phreedom has quit [Remote host closed the connection]
<ottidmes>
the problem with this, is that you cannot point to users in your file system options, a use case being user shares where you would want to do so
phreedom has joined #nixos
<ottidmes>
this should be safe instead: fsBefore = a: b: a.mountPoint == b.device || hasPrefix "${a.mountPoint}/" b.mountPoint; because the only filesystem types that could have mount points being equal to devices are bind and move anyway, and if not, then that check would still apply to those other file systems I guess
<ottidmes>
I also changed the hasPrefix check, because that should fix: # FIXME: it's incorrect to simply use hasPrefix here: "/dev/a" is not a parent of "/dev/ab"
<{^_^}>
[nixpkgs] @worldofpeace pushed 4 commits to master: https://git.io/fpXGO
<dsx>
I have this https://pastebin.com/fVhLucgP as my firewall config, however I don't see tcp/22222 to be opened. Am I missing something?
<porrifolius>
If a package has an executable that fails until you manually add another package to the system packages is that a bug in the dependencies?
<porrifolius>
I had to manually add gnome3-adaita-icon-theme in order to get taffybar working after having already added taffybar and haskellPackages.taffybar.
palo has quit [Ping timeout: 240 seconds]
nD5Xjz has quit [Ping timeout: 250 seconds]
vidbina has quit [Ping timeout: 246 seconds]
shpx has joined #nixos
<{^_^}>
[nixpkgs] @msteen opened pull request #51541 → fix infinite recursion caused by the unnecessary inspection of options → https://git.io/fpXG7
nD5Xjz has joined #nixos
<ottidmes>
dsx: I never written a iptables rule myself to be honest, but is this not problematic: extraCommands = "ip46tables -P INPUT DROP"; and if its not, for you to see it in like `sudo netstat -tulpn` would it not have to be in use first? thats all I could think of
Mr_Keyser_Soze has joined #nixos
<ottidmes>
porrifolius: could be, could also be that your particular configuration of taffybar required it and made it fail, or is it always used by taffybar, in that case it would indeed be a bug in the dependencies
<dsx>
ottidmes: default policy for INPUT is fine (otherwise, that's exactly what I want), but I don't see in firewall rule to allow tcp/22222 traffic, even though I specified «allowedTCPPorts = [ 22222]».
<dsx>
Do you think I should enable ports explicitly on each interface? O_o
<ottidmes>
dsx: that explains the lack of TCP mentionings, since its empty
<ottidmes>
no
<ottidmes>
we just have to see where things are set
doyougnu has quit [Quit: WeeChat 2.2]
<porrifolius>
ottidmes: Hmmm, not sure. It's a basic sample taffybar.hs, doesn't appear to specify any icons explicitly, and just uses haskellPackage.taffybar APIs. But the power monitoring stuff is optional of course.
<porrifolius>
ottidmes: Is there a way in nix to specify that a dependency is required if a combination of other packages are in play?
lsyoyom has joined #nixos
<dsx>
I have firewall settings in two files. One with hostapd config (that's where wlp3s0 came from) and one global for the rest of the system.
<porrifolius>
ottidmes: So in this case maybe the icons are only needed if both taffybar and upower are installed.
<dsx>
And I guess openssh.openFirewall should be mentined too
<ottidmes>
porrifolius: you can of course let one dependency become an input depending on another dependency, just search nixpkgs for many of the optional(s) at buildInputs
<ottidmes>
porrifolius: but a relationship like if upower is enabled is often only established via services, and I dont believe taffybar is installed that way, you could of course make one
<ottidmes>
dsx: and you are sure both are imported correctly, i.e. changes in both are otherwise reflected in your tests?
Mr_Keyser_Soze has quit [Ping timeout: 268 seconds]
<dsx>
Yes. If I disable hostapd part it disappears from script, and DROP policy statement is defined as extraCommands in global config.
<dsx>
However, ssh neither ssh port nor allowedTCPPorts are there
<ottidmes>
dsx: you use interfaces, right?
<ottidmes>
dsx: networking.firewall.interfaces
<ottidmes>
dsx: because the default is { default = ...; }, which is what I have, so it might be related to that
<dsx>
For hostapd — yes. For global — no, I use networking.firewall.allowedTCPPorts.
feep has joined #nixos
<ottidmes>
dsx: aha! Interface-specific open ports. Setting this value will override all values of the <literal>networking.firewall.allowed*</literal> options.
<dsx>
So I have to specify all ports that need to be open for all interfaces.
<dsx>
That's where nftables with atomic updates should come into play and shine, but we're not there yet.
<ottidmes>
that is always a risk when changing network stuff
lnikkila has joined #nixos
<ottidmes>
my VPSes have a direct VNC viewer, which also shows the bootloader, so I am saved that way
<dsx>
As a safety net, I usually put as a first rule to unconditionally accept traffic from trusted IP or subnet, and then jump to actual firewall chain
<porrifolius>
ottidmes: Ok, thanks, I've reverted to xmobar but maybe I'll study up on it in the future. Not now though, I'm already too far down the system reconfiguration rabbit hole... so much for 'just switch over to nixos'!
<ottidmes>
dsx: should that not then be the same as what you do? its still whitelist style
graphene has quit [Remote host closed the connection]
lnikkila has quit [Ping timeout: 246 seconds]
<ottidmes>
porrifolius: I would rather say, NixOS is definitely worth the switch! solves whole classes of problems other distro face, but never that is an easy switch
graphene has joined #nixos
<dsx>
ottidmes: pretty much yes
<dramforever>
There's a name for switching without pain
<dramforever>
It's called too good to be true
<ottidmes>
or no pain no gain
<ottidmes>
if its not painful switching, are you sure you really gained something in the switch
<porrifolius>
ottidmes: it's been a bit of a tricksy devil, for example getting my root/boot on zfs on luks up and going was a real long painful process... but then I just found some config switches which made it mostly work. It's nice that it was actually relatively 'easy' but extra frustrating after wasting a lot of time. Just lack of knowledge. I'm still nervous, but committed.
