<Ralith>
and what-not
cyounkins has joined #nixos
<gchristensen>
my experience whenever updating ofborg's dependencies has not been very good
<angerman>
nh2: if it tries to use the system linker, yes. But we have our own loader/linker.
<angerman>
nh2: also we have iserv, which you could compile against the "local" libc, and then use -fexternal-interpreter and never have to actually load anything into your ghc.
<clever>
iserv also allows the TH to run on a different arch from the ghc
<clever>
which enables cross-compiling
<nh2>
angerman: what does "using the system linker" do in this case? How do you use a system linker to load .so files into your own running exe?
<angerman>
nh2: the rts does all that.
<nh2>
right but what syscalls does it eventually use? I am not aware of a way to use another program ("the system linker") to load stuff into your own process, only to use dlopen()
<nh2>
clever: but when does that interpreter get invoked, is it when you dlopen() it?
<clever>
nh2: when you try to run TH code, ghc will compile to the target arch, serialize it, and ship it off to iserv, which then loads it (somehow), and then runs it
<nh2>
clever: yes, I am wondering what exactly the "loads it (somehow)" part does
<angerman>
nh2: parse the object/archive, mmap the regions. mprotect them appropriately
<angerman>
nh2: resolve symbols.
<angerman>
and then call the symbols.
<clever>
with dlopen or custom per-platform code?
<angerman>
custom code.
<jophish>
I'm now trying: hello --arg crossSystem '{config="armv7l-linux-musl";}'
<angerman>
well... there's also a system linker approach. See the DynamicByDefault link above and follow it for some light reading.
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<jophish>
I hope that's the correct way to get a arm linux musl cross compiler
<angerman>
ghc has a loader/linker for mach-o/elf for x86,x86_64,arm32,aarch64, and probably some left over PPC or so.
<nh2>
angerman: just read through it, but I still don't quite get how the whole process works. Maybe that's better explained in the code somewhere?
<angerman>
nh2: if you ask GHC to "evaluate" something (e.g. ghci), you can compile some haskell code into an object file, and then you need some way to get that compiled symbol from the object file to actually go and execute it. So you load the objet file, map it into memory, mark that memory as executable (resolve references to external symbols, ...) and jump to the memory location.
<angerman>
nh2: I've tried to make it slightly less system dependent, as such it comes with a copy of all the relocation magic constants.
<angerman>
(instead of requiring your to link linux/macOS headers, ...)
<nh2>
clever: btw I think for the purpose of using my patched glibc for just 1 program, I will just use the approach where I directly call `ld-linux-x86-64.so.2` and LD_PRELOAD glibc
<nh2>
not because it's so great but because for my use case it's sufficient (patching malloc.c for correct ekg statistics)
<angerman>
nh2: so and to explain why I'm so interested this. It would mean I would only need a single bin-dist for macOS, and a single bin-dist for linux.
<angerman>
I've also entertained the idea of moving the linker from ghc into something like `liblink`, as I suspect other projects could make use of a non-system linker.
<angerman>
nh2: I shall read that page when I'm back home.
<nh2>
angerman: for OSX where you apparently can't override the libc I buy your argument, for Linux the thing I suggest with shipping the glibc may be easier
<nh2>
*may*, I'm not confident about it
<clever>
nh2: ive also heard about virus level stuff happening on windows
<clever>
launch a legit binary that people trust, but with a debugger attached
<clever>
then immediately use the debugger to hollow out its skull, and implant different code
<clever>
all process management utils claim its one thing, but its something entirely different
<nh2>
clever: ah so *that's* how you deploy a new product on Windows without getting the nasty popup
dramforever has joined #nixos
<clever>
the debugger thats doing the brain-scooping still has to be trusted first, and it could just as easily just make a normal exe and request it to be whitelisted
<clever>
i think its more about falsifying the records of what executable it even is
Supersonic has joined #nixos
<nh2>
clever: I assume you'd just use some freely available windows debugger, and have it interpret a script?
