gchristensen changed the topic of #nixos to: NixOS 18.09 released https://discourse.nixos.org/t/1076 || https://nixos.org || Latest NixOS: https://nixos.org/nixos/download.html || Latest Nix: https://nixos.org/nix/download.html || Logs: https://logs.nix.samueldr.com/nixos/ || #nixos-dev, #nix-darwin, #nixos-aarch64, #nixos-chat, #nixcon ... nixcon videos: https://tinyurl.com/nixcon2018
<jackdk> nix-channel --help | cat?
<daniele-> jackdk: why do you think that would work?
<infinisil> Would still try to call man underneath
<infinisil> (so it doesn't work)
<jackdk> some programs do different things depending on whether stdout is a tty; compare the behaviour of `ls` and `ls | cat`
<infinisil> Ah yeah, you have a point
<daniele-> well, if you don’t have an ls binary you can try to call in any way you want, but hardly it will work
upsaday_ has quit [Remote host closed the connection]
upsaday_ has joined #nixos
acarrico has joined #nixos
<iqubic> I'm really pissed that I can't get my steam game to work right now.
ddellacosta has quit [Quit: WeeChat 2.2]
ddellacosta has joined #nixos
joehh has quit [Ping timeout: 246 seconds]
thc202 has quit [Quit: thc202]
<iqubic> Oh... brilliant. I just found out that another game from the same production studio also fails to run.
justanotheruser has quit [Ping timeout: 250 seconds]
carlosdagos has joined #nixos
doyougnu has quit [Ping timeout: 240 seconds]
aleph- has quit [Ping timeout: 250 seconds]
<iqubic> Question: How hard would it be to spin up a lightweight distro on a virtual machine and install steam on that?
<clever> iqubic: QPU passthru will be a major problem
drakonis has joined #nixos
<iqubic> You mean GPU, or CPU? IDK what QPU is.
<clever> GPU i mean
<clever> QPU is half a type, but also the internals of the rpi GPU, lol
<clever> half a typo*
<iqubic> Alright... So I'm really really pissed.
<clever> iqubic: this is why my desktop is still dual-boot
<iqubic> Of the games from this publisher that I have tried, 3/3 claim to work on Linux. Only 1/3 of those works on Nixos.
<iqubic> See... game publishers don't understand NixOS as a thing.
<iqubic> So I'm not sure what I should do here.
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55147 → stepmania: 5.0.12 -> 5.1.0-b2 → https://git.io/fhS1H
<daniele-> i wonder why nixos decided to recompile the world…
<Glenn_S> I'd like to lock a project to a specific (latest version of stable) version of NixOS. Is it a sensible thing to do to just use the most recent commit on the release-18.09 branch, and then manually update that on a regular (say, monthly) basis?
<{^_^}> [nixpkgs] @NeQuissimus pushed to master « linux: 5.0-rc4 -> 5.0-rc5 »: https://git.io/fhS1Q
justanotheruser has joined #nixos
<dermetfan> Glenn_S: sounds like pinning https://nixos.wiki/wiki/FAQ/Pinning_Nixpkgs
eadwu has joined #nixos
<dermetfan> daniele-: For reproducible builds but you can also patch binaries
aleph- has joined #nixos
goibhniu has quit [Ping timeout: 240 seconds]
<Glenn_S> Thanks, that's a useful link, and it looks like I am doing the right thing (although I shall swithc to fetchGit from fetchTarball). Thanks.
<infinisil> Glenn_S: You'll want to use the nixos-18.09 branch on github.com/NixOS/nixpkgs-channels
<infinisil> And note that every 6 months a new stable versions is released, which will end support for the previous stable
<srhb> Glenn_S: fwiw fetchTarball and friends are usually quite a lot faster.
<Glenn_S> srhb: I guess it's ok it it's slow the first time if it means people don't have to use the `nix-prefetch-url` command to lookup a hash.
<srhb> Glenn_S: I never use that anyway. With recent nix versions the failed path will still be stored and registered.
<Glenn_S> Even then it's an extra thing for people to understand and debug. I am in danger of being pushed back into Docker + Ubuntu + shell script hackery land, so I want to make Nix as easy as possible for my coworkers to use in order to head that off.
jhillyerd has quit [Quit: WeeChat 2.2]
rcshm has quit []
<srhb> Glenn_S: Sounds good :)
endorphin has joined #nixos
<gchristensen> jq's run-time closure is huge :o
<endorphin> hi all
drakonis has quit [Quit: WeeChat 2.3]
<clever> gchristensen: only 32mb on my end
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
drakonis has joined #nixos
Mateon3 has joined #nixos
Mateon1 has quit [Ping timeout: 245 seconds]
Mateon3 is now known as Mateon1
hamishmack has joined #nixos
griff_ has quit [Ping timeout: 250 seconds]
nikola_i has joined #nixos
<endorphin> i wrote a nix expression to build emacs with some melpa packages following this information from the manual: https://nixos.org/nixos/manual/index.html#module-services-emacs-adding-packages
<endorphin> and i added this package to my nixpkgs using an overlay
<{^_^}> [nixpkgs] @danielfullmer opened pull request #55148 → mupdf: Fix changed library name → https://git.io/fhS1j
<endorphin> but when i do nix-env -q it shows up as "emacsWithPackages", is there any way to change this?
<clever> endorphin: set the name= on the derivation, you could change it with overrideAttrs
<{^_^}> [nixpkgs] @eadwu opened pull request #55149 → vscode-extensions.ms-python.python: 2018.12.1 -> 2019.1.0 → https://git.io/fhSMf
<endorphin> clever: sorry, i'm a bit confused about where to set the name attribute, since i'm not using stdenv.mkDerivation
<endorphin> is it ok to post the expression here?
<{^_^}> [nixpkgs] @danielfullmer opened pull request #55150 → k2pdfopt: 2.42 -> 2.51a → https://git.io/fhSMJ
<clever> ,paste endorphin
<{^_^}> endorphin: Use a website such as [ https://gist.github.com/ http://ix.io/ https://hastebin.com/ https://paste.ee/ ] or similar services to share anything that's longer than a couple lines.
<{^_^}> [nixpkgs] @danielfullmer closed pull request #53063 → k2pdfopt: 2.42 -> 2.50 → https://git.io/fhLsv
<clever> endorphin: the emacsWithPackages function eventually calls mkDerivation
<clever> but, you can just take its result, and .overrideAttrs it
<{^_^}> [nixpkgs] @dtzWill opened pull request #55151 → zsh: 5.7 -> 5.7.1 → https://git.io/fhSMU
<clever> (emacsWithPackages (...)).overrideAttrs (drv: { name = "foo"; })
Guanin has quit [Remote host closed the connection]
<endorphin> clever: thank you, worked perfectly
<endorphin> new to nix, was not aware of the overrideAttrs function
ddellacosta has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55152 → star: 2.6.1d -> 2.7.0a → https://git.io/fhSMt
<{^_^}> [nixpkgs] @dtzWill opened pull request #55153 → libpqxx: 6.2.5 -> 6.3.0 → https://git.io/fhSMq
ddellacosta has joined #nixos
justanotheruser has quit [Ping timeout: 268 seconds]
Ariakenom has quit [Quit: Leaving]
dermetfan has quit [Ping timeout: 245 seconds]
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhSM3
silver has quit [Read error: Connection reset by peer]
aleph- has quit [Ping timeout: 240 seconds]
xkapastel has quit [Quit: Connection closed for inactivity]
drakonis has quit [Quit: WeeChat 2.3]
drakonis has joined #nixos
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/a30f43c109e (from 7 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
freeman42x has quit [Ping timeout: 252 seconds]
noonien has quit [Quit: Connection closed for inactivity]
justanotheruser has joined #nixos
o1lo01ol1o has joined #nixos
fragamus has joined #nixos
hamishmack has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
drakonis has quit [Quit: WeeChat 2.3]
hamishmack has joined #nixos
hellrazor has quit [Ping timeout: 245 seconds]
drakonis has joined #nixos
drakonis has quit [Quit: WeeChat 2.3]
<{^_^}> [nixpkgs] @AndersonTorres opened pull request #55154 → Office Code Pro: init at 1.004 → https://git.io/fhSMg
rpifan has joined #nixos
<rpifan> why r u special
ottidmes has quit [Ping timeout: 246 seconds]
griff_ has joined #nixos
Supersonic has quit [Ping timeout: 252 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55155 → sigal: 1.4.1 -> 2.0 → https://git.io/fhSMw
gh0l has joined #nixos
Supersonic has joined #nixos
rcshm has joined #nixos
<daniele-> is anyone familiar woith the configuration of the nextcloud package?
<daniele-> i specified the postgres user and password in the configuration, but when i access the web app for the first time it asks for those again
<daniele-> ideas?
gh0l has quit [Quit: Konversation terminated!]
<clever> WilliButz: 46
<clever> oops
rpifan has quit [Remote host closed the connection]
drakonis has joined #nixos
freeman42x has joined #nixos
eadwu has quit [Quit: WeeChat 2.3]
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
eadwu has joined #nixos
o1lo01ol1o has quit []
<{^_^}> [nixpkgs] @andrew-d opened pull request #55156 → corretto8: init at 8.202.08.2 → https://git.io/fhSMD
revtintin has joined #nixos
o1lo01ol1o has joined #nixos
<{^_^}> [nixpkgs] @delroth opened pull request #55157 → nixos/tests/postgresql: fix regression from #55106 → https://git.io/fhSMS
vk3wtf has quit [Ping timeout: 240 seconds]
sigmundv_ has quit [Ping timeout: 245 seconds]
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
<rcshm> hi, i am trying to update sudo nixos-rebuild switch --upgrade and i am getting this error: Failed to start local-fs.target: Unit -.mount is masked.
o1lo01ol1o has quit [Ping timeout: 250 seconds]
<rcshm> not really sure if this is related to allocating new hd on gparted prior to this.
<rcshm> now what should i do? thanks for your help.
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/ed5ec8b375e (from 6 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
amosbird has quit [Quit: ZNC 1.7.1 - https://znc.in]
amosbird has joined #nixos
vk3wtf has joined #nixos
eadwu has quit [Quit: WeeChat 2.3]
<{^_^}> [nixpkgs] @grahamc opened pull request #55158 → perl: make reproducible → https://git.io/fhSMA
<{^_^}> [nixpkgs] @veprbl opened pull request #55159 → [18.09] buildbot: fix CVE-2019-7313 → https://git.io/fhSDe
<endorphin> how could one use an overlay to replace a derivation in nixpkgs with another?
<{^_^}> [nixpkgs] @veprbl opened pull request #55160 → [18.03] buildbot: fix CVE-2019-7313 → https://git.io/fhSDv
griff_ has quit [Quit: griff_]
<endorphin> my attempt: https://paste.ee/p/i19lb
<endorphin> results in an "infinite recursion encountered" error when i try to install emacs
<{^_^}> [nixpkgs] @dtzWill opened pull request #55162 → xorg.xf86inputlibinput: 0.28.1 -> 0.28.2 → https://git.io/fhSDL
glesica has joined #nixos
<glesica> hi everybody, i'm modifying a nix package to include a mac version, the package uses patchelf, will that work for a mac binary? i assume not since the mac uses mach binaries (right? maybe i'm wrong)
<clever> glesica: for darwin, you want otool
lezed1 has joined #nixos
<glesica> is there an example of using a different installPhase for mac than linux?
tdbgamer has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
fragamus has joined #nixos
<endorphin> answering my own question above, i think the error is because i am referencing pkgs.emacs inside the derivation for pkgs.emacs itself, which shouldn't be possible
<endorphin> not sure what the best way to avoid this is, though
<glesica> so it looks like maybe i can just use this to do the otool mangling i need automagically? https://github.com/NixOS/nixpkgs/blob/92a047a6c4d46a222e9c323ea85882d0a7a13af8/pkgs/build-support/setup-hooks/fix-darwin-dylib-names.sh
<clever> endorphin: $out will be the path it gets installed to, which is the same path pkgs.emacs returns
freeman42x has quit [Ping timeout: 252 seconds]
<clever> glesica: maybe, ive not done much darwin stuff
vk3wtf has quit [Ping timeout: 264 seconds]
<glesica> the biggest thing i don't understand is how to tell it to do X if linux, Y if mac
<clever> > stdenv.isLinux
<{^_^}> true
<glesica> i mean, to be fair, i don't really understand all of nix (yet)
<clever> then throw in if statements and lib.optional's
<glesica> ahh ok
<clever> > stdenv.isDarwin
<{^_^}> false
freeman42x has joined #nixos
<glesica> is {^_^} an interpreter? ;)
o1lo01ol1o has joined #nixos
<clever> yeah
<daniele-> i’m new to nixos and i’m gettig this error from nextcloud
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<daniele-> Unable to load dynamic library '/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so' (tried: /nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so (/nix/store/ia2x81hi0gdalq6c87rf7b3chfqfvimk-php-apcu-5.1.11/lib/php/extensions/apcu.so: undefined symbol: zend_signal_globals_id),
<clever> ,paste daniele-
o1lo01ol1o has quit [Ping timeout: 240 seconds]
<{^_^}> daniele-: Use a website such as [ https://gist.github.com/ http://ix.io/ https://hastebin.com/ https://paste.ee/ ] or similar services to share anything that's longer than a couple lines.