<porrifolius>
ottidmes: the real time loss was the decision to try all sorts of other shells, utilities, layouts, blah blah... I don't think "get all the disruption over at one time" is a good strategy!
<ottidmes>
porrifolius: no indeed, I always recommend sticking with what you know as much as possible, NixOS is a big enough switch as it is, its what I did, I just used the very same setup I had on Arch Linux, making sure everything I was used to was there already
<ottidmes>
porrifolius: of course then I followed up by doing exactly what you are doing :P and experimented with my installation like I did when I first started out using Linux
Church_ has quit [Ping timeout: 268 seconds]
dramforever has quit [Quit: Page closed]
<v0|d>
Ericson2314: let me know if you have soln to iss #50925
troydm has quit [Quit: What is Hope? That all of your wishes and all of your dreams come true? To turn back time because things were not supposed to happen like that (C) Rau Le Creuset]
<porrifolius>
ottidmes: yeah, it was a bit of a death-or-glory decision on my part, but I think I'm out of the intensive care ward now at least.
troydm has joined #nixos
<dsx>
I should say some things are incredibly easy in NixOS. Others — like firewall — requires ottidmes to help :)
<dsx>
ottidmes++
<{^_^}>
ottidmes's karma got increased to 3
<ottidmes>
porrifolius: gratz! the nice thing about nixos is that you then at least can revert back to this situation, a load save game if you will :P (just be sure to always put your configuration in version control)
<{^_^}>
[nixpkgs] @volth opened pull request #51546 → cyrus_sasl: remove old patch → https://git.io/fpXnA
sir_guy_carleton has joined #nixos
fusion809 has quit [Ping timeout: 250 seconds]
lnikkila has joined #nixos
Anton-Latukha has quit [Quit: Leaving.]
jperras has quit [Ping timeout: 268 seconds]
mmlb has quit [Read error: Connection reset by peer]
mmlb has quit [Read error: Connection reset by peer]
mmlb has joined #nixos
nD5Xjz has quit [Ping timeout: 245 seconds]
Ariakenom has joined #nixos
<johnw>
in a nix-build sandbox I'm getting "Network.BSD.getProtocolByName: does not exist (no such protocol name: tcp)" when I try to connect to a port on localhost. What do I need in my buildTools for this to succeed? For exampel, on Ubuntu installing 'netbase' is known to fix this.
sir_guy_carleton has quit [Quit: WeeChat 2.2]
<jackdk>
iana-etc?
jperras has quit [Ping timeout: 268 seconds]
<johnw>
good thought, trying
nD5Xjz has joined #nixos
fusion809 has quit [Remote host closed the connection]
jperras has joined #nixos
<{^_^}>
[nixpkgs] @pcrama opened pull request #51554 → Add cl-jpeg, cl-pdf & cl-typesetting, no extra external deps → https://git.io/fpX4J
mmlb has quit [Read error: Connection reset by peer]
mmlb has joined #nixos
reinhardt has joined #nixos
rhalff has quit [Quit: Leaving]
rhalff has joined #nixos
<rhalff>
anyone using home-manager? I get error: file 'home-manager' was not found in the Nix search path (add it using $NIX_PATH or -I)
<rhalff>
when following the instructions.
<rhalff>
While executing: nix-shell '<home-manager>' -A install
jperras has quit [Ping timeout: 250 seconds]
ThatDocsLady has joined #nixos
<rhalff>
My $NIX_PATH looks weird I guess: nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
shymega has quit [Quit: Ciao.]
<rhalff>
that's the path when I run as normal user.
jperras has joined #nixos
<rhalff>
my user's profile is not within the path, how is it normally set?
<sphalerite>
so in many cases just having a default.nix will do
<srhb>
sphalerite: I guess I mostly work with projects where the intention of the shell.nix is to provide something _different_ than the default.nix :)
<sphalerite>
shell.nix is useful if you need some additional tools for generating data that affects the compile process but is also included in source tarballs I guess, like autoreconf
<srhb>
That's true as well.
<sphalerite>
AFAIU that's the _intent_ behind shell.nix
<sphalerite>
for "give me a shell with this piece of software available you can just use nix-shell -p 'import ./.'
<srhb>
Most projects that I see outside the nix ecosystem use it differently. But then again, most things in the nix ecosystem use the release.nix + build attribute approach, which seems very unique.
<Ralith>
I mostly use shell.nix to avoid copying the source tree into the store
<srhb>
The alternate version that I see, the one that matches sphalerites expectation, is usually a default.nix that mimicks what the package would look like in-tree (that is, it takes each of its deps as arguments) whereas shell.nix takes just nixpkgs as an argument and callPackages mkDerivation.
<Ralith>
and sometimes for some CLI and library path niceties
<srhb>
But that may be a haskellism.
alex`` has quit [Ping timeout: 250 seconds]
<sphalerite>
yeah that's something I don't like, there's no real convention for "package function file" and "composition file"
<srhb>
True true.
<sphalerite>
using shell.nix for the latter isn't nice, because it's not just good for nix-shell!
jperras has quit [Ping timeout: 268 seconds]
alex`` has joined #nixos
hamishmack has joined #nixos
jperras has joined #nixos
<{^_^}>
[nixpkgs] @schmittlauch opened pull request #51557 → dino: bump to latest upstream master (2018-11-29) → https://git.io/fpXgh
<{^_^}>
[nixpkgs] @schmittlauch opened pull request #51558 → Dino bump back → https://git.io/fpX2U
<porrifolius_>
So, fonts in nixos... I've just added the inconsolata package, after a switch there are inconsolata files scattered around the store. But it's not obvious to me how to use it.
<porrifolius_>
xfontsel doesn't seem to list it and grepping fc-list output gives nothing. Do I have to enable one of the numerous font related configuration.nix settings? Or do I just need to know what to call it already?
porrifolius_ is now known as porrifolius
arjen-jonathan has joined #nixos
<srhb>
porrifolius: When you say "added the the package" do you mean to fonts.fonts?
ciil has quit [Quit: Lost terminal]
__monty__ has joined #nixos
jperras has quit [Ping timeout: 250 seconds]
ciil has joined #nixos
lassulus has quit [Ping timeout: 240 seconds]
lassulus has joined #nixos
jperras has joined #nixos
guaraqe has joined #nixos
<porrifolius>
srhb: Oh, sorry, I mean added inconsolata to environment.systemPackages in configuration.nix.