<clever>
if you can run such a thing, you can also just use the syscalls for debugging directly
<nh2>
but wait I thought you have to run some _unmodified_ exe that already has a signature with owner whitelisted by Microsoft. So you can't change the exe
<nh2>
so it must be some freely available debugger program that a lot of people use on Windows, which can interpret scripts
<vaibhavsagar>
how do I get Nix 2.1.3 to be my system Nix? I've tried everything I can think of and it's still at Nix 2.0
<nh2>
vaibhavsagar: which OS, NixOS?
<vaibhavsagar>
yup
<clever>
vaibhavsagar: nix.package in configuration.nix
<angerman>
nh2: I think in the end it comes down to me disliking Linux as much as you dislike macOS ;-)
<vaibhavsagar>
nh2: I tried setting that to `pkgs.nixStable`, it made no difference
<nh2>
clever: like you rename `ollydbg.exe` to `Niklas-cool-Product.exe`, and you ship it next to a `ollydbg-default-script.txt` that `ollydbg.exe` happens to execute by default
mekeor has quit [Remote host closed the connection]
<gchristensen>
Ralith: dear me, I got it to compile. thank you
<clever>
nh2: no, more like, after a virus is already inside the computer, it launches a random system exe thats always running, scoops the brains out, and injects the virus into that exe, then terminals the original binary
<ottidmes>
clever: I am playing with my DNS/DHCP setup on the server and doing some reading and read about setting the interface to eth0 was not recommended: "If I didn't edit this line, it would also listen on eth0, my internet connection. I personally wouldn't recommend this, as it gives those evil guys a few doors to try to break into.", on a regular server on the LAN, this should not be problem, right?
<Ralith>
gchristensen: \o/
[Leary] has joined #nixos
<clever>
nh2: and if you try to review task manager for anything fishy, you just find a normal system exe running
<nh2>
angerman: I don't dislike OSX, I am just amazed people put up with the stones thrown into their way, AND the closed-can't-fix-it-ness. Are there things to dislike about Linux from a developer's perspective?
Lears has quit [Read error: No route to host]
<clever>
ottidmes: if your dns server is listening on a public interface, it can be abused in a few ways
<clever>
iptables can help restrict that
<vaibhavsagar>
angerman: I also find macOS incredibly developer-hostile
<vaibhavsagar>
my current client insists on doing everything on macOS and it's a gigantic pain to support
<vaibhavsagar>
finally I set up remote builders using your guide
<vaibhavsagar>
so everything's running in Docker on top of some hypervisor on top of macOS
<angerman>
nh2: packaging and distribution; everyone running their very own custom setup. I can hardly package something up, provide you with a compressed archive and expect it to work after unpacking.
<vaibhavsagar>
dramforever: it's set to nixos-18.09
<vaibhavsagar>
I can do `nix-env -iA nixos.nixStable`
<vaibhavsagar>
and that installs 2.1.3, but surely my system should have that installed by default already
<vaibhavsagar>
I just did a `nixos-rebuild switch --upgrade`
<dramforever>
:thinking:
<dramforever>
That doesn't sound right
<nh2>
angerman: but static builds (or shipping all dependencies) solves that, doesn't it?
<vaibhavsagar>
dramforever: I agree :)
<clever>
vaibhavsagar: when you run `nix-channel --list` as each user, what does each give?
<vaibhavsagar>
clever: nothing as my current user, and `nixos-18.09` as root
<angerman>
Maybe I e just spent too many years on macOS? Stockholm Syndrom?
<nh2>
vaibhavsagar: ah, so I misunderstood your problem, you don't want to use a custom version of nix, you are in the situation where your system should already have a newer version of nix
<clever>
vaibhavsagar: do any overrides exist in your configuration.nix?
<angerman>
If you try to treat macOS like Linux you fail as hard as you fail trying to treat Linux like macOS. If you try to treat windows, you fail harder.
<vaibhavsagar>
clever: I just noticed my systemVersion was set to 18.03
<clever>
vaibhavsagar: did you read the comment above that?
