troydm has quit [Quit: What is Hope? That all of your wishes and all of your dreams come true? To turn back time because things were not supposed to happen like that (C) Rau Le Creuset]
troydm has joined #nixos
<{^_^}>
[nixpkgs] @furrycatherder opened pull request #54906 → epson-escpr2: init at 1.0.29 → https://git.io/fh1u7
<CMCDragonkai>
Hey if a Python package uses `pkg_resources` to refer to the `package_data` files, does that mean the Nix expression needs to state that `setuptools` is in the `propagatedBuildInputs`?
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fh1ai
<CMCDragonkai>
Because I tried it without specifying `setuptools` in `propagatedBuildInputs`, and it still worked.
<CMCDragonkai>
Could be that one of the dependencies also propagated it already.
hakujin1 is now known as hakujin
<noonien>
is there a way of listing all installed packages, and the feeds they're from?
maximili_ has quit [Remote host closed the connection]
jluttine has joined #nixos
nDuff has joined #nixos
<nDuff>
I recall there existing an option to control how long Nix's various impure fetchers cache content (ie. fetchGit without an explicit rev), but am having trouble finding docs for it. Where should I be looking?
<clever>
nDuff: nix show-config | grep ttl
<nDuff>
ahh!
<clever>
that command will parse nix.conf, and show the result of merging defaults with config
<clever>
and optionally, follow up by searching for those keys on the docs
<nDuff>
*nod*. What I was looking for is tarball-ttl; despite the name, works for fetchGit.
<nDuff>
thank you!
kvda has joined #nixos
<clever>
nDuff: behind the scenes, it uses ~/.cache/nix/tarballs/ for the cache
<Lisanna>
the only real solution I have to pin nixpkgs for my hydra channel then is to make nixpkgs a submodule of my channel's repo... but that causes eval times to take forever
<Lisanna>
since the submodule checkout isn't cached at all
hedning has joined #nixos
ensyde has joined #nixos
drakonis has quit [Quit: WeeChat 2.3]
q6AA4FD has quit [Read error: Connection reset by peer]
<clever>
petersjt014: the nat does the bulk of the work, and the dhcp/bind config automate configuring the devices on the ethernet side
<petersjt014>
huh. alrighty then. I take it I'm setting that on the wireless one?
<clever>
petersjt014: in this module, i define my own options for the wan card (your wifi) and lan card (your ethernet)
<{^_^}>
[nixpkgs] @pbogdan opened pull request #54916 → emacs: link libXcursor when using lucid toolkit → https://git.io/fh16X
pie__ has quit [Ping timeout: 240 seconds]
<clever>
petersjt014: so you could simply do imports = [ ./netboot_server.nix ]; and then set netboot_server.network = { wan = "wlpsomething"; lan = "eth0"; };
<teto>
I just went thourgh the log quickly and noticed the user phizzz complaining about how hard it is to compile ns-3 but it's already packaged... you can refer him to me if he logs in again
petersjt014 has quit [Ping timeout: 244 seconds]
endformationage has quit [Quit: WeeChat 2.3]
hc1^ has quit []
o1lo01ol1o has joined #nixos
MrCoffee has quit [Quit: Lost terminal]
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
o1lo01ol1o has quit [Ping timeout: 272 seconds]
vk3wtf has quit [Ping timeout: 252 seconds]
doyougnu has quit [Ping timeout: 246 seconds]
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
revtintin has quit [Quit: WeeChat 2.3]
kvda has joined #nixos
jasongrossman has joined #nixos
Vanessa229 has joined #nixos
<Vanessa229>
Register and looking for me and maybe we will be sex partner ---> http://gg.gg/d0al3
Vanessa229 has quit [Client Quit]
<otwieracz>
Is there any support for (local) lxd in nixops?
<otwieracz>
I've got nixos machine and wanted nixops containers with network LAN-bridged network.
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Ping timeout: 268 seconds]
slyfox_ has joined #nixos
slyfox has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @peterhoeg opened pull request #54917 → vmware: move from servers to virtualisation where it belongs → https://git.io/fh1X9
halfbit has quit [Ping timeout: 268 seconds]
kvda has joined #nixos
_kwstas has joined #nixos
palo1 has joined #nixos
_kwstas has quit [Remote host closed the connection]
Edes has joined #nixos
<Edes>
Hi, I'm trying to make a package which clones a github repo and then does npm install
<Edes>
but I keep getting a weird error
Havvy has quit [Read error: Connection reset by peer]
<Edes>
the package builds if I clone it by hand and then run `nix-shell --pure -p nodejs` and then `npm install`
<elvishjerricco>
Edes: On NixOS at least, Nix's sandboxing feature is turned on. This means derivations aren't allowed to use the network unless they state what the sha256 of their output will be ahead of time. If they don't honor that hash, Nix fails the build. Here, you're seeing npm fail because of lack of networking
<elvishjerricco>
Edes: NPM is really hard to make work deterministically
<Edes>
so I would use node2nix instead of npm install?
<Edes>
or like as a base for it I guess
Ariakenom has joined #nixos
<teto>
I am trying to bump LanguageClient-neovim since the release from 1h ago supports neovim virttext (cool) but Iget "error: no matching package named `crossbeam-channel` found". I don't know the rust ecosystem so not sure how to fix this
iqubic has joined #nixos
<elvishjerricco>
IIRC, you can just do `node2nix` instead of `npm install`, and then `nix-build -A package` to build it
<elvishjerricco>
yarn2nix might be better though; I've not used it, but I've had some quirks with node2nix
<Edes>
I saw more yarn2nix packages on nixpkgs
<Edes>
so I'll try that, thanks
<bpye>
If I have a NixOS machine stalling in startup how can I see why?
<bpye>
Specifically, the last message I see is "Starting ZFS file system shares."
<bpye>
I haven't booted this box in a few months but now it just seems to get stuck
<clever>
bpye: and if you try to do rollbacks via grub?
<bpye>
I can try that but this config should be working - it certainly did the last time I was running this machine...
<bpye>
I don't even see it obtaining a DHCP lease...
<clever>
bpye: is the ethernet cord maybe damaged?
<bpye>
It's new - I see the link lights and some activity going on
<clever>
bpye: try adding the word `single` to the kernel params in grub?
<bpye>
Yeah that got me to a rescue shell
<clever>
bpye: anything interesting in `journalctl -b -1` ?
<bpye>
Buuut I don't think I have a root password set, I use SSH and sudo...
<bpye>
If I do have one I don't remember it :(
<clever>
bpye: you can also change it to init=/bin/sh (and tell it to continue when it claims it doesnt exist)
<clever>
that will drop you into a root shell without asking for a pw
<clever>
then you can use /nix/var/nix/profiles/system/sw/bin/passwd to fix the pw
<clever>
that will show everything installed into it, then you can change `-q` to `-e <name>` to uninstall things like normal
<clever>
nix-channel is just a helper that wraps that nix-env profile
<typetetris>
ok
<typetetris>
That worked
<{^_^}>
[cabal2nix] @qrilka opened pull request #403 → Add option for disabling hpack completely → https://git.io/fh1D2
jasongrossman has joined #nixos
<teto>
I am trying to fetch via ssh a repo with ` src = builtins.fetchGit { url = "ssh://git@github.com/teto/myrepo.git"; }`. during the sudo nixos-rebuild, I get git@github.com: Permission denied (publickey) I suppose because the command being run with sudo, fetchGit can't access my user key. What's the most elegant way to work around that ? According to https://github.com/NixOS/nixpkgs/issues/4004, I would need to
<teto>
add extra paths to the sandbox and export an ssh-config-file, is that the goto option ?
<{^_^}>
#4004 (by domenkozar, 4 years ago, closed): fetchgit: support specifying location of public keys for ssh transport
<{^_^}>
[nixpkgs] @vdemeester opened pull request #54925 → Add a programs.podman module → https://git.io/fh1bS
<{^_^}>
[nixpkgs] @elohmeier opened pull request #54926 → pythonPackages.django-sesame: init at 1.4 → https://git.io/fh1Nv
ubert has joined #nixos
knupfer has joined #nixos
<typetetris>
sphalerite: Thank you very much.
__monty__ has joined #nixos
<{^_^}>
[nixpkgs] @andir pushed 17 commits to release-18.09: https://git.io/fh1Ni
o1lo01ol1o has joined #nixos
rprije has joined #nixos
<kenogo>
Hey! So I know I can use patchelf to patch the libraries a binary uses, but is there a tool to patch arbitrary paths to something I want them to be?
<symphorien>
can you expand ?
<kenogo>
The printer driver I'm packaging is looking for files under "/opt/brother/..." and I need to patch it to "$out/opt/brother"
<sphalerite>
nope you can't do that usually
<clever>
kenogo: libredirect
<symphorien>
use libredirect
<sphalerite>
oh ok lol
<symphorien>
there are examples in nixpkgs
<kenogo>
Thanks I'll look into that!
o1lo01ol1o has quit [Ping timeout: 268 seconds]
simukis has joined #nixos
rprije has quit [Ping timeout: 250 seconds]
Acou_Bass has quit [Ping timeout: 245 seconds]
vk3wtf has joined #nixos
<kenogo>
Thanks a lot guys! I've had a rough night trying to get this printer to work and almost gave up. This turned out to have been the last hurdle, it works now :))
Acou_Bass has joined #nixos
<{^_^}>
[nixpkgs] @andir pushed to release-18.09 « gitAndTools.grv: use buildGoPackage instead of buildGo19Package »: https://git.io/fh1xB
maximiliantagher has joined #nixos
<ekleog>
Has anyone built a rustc with wasm32-unknown-unknown without the mozilla overlay here?
