perique has quit [Quit: My MacBook has gone to sleep. ZZZzzzβ¦]
sbdchd has joined #nixos
<florianjacob>
ToxicFrog: While you are at imroving the munin module, just noticed that many options in munin.nix don't specify a `type` - should be mostly `types.lines` to enable line merging, I guess. Maybe you want to add that? :)
<ToxicFrog>
Going to commit a bunch of other fixes and then squash everything back together and re-upload it, should be ready for review for reals in a few minutes
siers has quit [Ping timeout: 240 seconds]
jperras has joined #nixos
<florianjacob>
ToxicFrog: just noticed /etc/munin/plugins contains a literal symlink '*' -> '/nix/store/kswihig9f78c0nj1hr65a37nr828n0r5-munin-extra-plugins.d/*' - is that the intention of how it should work?
<ToxicFrog>
florianjacob: no, and that's one of the things I fixed since uploading the PR
<ToxicFrog>
(the problem is that if you don't have any extraPlugins, when it does the "ln -s munin-auto-plugins/* ./", the * doesn't get expanded)
<ToxicFrog>
(it's harmless, but ugly
<florianjacob>
aah, so I just re-discovered it. Nice commit granularity & descriptions btw.
<siraben>
Is it possible to switch from the unstable to stable branch of Nix packages?
<florianjacob>
ToxicFrog: just to learn something while I have you on the line, βinternAndFixPluginsβ, βinternβ like βimprisonβ, or what does that mean in that context?
fusion809 has quit [Remote host closed the connection]
<florianjacob>
!= [] is the idiomatic way for the check if the check is required, quite sure that there isn't a thing like `lib.isEmpty xs` or any other sensible way to do it.
<nDuff>
do need to make sure the xapian C library is understood as a dependency of the derivation if that isn't automatically picked up, ofc, but I'd expect that to just be a matter of adding it to buildInputs.
<florianjacob>
ToxicFrog: everything seems fine now. π
<ottidmes>
siraben: the following advice should also apply to your situation (unstable by default with some stable, rather than the stable with some unstable discussed)
<lo_mlatu>
Hi, is there a way to apply `replace-dependency` on all packages in my nixos configuration? Or at least all packages in `environment.systemPackages`?
<ottidmes>
lo_mlatu: could you describe you use case in more detail, otherwise I would just suggest using an overlay to change said dependency
<ottidmes>
lo_mlatu: and if you only need to do so for a specific set of packages, maybe import your nixpkgs and your overlay only on that import, and then explicitly import from custom-overlaid-nixpkgs in your systemPackages
<lo_mlatu>
I'm on an macbook pro and I have to patch the libinput so the palm-injection etc could work. So I add an overlay. But there is so much package depend on it and I have to rebuild the whole world on each update.
<lo_mlatu>
I want to avoid this
freeman42x[nix] has quit [Ping timeout: 252 seconds]
<ottidmes>
lo_mlatu: then you could use my second suggestion, use a custom nixpkgs import that has the fixes for libinput and import from that for those few that need it
<ottidmes>
lo_mlatu: in your normal overlay do: libInputPkgs = import <nixpkgs> { overlays = [ ... your libinput overlay ... ]; }; and then in your configuration you can do for your systemPackages pkgs.libInputPkgs.<pkg_name>
<lo_mlatu>
ottidmes: But those packages are introduced by setting `service.x11.desktopManager.plasma5.enable = true`. Is there a recommended way to import a custom nixpkgs and affect only these packages? And there is already too much packages depend on libinput in that configuration...
<ottidmes>
lo_mlatu: ok, then how about doing the same I said above, but explicit overlay those you need fixed, so in your normal overlay add those that need fixing: <pkg_name> = libInputPkgs.<pkg_name>; (I would probably then define libInputPkgs in a let binding above you overlay, otherwise use self.libInputPkgs)
<ottidmes>
And probably use: inherit (libInputPkgs) pkg1 pkg2; instead
<lo_mlatu>
ottidmes: I think I can do this for those packages which take too much time to rebuild. Thanks anyway :-)
<ottidmes>
lo_mlatu: there should also be a way to convince Nix to trust you that its ok and it should just take the new libinput without rebuilding, but I dont know the details unfortunately
<lo_mlatu>
ottidmes: Yes exactly what I'm trying to find. I found `replace-dependency` but it only work for a single derivation
<ottidmes>
lo_mlatu: so looking at that code, you should be able to do what you want to achieve, never tried it myself though
<ottidmes>
lo_mlatu: you mean instead of patching the users of the derivation, you want everybody to use that derivation?
<lo_mlatu>
ottidmes: Well, I'm the only user of the machine
Rusty1 has quit [Quit: Konversation terminated!]
<ottidmes>
lo_mlatu: I meant users of the package in the sense of using libinput
<ottidmes>
so say firefox uses libinput, you dont want to patch firefox manually, you want to say, all packages that use libinput should use this new libinput, that is what you were asking, right?
<lo_mlatu>
Yes exactly
marusich has quit [Ping timeout: 250 seconds]
<{^_^}>
[nixpkgs] @cdepillabout opened pull request #52168 β Add bluez full package β https://git.io/fpbQY
<ottidmes>
without studying that replace-dependency to see if it could be modified to work like that, I could think of one way to make it work, it is to replace callPackage with a version that if libinput is in the list of inputs that it then calls replace-dependency on them, still not an easy fix I am afraid though
<lo_mlatu>
If I can get the top-level, or second-top-level derivation of the configuration output I think I can use replace-dependency to archieve what I want. But I suspect it will end up with an infinite recursion.
<lo_mlatu>
emmm, time to learn more about functional programming
lo_mlatu has quit [Quit: Page closed]
IRCsum has quit [Read error: Connection reset by peer]
<ottidmes>
the third one indeed produces inf-rec, so its the same
NightTrain has quit [Quit: Lost terminal]
<ottidmes>
nh2: trace causes evaluation of pkgs here (3) and pkgs is dependent on my config, so that inf-rec is sensible
palo1 has joined #nixos
<ottidmes>
nh2: the second one succeeds, because it can close the loop before having to be evaluated, so no inf-rec there
<ottidmes>
nh2: and I guess the first one is just divergent rather than looping, so the loop detection mechanism does not kick in
<nh2>
ottidmes: what's (3)?