<vaibhavsagar>
I did
<clever>
vaibhavsagar: it should not be changed
<nh2>
angerman: I think this problem was just created by years of propaganda by glibc people claiming that static builds are bad. Obviously if API versions and behaviour vary across distros and they don't provide a stable interface, that can't work. But syscalls are incredibly stable
<vaibhavsagar>
and I also just set it to 18.09 but that didn't seem to make a difference
<clever>
vaibhavsagar: changing it will break the very thing its meant to fix
<ottidmes>
clever: I guess I will just go with dnsmasq not bound to an interface, and keep using dhcpd for dhcp rather than try using dnsmasq for this as well (I find dhcpd clearer anyway)
marco_t has joined #nixos
<dramforever>
What does this say? nix eval '(import <nixpkgs/nixos> {}).pkgs.nix.version'
<vaibhavsagar>
okay, I changed it back
<clever>
ottidmes: bind should also support setting an interface to bind to
<clever>
ottidmes: services.bind.listenOn
<dramforever>
vaibhavsagar: What does this say? nix eval '(import <nixpkgs/nixos> {}).pkgs.nix.version'
<nh2>
angerman: and there's also all those silly claims of "dynamic linking is actually more backwards compatible than static", where they conveniently leave away the rest of the sentence "... if you use glibc [, because for glibc we intentionally build in features that cannot work statically]"
<vaibhavsagar>
dramforever: "2.1.3"
<dramforever>
And this says 2.0.something? /run/current-system/sw/bin/nix --version
<nh2>
angerman: btw, do you know how to link ghc "statish"? Right now the bindists are fully-dynamically linked, including Haskell libraries. I'd be interested in checking whether not doing that would make ghc-pkg be much faster (suspecting it's limited by dynamic linking startup time)
<dramforever>
How could this even happen
<ToxicFrog>
nh2: this claim is especially frustrating to me as someone who frequently tries to run games that were dynamically linked against glibc N+1 when the system I'm on still has N, and thus refuse to start despite not using anything specific to N+1
<clever>
vaibhavsagar: what about nix eval '(import <nixpkgs/nixos> {}).pkgs.nixStable.version'
<angerman>
nh2: I do by the security argument; but none of the rest. If all your libs are dynamically linked and your ssl lib has a critical flaw, you might be able to fix it by replacing libssl.so
<nh2>
ToxicFrog: right
<clever>
ToxicFrog: that has also broken steam at one point, because the libGL on nixos was linked to N+1, but steam packaged N inside the FHS sandbox
<vaibhavsagar>
dramforever: "nix (Nix) 2.1.3"
<ToxicFrog>
(this is not even Nix-specific, it happens constantly on SUSE as well)
<angerman>
nh2: you can conserve memory / share state by reusing dynamic libraries. I don’t care much for.
<vaibhavsagar>
so maybe if I reboot it'll be fine?
<dramforever>
vaibhavsagar: ???
<clever>
vaibhavsagar: what about `type nix` ?
<dramforever>
So you already have system Nix 2.1.2
<vaibhavsagar>
"nix is /nix/var/nix/profiles/default/bin/nix"
<clever>
vaibhavsagar: you installed nix, with nix-env, as root
<nh2>
angerman: right, but I don't buy this argument because in any reasonable end user software product you link in 100s of libraries, all of which can be flawed (and usually are, if one considers distribution of CVEs over various libs), so you need to have a good story for patching security issues by issueing app updates anyway these days
<vaibhavsagar>
oh shit
<vaibhavsagar>
thanks clever
<clever>
that has priority over the system one
<angerman>
nh2 at the same time the security aspect also means someone else can just inject a malicious libssl.so
<clever>
this is why you should never install nix with nix-env when on nixos
<vaibhavsagar>
woah, I don't remember installing any of this stuff
<clever>
vaibhavsagar: `nix-env --list-generations` should give timestamps
<vaibhavsagar>
for the root stuff as well?