<ekleog>
(I need to add a patch, so to build from source)
Ariakenom has quit [Ping timeout: 272 seconds]
orivej has joined #nixos
Mateon2 has joined #nixos
maximiliantagher has quit [Ping timeout: 250 seconds]
Mateon1 has quit [Ping timeout: 246 seconds]
Mateon2 is now known as Mateon1
fendor has joined #nixos
MtP has joined #nixos
MtP has quit [Client Quit]
<WilliamHamilton[>
when I run a ./configure command I get "configure: error: cannot find install-sh, install.sh, or shtool in "." "./.." "./../.."`. How can I locate where the shtool is in nixpkgs (nix locate works only on local packages)?
<WilliamHamilton[>
:l shtool
<WilliamHamilton[>
:d shtool
<WilliamHamilton[>
:locate shtool
hakujin has joined #nixos
<WilliamHamilton[>
I remember that there was a shortcut here on the irc channel to do that, but I don't remember which one
<{^_^}>
Found in packages: php, php71, php73, php-unit, php-embed, php71-unit, php73-unit, php71-embed, php73-embed
* goibhniu
lucky guess \o/
<goibhniu>
but probably not the shtool you're looking for
schjetne has quit [Ping timeout: 244 seconds]
<eeva>
Do you guys deploy nix packages to non-nixos machines? If so do you do everything by hand (like symlinking some config, and starting/stopping services) or do you use some tooling I don't yet know of?
<goibhniu>
eeva: disnix might be good for that
<goibhniu>
I don't know about deploying nixos services to non-nixos machines though
<typetetris>
hmm, used hoogleLocal with hakyll and now my nix is compiling stuff from scratch .. a bit strange isn't it?
CcxWrk has quit [Ping timeout: 244 seconds]
<WilliamHamilton[>
thanks goibhniu , that's unfortunately not the same shtool
mtesseract has joined #nixos
<eeva>
goibhniu: I'll ask/check on discourse
CcxWrk has joined #nixos
<WilliamHamilton[>
,locate aclocal
<symphorien>
WilliamHamilton[: for autoconf, usually autoreconfHook is enough
<symphorien>
starting with "with import <nixpkgs> {};" ?
<noonien>
i want to create a list of packages available from each channel, so i can compare to packages i've got installed, to check what packages come from where
<symphorien>
you can use "let lib = import <nixpkgs/lib>; in" in most contexts
o1lo01ol1o has quit [Remote host closed the connection]
<symphorien>
if nixpkgs is in scope, `lib` is enough
o1lo01ol1o has joined #nixos
alex`` has joined #nixos
Makaveli7 has quit [Quit: Leaving]
schjetne has joined #nixos
<symphorien>
if nixpkgs is called pkgs. then pkgs.lib should work
<srhb>
MisterOutofTime: I don't think dockerGen is actually exposed via the pkgs set anywhere. I think you'd be better off overriding the docker package itself using overrideAttrs
<srhb>
But if you're touching every component, perhaps you could just get a different nixpkgs version for that package.
<MisterOutofTime>
how?
<srhb>
Or even import the dockerGen definition manually..
<srhb>
Overriding docker itself will be something like docker = pkgs.docker.overrideAttrs (oldAttrs: { src = ... old source; })
<srhb>
To a first approximation
q6AA4FD has joined #nixos
fendor has quit [Ping timeout: 250 seconds]
<MisterOutofTime>
so i would "just" override the containerdSha256 etc attributes?
<MisterOutofTime>
srhb: so if thats not an option, how do i specify the sources of docker-runc docker-containerd etc
<srhb>
noonien: For instance, in the expression `foo = x: x` I'd call x a variable.
<srhb>
MisterOutofTime: Yeah, it doesn't look trivial, they're also within that single file
<srhb>
MisterOutofTime: It's probably easiest to duplicate that entirely.
timor has joined #nixos
<srhb>
The file, I mean.
<srhb>
And call it like it's called from all-packages.nix
<MisterOutofTime>
urgh
<srhb>
Better yet, PR making it accessible :)
<Twey>
noonien: Variables are bound by a) functions and b) rec sets
<MisterOutofTime>
jsut wanna use a supported docker version :/
<Twey>
(let expressions are sugar for b)
<srhb>
MisterOutofTime: What do you mean "supported" ?
<MisterOutofTime>
well most tools are still using docker 18.06
<timor>
I am currently trying to copy a large directory structure to the store manually, along the lines of https://nixos.wiki/wiki/Cheatsheet#Adding_files_to_the_store. The described method only works for files, not for directories. What is the correct set of options to ensure that the correct store path name is generated in that case?
<{^_^}>
[nixpkgs] @Profpatsch pushed commit from @NinjaTrappeur to master « bazel: 0.21.0 -> 0.22.0 »: https://git.io/fhMq5
<noonien>
i'm curious, is using cached binaries secure? if so, what provides this security?
<simpson>
noonien: Which security property do you want, and what's your threat model?
<pbb>
Hi, is it possible to set a static address on all available interfaces, without knowing the names of the available interfaces on boot?
<simpson>
noonien: Binaries from the NixOS cache are signed with a key, and by default your NixOS installation will verify that signature, IIUC.
erictapen has quit [Ping timeout: 240 seconds]
<gchristensen>
you have to trust who is providing the cache
<noonien>
i'm asking out of curiosity, there is no threat model. from what i can tell, i can only trust the cached binaries as much as i can trust the NixOS devs, which is fine, since this is common practice wit other distros that provide already-built binaries.
<srhb>
noonien: Pretty much, yes.
<gchristensen>
you don't have to trust nixos devs to trust the cache's binaries
<gchristensen>
almost no nixos maintainers have the ability to publish binaries they built
<noonien>
ah, sure, i meant the default cache, i'm guessing that's also maintained by the nixos devs
<qyliss^work>
Most people with commit access to nixpkgs don't have access to the cache
<srhb>
Frankly, it's probably easier to get something malicious into the cache by just committing it, rather than trying to tamper with the cache.
<gchristensen>
there are only a very small number of people who have any access to the build infrastructure, nixos package maintainers don't build and publishbinaries
MisterOutofTime has quit [Ping timeout: 256 seconds]
<noonien>
cool. i was asking because there might have been some extra security i might not have been aware of.
<gchristensen>
the only part the package maintainers have control over is the expression commited to nixpkgs, as srhb suggests
<gchristensen>
well, this _is_ extra security over what many distros provide
<noonien>
for example, build systems such as bazel provide reproducible builds, and from what i can tell, it works similarely to nix
<srhb>
noonien: In some ways, yes.
<srhb>
Though nix really isn't a build system per se..
<gchristensen>
Its Complicated
<srhb>
Then again, it isn't really _anything_ other than Nix.
<gchristensen>
many of nix's packages are reproducible
<noonien>
yup, i understand, i'm also not naive enough to think that all package builds are reproducible, just wondering if that was the case.
<gchristensen>
not all builds are reproducible -- even with bazel :)
<srhb>
noonien: I was surprised to find recently than somewhere upwards of 90% of debians packages are in fact reproducible bit for bit.
<srhb>
Which is way better than I had thought.
<noonien>
if it was, then the cache servers could have probably been verified periodically
jethron has quit [Remote host closed the connection]
jethron has joined #nixos
<qyliss^work>
Even with reproducible builds you have to trust the cache
<gchristensen>
noonien: you can verify the packages reproducibility right with Nix, if you'd like! though a hash mismatch doesn't (necessarily) mean the cache is compromised -- it could just be unreproducible
timor has quit [Remote host closed the connection]
timor has joined #nixos
<WilliamHamilton[>
how can I debug a .nix derivation I'm writing when I have only the error message `builder for '/nix/store/zv3mdvgvdb3gqls81q40bk6yxy59sq82-linuxband-master.drv' failed with exit code 1`?
ub has quit [Ping timeout: 240 seconds]
ubert has joined #nixos
<WilliamHamilton[>
I remember there is a way to do the separate phases of the build in a shell
<sphalerite>
I do seem to recall a github issue about it though
<arianvp>
and then it downloads from cache.nixos.org anyway \o/
<arianvp>
where does the error come from? I have it since recent update
<sphalerite>
joepie91: oh, it was actually there at one point
<WilliamHamilton[>
how could I see the output of `./configure` in the configure phase when doing nix-build?
erictapen has quit [Ping timeout: 272 seconds]
<joepie91>
sphalerite: right, I'm mostly asking about the non-greppable status :) are there any people known to be working on it, is there any known reason why it is not packaged, etc.
<sphalerite>
joepie91: yeah looks like it was there, broke due to lack of maintenance, was marked as broken and eventually removed
<{^_^}>
[nixpkgs] @teto opened pull request #54942 → lua: use lua environments for neovim/mpv → https://git.io/fhM3I
<hodapp>
does anyone do any sort of C++ dev in Emacs on NixOS? I am running into Irony and rtags seemingly both being basically broken out of the box
<noonien>
is there no `nix-env -q` for system packages installed in nixos?