<lo_mlatu>
can I get the name of a variable as string in nix expression?
<ottidmes>
nh2: the third example
<ottidmes>
nh2: only example 1 is unclear to me just from looking at the code
palo has quit [Ping timeout: 250 seconds]
<ottidmes>
lo_mlatu: could you give an example?
<nh2>
ottidmes: but why does tracing `pkgs.runCommand ...` fully evaluate pkgs? Shouldn't it only evaluate what's necessary, and certainly some random systemd unit's preStart shouldn't be necessary for that? I also don't understand why it being inside vs outside `preStart` specifically results in it not closing, respectively closing, the loop
justanotheruser has joined #nixos
<nh2>
ottidmes: also, if you assign it to `unitConfig.ExecStart` instead of `preStart`, then it works
<lo_mlatu>
I want a function `toName` which gives me "var" in `let var = 123; in toName var`
<ottidmes>
nh2: its not so much about evaluating but more about dependencies in order to be able to evaluate it, if pkgs depends on the config and to determine the config it needs pkgs, thats a loop
<ottidmes>
nh2: so we would have to look at preStart to see whats different about it
pie__ has joined #nixos
qualiaqq has joined #nixos
pie___ has quit [Remote host closed the connection]
<nh2>
ottidmes: it seems to be some specific properties in that level where this happens, e.g. `script` on that level also has that hang
<ottidmes>
nh2: so that explains the infinite recursion, just not why the inf-rec detector does not detect it
<nh2>
ottidmes: I don't get why it explains it, shouldn't laziness ensure that only `pkgs.writeTextFile` is evaluated? `preStart` using `pkgs` seems fine to me, problematic would be `pkgs` using `preStart` via some path, wouldn't it?
mikeplus64 has quit [Ping timeout: 250 seconds]
<ottidmes>
nh2: trace will cause some evaluation of it
<nh2>
ottidmes: for example, even this works: `let a = { x = 1; a = a; }; in builtins.trace a 2`
<ottidmes>
nh2: I am not the best at explaining this, its a difficult topic regardless, but in my mental model of it, its all about dependencies and the moment you trigger evaluation of say pkgs, it needs to know where writeTextFile comes from and thus all things defining pkgs, and that cannot be answered, because config defines pkgs
<ottidmes>
nh2: so in your example just now, your value is a cycle, while in your issue examples 1 and 3, it cannot determine the value because what it needs to determine the value cycles already
graphene has quit [Remote host closed the connection]
<ottidmes>
nh2: and there will always be cases like your first example, because inf-rec detection is generally undecidable, if it were able to always perfectly detect it, you would be able to solve the halting problem
run500 has joined #nixos
<nh2>
ottidmes: hmm, I can't say I'm convinced, but you must be right eventually because otherwise we wouldn't observe this behaviour. I should try tomorrow to insert a couple prints into nix's `printValue` and see whether I can figure out which exact path is taken
<nh2>
ottidmes: in any case, you checking that it happens for you too is already super helpful to ensure I'm not going insane :D
<nh2>
so thanks a lot!
<nh2>
I must go to bed now because it is 7:30 am :D
<ottidmes>
nh2: you most definitely are not, and no problem!
<ottidmes>
nh2: hah, me too :P good night!
<nh2>
good night
<{^_^}>
Night!
<ottidmes>
or rather, sleep well
<ottidmes>
night is over :P
<nh2>
night is when I sleep, can't help the fact that the other people are all so confused about it ;)
<ottidmes>
true
selfsymmetric-mu has joined #nixos
<selfsymmetric-mu>
Which package provides the unGoogleable `file` command?
<eyJhb>
gchristensen: you available? - Or anybody that knowns fetchFromGithub. What is the syntax for a specific tag? is it just `rev = "refs/tags/v1.6.0";` ?
<{^_^}>
[nixpkgs] @dotlambda pushed to master Β« ola: use python36 (#52097) Β»: https://git.io/fpbAb
Yaniel has quit [Remote host closed the connection]
<fusion809>
I ran `nix-env -f '<nixos-unstable>' -iA conda` and it installed conda-shell-4.3.31, yet conda-shell isn't found in PATH. I expected it in PATH due to what the Wiki says about it: https://nixos.wiki/wiki/Python#conda.
<fusion809>
Any ideas what I'm meant to do to get Conda shell?
<fusion809>
Hi, how do I debug i3status on NixOS? I've always found running i3 on NixOS a pain in the rear, mostly in getting my i3pystatus-managed i3 bar to work properly. Part of the reason is it is hard to debug, "Error: status_command process exited unexpected (exit 1)" as I do not know if there's a log file to look at and if not how to get a log. I've tried running the status_command line from my config file in my terminal and it
<tilpner>
ben - Quickest way would be to setup your own binary cache and push it there. Next quickest thing is to bring more attention to your PR, like you've done already
<ben>
I feel like people setting up their own binary caches just removes incentives to make the communal one as good as it can be
<srhb>
ben: One day is a very short while for a PR to sit :)
<steveeJ>
where is NIX_PATH originally set on a NixOS system?
<tilpner>
ofborg warns about it being a mass-rebuild though...
<srhb>
ben: But ticking more boxes is definitely good. Enabling sandbox for your testing is very good.
<tilpner>
Definitely don't tick all the boxes though, unless you want to rebuild 501+ packages locally
<srhb>
True :-P
<ben>
srhb: Yeah, it's not that long yet but I figure I should do what I can earlier rather than get really sad in like a month :P
<ben>
I was surprised that sandbox is not enabled by default
<srhb>
ben: It is on NixOS now
__monty__ has quit [Quit: leaving]
<srhb>
ben: But it requires a multi user install normally, so I guess that's a deterrent to setting it default on other distros.
<ben>
ah
<srhb>
It also has a performance cost (but well worth it)
<ben>
Do I just edit /etc/nix/nix.conf or whatever?
