gchristensen changed the topic of #nixos to: NixOS 18.09 released https://discourse.nixos.org/t/1076 || https://nixos.org || Latest NixOS: https://nixos.org/nixos/download.html || Latest Nix: https://nixos.org/nix/download.html || Logs: https://logs.nix.samueldr.com/nixos/ || #nixos-dev, #nix-darwin, #nixos-aarch64, #nixos-chat, #nixcon ... nixcon videos: https://tinyurl.com/nixcon2018
jujjj has quit [Client Quit]
<simpson> justanotheruser: How are you bringing it into scope? Are you passing a Python 3 builder in, or a Python 2 builder?
<{^_^}> [nixpkgs] @noneucat opened pull request #53819 → polar-bookshelf: 1.7.0 -> 1.8.0 → https://git.io/fhnYZ
<justanotheruser> I should give my exact definition, I'm actually not using this: https://paste.debian.net/plain/1059895
<justanotheruser> and in configuration.nix pyalsaaudio = import /etc/nixos/pyalsaaudio.nix {};
<simpson> Hm. That's an interesting problem.
<lopsided98> you're using fetchPypi from pythonPackages (python 2)
callahad has quit [Remote host closed the connection]
<justanotheruser> ohhh
callahad has joined #nixos
<{^_^}> [nixpkgs] @thoughtpolice merged pull request #53721 → icestorm: parallel builds, use pypy3 → https://git.io/fhZuN
<{^_^}> [nixpkgs] @thoughtpolice pushed 2 commits to master: https://git.io/fhnYW
<lopsided98> I'm not sure that's the problem though - did that fix it?
<h91wka_> Well, as an software designer I would argue with decision to mess with the upstream. lock files _are_ part of the code. they should be respected.
knupfer has quit [Ping timeout: 250 seconds]
<justanotheruser> lopsided98: using " src = python.pkgs.fetchPypi {", unfortunately it did not
<simpson> h91wka_: Presumably this is good advice for distros which follow LSB and FHS. NixOS isn't one of them though.
callahad28 has joined #nixos
<simpson> h91wka_: Adding to the problem is that you likely don't *actually* have the exact gripe that you've chosen, but something on a parallel path. Perhaps you were hoping to use rebar3 yourself, you have configuration for it or an existing project, and it doesn't Just Work on Nix.
callahad has quit [Ping timeout: 258 seconds]
<justanotheruser> lopsided98: you were able to import it with your derivation, correct?
<simpson> (As a language designer, I insist that languages should stop trying to have their own package managers. I've never used a language-specific package manager in happiness.)
<gchristensen> h91wka_: you can get rebar without that patch of course
<lopsided98> Yes, I just tested my derivation (not your modified one) in nix-shell
<gchristensen> h91wka_: install rebar3-open instead of rebar3
<simpson> gchristensen: TIL. I'll remember that, thanks.
<lopsided98> justanotheruser: If you want to try using my derivation directly, you can try "pyalsaaudio = pkgs.python3.pkgs.callPackage /etc/nixos/pyalsaaudio.nix {};"
<simpson> ...Oh, if only I had simply read the manual: https://nixos.org/nixpkgs/manual/#build-tools-rebar3
<lopsided98> justanotheruser: Are you importing the correct package ("alsaaudio" not "pyalsaaudio")?
<justanotheruser> I just did that to no avail
<h91wka_> So, what is the benefit of manually reimplementing the lock files via nix expressions?
<justanotheruser> I am running python3 -c "import alsasound"
<symphorien> maybe the patch could mention that casual users should use rebar3-open in the error message
<h91wka_> (Honest question, maybe I miss something)
<justanotheruser> environment.systemPackages = with pkgs; [ pyalsaaudio ]
<gchristensen> h91wka_: you won't be able to use rebar3 within a nix build, unless you have already fetched the dependencies beforehand
Dedalo has quit [Ping timeout: 250 seconds]
<gchristensen> but if you just want to use rebar3, its fine. but if you want to nix-build something, it won't work
dsiypl4_ has quit [Ping timeout: 252 seconds]
<simpson> h91wka_: The biggest benefit is that Erlang applications could be fully packaged with Nix and then used as dependencies in multi-language-laden systems.
<symphorien> h91wka_: I don't know about rebar, but the parallel in rust is that you have two options to build a rust package: either you use cargo to fetch dependencies and you have to rebuild every dependencies every time, or you convert cargo.lock in nix file and only rebuild the end package when you modify it.
<simpson> Since Nix doesn't tilt towards any particular language, this ends up being symmetrically disrespectful towards all of the various package managers.
<symphorien> the second option is of course better, but implies letting nix manage dependencies
<lopsided98> justanotheruser: I'm pretty sure Python libraries don't work in systemPackages
<symphorien> justanotheruser: install [ (python.withPackages(ps: [ pyalsaaudio ]) ]
<justanotheruser> hmm, I have python36Packages.jedi in systemPackages. I must have to put it in python36Packages then import it from there?
sanscoeu_ has joined #nixos
<lopsided98> "alsasound" is not found for me, are you sure that is the right package?
<justanotheruser> sorry, I meant alsaaudio, and it has the same result
<h91wka_> Well, yes. The build environment is sandboxed so network indeed doesn't work. But if nix had a little more hope in the language-specific package menagers, what could go wrong? It's fetches same tarballs with same hashes after all
<lopsided98> Can you get it to work in nix-shell?
<lopsided98> justanotheruser: nix-shell -p 'python3Packages.callPackage /etc/nixos/pyalsaaudio.nix {}'
<gchristensen> h91wka_: it has no hope or expectations. it is an unbreakable rule.
sanscoeur has quit [Ping timeout: 245 seconds]
<justanotheruser> yep, works there
<h91wka_> Ok, thanks everyone. I've learned enough, I guess.
h91wka_ has left #nixos ["ERC (IRC client for Emacs 26.1)"]
uaquhuliuh has quit [Quit: Leaving.]
Sigma has quit [Quit: ZNC - http://znc.in]
sanscoeu_ has quit [Ping timeout: 258 seconds]
<justanotheruser> lopsided98: sorry, I'm not familiar with that syntax. You want "environment.systemPackages = with pkgs; [ (python.withPackages(ps: [ pyalsaaudio ]) ]"?
thc202 has quit [Ping timeout: 240 seconds]
<lopsided98> justanotheruser: Yes, I think that should work, except you are using Python 2 in that example
<justanotheruser> tysm! not only did you write the expression for me, but you helped debug my integration of it!
<justanotheruser> out of curiousity, did you need it for i3pystatus like I do?
<jasongrossman> lopsided98++
<{^_^}> lopsided98's karma got increased to 1
<justanotheruser> lopsided98++
<{^_^}> lopsided98's karma got increased to 2
eadwu has joined #nixos
<disasm> clever: something weird happened with my terminal and my screen went black when I ssh'd into my tmux session. Was trying to make it work
<lopsided98> justanotheruser: I'm not sure what you're asking about i3pystatus, and I've never used it. If a Python package is just a script (and will not be used as a library), it can go directly into systemPackages, otherwise it needs withPackages
<justanotheruser> that is the dependency I'm using it for (i3pystatus). I can take care of it, but that is where I was getting the import error :)
<disasm> interestingly a reboot into an older generation (I hadn't ran out of battery in a few months forcing me to reboot) and it works fine again.
justanotheruser has quit [Quit: WeeChat 2.2]
erictapen has joined #nixos
justanotheruser has joined #nixos
pie_ has joined #nixos
doyougnu has joined #nixos
<sphalerit> Any special things that might be worth doing for ext4 filesystems that will have nix stores on them? Something to get more inodes or something maybe?
<gchristensen> sure, extra inodes are good
<gchristensen> but otherwise no
kisonecat has joined #nixos
<gchristensen> anyone know what man page defines the format of /etc/NetworkManager/system-connections/«networkname» ?
steve-chavez has joined #nixos
<steve-chavez> Hello, when upgrading to nixos 18.03 or 18.09, from 17.09 nixos-rebuild switch --upgrade hangs
<steve-chavez> At evaluating file '/nix/store/kvvfzq4733g3anhrsmljaw88279whxal-nixos-18.03.133389.b551f89e256/nixos/pkgs/tools/X11/xkbvalidate/default.nix'
erictape1 has joined #nixos
<steve-chavez> How can I solve that?
<tilpner> gchristensen: nm-settings-keyfile
<gchristensen> tilpner: nice, thank you!
<steve-chavez> Is there a higher verbosity level so I can see what's happening? Doing `nixos-rebuild -v switch --upgrade` only shows "evaluating file..."
<{^_^}> [nixpkgs] @eadwu opened pull request #53821 → linux_rpi: allow modDirVersion override → https://git.io/fhnYy
erictapen has quit [Ping timeout: 272 seconds]
adamantium` has quit [Remote host closed the connection]
<tilpner> steve-chavez: Just put more -v's in: -vvvvv wors
<tilpner> *works
<tilpner> And strace, if that's not good enough
<{^_^}> [nixpkgs] @eadwu opened pull request #53822 → pythonPackages.httpretty: disable tests on aarch64 → https://git.io/fhnYS
ivegotasthma has quit [Ping timeout: 250 seconds]
<steve-chavez> tilpner: Thank you, now I get "download thread waiting for 10000 ms" several times
<ottidmes> steve-chavez: The Nix version of 17.09 cannot evaluate 18.03, try setting nix.package = pkgs.nix2; (not sure about that package name)
ivegotasthma has joined #nixos
<ottidmes> steve-chavez: nix-daemon --version is probably reporting 1.x for you right?
elibrokeit has quit [Ping timeout: 252 seconds]
<ottidmes> steve-chavez: apparantly it should be like this: nix.package = pkgs.nixStable2;
<steve-chavez> ottidmes: nix-daemon --version shows nix-daemon (Nix) 2.2
<ottidmes> hmm
valwal has joined #nixos
<ottidmes> wait, that cannot be right, I am even using a lower version
<steve-chavez> pkgs.nixStable works for me, pkgs.nixStable2 doesn't
<ottidmes> steve-chavez: is that after setting nix.package or before? the 2.2 version?
<steve-chavez> Actually not working because when doing `nixos-rebuild test` it hangs with "download thread waiting for 10000 ms" again..
<steve-chavez> I upgraded nix with `nix-env -iA unstable.nix`
<ottidmes> steve-chavez: ah... not sure if that is going to work, that is just changing your Nix binary as reported on your path, not what is being used by nix-daemon
<ottidmes> steve-chavez: you might need to run: systemctl restart nix-daemon even after changing the Nix package, I at least remember needing to do that at the time
<steve-chavez> systemctl stop nix-daemon.socket nix-daemon.service
<ottidmes> steve-chavez: this issue describes potential solutions to your issue https://github.com/NixOS/nixpkgs/issues/46387
<{^_^}> #46387 (by Infinisil, 17 weeks ago, open): Impossible to easily upgrade NixOS from <=17.09 to 18.09
<{^_^}> [nixpkgs] @eadwu opened pull request #53823 → vscode: 1.30.1 -> 1.30.2 → https://git.io/fhnY7
kisonecat has quit [Ping timeout: 250 seconds]
<ottidmes> steve-chavez: I believe you are now trying to update to a new version when doing the rebuild after changing nix.package, did you try keeping your old nixpkgs version like it was, and then changing your config nix.package setting so it at least rebuilds succesfully for that? otherwise I would go with nixos-install fix
ivegotasthma has quit [Ping timeout: 246 seconds]
<steve-chavez> Good idea, I'm going to go back to 17.09
ng0 has quit [Remote host closed the connection]
<steve-chavez> Also I keep getting "warning: unknown setting 'signed-binary-caches'" if that helps in something..
<justanotheruser> how can I set the extraLibs to get the i3pystatus derivation containing said extralibs? https://github.com/NixOS/nixpkgs-channels/blob/e686bd277196f33fccb685c4526333ebc50d1768/pkgs/applications/window-managers/i3/pystatus.nix
<{^_^}> [nixpkgs] @eadwu opened pull request #53824 → vscode backport: 1.30.1 -> 1.30.2 → https://git.io/fhnY5
<ottidmes> steve-chavez: that one I remember, you can safely ignore it
Lisanna has quit [Ping timeout: 240 seconds]
ng0 has joined #nixos
<ottidmes> steve-chavez: it is just your outdated nix.conf file that has an option that is no longer valid, but the defaults that replaced it are the same and so it is safe to ignore for now
<nh2> is it possible to nix-build a string (which is a path to a file in a derivation)?
ivegotasthma has joined #nixos
<steve-chavez> ottidmes: Oh.. I see. Now, I went back to 17.09, nixos-rebuild test works without `nix.package = pkgs.nixStable`, when I include it, it shows an error:
<ottidmes> nh2: you mean "which is a path to a file with a derivation" then yes
<steve-chavez> ottidmes: sorry, scratch that, no error
<nh2> ottidmes: no, I have e.g. `{ nodeModules = "${node2nixPackage}/lib/node_modules/mydir"; }` and want to have an equivalent to `nix-build -A nodeModules` that will build `node2nixPackage` and print the full path on stdout
<{^_^}> [nixpkgs] @veprbl opened pull request #53825 → root, root5: fix on darwin → https://git.io/fhnYN
h91wka__ has joined #nixos
chessai has quit [Ping timeout: 258 seconds]
luigy has left #nixos [#nixos]
<justanotheruser> ok figured it out "i3pystatus = pkgs.i3pystatus.override { extraLibs = [pyalsaaudio]; };"
<steve-chavez> ottidmes: Thanks a lot! My main issue was that I couldn't use the unstable channel anymore, but after `nix.package = pkgs.nixStable2;` I can. I'm going to stay in 17.09 for now. Thanks again.
<ottidmes> nh2: I can only think of this right now: nix-build-expr() { nix-build --no-out-link --expr "$1" && nix-instantiate --eval --expr "$@"; }; nix-build-expr 'with import <nixpkgs> { }; { hello = "${hello}/bin/hello"; }' --attr hello
<h91wka__> Oh, Erlang question. I just noticed that nix-packaged erlang libraries are scattered across /nix/store in a common for nix os way. However, Erlang has a unique live upgrade feature which allows to patch bytecode without stopping the VM. Without going deep into the VM primitives, this feature is handled by something that is called the OTP release [1]. OTP releases mandate a certain directory structure for all beam files. How does NixOS
<h91wka__> work around this?