<infinisil>
noonien: There is somewhat
mkoenig has quit [Ping timeout: 240 seconds]
abaiste^ has quit []
<noonien>
i tried nix-store -q --references /run/current-system/sw, however, it seems to return some derivations which are not in any channels
<infinisil>
noonien: nix-instantiate '<nixpkgs/nixos>' --eval --strict -A config.environment.systemPackages
<noonien>
most of them seem to have suffixes like -man, -info, etc
<noonien>
oh, i'll give that a try
mkoenig has joined #nixos
<infinisil>
Oh, maybe you wanna map this over the name, this will probably be lots of output
<symphorien>
Or nixos-option environment.systemPackages maybe ?
<etu>
hodapp: I know that talyz does some c++ in emacs on nixos. Not sure what/how he does his completions etc. But he showed it off at our local emacs meetup some months ago :)
<symphorien>
noonien: but I suspect you want do to something impossible. Can you explain your final goal ?
nikivi has joined #nixos
<noonien>
i want to check what channel system packages come from, i've got this so far: http://vpaste.net/wesFt
rauno has joined #nixos
<hyper_ch2>
finally I fixed my .rtf problem :)
<noonien>
quite a hacky solution, i wanted to check how many packages come from unstable, and this was enough
arianvp has quit [Quit: WeeChat 2.2]
<noonien>
even though this doesn't really compute where packages "come from", but instead just "available from"
<noonien>
considering it factors versions as well, its pretty close for a quick check
arianvp has joined #nixos
<symphorien>
How come you don't know this just by reading your configuration.nix ?
<noonien>
i'm new to nix, and don't understand all its intricacies yet
<noonien>
i was fairly sure, just wanted to check
<symphorien>
That's quite a lot of work "just to check"
<noonien>
some parts of nix are still pretty magic to me, and i don't like second guessing if i can just check
<noonien>
i added just a dependency from unstable, and on the next rebuild, quite a few packages/derivations were installed, it was possibly do a update as well
<noonien>
btw, what's the correct teminology of an installed application? a package, or a derivation?
<symphorien>
Depends on what you mean by install, mostly
<devalot>
When using `nix-store --serve', does the --write option require root access or does it go through the daemon like normal?
<{^_^}>
[nixpkgs] @andir opened pull request #54944 → [18.09] dockerTools: unpin go version → https://git.io/fhMsd
<infinisil>
noonien: If you mean something that's in /nix/store, the correct term would be "a realized derivation"
<noonien>
i see. what is a "package", then?
<noonien>
since channels seem to contain packages
<qyliss>
Doesn’t really have a fixed definition
<infinisil>
noonien: There aren't any packages really, there's only derivations
<noonien>
i see, that makes more sense
rauno has quit [Remote host closed the connection]
<noonien>
the "package" terminology seems to be used in several places, i'm guessing this is either legacy, or to make it easier for people coming from other package managers
<symphorien>
probably the latter
<{^_^}>
[nixpkgs] @andir pushed 2 commits to release-18.09: https://git.io/fhMGc
<infinisil>
noonien: Regarding adding a dependency from unstable and gettin lots of stuff to download: Every nix derivation tells exactly what other derivations (with a hash and such) it needs to work. Because pretty much every derivation somehow transitively depends on stdenv/gcc, and those often change, they'll end up producing a whole nother dependency tree of derivations
<WilliamHamilton[>
in a nix derivation I have a custom patchPhase, but if I enter a `nix-shell -E` to do the derivation step by step, `patchPhase` doesn't do the command, while `genericBuild` does. How so?
<infinisil>
noonien: This means only very little of the derivations between stable and unstable can generally be shared, causing all the downloads
Guest47926 has joined #nixos
<Guest47926>
hi
Guest47926 has quit [Client Quit]
<symphorien>
WilliamHamilton[: try variations of $patchPhase and eval $patchPhase
o1lo01ol1o has quit [Remote host closed the connection]
hakujin has joined #nixos
schjetne has joined #nixos
<WilliamHamilton[>
symphorien: $patchPhase gives me `sed: -e expression #1, char 1: unknown command: `''` because the first command in my patchPhase is sed. `eval $patchPhase` gives a similar error
<infinisil>
noonien: Or actually maybe not stdenv/gcc in this case (because you don't need to compile them yourself, they're from the cache), but glibc and openssl and such instead, basic runtime dependencies used by almost every derivation
<Twey>
simpson, noonien: For me a ‘package’ is the build result of a derivation
reinhardt has quit [Quit: Leaving]
<symphorien>
WilliamHamilton[: sorry I don't remember better. The gist is: default phases are bash functions whereas overridden phases are bash strings
<symphorien>
so there is a trick to execute them
<WilliamHamilton[>
symphorien: wait but `"$patchPhase"` worked
<WilliamHamilton[>
so it was a problem of quotation. But what is patchPhase then?
<WilliamHamilton[>
oooh I see
<WilliamHamilton[>
so when I overwrite the phases I always want to use the variables
<WilliamHamilton[>
thanks
<mightybyte>
Is it possible to evaluate a nix expression and create files outside the nix store?
iqubic` has left #nixos ["ERC (IRC client for Emacs 26.1)"]
<symphorien>
by disabling the sandbox, probably
<infinisil>
WilliamHamilton[: I think `runPhase pathPhase` is there to abstract this
<{^_^}>
rfcs#32 (by dezgeg, 21 weeks ago, closed): [RFC 0032] Phase running changes for better nix-shell use
ubert has quit [Remote host closed the connection]
ubert has joined #nixos
orivej has quit [Ping timeout: 246 seconds]
<mightybyte>
timor: I'm wanting to do it not with NixOS, but with Nix on any system.
<WilliamHamilton[>
what's the difference between $out and $prefix as mkDerivation enviroment variables?
<infinisil>
LnL: I guess that is a slight improvement
o1lo01ol1o has joined #nixos
jabranham has joined #nixos
<timor>
mightybyte: Are you familar with nix-build --out-link? In the most general case you might want to wrap a call to nix-build in a shell script, and copy the parts you need after building, I suppose...
<noonien>
hmm, how can someone contribute to nixos?
<noonien>
i see there are donations, apart from that, can i contribute, for example, CPU cycles? perhaps for building packages?
EffSquared has joined #nixos
<infinisil>
The best contributions right now are reviewing PR's (once you're comfortable with it)
<noonien>
sadly, i can't contribute like that just yet, don't got much time available.
<simpson>
Don't feel forced to contribute.
<infinisil>
I'm myself unsure where donations go, but it could be that they also go towards the cost for the build servers, gchristensen probably knows
<noonien>
I'm not, just that nix seems to be one of the best project i've discovered in a while, it seems to be able to solve a lot of problems for me, so i'd like to give back if i can
<{^_^}>
[cabal2nix] @peti pushed to revert-402-quote-src « Revert "Put file src attribute in quotes to allow more paths" »: https://git.io/fhMlj
<gchristensen>
donations go to the general nixos foundation fund, which are typically spent on replacement hardware or services (though most services are graciously provided)
<{^_^}>
[cabal2nix] @peti opened pull request #404 → Revert "Put file src attribute in quotes to allow more paths" → https://git.io/fhM8T
<infinisil>
noonien: Awesome, nice to hear :D
<gchristensen>
there isn't a lot of spending going on. I think there is some effort to keep it for a rainy day should one of our services stop being provided
<infinisil>
This might sound a bit selfish, but I thought about opening a patreon for me working on nixpkgs, reviewing/testing PR's and other things that are needed
linkrage has joined #nixos
chessai has joined #nixos
<noonien>
I've seen projects like neovim, that have bounties for solving issues, AFAIR. That doesn't sound like a bad model
<infinisil>
Yeah that's something I thought of too
<EffSquared>
I am in the process to package scikit-build for python, and it seems to build and test just fine with python2 but when it comes to python3, the tests starts failing because it is unable to find Python.h.
<EffSquared>
I was able to trace it back to scikit-build believing it can be found in /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-python3-3.7.2/include/python3.7m
<pbb>
Is it possible to build a 32-bit x86 nixos iso on a 64-bit x64 nixos system?
<EffSquared>
Where does this hash come from?
<EffSquared>
@pbb Yes.
<pbb>
what option would I have to set?
<timor>
WilliamHamilton[: $out is where the builder needs to put the resulting files. $prefix is something that the default configurePhase sets to $out to make sure that a configure/make-style package places its output exactly there when running make install in the default installPhase
<WilliamHamilton[>
timor: so if I want to follow the build in nix-shell -E I have to set both $prefix and $out to the same local directory in which I can write, right?
<pbb>
I don't actually have to cross-compile anything, since everything I want to add is some custom configuration, so it should be able to download everything from the cache.
<infinisil>
noonien: Not sure if that's a good thing.. "How are funds distributed across the team members? This is up to the team to decide."