<srhb>
Sandboxing issues in packaging (not that you're likely to see that in your PR) are the worst...
<srhb>
ben: Yes, if you're on a multi user Linux install, I think that should work.
<srhb>
And then restart the daemon
<ben>
mhm, is there guidance for setting max-jobs vs cores?
<srhb>
ben: Not really, it's taste and machine dependent
<ben>
sorry, veering a bit off topic from my original talking point here :)
<srhb>
I compile some very memory hungry things, so I can't run many of them in parallel and have many cores at the same time.
<srhb>
No problem.
<ben>
I think I am more often in the situation where I build a single thing and want that to go fast rather than build 32 things at the same time so I'm surprised at the default (I assume) of max jobs = 32, cores = 1
<ben>
I guess this is the kind of thing a more careful user would have configured right after installing nix
<srhb>
Um, yes, that's surprising to me too. Though I suspect it's dependent on your machine as well.
<srhb>
ben: I mean, it's cheap to modify later so it's not a huge deal...
<srhb>
ben: But yeah, I'd certainly prefer more than one core when possible :P
<ben>
hm it turns out they released 1.11.4 and 1.10.7 already
<ben>
i guess it's a good thing we didn't bother with that mass rebuild yet
<srhb>
It's not a big deal, we just prefer it to not happen on master but on staging.
<srhb>
(And it's not that much of a mass rebuild compared to, say, glibc :P)
<ben>
Okay, I totally missed that staging is basically a separate PR target and not just a step on the way to master for PRs
<ben>
"That means it's not to be used for testing, and changes must have been well tested already." I should look into this "testing" thing
<srhb>
ben: Build some thing with go, that should suffice.
mconstant has joined #nixos
<srhb>
ben: And I think that wording is a bit stronger than what we actually enforce :)
juhe has joined #nixos
<mconstant>
I would like to make a modified image to burn to the sd cards for my pi zeros. how do I do that
Rusty1 has joined #nixos
agander has joined #nixos
<ben>
I have also wondered about something else, but I want to make it clear that I'm not asking out of impatience or to accelerate my PR in particular: The update to go 1.11.3 was treated with some urgency in my organization, with a decree to update locally by end of day and a mandate to redeploy recompiled binaries, and I imagine a lot of people are in a similar hurry. How does the nixpkgs project feel about
<ben>
tensions between that sort of hurry and the cycle times and testing requirements for nixpkgs/channels?
<ben>
I imagine a lot of nix+go users just implemented some ad-hoc overrides, duplicating each other's efforts
<srhb>
ben: I think the ease of overlays makes us slightly less nervous about it, but the goal is obviously more speed. And since it is a security thing, it might indeed go straight to master.
<ben>
In a lot of cases I imagine people also just want a new go version as soon as possible and don't really care about every other package depending on go
<srhb>
ben: Things could be better wrt security, but the people dedicated to it are overtaxed as is.
<srhb>
ben: Right, but if it breaks, say, docker or something, it's bad.
<ben>
yeah
<srhb>
ben: I think we actually have tests to block the channel if docker breaks, but you get the idea.
<ben>
I'm wondering if it might make sense to have a process where the addition of the new package version itself is fasttracked somehow independent from the change that makes other packages depends on the new version
<srhb>
ben: That's not really doable.
<srhb>
ben: At least, in this case, it'd be a sort of irrelevant addition then, that mostly solves nothing.
peterzky has joined #nixos
peterzky has quit [Client Quit]
<ben>
(again, this really isn't meant as complaints or "why dont you just..." kinda rhetoric, just wondering how people think about it)
<srhb>
ben: I also worry that the cleanup afterwards (switch packages to new version, dump old version) is a higher tax in terms of people-hours.
mconstant has quit [Read error: Connection reset by peer]
Guest86614 has quit [Ping timeout: 246 seconds]
agander_ has joined #nixos
<inf>
Hey all. I'm looking into building an electron-based appliance using NixOS (kiosk-like system) - what would be the best way to run it on modern Linux systems? I like systemd & journald, so far I manged to just create a services.xserver.displayManager.session and pair it with lightdm autologin, but maybe there's some better suggestion out there?
<inf>
Right now I'm stumbling upon a very weird issue in that setup, that when I run our application directly in [...]displayManager.session.start it somehow stops when switching to tty1 (I log some stuff to journald periodically), but keeps working if i launch it from xterm...
agander has joined #nixos
agander_ has quit [Ping timeout: 246 seconds]
<Baughn>
inf: I'm on my phone now, so can't check, but iirc there's some "demo" account functionality in configuration.nix.
<Baughn>
Search for that.
agander_ has joined #nixos
<inf>
I checked, and looking at process list, it's not getting anything like SIGSTOP/SIGCONT. (I haven't really played with Xorg/Xsession that deep, so I might be missing something)
<Baughn>
What you really want is an 'immutable' account. It might provide that. Not sure.
<inf>
Ah, I'll look for it.
<Baughn>
And a lot of GPU drivers act oddly on switching terminals. The best I can suggest is to not do that. SSH in instead.
<inf>
Yeah, I actually do that most of the time. I was only testing it, to verify another issue, that, for some reason, that electron/nodejs code is unable to resolve DNS names when run without network...
<inf>
I guess I'll just stick with what I have right now, and try to debug that first.
acarrico has joined #nixos
agander has quit [Ping timeout: 250 seconds]
<Baughn>
Um.
<Baughn>
How do you expect dns resolution to work without network?
<inf>
Darn, sorry, I meant - when started without network, and then network being reconnected after a while.
<inf>
Nevermind... I'll play with it and come back later. Thanks.
<Baughn>
Hmm. Does your machine by chance have a non-functional ipv6 configuration?
<Baughn>
I've seen programs get stuck on that in the past, if ipv4 isn't up when they start.
<Baughn>
The solution was to fix the systemd dependencies so it wouldn't start too early.
<inf>
The thing is - it should be able to connect to that service, even if network is reconnected after a while :/
<inf>
When I restart whole desktop-manager.service after connecting the network, it works just fine, but before that, nodejs keeps throwing "getaddrinfo ENOTFOUND domain.tld" at me...