<lezed1> I'm in the process of installing NixOS on a Raspberry Pi and it looks like llvm timed out while building on aarch64. Can that package be retried, or the build item limit increased? Building these packages on a rpi is awful
<daniele-> it seems some php library is not build correctly but i have no idea of where to start looking for the cause
<daniele-> and i’m not a php programmer
<clever> daniele-: its more of a c level problem, not a php problem
freeman42x has quit [Ping timeout: 252 seconds]
<daniele-> clever: looks like so, but i have no idea why the module is not built correctly nor why php looks for a strange object with a .so.so extension
<jackdk> lezed1: I do not know. Perhaps the people at #nixos-aarch64 may be able to help?
<clever> daniele-: i only see a single .so on the ifles you pasted above
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55163 → recoll: 1.24.4 -> 1.24.5 → https://git.io/fhSD8
<daniele-> clever: look better
<lezed1> jackdk: That seems like it may be a better place, thanks!
<endorphin> clever: solved the problem by referencing pkgs.emacs26 instead of pkgs.emacs in my derivation
<daniele-> can i force a package to be rebuilt?
<clever> daniele-: it wont help, since nix will just recreate the same output
<daniele-> clever: i know, but i would like to have a closer look to the build log
<clever> daniele-: run `nix log /nix/store/foo`
<clever> ,xy daniele-
<{^_^}> daniele-: xyproblem is when you want to do X, and you think Y is how, so you ask about Y instead of X. See <http://www.perlmonks.org/index.pl?node_id=542341> or <http://mywiki.wooledge.org/XyProblem>
<{^_^}> [nixpkgs] @dtzWill opened pull request #55164 → iw: 4.14 -> 5.0 → https://git.io/fhSDB
<daniele-> clever: thanks. i may have found the problem:
fragamus has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<clever> daniele-: its trying to install things into its inputs, it should be writing to $out
<daniele-> clever: it seems odd that the packge is broken only for me...
<clever> daniele-: it might be broken for everybody, and noone else has noticed
<daniele-> anyhow those seesm to be headers and not the binary, so it may not be the source of my problem
<clever> daniele-: this says that its also been built on hydra
<daniele-> and thus?
<clever> likely everybody (and you) have downloaded that broken build
<daniele-> great
<{^_^}> [nixpkgs] @dtzWill opened pull request #55165 → binutils: 2.31.1 -> 2.32 → https://git.io/fhSDE
counting1ort has joined #nixos
<daniele-> clever: what can i do about it?
<dtz> LOL wow re: installing to inputs and not failing the build
<clever> daniele-: edit the nix expression to no fail, and then file a PR to nixpkgs
countingsort has quit [Ping timeout: 268 seconds]
drakonis has quit [Quit: WeeChat 2.3]
<daniele-> clever: the definition is simple enought that i doubt it can be wrong
<clever> daniele-: its common for extensions to try to add themself to the dir of the host app
<clever> so if php was in /usr/local/bin, then the extensions go to /usr/local/lib/
<clever> that breaks, when nixos requires that php be in /nix/store/hash-php, and the extension be in /nix/store/hash-extension
sicklorkin has quit [Ping timeout: 268 seconds]
<daniele-> i understand but all php extensions are defined in a very similar way, so either they are all broken or this specific one has a bug in the build scripts
<clever> yeah, you would need to check the logs of others, and unpack the src for this one, to see
<daniele-> i don’t have a clue of how php extensions are built
<clever> i would start by checking for a configure script
<daniele-> or maybe leave it to someone else
lassulus_ has joined #nixos
iqubic has quit [Remote host closed the connection]
lassulus has quit [Ping timeout: 250 seconds]
lassulus_ is now known as lassulus
fusion809 has quit [Quit: Leaving]
iqubic has joined #nixos
pie___ has joined #nixos
<pie___> this seems strange?:
<pie___> nix-repl> a.python35Packages.wxPython30
<pie___> error: wxPython-3.0.2.0 not supported for interpreter python3.5m
<pie___> ah sorry, a = import <nixpkgs> {}
<pie___> oh it looks like wxpython just doesnt support python 3, i thought it did
<pie___> well, wxpyhton 3 doesnt. wxpyhton 4 does.
pie__ has quit [Ping timeout: 245 seconds]
<endorphin> https://github.com/NixOS/nixpkgs/issues/3990#issuecomment-54723611 -- what would be the syntax to do this?
<endorphin> my first thought is to write a derivation that lists the desired packages as dependencies, but that's not equivalent to installing them all individually
rauno has quit [Ping timeout: 240 seconds]
o1lo01ol1o has joined #nixos
<Yaniel> that is what many do AFAIK
<Yaniel> mm in context it seems this would be a derivation that depends on $programs and overrides their config with your desired setup
o1lo01ol1o has quit [Ping timeout: 240 seconds]
<daniele-> has anyone installed nixos in a systemd-nspawn container?
brejoc has joined #nixos
<{^_^}> [nixpkgs] @dtzWill opened pull request #55166 → bison: 3.3.1 -> 3.3.2 → https://git.io/fhSDM
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55167 → rabbitmq-server: 3.7.10 -> 3.7.11 → https://git.io/fhSDD
<daniele-> nspawn does not like the fact that /etc/os-releae is an absolute symlink where the root is the root in the container
brejoc has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
vk3wtf has joined #nixos
nikola_i has quit [Ping timeout: 250 seconds]
o1lo01ol1o has joined #nixos
nikola_i has joined #nixos
o1lo01ol1o has quit [Ping timeout: 268 seconds]
carlosdagos has quit [Quit: Connection closed for inactivity]
aleph- has joined #nixos
<{^_^}> [nixpkgs] @7c6f434c merged pull request #54994 → racket, racket-minimal: 7.1 -> 7.2 → https://git.io/fhyT9
<{^_^}> [nixpkgs] @7c6f434c pushed commit from @clacke to master « racket, racket-minimal: 7.1 -> 7.2 (#54994) »: https://git.io/fhSyt
<{^_^}> [nixpkgs] @7c6f434c merged pull request #55163 → recoll: 1.24.4 -> 1.24.5 → https://git.io/fhSD8
<{^_^}> [nixpkgs] @7c6f434c pushed 2 commits to master: https://git.io/fhSyq
rcshm_ has joined #nixos
dramforever has joined #nixos
otwieracz has left #nixos ["WeeChat 2.2"]
rcshm has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @veprbl merged pull request #55160 → [18.03] buildbot: fix CVE-2019-7313 → https://git.io/fhSDv
<{^_^}> [nixpkgs] @veprbl pushed to release-18.03 « buildbot: fix CVE-2019-7313 »: https://git.io/fhSyO
<dramforever> Hi! I'm trying to fix this fact in nixpkgs: pulseaudio-dlna depends on pythonPackages.zeroconf (python 2), but some time ago zeroconf was updated it no longer supports python 2, and therefore pulseaudio-dlna is broken
<dramforever> I have a wip pull request here https://github.com/NixOS/nixpkgs/pull/54880
<{^_^}> #54880 (by dramforever, 5 days ago, open): pulseaudio-dlna: downgrade dep zeroconf to 0.19.1
<{^_^}> [nixpkgs] @veprbl merged pull request #55159 → [18.09] buildbot: fix CVE-2019-7313 → https://git.io/fhSDe
<{^_^}> [nixpkgs] @veprbl pushed to release-18.09 « buildbot: fix CVE-2019-7313 »: https://git.io/fhSy3
<dramforever> I don't think anything else currently depends on zeroconf and py2
simukis has joined #nixos
gerschtli has quit [Quit: WeeChat 2.2]
gerschtli has joined #nixos
endformationage has quit [Quit: WeeChat 2.3]
teehemkay[away] has joined #nixos
teehemkay[away] is now known as teehemka_
palo1 has joined #nixos
o1lo01ol1o has joined #nixos
wigust has quit [Ping timeout: 246 seconds]
wigust has joined #nixos
jbetz has joined #nixos
palo has quit [Ping timeout: 250 seconds]
palo1 is now known as palo
o1lo01ol1o has quit [Ping timeout: 246 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55168 → python37Packages.slixmpp: 1.4.1 -> 1.4.2 → https://git.io/fhSyB
aleph- has quit [Ping timeout: 240 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55169 → python37Packages.pywal: 3.2.1 -> 3.3.0 → https://git.io/fhSyR
knupfer has joined #nixos
<{^_^}> [nixpkgs] @danbst merged pull request #55157 → nixos/tests/postgresql: fix regression from #55106 → https://git.io/fhSMS
<{^_^}> [nixpkgs] @danbst pushed 2 commits to master: https://git.io/fhSy0
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55170 → python37Packages.structlog: 18.2.0 -> 19.1.0 → https://git.io/fhSyE
sicklorkin has joined #nixos
knupfer has quit [Client Quit]
<{^_^}> [nixpkgs] @Vonfry opened pull request #55171 → [package update]fortune: 1.99.1 -> 2.6.2 → https://git.io/fhSyz
teehemka_ is now known as teehemkay[away]
<colemickens> Git embeds data into exported archives, this includes the ones exported from GitHub.
<colemickens> I'd like to use fetchTarball but also be able to run `git get-tar-commit-id` with the raw tarball (it can be gunzip'd), is this possible? I guess I could use fetchUrl and then extract it myself or something
<clever> colemickens: fetchzip is poorly named, and will just unzip (or untar) whatever you point it at
<clever> oh, but you want the tar itself
jackdk has quit [Ping timeout: 250 seconds]
<colemickens> yeah git embeds something into the tar metadata
<clever> then it would need to be fetchurl, or a modified version of fetchzip
<colemickens> ok
<clever> have a look at the definition of fetchFromGitHub and fetchzip
<clever> > fetchFromGitHub
<{^_^}> { __functor = <CODE>; override = <CODE>; overrideDerivation = <CODE>; }
teehemkay[away] has quit [Quit: ZZZzzz…]
<clever> > builtins.unsafeGetAttrPos "fetchFromGitHub" pkgs
<{^_^}> { column = 3; file = "/var/lib/nixbot/nixpkgs/master/repo/pkgs/top-level/all-packages.nix"; line = 264; }
<clever> colemickens: thats where you will find it
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55172 → python37Packages.xarray: 0.11.2 -> 0.11.3 → https://git.io/fhSyw
o1lo01ol1o has joined #nixos
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/c77728de7b8 (from 6 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
o1lo01ol1o has quit [Ping timeout: 250 seconds]
random_yanek has quit [Ping timeout: 244 seconds]
lezed1 has quit [Quit: Connection closed for inactivity]
griff_ has joined #nixos
random_yanek has joined #nixos
simukis has quit [Quit: simukis]
iqubic` has joined #nixos
iqubic has quit [Ping timeout: 264 seconds]
vk3wtf has quit [Ping timeout: 240 seconds]
dejanr has joined #nixos
dramforever has quit [Quit: Leaving]
ddellacosta has quit [Ping timeout: 246 seconds]
rauno has joined #nixos
upsaday_ has quit [Remote host closed the connection]
<colemickens> there we go, I got the full system toplevel build to be identical when using either a local nixpkgs checkout or a fetchTarball by setting nixos.version manually. neat :)
<{^_^}> Channel nixos-18.03-small advanced to https://github.com/NixOS/nixpkgs/commit/fe792ef27a6 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-18.03-small)
rcshm_ has quit []
upsaday has joined #nixos
schjetne has quit [Ping timeout: 240 seconds]
mkoenig has quit [Remote host closed the connection]
Makaveli7 has joined #nixos
dejanr has quit [Ping timeout: 245 seconds]
sicklorkin has quit [Ping timeout: 240 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55173 → python37Packages.sphinx-testing: 0.8.1 -> 1.0.0 → https://git.io/fhSSl
mkoenig has joined #nixos
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/dbb9f8818af (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
dramforever has joined #nixos
dramforever has quit [Client Quit]
dermetfan has joined #nixos
<{^_^}> [nixpkgs] @dtzWill opened pull request #55174 → rhash: 1.3.6 -> 1.3.8 → https://git.io/fhSSV
<{^_^}> [nixpkgs] @dtzWill opened pull request #55175 → iosevka-bin: 2.0.2 -> 2.1.0 → https://git.io/fhSSK
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55176 → python37Packages.rpmfluff: 0.5.5 -> 0.5.6 → https://git.io/fhSS6
Boomerang has joined #nixos
griff_ has quit [Quit: griff_]
dermetfan has quit [Ping timeout: 250 seconds]
brejoc has joined #nixos
MinceR has quit [Ping timeout: 250 seconds]
phreedom has quit [Ping timeout: 256 seconds]
MinceR has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55177 → python37Packages.rasterio: 1.0.13 -> 1.0.15 → https://git.io/fhSS7
o1lo01ol1o has joined #nixos
howdoyouturnthis has joined #nixos
xkapastel has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55178 → qpdf: 8.3.0 -> 8.4.0 → https://git.io/fhSSx
hyper_ch2 has joined #nixos
dramforever has joined #nixos
schjetne has joined #nixos
howdoyouturnthis has quit [Client Quit]
o1lo01ol1o has quit [Ping timeout: 244 seconds]
brejoc has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @markuskowa merged pull request #55073 → lxd: fix sh not in path → https://git.io/fhSY3
<{^_^}> [nixpkgs] @markuskowa pushed commit from @megheaiulian to master « lxd: fix sh not in path (#55073) »: https://git.io/fhS9J
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/72677fa7350 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
Phillemann has joined #nixos
Phillemann has left #nixos ["WeeChat 2.3"]
koensw has joined #nixos
freeman42x has joined #nixos
sicklorkin has joined #nixos
nikola_i has quit [Ping timeout: 246 seconds]
nikola_i has joined #nixos
Makaveli7 has quit [Quit: Leaving]
phreedom has joined #nixos
<{^_^}> [nixpkgs] @benley opened pull request #55179 → WIP: Run Docker containers as declarative systemd services → https://git.io/fhS9s
johanot has joined #nixos
counting1ort is now known as countingsort
upsaday_ has joined #nixos
freeman42x has quit [Ping timeout: 264 seconds]
upsaday has quit [Ping timeout: 272 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55180 → python37Packages.tenacity: 5.0.2 -> 5.0.3 → https://git.io/fhS92
goibhniu has joined #nixos
periklis has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55181 → python37Packages.qtawesome: 0.5.5 -> 0.5.6 → https://git.io/fhS9X
alex`` has joined #nixos
revtintin has quit [Quit: WeeChat 2.3]
thc202 has joined #nixos
realrokka has joined #nixos
o1lo01ol1o has joined #nixos
hellrazor has joined #nixos
o1lo01ol1o has quit [Ping timeout: 246 seconds]
oida has quit [Ping timeout: 256 seconds]
Ariakenom has joined #nixos
tjg1 has joined #nixos
tjg1 has joined #nixos
tjg1 has quit [Changing host]
* Taneb is annoyed at Hydra's RunCommand plugin and how its JSON schema differs from that of fetching build/$id
endorphin has quit [Quit: Communi 3.5.0 - http://communi.github.com]
dermetfan has joined #nixos
<sphalerite> so I'm using the aarch64 community box as a remote builder, and started building something, and it's copying some paths there… extremely slowly
<{^_^}> [nixpkgs] @MostAwesomeDude opened pull request #55182 → Unbreak many PyPy packages → https://git.io/fhSHY
<clever> sphalerite: i cant remember the exact flag, but you can set something to make the remote machine use its own binary cache config
<clever> then it will fetch what it can, rather then you uploading it all
<sphalerite> as in, I run tcpdump and I see the individual packets trickling up, maybe 10 per second
<sphalerite> oh yeah, forgot about that one. But most of the stuff it's uploading isn't in the binary cache nayway
<clever> sphalerite: tcp window size? upload cap?