<dramforever>
Maybe just don't use nix-env to install stuff as root
<vaibhavsagar>
I'm certain I didn't intentionally install any of it
<nh2>
angerman: I do buy the memory saving issue for small programs, like if 200 curl invocations all loaded full openssl object code into their individual memories, that might be annoying (or even worse, 300 chrome tabs, with their 99 ldd deps). But that seems to be specific to some small fraction of programs: Usually machines run like 1 nginx, 1 Sublime Text, 1 or 2 GHCs, and so on
<clever>
ls -l /nix/var/nix/profiles/default*/bin/nix/
<vaibhavsagar>
clever: I uninstalled it all
<clever>
vaibhavsagar: this will reveal what generation you added nix in
<ottidmes>
clever: when you say public, did you mean WAN? I can imagine attacks over the LAN, but if its not on that, whats the point?
<clever>
vaibhavsagar: even if it has been removed
jtojnar has quit [Quit: jtojnar]
snajpa has quit [Ping timeout: 252 seconds]
<nh2>
angerman: to me dynamic linking is an optimisation for some very specific use cases, where I can put in extra effort to get some special properties, but it shouldn't be that I have to put in extra effort to get the *simple* way (just linking in all the code into my binary)
<clever>
ottidmes: yeah, mostly attacks over wan are a threat, like reflection based dos attacks
<clever>
ottidmes: but if your running bind on a laptop for some private stuff, you may not want people on the current hotel wifi to be snooping your records
<vaibhavsagar>
clever: what am I looking for?
<clever>
but i would just use /etc/hosts then
<ottidmes>
clever: yeah, so my server (which basically is a desktop that is 24/7 on), then I dont have to take special precautions
<clever>
vaibhavsagar: mostly, just the first generation that nix turns up on, and the timestamp of that from --list-generations
<clever>
vaibhavsagar: then youll at least know when you did install nix
srk has quit [Ping timeout: 250 seconds]
dramforever has quit [Quit: Page closed]
snajpa has joined #nixos
<angerman>
nh2: right. At least we are working towards as much static linking as possible ;)
<nh2>
angerman: I am very excited about nixpkgs actually making that possible with low effort
<nh2>
I can't really imagine doing the same on Debian
<nh2>
in terms of effort
<angerman>
nh2: ironically it allows the linker to do dead code elimination. If you lib is large but you only use a fraction of it, the linker could in principle throw most of it away.
srk has joined #nixos
<nh2>
angerman: right, that is what I discovered with static-haskell-nix: Many exes get smaller if you use both -split-sections AND static linking
<angerman>
nh2: macOS has -dead_strip by default for that very reason ;)
<clever>
are there also linker flags to just entirely drop dynlibs your not actually referencing?
<angerman>
clever: -dead_srtip_dylibs?
<clever>
already exists?, darwin only or all platforms?
<angerman>
clever: removes all but those directly linked ones.
<angerman>
clever: you don’t expect me to know non-darwin, do you :p
<ottidmes>
nh2: you want convenience: autoPatchelfHook in your buildInputs, and done (not sure if it works for your use case)
<{^_^}>
[nixpkgs] @expipiplus1 opened pull request #51307 → ghc-8.4: fix build targeting arm → https://git.io/fpoW1
mmlb has joined #nixos
<nh2>
ottidmes: I think this won't work for me, as I need to just generate the string or patchelf command that does it, but then *run* it from a Haskell Cabal post-build Hook
<sphalerite>
Enzime: you should only need libGL for that
metastance has joined #nixos
freeman42x]NixOS has joined #nixos
rhalff has joined #nixos
steshaw has quit [Quit: Connection closed for inactivity]
freeman42x]NixOS has quit [Ping timeout: 245 seconds]
jrolfs_ has quit [Quit: WeeChat 2.3]
<rhalff>
Hi, could anyone running the nvidia drivers on a laptop show me their configuration.nix? I can startx with the drivers, but it doesn't have any input. Or I can enable the login manager and on startup the system is stuck in loop trying to start the login manager.
<rhalff>
The graphical installation worked just fine, so a correctly running X system should be possible.
<tilpner>
Yes, you're trying to use nvidia :/
<tilpner>
I've not heard of anyone getting that exact setup working
<rhalff>
tilpner, so should I switch to nouveau?
<tilpner>
Is bumblebee not an option?
<rhalff>
or just not specify any drivers?
<tilpner>
I've had a lot more success with that
<tilpner>
Do you just want X working, or do you require nvidia?