<srhb>
porrifolius: No, I don't think that will do anything.
<porrifolius>
srhb: Any idea how to get it active? I was just gonna flick random font switches in the configuration.nix but, well... not ideal.
<porrifolius>
vo|d: No. But I will have very soon.
<porrifolius>
srhb: Ok, thanks, I'll take a look.
<porrifolius>
vo|d srhb: Ok, that looks pretty clear, I'll try it out. I've found myself searching for ages for manual/documentation on some nixos stuff, in vain. But when it is available it seems fairly straightforward.
<porrifolius>
Just have to keep searching and hoping to find gold I guess.
<etu>
porrifolius: "fonts.fonts = [ pkgs.inconsolata ];" should do the trick, no need to search anymore :p
<porrifolius>
srhb: I did look at options.html... I was overcome with a surfeit of options. :)
<srhb>
porrifolius: Understandable. :-)
<srhb>
porrifolius: fwiw, as you've probably learned now, #nixos is like a better, intelligent version of options.html with a natural language interface. :-P
<enleth>
anyone around with nixos installed on a Thinkpad with an intel GPU? if so, please check if glxinfo produces a non-error output, then run "strace glxinfo 2>&1 | grep _mesa | sort -u" and share the output
<enleth>
ah, I think I see why it wouldn't work for me - dotfiles in my homedir copied over from Gentoo mess up my environment in a way that interferes with nix
<pietranera>
enleth, what would that be for?
<enleth>
so /run/opengl-driver/lib isn't getting into LD_LIBRARY_PATH
<enleth>
pietranera: I was trying to figure out why I'm not getting GLX working properly for some programs
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
__monty__ has joined #nixos
jperras has joined #nixos
betaboon has quit [Quit: WeeChat 2.2]
iyzsong has joined #nixos
eyjhb has left #nixos ["WeeChat 2.2"]
<v0|d>
what is the proper way to disable nixos manual ? tried config.documentation.nixos.enable = false; and services.nixosManual.enable = false; still I get a services nmd nixos-manual
<nkaretnikov>
is there an easy way to build a statically linked haskell executable via nix-shell? i added -optl-static -optl-pthread to ghc-options, but cabal build in nix-shell complains about -lm (libmath) when linking. what's a proper way for me to add it? or is default.nix the only option as shown here: https://github.com/vaibhavsagar/experiments/blob/master/static-haskell-nix/default.nix ?
<nkaretnikov>
Mic92: I haven’t tried it, but does this also deal with c dependencies? Also, I’ve tried the thing I posted above and it doesn’t seem to be supported on Darwin. :/
<Mic92>
nkaretnikov: I don't know. I only of this function because pandoc is using it.
<Mic92>
*know of this
jperras has joined #nixos
mmlb has quit [Read error: Connection reset by peer]
klntsky has quit [Remote host closed the connection]
jperras has quit [Ping timeout: 246 seconds]
klntsky has joined #nixos
<nkaretnikov>
vaibhavsagar: error: Package ‘glibc-2.27’ in /nix/store/89n6iyw61954l500lravdbx4aj2asxi0-nixpkgs-19.03pre154715.d29947c36a7/nixpkgs/pkgs/development/libraries/glibc/default.nix:99 is not supported on ‘x86_64-apple-darwin’, refusing to evaluate.
<nkaretnikov>
vaibhavsagar: maybe i'm doing it wrong, though
<vaibhavsagar>
What happens if you replace glibc with clang?
<nkaretnikov>
vaibhavsagar: what i did: copied your default.nix to my project, ran nix-build default.nix
<vaibhavsagar>
Sounds reasonable
<nkaretnikov>
vaibhavsagar: attribute static missing is the new error
<nkaretnikov>
so clang doesn't support that
<nkaretnikov>
should I try withStatic as with gmp?
jperras has joined #nixos
<vaibhavsagar>
I don't think that's a good idea
<vaibhavsagar>
But I don't know how to make clang link statically
c0bw3b_ has quit [Remote host closed the connection]
Mateon3 has joined #nixos
<etu>
Hmm, I've ordered some Stickers from redbubble a while ago. But supporting the foundation is a good thing. It wouldn't hurt to have more stickers :D
<tilpner>
I got two of the redbubble ones, and they look terrible. Someone decided to use a low-res image and print stickers from that :(
<etu>
tilpner: Oh, then I guess I had better luck. Mine aren't awful.
<gchristensen>
these definitely look nice. they use the official NixOS logo font and everything, thanks to samueldr's persistence :)
* tilpner
can't stick them on anything with all those jagged edges
<etu>
gchristensen: How many euros in donations for stickers do you wish for? Also, does 35c3 delivery exist? :p
dslegends has joined #nixos
<tilpner>
etu - I think recurring donations are more helpful, even if low
<gchristensen>
etu: I have no preference / requirement :) I've left it open ended, because to be clear this isn't buying stickers -- this is a donation to the foundation, and I'm giving you stickers -- I'm not planning on being reimbursed or anything for the stickers. HOWEVER: the stickers cost $0.56 USD ($0.49 EUR) each, and I have a limited supply.
<gchristensen>
I can probably get them to you ni time for 35c3
<tilpner>
gchristensen - Doesn't shipping cost much more than the stickers?
<gchristensen>
yes, shipping will cost a bit. for international shipping, I'll likely mail them to someone in the EU to forward them locally for cheaper
<etu>
tilpner: yeah, ofc. I'm just better with one-time and trying to remember it because I'm a bit scared of recurring things. Especially on credit cards :)
johanot has quit [Quit: WeeChat 2.2]
<etu>
gchristensen: Oh, yeah. I get it. You don't do it for the foundation. You give it away on your own account if people donate to the foundation.