<sphalerite> any ideas why it might be so slow?
<sphalerite> tcp window size?
<clever> it can upload one tcp-window per round-trip, so if the window is low
<sphalerite> Not an upload cap
<clever> tcpdump -v and/or wirehsark should show the window size
<dramforever> Repost from 4h ago: Hi! I'm trying to fix this fact in nixpkgs: pulseaudio-dlna depends on pythonPackages.zeroconf (python 2), but some time ago zeroconf was updated it no longer supports python 2, and therefore pulseaudio-dlna is broken. I I have a wip pull request here https://github.com/NixOS/nixpkgs/pull/54880 .
<{^_^}> #54880 (by dramforever, 5 days ago, open): pulseaudio-dlna: downgrade dep zeroconf to 0.19.1
<dramforever> I'm wondering what would be the best way to do it
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<sphalerite> clever: 350
marcusr has joined #nixos
<dramforever> Like, should we just downgrade it in pythonPackages? How do we handle the two versions of zeroconf in nixpkgs?
<sphalerite> that seems small? I think?
<clever> sphalerite: sounds like there is high packet loss to the builder, so linux has scaled the window size back, to throttle things
<dramforever> (by dotlambda) Maybe use separate expression for Python 2 and 3, like if isPy3k then new else old?
<clever> sphalerite: what does `ping builder -c 100` say at the end?
<sphalerite> clever: hm, mtr doesn't report any packet loss
bpa has joined #nixos
<sphalerite> yeah no packet loss on 100 pings, no erratic RTT either
nikola_i has quit [Ping timeout: 245 seconds]
<clever> sphalerite: is it many short-lived tcp conns or one long-lived one?
<sphalerite> clever: pc /dev/urandom | ssh lheckemann@aarch64.nixos.community 'cat >/dev/null' hovers at about 1MByte/s so it seems to be a nix issue
<sphalerite> s/pc/pv/
<clever> ah, it could be IO bottlenecks at either end
<clever> what does `top` and `iostat -x 30` show, on both ends?
__monty__ has joined #nixos
<sphalerite> clever: http://ix.io/1A09
<sphalerite> (local)
<sphalerite> I highly doubt there'd be such bad IO issues on the community box
<clever> not an IO or cpu issue locally
rauno has quit [Ping timeout: 268 seconds]
<sphalerite> remote http://ix.io/1A0a
<sphalerite> pretty sure it's a nix problem :/
<sphalerite> wait actually…
<clever> iostat is only accurate for the 2nd sample onward
<clever> 1st is an avg since boot
<sphalerite> oh ok
<sphalerite> yeah it's much less busy than on average right now
<clever> sphalerite: what about cpu usage in `top`, what % is nix using?
__monty__ has quit [Client Quit]
__monty__ has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55183 → python37Packages.pycontracts: 1.8.7 -> 1.8.8 → https://git.io/fhSHE
<{^_^}> [nixpkgs] @shmish111 opened pull request #55184 → maintainers: add shmish111 → https://git.io/fhSHz
<sphalerite> clever: almost none on both sides
__monty__ has quit [Client Quit]
<clever> sphalerite: next thing then would be `nix copy --to builder /nix/store/fatpath -vvvv`
__monty__ has joined #nixos
__Sander__ has joined #nixos
<sphalerite> it does spend quite some time "waiting for the upload lock to <builder>" at the beginning
<sphalerite> of the build
<sphalerite> (still waiting for it to show a fat path that's not copying well)
<clever> thats a local lock i believe
o1lo01ol1o has joined #nixos
griff_ has joined #nixos
<clever> sphalerite: oddly, i dont see that in the `nix copy` codepath, did you do a remote build?
<sphalerite> yeah I'm starting the remote build again to see which path I can use for nix copy
<clever> could also `du --max-1 -hc /nix/store | sort -h | tail` to just find the biggest thng you have
hedning has joined #nixos
o1lo01ol1o has quit [Ping timeout: 252 seconds]
oida has joined #nixos
<sphalerite> still waiting for the upload lock
rauno has joined #nixos
<clever> sphalerite: you might have stale lock files in /nix/var/nix/current-load/ maybe?
<clever> sphalerite: or another process you missed is open, and still uploading
<clever> sphalerite: check lsof to see what has files in there open
dermetfan has quit [Ping timeout: 246 seconds]
mkoenig_ has joined #nixos
sigmundv_ has joined #nixos
civodul has joined #nixos
mkoenig_ has quit [Client Quit]
mkoenig has quit [Ping timeout: 250 seconds]
mkoenig has joined #nixos
<sphalerite> ok found a nice big path to copy
<sphalerite> last thing it said was "copying path … to … ..."
<sphalerite> now it's showing the progress bar with no progress
<clever> ah, maybe switch to nix-copy-closure --to builder -vvvv /nix/store/foo
<clever> the UI of `nix` can mess with logs
<sphalerite> hm, could it be that using the wifi on the train yesterday permanently scarred my TCP stack
<sphalerite> now it's copied 0.1MB of 621.0
<clever> lol
<clever> that kind of stuff is per-connection
<clever> so it should recover the next time you make a tcp connection
<sphalerite> maybe it was just that bad.
<sphalerite> :D
<sphalerite> nix-copy-closure seems to operate differently from nix copy, using nix-store --serve --write remotely rather than nix-daemon --stdio
<sphalerite> anyway, last it said was "adding path … to remote host …"
<Taneb> Has anyone here used krops? I'm looking into it as an alternative to nixops that doesn't have the multi-user problem
<clever> sphalerite: are you doing this from X11 or ssh to your box?
<sphalerite> clever: hm the packets are trickling through a lot faster
<sphalerite> clever: I'm running commands directly on the chromebook, using ssh to the community box
<sphalerite> Taneb: definitely lassulus
<clever> sphalerite: is the chromebook able to get a shell on the community box?
<sphalerite> clever: yes
<clever> then its not the agent being wonky
<sphalerite> yep
<sphalerite> besides, that would cause slow auth problems, not slow connection problems, wouldn't it?
<clever> in the past, ive ran ssh on the laptop (over ssh itself), when the laptop was in another room
<clever> and ssh just hung and silently did nothing
<clever> because the agent popped a query up, on the laptop display, in another room
<sphalerite> yeah but in that case nix wouldn't even start copying because it needs to query the builder for the paths before it starts copying anyway
<clever> ah yeah
<{^_^}> [nixpkgs] @vcunat pushed commit from David Smith to master « maintainers: add shmish111 »: https://git.io/fhSHH
<{^_^}> [nixpkgs] @andir opened pull request #55186 → prosody: update communityModules → https://git.io/fhSHQ
<sphalerite> anyway, it seems to be copying faster, at least as far as I can tell from tcpdump
<{^_^}> [nixpkgs] @shmish111 opened pull request #55187 → bazel-remote: init at 57a18163783d3d0cb199ad93bcc788c864ec4140 → https://git.io/fhSH7
xkapastel has quit [Quit: Connection closed for inactivity]
<{^_^}> [nixpkgs] @vcunat merged pull request #55184 → maintainers: add shmish111 → https://git.io/fhSHz
<teto> sphalerite: the kernel caches some informations see tcp_save_metrics
<sphalerite> teto: surely that won't affect a connection 12 hours later?
<{^_^}> [nixpkgs] @shmish111 opened pull request #55188 → nixos/bazel-remote: init at 57a18163783d3d0cb199ad93bcc788c864ec4140 → https://git.io/fhSQv
<{^_^}> [nixpkgs] @shmish111 closed pull request #54996 → add bazel-remote as a go package and a nixos module → https://git.io/fhymA
<teto> sphalerite: not sure how long the cache lasts but if you had a poor wifi connection, it might later start with a smaller congestion window. But it should be replaced with better stats fast I believe, and the correct name is tcp_no_metrics_save (man tcp)
<sphalerite> clever: so yeah the nix-copy-closure actually finished. Idk what's wrong with ssh-ng
reinhardt has joined #nixos
chross has joined #nixos
domenkozar has quit [Changing host]
domenkozar has joined #nixos
<{^_^}> [nixpkgs] @joachifm merged pull request #55070 → lkl: install liblkl.so and liblkl-hijack.so → https://git.io/fhSqy
<{^_^}> [nixpkgs] @joachifm pushed 2 commits to master: https://git.io/fhSQT
<chross> Hello. first time here and a new NIX user.
<sphalerite> chross: hi! Welcome :)_
<chross> I'm trying to get the latest intel microcode to install and I noticed that systemd-boot is getting the intel-ucode.img initrd
<chross> Is this an OK place to discuss this?
<sphalerite> absolutely
<sphalerite> I think that's how it's supposed to work
<dramforever> Assuming you're trying to do it on NixOS, which you seem to be
<chross> Yes :)
<dramforever> Are you using this? https://nixos.org/nixos/options.html#hardware.cpu.intel.updatemicrocode
<chross> So NIXOS, EFI boot with default systemd-boot
<chross> Yes, i use that package
<chross> and I think that the boot.initrd.prepend is not respected by systemd-boot
<clever> chross: grub also has efi support, so you could just ditch a bit of systemd
<dramforever> chross you mean that there is still just one initrd to boot from?
<sphalerite> chross: it's independent of the bootloader, the prepend option just makes it get included in the initrd
<sphalerite> it's still a single initrd
<chross> Yeah, I know i can switch over. I just wanted to bring it to attention. Without the intel-ucode.img almost everyone is vulnerable to spectre/meltdown
<dramforever> chross, are you expecting something like this? https://wiki.archlinux.org/index.php/Microcode#systemd-boot
<chross> so the intel-ucode.img is not prepended to the boot configuration it is actually appended to the file?
<dramforever> exactly!
<dramforever> you can check the initrd yourself
<chross> Aha, ok then there is something else wrong causing it not to execute and update the microcode
<dramforever> Hmm
<sphalerite> chross: gzip -d < /run/current-system/initrd | cpio -t the micorcode file should show right near the beginning
<chross> Let me look...
<sphalerite> OTT, I should probably enable microcode updates
ng0 has joined #nixos
<dramforever> for me it's not compressed, and I can see the contents with cpio -t /run/current-system/initrd
<dramforever> There's only one file kernel/x86/microcode/GenuineIntel.bin
<dramforever> Because that's just the first cpio. The 'real' initrd follows intel-ucode.img
<dramforever> chross: Is it like that on your machine?
<chross> Mine is not compressed, as you describe
<chross> but the cpio -t has not completed
<chross> should it take long?
<dramforever> Also, dmesg | head gives me: [ 0.000000] microcode: microcode updated early to revision 0x8e, date = 2018-03-24
<chross> hmm... so it is working for you
<chross> and you're using systemd-boot?