<ottidmes> steve-chavez: I cannot recommend staying on 17.09, security and all that, but you probably have your reasons, I am happy you have managed to get it working again!
<gchristensen> h91wka__: it is common to merge many builds in to a single directory structure, as needed
<{^_^}> [nixpkgs] @delroth opened pull request #53826 → nixos: allow customizing the kernel RANDSTRUCT seed → https://git.io/fhnOk
rprije has joined #nixos
alp has left #nixos ["Leaving"]
alp has joined #nixos
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhnOt
steve-chavez has quit [Quit: Page closed]
<gchristensen> anyone done anything with secureboot + nixos?
jluttine has quit [Ping timeout: 250 seconds]
simukis has quit [Quit: simukis]
<samueldr> but maybe not integrated and manual
q6AA4FD has quit [Quit: ZNC 1.7.1 - https://znc.in]
<h91wka__> Is there a success story of Erlang live updates using these merged builds? The only candidate I could find is ejabberd, and it has no upgrade paths.
<gchristensen> h91wka__: I suspect not a lot of people have put effort in to the seamless deploys Erlang supports on NixOS
<gchristensen> samueldr: oh!
<gchristensen> samueldr: I'll be pinging a\ndi- in the morning I guess =)
<samueldr> it's possible the user in the line before in the chat also did something, I seem to remember, but not sure
cyounkins has joined #nixos
griff_ has joined #nixos
jluttine has joined #nixos
<nh2> ottidmes: I found that `nix eval` can do it
<nh2> (with `--raw` so that it doesn't print the quotes)
pie_ has quit [Ping timeout: 258 seconds]
<{^_^}> [nixpkgs] @veprbl merged pull request #53825 → root, root5: fix on darwin → https://git.io/fhnYN
<{^_^}> [nixpkgs] @veprbl pushed 2 commits to master: https://git.io/fhnO0
worldofpeace has joined #nixos
drakonis has joined #nixos
ivegotasthma has quit [Ping timeout: 272 seconds]
<h91wka__> Well, I would be interested in implementing something like this, because I think there's a lot of potential in NixOS, but the current state of the Erlang packaging, though... Let me go back to the package management a little bit. So there is a git `fetchurl' function, curl `fetchurl' and so on. rebar3 has a `get-deps' command that simply downloads the deps from the lock file. From any point of view it's the same as downloading a
<h91wka__> tarball. Will it be idiomatic to implement `rebar3 get-deps' extension to fetchurl?
<ottidmes> nh2: ow? so `nix eval` also can deal with things like IFD, i.e. build things necessary to evaluate the expressions?
ivegotasthma has joined #nixos
freeman42y has joined #nixos
justanotheruser has quit [Read error: Connection reset by peer]
georges_ has quit [Ping timeout: 244 seconds]
<nh2> ottidmes: hmm, looks like it cannot: `nix eval '("${(import <nixpkgs> {}).pandoc}/bin")'` prints out the path but doesn't build pandoc :/
doyougnu has quit [Quit: WeeChat 2.2]
q6AA4FD has joined #nixos
<ottidmes> nh2: I cannot get it to work either, but what I suggested still works, just export it to json and add jq --raw-output and you get the same as nix eval --raw
<ottidmes> nh2: nix-build-expr() { nix-build --no-out-link --expr "$1" && nix-instantiate --eval --expr "$@"; }; nix-build-expr 'with import <nixpkgs> { }; { hello = "${hello}/bin/hello"; }' --attr hello --json | jq --raw-output .
georges has joined #nixos
<nh2> ottidmes: I will do it the way you proposed, but using `nix eval --raw` instead of the `nix-instantiate` to save the jq; that should also do, right?
<gchristensen> what is the point of secureboot if you can turn it off? ...hmm
<nh2> gchristensen: that software cannot turn it off, only you yourself in the bios
<ottidmes> nh2: I tried, but then you run into issues with nix-build only accepting derivations or lists/attrsets, so you cannot do like: nix eval --raw '(...).hello', because that would return a string which nix-build cannot deal with. It should be possible, but that would complicate the shell function a lot, probably ending up slowing it down in the process :P
ris has quit [Ping timeout: 260 seconds]
<gchristensen> nh2: ah, so a physical attack
<nh2> you mean "a physical attack is not what it protects against"? yes
<gchristensen> right
<nh2> yes, it's for protecting against user-installed malware corrupting your kernel or similar
<clever> ottidmes: ive found that very anoying, because i cant GC root the result of builtins.fetchTarball
<clever> ottidmes: i have to create a useless derivation, that just symlinks $out
h91wka__ has left #nixos ["ERC (IRC client for Emacs 26.1)"]
<ottidmes> clever: I should probably do something simliar, some things have to be rebuild every time I GC, but they are not like builtins.fetch*, so it is not that bad
gagbo has quit [Ping timeout: 260 seconds]
iqubic has quit [Ping timeout: 268 seconds]
shibboleth has quit [Ping timeout: 256 seconds]
Ariakenom_ has quit [Quit: Leaving]
init_6 has joined #nixos
erictape1 has quit [Ping timeout: 244 seconds]
ng0_ has joined #nixos
mcnesium has quit [Ping timeout: 250 seconds]
ng0 has quit [Ping timeout: 256 seconds]
Supersonic has quit [Ping timeout: 252 seconds]
Supersonic has joined #nixos
<gchristensen> ,tofu
<{^_^}> To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected.
shpx has joined #nixos
goibhniu has quit [Ping timeout: 268 seconds]
mkoenig_ has joined #nixos
mkoenig has quit [Ping timeout: 246 seconds]
alex`` has quit [Quit: WeeChat 2.3]
Mateon3 has joined #nixos
Mateon1 has quit [Ping timeout: 268 seconds]
Mateon3 is now known as Mateon1
dcol has quit [Remote host closed the connection]
mkoenig has joined #nixos
jtojnar has quit [Ping timeout: 246 seconds]
<ottidmes> gchristensen: I have: tofu() { python -c 'print "0" * 52'; }
<gchristensen> nice
mkoenig_ has quit [Ping timeout: 272 seconds]
elibrokeit has joined #nixos
philippD has quit [Quit: http://www.kiwiirc.com/ - A hand crafted IRC client]
jtojnar has joined #nixos
o1lo01ol1o has joined #nixos
kisonecat has joined #nixos
luigy has joined #nixos
o1lo01ol1o has quit [Ping timeout: 258 seconds]
drakonis has quit [Read error: Connection reset by peer]
fusion809 has joined #nixos
<wedens> `(defun tofu () (interactive) (insert (format "\"%s\"" (make-string 52 ?0))))` :)
<ottidmes> awk 'BEGIN { while (i++ < 52) printf "0"; print }', or printf '%.s0' {1..52}; echo, are a few other shell variants, but I like the python variant the most
freeman42y has quit [Quit: Leaving]
kisonecat has quit [Quit: leaving]
kisonecat has joined #nixos
<ottidmes> wedens: is that common lisp? a lisp for sure, but I am not quite sure which one, I only programmed in Clojure, and toyed a bit with a simple Scheme implementation
<samueldr> printf "%052d"
<Ralith> ottidmes: looks like elisp to me
<Ralith> the idea being you put it in your editor, and don't have to muck around with copypaste
<ottidmes> samueldr: nice, I would make it: printf '%052d\n', but that one is much nicer than the {1..52} thing
<ottidmes> Ralith: knowing myself I would on the other hand be mucking around with the editor instead :P so maybe it is for the best that I do not Emacs
<{^_^}> [nixpkgs] @samueldr opened pull request #53827 → tests: Logs timing in tests → https://git.io/fhnOx
<gchristensen> hrm. I sbsigned /boot/EFI/BOOT/BOOTX64.EFI and loaded my keys. I wonder why it doesn't work.
lassulus_ has joined #nixos
freeman42x has quit [Ping timeout: 252 seconds]
<{^_^}> [nixpkgs] @samueldr opened pull request #53828 → tests: Wait for shell for twice as long (10m) → https://git.io/fhnOh
lassulus has quit [Ping timeout: 246 seconds]
lassulus_ is now known as lassulus
griff_ has quit [Quit: griff_]
eadwu has quit [Ping timeout: 250 seconds]
<gchristensen> [grahamc@Morbo:~]$ bootctl status | grep Secure
<gchristensen> Secure Boot: enabled
<samueldr> all parts in the chain are verifying the signature of the next?
<samueldr> (or at least until decryption)
<ottidmes> ,declarative fusion809
<{^_^}> fusion809: There are multiple ways of managing declarative profiles. 1) Attrset, compatible with imperative use of nix-env https://git.io/fAQHW ; 2) buildEnv, providing more control over the paths that are linked into the profile https://git.io/fp0aU ; 3) home-manager, providing nixos-like config for your ~ https://github.com/rycee/home-manager
ilya-fedin has joined #nixos
<gchristensen> samueldr: I have custom keys loaded in to the bios, a signed /boot/EFI/BOOT/BOOTX64.EFI, /boot/EFI/systemd/systemd-bootx64.efi, and bzImage. how'd I do?
<ilya-fedin> Well, since the kittens woke me up ...
<samueldr> gchristensen: not sure since I have no experience with that, but I guess that if you had to sign all those bits it sounds alright
<ilya-fedin> And dropped a flower in a pot
<samueldr> maybe the initrd can still be modified?
<gchristensen> samueldr: me either... maybe it can
<Church-> Sup folks
<Church-> What's going on?
<samueldr> ilya-fedin: how kind kittens, dropping a flower into a pot :)
<ilya-fedin> This time zfs compiled after the kernel. But after a reboot, now the errors that the main modules were not found (sd_mod, ahci ...)
<ilya-fedin> samueldr: They are playing. It seems, moreover, one of them also vomited while I was sleeping ...
marusich has joined #nixos
<Church-> ilya-fedin: I have a cat as a hat
<Church-> Little bugger is nice and warm
slack1256 has joined #nixos
<ilya-fedin> So, the output of nixos-rebuild is not accidentally stored in journalctl? I want to review the output and look for errors. It seems there were errors that the modules were not found, but I did not look hard.
<samueldr> gchristensen: but that's kinda doing it the other way around, only signing an efi program :/
<gchristensen> samueldr: that is all secureboot verifies
<samueldr> exactly
<ilya-fedin> Cruch-: :D
<samueldr> AFAIUI grub handles the bzImage, right gchristensen?
<samueldr> or uh, systemd-boot for you
<gchristensen> samueldr: yeah, though I'm using systemd-boot. I'm reading elsewhere some people use a gpg signature on the initrd, verified in the stage1
<samueldr> eek
<gchristensen> yeah. even worse :P
<samueldr> couldn't they modify the stage-1?
<gchristensen> maybe I misunderstood
<samueldr> because as far as secure boot is concerned, I could very well make a minimal .EFI program that loads anything insecurely and sign it :/ the secure boot flag would still be up
<gchristensen> of course
<gchristensen> is the bentley strategy flawed? seems fine, no? the .efi program is signed and contains the initrd and kernel
<ilya-fedin> Interestingly, in `journalctl -b 1 -e` the last lines end on January 8th. Where have 3 days gone?
<gchristensen> -b1 means the previous boot
<ilya-fedin> Yes
<ilya-fedin> I need log of previous boot
<samueldr> gchristensen: not flawed, AFAIK, but it probably means you need to boot the kernel program itself, so no systemd-boot, no grub, no generations menu?
<gchristensen> oh, ack
<gchristensen> at any rate, it is past my bed time
<samueldr> I mean, that's the main downside imho of nixos: can't boot the kernel directly :)
<gchristensen> :D
<samueldr> (you can, but it's not the best idea)
<gchristensen> I can't wait for when I do a nixos-rebuild boot, reboot, and can't boot b/c I have secureboot on but not automated by nixos
<samueldr> lol
<gchristensen> ok, good night. I'll play some more tomorrow maybe.
endformationage has quit [Quit: WeeChat 2.3]
iqubic has joined #nixos
<ilya-fedin> Wow, how quiet...
<ilya-fedin> :D
<samueldr> maybe we should investigate in a bootloader-less config?
<samueldr> (with generations)
<samueldr> oh, systemd-boot checks those?
<gchristensen> yeah!
<samueldr> then no need for bootloader-less
<samueldr> though the uncompressed initrds are gonna cost ya
<gchristensen> yeah they will :|
<samueldr> since they will be paired with kernels, even if one of the two don't change, they'll both need to be catted and ruin your space
<gchristensen> yeah :(
<gchristensen> ok, now it is bed time for real.
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Ping timeout: 268 seconds]
hyperfekt has quit [Ping timeout: 256 seconds]
orivej has joined #nixos
mkoenig has quit [Quit: Lost terminal]
mkoenig has joined #nixos
ottidmes has quit [Ping timeout: 250 seconds]
<ilya-fedin> Let Poettering with his systemd and journald burn in hell
pbb has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
<elvishjerricco> samueldr: I thought there was a way to have grub check for gpg sigs on the grub config, the initrd, and the kernel? Presuming your grub config disallows modifying the boot params in the menu, wouldn't this be sufficient?
<samueldr> elvishjerricco: possibly, I though you would know :)
<samueldr> the only thing I know for sure is that once one stage doesn't check the next, all bets are off
<elvishjerricco> elvishjerricco: I've only heard tell; never actually looked into it.