<inf>
Just wrote a very simple test program to verify this...
<inf>
It's very likely this is just a bug in that electron program.
agander has joined #nixos
ixxie has joined #nixos
agander_ has quit [Ping timeout: 268 seconds]
<inf>
well, obviously, minimal testcase that just keeps on doing `https.get()` works fine... Eh. Well.
agander has quit [Read error: Connection reset by peer]
agander_ has joined #nixos
<{^_^}>
[nixpkgs] @marsam opened pull request #52236 β gitAndTools.lab: init at 0.14.0 β https://git.io/fpNfg
<ben>
to make a PR against staging I need to build a lot of packages that aren't in the binary cache :I
<gchristensen>
ben: may I PM?
<ben>
sure
<inf>
Baughn: Ha! Got it! It was in fact ipv4/ipv6 issue, looking at journald now, I can see systemd-resolved failing at dnssec validation for AAAA records :D
<gchristensen>
I should just make the offer I made to ben in private, in public: if you're hacking at some package low in the graph and are doing tons of long rebuilds, I'm able to get big build nodes for contributors for some amount of time. PM me if you're interested
drakonis_ has joined #nixos
drakonis has quit [Ping timeout: 250 seconds]
ng0 has quit [Quit: Alexa, when is the end of world?]
<Baughn>
Hum.
<Baughn>
How big are we talking about, out of curiosity?
<Baughn>
(I have a Threadripper, so probably don't need it.)
<gchristensen>
typically one of these: https://www.packet.com/cloud/servers/m2-xlarge/ it is made available as a spot instance, this means it can be destroyed at any time -- but it will frequently be available for several hours
<gchristensen>
s/frequently/generally/
Mateon3 has joined #nixos
ng0 has joined #nixos
<simpson>
I haven't experienced Packet's offerings, but likely there is an allocation minimum of something like 30min to prevent their scheduler from thrashing.
<gchristensen>
sometimes it'll be available for >1d
Mateon1 has quit [Ping timeout: 250 seconds]
Mateon3 is now known as Mateon1
freeman42x[nix] has joined #nixos
<ben>
I'd feel extremely bad using such a machine interactively thinking about all the CPU time sitting idle while I'm slowly typing build commands into a shell
<ben>
:P
<gchristensen>
yeah but also think about that poor machine sitting idle, no work to do, waiting for a friend to come calling
<ben>
it looks like `nix build` stops workin if I set an empty NIX_PATH, so
<steveeJ>
I think I'm looking at the wrong thing. `nix build` seems to work but the next step `nixos-rebuild` doesn't
<gchristensen>
it shouldn't, `nix build -f . -A foo`?
<ben>
gchristensen: oh I mean I wanted it to stop working so I can see where it pulls nixpkgs from
<ben>
absent a -f
<gchristensen>
ah
<steveeJ>
so now either I'll reproduce nixos-rebuild manually or figure out why that needs nixpkgs
<ben>
I think it evaluates <nixpkgs/nixos> or something?
<ben>
but it should use NIX_PTH
<ben>
+A
<steveeJ>
ben: it seems that it does evaluate that, but why? I've tried `--no-build-nix` but it still does
<gchristensen>
steveeJ: you can pass -I nixpkgs=./my-nixpkgs and it'll use that one, does that help? probably best to not reimplement it, to avoid weird bugs
<ben>
steveeJ: the logic to evaluate your nixos configuration lives in nixpkgs
agander_ is now known as agander
<steveeJ>
ben: I see, it makes sense
cyounkins has quit [Ping timeout: 244 seconds]
<ben>
and uh i guess it has to find all those packages it's gonna install somewhere, maybe im misunderstanding
<steveeJ>
gchristensen: do you know if that nixpkgs is passed to the configuration? I want to prevent having nixpkgs set
<ben>
s/install/build/
<steveeJ>
maybe I'm being too stubborn :D
<steveeJ>
i meant, determined
<gchristensen>
steveeJ: yeah, it is
<ben>
I think my approach would be to wrap your to-be-reproducible build in a script that sets NIX_PATH to a fixed value
<ben>
pointing to a fixed version of nixpkgs rather
<gchristensen>
steveeJ: so what are you using this for? seems cool
<gchristensen>
which I feel obligated to reiterate, it is ββββββannoyingββββββ
<steveeJ>
gchristensen: that sounds like what I want! but in case of system (re)builds I'd have to deploy them manually, right?
<gchristensen>
yeh, you'd have to reimplement nixos-rebuild
<steveeJ>
is that hard?
<steveeJ>
maybe we should introduce `--pure` to nixos-rebuild
<gchristensen>
if you ignore the fancy stuff it can do, like build remotely, or deploy remotely, it is not so complicated
<gchristensen>
maybe we should, yeah, but not sure how. the trouble is you can't even point it to a local file, you MUST pass an en expression on the CLI which runs a fetcher
<gchristensen>
afaik anyway
<ghostinthenet>
morning all. newbie in the house. :)
<steveeJ>
gchristensen: but the local git would work?
<gchristensen>
hrm?
<ghostinthenet>
looking for a way to get the kubelet package to use rkt as the container engine rather than docker, but no matter how I try to slice it, I canβt do a βnixos-rebuild switchβ without it failing on a docker dependency. thoughts? (feel free to redirect me if Iβm in the wrong spot.)
<steveeJ>
gchristensen: you mentioned you can't pass a local file, and you showed a workaround in that build.sh. that would work for nixos-rebuild --pure too?
<lejonet>
is there an equivalent function in nix for doing tests if a variable is in a set, i.e. from pythons if "thing" in list: ?
<steveeJ>
ghostinthenet: it's probably possible to do what you want I've heard from a couple sources that rkt is not really something to bet on for k8s support
<lejonet>
is it builtin.elem that could be used for that?
<lejonet>
Basically what I'm trying to do is make some sort of check in nixos/modules/tasks/network-interfaces.nix that doesn't force a *.device service to be created for any openvswitch interfaces
<ghostinthenet>
Well, that explains much steveeJ. thanks. iβve heard the same things, but about docker. :) Iβm looking at rkt mostly because itβs a pain to use docker without also using itβs networking model, which is horrible.