<noonien>
yes, i was under the impression that anyone can collect "bounties", either that is an option in salt, or perhaps there was another service that provided that
<timor>
WilliamHamilton[: You mean executing the steps manually? Yes at least $out you have to set. For $prefix, I don't know when it is set to $out. But if it has been, you probably also need to change that.
o1lo01ol1o has quit [Remote host closed the connection]
weechat has joined #nixos
o1lo01ol1o has joined #nixos
<pbb>
in theory I could just set `nixpkgs.system = "i686-linux"` ?
<infinisil>
noonien: Also, patreon only charges 5%, whereas salt seems to charge 10%
<WilliamHamilton[>
timor: thanks!
<gchristensen>
infinisil: patreon's averages to about 10%. they all do
<gchristensen>
"all"
<WilliamHamilton[>
what does the string `prefix = @prefix@` in a `Makefile.in` means? How can I substitute that with my $out?
<noonien>
well, apart from the donation page, which not much people seem to be using, there doesn't seem to be another way to contribute money
werner_ has quit [Quit: Leaving]
<noonien>
10% of something, doesn't seem that much of an issue when comparing to 100% of nothing
<infinisil>
gchristensen: averages? What does that mean
tv has quit [Ping timeout: 250 seconds]
<gchristensen>
iirc there are two fees patreon charges, one is static at 5% and the other is variable
<ekleog>
Has anyone here compiled wasm32-unknown-unknown on NixOS without the mozilla overlay?
<ghostyy>
uh
<ghostyy>
in my nix installation i have / owned by my user account
<EffSquared>
pbb: Reading up on this shortly confused me even more. :-D
<gchristensen>
yikes
<ghostyy>
did i somehow do this by accident or is this a typical nix behavior
<gchristensen>
that is not normal, ghostyy
<ghostyy>
i can't even imagine how i could have done this
<ghostyy>
all the folders are owned by root
<gchristensen>
can you paste the output of `ls -la /` ?
<symphorien>
ghostyy: are you using nix-user-chroot ?
<tollb>
Hi. I filed a pull request (54909) yesterday and need to update it with a bug fix. It was also requested that I move it to staging. I want to confirm how to do this. Do I fix, squash commit, and rebase to staging?
<ghostyy>
nope
<{^_^}>
[nixpkgs] @teto opened pull request #54948 → LanguageCLient-neovim: virttext support → https://git.io/fhMRD
<EffSquared>
pbb: A lot of the cross compiling has changed in 2018 and I am not up to date.
<pbb>
okay.. I will just try my luck with stuff.. o.o
<tollb>
ghristenson: Thanks. Do I need to do anything with the previous commit pushed to master? Do I need to notify anyone who is already looking at the pull request?
<linkrage>
Anyone using cri-o on NixOS by any chance?
<gchristensen>
ghostyy: there are a bunch of dirs there that I wouldn't expect. are they intentional? cfg, hydrus, src, srv.
<EffSquared>
symphorien: So that means I will have to recompile python3 to allow skbuild to find its headers?
<gchristensen>
tollb: no, just do your squash and rebase
<{^_^}>
[cabal2nix] @peti merged pull request #404 → Revert "Put file src attribute in quotes to allow more paths" → https://git.io/fhM8T
<ghostyy>
gchristensen, yes all of those i was expecting
<ghostyy>
some are the result of accidentally forgetting to set zfs mountpoints
<gchristensen>
ghostyy: well, I'd just chown root:root / and call it done, then ... :)
<{^_^}>
[cabal2nix] @peti pushed to master « Bump version number for upcoming release. »: https://git.io/fhM0c
<{^_^}>
[cabal2nix] @peti pushed 0 commits to refs/tags/v2.14.1: https://git.io/fhM0W
<ghostyy>
yeah, it seems so - it's just weird that i have no memory of chowning /
<EffSquared>
pbb: Awesome, glad it got easier. Also nix is pretty expressive, so just because I found a working solution, does not mean it was correct or sane.
<ghostyy>
maybe it's an artifact from when i installed nix
<symphorien>
EffSquared: either that or skbuild is well behaved and can be told to use a different path at runtime
<EffSquared>
ghostyy: chowning /mnt during install maybe?
<ghostyy>
ahhh that might have been it
<Synthetica>
Is there some caveat in accessing one set of overrides from another?
<timor>
WilliamHamilton[: are you trying to build an autotools-based package?
<WilliamHamilton[>
timor: indeed, I am
<WilliamHamilton[>
is there some special facility for that?
chessai has quit [Read error: Connection reset by peer]
chessai has joined #nixos
<symphorien>
it should be automatic
<tollb>
gchristensen: Thanks for your help.
<symphorien>
--prefix=$out is passed to ./configure by default
<symphorien>
are you overriding the default configurePhase ?
mtesseract has joined #nixos
<gchristensen>
tollb: thank you for the PR testing a new ofborg feature ;)
<WilliamHamilton[>
symphorien: I am overriding the default configurePhase, but let me see if I can do without
<WilliamHamilton[>
no, it seems that I cannot, because there is a custom script beforehand
<tollb>
gchristensen: Your ofborg bot is really cool. What's the new feature?
<WilliamHamilton[>
maybe I can call this custom script in a pre-configure hook
<WilliamHamilton[>
timor: adding `autoreconfHook` to buildinputs leads me to the initial error, `configure: error: cannot find install-sh, install.sh, or shtool in "." "./.." "./../.."`, which I avoid with the script
<EffSquared>
symphorien: If I run 'import sysconfig; print(sysconfig.get_config_var("INCLUDEPY"))' for python3 from the unstable channel I get a correct path.
<apaul1729>
when i was building a package for something that had autogen.sh and configure
<EffSquared>
symphorien: On the latest master, that is no longer the case.
fusion809 has joined #nixos
<WilliamHamilton[>
apaul1729: that seems the thing to do! let me see how I can add custom preConfigure phases
<EffSquared>
symphorien: git bisect it is...
<symphorien>
WilliamHamilton[: or just add autoreconfHook to your nativeBuildInputs
<symphorien>
it will do this automatically
<WilliamHamilton[>
symphorien: I'll repost the message before, see:
<WilliamHamilton[>
adding autoreconfHook to buildinputs leads me to the initial error, configure: error: cannot find install-sh, install.sh, or shtool in "." "./.." "./../..", which I avoid with the script
<WilliamHamilton[>
and I suspect some flags there, like `--add-missing`, solve the missing install.sh problem
<WilliamHamilton[>
timor: I don't think I'm using `substituteAll` correctly. Can I write `substituteAll Makefile.in Makefile.in` in my patchPhase and expect `@prefix@` to be substituted with $prefix?
<goibhniu>
infinisil you might consider liberapay too
alex has joined #nixos
<tollb>
gchristensen: Thanks again. I still have a lot to learn.
<timor>
WilliamHamilton[: Do you have a copy of the nixpkgs lying around? Check pkgs/tools/system/logrotate/default.nix
<timor>
WilliamHamilton[: also check substituteAllInPlace. And yes, this automagically should replace all @..@ constructs, if the corresponding environment variables are set
<timor>
WilliamHamilton[: yes
<infinisil>
goibhniu: Neat. I'm still tending toward patreon though, it's the most common right now (I personally donate to like 10 people on patreon), I also like the idea of providing benefits to donators
<timor>
WilliamHamilton[: link goes to wrong file though
<timor>
WilliamHamilton[: yes. Don't forget the hook in the nativeBuildInputs though, otherwise that phase is meaningless
<WilliamHamilton[>
autoreconfPhase
<WilliamHamilton[>
builder for '/nix/store/1i5fmmxsk7r2zcdrql72y3pjyx5c83bp-linuxband-master.drv' failed with exit code 1
<goibhniu>
infinisil cool, you could also set up an account on a few of these platforms, to suit whatever people are comfortable with
<WilliamHamilton[>
yes I added that to the nativeBuildInputs, but the build fails. Let me try to step through it
Ariakenom has quit [Ping timeout: 244 seconds]
<{^_^}>
[nixpkgs] @edef1c opened pull request #54950 → go_1_12: init at 1.12beta2 → https://git.io/fhMzW
<yl[m]>
is there a way to use binary cache from an external drive? Say I copy my entire store on an external drive to help me setup a new computer without internet connection?
<timor>
WilliamHamilton[: There is already a derivation for a package called linuxband in nixpkgs. Different Package?
<WilliamHamilton[>
timor: it's the same package, but that derivation is too old, and I'm writing the new one
<WilliamHamilton[>
that version has a bug
mtesseract has quit [Ping timeout: 244 seconds]
<WilliamHamilton[>
timor: now, the autoreconf stuff does in fact solve that problem, but my build still fails and I cannot follow it because all seems to go well till the install phase, in which I don't have permissions to write to /nix/store in the nix-shell -E
<Synthetica>
How do I solve recursion in packageOverrides?
dermetfan has joined #nixos
<infinisil>
Synthetica: Gotta be a bit more specific than that
<timor>
WilliamHamilton[: if you export out and prefix to a writable location, like you already described, you should be able to successfully runn installPhase
<WilliamHamilton[>
I try to build it with nix-build --no-out-link -E 'with import <nixpkgs> {} ; callPackage ./linuxband.nix {}'
<Synthetica>
infinisil: I have multiple files that define nixpkgs.config.packageOverrides
<Synthetica>
One uses an override from another, but it complains about infite recursion when I actually use it
<WilliamHamilton[>
timor: I already built the package successfully locally, by substituting the path to a writable location manually, but I don't understand why it doesn't work in the general case
<infinisil>
Synthetica: I think using overlays as a start would be good
<infinisil>
Those handle this stuff much better
Aerobit has joined #nixos
<timor>
WilliamHamilton[: What is the general case?