<clever> chross: the man page says it should be `cpio -i`
<dramforever> 'should it take long?' not at all
sicklorkin has quit [Read error: Connection reset by peer]
sicklorkin has joined #nixos
<clever> oh, or `-i -t`
dr_barrucadu is now known as barrucadu
<dramforever> Yes I'm using systemd-boot
<sphalerite> clever: just -t is enough
<clever> -i will unpack the initrd to the current dir
Tucky has quit [Quit: WeeChat 2.2]
<chross> cpio -t never returns, time for a little stracew
<{^_^}> Channel nixos-18.09 advanced to https://github.com/NixOS/nixpkgs/commit/dbb9f8818af (from 5 hours ago, history: https://channels.nix.gsc.io/nixos-18.09)
<dramforever> You have some weird initrd on your hands
<{^_^}> [nixpkgs] @dtzWill merged pull request #55154 → Office Code Pro: init at 1.004 → https://git.io/fhSMg
<{^_^}> [nixpkgs] @dtzWill pushed 2 commits to master: https://git.io/fhSQc
<chross> strace is blocked on a read0
<chross> read(0,
<chross> ok, time to wipe it
<clever> chross: what about `file -L /run/current-system/initrd`
<dramforever> chross, I got it
<clever> chross: it sounds like the gzip isnt decompressing
<dramforever> cpio -t < thingy
<dramforever> cpio -t < /run/current-system/initrd
<dramforever> It's reading from stdin
<chross> heh
<chross> ok, let me try again
<clever> `gzip -d < /run/current-system/initrd | cpio -t`
<clever> and stdin should be gzip's stdout
<{^_^}> [nixpkgs] @vcunat opened pull request #55189 → libvdpau: pull a few upstream commits → https://git.io/fhSQl
<dramforever> heh
<chross> I only have GenuineIntel.bin as well
<chross> 3357 blocks
<dramforever> yay
<dramforever> so why is it not applying...?
<sphalerite> qemu -kernel /run/current-system/kernel -initrd /run/current-system/initrd -append "$(< /run/current-system/kernel-params)"
<sphalerite> :D
<dramforever> kernel/x86/microcode/GenuineIntel.bin
<dramforever> 3357 blocks
<dramforever> exactly the same for me
<dramforever> That's weird
<dramforever> My next question would be, are you *really sure* the microcode image isn't working?
<sphalerite> ^
Tucky has joined #nixos
<chross> A reasonable question: dmesg | grep -i microcode [ 0.000000] [Firmware Bug]: TSC_DEADLINE disabled due to Errata; please update microcode to version: 0xb000020 (or later) [ 2.560761] microcode: sig=0x406f1, pf=0x1, revision=0xb00001c [ 2.561225] microcode: Microcode Update Driver: v2.2.
<chross> terrible formatting
<chross> i need a better irc client...
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55190 → python37Packages.libtmux: 0.8.0 -> 0.8.1 → https://git.io/fhSQB
<dramforever> nixpkgs needs a better microcode
<chross> that is possible
chross-q has joined #nixos
nikola_i has joined #nixos
superherointj has joined #nixos
<dramforever> No wait I misread that
<dramforever> 'please update microcode to version: 0xb000020 (or later)' <- update CPU or file?
<sphalerite> 20180807 is in nixpkgs and that's the latest version on the intel website
<chross-q> OK, now I have a new client. So I know that I am running: microcode : 0xb00001c according to cpuinfo
<dramforever> I found the exact same things as sphalerite
<chross-q> This intel-ucode.img is generatred from a file downloaded from the intel site when I install, right? it isn't prebuilt?
<clever> chross-q: its fetched by nixpkgs, so the nixpkgs have to be updated (or an override added)
<chross-q> yeah... i see here in intel.nix
<chross-q> sorry, I'm a bit new. what is the best way to override a rebuild from the intel.nix?
init_6 has joined #nixos
xkapastel has joined #nixos
<dramforever> Uh, what do you mean
<sphalerite> chross-q: nixpkgs already has the latest microcode
<chross-q> Clever mentions that intel-ucode.img is fetched from nixpkgs. I see that I have an intel.nix to generate an intel-ucode.img
<chross-q> ok, probably not that then
<sphalerite> chross-q: are you sure it's getting loaded?
<chross-q> You mean an I sure that I load the right initrd?
<sphalerite> oh wait you pasted earlier all the messages mentioning microcode
<chross-q> Yes, that was the full output
<dramforever> It ends at 'Driver: v2.2.'
o1lo01ol1o has joined #nixos
<dramforever> truncated?
<chross-q> Hmm, i run it again and it does end on v2.2.
<dramforever> okay got that
<chross-q> is that not similar to others?
<chross-q> Maybe its something with the intel .tgz
<dramforever> nah i was just wondering if IRC truncated your message, and answer seems to be no
<chross-q> I will look through it to see if it has my cpu family
o1lo01ol1o has quit [Ping timeout: 250 seconds]
<chross-q> Yep, oddly enough that package from intel does not contain an upgrade for my CPU
<chross-q> despite there existing a new firmware for it
<chross-q> it must exist in some other package on Intel
griff_ has quit [Quit: griff_]
<{^_^}> [nixpkgs] @w4 opened pull request #55192 → nginx: support h2c → https://git.io/fhSQx
martinb_ has quit [Ping timeout: 245 seconds]
ottidmes has joined #nixos
chross has quit [Quit: Page closed]
bpa has quit [Remote host closed the connection]
chross-q has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
<teto> when are we going to be able to use builtins.placeholder ?
<tilpner> teto: Right now? It's already being used in nixpkgs
<teto> tilpner: amazing thanks
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55193 → python37Packages.py3exiv2: 0.4.0 -> 0.5.0 → https://git.io/fhS7O
dramforever has quit [Ping timeout: 250 seconds]
hellrazor has quit [Ping timeout: 250 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55194 → python37Packages.libusb1: 1.6.6 -> 1.7 → https://git.io/fhS7G
<{^_^}> [nixpkgs] @7c6f434c merged pull request #54978 → Lua generate nix packages from luarocks → https://git.io/fhD0X
<{^_^}> [nixpkgs] @7c6f434c pushed commit from @teto to master « Lua generate nix packages from luarocks (#54978) »: https://git.io/fhS70
<lassulus> Taneb: yes, we use krops, what do you want to know?
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55195 → python37Packages.httmock: 1.2.6 -> 1.3.0 → https://git.io/fhS7z
hellrazor has joined #nixos
jasongrossman has joined #nixos
<azazel> teto: what's builtins.placeholder?
<teto> gives you the value of $out within nix, without needing a shell
<Taneb> lassulus: any major pitfalls with it? It looks a lot more approrpiate to my usecase than nixops but I haven't yet been able to experiment with it
reinhardt has quit [Ping timeout: 244 seconds]
<azazel> teto: ah, nice, didn't know
<lassulus> hmm, none I can think of. I don't know your usecase. For use the major factor was to have multiple parties deploy easily to multiple systems.
<srhb> Can someone figure out what causes the infinite recursion here? https://gist.github.com/56f8efa1798ae25be3ae7f41432427e3
<{^_^}> [nixpkgs] @pSub merged pull request #55151 → zsh: 5.7 -> 5.7.1 → https://git.io/fhSMU
<{^_^}> [nixpkgs] @pSub pushed 2 commits to master: https://git.io/fhS7a
init_6 has quit []
<Taneb> srhb: is it getting confused because services.vmwareGuest is modifying pkgs?
<srhb> Taneb: That was my first assumption, but it isn't in any obvious way
<srhb> Maybe transiently through xserver, which I'm looking through now
Ariakenom has quit [Ping timeout: 250 seconds]
<srhb> It's not xserver..
<srhb> Or, hm, maybe, but not xserver config
<Taneb> srhb: does it error with headless set to false, out of curiousity?
<srhb> I didn't think so, but it does indeed!
<srhb> enable = false as well
<srhb> Maybe the red herring is bigger than I thought
<srhb> :-)
krav1 has joined #nixos
<teto> hum not sure I got the meaning of placeholder right, I have some code g:python3_host_prog='${placeholder "out"}/bin/nvim-python3'" which generates let g:python3_host_prog='/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9/bin/nvim-python3'
<teto> was expecting a /nix/store path instead
reinhardt has joined #nixos
<clever> teto: how does that string compare to $out?
<clever> teto: and did you view it at nix or bash time?
<clever> > builtins.placeholder "out"
<{^_^}> "/1rz4g4znpzjwh1xymhjpm42vipw92pr73vdgl6xs1hycac8kf2n9"
<gchristensen> anyone mind taking a look at https://github.com/NixOS/nixpkgs/pull/55158 ? I'm not sure if it is so hacky to not be worth it
<{^_^}> #55158 (by grahamc, 8 hours ago, open): perl: make reproducible
gagbo has quit [Ping timeout: 246 seconds]
<teto> at nix-time. The bash $out is /nix/store/0gclx50csjh9lsi1s0y1b05jmj525nmi-neovim-float/bin/nvim-python3
<clever> nix-repl> :b runCommand "name" {} ''echo ${builtins.placeholder "out"}''
<clever> hmmm, its also "wrong" at bash time...
silver has joined #nixos
<clever> nix-repl> :b runCommand "name" { foo = builtins.placeholder "out"; } ''echo $foo''
<clever> teto: ah, its only right when in an attr of the derivation
<clever> but, runCommand puts it into the buildCommand attr ...
<clever> the above magically prints /nix/store/f2y39wr94xbz0abxlcv9saqlaqzq72k8-name
Ariakenom has joined #nixos
<teto> clever: I have let generatedVimrc = " ${placeholder "out"} " in mkDerivation { ... writeToFile generatedVimrc }; so that's normal it fails ?
<srhb> Ok, found it.
<srhb> amdgpu-pro.nix and ati.nix set nixpkgs.config.xorg.abiCompat, which induces the infinite loop on pkgs.
<{^_^}> [nixpkgs] @guibou opened pull request #55196 → Introduce the primesieve package → https://git.io/fhS5J
Tucky has quit [Ping timeout: 272 seconds]
Tucky has joined #nixos
<srhb> I feel like we must be introducing some accidental strictness somewhere for this to be a problem.
<srhb> Surely lib shouldn't be affected even if part of the config attrset has been modified here..
agander__ has joined #nixos
inkbottle has joined #nixos
gagbo has joined #nixos
Tucky has quit [Ping timeout: 250 seconds]
<ejpcmac> Hi! Is it normal that TMPDIR is set in Nix shells but not outside of them? I am facing issues with `emacsclient` due to this.
<ejpcmac> Out of the box, `emacsclient` cannot work inside a Nix shell, since the server socket is created in `/tmp`.
o1lo01ol1o has joined #nixos
Tucky has joined #nixos
<ejpcmac> So, to get it work, I have set `TMPDIR` to `/run/user/$UID`. But when doing that, `nixos-rebuild switch` complains that `/run/user/0` does not exist (so I must create it after each reboot).
<ejpcmac> This is quite annoying.
<ejpcmac> I could prefix my `emacsclient` aliases with `TMPDIR=/tmp`, but I do not feel comfortable with this hack.
<__monty__> Would emacsclient even work, the daemon doesn't inherit any of the shell's variables so it wouldn't be able to find any of the things you put on the PATH.
<__monty__> I think direnv is *a* solution?
Ariakenom has quit [Ping timeout: 268 seconds]
<__monty__> I could be completely off base though.
<ejpcmac> I do use direnv.
<ejpcmac> The daemon is started via systemctl, so it uses the environment defined in `environment.variables`
o1lo01ol1o has quit [Ping timeout: 272 seconds]
<ejpcmac> When I define `environment.variables.TMPDIR`, `emacsclient` and the emacs daemon both use the same TMPDIR
<ejpcmac> So does `nixos-rebuild`
simukis has joined #nixos
<ejpcmac> When using the default behaviour, the emacs daemon uses the default environment, in which `TMPDIR` is not definded (thus creating its socket under `/tmp`). `emacsclient` then works properly outside of a Nix shell, but not inside becauses it looks for the socket in `/run/user/$UID`.
dermetfan has joined #nixos
Tucky has quit [Ping timeout: 272 seconds]
<ejpcmac> So, my main question was: is it intended that the `TMPDIR` is different inside and outside Nix shells? If so, why? If not, what should we do to have a consistent behaviour?
agander__ is now known as agander
<__monty__> Pretty sure that's intended yes. Otherwise /tmp can corrupt your supposedly "reproducible" environment.
griff_ has joined #nixos
<__monty__> Keep in mind that nix-shell's first and foremost supposed to provide a shell to make creating/testing nix expressions for packages easier.
<ejpcmac> __monty__: Yep, I thought so initially, but since it is the same between all Nix shells, this seems not to be the case.
<__monty__> Hmm, not sure then.
brejoc has joined #nixos
Xal has quit [Ping timeout: 244 seconds]
ninjin has joined #nixos
Xal has joined #nixos
superherointj has quit [Quit: Leaving]
orivej has joined #nixos
periklis` has joined #nixos
periklis has quit [Ping timeout: 246 seconds]
martinb_ has joined #nixos
ThatDocsLady has joined #nixos
regulus_ has quit [Ping timeout: 240 seconds]
regulus- has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55198 → python37Packages.pytest-django: 3.4.5 -> 3.4.6 → https://git.io/fhS57
superherointj has joined #nixos
bpa has joined #nixos
o1lo01ol1o has joined #nixos
upsaday_ has quit [Remote host closed the connection]
o1lo01ol1o has quit [Ping timeout: 252 seconds]
daniele- has quit [Quit: daniele-]
rauno has quit [Ping timeout: 240 seconds]
superherointj has quit [Quit: Leaving]
griff_ has quit [Quit: griff_]
ym555 has joined #nixos
<{^_^}> [nixpkgs] @peti merged pull request #55196 → Introduce the primesieve package → https://git.io/fhS5J
<{^_^}> [nixpkgs] @peti pushed 3 commits to master: https://git.io/fhSdC
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fhSdl
ym555 has quit [Client Quit]
brejoc has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fhSdB
tdbgamer has joined #nixos
brejoc has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55200 → python37Packages.Nuitka: 0.6.1 -> 0.6.1.1 → https://git.io/fhSdP
Ariakenom has joined #nixos
o1lo01ol1o has joined #nixos
jmeredith has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55202 → python37Packages.keepkey: 4.0.2 -> 6.0.2 → https://git.io/fhSdH
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/3bd7a3b3b96 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
Tucky has joined #nixos
chross-q has joined #nixos
<chross-q> Hello again, I was on this morning regarding an intel-ucode issue.