<lucus16>
I'm trying to build https://github.com/adisbladis/vgo2nix and it succeeds, but for some reason it disabled the path to go in the bin/vgo2nix wrapper, by setting it to /nix/store/eee..eee-go-1.11/bin
<lucus16>
Can anyone tell me why it does that and how I avoid it?
<tilpner>
That looks like nuke-references
<rhalff>
tilpner, well at first get it working, with dual monitor. Then I'll see if I can get the nvidia driver working.
<tilpner>
rhalff - Have you tried not specifying videoDrivers? The default works for me
<lucus16>
I was trying to see if I could solve it without allowing go references in the actual binary, but that didn't end up working
<symphorien>
oh sorry tilpner, I tried to backlog, but no carefully enough
<tilpner>
Oh? Your "move nuke-refs to postFixup" sounded like it would work
liminal18 has quit [Remote host closed the connection]
johnw_ has joined #nixos
mmlb has quit [Read error: Connection reset by peer]
__monty__ has quit [Quit: leaving]
liminal18 has joined #nixos
mmlb has joined #nixos
<lucus16>
By that time it has apparently already decided that go is not a dependency and then at the end it detects a reference to something that's not in the dependencies and it complains
<lucus16>
it gets added to disallowedReferences
arjen-jonathan has quit [Ping timeout: 268 seconds]
johnw has quit [Ping timeout: 268 seconds]
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<symphorien>
it's probably for cross compilation. the go you have is for the build architecture when the output should reference a target architecture go
liminal18 has quit [Remote host closed the connection]
<lucus16>
but when they're the same version of go, it erases both
<gchristensen>
samueldr: I forgot what I was pinging you for, so hello! I hope you have a great weekend, and that you enjoy it very much!
m0rphism has joined #nixos
[Leary] has joined #nixos
mupf has joined #nixos
<mupf>
Hello
<mupf>
Ever since I updated my laptop to 18.09 I get this:
<mupf>
error: while evaluating the attribute 'passAsFile' of the derivation 'ertes-base' at /nix/store/x1ciqxvq4w4mk2gc9whbpmaksky2rn6j-nixos-18.09.1446.db561c90ef3/nixos/pkgs/stdenv/generic/make-derivation.nix:177:11:
<mupf>
cannot convert a function to JSON
<mupf>
Any advice?
Lears has quit [Ping timeout: 250 seconds]
<tilpner>
It might help to show the ertes-base expression
init_6 has quit []
<{^_^}>
[nixpkgs] @c0bw3b merged pull request #51199 → iso-image: Verifies the FAT partition at build. → https://git.io/fpaQj
<tilpner>
One of them may have been turned from a package to a function
<mupf>
so what now?
<tilpner>
Binary-search your way to offending function, then figure out how to call it
<mupf>
tbh I didn't write the expression myself and unfortunately I can't ask it's author.
<mupf>
any directions in how to do that?
<mupf>
I didn't had the time yet to make myself very familiar with nix due rare spare time.
<tilpner>
Comment out the first half, build again
<tilpner>
If that fixes the build, uncomment the first half, comment the second half, repeat on the half you decided the bad item is in
civodul has joined #nixos
endformationage has joined #nixos
<mupf>
alright, thanks
<tilpner>
mupf - Remove nix-repl, try again
<eyjhb>
If I have added `polybar` to my i3.extraPackages, and I would like the default config with polybar, but is located in `/usr/share/doc/polybar/config`, how would I go about that? https://github.com/jaagr/polybar/wiki
<tilpner>
mupf - Oh, that's already commented out, didn't see that in nix repl
mayhewluke has quit [Ping timeout: 250 seconds]
mayhewluke has joined #nixos
<tilpner>
mupf - Replace plover with plover.stable
<Mic92>
is the new nix build command no longer parallel for multiple packages?
betaboon has quit [Quit: WeeChat 2.2]
<mupf>
tilpner: lol, found it a few seconds ago.