<WilliamHamilton[>
timor: building it in the /nix/store via nix-build -E 'with import <nixpkgs> {} ; callPackage ./linuxband.nix {}'
<Aerobit>
hey all - how can I make my derivation install a dependancy? It depends on the `usbmuxd` daemon working, so i want it to auto-install `usbmuxd` and have the service registered through systemd.
<Aerobit>
if I just put it in `buildInputs` it doesn't make `usbmuxd` available on my PATH or in my services
<infinisil>
Aerobit: There's an usbmuxd nixos service you can just enable
<Aerobit>
infinisil: can I make my derivation enable that service?
<timor>
WilliamHamilton[: also, you can use substituteInplace instead of sed. It is also better if you put that into prePatch or postPatch
<Aerobit>
so if you enable my derivation it'll enable the service
<Aerobit>
aw
<infinisil>
Aerobit: Think of it the other way around: NixOS services can install derivations
<Aerobit>
what's the right solution here, then? Because the derivation is completely useless unless you have `usbmuxd` installed and running
<Aerobit>
How can I provide that information to people who would be installing the derivation
<Synthetica>
infinisil: I'll look into overrides
<infinisil>
Aerobit: Then you can write a NixOS module that enables usbmuxd and installs the derivation
<WilliamHamilton[>
timor: I'll correct that, in the meantime, do you have any other suggestion on how to debug why that expression doesn't build?
<Aerobit>
cool! thanks
xorkle has joined #nixos
jasongrossman has quit [Ping timeout: 246 seconds]
<timor>
WilliamHamilton[: add --keep-failed to the nix-build call, and inspect the directory that it returns
dermetfan has quit [Ping timeout: 268 seconds]
xorkle has quit [Client Quit]
<{^_^}>
[nixpkgs] @alexfmpe opened pull request #54951 → Fix typos in docker tools docs → https://git.io/fhM23
<WilliamHamilton[>
timor: given that the Makefile doesn't exist in the failed directory, I'd say that this failed during the configure phase. But the configure phase works alright in nix-shell -E!
<WilliamHamilton[>
and I cannot issue ./configure in the /tmp directory because of
ddellacosta has joined #nixos
<WilliamHamilton[>
./configure: line 1917: config.log: Permission denied
ng0 has quit [Remote host closed the connection]
ng0 has joined #nixos
ddellacosta has quit [Remote host closed the connection]
symphorien has quit [Quit: WeeChat 2.3]
Aerobit has quit [Quit: WeeChat 2.3]
<jD91mZM2>
Myrl-saki: If the nix-lsp issue was just the SHA checksum being outdated, it's fixed now
<timor>
WilliamHamilton[: did you try with --pure in your nix-shell call?
<WilliamHamilton[>
timor: no, let me try that!
hakujin has quit [Ping timeout: 240 seconds]
fendor has quit [Ping timeout: 268 seconds]
<WilliamHamilton[>
timor: it works till before the installPhase even with --pure
<{^_^}>
[nixpkgs] @bbarker opened pull request #54952 → WIP: coconut init at 1.4.0; prompt-toolkit init at 2.0.8 → https://git.io/fhMaU
<Synthetica>
infinisil: Using overlays worked, thanks!
kitl_ has quit []
<Myrl-saki>
jD91mZM2: Thanks. That was one of the problems, but I'll give it another try.
<infinisil>
Synthetica: Nice!
erasmas has joined #nixos
andi- has quit [Ping timeout: 250 seconds]
andi- has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<devalot>
If I use `nix-store --serve --write --store /some/path' on a remote machine, then use it as a builder, I get hash errors saying expected sha256:0000000000000000000000000000000000000000000000000000. Why would the client ever expect a null hash?
<timor>
WilliamHamilton[: sorry, no idea then at the moment
<WilliamHamilton[>
timor: sure, no problem, I'll use the local version in the meantime
dermetfan has joined #nixos
__Sander__ has quit [Quit: Konversation terminated!]
<timor>
WilliamHamilton[: what you could do is, when building manually, check the exit code after each step.
linkrage has quit [Quit: Leaving]
knupfer has quit [Remote host closed the connection]
Ariakenom has joined #nixos
<timor>
WilliamHamilton[: also, that ./autogen.sh script disables all output
nD5Xjz_ has joined #nixos
nD5Xjz has quit [Ping timeout: 246 seconds]
perique has joined #nixos
drakonis has quit [Quit: WeeChat 2.3]
xok has joined #nixos
EffSquared has quit [Ping timeout: 240 seconds]
ryantrinkle has quit [Ping timeout: 246 seconds]
<xok>
can anyone help me add "mysqlnd" to my php installation using nixos?..
<apaul1729>
anybody ever used jhbuild? it's a tool used to build gnome projects, so it handles downloading and installing modules on its own. trying to figure out how to have nix handles the modules and link them into a simple jhbuild derivation where jhbuild expects them to be
<apaul1729>
(and then build the package i'm trying to build)
o1lo01ol1o has joined #nixos
orivej has joined #nixos
knupfer has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<sphalerite>
Well, when I got up this morning I was well enough to go to work again. That turns out not to have been such a good idea and now I'm feeling much more ill than yesterday. gchristensen qyliss qyliss^work (ckauhaus isn't here right now?) I don't think I'm well enough to participate in the meeting tonight, I need to eat then go to bed :/
<sphalerite>
idk if you want to proceed without me or if we should reschedule?
<gchristensen>
yikes!
<qyliss^work>
I'm happy to reschedule
<gchristensen>
I think we need our fearless leader
<qyliss^work>
I don't think it's so urgent that we need to do it without all of us there
<gchristensen>
sphalerite: send out a reschedule email, with a few proposed times?
<jabranham>
Is there any way to see package version differences between two nixos generations?
<sphalerite>
haha I fear nothing but colds. Yeah can do.
ubert has quit [Remote host closed the connection]
<xok>
i don't know how to do that in my nixops configuration file...
<xok>
i tried this: config.php.mysqlnd = true;
<jabranham>
qyliss^work: thanks, that seems to want a .drv file. Is there such a file that describes the entire system profile somewhere?
<xok>
but it didn't work..
<qyliss^work>
Yep! Have a look in /nix/var/nix/profiles
<philipp[m]>
I want to get rid of a few dotfiles in my homedir by wrapping a few applications and giving them arguments to direct them to files in the nix store. I guess I'm not the first one to try this. Does anybody have a nice pattern example how to do it most efficiently?
<timor>
WilliamHamilton[: you still there?
<xok>
anyone please?..
tilpner has joined #nixos
<timor>
xok: you might want to post a link to your configuration
<WilliamHamilton[>
timor, sorry, had to go away for a minute, but I'm here now
<timor>
WilliamHamilton[: the second one is not correct
<WilliamHamilton[>
but my question is: what did you do to find those (I know I shouldn't ask) :D
<WilliamHamilton[>
the INSTALL one?
<qyliss^work>
Can't easily provide a more full example, because I lost the yubikey for the computer I have this on and so it doesn't have any of my passwords on it :(
<dmj`>
Hey guys
<timor>
WilliamHamilton[: the way it was supposed to be: autoreconf provides "install-sh", sets $INSTALL to that, automake replaces @INSTALL@ by $INSTALL
mmlb08 has quit [Ping timeout: 250 seconds]
<dmj`>
I'm running the NixOS testing framework, and I have hit an out of memory kernel panic. How do I increase the memory on my QEMU vm
<timor>
WilliamHamilton[: I short-circuited that, because `install` is provided by stdenv
<philipp[m]>
qyliss^work: Thanks, that seems like more boiler plate than I'd like tbh but you've got a few neat constructs I wouldn't have figured out on my own. I'll play around with it a little.
hakujin has joined #nixos
<timor>
WilliamHamilton[: and I found it by what I was suggesting earlier, not discarding the output of that automake command
<xok>
timor: can you help?..
<timor>
xok: the let statement is definitely wrong
<timor>
but I don't know much about nixops
<xok>
timor: I just want to use "mysqlnd = true; " and couldn't find the proper place for it... :D
<WilliamHamilton[>
timor: later I'll try to re-invent your solution to understand your debug process, thanks in the meanitme!
hakujin1 has joined #nixos
<dmj`>
nvm, I got it
MP2E has joined #nixos
<jabranham>
qyliss^work: I can't seem to find any .drv files in there. /nix/var/nix/profiles/system-XX-link seems to just contain scripts for setting up the system and links to executables, no .drv files. Am I missing something obvious?
<timor>
xok: you might need to set the attribute `nixpkgs.config.php....` at the same level as `services..` and `environment....`
<infinisil>
sphalerite: gchristensen: What's this meeting abuot?
<gchristensen>
doesn't nix-diff require the .drv's?
<qyliss^work>
I didn't think it did but I guess it does
<timor>
xok: no override. just the line you had earlier, prepended by "nixpkgs."