<chross-q> I found that the microcode I need is included int the tgz downloaded from Intel as part of intel.nix
<chross-q> but it is in a special folder, intel-ucode-with-caveats
<chross-q> microcode here require to be late loaded instead of early loaded as described here:https://wiki.archlinux.org/index.php/microcode#Enabling_late_microcode_updates
<chross-q> So to protect these processors from SpectreMeltdown there has to be a system-d job to reload the microcode during initialization. I'm not sure if this is an issue for NixOS as its an edge case
<chross-q> but just FYI
hedning has quit [Quit: hedning]
<{^_^}> [nixpkgs] @Shou opened pull request #55203 → openapi-generator-cli: init at 3.3.4 → https://git.io/fhSFI
reinhardt has quit [Ping timeout: 250 seconds]
o1lo01ol1o has quit [Remote host closed the connection]
<__monty__> chross-q: Systemd specifically or whatever init system? Also, protecting against exploits after boot doesn't sound very satisfying.
mmlb08 has quit [Quit: Ping timeout (120 seconds)]
<gchristensen> chross-q: we do already support updating microcode
mmlb08 has joined #nixos
o1lo01ol1o has joined #nixos
<chross-q> So the context of the issue is that I have activated all of the microcode update and it is behaving as expected in appending intel-ucode.img to the initrd
<{^_^}> [nixpkgs] @jsamsa opened pull request #55204 → odpic: 2.4.2 -> 3.1.0 → https://git.io/fhSFt
<chross-q> and at initialization I see that the microcode updating service attempts to run
<chross-q> but on my CPU, there was no update
<chross-q> After some troubleshooting I found that for my specific CPU the intel.nix file does not package up the intel-ucode-with-caveats also contained within the .tgz from intel
<chross-q> The reason for that is because my specific CPU can hang for early microcode loading as described by the Intel release notes
<chross-q> Because of this, the only alternative is to create a late microcode initialization (i agree undesireable), but it is the only alternative
<chross-q> for this family of CPU
<chross-q> and when I say "microcode updating service" i mean the microcode kernel module that loads at early initialization
<symphorien> you could add this config to nixos-hardware
<chross-q> you mean enable a systemd service to perform the ucode reload?
<chross-q> or that one already exists (that would be nice!)
<symphorien> I mean, if you write the systemd service to late load the microcode, you could then make a PR to nixos-hardware
brejoc has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<symphorien> It seems unfit for nixpkgs (there is no way to know why a microcode file is named *with-caveat)
<symphorien> but since nixos-hardware is designed for hardware specific quirks, this seems relevant
dkibi has joined #nixos
<chross-q> Forgive me, I'm very new to nixos, but there already exists a nixpkgs/pkgs/os-specifc/linux/microcode/intel.nix
<chross-q> Is that part of nixpkgs or the hardware you describe
<gchristensen> yeah, it does seem like it should "just work"
<symphorien> I am speaking of https://github.com/NixOS/nixos-hardware
<chross-q> Aha, interesting. I was thinking you meant hardware-configuration.nix
<chross-q> I will look around there, thanks.
<gchristensen> chross-q: are you saying something is wrong with this? https://github.com/NixOS/nixpkgs/blob/master/pkgs/os-specific/linux/microcode/intel.nix#L19-L21
<symphorien> gchristensen: if I understand correctly, this microcode has a different naming scheme because if you treat it normally you can make the cpu hang
<chross-q> Yep, symphorien, that is correct
<chross-q> So wrong that the microcode doesnt update, but not wrong in not updating ;)
<chross-q> its a special case, and it seems nixos-hardware may be appropriate as it would be a very different intel.nix
<chross-q> may there could exist a intel-ucode.nix option to preload vs lateload
<chross-q> but this would be the only CPU specific profile listed on nixos-hardware
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55205 → python37Packages.keras-applications: 1.0.6 -> 1.0.7 → https://git.io/fhSFC
o1lo01ol1o has quit [Ping timeout: 272 seconds]
reinhardt has joined #nixos
<{^_^}> [nixpkgs] @flokli closed pull request #55204 → odpic: 2.4.2 -> 3.1.0 → https://git.io/fhSFt
rauno has joined #nixos
agander has quit [Ping timeout: 272 seconds]
<{^_^}> [nixos-homepage] @balsoft opened pull request #262 → Add a Telegram support group → https://git.io/fhSFg
o1lo01ol1o has joined #nixos
<{^_^}> [nixpkgs] @edolstra merged pull request #55158 → perl: make reproducible → https://git.io/fhSMA
<{^_^}> [nixpkgs] @edolstra pushed 2 commits to staging: https://git.io/fhSF2
__Sander__ has quit [Ping timeout: 240 seconds]
__Sander__ has joined #nixos
ryantrinkle has quit [Ping timeout: 240 seconds]
__monty__ has quit [Ping timeout: 244 seconds]
o1lo01ol1o has quit [Ping timeout: 250 seconds]
rauno has quit [Ping timeout: 264 seconds]
reinhardt has quit [Ping timeout: 240 seconds]
<{^_^}> [nixpkgs] @matthewbauer merged pull request #55053 → mkDerivation: cleaner handling of the `name` argument → https://git.io/fhSet
<{^_^}> [nixpkgs] @matthewbauer pushed 4 commits to master: https://git.io/fhSFw
alex`` has quit [Ping timeout: 246 seconds]
chross-q has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
xkapastel has quit [Quit: Connection closed for inactivity]
<hodapp> woo! I coaxed ccls & eglot into working right in Emacs, despite how everything-being-in-weird-paths tends to make Nix break things like this
__monty__ has joined #nixos
endformationage has joined #nixos
sicklorkin has quit [Ping timeout: 240 seconds]
alex`` has joined #nixos
upsaday has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55206 → python37Packages.braintree: 3.50.0 -> 3.51.0 → https://git.io/fhSFX
<{^_^}> [nixpkgs] @guibou opened pull request #55207 → libffi: enable static build → https://git.io/fhSFD
<{^_^}> [nixpkgs] @guibou opened pull request #55208 → ghc: use system `libffi` → https://git.io/fhSFy
jabranham has joined #nixos
upsaday has quit [Remote host closed the connection]
upsaday has joined #nixos
hedning has joined #nixos
<wedens> anyone tried openvpn3 client? (https://github.com/OpenVPN/openvpn3-linux)
ng0 has quit [Ping timeout: 256 seconds]
chross-q has joined #nixos
<chross-q> I'm back again. So late loading of firmware requires the firmware files to be in a specific path defined in the kernel config option EXTRA_FIRMWARE_DIR and it is default /lib/firmware
mmlb08 is now known as mmlb
<clever> chross-q: typically, the kernel will execute a udev related binary (or write to a special pipe) to request that udev do the firmware loading
hedning has quit [Read error: Connection reset by peer]
<clever> chross-q: nixos udev will then use /run/current-system/firmware/
hedning has joined #nixos
<chross-q> aha, thanks. i will continue digging
<jophish> What does this mean: modprobe: ERROR: could not insert 'crc32_arm_ce': No such device
<clever> jophish: are you on an arm processor?
<jophish> clever: indeed
<jophish> armv7l
<jophish> trying to boot from a btrfs partition
<jophish> however /dev/sda1 never appears
<clever> jophish: let me double-check things...
<jophish> sorry, /dev/sda1 is the root partition
<jophish> I get to stage 1 without a hitch
__Sander__ has quit [Ping timeout: 246 seconds]
__Sander__ has joined #nixos
<clever> crc32-arm-ce-y:= crc32-ce-core.o crc32-ce-glue.o
<hodapp> this keeps reminding me of the NVidia Jetson that I have collecting dust 24/7
<hodapp> not sure what else to do with it though...
<clever> jophish: lines 214-225 are doing some checks to see if the hardware supports crc32 at a hardware level
hedning_ has joined #nixos
<clever> and will return ENODEV if it doesnt
hedning_ has quit [Remote host closed the connection]
hedning_ has joined #nixos
<jophish> clever: hmm, that makes me think this is a red herring
<clever> jophish: i'm guessing the CPU is too old to support hw accelerated crc32, but for even the fallback to not work? weird
<jophish> and /dev/sda1 isn't appearing for some other reason
<clever> jophish: what bus is sda on? is that driver in the initrd?
<jophish> clever: a sata bus
<jophish> I suppose I should add a module to initrd
<jophish> but I'm not sure which one
<clever> jophish: check lsmod when the device is working
<jophish> good idea
<jophish> clever: ahci_mvebu looks like the most promising
hedning has quit [Ping timeout: 250 seconds]
hedning_ is now known as hedning
<clever> sounds good
<clever> boot.initrd.availableKernelModules
<jophish> rebooting already :)
<jophish> clever: please let me know if you ever visit Singapore, I owe you probably 100 beers by now
edef has left #nixos [#nixos]
hedning has quit [Client Quit]
<jophish> clever: perfect
<jophish> it worked
<clever> jophish: heh, no current plans to visit anything in the asia region
troydm has quit [Ping timeout: 245 seconds]
upsaday has quit [Remote host closed the connection]
upsaday has joined #nixos
reinhardt has joined #nixos
<{^_^}> [nixpkgs] @Vskilet opened pull request #55209 → jackett: 0.10.660 -> 0.10.707 → https://git.io/fhSbY
<{^_^}> [nixpkgs] @guibou closed pull request #55207 → libffi: enable static build → https://git.io/fhSFD
<hodapp> yeah, I already owe most active members of this channel at least a dozen beers each
<hodapp> have definitely not paid down my debt with the few bugs I've fixed and packages I've added
chross-q has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
<hodapp> though maybe if I fix the serial support in Cura, that'll be worth it to some people... who here uses Cura anyway?
realrokka has quit [Ping timeout: 246 seconds]
upsaday has quit [Remote host closed the connection]
hedning has joined #nixos
upsaday has joined #nixos
<__monty__> Don't think anyone you owe a beer debt's gonna admit anything : >
tdbgamer has quit [Quit: http://quassel-irc.org - Chat comfortably. Anywhere.]
o1lo01ol1o has joined #nixos
<hodapp> that wasn't a question for the sake of beer-debt accounting, but general interest :P
<__monty__> Yeah, not fooling anyone.
hedning has quit [Quit: hedning]
<dhess> clever: does IOHK build its own EC2 AMIs?
<clever> dhess: that was turned off long ago, never got used
* hodapp makes a mental note to repay __monty__'s beer debt with the nastiest IPA he can find.
<dhess> clever: so just the nixos.org-provided ones then?
<clever> dhess: yep
<__monty__> hodapp: Good thing my beer debt's negative ; )
<__monty__> Or rather positive, my debt to anyone.
<dhess> clever: ok. I ask because last I checked (September, I think), you can't convert those to EBS-encrypted AMIs
<dhess> something about no permission to clone, I think.
periklis` has quit [Ping timeout: 244 seconds]
<tobiasBora> Hello,
<tobiasBora> I'm trying to run the jar of this program on nixos, but it fails http://www.jflap.org/jflaptmp/
<tobiasBora> is it because of nix?
<tobiasBora> (I installed jre8 as asked by the program)
<tobiasBora> and I run it with java -jar JFLAP7.1.jar
<clever> tobiasBora: id say, get a backtrace first, so do `ulimit -c unlimited` like it said, then open the coredump in gdb
<tobiasBora> clever: and then?
<clever> tobiasBora: then we can look at the backtrace and see whats going on
<dckc> I am once again considering production deployment of some nix packages and looking at the state of the art in managing vulnerabilities. Nexpose and spacewalk are typically used around here. Any similar experience to report using nix?
ryantrinkle has joined #nixos
<tobiasBora> clever: so I typed "gdb JFAP7.1.jar /tmp/j/core"
<clever> tobiasBora: the 1st arg to gdb needs to be the java binary, not the elf file
iqubic` has left #nixos ["ERC (IRC client for Emacs 26.1)"]
<tobiasBora> something like that gdb $(which java) /tmp/j/core
koensw has quit [Quit: Leaving]
<tobiasBora> if yes the backtrace is https://paste.debian.net/1065169/
<clever> tobiasBora: yeah, that looks better, looks like an issue when trying to load a png file
<clever> nearly all of the stack trace is in gtk and gobject, doesnt look like its directly java related
<clever> tobiasBora: try an strace to see what png file its opening (if any) and then check if its valid
dbmikus has joined #nixos
<dckc> any clues on finding where https://nixos.org/wiki/Nix(OS)_in_production went?