<gchristensen>
right
<tilpner>
Ehh, the 5€/month thing doesn't hurt. You can always cancel it
<tilpner>
But I don't actually want to argue how you should donate, do that however you want :)
<etu>
tilpner: I guess we're scared of different things:)
<tilpner>
Yeah, like big hairy Perl monsters
* etu
tend to donate to things like Wikipedia every year, so why not NixOS.
agander has joined #nixos
sir_guy_carleton has joined #nixos
philipp[m] has joined #nixos
guaraqe has quit [Ping timeout: 268 seconds]
Rusty1 has joined #nixos
<philipp[m]>
Is somebody here going to 35C3 from the US and could take a few stickers?
<gchristensen>
hehe
pietranera has quit [Ping timeout: 250 seconds]
<philipp[m]>
gchristensen: Thought it's worth a shot :-)Like I said. I had stuff not coming or coming very late before.
<__monty__>
gchristensen: They're 0.49 dollar euros?
<gchristensen>
__monty__: lol
dcol has joined #nixos
<gchristensen>
__monty__: yeah yeah :)
<kgz>
philipp[m]: which direction do you need them taking in?
<philipp[m]>
kgz US->Leipzig
philippD has joined #nixos
<dcol>
gonna go ahead and ask again.. anyone tried pinning nixpkgs to an older version of glibc for cross compilation? I'm trying to compile for a device that only supports 2.3, but since the crosscompilation toolchain has gone through quite some revisions since 2.3 pinning whole nixpkgs to the commit latest commit with 2.3 does not seem to work
<tilpner>
I can probably help you with pinning, but not with glibc cross-compilation
<kgz>
philipp[m]: I can ask people I know who are coming from the US
<symphorien>
dcol: does static compilation with musl (so with recent nixpkgs) fit the bill ?
<dcol>
symphorien: tried that and got pretty far, but it seems that the binary I'm trying to call relies on a lot of glibc intricacies. that would have been the dream!
joehh has joined #nixos
liminal18 has joined #nixos
<dcol>
at this point I'm considering just booting up some really old stable debian to get this done, but I'd prefer to do it in nix since I do everything else here
<{^_^}>
[nixpkgs] @eonpatapon opened pull request #51570 → cassandra: add option to configure logging → https://git.io/fpXjK
aanderse has quit [Ping timeout: 268 seconds]
ottidmes has joined #nixos
agander_ has quit [Ping timeout: 250 seconds]
<ejpcmac>
qyliss^work , tilpner : I did use mkForce. Then, doing a `nixos-rebuild switch` I get an error during systemd reload and after that Many commands are not available anymore (like `reboot` or `nixos-rebuild` itself).
agander_ has joined #nixos
<tilpner>
That sounds like what you wanted
<tilpner>
150307 tilpner | That might go horribly wrong
<tilpner>
You did get rid of nano, but also way too many other things
<ejpcmac>
But I’ve copy-pasted the default, this is strange.
<tilpner>
Well, no, you didn't
<ejpcmac>
I mean, I’ve done a mkForce with the default list.
<tilpner>
"The default" is spread all over nixpkgs/nixos
<ejpcmac>
Hmmm, ok, that’s why.
<tilpner>
Every module that sets systemPackages would need a corresponding mkForce from you
<tilpner>
Which... is not feasible
<ejpcmac>
Indeed.
<ejpcmac>
So there is no way to get the full list and customise it?
<tilpner>
There is, sort of, but not really
<ejpcmac>
With a bare minimum install NixOS takes something like 1,5Go
<tilpner>
You can get the current value of systemPackages, but if you manually edit it... you'll need to check on every update
<tilpner>
And if you something like environment.systemPackages = filter yourFilter config.environment.systemPackages; it will loop
<tilpner>
The closure for nano is 37M, but ncurses and glibc are shared by many other things
<tilpner>
By itself, nano is just 2.5M
<clever>
you would be better off just using a package override to set nano = null;
<tilpner>
I suggested that too, they didn't comment on it
<ejpcmac>
Ok, so if I want a not-too-big VM to archive a build, NixOS is maybe not a good fit.
<tilpner>
Maybe, but that's not what we said
<clever>
ejpcmac: not-os may be a better option then, its nix based, but not nixos
reinhardt has quit [Quit: Leaving]
<ejpcmac>
clever: Thank you for the suggestion, I’ll take a look on it.
iyzsong has quit [Ping timeout: 272 seconds]
<dmj`>
how do I set the source of a derivation to a path on my file system
dbmikus_ has joined #nixos
<dmj`>
and read the files out of there into the nix store
<dmj`>
I dont' want the src path to be relative to the derivation, but absolute
Church_ has joined #nixos
mkaito has joined #nixos
ng0 has joined #nixos
mmlb has quit [Read error: Connection reset by peer]
shpx has joined #nixos
mmlb has joined #nixos
drakonis has quit [Quit: WeeChat 2.3]
drakonis has joined #nixos
<typetetris>
What is the minimum set of environment variables needed for nix to run? Should `NIX_REMOTE` suffice, so I don't screw up synchronisation on `/nix`?
<clever>
typetetris: with nix2, it will auto-detect NIX_REMOTE based on if it has write access to /nix/store/
<typetetris>
Do I need to use the `nix` command or do `nix-build` and `nix-env` also provide that?
fendor has quit [Ping timeout: 246 seconds]
<clever>
typetetris: all commands in nix have that support
<dmj`>
nvm I got it
dbmikus_ has quit [Ping timeout: 268 seconds]
<{^_^}>
[nixpkgs] @alyssais opened pull request #51571 → weechat: fix bad merge → https://git.io/fp1tJ
steshaw has quit [Quit: Connection closed for inactivity]
dbmikus_ has joined #nixos
drakonis has quit [Ping timeout: 250 seconds]
<typetetris>
clever: thanks
<{^_^}>
[nixpkgs] @georgewhewell opened pull request #51572 → qmltermwidget: add missing utmp lib on darwin → https://git.io/fp1qs
Mr_Keyser_Soze has joined #nixos
b1000101 has joined #nixos
agander_ has quit [Ping timeout: 246 seconds]
<b1000101>
hi folks, anyone tried to use wpsoffice package? I installed it with no issues but it seems there's only writer and no spreadsheet and presentation functions?