<elvishjerricco> But yea I've heard grub can check all the things before loading the next stage
<samueldr> then it must have been an\di- I guess who had more in depth knowledge
pbb has joined #nixos
init_6 has quit [Ping timeout: 246 seconds]
counting1ort has joined #nixos
init_6 has joined #nixos
countingsort has quit [Ping timeout: 268 seconds]
kisonecat has quit [Ping timeout: 258 seconds]
cheshircat has joined #nixos
<cheshircat> hey, I'm having a weird issue to do with patches
<cheshircat> when I add a patch for st using st.override { patches = [ builtins.readFile "..."]; }, I get an error message when I build: /nix/store/phl3z5qk8s4xnf74824navw5d0lsfka5-stdenv-linux/setup: line 954: diff: No such file or directory
<cheshircat> I've tried manually patching and it works fine
xkapastel has quit [Quit: Connection closed for inactivity]
orivej has quit [Ping timeout: 268 seconds]
worldofpeace has quit [Quit: worldofpeace]
slack1256 has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Ping timeout: 258 seconds]
init_6 has quit [Ping timeout: 245 seconds]
<wedens> there is hardware.bluetooth.powerOnBoot option, but when it's set to false, bluetooth.service is still running. does it mean that bluetooth adapter is on?
mjdtdw has joined #nixos
hedning has joined #nixos
marcus_ has joined #nixos
marcus_ is now known as Guest60258
ddellacosta has quit [Remote host closed the connection]
Guest60258 has quit [Client Quit]
mjdtdw has quit [Ping timeout: 256 seconds]
fusion809 has quit [Remote host closed the connection]
init_6 has joined #nixos
Sigma has joined #nixos
<elvishjerricco> cheshircat: You don't want to use readFile. The patches field is supposed to be a list of patch *files* not a list of patch texts
<wedens> `bluetooth` command reports that bluetooth is on, when powerOnBoot = false
cyounkins has quit [Remote host closed the connection]
cyounkins has joined #nixos
palo1 has joined #nixos
cyounkins has quit [Remote host closed the connection]
cyounkins has joined #nixos
<{^_^}> [nixpkgs] @dotlambda pushed 2 commits to master: https://git.io/fhnsc
palo has quit [Ping timeout: 272 seconds]
palo1 is now known as palo
cyounkins has quit [Read error: No route to host]
cyounkin_ has joined #nixos
init_6 has quit [Ping timeout: 258 seconds]
ixxie has joined #nixos
griff_ has joined #nixos
jtojnar has quit [Ping timeout: 244 seconds]
orivej has joined #nixos
Lisanna has joined #nixos
Lisanna has quit [Ping timeout: 268 seconds]
<ixxie> when using mkDerivation to build a document ad-hoc, I don't need installPhase but want to output the built doc somehow; how do I do that?
<sphalerite> ixxie: put it in $out
<sphalerite> ixxie: you may also want to use runCommand instead of full mkDerivation for brevity's sake
<ixxie> sphalerite: right
<ixxie> just switched from runCommand to mkDerivation to have access to an unpackPhase since this document involves building a diagram
griff_ has quit [Quit: griff_]
<ixxie> by gchristiansen's recommendation
<{^_^}> [nixpkgs] @orivej-nixos pushed commit from @orivej to staging « libjpeg-turbo: specify djpeg rgb-islow-icc-cmp test dependencies »: https://git.io/fhnsD
Dedalo has joined #nixos
<sphalerite> ixxie: ah ok
marusich has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Ping timeout: 244 seconds]
fusion809 has joined #nixos
irdr has quit [Remote host closed the connection]
adamanti` has joined #nixos
fendor has joined #nixos
automagisk has joined #nixos
sigtrm has quit [Ping timeout: 250 seconds]
sigtrm has joined #nixos
agander has joined #nixos
<{^_^}> [nixpkgs] @vbgl pushed to master « ocamlPackages.resource-pooling: init at 0.5.2 »: https://git.io/fhnGT
<{^_^}> [nixpkgs] @vbgl merged pull request #53411 → ocamlPackages.resource-pooling: init at 0.5.2 → https://git.io/fhOi9
ixxie has quit [Ping timeout: 258 seconds]
<{^_^}> [nixpkgs] @worldofpeace merged pull request #53823 → vscode: 1.30.1 -> 1.30.2 → https://git.io/fhnY7
<{^_^}> [nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/fhnGt
Xiro` has left #nixos ["ERC (IRC client for Emacs 26.1)"]
iyzsong has joined #nixos
shpx has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
fenedor has joined #nixos
fendor has quit [Ping timeout: 244 seconds]
Diagon has joined #nixos
Diagon has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @vbgl opened pull request #53829 → sile: 0.9.4 -> 0.9.5 → https://git.io/fhnGW
orivej has quit [Ping timeout: 250 seconds]
xkapastel has joined #nixos
irdr has joined #nixos
<fusion809> Hi folks, I'm just wondering if there's a program I can use to automate the process of turning a Debian package into a nixpkg? I do not know the Nix language awfully well, and I have a Debian package that I'd love to be able to use on Nix.
<{^_^}> [nixpkgs] @jethrokuan opened pull request #53830 → pythonPackages.pyment: init at 0.3.3 → https://git.io/fhnG4
<symphorien> fusion809: is the package built from source ?
mcnesium has joined #nixos
<symphorien> if so, it is probable that you will have less trouble packaging it "normally" in nix than patching binaries
<fusion809> Nope, it's a proprietary application written in Java that is only distributed for Linux as a deb package and an rpm package.
<Yaniel> there is a bunch of packages on nixpkgs that just download a .deb and run dpkg-deb on it
<symphorien> if it is in java, unpack the .deb with dpkg -x and then extract the jar and wrap it with jre
<fusion809> Thanks folks for your help, it is much appreciated and I'll see if I can adapt that Nix file
<fusion809> Is that package really an appropriate example, as I do not see any reference to "java" or "jre" in it.
<Yaniel> it's an example of dealing with .deb packages
dckc has quit [Ping timeout: 246 seconds]
adamanti` has quit [Remote host closed the connection]
<Yaniel> or this
<fusion809> OK, thanks. I'll see if I can write a Nix file based on those.
mcnesium has quit [Ping timeout: 250 seconds]
alex`` has joined #nixos
o1lo01ol1o has joined #nixos
<{^_^}> [nixpkgs] @primeos merged pull request #53566 → gringo: Switch to the default SCons version → https://git.io/fhGni
<{^_^}> [nixpkgs] @primeos pushed 2 commits to master: https://git.io/fhnG6
<{^_^}> [nixpkgs] @primeos pushed to master « scons: Remove version 2.5.1 »: https://git.io/fhnGP
o1lo01ol1o has quit [Ping timeout: 268 seconds]
mcnesium has joined #nixos
simukis has joined #nixos
orivej has joined #nixos
dckc has joined #nixos
mcnesium has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @ThomasMader closed pull request #41042 → binutils: Apply patches from 2.30 branch → https://git.io/vhIof
griff_ has joined #nixos
<MichaelRaskin> h91wka_: re: Erlang support: I think running rebar in nix-shell (in case some native dependencies are needed) is a normal solution, that allows you to use Nix for the well-supported things and use language-native approaches for the Erlang tooling per se.
<{^_^}> [nixpkgs] @vcunat pushed 240 commits to staging-18.09: https://git.io/fhnGb
<MichaelRaskin> As for directory structure: how symlink-friendly is this approach? Normal Nix way of doing things is symlinking the scattered files into a proper layout, symlink to the result and atomically replace the symlink on upgrade
<MichaelRaskin> Ah oops
knupfer has joined #nixos
<{^_^}> [nixpkgs] @timokau opened pull request #53831 → python3.pkgs.tinycss: fix build → https://git.io/fhnGp
mcnesium has joined #nixos
thc202 has joined #nixos
hodapp has quit [Ping timeout: 252 seconds]
i1nfusion has quit [Remote host closed the connection]
i1nfusion has joined #nixos
<{^_^}> [nixpkgs] @vcunat pushed to staging-next « xorg xcursor-themes: fix build after #53127 »: https://git.io/fhnZJ
<{^_^}> [nixpkgs] @dotlambda merged pull request #53831 → python3.pkgs.tinycss: fix build → https://git.io/fhnGp
<{^_^}> [nixpkgs] @dotlambda pushed commit from @timokau to master « python3.pkgs.tinycss: fix build (#53831) »: https://git.io/fhnZk
<fusion809> Well, I'll be ...ed I actually managed to write a working nix file. I could have sworn I'd need more help than that.
<MichaelRaskin> Well, with Nix/Nixpkgs simple things are simple enough to be done by stumbling and imitating existing simple packages!
<MichaelRaskin> (complicated things are often too complicated, though)
<fusion809> Although, the desktop config files (in $out/share/applications) are oddly named ldkzs842xx0vkn52lhk8qwx9z8m29am2-MarvinView.desktop and zac6c2vkhyhp44dixg97ljprbp7gxq84-MarvinSketch.desktop, when they were just copied from files named MarvinView.desktop and MarvinSketch.desktop in the directory of the nix file.
<MichaelRaskin> Well, when things are copied into the store's top-level (and referencing out-of-store files does that), they follow the Nix store collision-avoiding convention of hash-name
<fusion809> OK, well I suppose they aren't appearing in my application menus, even though they are in ~/.nix-profile/share/applications (I installed my package with nix-env -f /path/to/nixpkgsfork -iA marvin).
<fusion809> I'm running KDE and I do not see 'em
<fusion809> I've tried restarting plasmashell with killall plasmahell ; plasmashell, yet it is still not in the menu.
Makaveli7 has joined #nixos
cyounkin_ has quit [Remote host closed the connection]
cyounkins has joined #nixos
cyounkins has quit [Ping timeout: 272 seconds]
<{^_^}> [nixpkgs] @timokau opened pull request #53833 → python.pkgs.pygal: fix build → https://git.io/fhnZW
griff_ has quit [Quit: griff_]
Phillemann has joined #nixos
<Phillemann> A friend of mine is trying Nix out (not NixOS) and is wondering which kernel flags he needs for certain packages (such as steam).
<Phillemann> I don't see any mention of that in the Nix manual.
<Phillemann> Am I missing something?
<MichaelRaskin> User namespaces, probably
shpx has joined #nixos
silver has joined #nixos
esmerelda has joined #nixos
fusion809 has quit [Quit: Leaving]
fusion809 has joined #nixos
<esmerelda> hey! what do y'all use for python packages that aren't in nixpkgs? I'm thinking about using pypi2nix for overlays, but not totally sure it's the best plan
<makefu> Phillemann: afair we do not (yet) have that kind of granularity. essentially kernel flags are set globally. however that also means that you do not need to enably certain flags by hand to get stuff working
<esmerelda> and what are the changes in python packaging that are alluded to in the pypi2nix readme?
orivej has quit [Ping timeout: 245 seconds]
fusion809 has quit [Remote host closed the connection]
fusion809 has joined #nixos
orivej has joined #nixos
gagbo has joined #nixos
adamantium has joined #nixos
<makefu> esmerelda: there are two things you can do, 1. manually package the python package with the upstream libraries available, 2. use pypi2nix
<esmerelda> unfortunately, the pip I'm trying to package (prospector) has many dependencies which themselves aren't upstream
Ariakenom has joined #nixos
<{^_^}> [nixpkgs] @vcunat pushed to staging-next « libnice: avoid one test for now »: https://git.io/fhnZi
rprije has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @peti pushed 7 commits to haskell-updates: https://git.io/fhnZX
<makefu> then you will probably use pypi2nix
orivej has quit [Ping timeout: 250 seconds]
dahuoji[m] has joined #nixos
<MichaelRaskin> makefu: well, when Steam is mentioned, it is _extremely_ likely that the question is about non-root user creating namespaces. They are often not allowed for security surface reasons, and we do use them a lot…
<MichaelRaskin> Phillemann: what is the distribution in question?
<{^_^}> [nixpkgs] @vcunat pushed 179 commits to staging-next: https://git.io/fhnZd
<timokau[m]> MichaelRaskin: what are the security reasons to disallow them?
o1lo01ol1o has joined #nixos
<MichaelRaskin> timokau: Well, if you allow user-created namespaces, a lot of code paths in the kernel that could previously (10 years ago) only be activated as root are now accessible to fake root in a namespace/container
<timokau[m]> Ah so "just" precaution/attack surface. Thanks
<MichaelRaskin> Well, both insufficient access checks and insufficient validation with logic or memory corruptions get found
<MichaelRaskin> These are treated as significant-impact bugs and patched quickly, but these are a non-negligible share of all Linux local escalation vulnerabilities
orivej has joined #nixos
<timokau[m]> Thats why the just was in quotes, I'm aware that its a good reason.
<timokau[m]> Although I'd hope that those aren't that common anymore, now that it has been around for a while
o1lo01ol1o has quit [Ping timeout: 268 seconds]
<timokau[m]> Also realizing all the ways I'd be screwed if some process had user-level permissions, I'm less concerned about privilege escalation on my personal machine
<MichaelRaskin> Well, Linux vulnerabilities — or data corruption risk bugs on popular hardware with mainstream options, if you buy Linus'es approach that security bugs are not that special — are rare, too!
<MichaelRaskin> So these are a significant share.
<fusion809> I have a PR I'm writing, but I need to add myself to the maintainers list, as otherwise the package this PR adds will have no maintainer. For the commit message should I mention I'm adding myself to the maintainers list, or just leave it, so as to ensure the commit message doesn't get too long?
<timokau[m]> fusion809: I'd just mention it in the longer commit description
<fusion809> Ah, OK, thanks!
estrom has joined #nixos
<timokau[m]> Or make a separate commit
dahuoji[m] is now known as ShenTsing[m]
<MichaelRaskin> Nobody cares much about commit message length beyon fthe first line, as long as information density is high enough
<MichaelRaskin> Multiple commits also make sense
<estrom> I'd like to save my nvidia-settings to the xorg.conf, but I cannot find one. How do I go about saving my nvidia-settings in nixos?
<ilya-fedin> How can I remove the latest generation and make one of the previous boot?
<MichaelRaskin> You did fix the hash-in-name issue with the desktop entry?
<MichaelRaskin> ilya-fedin: do you have immediate access to the computeR?
<ilya-fedin> Yes
<{^_^}> [nixpkgs] @peti merged pull request #53810 → ghc844: update hash for d8495549ba9d194815c2d0eaee6797fc7c00756a patch → https://git.io/fhnTp
<{^_^}> [nixpkgs] @peti pushed 2 commits to master: https://git.io/fhnZp
<MichaelRaskin> Then you can just select the previous configuration in GRUB on reboot
<{^_^}> [nixpkgs] @peti pushed 0 commits to yegortimoshenko-patch-1: https://git.io/fhnZh
<equivrel> Does anyone know if in Nixops it's possible to NOT generate an sshKeyPairs resource and instead just install users.extraUsers.root.openssh.authorizedKeys.keys normally? or does it depend on the backend? I would be much more comfortable not having a state file with unencrypted keys.