<tobiasBora> clever: so first I don't know if it's linked but I've an error "(java:10693): Gtk-WARNING **: 16:46:39.434: Impossible de trouver le moteur de thème dans module_path : « adwaita »
<tobiasBora> which translates into "impossible to find the theme engine in module_path
<tobiasBora> and for strace
<tobiasBora> I can't find any "png" in the output
<samueldr> tobiasBora: wrapGAppsHook
<{^_^}> #54278 (by minijackson, 2 weeks ago, open): GnuCash segmentation fault
<tobiasBora> and I can see: https://paste.debian.net/1065170/
<samueldr> I'm assuming here you're on 18.09, using unstable-built software using gdk_pixbuf
simukis has quit [Quit: simukis]
thedavidmeister has joined #nixos
<thedavidmeister> exit
<tobiasBora> samueldr: hum I think you're right, I'm on unstable
thedavidmeister has quit [Client Quit]
<samueldr> or maybe your system has a gdk_pixbuf 2.36 installed while you're running something newer
<clever> tobiasBora: line 156 is a child thread being forked out, so you need strace -f to follow the forking
* dckc finds http://www.haskellforall.com/2018/08/nixos-in-production.html , which looks just like my use case...
simukis has joined #nixos
<samueldr> tobiasBora: your backtrace pretty much shows the gdk_pixbuf thing gdk-pixbuf-2.36.12 and gdk-pixbuf-2.38.0
<samueldr> both on the trace
<tobiasBora> clever: oh sorry I'm not very good at using strace. The new output does not contain png either: https://paste.debian.net/1065171/
<samueldr> clever: be on the lookout, this is a recurring issue :(
<vikingman> :(
<tobiasBora> samueldr: and do I have any fix for that?
<clever> samueldr: oh, i see it now
<clever> tobiasBora: i'm guessing an env var or /run/current-system is being searched, to find modules for loading things like png
<samueldr> wrapGAppsHook on everything using gdk_pixbuf, if we want to stay compatible with 2.36 systems on newer nixpkgs checkouts
<samueldr> clever: that's exactly it
<clever> tobiasBora: and thats technically an impurity, which causes gdk to load modules across versions
<samueldr> the module is even ABI compatible
<samueldr> but an internal *thing* between 2.36 and 2.38 changed and a field, whilc still technically ABI compatible, has a different meaning
<gchristensen> 10% through checking the reproducibility of the nixos minimal ISO, and the only things which have failed to reproduce are 3 perls and 1 gcc
<clever> samueldr, tobiasBora: ahhh, so wrapGAppsHook has to be used, over a bash script thats ran `java -jar foo.jar`, to force the gdk its linking against, into also looking at matching versions of gdk png modules
<dckc> hm. not quite my use case... that blog article uses nixos; my goal is just one nix package on top of SLES or RHEL or CentOS
<samueldr> clever: right
<clever> gchristensen: using build-repeat?
Ariakenom has quit [Ping timeout: 252 seconds]
<samueldr> clever: I excluded Qt (4,5.*) from this list, https://gist.github.com/samueldr/a91b8b32b2eb5f1e3c049185758e99d3 <- all of those somehow use gdk_pixbuf without wrapGAppsHook
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55210 → pythia: 8.235 -> 8.240 → https://git.io/fhSbP
<samueldr> and a really short test on a few of the attributes show that it's generally right, either a direct crash or something further along the line
<tobiasBora> clever: samueldr: hum I neved used wrapGAppsHook, it is something I should install?
<samueldr> e.g. google-chrome from unstable on 18.09, you need to open something like an open/save dialog or the print dialog, which in turn would use a png
<clever> samueldr: but only if your mixing nixpkgs revs? (nix-env + nixos, or nix-shell+nixos)?
<samueldr> clever: right
<clever> tobiasBora: its a bash function you run at nix-build time
<samueldr> there needs to be the impurity, which dumps in the same class of bugs than the Qt issue with the plugin paths
<clever> samueldr: so as long as the things in that list are installed via systemPackages, its not likely to be an issue
<samueldr> no need to, just putting it into buildInputs automatically wraps IIRC
<clever> ahh
<samueldr> clever: unless you somehow use another channel in your systemPackages
<tobiasBora> clever: samueldr: but this jar package is just something I run "manually" after downloading the jar online
<gchristensen> clever: nix-build and then nix-build --check
<clever> gchristensen: the build-repeat option makes nix build every single derivation N times, and fail if they are not bit-identical to eachother
<clever> gchristensen: so it tests the entire closure for you, at every step
<clever> if your feeling crazy, you could just throw it into your nix.conf, and leave it on :P
<gchristensen> yeah
<clever> youll never make a bad derivation again!
<samueldr> tobiasBora: hmmm
<samueldr> ah!
<gchristensen> clever: I want it to succeed while knowing it isn't valid
<samueldr> it might be java which needs it
<samueldr> oh boy
<clever> samueldr: ive seen this problem before, with java and python
<clever> samueldr: libraries that java/python load, need special wrappers
dbmikus has quit [Quit: WeeChat 2.3]
<samueldr> though in my case, a java app (dbeaver) is fixed when using wrapGAppsHook on the derivation
<samueldr> so you might want to make a derivation for your jar
<tobiasBora> clever: samueldr ahah looks funny but why not ^^
<dckc> using nix on top of ubuntu or whatever works fine for dev tools and stuff, but for services, my mental model makes me think nixos is required. Does anyone see an alternative? For example, a way to use nix to deploy systemd units while most of systemd is handled by RHEL?
<gchristensen> dckc: it *could* be done, but there is nothing that I know of ready to go
<{^_^}> [nixpkgs] @benwaffle opened pull request #55211 → hub: update to 2.8.4 → https://git.io/fhSbH
<symphorien> it somewhat fits the description of disnix
<dckc> does it seem straightforward? I sort of have the nix language swapped in just now (it leaks out after a couple months of non-use)
<symphorien> (never used it though)
* dckc re-reads https://nixos.org/disnix/ ...
<dckc> "Disnix is, like Nix, supported on several platforms ..."
<gchristensen> interesting!
maximiliantagher has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55212 → python37Packages.distributed: 1.25.2 -> 1.25.3 → https://git.io/fhSbF
hyper_ch2 has quit [Quit: Page closed]
simukis has quit [Quit: simukis]
<dckc> ugh... "./configure; make ; make install" on each of the target machines.
<dckc> ideally, a compiler wouldn't be needed on the target machine
hedning has joined #nixos
lfish has joined #nixos
iqubic has joined #nixos
<lfish> Hello! By any chance does anyone have code for customizing the shell prompt so that it shows the directory from which nix-shell was called and/or the root git directory?
Makaveli7 has joined #nixos
<lfish> (or a good resource for learning how to do it myself)
<dckc> my bran is too tiny to grok disnix. Well, more to the point: it looks like too many moving parts to get through our security / regulatory regime.
<samrose> If you create a custom nix package, does nix/nixos use the name of the file as the name of the package?
<dckc> (too many new / different moving parts)
<gchristensen> no, the name of the package is what you put in the `name` attribute
<samrose> for instance, I have a custom package using 'buildGoPackage' where the 'name' is 'mypackage-${version}' however the package installs with 'mypackage'
dsiypl4__ has joined #nixos
<gchristensen> ...huh...weird
<gchristensen> where are you seeing this name?
Makaveli7 has quit [Client Quit]
<iqubic> Does it really?
<samrose> *although* I have assigned it to a variable like `mypackage = callPackage ./modules/holoport-mypackage/mypackage.nix {};` in my overlay, and maybe *that* is where the name is getting picked up from
<gchristensen> samrose: ah, yes, Nix doesn't actually use "names" for package resolution, that is a variable reference.
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55213 → python27Packages.aws-sam-translator: 1.8.0 -> 1.9.0 → https://git.io/fhSNf
<samrose> otherwise, I guess the name would be `mypackage-version`
<gchristensen> samrose: you could do fizzle-foo = callPackage... and then refer to the variable fizzle-foo where you right now use mypackage, and it'd be the same
erasmas has joined #nixos
<samrose> gchristensen: that solves the riddle
<samrose> thank you
<gchristensen> yep :)
<gchristensen> this trips people up -- people are used to magic behind their package resolution
<samrose> I totally forgot about adding this var
Makaveli7 has joined #nixos
<samrose> so far, adding my custom packages in overlay, and then turning them on and off in modules works really well for both building and running ISO, and autoupgrading previous releases on the same channel
rauno has joined #nixos
rauno has quit [Remote host closed the connection]
iqubic has quit [Remote host closed the connection]
<dckc> this is my situation: "because mainstream distros like RHEL have third party tools available to verify that instances meet standards such as CIS. NixOS might be a great design, but that isn't going to matter to $InfoSecDepartment when they lack the ability to audit." -- https://news.ycombinator.com/item?id=12250947
iqubic has joined #nixos
reinhardt has quit [Ping timeout: 268 seconds]
<dckc> oh... just moved.
<{^_^}> [nixpkgs] @7c6f434c merged pull request #55050 → nixos/redmine: add an extraEnv option, enable automatic log rotation → https://git.io/fhyp3
<{^_^}> [nixpkgs] @7c6f434c pushed 2 commits to master: https://git.io/fhSNc
<gchristensen> dckc: I've had very good luck with infosec departments w.r.t. nix, because of how extremely auditable it is
ambro718 has joined #nixos
<gchristensen> for whatever taht is worth
<gchristensen> they definitely need a sales pitch and demo, though
<dckc> have you dealt with CIS?
kmein has quit [Quit: WeeChat 2.2]
<gchristensen> no, internal teams
<dckc> but the teams didn't require meeting CIS standards?
<gchristensen> I can find out :)
<tobiasBora> I can't find how to say to fetch url to unpack nothing
martinb_ is now known as timor
<gchristensen> can you explain your problem a bit more?
<tobiasBora> I tried to set "unpackCmd" to empty string but I've an error
<gchristensen> try setting it to ":"?
<tobiasBora> gchristensen: https://paste.debian.net/1065182/
<tobiasBora> gchristensen: I tried but it says "unpacker appears to have produced no directories"
<tobiasBora> should I just create a dirty and empty directoty?
<gchristensen> so, fetchurl isn't unpacking
<gchristensen> sorry -- I have to finish lunch quickly
<symphorien> tobiasBora: what if you override the whole unpackPhase ?
<tobiasBora> so I guess cp $src $out/share/java/jflap.jar is enough
<matthewbauer[m]> dckc: you could try running lynis on your systems
reinhardt has joined #nixos
<matthewbauer[m]> I think NixOS passes most of those kinds of tests (a few more are configurable)
<tobiasBora> symphorien: hum, looks better
<immae> tobiasBora: you can specify the phases, here you’re only interested in installPhase (correct me if I’m wrong), so you can add phases="installPhase" and forget about the unpackCmd
<dckc> so... I ran vulnix on a package I built this past week, and a whole pile of CVEs are showing up; about a dozen on binutils-2.30.
<ottidmes> tobiasBora: in that case you could also just use buildCommand
<{^_^}> [nixpkgs] @dtzWill opened pull request #55214 → ipe: 7.2.9 -> 7.2.10 → https://git.io/fhSNz
<dckc> e.g. CVE-2018-10372 ...
<andi-> dckc: there is most-likely a tracking issue on github for that
<andi-> which detailed information
<dckc> that CVE is noted in https://github.com/NixOS/nixpkgs/issues/47122 , which is closed...
<tobiasBora> immae: indeed it works
<{^_^}> #47122 (by ckauhaus, 19 weeks ago, open): Vulnerability roundup 47 (release-18.09)
<dckc> Vulnerability roundup 47 (release-18.09)
<andi-> I just started looking at the "CIS Benchmark" for Debian 9.. If you must stick to those bulletpoints there NixOS will be no fun.. Not because NixOS is bad but the benchmark seems to be stupid with some of their requirements. They require you to run crond for abitrary reasons.
<tobiasBora> ottidmes: interesting
<tobiasBora> ok thanks, the derivation finished without errors!
<tobiasBora> clever: samueldr : however it does not fix the issue we mentionned before
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/2c31b950e19 (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
<dckc> so... if #47122 is closed, why is vulnix still reporting a vulnerability? Help me build a mental model of the workflow? What state am I in? Did I neglect to apply a patch somehow?
<{^_^}> https://github.com/NixOS/nixpkgs/issues/47122 (by ckauhaus, 19 weeks ago, open): Vulnerability roundup 47 (release-18.09)
<ottidmes> tobiasBora: you have a bigger chance of solving that issue if you mention it again, so other might chip in
<tobiasBora> did I forget something? https://paste.debian.net/1065184/
<symphorien> dckc: I guess this was deemed a false positive
alex`` has quit [Ping timeout: 240 seconds]
<tobiasBora> ottidmes: the issue is when I try to run this, I get a segfault https://paste.debian.net/1065185/
__Sander__ has quit [Quit: Konversation terminated!]
<dckc> deemed... did anybody leave an audit trail that vulnix could be taught to follow?
<immae> tobiasBora: is the logfile content quoted in the message helpful?
alex`` has joined #nixos
<immae> (also, does it work if you run it in a jvm outside of nix? I don’t know much about java, but how does it handle missing libraries, or different versions incompatible with the jar file?)
<tobiasBora> immae: not to me, maybe for you ;) clever and samueldr was saying that it could be linked with gtk and problems with environment that loads two different versions
<andi-> dkibi: read the comments on https://github.com/NixOS/nixpkgs/commit/53e1db960a0663313e950f4ad45c98a82ad7d2c3 it turned out to be very problematic to bump binutils... not the first time it causes pain and troubles
<tobiasBora> and they were mentionning things linked with wrapGAppsHook
<tobiasBora> but not sure I used it appropriately
<ottidmes> tobiasBora: it does not crash for me
<ottidmes> tobiasBora: doesn't show anything either, is it supposed to launch some GUI?