<eyJhb>
How easy, is it to get a update backported into 18.09 ?
agander has quit [Ping timeout: 246 seconds]
<steveeJ>
ghostinthenet: doesn't kubernetes support CNI with docker too?
<ghostinthenet>
It may, but separating the two seems to be like separating fighting dogs.
agander_ is now known as agander
init_6 has quit []
Gohla has quit [Quit: Bye.]
<lejonet>
ah, container networking, its such a wonderful... clusterfuck :P
<steveeJ>
ghostinthenet: I would try to replace docker by cri-o
<ghostinthenet>
Do we have that option if the docker dependency is hardcoded?
<steveeJ>
ghostinthenet: we can rewrite the code :D
<ghostinthenet>
Preach, brother lejonet!
<steveeJ>
my knowledge on this is very outdated though. I've been wanting to refresh it for a while
<ghostinthenet>
Iβm thinking that pulling the docker dependency is going to be necessary for proper cri support.
<steveeJ>
ghostinthenet: does pulling mean removing?
drakonis_ has quit [Read error: Connection reset by peer]
<ghostinthenet>
Sorry. Pull has different contexts these days. :) Yes, remove.
<lejonet>
ghostinthenet: I definitively "like" the fact that those who designed docker made it nearly impossible to integrate with a traditional networking environment, which is usually rather tightly controlled :P
<ghostinthenet>
lejonet: tight control is like crack in IT. everyone wants it.
<lejonet>
ghostinthenet: haha yeah, and if there is one area in IT that needs it, its networking, because a lot of people don't really understand it
<eyJhb>
lejonet: we have had to use Docker for some rather janky setup... Was not fun AT ALL...
agander has quit [Ping timeout: 268 seconds]
rhalff has joined #nixos
<lejonet>
and I dunno if its just my memory that is fuzzy, but wasn't k8s leaning towards using rkt as default a while ago? Or was that CoreOS?
Mrmaxmeier has joined #nixos
<gchristensen>
coreos authored rkt, so that would make sense
<rhalff>
Hi I must accept the set `android_sdk.accept_license = true;` but how do I do this from a shell.nix script?
Mrmaxmeier has quit [Remote host closed the connection]
cyounkins has quit [Remote host closed the connection]
Gohla has joined #nixos
<ghostinthenet>
lejonet: this is why the container networking messes me up. Iβm coming from a strong networking background and a lot of it just doesnβt make sense.
<lejonet>
Yeah, and I know they did a push for it, for their own things, but iirc more projects that wanted a simpler execution "engine" for containers were going towards rkt instead of docker, because you don't have to subscribe to TOO much insanity with rkt, as you have to with docker (their networking "model" for one)
<rhalff>
It must be set somewhere in stdenv.mkDerivation {} but not sure where to define that.
<lejonet>
ghostinthenet: Amen to that :P
cyounkins has joined #nixos
Mrmaxmeier has joined #nixos
Mrmaxmeier has quit [Client Quit]
Mrmaxmeier has joined #nixos
<{^_^}>
[nixpkgs] @zimbatm merged pull request #51926 β nixos-artwork: make wallpapers available to KDE β https://git.io/fpd83
<{^_^}>
[nixpkgs] @zimbatm pushed commit from @peterhoeg to master Β« nixos-artwork: make wallpapers available to KDE (#51926) Β»: https://git.io/fpNU7
<ghostinthenet>
in any case, one of the best thinks kubernetes did was implement the container runtime interface, making the whole thing pluggable. use whatever container you want.
<simpson>
ghostinthenet: You're not crazy. Networking underneath a container runtime is crazy. (The payoff is that networking inside k8s is relatively smooth.)
<lejonet>
oh sweet, I just found that the thing I want to do for vswitch interfaces might be as easy as removing stuff inside a paranthesis :D
<ghostinthenet>
simpson: hence my wanting to get k8s going without the complexity of docker networking.
cyounkins has quit [Ping timeout: 250 seconds]
freeman42x[nix] has quit [Ping timeout: 252 seconds]
<lejonet>
and that is why I didn't bother looking further into k8s when I was looking for cluster management engines that could handle both containers and VMs, too complex
<simpson>
ghostinthenet, lejonet: FWIW the experience is much nicer on managed k8s platforms, but it sounds like y'all have lots of hardware already.
<lejonet>
simpson: yeah, I've tried the rancher approach and such and I want a little more control over the env than that gives :)
<lejonet>
Even tho its really smooth sailin' with like rancher and similar setups
<ghostinthenet>
simpson: part of this is learning experience, wanting to know how it ticks underneath the hood before trusting managed platforms. another part is getting around some of the limitations. my cloud provider still doesnβt let the managed service cross regions.
<simpson>
ghostinthenet: Sure, makes sense. FWIW those kinds of limitations are in place because the bandwidth and latency costs get very expensive. The public cloud vendors' underlying hardware provisioner usually *also* cannot cross regions.
<lejonet>
Hmm, what is the easiest way to try a small change to generated netdev services on a system, without needing a full rebuild switch? (My rebuild is currently blocked by a failing namei.c patch to the kernel :( )
<simpson>
My multi-cloud k8s setup involves multiple clusters per vendor, but only one cluster per region.
<ghostinthenet>
Are you networking the containers across regions? If so, are you doing that with virtual routers or handling it through the container networking piece?
<{^_^}>
[nixos-org-configurations] @zimbatm pushed 2 commits to master: https://git.io/fpNTm
<simpson>
All cross-region stuff is at the level of services. They talk using the same protocol as some on-prem machines.