<kreisys>
hey I was wondering whether there's an easy way to load a submodule config from a file. specifically I'm trying to use home-manager declaratively so that users ' home-manager configs are imported from their home/github/etc
<dhess>
it's fairly random. Sometimes they pass but usually they fail
b1000101 has quit [Ping timeout: 256 seconds]
<dhess>
anyone seen something similar? There are a few issues on GitHub that turn up the "mount: mounting /dev/vda on /mnt-root/ failed: No such file or directory" search string, but it's not clear what the fix was
<gchristensen>
anyone using Nix to build docker images? please check out my PR, which is a particular interest if you're basing it on docker images pulled from the internet: https://github.com/NixOS/nixpkgs/pull/51528
<{^_^}>
nixos-org-configurations#29 (by Mic92, 1 year ago, open): Ipv6 support for https://nixos.org
* srk
shooting himself into both feet with ipv6 only vps
<Dagger>
that'd be really handy. having to add v4 addresses just for the *OS* is really annoying :/
m0rphism has joined #nixos
<gchristensen>
I agree
<srk>
... scp -r /etc/nixpkgs/ qanixos:
<ottidmes>
I always had an IPv4 address so far, but would that mean that you could also not build some packages from source, when the source is not configured to handle IPv6 correctly?
<srk>
possibly but you get sources from cache in most cases
<srk>
except for nonfree stuff
<dsx>
srk: bonus points if those vps are also ssh-less
<gchristensen>
yes, the cache does contain almost every source of everything we've built for many years
<gchristensen>
joepie91 was talking about getting us in touch with the internet archive to back it up
<srk>
dsx: could be :) but ssh with keys is fine
<ottidmes>
gchristensen: ah cool :)
<dsx>
srk: no, no bonus points :)
<srk>
dsx: I need to be able to deliver nixpkgs somehow :D
<dsx>
srk: you could use cfengine to copy them over from hub
<Twey>
Does the sandboxing only apply to variable-output derivations?
<srk>
why would you use cfengine when you have nix(ops)
Mr_Keyser_Soze has quit [Ping timeout: 244 seconds]
<Twey>
Since sandboxing forbids access to /etc/resolv.conf, how can something like fetchurl work inside a sandboxed build?
<dsx>
Speaking of which, does it work without ssh?
<dsx>
I had no chance to look into it yet.
<gchristensen>
Twey: they're given a much less strict sandbox (if any)
<drakonis>
so it turns out repology treats every nix package as a source package, so the numbers might be massively inflated
<Twey>
ottidmes: The only thing I see there about it is: « If this option is set to relaxed, then fixed-output derivations and derivations that have the __noChroot attribute set to true do not run in sandboxes. »
rihardsk has joined #nixos
rihardsk has quit [Remote host closed the connection]
<srk>
dsx: push. you can achieve pretty similar effect with NIXOS_CONFIG=xyz nixos-rebuild switch --target-host ssh://..
<infinisil>
drakonis: What's a source package?
rihardsk has joined #nixos
<dsx>
srk: I see. Thanks!
<Twey>
ottidmes: But surely fixed-output derivations must be treated specially under sandbox = true as well, or no fetchurl would work with sandbox = true
<ottidmes>
Twey: I thought this might be relevant "In addition, on Linux, builds run in private PID, mount, network, IPC and UTS namespaces to isolate them from other processes in the system (except that fixed-output derivations do not run in private network namespace to ensure they can access the network)."
rihardsk has quit [Client Quit]
<Twey>
Oh, right
rihardsk has joined #nixos
<drakonis>
its a package that stores the source from which multiple packages are built from
<Twey>
ottidmes: So does sharing a network namespace mean that you don't need /etc/resolv.conf ?
<drakonis>
libreoffice and firefox are individually 70 plus packages each
Tucky has quit [Quit: WeeChat 2.2]
srl295 has joined #nixos
<drakonis>
the language packages are usually multiversioned and spun off source packaged
<drakonis>
packages
<dsx>
Twey: I think you should still need /etc/resolv.conf.
<ottidmes>
Twey: I have little experience in the matter, but I would assume it would work as normally, the network not being private
Rusty1 has quit [Remote host closed the connection]
<drakonis>
infinisil: it counts whatever's available, so if python 2 and 3 were available on the cache, they'd be part of the numbers
<drakonis>
rather than just python 2
drewr has quit [Remote host closed the connection]
<drakonis>
in short, it is counting packages that are built off a single source as multiple
<ottidmes>
drakonis: doesnt Arch Linux have the same issue, with things like -git variants? or is the AUR not included in the count
<Twey>
ottidmes: That only works for localhost (which we expect to resolve to 127.0.0.1… though I guess it needn't, there are other loopback addresses)
<drakonis>
the AUR is separate
<Twey>
dsx: Yeah, I think you still need /etc/resolv.conf too
betaboon has quit [Quit: WeeChat 2.2]
<drakonis>
the git variant packages arent a massive chunk
<Twey>
Which makes me confused, unless as gchristensen says contrary to the documentation actually fixed-output packages are built outside the sandbox
<ottidmes>
Twey: yeah, hence my nevermind ;)
__Sander__ has quit [Quit: Konversation terminated!]
<Twey>
Well, to be fair, the documentation doesn't say they aren't — it just says that if you set sandbox = relaxed then they are ;)
<dsx>
Twey: you should. Shared network namespace just lets you use host NICs, but name servers are defined by resolv.conf and they could differ
<drakonis>
ottidmes: they still have source packages there
Ariakenom has quit [Ping timeout: 244 seconds]
<ottidmes>
drakonis: I get your point, I just checked repology, and those numbers are not reflecting the real situation
<drakonis>
its called base packages in there
<srk>
haha, another ipv6 fail .. Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp 52.70.175.131:443: connect: network is unreachable.
drakonis_ has joined #nixos
<{^_^}>
[nixpkgs] @thoughtpolice pushed commit from @alyssais to master « nginx: 1.14.1 -> 1.14.2 »: https://git.io/fp1n4
<{^_^}>
[nixpkgs] @zimbatm opened pull request #51579 → terraform-docs: init at 0.5.0 → https://git.io/fp14L
<haslersn>
thefloweringash: Thanks!