<andi-> dckc: just because vulnix (or whatever tool) reports an issue does not mean that it can and must be fixed. There are things that simply are not feasible to fix. It is fun to look at https://security-tracker.debian.org/tracker/source-package/binutils where they decided to a majority of things to ignore it and others are just fixed because there was a major version bump in a newer releaes channel :-)
<tobiasBora> ottidmes: it's the first time I used this program, but I guess it's supposed to launch a gui yes
<ottidmes> tobiasBora: when I launch it I see something appear and dissappear real quick, so guess that is the window
<samueldr> tobiasBora: [citation needed] using buildCommand removes any magic done in phases
Ariakenom has joined #nixos
<tobiasBora> samueldr: ohhh
<lewo> Any openstack users here?
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55215 → pmd: 6.10.0 -> 6.11.0 → https://git.io/fhSNi
<tobiasBora> samueldr: phases="installPhase"; also removes magic?
gagbo has quit [Quit: I'm out !]
<ottidmes> tobiasBora: yes
<ottidmes> samueldr: tried that just now, same problem
gagbo has joined #nixos
gagbo has quit [Client Quit]
<tobiasBora> samueldr: thanks!... but still the same error :(
<samueldr> ottidmes: the issue only happens if you have mixed gdk_pixbuf 2.36/2.38 AFAIUI
<immae> tobiasBora: you have a buildDependency on wrapGAppsHook but as far as I see it has no consequence on the output, did you maybe forget something in the mkWrapper?
<dkibi> andi-: huh wrong name completion? I think miss context for this
<tobiasBora> immae: samueldr sayed it was part of the magic
<andi-> dkibi: sorry, meant dckc
<tobiasBora> maybe nativeBuildInputs/buildInputs?
<samueldr> immae: wrapGAppsHook hooks into the build and it does affect the build
<ottidmes> samueldr: ah, so its unrelated to the GUI not showing up, but should fix the issue tobiasBora is having with his segfault?
<dkibi> andi-: np
<samueldr> ottidmes: possibly
<immae> samueldr: I don’t see where it appears, do you have a hint?
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhSND
<immae> the wrapper doesn’t mention it, and the jar file is the original downloaded one
nikola_i has quit [Remote host closed the connection]
<samueldr> if you look into the result, you'll have two things in bin/, one of them is the one wrapped with wrapGAppsHook
<samueldr> removing the hook will built with only one wrapper, the one explicit to the installPhase
<immae> samueldr: it’s not the case
<immae> I tried with and without wrapGAppsHook and both have same outputs (up to the hashes)
<immae> That’s why I asked
<immae> No hidden file or so
<tobiasBora> if it can help I cat the two files https://paste.debian.net/1065188/
<immae> samueldr: https://paste.ee/p/coiSR
<tobiasBora> immae: on my side I confirm that when I remove wrapGAppsHook I lose the hidden file
<samueldr> immae: we'd have to see your derivation
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55216 → python37Packages.cysignals: 1.8.1 -> 1.9.0 → https://git.io/fhSNS
<immae> I copied the one on tobiasBora example
<immae> and tried with + without wrapGAppsHook
<samueldr> look at the one with my correction to use installPhase
<samueldr> using buildCommands breaks the "warranty void if removed" seal of the nixpkgs magics
<immae> Ah sorry I took the wrong one it seems
<samueldr> no worries :)
<immae> ok now it makes sense
<tobiasBora> samueldr: so you don't know why the software still crashes on my side?
<tobiasBora> (is it also the case for someone else?)
<immae> yes me too
<immae> Together with fontconf warnings that you don’t have
<ottidmes> immae: you also have a segfault? I don't, are you using NixOS?
maximiliantagher has quit [Remote host closed the connection]
<tobiasBora> ok good to hear I'm not alone
<immae> ottidmes: yes, segfault, similar to tobiasBora (+ the warnings), and not nixos
maximiliantagher has joined #nixos
<samueldr> ah derp
<samueldr> my nixpkgs checkout was at release-18.09
<ottidmes> samueldr: my issue is probably due to my window manager
<samueldr> ottidmes: same
<samueldr> had to move the window from the plasma taskbar
<tobiasBora> I'm running kde plasma, don't know if it makes any difference
<samueldr> tobiasBora: buildInputs = [ jre8 makeWrapper gdk_pixbuf wrapGAppsHook ];
<samueldr> wrapGAppsHook doesn't know it has to wrap gdk_pixbuf otherwise
<tobiasBora> amazing!
<tobiasBora> it works :D
<samueldr> it's possible there are better ways, but I was able to reproduce the segfault without wrapGappsHook, with wrapGAppsHook (without gdk_pixbuf) had the segfault, then adding gdk_pixbuf works
<tobiasBora> that's perfect!
<samueldr> I'm guessing (total guess) that if gdk_pixbuf had been propagated by whatever built with it, it would have picked it up
<tobiasBora> but I don't get it, I thought you had no segfault before
nikola_i has joined #nixos
lfish has quit [Quit: Page closed]
<tobiasBora> just a question, nixpkgs does not accept derivations made from jar instead of sources?
<samueldr> tobiasBora: I was accidentally building against 18.09
<clever> tobiasBora: ive seen a few jar based packages
maximiliantagher has quit [Ping timeout: 244 seconds]
<samueldr> tobiasBora: for it to fail it has to go against an upgraded gdk_pixbuf compared to what would be found using their plugins infra
<samueldr> tobiasBora: prefer building it, but sometimes it's waaaay hard
<{^_^}> [nixpkgs] @peti pushed 5 commits to haskell-updates: https://git.io/fhSNp
johanot has quit [Quit: WeeChat 2.2]
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fhSNh
ensyde has quit [Quit: Leaving]
<{^_^}> [nixpkgs] @peti pushed to haskell-updates « all-cabal-hashes: update to Hackage at 2019-02-04T16:43:55Z »: https://git.io/fhSNj
rcshm has joined #nixos
<{^_^}> [nixpkgs] @peti pushed 3 commits to master: https://git.io/fhSAe
gagbo has joined #nixos
fusion809 has joined #nixos
<{^_^}> [nixpkgs] @peti merged pull request #55208 → ghc: use system `libffi` → https://git.io/fhSFy
<{^_^}> [nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/fhSAJ
<tobiasBora> samueldr: clever ok thanks, I may give it a try at some point, if not I may propose this ;) Thanks very much for your help
<tobiasBora> Just one more question
<tobiasBora> is this gdk_pixbuf bug supposed to be solved at some point, or it's just impossible to solve it?
<tobiasBora> (I mean without modifying all exising packages)
<samueldr> the only way to safely fix it without adding the wrapper everywhere would be to *somehow* ensure it never loads the mismatched version plugins, which might only be fixable by patching the thing that loads it (might be outside of gdk_pixbuf) and would mean managing a patch
nikola_i has quit [Ping timeout: 244 seconds]
<samueldr> and it looks like it's not the direction nixpkgs wants to go
<samueldr> (understandably, managing patches that intrusive is hard)
blumenkranz has joined #nixos
ddellacosta has joined #nixos
<blumenkranz> Hello. Do you happen to know why is tor-browser-bundle-bin recommended over tor-browser-bundle?
<samueldr> one could argue "fix 2.36 with the same internal changes" which has been reported to work on the issue; but doing this would break older 2.36 with the fixed 2.36
sigmundv_ has quit [Ping timeout: 250 seconds]
<buckley310> blumenkranz, I am guessing the reason is that if your goal is anonymity, it helps if you are using the same binary as everyone else. It reduces the possibility of fingerprinting
tmaekawa has joined #nixos
tilpner has quit [Ping timeout: 268 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55217 → pyotherside: 1.5.3 -> 1.5.4 → https://git.io/fhSAC
travelion has quit [Quit: ZNC - https://znc.in]
maximiliantagher has joined #nixos
travelion has joined #nixos
gagbo has quit [Quit: I'm out !]
<gchristensen> I have a nixos system where services don't really come up, and I can never log in. I restarted with systemd.unit=rescue.target and then got to the rescue terminal and ran `systemctl default` and it booted fine ... any thoughts?
maximiliantagher has quit [Ping timeout: 240 seconds]
<blumenkranz> buckley310: I imagined so. I guess I will go with the tor-browser-bundle anyway, since I am just looking to access onion sites without reconfiguring my Firefox.
goodwill has quit [Quit: ...]
<tobiasBora> samueldr: ok thank you
reinhardt has quit [Ping timeout: 268 seconds]
cswl has joined #nixos
<cswl> I just installed nix on my arch.. and I have no idea what I'm doing :O
<{^_^}> [nixpkgs] @bachp opened pull request #55218 → gitlab-runner: 11.6.0 -> 11.7.0 → https://git.io/fhSA2
tmaekawa has quit [Quit: tmaekawa]
<Yaniel> just another day in the life of an arch user :^)
<Yaniel> at least if my experience using arch counts for anything
<cswl> I used the daemon mode if that makes any difference
<Yaniel> what are you trying to do?
<cswl> Distro hop :P
rauno has joined #nixos
<Yaniel> better just install nixos from scratch then
<Yaniel> I hope you have your own files backed up and separated from system files
<cswl> No Im using Nix as my package cache.. for different distros :3
<simpson> Don't worry, it'll make more sense once you get more used to Nix.
<Yaniel> (and get allergic to non-declarative distros)
tmaekawa has joined #nixos
<cswl> Why is copying path taking so long?
<simpson> Because you don't have much bandwidth. Or possibly because your local disk is slow.
<flokli> ^ grahamc[m] Mic92
goodwill has joined #nixos
<gchristensen> gchristensen please
<gchristensen> introducing more /run paths seems scary, for non-nixos users, but maybe the right thing to do
ambro718 has quit [Quit: Konversation terminated!]
elgoosy has joined #nixos
<cswl> Im using `btrfs`
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55219 → python37Packages.libcloud: 2.3.0 -> 2.4.0 → https://git.io/fhSAH
<Mic92> flokli: this is problematic because the nss modules in /run/nss-modules might be incompatible with the current glibc used in a program.
dermetfan has quit [Ping timeout: 240 seconds]
<Mic92> flokli: btw. does nscd supports systemd sockets?
<Mic92> *socket activaiton
<buckley310> I would imagine btrfs would have very little impact on the speed of copying paths
<flokli> Mic92: It's a file socket
<Mic92> flokli: it is a unix socket. This is support by systemd
<flokli> That's a valid point, but I'm not sure if the other issues are more problematic
<symphorien> systemd socket activation has high latency, so if timeouts are problematic it might be best to avoid it
<flokli> Wrt socket activation, if I understood it correctly, the timeout problem is more about waiting too long for a reply from nscd, as it might reach out to link-local DNS or whatnot, than a broken nscd
<clever> symphorien: but socket activation also has 2 modes, one where systemd will accept() each connection, and fork out one child per connection
<clever> symphorien: and a 2nd,where systemd will fork out a single daemon, and pass it the listening socket
<symphorien> on the first connection you will still have high latency
<clever> nix-daemon.socket uses the 2nd mode, so nix-daemon doesnt start until first use, but then remains running, for lower latency
<flokli> It's not about a broken nscd, but a nscd taking long time to answer
<clever> sshd has an option to use the 1st mode, so ssh is fully stopped once you DC
<flokli> And then glibc thinking "screw it, I'll try it on my own"
<{^_^}> [nixpkgs] @thoughtpolice merged pull request #55144 → verilator: 4.008 -> 4.010 → https://git.io/fhS1L
<{^_^}> [nixpkgs] @thoughtpolice pushed commit from @r-ryantm to master « verilator: 4.008 -> 4.010 »: https://git.io/fhSAh
<Mic92> flokli: mhm. a clean solution would be to send some sort of keepalive in nscd itself.
<flokli> I didn't look at the nscd protocol, but if glibc logic supports that, this would be good
tmaekawa has quit [Quit: tmaekawa]
<Mic92> Also the question would be, why such a timeout is built into glibc.
tmaekawa has joined #nixos
tmaekawa has quit [Client Quit]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55220 → python37Packages.daphne: 2.2.4 -> 2.2.5 → https://git.io/fhSxJ
<dckc> andi-, sure, vulnix turns up some false-positive CVEs... but am I supposed to judge each and every one for myself? Is there not an audit trail where someone else made a judgement?
gagbo has joined #nixos
teehemka_ has joined #nixos
xkapastel has joined #nixos
<dckc> I wish the Vulnerability roundup tickets linked to some page describing the process.
<andi-> dckc: not entirely on your own.. The whole thing isn't really where it should be IMO. It takes someone to (finish) implement(ing) it...
maximiliantagher has joined #nixos
<dckc> I was involved in the conversation when some of these processes were set up, but I haven't paid attention for some time and I'm struggling to get swapped back in
Guanin has joined #nixos
<dckc> oh... actually, https://github.com/NixOS/nixpkgs/issues/47122 is _not_ closed (github uses green for open and red for closed. odd, that)
<andi-> dckc: I am not aware of a formal process for the roundups right now. There have been many conversations about that tho..
<{^_^}> #47122 (by ckauhaus, 19 weeks ago, open): Vulnerability roundup 47 (release-18.09)
<dckc> 19 weeks to address security issues in a stable release... that's not going to go over well with IT here.
<dckc> bummer
<dckc> this is the issue I originally raised: https://github.com/NixOS/nixpkgs/issues/13515
<{^_^}> #13515 (by dckc, 2 years ago, closed): how to subscribe to security advisory notices for nixpkgs / nixos?
hellrazor has quit [Ping timeout: 250 seconds]
hellrazo1 has joined #nixos
<dckc> TIL: Small channels
<simpson> dckc: Having a thought: An overlay that explicitly masks out packages affected by CVEs.