<MichaelRaskin> When booted into the previous one, you can go to /nix/var/nix/profiles and kill the symlink system-…-link of the wrong configuration
<symphorien> to make one generation the default, run /nix/var/nix/profiles/system...-link/bin/switch-to-configuration boot iirc
<MichaelRaskin> Hm, I think it is "system-…-link/bin/switch-to-configuration switch" (or boot) that will make sure the boot menu is updated
<ilya-fedin> It is I still tormented with the compilation of the kernel... It seems to have been broken because of a very large buildCores and I am trying to get Nix to recompile it again. I'm trying to somehow remove the last compiled kernel package for this.
<Phillemann> makefu: I'm not sure what you mean. I think it'd be nice if the manual said: If you want to run steam on a distribution that's not NixOS, you need the following kernel flags.
<Phillemann> MichaelRaskin: Gentoo
<MichaelRaskin> It is a bit more complicated, there are different ways different features can be disabled
<MichaelRaskin> (and steam is considered a hacky corner case)
<MichaelRaskin> Phillemann: but probably CONFIG_USER_NS is the first thing to check
<Phillemann> Okay
ferriswheel has quit [Ping timeout: 268 seconds]
<ekleog> is it me or is the acme module on release-18.09 broken? (18.09.1834.9d608a6f592)
<ekleog> I'm getting tracebacks when starting it manually, after having noticed my certificates expired, so it means it's been down for quite long :/
<tilpner> I usually get a traceback the first time I start it for a new subdomain
<tilpner> But then never again
<ekleog> hmm it's for already-existing domains :/
<ekleog> apparently my nginx is returning 404 not found
<tilpner> What does systemctl list-timers say for it?
<ekleog> (with, somehow, a 403 status)
<MichaelRaskin> timokau: I hope userns bugs and Firefox bugs have disjoint exploitation windows, because I use userns to isolate my Firefox instances (with single-use profiles)
<ekleog> it has them
<ekleog> (the error I'm quoting is when I `systemctl restart acme-foo.example.org.service` manually)
<estrom> Do I want to put my additional xorg configs in /etc/static/X11 and symlink, or in /etc/X11?
<tilpner> ekleog: Does it mention AttributeError: 'NoneType' object has no attribute 'wrapped' ?
<symphorien> estrom: you probably want to use the options services.xserver.deviceSection etc.: https://nixos.org/nixos/options.html#xserver+section
<ekleog> tilpner: yup, at the end of the steram of errors
<tilpner> ekleog: Did you recently fiddle with DNS?
<tilpner> (Check with dig, and online propagation testing tools)
<duairc> I don't know much about programming G* apps, I'm just trying to packages one. If it distributes gobject introspection files, should gobject-introspection go in buildInputs or nativeBuildInputs? Because I think they're generated in the build process, right?
<ekleog> not in the past month, maybe since last restart
<tilpner> If nginx was down for an unrelated reason, that would also fail validation
<ekleog> it's up right now
<ekleog> (when I do the `systemctl start`)
<timokau[m]> MichaelRaskin: I guess at least the firefox-sandbox escapes should be disjoint
<timokau[m]> Sandbox escapes are really the biggest issue imo
<tilpner> Right now is irrelevant. Was it up when you ran the acme-foo service?
<ekleog> it's up at the time I did systemctl start acme-foo.example.org.service
<ekleog> hmm nah it looks like foo.example.org points to the right address
<fusion809> The download URL for my package's source includes the package's version with the patch number removed (e.g. for version 19.1.0 of the package, 19.1 is the version of the package, with the patch number removed). Is there I way I can write this source URL, without having to manually update the 19.1, whenever a new version of the package is released? I've tried using the URL http://dl.chemaxon.com/marvin/${version}/marvin_linux_${
<fusion809> version%.?}.deb, but that returns errors like error: syntax error, unexpected $undefined, expecting '}', whenever I try to build the package.
<fusion809> As ${version%.?} returns the version of the package, with the patch number removed, i.e. 19.1
<tilpner> ekleog: Does "grep well-known/acme-challenge /var/spool/nginx/logs/access.log" print a hit that matches the time of validation?
<ilya-fedin> MichaelRaskin: There is no switch-to-configuration in my system
<sphalerite> ilya-fedin: it should be in the bin directory of the system profile
<sphalerite> ilya-fedin: e.g. /nix/var/nix/profiles/system/bin
<ilya-fedin> Yes thank you. How to specify configuration to switch?
<MichaelRaskin> timokau: hm, what is thre beyond the VM and process separation and maybe some namespacing? Seccomp?
<{^_^}> [nixpkgs] @markuskowa merged pull request #53186 → shotcut: 18.11.18 -> 18.12.23 → https://git.io/fhqYy
<{^_^}> [nixpkgs] @markuskowa pushed 2 commits to master: https://git.io/fhnnJ
<timokau[m]> MichaelRaskin: I have no idea but I'd have guessed that firefox does some static validation or something
<timokau[m]> MichaelRaskin: Worst case just compile firefox to webasm and run that in chrome within firejail
<ilya-fedin> Got it. system-GENERATION_NUMBER-link
<ekleog> tilpner: `sudo tail -f /var/spool/nginx/logs/access.log | grep well-known/acme-challenge` does add a new line like the following at every `systemctl start acme-foo.example.org.service`: `"GET /.well-known/acme-challenge/... HTTP/1.1" 404 ...`, so I guess it somehow does 404 :/
esmerelda has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @andir opened pull request #53837 → irssi: 1.1.1 -> 1.1.2 → https://git.io/fhnnU
<tilpner> ekleog: Check "journalctl -eu nginx" for open() failures at the same time
<ilya-fedin> Where is the number of the booted generation?
<{^_^}> [nixpkgs] @andir opened pull request #53838 → [18.09] irssi: 1.1.1 -> 1.1.2 → https://git.io/fhnnk
init_6 has joined #nixos
<symphorien> ilya-fedin: readlink /run/booted-system I guess
<estrom> An example for `services.xserver.monitorSection` is "HorizSync 28-49". If I have multiple options to supply, do I supply them via a list? Like: monitorSection = [ "HorizSync ...", "VertSync ...", ... ];
<{^_^}> [nixpkgs] @markuskowa merged pull request #53829 → sile: 0.9.4 -> 0.9.5 → https://git.io/fhnGW
<{^_^}> [nixpkgs] @markuskowa pushed 2 commits to master: https://git.io/fhnnq
<MichaelRaskin> timokau: for Chromium I would actually consider limiting its network access, not running it all the time…
<ilya-fedin> symphorien: Exactly, I did not guess, I can compare by the long id in the links for system-...-link and booted-system Thank you
<{^_^}> [nixpkgs] @fusion809 opened pull request #53839 → marvin: init at 19.1 → https://git.io/fhnnG
fusion809 has quit [Remote host closed the connection]
<ilya-fedin> Damn, nix-collect-garbage -d left only the latest generation in /nix/var/nix/profiles. But I did switch-to-configuration.
<MichaelRaskin> I think booted-system is not actually GC'ed
fusion809 has joined #nixos
philippD has joined #nixos
<symphorien> Because of /run/booted-system. If you start to fiddle with these gc roots anything can happen
ris has joined #nixos
<{^_^}> [nixpkgs] @markuskowa merged pull request #53173 → unclutter-xfixes: 1.4 -> 1.5 → https://git.io/fhqTp
<{^_^}> [nixpkgs] @markuskowa pushed 2 commits to master: https://git.io/fhnnn
tzemanovic has joined #nixos
slyfox has quit [Quit: :)]
<MichaelRaskin> I think you can manually symlink /run/booted-system as a system-(N+1)-link and do a switch-to-configuration and get what you want
Dedalo has quit [Ping timeout: 268 seconds]
estrom has quit [Remote host closed the connection]
<duairc> Does anyone use i3? I've copied my config over from when I used debian, and I find that all the scripts are really slow to execute, like around ~1 second delay.
<duairc> They're written in shell script... I guess on Debian they used dash, and on NixOS they use bash, which is a bit slower. But they shouldn't be that slow?
ottidmes has joined #nixos
slyfox has joined #nixos
<{^_^}> [nixpkgs] @andir merged pull request #53837 → irssi: 1.1.1 -> 1.1.2 → https://git.io/fhnnU
<{^_^}> [nixpkgs] @andir pushed 2 commits to master: https://git.io/fhnn2
<{^_^}> [nixpkgs] @andir merged pull request #53838 → [18.09] irssi: 1.1.1 -> 1.1.2 → https://git.io/fhnnk
<{^_^}> [nixpkgs] @andir pushed 2 commits to release-18.09: https://git.io/fhnna
<{^_^}> [nixpkgs] @uri-canva opened pull request #53840 → bazel-remote: init at 2019-01-12 → https://git.io/fhnnV
<timokau[m]> duairc: That is definitely not normal. Are the shell scripts 100% the same? Are you using `nix-shell`?
tzemanovic has quit [Remote host closed the connection]
<symphorien> dmenu_run is slow the first time after boot because symlinks to the store are time-stamped from 1970 so it needlessly updates its cache
<{^_^}> [nixpkgs] @ttuegel merged pull request #53461 → Kcharselect backport: init at 18.08.0 → https://git.io/fh3H2
<{^_^}> [nixpkgs] @ttuegel pushed 3 commits to release-18.09: https://git.io/fhnno
Dedalo has joined #nixos
<duairc> timokau[m]: I don't think so? I just have a few bindings in my .i3/config file that do exec --no-startup-id scripts/somescript, and then the scripts are usually about 10 lines of shell
estrom has joined #nixos
uaquhuliuh has joined #nixos
<timokau[m]> duairc: What if you execute an empty script? `touch /tmp/script.sh; time bash /tmp/script.sh`
<duairc> In i3 or generally?
<duairc> In a normal shell that takes 0.003 seconds
<estrom> How do I solve something generating Screen/Monitor configuration over my configuration? E.g. `Section Monitor\n Identifier "Monitor[0]"\n Identifier "Monitor0"\n EndSection`. Where Monitor0 is my monitorSection configuration -- and the other is generated.
m4rv33n[m] has joined #nixos
<timokau[m]> duairc: Shouldn't make a difference
<duairc> There just seems to be something about how i3 is calling the scripts that makes it really slow
<timokau[m]> duairc: But if it takes longer "in i3" (whatever that means) then at least the problem isn't with bash
<MichaelRaskin> Maybe strace i3?
<timokau[m]> duairc: Okay can't help you with that, maybe someone else can. I'm not currently using i3
<duairc> MichaelRaskin: Yeah, maybe, might be worth a try
<duairc> timokau[m]: That's okay, thanks anyway
Xal has quit [Ping timeout: 245 seconds]
<MichaelRaskin> You might need to echo 0 > /proc/sys/kernel/yama/ptrace_scope
Xal has joined #nixos
uaquhuliuh has quit [Quit: Leaving.]
<symphorien> estrom: reading from the source, the content of the source, monitorSection accepts multiline strings and will be appended verbatim at the end of the monitor section https://github.com/NixOS/nixpkgs/blob/release-18.09/nixos/modules/services/x11/xserver.nix#L724-L727
<{^_^}> [nixpkgs] @ajs124 opened pull request #53842 → powerdns: fix ecdsa support → https://git.io/fhnnP
<symphorien> s/of the source,// oops
fenedor has quit [Read error: Connection reset by peer]
<estrom> Ah, I see. So I am probably taking the wrong approach. xrandrHeads seems more promising.
<{^_^}> [nixpkgs] @ttuegel merged pull request #53686 → poppler: 0.72.0 -> 0.73.0 → https://git.io/fhZm0
<{^_^}> [nixpkgs] @ttuegel pushed 3 commits to master: https://git.io/fhnnM
<philippD> Are there any news on incremental builds during development in nix? Currently I create special attributes like "repl" that add a shellHook with a script that triggers the incremental build with an "exit" at the and and call it with "nix-shell -A repl". Is there a better way?
<Phillemann> Is it possible to run OpenGL applications in Nix on distributions other than NixOS?
<ilya-fedin> Why is the nvidia 390 only for 32-bit systems?
<tilpner> ,nixGL Phillemann
<{^_^}> Phillemann: nixGL is a bunch of wrappers for getting OpenGL programs to work for your graphics card, https://github.com/guibou/nixGL
<ilya-fedin> Support for my card ended after 390 version
fusion809 has quit [Remote host closed the connection]
<arianvp> I have a nix expression that generates an invalid derivation file but I don't see what's invalid Bout it
estrom has quit [Remote host closed the connection]
fusion809 has joined #nixos
<arianvp> Seems like a bug in exportReferencesGraph?
<arianvp> Or what is going on? Why do I get a parse error?
oida has quit [Remote host closed the connection]
knupfer has quit [Ping timeout: 250 seconds]
oida has joined #nixos
kgz has quit [Quit: WeeChat 2.2-dev]
pie_ has joined #nixos
erictapen has joined #nixos
bob_so[m] has joined #nixos
<wedens> https://jsonlint.com/ can't find anything weird in this json
<wedens> must be something nix specific, but I dont see anything unusual either
<gchristensen> in what json?
<sphalerite> arianvp: no, store paths just can't have names containin @
<arianvp> I don't see any store path with an @ here
<arianvp> Oh
<sphalerite> err
<sphalerite> no yeah
jtojnar has joined #nixos
<arianvp> Alright. That is a horrible constraint considering systemd uses them all over the place
eadwu has joined #nixos
<arianvp> How can I even then reference to files inside systemd?
<arianvp> I don't get it.
<gchristensen> this is something we definitely do inside nixos, so not sure what you're doing which is different
<arianvp> There's enough files in my store path with @ in it
<arianvp> So something else is going on here...
<gchristensen> it is this: "exportReferencesGraph": "closure-autovt@.service /nix/store/kinpd6wss80pf2d04jnvvmw25lzkrlbq-systemd-239/example/systemd/system/autovt@.service",
Lingjian has joined #nixos
<gchristensen> creating a store path of the reference graphs, with the name closure-autovt@.service. the solution is changing that name somehow
<arianvp> I'm not sure i understand. I didn't create exportReferencesGraph
<gchristensen> one possible solution is change to symlink = "/etc/systemd/system"; object = "${pkgs.systemd}/example/systemd/system";
<arianvp> I can't so that.