<{^_^}>
[nixos-org-configurations] @grahamc pushed to master Β« Add 2 more aarch64 nodes, update macOS IPs, improve prometheus monitoring Β»: https://git.io/fpNTa
<ghostinthenet>
Yeah, someone needs to add that exchange to bash.org. :)
<hodapp>
nahhhh
<rardiol>
i was just drag-scrolling, then i drag and dropped instead, then instead of pressing backspace I pressed enter, come on, it's not that absurd
<ghostinthenet>
rardiol: I was referring to the content, not the error. Your accidental drag/drop captured the humour of the exchange perfectly.
cyounkins has joined #nixos
b has joined #nixos
<simpson>
-site tunnels!
ixxie has quit [Ping timeout: 240 seconds]
<{^_^}>
[nix] @shlevy merged pull request #2584 β tests/fetchurl: fix after changing default hash from 512 to 256 β https://git.io/fpbHe
<Laalf>
can i use Persistent=true in system.autoupgrade or gc?
<Baughn>
Laalf: What do you mean?
<Baughn>
gchristensen: I'll stick to my own computers. :)
<Laalf>
Baughn: i use nixos on a laptop. when its sleeping at 4:40 (or whenever i specified) i dont think it runs the upgrade/gc at all
acarrico has joined #nixos
<Baughn>
But I *am* considering some major rebuilds for testing purposes. Do you know if anyone has tried marking most of the packages as using the X32 architecture?
Gohla has quit [Quit: Bye.]
<{^_^}>
[nixos-org-configurations] @zimbatm pushed to master Β« terraform: import the nixpkgs-tarballs bucket Β»: https://git.io/fpNkT
<Baughn>
Laalf: Ah. Ok, it's probably a systemd timer so... Let me have a look. That sounds like something that should be solved generally, not just for you.
<Laalf>
you can use Persistent=true in the timer section of the timer to do that
<Laalf>
Baughn: thank you
Gohla has joined #nixos
lucus16 has joined #nixos
<{^_^}>
[nixos-org-configurations] @grahamc closed pull request #40 β Automate deploying updates to the macs β https://git.io/vxC3y
cyounkins has quit [Remote host closed the connection]
<rhalff>
anyone here has managed to set up a working react-native development environment on nixos?
freeman42x[nix] has joined #nixos
acarrico has quit [Ping timeout: 250 seconds]
<{^_^}>
[nixpkgs] @veprbl pushed to master Β« motion: add veprbl to meta.maintainers Β»: https://git.io/fpNkA
ghostinthenet has quit [Quit: ghostinthenet]
Dedalo has joined #nixos
civodul has joined #nixos
Dedalo has quit [Client Quit]
Gohla has quit [Quit: Bye.]
Gohla has joined #nixos
ThatDocsLady_ has quit [Remote host closed the connection]
ThatDocsLady_ has joined #nixos
odi has joined #nixos
chimay has quit [Ping timeout: 244 seconds]
odi has left #nixos [#nixos]
chimay has joined #nixos
grumble is now known as \x01VERSION\x01
Dedalo has joined #nixos
jomik has joined #nixos
philippD has joined #nixos
avn has quit [Remote host closed the connection]
endformationage has joined #nixos
rawreraw has joined #nixos
rawreraw has quit [Client Quit]
rawreraw has joined #nixos
<jomik>
Hey guys - I figured I may as well open a PR with the dwm-git package I made. What is the standard when providing a git version of a package already in the repo? Current package is from 2015 :P
peterzky has joined #nixos
ixxie has joined #nixos
Ariakenom has joined #nixos
revtintin has quit [Quit: WeeChat 1.9.1]
<ToxicFrog>
Oh wow, nixOS's munin package is like 3000 commits behind.
<ToxicFrog>
I should update it before working on this next patch series, since it involves modifying munin itself.
<gchristensen>
oh dear, munin
<eyJhb>
Where can I see what packages I can download from the NixOS build servers? Currently NixOS want to rebuild Virtualbox EACH TIME....
<gchristensen>
did you set virtualisation.virtualbox.host.enableExtensionPack ?
<ToxicFrog>
gchristensen: I mean, it turns out that 3k commits is like...half a year and a dozen point releases
<ToxicFrog>
So it's not as bad as it sounds
<eyJhb>
gchristensen: I might have
<gchristensen>
eyJhb: that is unfree, we can't build / distribute it
<eyJhb>
But shouldn't that just be the extension pack, that it installs AFTER VirtualBox has been setup?
<eyJhb>
So... If I disable the extensionpack, then I don't need to rebuild?
<eyJhb>
And why not just do the nix-prefetch etc. ?
georgyo has joined #nixos
rawreraw has quit [Quit: WeeChat 2.3]
<gchristensen>
I don't understand that last question
<eyJhb>
The extension pack is what causes the rebuild, correct?
<gchristensen>
right
<eyJhb>
But the extensionpack can be downloaded from Oracles website?
<gchristensen>
right
<eyJhb>
So instead of having to wait (going into the third hour now I think), a option to use nix-prefetch-url to download the package yourself, would be nice. Instead of recompiling everything
<gchristensen>
you will have to recompile virtualbox anyway
<eyJhb>
For the extpack to work?
ThatDocsLady_ has quit [Remote host closed the connection]
<gchristensen>
right
ThatDocsLady_ has joined #nixos
<eyJhb>
I might be asking a stupid question, but why? - E.g. on Ubuntu you just install Virtualbox x.x.x, then if you want the extpack, you can simply do `vboxmange extpack install xxx`
<eyJhb>
gchristensen: would be nice, if it could be split into two seperate packages to avoid this
<gchristensen>
right
<gchristensen>
maybe something you could experiment with :)
<eyJhb>
gchristensen: if I get the time! But... Properly not ... exams soon
<gchristensen>
I hear that
<eyJhb>
gchristensen: any good exams?
<gchristensen>
I don't have exams
<gchristensen>
but also quite busy
<eyJhb>
Switch places with me please ;) :p
<gchristensen>
I wish
<eyJhb>
I do not fancy my.. "Engineering mathematics for electronical engineers" exma.
<jomik>
Is it correct that nix.useSandbox is set to true on default? So if I can build my package with nix-env -I and such, then I am using sandboxing, and wont lie when I tick that box in my PR?
<gchristensen>
jomik: check with `nixos-option nix.useSandbox`
<symphorien>
you can use nix show-config to check
<gchristensen>
also that^ !