<jabranham>
gchristensen: yes, I'm trying to find package version differences between 2 nixos generations. qyliss said to look at nix-diff, which looks right, but I'm not sure if there exists a .drv that describes the whole system?
<gchristensen>
you bet there is!
<qyliss^work>
There definitely is one; I've just forgotten how to find it.
<jabranham>
gchristensen: where
<gchristensen>
nix-store --query --deriver /run/current-system will show you the .drv for your current system
<gchristensen>
you can change /run/current-system to the system-xx-link path
<jabranham>
gchristensen: awesome, thanks :-)
<gchristensen>
^.^
<xok>
timor: thank you, it recompiles the package...
<timor>
xok: in my experience that can take a long time
maximiliantagher has joined #nixos
<xok>
timor: yeah, it will take long as it compiles lots of packages...
maximiliantagher has quit [Remote host closed the connection]
<pvinis>
what is the "preferred" way to keep the configuration.nix file in a git repo? do you keep it in the home dir somewhere, and link it in /etc/nixos or something?
<infinisil>
bsima: Yeah
<bsima>
infinisil: thanks
<bsima>
pvinis: I keep mine in a git repo and use the 'imports' in /etc/nixos/configuration.nix
<infinisil>
pvinis: I'm setting `nixos-config=/path/to/my/configuration.nix` in nix.nixPath, then you can put it anywhere you want
<pvinis>
and what is in the /etc/nixos/conf? the default generated one?
<bsima>
that's my entire /etc/nixos/configuration.nix
<pvinis>
aha
fendor has quit [Ping timeout: 246 seconds]
<pvinis>
so what is the flow then? i think i am missing something. you want to put this in a new machine
<pvinis>
you boot nixos from like a usb
<pvinis>
then clone your config somewhere in the root folder. then rebuild and switch, then what?
<pvinis>
i am always getting lost somewhere in the flow, because of some cycle :|
<bsima>
yeah i setup a new nixos machine, then clone my config repo into my user directory, then edit configuration.nix to import my machine config, then 'nixos-rebuild switch' and everything is in place
<bsima>
the only manual step is cloning my config repo, everything else is automated
<pvinis>
bsima: nice. thanks. one quick question: to clone your repo in your user dir, do you first manually change the default /e/n/config to create your user?
<bsima>
yeah
<pvinis>
and then you remove everything and just leave the include part, right?
<bsima>
yeah because the included nix file has all that stuff
<bsima>
so they are basically managed automatically in a similar way that nixos-rebuild manages stuff
<pvinis>
the reason im asking is that i am trying to make a simple configuration that is easy to recreate, and i basically want it to make a user, put a couple of dotfiles, then install some node modules, and then run a service
<bsima>
my advice is to build it piecemeal, one thing at a time. I built my config over like 2 years of tweaking
<bsima>
it was a lot to learn at first
<noonien>
is there a mainUser, if so, where, and what is it?
<pvinis>
ok, so in theory with the home-manager i should be able to do this. i was trying also to do it by just throwing some text, which might also be fine
<pvinis>
i want to make a small server, and since i kinda have to make it with a bunch of scripts or with nix to be reproducible, i thought ill try with nix directly
q6AA4FD has quit [Ping timeout: 272 seconds]
reinhardt has joined #nixos
<tilpner>
Hey, can anyone confirm that remote unlocking of an encrypted /boot just isn't possible?
<qyliss^work>
I think you can do it with dropbear?
<gchristensen>
an encrypted initrd I know, but dropbear can be embedded in grub?
<tilpner>
qyliss^work: That works for encrypted / and unencrypted /boot, yes, but also for encrypted /boot?
<tilpner>
Oh!
<gchristensen>
that was a question-question, not a question-statement, tilpner :)
<tilpner>
:/
<qyliss^work>
oh, hmm
<emily>
I don't think you'd want GRUB to be your ssh daemon, it's not a very good operating system. why encrypt the /boot?
<qyliss^work>
Yeah, fundamentally _something_ has to be unencrypted.
<tilpner>
And I'm fine with an unencrypted grub install that also allows for unlocking of /boot via ssh
<tilpner>
But I don't know if that's a good idea to try
<gchristensen>
what do you gain by encrypting /boot?
<tilpner>
And this is a remote server I have no access to, so I can't do much experimentation
<emily>
gchristensen: no, too lazy to have set it up yet :(
<tilpner>
(No physical access, that is)
<gchristensen>
dang
<tollb>
hello...I think I just made a mistake trying to update pull request 54909 for staging
<tilpner>
gchristensen: You did some secureboot recently. Is that something I want to try?
<emily>
I know you have to pack kernel+initrd into some weird container thing that systemd-boot looks at for the name and cmdline and stuff
<emily>
probably not on a server
<__monty__>
qyliss^work: I also think /boot can't be an LVM partition?
<emily>
I mean, what is your threat model there really?
<gchristensen>
tilpner: with no physical access? I wouldn't recommend it, and you probably can't even turn it on without access to the BIOS config
<gchristensen>
(if you have DRAC/iLO/SOL/etc-like thing, by all means)
<tollb>
i thought i was pushing to my github branch, but it appears to have updated against the nixos:master on pull request 54909. What did I do wrong? Anything I can do to fix?
<tilpner>
emily: I don't intend to guard against the technical personnel. All I want is to decouple the confidentiality of user data from whether any given datacenter employee follows protocol for disposing/replacing drives
<gchristensen>
don't need encrypted /boot for that
<emily>
*nods* then I think unencrypted /boot is your best bet
<qyliss^work>
Why would user data be on /boot?
<tilpner>
gchristensen: Right, it's not a requirement
<tilpner>
But I figured I might as well encrypt as much as possible, if it's not too much pain
<tilpner>
I'm asking to see if it's possible, not because I depend on it
<tilpner>
(My laptops currently don't encrypt /boot, so this is curiosity speaking)
<tilpner>
I realize there's pretty much no chance to defend against an attacker who has physical access to your running server and unlimited time
<tilpner>
This is just about drives removed from the server, so /boot doesn't matter
<Church->
Hmm hell does ESP stand for? I always think extended stack pointer.
<tilpner>
Efi System Partition
<tilpner>
... I hope
<{^_^}>
[nixpkgs] @costrouc opened pull request #54956 → pythonPackages.tableaudocumentapi: init at 0.6 → https://git.io/fhMDh
<Church->
Ahhh
maximiliantagher has quit [Remote host closed the connection]
rauno has quit [Remote host closed the connection]
<tollb>
gchristensen: I seem to have done a push update incorrectly on PR 54909 that I asked about earlier. It went to NixOS:master instead of NixOS:staging. Hoping you can help...
<gchristensen>
hmm
<gchristensen>
think its fixed, tollb :)
ckauhaus has joined #nixos
Edes has joined #nixos
<tollb>
gchristensen: Thanks! Is there something different I should have done to push the update to staging directly?
<gchristensen>
tollb: you did everything correctly
<gchristensen>
tollb: you missed the step of telling github's UI you want the PR to be against staging though: https://github.com/NixOS/nixpkgs/pull/54909 -> the Edit button to the right of the title is where you do that
ThatDocsLady has quit [Ping timeout: 252 seconds]
<{^_^}>
#54909 (by tollb, 18 hours ago, open): wrap-gapps-hook.sh: only wrap links when required
maximiliantagher has joined #nixos
<xok>
is it possible to set hostname + username + password for system mail?...
<{^_^}>
[nixpkgs] @grahamc pushed to grahamc-patch-1 « riot-web: see if dropping hydraPlatforms causes ofborg to realize it changed. »: https://git.io/fhMy6
<{^_^}>
[nixpkgs] @grahamc opened pull request #54957 → (WIP) riot-web: see if dropping hydraPlatforms causes ofborg to realize it … → https://git.io/fhMyX
<tollb>
gchristensen: Thanks! I only see a "new issue" button to the right of the title now. Does it appear after a push?
<dmj`>
every time I try to build a python package on nixos I get this error: Download error on https://pypi.org/simple/setuptools-scm/: [Errno -2] Name or service not known -- Some packages may not be found!
<dmj`>
anyone know what I'm doing wrong
<simpson>
jonreeve: How does it fail to work? I can't attempt to reproduce anything from my current location.
<matthewbauer[m]>
jonreeve: i think it should go in testHaskellDepends not executableHaskellDepends
<{^_^}>
[nixpkgs] @dywedir pushed commit from @marsam to master « heroku: 7.18.2 -> 7.19.4 »: https://git.io/fhM9n
tritoncompute has joined #nixos
<jonreeve>
simpson: It says: `Setup: Encountered missing dependencies:
<tollb>
gchristensen: Just to close the loop...you were right about the "Edit" button. I was checking with a second browser that wasn't logged into my account. I'll use it next time!
silver_hook has quit [Ping timeout: 268 seconds]
<gchristensen>
ah, cool :)
tollb has left #nixos [#nixos]
knupfer has quit [Quit: knupfer]
<xok>
can anyone help me install a mail service on a nixos system?..
<xok>
I don't know how to do that ...
q6AA4FD has joined #nixos
i1nfusion has quit [Remote host closed the connection]
<Edes>
quick question, could I fetch multiple files from the internet in a derivation?