<gchristensen> why not?
<arianvp> Because I also need to put custom stuff in /etc/systemd/system
<arianvp> I. Don't want everything from the package either
<arianvp> (just like in NixOS/
<gchristensen> sure. you could buildEnv first
<arianvp> But what is export References Graph ?
dsiypl4_ has joined #nixos
<gchristensen> so use another derivation to make the /etc/systemd/system symlink forest, and then put that in
<gchristensen> it exports a list of the entire closure of a path
<arianvp> Why is there an invalid name in there
<arianvp> ?
eadwu has quit [Ping timeout: 250 seconds]
<gchristensen> because makeInitrd is probably asking for the closure of "${pkgs.systemd}/example/systemd/system/autovt@.service"
<arianvp> Ah
<arianvp> I sww
civodul has joined #nixos
<gchristensen> I think it is easy to argue this is a bug
markus1189 has quit [Ping timeout: 250 seconds]
<gchristensen> baseNameOf isn't a valid option there
markus1189 has joined #nixos
acarrico has quit [Ping timeout: 258 seconds]
<gchristensen> not sure what else to use though
<arianvp> closureInfo perhaps?
<gchristensen> I don't think we can, yet
<arianvp> Why not?
<arianvp> I could for sure use it myself :p
<gchristensen> nix-1
<gchristensen> but for example, could zip the paths with in incrementing number instead of using baseNameOf
<{^_^}> [nixpkgs] @hedning opened pull request #53843 → nixos/displayManager: introduce sessionDefault → https://git.io/fhnck
knupfer has joined #nixos
<{^_^}> [nixpkgs] @joachifm pushed commit from @dtzWill to release-18.09 « tor: 0.3.4.9 -> 0.3.4.10 »: https://git.io/fhncq
markus1189 has quit [Ping timeout: 258 seconds]
markus1189 has joined #nixos
<{^_^}> [nixpkgs] @RostakaGmfun opened pull request #53844 → saleae-logic: 1.2.10 -> 1.2.28 → https://git.io/fhncs
knupfer has quit [Remote host closed the connection]
tzemanovic has joined #nixos
<MichaelRaskin> timokau: wait, you are a person who uses BtrFS but doesn't know that _only_ btrfs filesystem df reports anything remotely useful?
<gchristensen> MichaelRaskin: like «btrfs filesystem df» ?
kragniz has joined #nixos
iyzsong has quit [Read error: Connection reset by peer]
knupfer has joined #nixos
<rnhmjoj> if a variable (colon separated paths) is already defined in the option environment.variables, how do I append something to it? using mkForce will reset it.
estrom has joined #nixos
estrom has quit [Remote host closed the connection]
estrom has joined #nixos
<wedens> in the same module?
<{^_^}> [nixpkgs] @dotlambda pushed to master « python3.pkgs.aiohttp: 3.5.3 -> 3.5.4 »: https://git.io/fhncE
<rnhmjoj> wedens: no, one is in a nixos module and i'm trying to modify it in my system configuration
<{^_^}> [nixpkgs] @timokau merged pull request #53833 → python.pkgs.pygal: fix build → https://git.io/fhnZW
<{^_^}> [nixpkgs] @timokau pushed to master « python.pkgs.pygal: fix build (#53833) »: https://git.io/fhncu
<timokau[m]> MichaelRaskin: I guess I am
<timokau[m]> I think I read about it once, but until now regular df was a good enough approximation
Phillemann has left #nixos ["WeeChat 2.3"]
<MichaelRaskin> I have learnt to ignore df long ago
<MichaelRaskin> Maybe because I actually ran a BtrFS with >80% fill
Jackneilll has joined #nixos
<MichaelRaskin> gchristensen: yes
<MichaelRaskin> btrfs fi df, too, is acceptable
knupfer has quit [Remote host closed the connection]
<timokau[m]> Do you know why they can't fix regular df for btrfs? Its much more convenient to just type `df -h` and get a summary
<{^_^}> [nixpkgs] @fighterhero opened pull request #53845 → mediathekview: 9 -> 13.2.1 → https://git.io/fhncz
kragniz is now known as kgz
erictapen has quit [Ping timeout: 268 seconds]
<wedens> rnhmjoj: is the value a list of strings or a string?
<wedens> lists from different modules will be merged
<rnhmjoj> it's just a string
<rnhmjoj> the manual says environment.variables is of type 'attribute set of string or list of stringss'. i'm not sure what that means
estrom has quit [Remote host closed the connection]
<rnhmjoj> ah, cool: i tried using a list of strings and it's getting merged
<{^_^}> [nixpkgs] @veprbl pushed to pr/qt5-darwin-fix « qt5: use 5.11 on darwin until it's fixed »: https://git.io/fhncK
<{^_^}> [nixpkgs] @veprbl opened pull request #53846 → qt5: use 5.11 on darwin until it's fixed → https://git.io/fhnc6
erictapen has joined #nixos
estrom has joined #nixos
estrom has quit [Remote host closed the connection]
ottidmes has quit [Ping timeout: 244 seconds]
contrun[m] has joined #nixos
orivej has quit [Ping timeout: 245 seconds]
<contrun[m]> anyone else have problem buiding haskell project with c dependencies? It seems stack build can not find the right header file on my machine.
<contrun[m]> I encountered this while build patat. https://paste.pound-python.org/show/ZBjpb0yHXf64LMcwIMA0/
lejonet has quit [Ping timeout: 250 seconds]
<wedens> do you have those dependencies listed in nix: packages: in stack file?
bgamari has quit [Quit: ZNC 1.7.1 - https://znc.in]
Dedalo_ has joined #nixos
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/2427f19b91d (from 62 minutes ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
<wedens> contrun[m]: or in a shell.nix file
<contrun[m]> I don't think I have. I am building with the stack.yaml which comes with https://github.com/jaspervdj/patat.
<{^_^}> [nixpkgs] @timokau opened pull request #53847 → python.pkgs.glances: add graph support → https://git.io/fhnCk
bgamari has joined #nixos
endformationage has joined #nixos
<contrun[m]> How can I add c dependency in stack.yaml? I install zlib as a system package. Can stack use it?
<sphalerite> arianvp: sorry, I was away. Store paths in the sense of directory entries in /nix/store can't contain an @
tzemanovic has quit [Remote host closed the connection]
<sphalerite> arianvp: if such a store path is a directory, having files in there with @s in their names is perfectly fine
<wedens> contrun[m]: you may want to look at existing patat derivation in nixpkgs
tzemanovic has joined #nixos
<{^_^}> [nixpkgs] @veprbl opened pull request #53848 → qt511.qtwebengine: fix on darwin → https://git.io/fhnCL
<wedens> contrun[m]: If you want to add it directly to stack.yaml, see https://docs.haskellstack.org/en/stable/nix_integration/#additions-to-your-stackyaml
Makaveli7 has quit [Ping timeout: 272 seconds]
<contrun[m]> wedens: thank you very much. Will look at it presently
<gchristensen> samueldr: I got secureboot from bios to initrd signed now, works great
<ekleog> tilpner: (sorry for having been interrupted IRL… about that acme failure:) I do have `[error] 1399#1399: *326614 open() "/var/lib/acme/acme-challenge/.well-known/acme-challenge/..." failed (2: No such file or directory), ...`
Makaveli7 has joined #nixos
vyorkin has joined #nixos
tzemanovic has quit [Ping timeout: 250 seconds]
* ekleog looking for what went wrong
<tilpner> ekleog: Good, that means nginx is not at fault. It does indeed look like the acme module might be broken
vyorkin has left #nixos [#nixos]
bgamari has quit [Ping timeout: 252 seconds]
<tilpner> Review recent changes to it or look at closed-in-master issues about it. It seems to be working here, so you could also try using a newer acme module
erictapen has quit [Ping timeout: 246 seconds]
<tilpner> Actually... I still haven't seen your config
<arianvp> gchristensen: with dmverity?
bgamari has joined #nixos
<gchristensen> what is dmverity?
<ekleog> yeah I'm looking at it myself, though I haven't changed it for like a year
vyorkin has joined #nixos
<gchristensen> arianvp: I have keys loaded in to the firmware for secureboot, and have signed the systemd-boot .efi program and made a combined kernel-options-initrd efi program which is also signed.
<ekleog> tilpner: ok I think somehow webroot is being ignored: I have webroot="/var/acme-challenge/foo.example.org" in `nixos-option security.acme.certs`
<ekleog> and nginx is looking at the wrong place
<tilpner> Why are you setting webroot?
<tilpner> Oh, /var/lib vs /var
<ekleog> yup (plus /foo.example.org), though there likely isn't much actual interest in it
dsiypl4__ has joined #nixos
<ekleog> ok so I do have `locations."/.well-known/acme-challenge".root = "/var/acme-challenge/${dns}";` in my config, but there are also blocks for /var/lib in my nginx.conf
agander has quit [Ping timeout: 272 seconds]
<tilpner> With enableACME, I wouldn't expect you to need to set webroot and locations.acme-challenge.root
<ekleog> wth if I grep for foo.example.org in my nginx.conf the only location is /var/acme-challenge
vyorkin has quit [Quit: Leaving.]
<ekleog> I'm not actually using enableACME, there is no website on this domain, it's my IMAP server
<ekleog> it's this module http://ekleog.xelpaste.net/DnHJAM
dsiypl4_ has quit [Ping timeout: 258 seconds]
<tilpner> Oh
<tilpner> Yeah, in those cases I just did enableACME anyway
<tilpner> It doesn't really hurt. nginx will keep running and serving 404, but that's not terrible
acarrico has joined #nixos
<ekleog> … ok so `git log -p` from release-18.09 and grepping for either acme or nginx shows basically no change in the last 3 months… or maybe I upgraded to 18.09 less than 3 months ago? let's try enableACME, then
<gchristensen> reading systemd-boot-builder.py is no fun :|
<fusion809> Where can I find some good documentation on makeWrapper? I'm meant to use it in my PR and I cannot figure out how to use it.
<ekleog> tilpner: ok it looks like enableACME works, once I understood why I didn't use it in the first place :) (my server has 2 IP addresses, so just using enableACME tries to make nginx listen on 0.0.0.0:443, which it can't do because something else is already on the other IP address's :443)
<ekleog> thank you!
<ekleog> (using the same listen = mkDefault [ ... ] in addition to enableACME=true did make things work)
<{^_^}> [nixpkgs] @guillaumekoenig opened pull request #53849 → enpass: 5.6.5 -> 6.0.1 → https://git.io/fhnCM
<fusion809> Thanks
qz has joined #nixos
<timokau[m]> How do I get `gcc` in a nix-shell to disable its hardening (all except PIE)?
<timokau[m]> I've tried setting `NIX_HARDENING_ENABLE=pie`, but that doesn't work (as shown by `NIX_DEBUG=1`)
<timokau[m]> And reading the cc-wrapper source there is some talk about an "infix salt"
hedning has quit [Quit: hedning]
hedning has joined #nixos
Jackneilll has quit [Ping timeout: 246 seconds]
mizu_no_oto has joined #nixos
kisonecat has joined #nixos
<tokudan[m]> I do have an issue using the php app postfixadmin on nixos. the issue seems to be an nginx configuration issue that I cannot figure out. phpfpm complains that it gets a directory, while nginx wants index.php, i would be grateful for any pointers or ideas on how to solve this. details here: https://gist.github.com/tokudan/a527d8b4c632bd4a17460b458a57c323
erictapen has joined #nixos
<gchristensen> I guess I'm not sure what the point of secureboot is on a user-built system, if it is protecting against malware which can write to protected files it can presumably read protected files, and then access the signing key to sign its malware.
<gchristensen> if the boot process were generated by a third party (microsoft, apple) that is a different thing
<gchristensen> andi-: what do you think?
<tokudan[m]> gchristensen: if it's a nitrokey or yubikey doing the signing, malware might not be able to sign it. also an evil maid attack is harder
<gchristensen> not much harder, since they can turn off secureboot in the uefi firmware without me even knowing -- since it isn't clear if a boot is "secure" or not
xavierm02 has joined #nixos
<{^_^}> [nixpkgs] @FRidh merged pull request #53788 → retdec: remove pycache from install dir → https://git.io/fhZ5c
<{^_^}> [nixpkgs] @FRidh pushed commit from @dtzWill to master « retdec: remove pycache from install dir »: https://git.io/fhnWY
<tokudan[m]> I'd assume that disabling secureboot should only be able in the firmware and not from a running system. if it's possible after firmware, then yes, that is definitely an issue
<andi-> gchristensen: I do think it is still of some value. It is basically the same as with every notebook. The hardware is just a bit easier accessible. For me the benefit is that I have a bit more assurance that a system wasn't tempered with. It is not perfect but provides me with some guarantees. It makes attacks that just plug in some kind of USB-Stick into your hardware at lot harder. Siging keys should not be
<andi-> readable by any (normal) user. They should be on a secure element or at least protected by file permissions.. I have a few systems where they keys reside within /root.
<andi-> You can just disaable it in the bios or reset it.. but that usually takes more time.
<andi-> On my notebook I am able to tell wether or not it boots with secureboot or not. Data should be encrypted anyway...
<gchristensen> how are you able to see if it is secureboot or not?
<gchristensen> andi-: and, did you integrate secureboot with the nixos bootloader script? :)
<andi-> gchristensen: I can tell due to uefi bugs ;)
<andi-> I did not integrate it since I like to control the keys more cloesly
<gchristensen> haha
<xavierm02> Hi. I'm searching for a description of how nixos works people-wise. For example, who has write access to the code, how many trusted eyes go through pull requests before they are merged etc.
<xavierm02> Does such a description exists somewhere?
<xavierm02> exist*
<andi-> gchristensen: Would there be a demand for a proper secureboot integration in NixOS? Very often I meet people that do not even know that they could do that.. I recently helped someone do it on their hardware so I doesn't just work for me :D
<rain1> does anyone have a .desktop file or something for mpv which lets you double click to open videos? I can set video type associations one by one, i was wondering if anyone had a better solution
kisonecat has quit [Quit: leaving]
kisonecat has joined #nixos
Jackneilll has joined #nixos
init_6 has quit []
kisonecat has quit [Client Quit]
<rain1> thanks
<rain1> I am not sure how to install it. I wonder if I need to copy it into of the paths in $XDG_DATA_DIRS
kisonecat has joined #nixos
<rain1> https://nixos.wiki/wiki/Nix_Cookbook#Desktop_Environment_does_not_find_.desktop_files or maybe I need to add a new directory to that variable
<rain1> I'll try ~/.local/share/applications/
<wedens> it should be already installed
ris has quit []
kisonecat has quit [Ping timeout: 246 seconds]
<rain1> how do I list the files in a package? or go from package name to its path in the store?