<haslersn>
That worked
<fendor>
when using the option "boot.kernelPackages = pkgs.linuxPackagest_latest;" the raspberry pi builds the kernel 4.19.6 from source. The channel is 18.09 stable, what can i do to avoid building it from source?
ThatDocsLady has quit [Ping timeout: 252 seconds]
<samueldr>
the nixos-18.09 channel doesn't wait for aarch64; so while that channel updates, it's possible the aarch64 builds aren't finished
<samueldr>
furthermore, there seems to a tiny issue where the builds are *just* at the point where they time out on hydra (four hours apparently) which makes this a bit annoying
<fendor>
samueldr, so, can i somehow tell him to not upgrade the kernel Package? currently, 4.19.5 is installed, and I just want to add a user
<samueldr>
you could backtrack the channel update (don't remember off the top of my head how exactly)
<thefloweringash>
Hopefully it's as easy as`nix-channel --rollback`
<samueldr>
I wonder if there's something else going on with those timeouts, where it looks like it times out, but in actuality the build finishes and copies properly, but hydra doesn't see it?
pointfree has joined #nixos
<fendor>
so, what I could I do?
elgoosy has quit [Remote host closed the connection]
eyjhb has joined #nixos
<thefloweringash>
one approach: find the local channel generation that corresponds to the current system and `sudo nix-channel --rollback` to that particular generation
<thefloweringash>
you can use something like `for i in /nix/var/nix/profiles/per-user/root/channels-*-link; do grep -H . $i/nixos/.git-revision; done` to inspect your local channel generations
mmlb has quit [Read error: Connection reset by peer]
mmlb has joined #nixos
<fendor>
thefloweringash, what does it mean if one of the channel generations does not have .git-revision?
<thefloweringash>
it could mean that there was no `nixos` channel in that generation
<fendor>
oh, right...
<fendor>
back then i replaced the unstable channel with the stable one
<fendor>
so, the first generation will not work :D
haslersn has quit [Ping timeout: 256 seconds]
<fendor>
wait, do channels have generations over renaming? i switched to the first generation and imo the nixos channel should now point to unstable, but it still points to stable?
<thefloweringash>
eyjhb: which option are you trying to override?
<gchristensen>
fendor: channels are not changed by rollbacks
<fendor>
what do the rollbacks mean then?
<johnw>
what is the option to force building locally; i.e., to ignore remote buildiers?
<gchristensen>
johnw: --option substituters ''
fendor has quit [Quit: Leaving]
fendor has joined #nixos
<johnw>
thanks!
<eyjhb>
thefloweringash: I want to try a newer version of the DisplayLink package, so I need to change the sha and version. But I am really on bare ground here... :/
<{^_^}>
[nixpkgs] @ragnard opened pull request #51580 → soapyrtlsdr: init at 0.2.5 → https://git.io/fp1R6
<gchristensen>
fendor: nix-channel supports --rollback, which rollss back the channel. separately, nixos-rebuild supports --rollback, which rolls back the system configuration
<eyjhb>
THe option is accessed using `services.xserver.videoDrivers = ["displaylink"];`.. Would be awesome with some example, or anything.. :/
<eyjhb>
Really keeping me from installing NixOS on my main laptop, as I just invested in the dock so I could get a third screen
<johnw>
gchristensen: even with that I still get: error: build of '/nix/store/xldsa3jy6a5fgcfni469509v4vslnzz6-dfinity-node-static-0.0.0.drv' on 'ssh://root@worker-1' failed
<fendor>
gchristensen, so, it points to a specific commit? E.g. a set of packages?
<eyjhb>
Mic92: Overriding version and sha in the Displaylink "option" I linked earlier, using overlays :)
<thefloweringash>
eyjhb: which side do you need to override, the kernel side (`evdi`) or the user side (`displaylink`)?
<thefloweringash>
if it's the user side, a regular overlay should be able to change the src attribute; if it's the kernel side, the overlay is a little more fiddly
<eyjhb>
thefloweringash: I would guess the user side to start with, to see if that makes a difference, if that doesn't, then I would have to try newer version of evdi
<Mic92>
eyjhb: put the following in your configuration.nix: nixpkgs.config.packageOverrides = pkgs: { displaylink = (pkgs.displaylink.overrideAttrs (old: { src = ./yourzip; })); };
<Mic92>
(untested)
<eyjhb>
Might be a stupid question, Mic92 but currently the option is as `services.xserver.videoDrivers = ["displaylink"];`, would I just be able to replace `"displaylink"` with that? As it doesn't seem like a package to me
<Mic92>
eyjhb: no keep `services.xserver.videoDrivers = ["displaylink"];` but also add the packagesOverrides
<johnw>
gchristensen: apparently --option builders localhost did work
<Mic92>
overriding kernel packages is really wild territory.
<eyjhb>
Mic92: Doesn't seem to work. I am guessing if I give a invalid path, it should complain about it not exsisting, right?
<Mic92>
This is the first time I actually see how to do this.
<Mic92>
eyjhb: download the zip archive for display link and replace `yourzip` with the filename of display link relative to your configuration.nix
Slabity90 has joined #nixos
<eyjhb>
thefloweringash: So I can replace the src => fetchfromgithub ....
<thefloweringash>
yep
ottidmes has quit [Ping timeout: 246 seconds]
<eyjhb>
Mic92: yeah, but still, shouldn't it at least say `you fucked up`, with a invalid path?
Slabity90 has quit [Remote host closed the connection]
<Mic92>
Is a error about an non-existing path not the right message in this case?
<eyjhb>
Yeah, but it doesn't give any error after I have inserted that, saved it, and ran rebuild test
<eyjhb>
But trying again with valid path etc.