<jomik>
Oooh, new commands! :D nixos-option shows that default is true and value is true.
<jomik>
nix show-config doesn't list it though.
<symphorien>
it is only called "sandbox" there
<jomik>
Oh, my bad.
<djahandarie>
Is there any approach to installing nix on remote machines using nix itself?
<jomik>
Yeah, I just grepped sandbox :D
sbdchd has quit [Remote host closed the connection]
sbdchd has joined #nixos
<djahandarie>
(Remote Ubuntu box. I want something automated, not this random doc of how to do a multi-user install by compiling stuff on the remote box by hand...)
alex`` has quit [Read error: Connection reset by peer]
<jomik>
And how do I test build a package that I have in my local checkout? I have the actual package imported in my configuration.nix.
<djahandarie>
gchristensen, oh wow, the installer supports multi-user now? How long has that been...
<gchristensen>
9mo or so
<symphorien>
jomik: nix-build /local/checkout -A name
<jomik>
symphorien: Thanks :)
<jomik>
Okay, so my nixpkgs package builds. I can't test home-manager modules this way though?
alex`` has joined #nixos
<symphorien>
for nixos modules the easy way is nixos-rebuild -I nixpkgs=/local/checkout test, but beware it will update your whole system to unstable
<symphorien>
this is temporary and is unlikely to break things but still
<symphorien>
for home manager I don't know for sure but a similar approach is probably possible
<jomik>
symphorien: Appreciate it. I think my goto for home-manager in this case is just to build and inspect the result ...
peterzky has quit [Quit: peterzky]
peterzky has joined #nixos
<dermetfan>
I'm running the Barracuda VPN client in buildFHSUserEnv, but it fails to ioctl() /dev/net/tun, even as root. Any pointer how that could happen?
doyougnu has joined #nixos
<dermetfan>
(permission denied)
justanotheruser has quit [Quit: WeeChat 2.2]
hotfuzz_ has joined #nixos
justanotheruser has joined #nixos
peterzky has quit [Remote host closed the connection]
peterzky_ has joined #nixos
jomik has quit [Quit: WeeChat 2.2]
peterzky_ has quit [Client Quit]
hotfuzz has quit [Ping timeout: 272 seconds]
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #52251 β treewide: Use "buildPackages" darwin for bootstrap_cmds β https://git.io/fpNqL
<djahandarie>
Hmm, I used the --daemon mode on the installer to do a multi-user install on a remote machine, and I'm now trying to use it as a buildMachine, but I get this error: cannot build on 'ssh://XXXX': cannot connect to 'XXXX': bash: nix-store: command not found
<{^_^}>
[nixpkgs] @Ericson2314 opened pull request #52252 β treewide: Use "buildPackages" darwin for bootstrap_cmd for 18.09 β https://git.io/fpNqt
<djahandarie>
Yet, manually sshing to the relevant user with the relevant key does result in a usable nix-store in PATH
doyougnu has quit [Quit: WeeChat 2.2]
<djahandarie>
Is the way the install script sets up the PATH bash-only or something? (With the build stuff using a different shell, maybe? Just guessing...)
rhalff has quit [Remote host closed the connection]
<djahandarie>
Wait, no, it's clearly using bash in the error message... maybe this is a profile-vs-bashrc type issue
<{^_^}>
[nixpkgs] @veprbl opened pull request #52253 β root5: fix build on linux β https://git.io/fpNqC
<timokau[m]>
Is it somehow possible to determine if a build failed in the past? I see that nix used to have "failed build caching", but that was removed.
<symphorien>
nix log foo.drv and see if there is a log ?
<{^_^}>
[nixpkgs] @rycee pushed commit from @r-ryantm to master Β« josm: 14382 -> 14460 Β»: https://git.io/fpNqB
<timokau[m]>
Thats a good approximation, but it won't detect dependency failures right?
Dedalo has quit [Quit: My MacBook has gone to sleep. ZZZzzzβ¦]
<djahandarie>
So yeah, looks like the installer modifies /etc/profile.d/nix.sh, which gets called by /etc/profile, which is not invoked for noninteractive shells, which is what the distributed building stuff uses.
<djahandarie>
(On Ubuntu, that is.)
<gchristensen>
ah, yes, that is a trouble :/
<djahandarie>
Do you know the correct repo to file issues about install.sh?
<gchristensen>
nixos/nix and if you can send a patch, even better
<djahandarie>
Sure. I guess install-multi-user.sh is the relevant file?
<djahandarie>
In fact, maybe this is easily fixable by adding /etc/bash.bashrc to the PROFILE_TARGETS list
<gchristensen>
yeah
<gchristensen>
might be!
<{^_^}>
[nixpkgs] @matthewbauer opened pull request #52254 β fix lldb on macOS β https://git.io/fpNmU
<djahandarie>
Nope! Because although ubuntu does execute /etc/bash.bashrc on non-interactive shells, it has a check at the very top of it to do nothing on non-interactive shells...
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to master: https://git.io/fpNOT
<eyJhb>
Might try again, is there any `process` to go through to get a package update backported?
ixxie has joined #nixos
<symphorien>
make a PR against the release branch ?
<eyJhb>
symphorien: is that the standard procedure?
<gchristensen>
what do you wantto backport
<eyJhb>
The displaylink update I did , that also fixes hanging at boot
xy2_ has joined #nixos
ghostinthenet has joined #nixos
__monty__ has joined #nixos
<jhillyerd>
in my case, I did an update to golint that fixes some bugs, but go itself has had a couple security fixes. master is on 1.11.2, but someone has a PR out for 1.11.4.
<jhillyerd>
18.09 is on 1.11(.0)
zolk3ri has left #nixos [#nixos]
<eyJhb>
btw. gchristensen can you trigger a build again for #52112 ?