<mupf>
thanks
<mupf>
alright, it seems I have a few issues left
<mupf>
collision between `/nix/store/bv6znzsv2qkbcwwa251dx7n5dshz3nr3-zlib-1.2.11/lib/libz.so' and `/nix/store/njpv9xcqzk5h8lyv14xwf5294sy25pa1-emscripten-zlib-1.2.11/lib/libz.so'
<mupf>
-.-
<mupf>
Guess I remove everything I dont need at the moment for now
elgoosy has quit [Remote host closed the connection]
liminal18 has quit [Ping timeout: 252 seconds]
alex`` has quit [Ping timeout: 244 seconds]
<avn>
c0bw3b_: btw, any plans to review rspamd PR again? I think, fix everything, where I havent significant ojections myself.
<c0bw3b_>
avn: hello, well I forgot about it so you are right to bring my attention back to it :)
<avn>
c0bw3b_: I usually update each weekend, and see how many commits I have on WIP ;)
alex`` has joined #nixos
endformationage has quit [Ping timeout: 250 seconds]
<c0bw3b_>
avn: it looks fine to me except it's going to break aarch64 builds of rspamd ... I think?
<c0bw3b_>
because withHyperscan defaults to true and hyperscan is x86_86 only
<eyjhb>
what is the XF86 key for audio toggle? I do not have a seperate play/pause key, but rather a toggle ucrrent state
<c0bw3b_>
if aarch64 the assert fails and .. build stops?
<avn>
c0bw3b_: whoops. Would fix it in few mins. should have isx86_64 as default
<c0bw3b_>
avn: yes something like that would be better :)
<avn>
c0bw3b_: it was, before I disable it due 2 hours build ;)
kp__ has quit [Quit: WeeChat 2.3]
kp__ has joined #nixos
<avn>
(as I finish wine update, and build-everything-with-"--disable-tests" works, including wow and win64 builds)
<c0bw3b_>
avn BTW I think it should be okay on any x86 (i686 too, not just amd64)
doyougnu has joined #nixos
<avn>
c0bw3b_: it give nothing except +2h build time on 32bits, all profit are from x86_64 jit
<c0bw3b_>
oh ok
<avn>
and rspamd cmake enable it only if x86_64 as well
Ariakenom has quit [Read error: Connection reset by peer]
<tilpner>
Not exactly Nixos-specific, but I figured it's the right crowd to ask: Does anyone have a pretty way to declaratively define S3-compatible buckets and associated policies?
<avn>
terraform probably
<thefloweringash>
terraform maybe?
<tilpner>
Oh!
<tilpner>
I didn't know it could do more than ec2
<tilpner>
Thanks! avn++ thefloweringash++
<{^_^}>
avn's karma got increased to 1, thefloweringash's karma got increased to 3
shabius has joined #nixos
<symphorien>
eyjhb: xev can probably answer this question
<avn>
eyjhb: X11 definelly haven't any audio support, so is a just keysym, which handled by 3rd party program
<Yaniel>
the multimedia keys are piped to dbus/mpris AFAIK
<Yaniel>
it's a standardized interface but indeed not related to X11
<{^_^}>
[nixpkgs] @P-E-Meunier opened pull request #51324 → Webpack-cli: init at 3.1.2 → https://git.io/fpo1r
mmlb has quit [Read error: Connection reset by peer]
mmlb has joined #nixos
Forkk has joined #nixos
sir_guy_carleton has quit [Quit: WeeChat 2.2]
jrolfs has quit [Ping timeout: 250 seconds]
Growpotkin has joined #nixos
<Growpotkin>
hey does anybody know how to generate the json docs for MY nixpkgs and modules?
<Growpotkin>
similar to those used by the nixpkgs and nixoptions database search online?
<Growpotkin>
I made a fuzzy searching tool that interacts with those JSON files, but I want to run it on my version of nixos, not the repo (as I am doing now)
<tilpner>
growpotkin - The options are described in config.system.build.manual.optionsJSON, but I don't know how you can make it also show options you added
SyrupThinker has quit [Ping timeout: 252 seconds]
Haskellfant has joined #nixos
<tilpner>
Look at prefixesToStrip in doc/manual/default.nix
cocreature has quit [Ping timeout: 250 seconds]
<Growpotkin>
thanks
Haskellfant is now known as cocreature
<Growpotkin>
i found it "nix-env -f '<mypkgs>' -qa --out-path --json"
<eyjhb>
symphorien avn I tried XF86AudioToggle, which now works to START the music, but not stop it again... Doesn't seem like it gets fired....