<eyjhb>
Mic92: well... I need to overwrite a lot of other stuff to get this to work I guess
<{^_^}>
[nixpkgs] @joachifm opened pull request #51581 → Implement R wrappers as local-only runCommand → https://git.io/fp10p
<aminechikhaoui>
ehm how do I investigate an evaluation in hydra that is taking forever without finishing, `NIX_COUNT_CALLS=1 NIX_SHOW_STATS=1 HYDRA_DEBUG=1 ./src/script/hydra-eval-jobset <project> <jobset>` doesn't seem to emit anything to stdout :/
<aminechikhaoui>
I want to at least know which part is it evaluating so that I can narrow it down and look at it separately
<Mic92>
eyjhb: propritary drivers from companies that also deny redistribution are always a pain in the arse. I try to avoid those.
<eyjhb>
Mic92: I really wish I could... :/ - I am trying to overwrite the version now to 4.4.24. SHouldn't it just be to add `version = "4.4.24"; src = ./location/displaylink.zip;` ?
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to staging: https://git.io/fp1w6
boxscapeR has joined #nixos
<boxscapeR>
Is there a reason (other than that you don't have to run `nix-shell`) to use cabal nix integration rather than using cabal within a nix shell? (If I'm not running cabal from a script but directly in the terminal)
Ariakenom has quit [Ping timeout: 240 seconds]
<disasm>
boxscapeR: purity could be all I can think of. Aside from that, not really.
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « haskell-brick: update override for the new version »: https://git.io/fp1rI
<boxscapeR>
ok, thanks
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fp1rq
<simukis>
how to make pkgconfig pick up new packages with `nix run pkg1 pkg2 pkgconfig`?
<simukis>
with nix-shell that works kinda as expected
acarrico has quit [Ping timeout: 250 seconds]
<dsx>
How to obtain a list of all ip addresses defined in config.networking.interfaces?
srl295 has quit [Quit: Connection closed for inactivity]
rauno has quit [Ping timeout: 268 seconds]
<dsx>
I need to get from { eth0 = { ipv4 = { addresses = [ { address = "131.211.84.78"; prefixLength = 25; } ]; }; }; } to ["131.211.84.78" …]
<symphorien>
simukis: why not using nix-shell then ? nix run is not really a replacement for nix-shell
<ottidmes>
simukis: from my understanding, nix-shell emulates the environment of nix-build, nix-shell --packages is just a trick to leverage this mechanism to provide you with the packages, but really nix-shell is meant to test your builds with, while nix run is truly meant for nix-shell --packages use case, but does not supply what regular nix-shell does
<{^_^}>
[nixpkgs] @peti pushed 4 commits to haskell-updates: https://git.io/fp1PS
<{^_^}>
[nixpkgs] @peti pushed 3 commits to haskell-updates: https://git.io/fp1PH
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « all-cabal-hashes: update to Hackage at 2018-12-05T19:25:40Z »: https://git.io/fp1Ph
<simukis>
I guess I’ll just use nix-shell -p. I’m not exactly interested in emulating nix-build environment (i.e. I’m not testing anything nix-build-y), but if `nix run` is not intended to make pkgconfig work at all, I’ll just use nix-shell -p instead
<simukis>
I’ve been using nix run because it "felt" nicer/better/etc
<ottidmes>
simukis: I think the following applies to making pkgconfig work as well
<ottidmes>
,library simukis
<{^_^}>
simukis: Don't install libraries through nix-env or systemPackages, use nix-shell instead. See https://nixos.wiki/wiki/FAQ/Libraries for details.
WhittlesJr has joined #nixos
<WhittlesJr>
Hey friends. Does anyone use NixOS for PAAS? I love NixOS dearly but I need to run something Dokku-ish. I see that you have deis packaged but deis workflow looks pretty shaky right now.
m0rphism has quit [Quit: WeeChat 2.2]
<thoughtpolice>
People do run K8S and other Native Cloud™ Applications® on NixOS, but I'm not particularly sure about how things like Dokku/run-your-own-PaaS stuff is supported. Dokku doesn't have NixOS module support at least, for instance.
erratic has quit [Quit: this computer has gone to sleep...]
Thra11 has quit [Ping timeout: 240 seconds]
jrolfs_ has joined #nixos
<{^_^}>
[nixpkgs] @tadfisher opened pull request #51588 → autoPatchelfHook: Use multilib interpreter for ELF32 binaries → https://git.io/fp11P
mmlb has quit [Read error: Connection reset by peer]
jrolfs has quit [Ping timeout: 245 seconds]
mmlb has joined #nixos
<ashkitten>
does anyone run nix on netbsd?
<ashkitten>
wondering if it's possible without too much fiddling
<WhittlesJr>
thoughtpolice: Yeah that's the vibe I'm getting. I was hoping I could manage all of my servers in NixOps :C
vk3wtf has quit [Ping timeout: 264 seconds]
sir_guy_carleton has joined #nixos
<fendor>
right, for some reason, I added user channels, is that useless on a single user system?
sir_guy_carleton has quit [Client Quit]
sir_guy_carleton has joined #nixos
WhittlesJr has quit [Quit: Page closed]
<jonaswouters>
I've come a long way with my nix config, but today the option "keybindings = lib.mkOptionDefault { "name" = "value"; };" started complaining that the unique option is defined multiple times. Am I missing something? It is defined in the source module, and in my nix configuration (as mentioned in the error). I thought mkOptionDefault takes the default, and overrides whatever you define.
Mr_Keyser_Soze99 has joined #nixos
nolanv has joined #nixos
nolanv has quit [Client Quit]
jrolfs_ has quit [Ping timeout: 268 seconds]
<srhb>
jonaswouters: Each config value is just a value associated with a priority. A default value has a priority of 1500. The highest priority values in all your modules are merged.
<ottidmes>
srhb: the lower the priority will win, mkForce e.g. is 50
nolanv has joined #nixos
<srhb>
ottidmes: Lower number, higher priority :)
Mr_Keyser_Soze99 has quit [Quit: Leaving]
<ottidmes>
jonaswouters: but the priority of mkOptionDefault is that used when you define an module option and give it a default value, which has the least priority (if you do not explicity define something with mkOverride and give it a number higher than 1500, that is), next is mkDefault, and then there is mkForce.
<srhb>
The point being: You can't have two or more "highest prio" uniq values.