<eyJhb>
gchristensen: the hash inputtet is the one I got when I build it
<eyJhb>
99,9% sure
<gchristensen>
try my suggestion, just to make sure? :)
<eyJhb>
Of course, already doing it
<eyJhb>
gchristensen: `fixed-output derivation produced path '/nix/store/8cj79ralj5dgzmn7xfxmciigiz9jzzjd-source' with sha256 hash '0flpl97d2231gp51n3y4qvf3y1l8xzafi1sgpwc305vwc2h4dl2x' instead of the expected hash '0flpl97d2231gp51n3y4qvf3y1l8xzafi1sgpwc305vwc2fdsfsf'`
<gchristensen>
cool
<eyJhb>
What hash would you expect to see; because to mee it also seemed off
<Izorkin>
How to need to merge PR 51902 52012 52032 and 52098
orivej has quit [Ping timeout: 240 seconds]
<{^_^}>
[hydra] @kquick opened pull request #624 β Add job status headers (web useability for red/green colorblindness). β https://git.io/fpNON
<samueldr>
I'm a bit confused by the nix http store implementation, with regards to PUT
<gchristensen>
ok
<samueldr>
I made an HTTP server listen to PUT events at /some-location/, but do nothing with the input; the first `nix copy` sends data... then all the following ones do not, as if it cached the fact that it uploaded to it
<samueldr>
(/dev/null store as a service)
<gchristensen>
I think it does cache
<samueldr>
I was kinda expecting it to check whether the path was in the store before uploading; considering I 404 every GET I was expecting an easy way to debug things
<samueldr>
I know it caches downloads like tarballs in ~/.cache/nix
<samueldr>
ah, so apparently .cache/nix/binary-cache-v5.sqlite is where it's saved
phreedom has quit [Quit: No Ping reply in 180 seconds.]
phreedom has joined #nixos
sbdchd has quit [Remote host closed the connection]
rawreraw has joined #nixos
rawreraw has quit [Client Quit]
rfold has joined #nixos
chimay has quit [Read error: Connection reset by peer]
mmlb has quit [Ping timeout: 246 seconds]
__monty__ has quit [Quit: leaving]
Thra11 has joined #nixos
<fyuuri>
hi
<fyuuri>
I just realized that I there is a "channels" profile for my user and for root. What it is for? It seems to cause a collision when updating
elgoosy has joined #nixos
dermetfan has quit [Ping timeout: 246 seconds]
<fyuuri>
Just so that I understand correctly: The system profile is the one altered when installing things via nixos-rebuild. The "profile" in my home folder is the default one for a user. And the "default" one is the default for root?
<clever>
fyuuri: default is just nix-env from root
<clever>
and default is also in everybody else's PATH
<clever>
and nix-env -iA foo.bar will use ~/.nix-defexpr/ to find foo
<clever>
which (by default) goes into the channels profile
<fyuuri>
thx!
<fyuuri>
And what does go into the "profile" profile?
<clever>
nix-env will use <nix/buildenv.nix> to merge all packages in ~/.nix-profile/manifest.nix into a single derivation
<fyuuri>
And how can something go into the "default" profile? And can multiple profiles be loaded at the same time (Because the system profile is loaded as well)?
<clever>
and when you use nix-env -i/-e/-u, it will mutate a copy of that manifest.nix, and then build a new version of the profile based on it
<clever>
nix-env as root, controls the default profile
<fyuuri>
ok! thx!!
<clever>
and its just a matter of having all 3 in $PATH, echo $PATH to see that
<fyuuri>
And what takes precedence?
<clever>
the first one in PATH
<clever>
`which --all foo` will show if duplicates do exist
<{^_^}>
[nixpkgs] @obadz pushed commit from @dtzWill to release-18.09 Β« sqlite: 3.25.3 -> 3.26.0 Β»: https://git.io/fpNZJ
<fyuuri>
But somehow the "channel" and "profile" profile cause problems. When I execute "nix-env -u '*'" It says "name collision in input Nix expressions"
<clever>
ls -l ~/.nix-defexpr/*/*
<clever>
fyuuri: can you pastebin the output of this?
<{^_^}>
nix#2033 (by grahamc, 36 weeks ago, open): Default Nix installations don't include user channels in NIX_PATH, causing inconsistent tool behavior
shachaf has quit [Ping timeout: 272 seconds]
<gchristensen>
ah
<gchristensen>
now nixos matches the new desired behavior, so I think it is fixable in nix
<timokau[m]>
Would be great to fix that, I was pretty confused why home-manager complained about unstable not being available
cyounkins has quit [Ping timeout: 250 seconds]
acarrico has joined #nixos
<rycee>
Ah, didn't see that issue.
<rycee>
It would be nice to have this working out of the box for non-NixOS, where I do get $HOME/.nix-defexpr/channels in my NIX_PATH.
<rycee>
(although the $HOME/.nix-defexpr/channels will only show up if the directory actually exists)
<rycee>
Would be nice to have it there even if the directory doesn't exist, although I don't know how the Nix tools handles that case.
hedning has quit [Quit: hedning]
mmlb has joined #nixos
<jomik>
rycee! Is there a neat and easy way to test if my module installs/works correctly with Home-Manager. Preferably a way to avoid modifying my home.nix :D
<rycee>
jomik: Hmm, in which way do you mean? I would typically include private modules using the `imports` option.
<rycee>
Examples, though not mandatory, are also much appreciated.
<jomik>
Ooooh. That list there. Yeah! I'll write them in :) Just some copy paste work. For that. I'll do examples.. :P
<jomik>
Awesome. Want to get the Emacs service going too.. :p
<rycee>
Generally speaking it might be good to make a simpler module where only the most commonly used options are given together with an `extraConfig` option that people can use when they have special needs.
<rycee>
That lowers the work required to get the module up-and-running and people with those special needs tend to create PRs with the options they need :-)
<jomik>
Oh........ Well, all the options from the config is there now! Or did you mean the emacs one?
thc202 has quit [Ping timeout: 250 seconds]
fusion809 has quit [Remote host closed the connection]
<rycee>
jomik: I meant it mostly as a general suggestion. Don't worry too much about making it complete, no need to spend time adding options that people rarely use.
fusion809 has joined #nixos
<rycee>
As long as there is an escape hatch using something like extraConfig for those cases.
<jomik>
Good point ! Well, I may clean it up a bit then. It is rather long with all these options... :P