<wedens> hm. it exists in the store in /nix/store/*-mpv-*/share/applications/mpv.desktop but it doesn't seem to exist in /run/current/system/sw/share/applications
<wedens> rain1: "${pkgs.mpv}/share/applications/mpv.desktop"
griff_ has joined #nixos
<rain1> ah okay, you're ahead of me
<rain1> I found -q --out-path
<{^_^}> [nixpkgs] @offlinehacker opened pull request #53850 → xsuspender: init at 1.0 → https://git.io/fhnWr
<rain1> so we have /nix/store/...-mpv-0.29.0/share/applications/mpv.desktop
dsiypl4__ has quit [Ping timeout: 268 seconds]
kisonecat has joined #nixos
<wedens> you'll probably need to do update-desktop-database after linking the .desktop file
hedning has quit [Remote host closed the connection]
<rain1> would the mpv package have to be changed to make this show up in /run/current/system/sw/share/applications ?
<wedens> you can copy/link it to ~/.local/share/applications/
<rain1> ok, thanks a lot! I'm using nix-index to find out which package provides update-desktop-database
<wedens> I'm not sure if thre is some fairly clean way to link it to /run/current/system/sw/share/applications without modifying mpv derivation
<wedens> rain1: pkgs.buildPackages.desktop-file-utils
<wedens> just desktop-file-utils should also work
o1lo01ol1o has joined #nixos
<{^_^}> [nixpkgs] @vcunat pushed to staging-next « libnice: disable all tests for now :-( »: https://git.io/fhnW1
regulus_ has joined #nixos
shabius has quit [Quit: Leaving]
hodapp has joined #nixos
rain1 has quit [Ping timeout: 240 seconds]
kisonecat has quit [Ping timeout: 240 seconds]
ng0_ has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @ttuegel merged pull request #52524 → freetype: 2.9 -> 2.9.1 → https://git.io/fpjYw
<{^_^}> [nixpkgs] @ttuegel pushed 2 commits to staging: https://git.io/fhnWQ
o1lo01ol1o has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @ttuegel merged pull request #53846 → qt5: use 5.11 on darwin until it's fixed → https://git.io/fhnc6
<{^_^}> [nixpkgs] @ttuegel pushed 2 commits to master: https://git.io/fhnW5
shabius has joined #nixos
Jackneilll has quit [Remote host closed the connection]
<wedens> hm. why `environment.pathsToLink = [ "/share/applications" ];` doesn't make ` /nix/store/...-mpv-0.29.0/share/applications/mpv.desktop` appear in `/run/current/system/sw/share/applications`?
fendor has joined #nixos
Jackneilll has joined #nixos
alex`` has quit [Quit: WeeChat 2.3]
Jackneilll has quit [Remote host closed the connection]
rain1 has joined #nixos
<rain1> https://github.com/NixOS/nixpkgs/blob/889c72032f8595fcd7542c6032c208f6b8033db6/pkgs/applications/video/mpv/default.nix i wonder if the installPhase part of the package could be modified to put the .desktop in the right place?
<wedens> ignore me :) I have mpv installed in user profile
<rain1> just checked the logs
<rain1> I'm not sure what you mean about user profile
<rain1> does it matter which user I run nix-env -i mpv as
<rain1> and also what would it mean when I put the package in my configuration.nix
<wedens> if you've installed it via nix-env, .desktop file will be in ~/.nix-profile/share/applications
<wedens> which should be in XDG_DATA_DIRS
<rain1> it is in ~/.nix-profile/share/applications, but that path is not in XDG_DATA_DIRS
dsiypl4__ has joined #nixos
<rain1> I'll add it in my configuration
acarrico has quit [Ping timeout: 245 seconds]
polman has quit [Ping timeout: 246 seconds]
<wedens> I've checked (via xdg-mime query default) and I have correct associations by default. no idea why you don't have user's profile in XDG_DATA_DIRS
adjofun has joined #nixos
<rain1> it's strange! maybe something to do with xfce4
<adjofun> Hi everyone! I have a question about tomcat configuration in NixOS, should I ask it here?
polman has joined #nixos
Dedalo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
mizu_no_oto has quit [Quit: Computer has gone to sleep.]
<mightybyte> Anyone know why I get this error now:
<mightybyte> ...but a month ago it worked fine
<symphorien> is this revision that of a PR ?
<symphorien> if the PR has been forcepushed, the commit may have been gc-ed
<mightybyte> Oh, no idea.
<mightybyte> It's just a particular nixpkgs commit that I happened to have pinned one of my packages to.
dsiypl4__ has quit [Ping timeout: 268 seconds]
Dedalo_ has joined #nixos
ferriswheel has joined #nixos
<mightybyte> It's kind of alarming that a pin to a specific git hash stopped working.
ng0 has joined #nixos
ng0 has quit [Client Quit]
<samueldr> github allows you to use a hash from another repo from the same source fork transparently
<samueldr> e.g. if you look here https://github.com/NixOS/nixpkgs/commits/b28b37eb00768da86b9be8f4a61e3a46cdb604d6 <- this isn't merged yet
adjofun has quit [Quit: Leaving]
<{^_^}> [nixpkgs] @samueldr merged pull request #53828 → tests: Wait for shell for twice as long (10m) → https://git.io/fhnOh
<{^_^}> [nixpkgs] @samueldr pushed 2 commits to master: https://git.io/fhnlM
erictapen has quit [Ping timeout: 246 seconds]
<gchristensen> samueldr: seems I can only fit about 20 generations, with signed initrds
<samueldr> (well, now it is, oops)
freeman42x has joined #nixos
o1lo01ol1o has joined #nixos
<mightybyte> samueldr: Oh, good to know.
orivej has joined #nixos
<samueldr> yeah, it's a weird feature, probably an implementation detail, of github, it's not just bad or just good...
<mightybyte> Yeah...
<mightybyte> Just something to be awarae of
<{^_^}> [nixpkgs] @samueldr pushed to release-18.09 « tests: Wait for shell for twice as long (10m) »: https://git.io/fhnl5
o1lo01ol1o has quit [Ping timeout: 240 seconds]
Mateon1 has quit [Remote host closed the connection]
Mateon1 has joined #nixos
sary has quit [Quit: Reconnecting]
sary has joined #nixos
tzemanovic has joined #nixos
griff__ has joined #nixos
griff_ has quit [Ping timeout: 240 seconds]
griff__ is now known as griff_
<{^_^}> [nixpkgs] @marsam opened pull request #53851 → flow: 0.89.0 -> 0.90.0 → https://git.io/fhn8X
<rain1> How do I install fbreader?
<rain1> nix-env -i fbreader says selector 'fbreader' matches no derivations
<symphorien> ,-A
<{^_^}> You'll usually want to use nix-env -i with -A. It's faster and more precise. See https://nixos.wiki/wiki/FAQ/nix-env_-iA for details.
<rain1> I also tried fbreader-gtk
erictapen has joined #nixos
goibhniu has joined #nixos
uaquhuliuh has joined #nixos
<rain1> il keep that -A option in mind but it didn't have an effect in this case
vk3wtf has quit [Ping timeout: 250 seconds]
<symphorien> nix-env -iA nixos.fbreader works for me
<rain1> thanks! How come you have to put nixos. this time? I don't normally do that
<symphorien> to tell nix-env which channel to use
<rain1> ah nice I'll read up on channels
<symphorien> by default you only have nixos, but you can have more if you wish so
tzemanovic has quit [Remote host closed the connection]
<symphorien> be aware that the nixos channel is in fact named nixpkgs in nix-channel --list, for historical reasons iirc
tzemanovic has joined #nixos
shabius has quit [Quit: Leaving]
goibhniu has quit [Quit: Leaving.]
tzemanovic has quit [Ping timeout: 252 seconds]
fendor has quit [Ping timeout: 246 seconds]
griff_ has quit [Ping timeout: 244 seconds]
<rain1> is there any way to get the gtk version of fbreader?
shabius has joined #nixos
<rain1> it seems to give me the qt version only
goibhniu has joined #nixos
aleph- has joined #nixos
doyougnu has joined #nixos
fendor has joined #nixos
orivej has quit [Ping timeout: 250 seconds]
tzemanovic has joined #nixos
<rain1> ohh i see!
drakonis has joined #nixos
<{^_^}> [nixpkgs] @samueldr merged pull request #53827 → tests: Logs timing in tests → https://git.io/fhnOx
<{^_^}> [nixpkgs] @samueldr pushed 3 commits to master: https://git.io/fhn4W
tzemanovic has quit [Ping timeout: 252 seconds]
uaquhuliuh has quit [Quit: Leaving.]
<symphorien> rain1: if you are feeling adventurous nix-env -iE 'x : with import <nixpkgs> {config = { allowBroken = true;}; }; (fbreader.override { uiType = "gtk" ; })'
ixxie has joined #nixos
humanoyd has joined #nixos
alex`` has joined #nixos
<rain1> heyy cool!
<rain1> im trying it
humanoyd is now known as Guest21461
<rain1> it's neat how you can make small modifications to configs like that
m4rv33n[m] is now known as Marv[m]
dsiypl4__ has joined #nixos
Marv[m] is now known as m4rv33n[m]
m4rv33n[m] is now known as MarvMarvinsson[m
orivej has joined #nixos
fendor has quit [Ping timeout: 268 seconds]
ddellacosta has joined #nixos
justanotheruser has joined #nixos
pointfourone has joined #nixos
pointfourone has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @vbgl merged pull request #53851 → flow: 0.89.0 -> 0.90.0 → https://git.io/fhn8X
<{^_^}> [nixpkgs] @vbgl pushed commit from @marsam to master « flow: 0.89.0 -> 0.90.0 »: https://git.io/fhn4o
vk3wtf has joined #nixos
justanotheruser has quit [Ping timeout: 246 seconds]
dermetfan has quit [Ping timeout: 272 seconds]
reinhardt has joined #nixos
chessai has joined #nixos
Dedalo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
abaiste^ has joined #nixos
Dedalo_ has joined #nixos
iqubic has left #nixos ["ERC (IRC client for Emacs 26.1)"]
justanotheruser has joined #nixos
devalot has quit [Quit: ZNC - http://znc.in]
aleph- has quit [Ping timeout: 240 seconds]
Dedalo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @vbgl merged pull request #53455 → ocamlPackages.lablgtk3: 3.0.β2 → 3.0.β3 → https://git.io/fh3M0
<{^_^}> [nixpkgs] @vbgl pushed to master « ocamlPackages.lablgtk3: 3.0.β2 → 3.0.β3 »: https://git.io/fhnBq
cyounkins has joined #nixos
i1nfusion has quit [Remote host closed the connection]
i1nfusion has joined #nixos
xavierm02 has quit [Quit: Page closed]
estrom has joined #nixos
kisonecat has joined #nixos
chessai has quit [Ping timeout: 246 seconds]
fusion809 has quit [Remote host closed the connection]
tzemanovic has joined #nixos
chessai has joined #nixos
chessai has quit [Remote host closed the connection]
chessai has joined #nixos
cyounkins has quit [Remote host closed the connection]
cyounkins has joined #nixos
doyougnu has quit [Ping timeout: 272 seconds]
vyorkin has joined #nixos
<ivan> how do I create entries for systemd-boot? I'm doing a nixos-infect-style install on a UEFI system
cyounkins has quit [Ping timeout: 268 seconds]
vyorkin has quit [Client Quit]
<estrom> Is xorg.utilmacros synanomous with xorg-macros? I am trying to build xephyr from the xserver repo but can't get a hold of xorg-macros.
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/4d5935de624 (from 2 hours ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
<ivan> ok maybe it's /nix/store/sj36b3pgjcmkmypam11x8cj16rpqrfvl-systemd-boot-builder.py system
ilya-fedin has quit [Quit: Connection closed for inactivity]
<estrom> How do I get a hold of xutils on nixos? Namely xorg-macros
cnidario has joined #nixos
Makaveli7 has quit [Quit: Leaving]
Makaveli7 has joined #nixos
xkapastel has quit [Quit: Connection closed for inactivity]
unyu has quit [Quit: unyu~!]
kisonecat has quit [Ping timeout: 240 seconds]
silver_hook has quit [Ping timeout: 246 seconds]
cyounkins has joined #nixos
silver_hook has joined #nixos
<samueldr> estrom: nix-index, which provides nix-locate, might be useful to you https://github.com/bennofs/nix-index
<samueldr> ,locate xutils.h
<samueldr> (assuming it's a header)
<{^_^}> Found in packages: sonic-pi
<samueldr> oh, that output is wrong...
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
<samueldr> so yeah, probably xlibs.utilmacros is what you want
<estrom> samueldr: I couldn't build nix-index
tzemanovic has quit [Remote host closed the connection]
<estrom> It can't find serde_json version 1.0.32, but it found 1.0.27.
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
* samueldr tries updating nix-index
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
<estrom> And also, I do have nixos.xorg.utilmacros. But automake can't find the xorg-macros
<samueldr> estrom: checkout v0.1.2 it'll work :/
tzemanovic has quit [Remote host closed the connection]
<samueldr> maybe bennofs[m] could look into having a "released" branch so dependency updates on master don't make it harder to follow the README
tzemanovic has joined #nixos
<samueldr> estrom: how are you using it?
tzemanovic has quit [Remote host closed the connection]
<samueldr> (I mean, how are you trying to use xorg.utilmacros?)
<estrom> v0.1.2 worked :)
ixxie has quit [Ping timeout: 268 seconds]
<estrom> samueldr: automake via autoreconf to build xserver
<{^_^}> [nixpkgs] @Infinisil merged pull request #51661 → test: set machines fqdn in /etc/hosts → https://git.io/fpy05
<{^_^}> [nixpkgs] @Infinisil pushed 2 commits to master: https://git.io/fhnRf
<samueldr> okay, but how are you using xorg.utilmacros? nix-shell, nix-env system config?