<Growpotkin>
THe options one was the more difficult
<Growpotkin>
I will check out the config... @tilpner thanks
<ivan>
Dec 01 19:33:51 icvm hydra-evaluator[1296]: evaluation of jobset ‘nixpkgs:prime’ succeeded <- why does this succeed and then not show up in my list of evaluations?
<ivan>
"created cached eval 9"
<ivan>
my /jobset/nixpkgs/prime#tabs-evaluations shows just 1-7
<{^_^}>
[nixpkgs] @thoughtpolice opened pull request #51338 → nixos: make time-sync.target block until initial adjustment with all NTP daemons → https://git.io/fpo9X
<{^_^}>
[nixpkgs] @dtzWill opened pull request #51339 → minizincide: init at 2.2.3 → https://git.io/fpo99
<samueldr>
any undocumented pro-tips for hacking on hydra?
<samueldr>
like reloading controllers on changes :/
<samueldr>
hydra-server script seems to use `CatalystX::Script::Server::Starman`, but looking at the file itself, it describes a non-production (?) server which would have a `-r` flag
orivej has quit [Ping timeout: 246 seconds]
<{^_^}>
[nixpkgs] @nioncode opened pull request #51342 → Fix qtbase cmake for gui plugins [Qt 5.6, 5.9] → https://git.io/fpoHy
Zavoli has joined #nixos
Radivarig has joined #nixos
liminal18 has quit [Ping timeout: 246 seconds]
Zavoli has quit []
Anton-Latukha has quit [Quit: Leaving.]
Radivarig has quit [Read error: Connection reset by peer]
Anton-Latukha has joined #nixos
Radivarig has joined #nixos
Ariakenom has joined #nixos
JosW has joined #nixos
rtjure has quit [Ping timeout: 250 seconds]
Growpotkin has quit [Quit: WeeChat 2.0]
fendor has quit [Quit: Leaving]
Anton-Latukha has quit [Quit: Leaving.]
Anton-Latukha has joined #nixos
Mateon3 has joined #nixos
Mateon1 has quit [Ping timeout: 246 seconds]
Mateon3 is now known as Mateon1
powerbit has quit []
jrolfs has quit [Ping timeout: 268 seconds]
<dmj`>
ghcjs tries to compiler hpack to javascript when doing a nix-build
<dmj`>
s/compiler/compile
<dmj`>
*face palm*
kingemp has quit [Remote host closed the connection]
<mojjoo>
hi! I'm installing nixos on a vserver.. when doing the generated default config, I'm quickly running into a 'no more space left on disk' error. I'm wondering if this can be true, the HD has only 20GB though.. Is this realistic or am I doing sth wrong maybe?
<Mic92>
mojjoo: something is wrong.
<Mic92>
maybe it writes to /tmp?
<Mic92>
also this problem was fixed in the installer
jsgrant has joined #nixos
jrolfs has joined #nixos
<catern>
python packages on master in Nixpkgs seem to be broken really frequently
<catern>
people need to start actually testing their pushes...
<jsgrant>
Okay, two weird gotchas resolved graphical side. Latte-dock needed not to be the default session on startup & obs studio needed screen tearing prevention off (vsync) in compositor; Really not sure why I'd be running into a bunch of this stuff where I haven't on KDE via Fedora & Arch. :^P Not complaning, just weird.
<jsgrant>
Slow, steady progress though. :^) Besides Intellij I think I have like 85% of my current workflow ported over.
<mojjoo>
Mic92: thanks for the hint, I think I know the mistake.. mounted only boot and not root partition
<yl[m]>
also the CI ran out of space so I had to `nix-store --gc` between each host I'm trying to build. It's taking forever but at least it works. Can you think of a way to improve it?
<LnL>
add disk space?
<yl[m]>
to Travis?