<matthewbauer[m]>
jonreeve: okay it looks like it's one of your dependencies that is breaking on it
<matthewbauer[m]>
"clay" seems to be broken in haskellPackages? anyone know how we fix something like that?\
silver_hook has joined #nixos
EffSquared has joined #nixos
i1nfusion has joined #nixos
<gchristensen>
Edes: a fixed output derivation can do that, yes
nikivi has quit [Ping timeout: 252 seconds]
acarrico has quit [Remote host closed the connection]
<eyjhb>
gchristensen: can you look at #52112, and make sure that gramhamcofborg runs the checks needed to merge?
<tritoncompute>
<symphorien> user namespaces - I'm checking that now - thank you
<{^_^}>
[nixpkgs] @jslight90 opened pull request #54959 → gitlab: add openssh dependency to gitaly → https://git.io/fhMHd
tritoncompute has quit [Quit: My Mac Pro has gone to sleep. ZZZzzz…]
<jonreeve>
Does anyone know how I can override a broken dependency? I just want to be able to work on my project, but I can't enter the shell or anything while Clay isn't building
doyougnu has joined #nixos
<eyjhb>
How does one specify requirements that are needed when a nixpkgs is ran, and not doing build? Should I just omit "buildinputs"?
MP2E has quit [Remote host closed the connection]
Aerobit has joined #nixos
ckauhaus is now known as ckauhaus[afk]
<Aerobit>
if I'm overriding the definition of more than 1 package in nixpkgs.overlays, can I be assured that if I override package B that depends on package A, and package A, that my modified package B will build with the modified package A?
<Aerobit>
sorry if that doesn't make a lot of sense
<jabranham>
Aerobit: yes
<Aerobit>
hmm. I've got something funky going on then :(
<jabranham>
Aerobit: if you're using the usual self/super nomenclature, make sure to refer to self if you want your modifications
<jabranham>
in the package B overlay
<Aerobit>
yeah, i realized that earlier :P thanks
<Aerobit>
for some reason, one of my dependancies is failing to build with a cryptic mysterious error
<lewo>
infinisil but these modules are not in the nixpkgs repository
<infinisil>
I see, there is something in nixpkgs that disables building docs for out-of-tree modules, but I don't know what that is right now (and whether it can be disabled)
<xok>
I want to have ability to send emails from a nixos system, what do I do in this case ,can anyone help?..
<infinisil>
xok: Just install an email client?
<xok>
ok, let's move forward: what if I want to do that from a PHP script?.. :D
nDuff has joined #nixos
<infinisil>
xok: use a php email sending library?
<lewo>
infinisil ok, I'll have a look at that. thx
<infinisil>
xok: I think I know what you want, but i can't be sure until you ask a more precise question :)
<xok>
infinisil I have a simple script for example: mail( TO, SUBJECT, TEXT );
<Soft>
How stable nixos-unstable tends to be in practice? Are we talking like Arch level of stability or something that breaks every other day
<xok>
it doesn't work and alerts with a strange message: -t unknown command
<clever>
xok: run it under `strace -f -e execve -s 200 php foo.php`
<xok>
clever: thanks here is the result ( the most important line ): [pid 9203] execve("/bin/sh", ["sh", "-c", " -t -i "], 0x32f6f00 /* 43 vars */) = 0
elgoosy has joined #nixos
<xok>
and the result follows with: sh: -t: command not found
<infinisil>
Soft: It's pretty stable, I occasionally run into some breakage, maybe once a month, but never anything fatal (since it's covered with lots of tests)
<clever>
xok: sounds like php was running sendmail + " -t -i "
<clever>
xok: but the sendmail variable was "", so it turned into just " -t -i "
knupfer has quit [Read error: Connection reset by peer]
<xok>
can you help ?..
<clever>
xok: youll want to dig around in the php config to tell it where to find the sendmail binary
<infinisil>
Now just gotta figure out where it tries to read sendmail from
mtesseract has joined #nixos
<noonien>
is there a command to get the description of a package, given the package name?
<clever>
infinisil: so it relies on PHP_PROG_SENDMAIL being set right at compile time? feels like a nixpkgs bug
<clever>
ah, thats inside a #ifdef PHP_PROG_SENDMAIL
<clever>
it sounds like somebody defined it to "" ?
<infinisil>
If there's no dynamic way for it to figure out the binary then this looks like a php bug
<infinisil>
s/bug/not-yet-implemented-feature
<clever>
infinisil: if PHP_PROG_SENDMAIL is defined, it will use that, if its not defined, it will be hard-coded to # define DEFAULT_SENDMAIL_PATH "/usr/sbin/sendmail -t -i"
<infinisil>
Booo
<clever>
infinisil: the fact that we are not seeing /usr/sbin in the error, means that PHP_PROG_SENDMAIL is defined, yet empty
<infinisil>
But yeah, why is PHP_PROG_SENDMAIL set to "" then
<clever>
also, this is merely the default path, DEFAULT_SENDMAIL_PATH
<eyjhb>
Thanks, I will try it! - And then I wouldn't need the patch at all, correct?
<Synthetica>
Correct, you shouldn't
<Edes>
how do you add a systemd service to a package?
apaul1729 has quit [Remote host closed the connection]
<gchristensen>
a package cannot create a nixos system service
<Synthetica>
You don't really "add a systemd service to a package" as such, it's more like making a systemd service using a package, they are stored in two different places
<Synthetica>
(One is stored in ./pkgs, the other in ./nixos)
Dagger2 is now known as Dagger
<Synthetica>
(Or rather, ./nixos/modules)
<Edes>
so I'd have to make like a separate nix file
<Synthetica>
Yes
<Edes>
any package I can look for an example?
jasongrossman has joined #nixos
<gchristensen>
lots. what does your package do?
<Edes>
it's a node application, I basically want a service that launches the server
<Edes>
and kills it or whatever
maximiliantagher has quit [Remote host closed the connection]
<eyjhb>
Ignore all the commented stuff.. I call that "might need it later" code
<Synthetica>
,locate i3lock
<{^_^}>
Found in packages: i3lock, i3lock-color
<Synthetica>
It should be fine with i3lock-color as an input, no? That also provides the i3lock executable
<eyjhb>
As far as I know, it only provides i3lock-color input, as when I execute the script currently, it will call i3lock but i3lock does not know the requirements
maximiliantagher has quit [Remote host closed the connection]
dustinm has joined #nixos
<eyjhb>
` mv $out/bin/i3lock $out/bin/i3lock-color` is in the postInstall of i3lock-color
<eyjhb>
So it only provides `i3lock-color`
<Synthetica>
That's the postinstall, it just creates an extra alias
maximiliantagher has joined #nixos
<eyjhb>
Hmm... Well, but it would be nice to use `i3lock-color`, as e.g. on my system `i3lock` points to the original i3lock
<eyjhb>
That's the first time ever, I have needed my emoji replacer script for Weechat on a IRC server... :p
<eyjhb>
But.. Yeah.. I don't know the best approach... As the patch fails...
<gchristensen>
maybe just go the way of substituteinplace? :)
ivan has joined #nixos
<eyjhb>
But.. That would replace the other occurences too, which are paths named i3lock... :/
acarrico has joined #nixos
<eyjhb>
But I really just do not understand at all, why the patch would not work? It just seems like it never gets the files, so it can't patch them?
<noonien>
does anyone here use screensaver? or only lockscreens? in both cases, which?
<Synthetica>
eyjhb: Yeah, I sometimes forget I'm not on discord ;)
<eyjhb>
I feel like everybody on Discord/Slack are doing roleplay with me, because of the translated emojis... (using Bitlbee), so everything is like "blinking_face" etc...
<eyjhb>
But I am real close at grapping at the vodka here.. Am I overriding any of the steps because of "phases"
tritoncompute has joined #nixos
ambro718 has joined #nixos
sicklork1n has quit [Ping timeout: 246 seconds]
griff_ has quit [Quit: griff_]
<eyjhb>
I am skipping some phase, that I need..
<Synthetica>
... the source fetch phase?
<Synthetica>
What's that called?
<eyjhb>
unpackPhase I am hoping
<eyjhb>
Looks like it!
<Synthetica>
Works here!
<eyjhb>
Same here, but it still tries to execute `i3lock` ?! :(
elgoosy has quit [Remote host closed the connection]
<eyjhb>
Does the patch happen inline $src ?
<eyjhb>
Because I might be copying the wrong.. No.. It shouldn't be that..
<eyjhb>
Synthetica: WORKS! Just removed the $out part when copying the file.. Is that the correct approatch?
<eyjhb>
approach*
<Synthetica>
What? `cp $src/bin/bls ./bin/bls` instead of `cp $src/bin/bls $out/bin/bls`?
pvinis has quit [Ping timeout: 256 seconds]
<eyjhb>
Actually just ` cp betterlockscreen $out/bin/betterlockscreen`
<eyjhb>
Don't know if that is the correct approach Synthetica :/
<Synthetica>
Might be, $src points to the immutable dir in the nix store, pwd is the mutable variant in /build/store
<Synthetica>
So I'd say it's fine
q6AA4FD has quit [Read error: Connection reset by peer]
<eyjhb>
Synthetica: great! What do I do about the maintainer? I have a PR that is in progress, where I have added myself to the maintaineres list, but.. In this new PR, I have not done so.. Should I just do it yet again?