<samueldr> because for libraries and building stuff, it will not work if you install via nix-env or system config
<estrom> nix-env
<samueldr> ,libraries
<{^_^}> Don't install libraries through nix-env or systemPackages, use nix-shell instead. See https://nixos.wiki/wiki/FAQ/Libraries for details.
<estrom> oh
<samueldr> it's a surprising thing at first, a bit annoying for some, but it makes sense considering how nix works
<estrom> Can I remove it from my nix-env?
<samueldr> you probably should :)
<samueldr> it probably doesn't provide anything useful that way
<dmj`> how do I set an environment variable in a runCommand block
<sphalerite> dmj`: put it in the set between the name and the commands
<samueldr> also, it adds some isolation to builds, so your libraries and dependencies are not easily mixed from multiple (maybe incompatible) sources
<dmj`> I did that
<dmj`> it isn't getting picked up
<sphalerite> dmj`: which environment variable? How are you determining that it isn't getting picked up?
fendor has joined #nixos
<dmj`> sphalerite: I have some C++ code that needs this variable and haskell is calling into it
<dmj`> sphalerite: calling env shows its getting set in there
<sphalerite> dmj`: then what's the problem?
<dmj`> sphalerite: the C++ code fg
<estrom> samueldr: how can I verify that I have removed it? nix-env -e has no output
<dmj`> sphalerite: omg think I got it
<samueldr> estrom: nix-env -q will list what's installed
<sphalerite> estrom: nix-env -e should tell you what it does. if it doesn't output anything it hasn't done anything
<samueldr> you will have to use the name listed there as it doesn't know about the attribute name
<samueldr> (ask if what I just said doesn't really make sense to you)
<estrom> yeah, I made the mistake of trying to remove it with the nixpkgs
agander has joined #nixos
Guest21461 is now known as Artus
freeman42x has quit [Read error: Connection reset by peer]
freeman42x has joined #nixos
<estrom> saumeldr: so, given that I know that nixos.xorg.utilmacros is required to build xserver. how do I specify this package in buildInputs in the default.nix I created in the build-folder of xserver?
<dmj`> sphalerite: so the issue was that the haskell package builds and runs the test first, in that case the environment variable was not set
<estrom> just trying to figure out the naming scheme mappings to my search results in nix search. but buildInputs = [ xorg.utilmacros ] seem to resolve correctly
ottidmes has joined #nixos
<estrom> nix-shells are neat!
<infinisil> ,fancy-uninstall
<{^_^}> Fancy way to uninstall packages, needs fzf installed: nix-env -q | fzf | xargs -I{} nix-env -e {}
tzemanovic has joined #nixos
<dmj`> sphalerite: there's some colon thats getting prepended which is screwing everything up
Artus has left #nixos ["WeeChat 2.3"]
Makaveli has joined #nixos
Makaveli is now known as Guest68112
Makaveli7 has quit [Ping timeout: 252 seconds]
lopsided98 has quit [Ping timeout: 264 seconds]
<estrom> Do people share `default.nix` configs for building different programs?
<infinisil> estrom: Like.. to nixpkgs with pull requests? yes :)
<estrom> infinisil: I think xserver already is on nixpkgs. But it doesn't build xephyr?
knupfer has joined #nixos
<samueldr> ,locate bin Xephyr
<{^_^}> Found in packages: xlibs.xorgserver
<estrom> ah, the X is capitalized. how embarrasing (:
<samueldr> no worries, I kinda knew every X servers have their X capitalized
<estrom> well, at least I have learnt a lot about nix-shell!
evanm has joined #nixos
<djahandarie> Is there some way to GC items in your store which match some glob?
<djahandarie> (I have some massive things in my store that I know are going unused, but don't want to GC all the other stuff which I tend to use periodically for building software etc)
<djahandarie> Though I don't want to delete them straight-up, in case they are somehow being used somewhere
kumikumi has joined #nixos
<sphalerite> djahandarie: it's not beautiful but maybe nix-store --delete /nix/store/*foo*
<sphalerite> djahandarie: it should refuse to delete anything that has roots
<sphalerite> djahandarie: I'm not sure if it will also delete dependents in order to allow deletion of paths, or complain in those cases
o1lo01ol1o has joined #nixos
cyounkins has quit [Remote host closed the connection]
griff_ has joined #nixos
griff__ has joined #nixos
o1lo01ol1o has quit [Ping timeout: 244 seconds]
griff_ has quit [Ping timeout: 244 seconds]
griff__ is now known as griff_
cyounkins has joined #nixos
[Leary] has joined #nixos
Lears has quit [Ping timeout: 250 seconds]
reinhardt has quit [Quit: Leaving]
doyougnu has joined #nixos
<q6AA4FD> do i need to note anything in meta if i'm packaging a program that uses a nonfree network service (i think) but is not nonfree itself
lejonet has joined #nixos
<{^_^}> [nixpkgs] @evhan opened pull request #53854 → ugarit: fix build by using chicken-4.x → https://git.io/fhnEg
<MichaelRaskin> We are currently not tracking this in Nixpkgs.
<MichaelRaskin> In a sense, use of Nixpkgs requires using a non-free network service in most configurations…
<gchristensen> heh, like the cache?
cyounkins has quit [Remote host closed the connection]
cyounkins has joined #nixos
ashkitten has quit [Ping timeout: 246 seconds]
Dedalo_ has joined #nixos
<Unode> hi all. I have two nixos configurations. configuration.nix and custom.nix . The second is meant to acts as a sandbox for different options and is used for a different profile (to have another grub entry for it). Now when trying to override options in custom.nix that were set in configuration.nix I get "The option `...' has conflicting definitions, in ...". Is there any way to override options in custom.nix
<Unode> without running into this error?
cyounkins has quit [Ping timeout: 246 seconds]
<q6AA4FD> MichaelRaskin: alright, cool
agander has quit [Ping timeout: 250 seconds]
<infinisil> Unode: You can use `mkForce` to assign options with a higher priority
<infinisil> Or use `mkDefault` to assign with a lower priority
cyounkins has joined #nixos
<Unode> infinisil: actually in this case, I would be happy with just setting the option to its default value, as if undefined in configuration.nix. Would mkDefault be the right direction then?
<MichaelRaskin> gchristensen: choose your poison, github or S3!
<Unode> infinisil: http://dpaste.com/3XQ6GDG line 24
<MichaelRaskin> Even without cache, there is channel
<infinisil> Unode: Nope, if you want to reset it to its default (if it even has one), then `foo = lib.mkForce options.foo.default` could work
<infinisil> But it's a bit ugly, I recommend not setting it in the first place if possible
<infinisil> Unode: Best imo is to use `mkDefault` in your configuration.nix
<Unode> infinisil: I was trying to avoid having to split configuration.nix into a common.nix and then two entry-points: configuration.nix and custom.nix
Dedalo_ has quit [Ping timeout: 244 seconds]
<Unode> infinisil: ah so mkDefault true?
<infinisil> Yeah
<Unode> I see
<Unode> Will try that
<Unode> thanks!
<gchristensen> MichaelRaskin: :) at least both of them are free protocols ... but ... yes.
<Unode> infinisil: so just to make sure I understand. if an option has a default and I use mkDefault, the value in mkDefault is still used correct?
automagisk has quit [Quit: WeeChat 2.0]
<q6AA4FD> MichaelRaskin: there's always gitlab!
<Unode> btw, unrelated question: I have mlocate in my config. Every time I build it I get "trace: warning: mlocate does not support searching as user other than root", but I seem to be able to use locate as regular user just fine. Is this a bug?
<infinisil> Unode: Yeah, option defaults (the ones in mkOption) have an even lower priority
<MichaelRaskin> q6AA4FD: there is no officially recognised gitlab mirror of Nixpkgs, though
<Unode> infinisil: awesome! Seems to be working. Time for a reboot to try. back in a sec
estrom has quit [Remote host closed the connection]
<infinisil> Why are high priorities low and low priorities high anyways though :/
<infinisil> Would make more sense the other way
iqubic has joined #nixos
<Unode> infinisil: mkOverride -100 ? :P
<iqubic> How does one get flash on Firefox in Nixos?
<steveeJ> must the `nixos` portion of NIX_PATH point to ${nixpkgs}/nixos?
<infinisil> I mean, `mkOptionDefault` could be 0, `mkDefault` could be 500, `mkForce` could be 1000
<infinisil> Then the higher the priority number, the higher the priority
<iqubic> It appears that I don't have adobe flash on my firefox install.
<Unode> infinisil: I agree. Maybe it was designed not with priority but with 'irrelevance' in mind :P
<{^_^}> [nixpkgs] @flokli opened pull request #53855 → nextcloud: 15.0.0 -> 15.0.2 → https://git.io/fhnEX
ashkitten has joined #nixos
MichaelRaskin has quit [Quit: gchristensen last call: if nobody is in the process of writing a good post about medium-term RFC SC selection rules, I will write a quick-hack «please state your opinions» one]
<Unode> iqubic: enableFlashPlayer = true
<iqubic> Where do I put that?
<Unode> iqubic: enableAdobeFlash = true , sorry.
<Unode> One sec
cyounkins has quit [Remote host closed the connection]
<ivan> firefox.enableAdobeFlash = true; in your configuration
<iqubic> configuration.nix in my /etc/nixos folder?
<ivan> yes
<iqubic> And is it an issue if I'm using firefox-bin, and not firefox?
<Unode> ivan: you need a packageOverride for that no?
<Unode> iqubic: firefox-bin ?
<iqubic> In my system.evironmentPackages I put firefox-bin, as that works better for me.
<infinisil> These options might not work with -bin versions of firefox btw
<Unode> iqubic: firefox-bin is a gentoo thing.
<ivan> Unode: it's in nixos
<Unode> and TIL. was not aware of -bin being a thing in nixos as well.
<iqubic> infinisil: I'll switch Firefox versions than.
<Unode> interestingly doesn't show up on the search
<rain1> I'm using nixos with xfce4 and I installed mpv and mupdf which both provide .desktop files but I can't click to open videos or pdfs in the filemanager (pcmanfm). I can see these .desktop files in ~/.nix-profile/share/applications/ and I have added this path to my XDG_DATA_DIRS variable using configuration.nix and rebooted. I also tried using update-desktop-database on it but I get this error: The databases in
<rain1> [.nix-profile/share/applications/] could not be updated. How can I make double clicking work?
<iqubic> Yeah, this isn't working.
<q6AA4FD> nix-env -e does not appear to be working on things added to the profile with nix-env -f, does anyone know how to remove a package installed this way?
<iqubic> See, I can't seem to get it to work.
<iqubic> first one is the configuration.nix, second is my attempt to build a system from that configuration.nix
<q6AA4FD> ivan: is firefox-bin in nixpkgs, i can't find it with `nix search`
<Unode> iqubic: any reason not to use firefox (instead of -bin)? You won't build from source if a binary exists in the cache (usually it does).
<iqubic> No.
<infinisil> [2018-11-27 00:30:07] <infinisil> Shortest tutorial for setting application defaults you'll ever see: Use `xdg-mime query filetype <file>` to figure out the mimetype of <file> and `xdg-mime default <programname>.desktop <mimetype>` to set the default application for this type, e.g. `xdg-mime default evince.desktop application/pdf`
<infinisil> rain1: ^^
<iqubic> No reason at all.
<iqubic> I'm switching to firefox without "-bin"
<Unode> q6AA4FD couldn't find it either but it is there.
<infinisil> rain1: So try `xdg-mime default mupdf.desktop application/pdf`
<iqubic> Still can't get flash to work.
<steveeJ> sphalerite: you saved my with this message: https://logs.nix.samueldr.com/nixos/2018-09-18#1577914;
silver_ has joined #nixos
<rain1> infinisil: thanks! this seems like a pretty awkward workaround though. I would have to make up this command for each file type each program can open - I think this can be done automatically in linux but i haven't figured out how yet
<infinisil> rain1: That's no workaround!
<sphalerite> steveeJ: :D
<steveeJ> infinisil: is that xdg-mime stuff somehow integrated with home-manager?
<infinisil> steveeJ: I don't think so
<steveeJ> rain1: indeed I also wonder how this works on mainstream distros
<infinisil> rain1: DM's might integrate this somehow into their preferences, but this is the defacto standard way to do this stuff
<iqubic> I have to go now, but I'll be checking the logs. So if anyone has a solution to my issue, I'd love that.
uaquhuliuh has joined #nixos
<rain1> see how many mime types mpv can open
<infinisil> afaik at least
oida has quit [Remote host closed the connection]
<rain1> what I'd like to achieve is files with any of these mimetypes will open with mpv
<steveeJ> it seems like this could be automated for packages which ship desktop files
silver has quit [Ping timeout: 258 seconds]
<steveeJ> maybe we could link all desktop files to a folder in the profile and have a simple for loop in the login script
aleph- has joined #nixos
<steveeJ> similar to how other linked stuff works
<rain1> update-desktop-database might be enough
<infinisil> This happens automatically already, it's only a problem when there's multiple programs available for filetypes
<Unode> iqubic: try: http://dpaste.com/1166DYV
<infinisil> Double-clicking will only open with apps that say they can open that file
<rain1> infinisil: I think we have a different setup becaues this isn't happening automatically with mine, i'd like it to though
<q6AA4FD> Unode: maybe it's in the package, but not the name of it. `which firefox-bin` would probably tell ya if you have it installed
<steveeJ> infinisil: on my system nautilus doesn't know anything about default applications though. I have to select everything manually
<infinisil> rain1: Check the desktop file of the app it opens pdfs with
<infinisil> I bet it has application/pdf specified
<infinisil> Because the same happens for me. Krita has pdf specified, but it's horrible at opening pdfs..
<infinisil> And for some reason actually the xdg-mime command stopped working for me..