<yl[m]>
I don't think you can do that
<LnL>
that was a joke (kind of)
fragamus has joined #nixos
<yl[m]>
hard to tell a joke on IRC :)
<yl[m]>
we need some spycam here lol
rizary__ has joined #nixos
vk3wtf has joined #nixos
rizary__ has left #nixos [#nixos]
<eyjhb>
My gigabit ethernet card in a Lenovo L430 is currently only being detected as a 100 Mb/s, any clue to what I can do from here?
<yl[m]>
eyjhb: did you try with the latest kernel?
<eyjhb>
I will check the cable and ports on my switch
<ottidmes>
is there a guarantee that nix store paths will not have whitespace in them?
<clever>
> stdenv.mkDerivation { name = "foo bar"; }
<{^_^}>
invalid character ' ' in name 'foo bar'
<ottidmes>
that answers that, thanks :)
<clever>
ottidmes: yeah, $out must never have any whitespace in it
<clever>
> stdenv.mkDerivation { name = ""; }
<{^_^}>
attribute 'pname' missing, at /var/lib/nixbot/nixpkgs/master/repo/pkgs/stdenv/generic/make-derivation.nix:84:54
<clever>
it can also give weird errors like that
<infinisil>
Whaa
<eyjhb>
samueldr yl[m] it was the cable... Even though it is a cat 5e...
<ottidmes>
> stdenv.mkDerivation { name = "foo*"; }
<{^_^}>
invalid character '*' in name 'foo*'
<ottidmes>
good, than its safe again globbing as well
<infinisil>
> stdenv.mkDerivation { name = ".nope"; }
<v0|d>
> stdenv.mkDerivation { name = "\t"; }
<{^_^}>
illegal name: '.nope'
<{^_^}>
invalid character ' ' in name ' '
<samueldr>
eyjhb: probably tolerances then, mark it as "causing issues with fussy hardware" and remember that laptop has fussy ethernet :)
<ottidmes>
then I can ignore shellcheck's remarks
jrolfs has quit [Ping timeout: 250 seconds]
<eyjhb>
samueldr: yeah properly... :/ - Btw. does anybody know why when the urxvt daemon is enabled, and I use i3 with urxvtc (launch client), I need to launch one client that never opens, and then another?
<infinisil>
If anybody ever needs it, here is a pipe to transform any string into a valid derivation name:
<infinisil>
sed 's/^\.*//' | tr -cs '+-._?=[:alnum:]' -
Peaker has joined #nixos
gerschtli has joined #nixos
<infinisil>
I personally use this to have the git commit message of my configuration as my system build name
<Peaker>
Hey, anyone knows what's up with the Haskell "category" package (0.2.0.1) on nix? failing to build with "Could not find module ‘Algebra’"? I build the same version successfully via ordinary cabal (non-nix)
<infinisil>
Wait, no I'm not using it for the commit subject, but for the branch name
<infinisil>
`git log --pretty=format:'%h-%f' -1` generates a commit message already fit for derivation names
c0bw3b_ has quit [Remote host closed the connection]
<hyperfekt>
Does anyone know how to manage device settings via NixOS? Specifically I'm trying to enable autosuspend for a USB device, as one would normally do via /sys/bus/usb/devices
<ottidmes>
infinisil: did you manage to fix your router issues?
<infinisil>
ottidmes: It seems to work as of now
<infinisil>
For unknown resaon
gerschtli has joined #nixos
<ottidmes>
infinisil: I can imagine thats annoying... but at least it works
<clever>
Peaker: looking...
zolk3ri has quit [Remote host closed the connection]
<Peaker>
clever, thanks
<ottidmes>
infinisil: I personally have two of those kind of issues, both for which I have working workarounds, but I have no idea why the workaround works, or what is the root issue, which is annoying, but I am not going to spend any more time trying to solve them
worldofpeace has joined #nixos
jrolfs has quit [Ping timeout: 246 seconds]
Thra11 has quit [Ping timeout: 250 seconds]
thedavidmeister has joined #nixos
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<gerschtli>
hey, is anybody here who has experience with haskell and the nix eco system around the haskell packages?