<jonaswouters>
I'm using a home-manager module and the default for keybindings is not with a prio as far as I can see. lib.mkForce seems to do the trick for now.
<srhb>
jonaswouters: The default value has the same priority as the value created with mkOptionDefault (1500)
<srhb>
jonaswouters: So you had two values with the same and highest priority.
<jonaswouters>
ok makes sense
<jonaswouters>
Weird that it worked before.
<srhb>
jonaswouters: It did? o_o
<srhb>
Must have had a higher prio definition somewhere...
<srhb>
jonaswouters: Anyway, no need for mkForce, just set the value normally
<jonaswouters>
We'll see still getting used to everything :)
<srhb>
jonaswouters: That still has a higher priority than 1500
<srhb>
Oh, maybe it was implemented with mkDefault in a config setting before.. What's the module?
<ottidmes>
mkDefault would even work, which is higher priority than mkOptionDefault
<jonaswouters>
well, the other default values no longer work. So the "Consider to use <code>lib.mkOptionDefault</code> function to extend or override default keybindings instead of specifying all of them from scratch." is no longer valid
<srhb>
Bizarre. I see no reason that should ever have worked before.
johanot has joined #nixos
<jonaswouters>
Is there a way to extend the default part and only override what you want?
<srhb>
Oh, attrs vs attrsOf str maybe..
<srhb>
jonaswouters: If it doesn't merge nicely when you just set an attribute, you can always grab the default manually and use // to make changes.
<jonaswouters>
that is true :D
<ottidmes>
jonaswouters: not that I would recommend it, but maybe you could set the apply attribute of the option in question if does not already exist and tweak the value there
sysadmin_wannabe has quit [Ping timeout: 250 seconds]
<jonaswouters>
I copied the default config for now. I'd like to have something up and running and fine tune later. Thanks
<{^_^}>
[nixpkgs] @Synthetica9 closed pull request #50364 → nixos-version: use version_ instead of version → https://git.io/fp3ye
<xwvvvvwx>
ath10k_pci: failed to iomap BAR0
<xwvvvvwx>
ath10k_pci: failed to claim device -5
<gchristensen>
xwvvvvwx: sounds like you could use a reboot ;/
<xwvvvvwx>
already tried that a few time ;)
<xwvvvvwx>
ath10k_pci is the driver for the network card
<johanot>
xwvvvvwx: and your nics didn't come back then?
<johanot>
after reboot
<xwvvvvwx>
nope
<xwvvvvwx>
I’ll try again now to be super sure 🤷♀️
jrolfs_ has joined #nixos
<xwvvvvwx>
pffff it’s back and working now.
<xwvvvvwx>
definitely didn’t work before
<xwvvvvwx>
maybe I had the hw switch toggled off and didn’t notice before 🤷♀️
rprije has joined #nixos
<xwvvvvwx>
thanks for the help!!!!!
<porrifolius>
xwvvvwx: I've had nics in the past that keep state even through reboot. Needed power off to reset. Even had one in a desktop that I had to turn off the mains and attempt to restart... drain the capacitors I guess. Shabby.
ng0 has quit [Quit: Alexa, when is the end of world?]
vidbina has quit [Ping timeout: 268 seconds]
fusion809 has quit [Remote host closed the connection]
<philippD>
How do you get Steam to run on NixOs? https://nixos.wiki/wiki/Steam states that you just have to install the `steam` package. But that packages doesn't seem to exist
<simpson>
philippD: Do you have unfree packages enabled?
<{^_^}>
[nixpkgs] @c0bw3b merged pull request #51529 → opensans-ttf: change source to salsa, rename to open-sans → https://git.io/fpXTe
<philippD>
I have `nixpkgs.config.allowUnfree = true;` in my configuration.nix
seqizz has joined #nixos
<philippD>
I'm trying to install steam through `nix-env -i steam`
<seqizz>
hi, does anyone else went crazy about clipboard on KDE? I can't seem to assign one of the basic X shortcuts: shift-insert for "paste selection". It just doesn't care what I do, shift-insert always pasting the main clipboard..
<philippD>
`nix-env -iA nixos.steam` doesn't do anything
crmlt has quit [Ping timeout: 272 seconds]
<philippD>
Ok, if I add steam to users.users.<myName>.packages I get a compile error
johanot has quit [Quit: WeeChat 2.2]
cyounkins has quit [Remote host closed the connection]
Ariakenom has quit [Quit: Leaving]
simukis has quit [Quit: simukis]
o1lo01ol1o has joined #nixos
<srhb>
philippD: About a deb download? There's an open PR to fix that.
<{^_^}>
#51476 (by tejing1, 2 days ago, open): Steam won't install - cannot download libacl1.deb from any mirror
<philippD>
ssrhb: yeah that's my error.
ensyde has quit [Ping timeout: 244 seconds]
<sir_guy_carleton>
are there any nixos options for modifying the PATH variable?
<srhb>
sir_guy_carleton: environment.variables
<srhb>
I wonder if that will actually compose nicely.
<srhb>
Probably depends what you're actually trying to do what the best way is. Needing to modify PATH sounds wrong on NixOS.
iqubic has joined #nixos
cyounkins has joined #nixos
erasmas has quit [Quit: leaving]
<GlennS>
Can anyone recommend me the correct way to override a package in a NixOps machine configuration?
<GlennS>
Specifically I want to be able to set `pkgs.uwsgi.withSystemd = true;`, but services.uwsgi doesn't provide any way to pass in an overridden uwsgi package.
vk3wtf has quit [Ping timeout: 246 seconds]
<GlennS>
And I
Rusty1 has joined #nixos
<GlennS>
And I don't understand whether I should be using `config.packageOverrides` or overlays or `pkgs.overridePackages` or something else.
graphene has quit [Remote host closed the connection]
graphene has joined #nixos
seqizz has quit [Quit: Page closed]
vk3wtf has joined #nixos
<ottidmes>
GlennS: I would suggest overlays, but like you say, there are more ways to do it, but overlays are meant as a replacement of overridePackages
<ottidmes>
does GeForce RTX 2070 have any decent support on NixOS?