<eyjhb>
So.. that I am added to the maintainers list in both of the PRs?
q6AA4FD has joined #nixos
<Synthetica>
Is one PR the successor of another, or are they for two different things?
<noonien>
is there a "metapackage" that installs stuff such as `killall`?
<Synthetica>
,locate killall
<{^_^}>
Found in packages: psmisc, busybox, killall, netbeans, playonlinux, bashCompletion
<Synthetica>
(No more netbeans, netbeans, netbeans :P)
<dmj`>
gchristensen: ok no worries
<eyjhb>
Synthetica: do you have permissions for merging? ;) ;)
<Synthetica>
eyjhb: Nope :(
<noonien>
do people usually install psmisc or busybox?>
<gchristensen>
psmisc
<gchristensen>
don't install busybox
<eyjhb>
Or if gchristensen have the time :p
<eyjhb>
Else I guess I just have to add myself once again to the maintainers list in the new PR
<Synthetica>
It shouldn't have any merge conflicts, so I guess it should be fine
<gchristensen>
mind squashin?
<gchristensen>
in to 2 commits
<Thra11>
I have a really simple default.nix (with import <nixpkgs> {}; haskellPackages.callCabal2nix "foo" ./. {}) for developing a haskell program. Is there a good way to run nix-shell using this default.nix, but add a few extra haskell packages which aren't really part of the program, but which are useful for experimenting in ghci?
knupfer has quit [Remote host closed the connection]
<gchristensen>
1. adding yourself to the maintainer list, 2. init the package
<eyjhb>
gchristensen: one for the actual .nix file, and one for adding myself as the maintainer?
<gchristensen>
:)
<eyjhb>
Okay, will do ;)
doyougnu has quit [Ping timeout: 268 seconds]
<Guest48810>
Hello, I am trying to package somebody else's binary that contains a line like box := packr.NewBox("../../engine/ladon/rego") but fails when built as a nix package because of the read only system - what can I patch it to to ensure that it is a writeable place?
ryantrinkle has quit [Ping timeout: 250 seconds]
mtesseract has quit [Quit: good night]
<Guest48810>
i.e. like /tmp
<Synthetica>
You could patch it?
<Synthetica>
With patches = [ ./mypatch.patch ] (which you'd probably have to write yourself)
<Guest48810>
I already wrote one and tried to make it write on my home folder (no dice)
nspin has joined #nixos
<{^_^}>
[nixpkgs] @eyJhb opened pull request #54966 → betterlockscreen: init at 3.0.1 → https://git.io/fhMjo
<eyjhb>
gchristensen: done ;)
<Synthetica>
Guest48810: What exactly did you try? Using ~ could be problematic in some contexts (I don't know if that's the case here)
<Synthetica>
(Also, during build $HOME is set to a dummy value
<Synthetica>
)
acarrico has quit [Ping timeout: 244 seconds]
<gchristensen>
eyjhb: the arduino-mk PR seems unchanged
<eyjhb>
gchristensen: I only change `cp -r` to `ln -s`
<eyjhb>
changed**
<eyjhb>
As that was the only requests
<eyjhb>
But.. Don't know if I have screwed the bot over by doing a forced push to the repo?
simukis has quit [Quit: simukis]
<gchristensen>
oh, I asked you to squash them
<Guest48810>
Synthetica: the problem happens at run time (build time is fine). packr appears to be a library that bundles static files into golang binaries
<eyjhb>
gchristensen: squash them?
dermetfan has quit [Ping timeout: 268 seconds]
acarrico has joined #nixos
<eyjhb>
Ohh.. Squash all the commits into a single commit? - new to the PR game...
sicklork1n has joined #nixos
<gchristensen>
in to two comits: 1. adding yourself to the maintainer list, 2. init the package
<Guest48810>
I do not know why it tries to be resolved as a relative path at run time, it probably is an error. But the fact is that the binary in nixos just dies when it reaches that line.
<eyjhb>
AH! You wanted me to do that for the arduino-mk PR
<eyjhb>
I did it for the PR I just opened... :/
<Thra11>
elvishjerricco: The default.nix you described for me yesterday doesn't seem to allow me to import the dependencies in ghci (when I run `nix-shell --run ghci` in the directory). Am I doing something wrong, or do I need a different default.nix to do that?
dermetfan has joined #nixos
<gchristensen>
eyjhb: no worries :)
<Synthetica>
Guest48810: What exactly did you try?
doyougnu has joined #nixos
tritoncompute has quit [Quit: My Mac Pro has gone to sleep. ZZZzzz…]
o1lo01ol1o has joined #nixos
acarrico has quit [Ping timeout: 268 seconds]
<eyjhb>
Synthetica: I have only ever seen patches with substituteAll.. Even in the one you linked :/
alex has quit [Quit: WeeChat 2.3]
sicklork1n has quit [Ping timeout: 250 seconds]
phizzz has joined #nixos
hakujin2 has joined #nixos
hakujin2 has quit [Client Quit]
<phizzz>
hi i'm looking for resources to help me learn how to build existing custom c/c++ software the *nixos* way. any one have any suggestions?
<eyjhb>
gchristensen: I have done it now! Was a little messy.. But should do
<phizzz>
i really want to use nixos to deploy this, but i need a better understanding of the *nixos* way...
<eyjhb>
I will apply the last changes to the other PR... Forgot all about adding it..
<Synthetica>
eyjhb: That there are 1970 patches in the Nixpkgs repo, it's hardly unique
<eyjhb>
Synthetica: never meant it was unique, only meant I have only seen it used with "substituteall" :D But seeing as I have only done like.. 2-3 packages, theeen
Edes has quit [Ping timeout: 246 seconds]
<phizzz>
basic question, for instance: how do i even leave a nix-shell? just `exit`?
<eyjhb>
phizzz: yup :)
<noonien>
is there any information collected about what packages people usually install? i'm looking to see how popular packages are
maximiliantagher has quit [Remote host closed the connection]
Aerobit has quit [Quit: WeeChat 2.3]
o1lo01ol1o has quit [Remote host closed the connection]
Makaveli7 has quit [Quit: Leaving]
o1lo01ol1o has joined #nixos
maximiliantagher has joined #nixos
eddyb has joined #nixos
eddyb has quit [Changing host]
eddyb has joined #nixos
maximiliantagher has quit [Remote host closed the connection]
<__monty__>
noonien++ For the ranger <3 ; )
kvda has joined #nixos
<{^_^}>
noonien's karma got increased to 1
o1lo01ol1o has quit [Ping timeout: 244 seconds]
<noonien>
hehe
o1lo01ol1o has joined #nixos
aleph- has joined #nixos
maximiliantagher has joined #nixos
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<noonien>
is anyone running zfs?
<{^_^}>
[nixpkgs] @dotlambda merged pull request #54937 → python.pkgs.django_1_8: mark as insecure → https://git.io/fhMts
<{^_^}>
[nixpkgs] @dotlambda pushed to master « python.pkgs.django_1_8: mark as insecure (#54937) »: https://git.io/fhDTt
<noonien>
i've ran btrfs for a few years, in the end, it wasn't worth it, it was really unstable
<noonien>
zfs shouldn't be, afaik
<noonien>
and i really wouldn't mind the dedup/snapshots
<{^_^}>
[nixpkgs] @dotlambda pushed to release-18.09 « python.pkgs.django_1_8: mark as insecure (#54937) »: https://git.io/fhDTm
<noonien>
however, i'm unsure if it's hard on the CPU/RAM
<noonien>
not really the channel to ask, but anyway
<gchristensen>
its fie
<gchristensen>
ne
<gchristensen>
fine
<goibhniu>
I think a fair few people here use it, e.g. hyper_ch is a big fan.
<noonien>
hmm, awesome
<noonien>
any issuues running it on top of luks?
<gchristensen>
nope
tilpner has quit [Quit: WeeChat 2.3]
<{^_^}>
[nixpkgs] @volhovm opened pull request #54967 → clmagma: init at 1.3 → https://git.io/fhDTR
<__monty__>
noonien: You experience instability with btrfs recently? I've been running it for a couple years on my laptop and haven't had any issues to speak of.
<__monty__>
I know that's anecdotal but there hasn't even been a semblance of an issue.
<noonien>
i think i stopped using it ~2years go
<noonien>
but afai, the project isn't active anymore
<noonien>
i've used it on ubuntu
orivej has quit [Ping timeout: 240 seconds]
orivej_ has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<noonien>
i've had problems with it running out of metadata space, even with regular balancing
<noonien>
even though the metadata didn't really run out of space
<noonien>
nor did the rest of the FS
<noonien>
it always took hour-long balances to fix
<noonien>
and sometimes it didn't even fix, needing a reinstall (since i had it on root)
fusion809 has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
fusion809 has joined #nixos
<noonien>
i didn't even have any intensive workloads
<__monty__>
Not active, what?
<tolt>
I'm getting an error trying to download some things from the nixos cache... "SSL peer certificate or SSH remote key was not OK (60)". Any ideas on how to fix it or where to look?
jasongrossman has quit [Ping timeout: 250 seconds]