<q6AA4FD> steveeJ: you could write an override of firefox that appends the xdg-mime command to postInstall or something hacky like that
cnidario has quit [Remote host closed the connection]
<q6AA4FD> steveeJ: or write the mime db file, rather than using the command
<rain1> oh damn, mupdf.desktop doesn't actually specify any mimetype
<rain1> it's just mpv that does that
<infinisil> Oh, and evince, my pdf viewer doesn't even specify a desktop file anymore.. That's why it doesn't work :/
vk3wtf has quit [Ping timeout: 252 seconds]
elibrokeit has quit [Quit: A random quit message]
elibrokeit has joined #nixos
<infinisil> rain1: A home-manager module where you can specify `mime.application.pdf = pkgs.evince` would be pretty neat, should be doable with running xdg-mime in the activation phase
<infinisil> And it could even throw a warning when it doesn't specify that mime type or doesn't have a desktop file
<jasongrossman> infinisil: Yes!
<ldlework> cool
<{^_^}> [nixpkgs] @thoughtpolice pushed 2 commits to master: https://git.io/fhnuf
<rain1> but I don't want to write these all manually
<Unode> q6AA4FD: I don't have it installed but grepping nixpkgs gave a few hits for firefox-bin. Package name only it seems.
<rain1> my aim is that the .desktop files would be scanned for mimetype assocations
<rain1> I will have to write them manually for now though
<rain1> I thought I just misconfigued my system, didn't expect this was just not a solved problem
<Unode> Does anyone have experience with having multiple nixos configurations showing up as different grub entries? I've been trying https://github.com/NixOS/nixpkgs/issues/23458#issuecomment-284091675 but the second profile isn't appearing.
<infinisil> rain1: There is no way to have it work automatically
<infinisil> Because there could be lots of applications specifying that they can read pdfs
<infinisil> But that doesn't mean it's the app *you* want
<infinisil> It could be different for everybody
<rain1> earlier you said you had it working automatically though
<infinisil> That's why doing this manually is needed where there's multiple programs (and it happens to not use the one you want by default)
<rain1> I think I must have just described this badly
<infinisil> I did?
<rain1> but what you said was a big help to me
* Unode find the whole xdg-open mimetype guessing system awfully and unnecessarily confusing.
<infinisil> Ah yeah, it uses an application that has the mimetype specified automatically already
<infinisil> But it can't choose the one you want from multiple ones
<q6AA4FD> Unode: that's really strange
<Unode> q6AA4FD: do you mean the firefox thing?
<q6AA4FD> yeah.
<q6AA4FD> is it good form to make myself maintainer of a package if i create it, or just if i plan on keeping it up to date/testing it
cyounkins has joined #nixos
<Unode> q6AA4FD: if you want to be a maintainer add yourself, more maintainers can't be bad. But if in doubt, contact the other maintainers of said package.
<infinisil> Oh, the evince desktop file is not named evince.desktop, but `org.gnome.Evince.desktop` instead.. `xdg-mime default org.gnome.Evince.desktop application/pdf` works as intended
toppler` has joined #nixos
vk3wtf has joined #nixos
<Ralith> doesn't work here :(
<Ralith> libreoffice, of all things, intercepts it
<infinisil> Ralith: It was the same for me before running that command
<Ralith> where is the desktop file showing up?
<infinisil> Ralith: Do you have an org.gnome.Evince.desktop file in /run/current-system/sw/share/applications
<Ralith> no, I don't install user-level applications system-wide
<Ralith> I put them in my hm profile
<Ralith> no sense requiring sudo to update evince
toppler has quit [Ping timeout: 268 seconds]
<infinisil> Hmm, i think it might derive that path from $XDG_DATA_DIRS, what does that say for you?
<infinisil> It has both ~/.nix-profile/share and /run/current-system/sw/share in it for me
<{^_^}> [nixpkgs] @flokli merged pull request #53855 → nextcloud: 15.0.0 -> 15.0.2 → https://git.io/fhnEX
<{^_^}> [nixpkgs] @flokli pushed 2 commits to master: https://git.io/fhnuY
<Ralith> apparently *my* evince is going by `evince.desktop`
<{^_^}> [nixpkgs] @flokli pushed to release-18.09 « nextcloud: 15.0.0 -> 15.0.2 »: https://git.io/fhnuO
<infinisil> Ralith: AH so that's what I thought! The path must have changed on some update..
<infinisil> Backwardscompatibility *cough*
<infinisil> I remember running it with evince.desktop before
<q6AA4FD> Unode: oh, i'm adding a new package not changing it. but i also don't really care about new versions, so i don't want to give the impression that i'm going to keep it up to date with releases
<Unode> q6AA4FD: that's not great but usually ok. Do expect the package to get marked as broken if it fails to build/compile/install on a new nixos release.
<q6AA4FD> oh, okay. i'm talking more about later releases from the upstream. it's like 10 lines so i doubt it'll break unless there are breaking changes to python stdenv
shabius has quit [Quit: Leaving]
<kumikumi> Long time linux user but total nixOS newbie here, just getting started with my first installation and very impressed so far. But here's a question: Now that I have a basic xfce environment running, how might I declaratively customize my desktop experience? (e.g. icons, themes, panel settings, wallpaper etc.). Any pointers to the right direction are much appreciated
<ldlework> kumikumi: how are those things usually customized?
<q6AA4FD> https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/x11/desktop-managers/xfce.nix there are options declared in the expression or whatever its called itself
endformationage has quit [Quit: WeeChat 2.3]
sary has quit [Ping timeout: 258 seconds]
<q6AA4FD> oh, and GTK themes are probably going to be a setting for GTK, rather than xfce or what-have-you, so look there perhaps
sary has joined #nixos
<lassulus> kumikumi: afair, most of of the desktop setting (the ones which are set through menus) don't have a good declarative way to specify them. So they reside statefully on your system. Sometimes you can do something with dconf.
endformationage has joined #nixos
<sphalerite> kumikumi: there's also home-manager which does some of those things but probably not all
<ottidmes> ,home-manager
<{^_^}> home-manager allows you to manage your per-user configuration similarly to NixOS' configuration.nix: https://nixos.wiki/wiki/Home_Manager
<kumikumi> okay so it's going to be a little trickier than I initially thought, fine. but if any of you guys actually have done desktop customizations as a nix configuration I'd like to see your code to learn from it
cyounkins has quit [Remote host closed the connection]
<lassulus> Take a look at homr-manager configs, I guess thats as far as it currently gets.
cyounkins has joined #nixos
<kumikumi> lassulus: alright thanks
<ottidmes> kumikumi: this is some of what I use(d) in my config: https://gist.github.com/msteen/7403d16fb4af11daf76b784aaa96aded
<infinisil> I just use lxappearance to set gtk themes
cyounkins has quit [Ping timeout: 250 seconds]
<infinisil> But only `lxappearance-gtk3` appears to work (for both gtk2 and gtk3), while the normal `lxappearance` packages doesn't even work for gtk2. See https://github.com/NixOS/nixpkgs/issues/26909#issuecomment-446432202
<jasongrossman> kumikumi: I haven't heard of much declarative desktop configuration, unless you count window managers (xmonad, stumpwm etc.) - a lot of NixOS people use those.
<jasongrossman> kumikumi: Just for example, I spent ages declaratively customising gnome3 keybindings, and then decided it was a stupid waste of time because gnome keeps changing its protocols.
<kumikumi> I am also thinking about the same thing. xfce might be a bit more stable so I thought it could maybe be doable
<jasongrossman> kumikumi: Right, very good point.
<jasongrossman> kumikumi: I expect you'll be the first doing very much on it in Nix, that's all.
<kumikumi> If I'm not mistaken, the xfce packages should come with some kind of default configuration files, so could it maybe be possible to override some of them?
<jasongrossman> kumikumi: Sounds good.
o1lo01ol1o has joined #nixos
<jasongrossman> There are one or two desktop managers that come with window managers that are designed to be entirely configured by text files. One of them is on the tip of my tongue. One of the open-somethings?
kisonecat has joined #nixos
<jasongrossman> Or basically all of the window managers that are designed to be use stand-alone, but I guess you've decided you don't want any of those.
<jasongrossman> * used
<ottidmes> openbox?
<jasongrossman> Maybe. The one I'm thinking of has XML configuration files.
<jasongrossman> Ah, so yes, openbox.
AK_ has joined #nixos
<{^_^}> [nixpkgs] @veprbl closed pull request #29977 → bitcoinarmory: build correctly from source, using *our* libs → https://git.io/vdZXj
<ottidmes> "Openbox configuration is made essentially by modifying just one file called rc.xml."
<AK_> I can't install anydesk using nix in other linux distros. I can install other packages.
<jasongrossman> And there was something or other that made me think that openbox's design is very stable. Can't remember exactly what made me think that - sorry.
<AK_> I tried nix-env anydesk nixos.anydesk
<kumikumi> Actually I have used openbox in the past and it's not bad, just takes a lot of customization to get anywhere near a "full" desktop experience
<infinisil> ,dnw AK_
<{^_^}> AK_: "Does not work" isn't very helpful: What doesn't work? What's the error?
<symphorien> AK_: try nix-env -iA nixpkgs.anydask
<symphorien> *anydesk sorry
<ldlework> RoboDuels is starting in 30 minutes. If anyone would like to play for free, sign up here, https://roboduels.com/ and tell me your username.
<ldlework> oops
<ldlework> ffff
<infinisil> :P
ashkitten has quit [Ping timeout: 240 seconds]
<AK_> ldlework: what's tha?
<ldlework> i didn't meant to past that here, i'll answer in offtopic
<ldlework> #nixos-chat if you want to know
ashkitten has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @flokli merged pull request #53824 → vscode backport: 1.30.1 -> 1.30.2 → https://git.io/fhnY5
<{^_^}> [nixpkgs] @flokli pushed 2 commits to release-18.09: https://git.io/fhnuP
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
_kwstas has joined #nixos
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
tzemanovic has joined #nixos
<AK_> error: selector 'nixpkgs.anydesk' matches no derivations
tzemanovic has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @Ma27 opened pull request #53857 → WIP pulseeffects: fix functionality for non-GNOME environments → https://git.io/fhnuS
nokomprendo has joined #nixos
nokomprendo_ has joined #nixos
tzemanovic has joined #nixos
<symphorien> AK_: can you paste the result of nix-info ?
tzemanovic has quit [Remote host closed the connection]
nokomprendo has quit [Client Quit]
nokomprendo_ has quit [Client Quit]
nokomprendo has joined #nixos
tzemanovic has joined #nixos
evanm has quit [Quit: Page closed]
tzemanovic has quit [Remote host closed the connection]
o1lo01ol1o has quit [Remote host closed the connection]
shibboleth has joined #nixos
o1lo01ol1o has joined #nixos
uaquhuliuh has quit [Quit: Leaving.]
tzemanovic has joined #nixos
tzemanovic has quit [Remote host closed the connection]
kisonecat has quit [Ping timeout: 250 seconds]
<{^_^}> [nixpkgs] @flokli merged pull request #53456 → scribus: Add an icon → https://git.io/fh3yL
<{^_^}> [nixpkgs] @flokli pushed commit from @ejpcmac to master « scribus: Add an icon (#53456) »: https://git.io/fhnuj
uaquhuliuh has joined #nixos
<AK_> I have no nix-info
<symphorien> nix-shell -p nix-info --run nix-info
Guest68112 has quit [Ping timeout: 246 seconds]
fendor has quit [Remote host closed the connection]
drakonis has quit [Ping timeout: 245 seconds]
<{^_^}> [nixpkgs] @schmittlauch opened pull request #53859 → ktouch: init at 18.12.0 → https://git.io/fhnzO
<{^_^}> [nixpkgs] @schmittlauch closed pull request #53256 → ktouch: init at 18.12.0 → https://git.io/fhmGM
<{^_^}> Channel nixpkgs-18.09-darwin advanced to https://github.com/NixOS/nixpkgs/commit/3b7c070663b (from 71 minutes ago, history: https://channels.nix.gsc.io/nixpkgs-18.09-darwin)
knupfer has quit [Ping timeout: 252 seconds]
_kwstas has quit [Quit: _kwstas]
C0rn3j has quit [Ping timeout: 256 seconds]
<pie_> so...whats the story with the "gnome3" package set
<pie_> does that provide something that makes it easier for building gnome-y stuff or what?
<pie_> i want to give packaging https://simmesimme.github.io/gnome-pie.html a shot
wpcarro has joined #nixos
<wpcarro> I'm looking for information about NixCon for 2019. Is there somewhere I can learn more about when and where it's going to take place?
freeman42y has joined #nixos
Lingjian has quit [Ping timeout: 250 seconds]
freeman42y has quit [Read error: Connection reset by peer]
freeman42y has joined #nixos
<wpcarro> I'm guessing this is the best place to track it? https://nixos.org/news.html
freeman42x has quit [Ping timeout: 252 seconds]
<pie_> wpcarro, i dont know but that seems like a good idea, given that the previous nixcon is listed on there
<pie_> ok so this guy wrote his own stuff for starting the build system...looks like hopefully it wont be too hard to work around https://github.com/Simmesimme/Gnome-Pie/blob/master/make.sh
cocoa-nut has joined #nixos
<cocoa-nut> Hi
<cocoa-nut> Is there any nix integration with cocoa pods?
<cocoa-nut> I'm referring to this project https://cocoapods.org/
<cocoa-nut> yes, I am a cocoa nut
<{^_^}> [nixpkgs] @vcunat pushed 229 commits to master: https://git.io/fhnzS
<pie_> none of the manuals seem to explain cmake related stuff so i guesssss...i just add it to buildinputs
o1lo01ol1o has quit [Remote host closed the connection]
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
<{^_^}> [nixpkgs] @vcunat merged pull request #53483 → Staging next → https://git.io/fhsqe
silver_ has quit [Quit: rakede]
<Myrl-saki> pie_: nativeBuildInputs, but yes.
<{^_^}> [nixpkgs] @marsam opened pull request #53860 → pg_topn: 2.2.0 -> 2.2.2 → https://git.io/fhnzF
npmccallum_ has joined #nixos
npmccallum has quit [Ping timeout: 268 seconds]
<cocoa-nut> does nix work well for building cocoa apps?
ng0 has joined #nixos
mounty has joined #nixos
<pie_> one more question. how can i get msgfmt in my nix-shell while trying to manually build the app so i can figure out what i need
<pie_> right now im using nix-shell -E "with import <nixpkgs> {}; callPackage ./default.nix {}"
<symphorien> The dirty solution is launch this nix-shell inside nix-shell -p msgfmt