<{^_^}> [nixpkgs] @thefloweringash opened pull request #55222 → nixos/nextcloud: use matching nginx package when configuring nginx → https://git.io/fhSx2
<dckc> I'm not sure how I would get my R-with-some-packages thing built wtihout zip, patch, and such
<dckc> did the whole backports idea die out altogether?
<dckc> (security backports)
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55223 → pirate-get: 0.3.2 -> 0.3.3 → https://git.io/fhSxo
<andi-> the patch issue (at least the one I remember) doesn't really apply when used within nixpkgs (with sandbox enabled). It ofc is a valid concnern when using `patch` manually. zip is debatable. Read the details on that issue.
<andi-> not saying that is true for all of them.. I am not familiar with the binutils issue internals right now
<dckc> ah... backporting is still part of the discussion "Each ticket is intended to track updating, patching and backporting of that specific package independently." -- discourse stuff
rauno has quit [Remote host closed the connection]
timor has quit [Quit: Leaving]
<dckc> aha... here's my audit trail where CVEs were judged against packages: https://github.com/ckauhaus/nixos-vulnerability-roundup/blob/master/whitelists/nixos-18.09.toml
<{^_^}> [nixpkgs] @worldofpeace merged pull request #55177 → python37Packages.rasterio: 1.0.13 -> 1.0.15 → https://git.io/fhSS7
<{^_^}> [nixpkgs] @worldofpeace pushed commit from @r-ryantm to master « python37Packages.rasterio: 1.0.13 -> 1.0.15 »: https://git.io/fhSxP
<dckc> well... I _think_ that's what it is... though the only clue is "whitelist". Ideally I'd find some notes about _why_ a CVE was whitelisted...
maximiliantagher has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @thefloweringash opened pull request #55224 → nixos/prometheus: use append instead of insert for opening firewalls → https://git.io/fhSxM
maximiliantagher has joined #nixos
<andi-> dckc: I had a draft for that some time ago.. Haven't had the time & motivation to work on it again.. If you have ideas on how WE should do that let me know. I'd love to get into that again - once I find more motivation.
<dckc> a draft of which?
<dckc> re motivation: what are the major in-person events related to nix? I think I saw videos from a whole event devoted to nix not too long ago.
<dckc> I see (glowing) reports here and there of production use of nix... it's a little hard for me to believe that none of these people have security patch SLAs they have to adhere to.
<dckc> I guess one such report did mention applying "lots of patches on our own"
<andi-> dckc: draft of how to store that information / classification / judgement / "audit trail".
maximiliantagher has quit [Remote host closed the connection]
<andi-> I also have some tooling around continously checking for issues but that is of little use before there is a proper (accepted) way to classify issues IMO.
<simpson> dckc: It's kind of an open secret that many corporate environments blatantly flaunt those requirements. Not sure how that affects Nix users specifically. (And yeah, IIRC you have much higher requirements here than most folks!)
<dckc> safeguarding ~200M patient records. yeah.
<dckc> (and satisfying requirements from Medicare and such e.g. NIST-800-53...)
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55225 → python37Packages.colander: 1.5.1 -> 1.7.0 → https://git.io/fhSp2
<dckc> wait... ~25M records.
Judson has joined #nixos
Judson is now known as Guest58298
<Unode> hi all, is there any online catalog of the functions available in nix?
<dckc> though from another angle, that's like asking "is there a catalog of all functions written in python?"
blumenkranz has quit [Quit: WeeChat 2.3]
<Unode> dckc: thanks the last one is more along the lines of what I'm after
maximiliantagher has joined #nixos
ddellacosta has quit [Quit: WeeChat 2.2]
<freusque> is there a way to nix-shell into a store derivation's environment?
<freusque> I'm specifically looking to build a nix-shell environment on one machine, copy-closure it to a remote machine and nix-shell into it from there.
<gchristensen> nix-shell /path/to/the.drv
realrokka has joined #nixos
<rain1> I made a container with lxd but i haven't been able to get networking in it, i have a bridge device and the virtual eth interface appears when I start the container but im kinda lost beyond that
dermetfan has joined #nixos
<freusque> gchristensen: thanks - one more thing, how to find that .drv? I only have the path to the result when doing nix-build -A <my package name>.env
<mdash> rain1: interesting. what motivated piking lxd instead of nixos-container?
<mdash> c
<rain1> I didn't know about nixos-container
<mdash> rain1: i only recently used it, it's fairly nice
kumikumi has joined #nixos
<kumikumi> I'm trying to run a game server for the game Starbound, but something strange is going on. Bash can't apparently find the game executable even though it clearly exists, is readable and bash autocompletes to it, and also steam-run is not helping. Here's my bash output: https://gist.github.com/kumikumi/01c83d280b3801577a404f08c13134d9 Any ideas?
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55226 → python37Packages.django_reversion: 3.0.2 -> 3.0.3 → https://git.io/fhSpF
freeman42x has joined #nixos
Alling has joined #nixos
teej has joined #nixos
<Alling> Hello! If I want a certain shell script to always exist at a specific location (/home/build) on my server, how would I go about describing that in my config file?
<Alling> I can create it manually of course, but I would like it so that it is automatically created if I reinstall NixOS.
<kumikumi> Alling: not sure if this is close to answering your question, but have you considered home-manager?
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55227 → python37Packages.django_modelcluster: 4.2 -> 4.3 → https://git.io/fhSpA
<buckley310> Alling, can it be ANY specific location, or does it need to be /home/build/?
<Alling> kumikumi: I haven't. I checked it out now and it looks somewhat overkill and complicated for this task.
<buckley310> its fairly easy to make sure your file is always available in /run/current-system/sw/share/
<Alling> buckley310: It doesn't need to be that exact location, but it has to be a location I know and where I can do git clone and npm install every night.
<Alling> I.e. automatically using cron.
<buckley310> so you need a writable directory, that will always have this script inside of it?
<Alling> buckley310: I guess so, yeah.
rauno has joined #nixos
<Alling> cransom: Looks promising, I'll give it a try!
dermetfan has quit [Ping timeout: 246 seconds]
<kumikumi> Also worth considering is that there may be a more nixos-like way of achieving what you're doing. I don't know what your use case is but maybe you could define [whatever it is you're cloning from github] as a nix package
<Alling> kumikumi: Yes, that's certainly worth thinking about. What I really want to do is to provide a nightly build of the develop branch of a repo I manage.
<Alling> The built file must then be copied to /var/www/...
<cransom> Alling: that's probably better then as a systemd task on a timer, unless you fetch that branch nightly via your nixos configuration.
ThatDocsLady has quit [Ping timeout: 240 seconds]
o1lo01ol1o has quit [Remote host closed the connection]
<Alling> I could probably put the entire script (~10 lines) directly into the cronjob.
teehemka_ is now known as teehemkay[away]
o1lo01ol1o has joined #nixos
<Alling> cransom: The script is basically rm -rf repo; git clone https://.../repo; cd repo; npm install; npm run build; cd ..; rm -rf repo
<buckley310> does the script operate based on its current directory, or based on the path in which the script resides? because you can just put the script in $PATH using nix and then not worry about it
<cransom> I'd suggest, unless you need specific cron functionality, to go with a systemd task. it's already built in and has some niceties you can't get in cron.
<Alling> And I must also find out a way to copy the resulting file to /var/www.
<buckley310> yeah if the script is just a list of commands, just name it something distinct, put it in $PATH, and call it like any other command
<Alling> buckley310: But then I would have to modify my PATH somehow in configuration.nix.
<Alling> cransom: One reason to prefer cron would be that I have managed to get it to work. I have no idea how to create a systemd task.
_kwstas has joined #nixos
<buckley310> not really. if you declare an expression inside of systempackages and the derivation has a bin/ folder, nix will take care of $PATH for you
<gchristensen> can a non-trusted user set --cores ?
<Alling> buckley310: Hm, I think you might be assuming greater Nix skills than I actually have.
agander has joined #nixos
<freusque> is there a way to access the /share directories of buildInputs when using nix-shell?
<Alling> I basically just want to run a sequence of shell commands every night in a writable directory and copy the results to another directory. It works fine today but I had to create the script and directory manually.
<buckley310> Ill see if i can come up with a quick example
<cransom> Alling: https://nixos.org/nixos/options.html#systemd.services+startat . It really is better than cron. You can pass in the depends of the script (git/curl/etc) whereas cron can't do that unless you are doing nix-shell stuff.
<cransom> but cron will also work.
agander_ has joined #nixos
agander has quit [Killed (rajaniemi.freenode.net (Nickname regained by services))]
agander_ is now known as agander
_kwstas has quit [Ping timeout: 268 seconds]
<ottidmes> Alling: I use systemd timers with a corresponding service to run stuff at specified times, like certain backups
<Alling> cransom: Problem is I don't know how to set it up, and I don't have too much time to spare.
teehemkay[away] has quit [Quit: ZZZzzz…]
<Alling> I have never been able to make services work, but I did get cron to work.
realrokka has quit [Ping timeout: 250 seconds]
EffSquared has joined #nixos
<EffSquared> Good evening.
<ottidmes> Alling: never managed to get a systemd service working? if you were able to, this is what I used for backup service: https://gist.github.com/ottidmes/750de075d81ddb7165901e58d41afc66 so backup.service is a normal systemd service, and the bit pasted there is the timer that starts it at the specified time
<EffSquared> Does anybody know where config.pulseaudio inside all-packages.nix is defined?
<EffSquared> I am not talking about config.hardware.pulseaudio
<buckley310> Alling, http://ix.io/1A2m
<buckley310> if you update the SRC to point to your script, or just include the script itself, and call this expression from systemPackages, your script will be added to your $PATH as my_script
realrokka has joined #nixos
<ottidmes> EffSquared: its not, AFAIK Nixpkgs config is defined outside the NixOS module system and thus there will be no option defining it, if you meant that
<{^_^}> [nixpkgs] @dtzWill opened pull request #55228 → swift: 4.2.1 -> 4.2.2 → https://git.io/fhShO
<Alling> buckley310: OK. Where should that code go? It looks like a naked Nix expression to me.
<cransom> Alling: https://gist.github.com/cransom/8efe056c6250387e42980a5ac539fe05 is an example that you should easily be able to hack up. it runs a backup task for me at 3am daily.
simukis has joined #nixos
<Alling> An activation script seems to do the trick.
<buckley310> Alling, you can drop that code in a new file /etc/nixos/my_script.nix
<buckley310> at least thats how im testing it
<ottidmes> EffSquared: if you meant where you are supposed to set it, then https://nixos.org/nixpkgs/manual/#chap-packageconfig
<buckley310> then in systempackages, add this: (callPackage ./my_script.nix {})
<EffSquared> ottidmes: I see. Where can I learn more about these nixpkgs config variables? They do not seem to be mentioned in the manual.
<EffSquared> ottidmes: And where are these variables set?
<{^_^}> [nixpkgs] @lsix merged pull request #54554 → qgis: 2.18.22 -> 2.18.28 → https://git.io/fhr6e
<{^_^}> [nixpkgs] @lsix pushed 3 commits to master: https://git.io/fhShs
<kumikumi> In case my message got buried, I'll ask again. I was trying to run a game server and kind of hit a brick wall. Can anyone take look at this? Ever seen anything like this? What is even going on? https://gist.github.com/kumikumi/01c83d280b3801577a404f08c13134d9
bbarker has joined #nixos
<ottidmes> EffSquared: regarding your second question, I just answered that, see the link I gave to the manual, it should be described in that chapter
<EffSquared> kumikumi: You will have to fix up the binaries for nixos.
<buckley310> Alling, http://ix.io/1A2u
<buckley310> (how to embed the script in the nix file)
<EffSquared> kumikumi: patchelf can help you with that. There are some examples on the web, often in the context of using debs on NixOS
<Alling> buckley310: Cool, thanks!
<kumikumi> EffSquared: alright that explains it, thanks. Maybe I'll find another way (some kind of virtualization maybe)
_kwstas has joined #nixos
<ottidmes> EffSquared: I am not aware of any documentation that has an exhaustive list of the available options, but most of them are explained in the same chapter I linked, although pulseaudio does not seem among them. In practice I only ever needed allowUnfree and overlays myself
<EffSquared> kumikumi: It is not to hard to do, if you install it with a nix expression, there is even an autopatch hook for it, that does it all for you.
<kumikumi> okay I'll take a look :)
realrokka has quit [Ping timeout: 246 seconds]
<EffSquared> ottidmes: Ok, thanks. So you are saying that enabling pulseaudio on NixOS is not enough. I will also have to enable pulseaudio in the nixpkgs config to build with pulseaudio support by default, but it is undocumented.
<ottidmes> kumikumi: I did just find this after a quick Google: https://github.com/openlab-aux/vuizvui/blob/master/modules/services/starbound.nix
<EffSquared> ottidmes: Build packages that support it with pulseaudio support by default, I meant
<kumikumi> ottidmes: You rock! Thanks man
_kwstas has quit [Client Quit]
<ottidmes> EffSquared: I guess that if you want pulseaudio support outside of NixOS (i.e. nix-env), then you have to set pulseaudio = true via your Nixpkgs config.nix file, I have that at least
realrokka has joined #nixos
<ottidmes> EffSquared: personally I have it configured in an overkill manner: https://gist.github.com/msteen/a696f198694c0053390a0bae096c4f58#file-system-nix-L40-L43
realrokka has quit [Ping timeout: 244 seconds]
<infinisil> ottidmes: Oh, #54528 might break this hack of yours
<{^_^}> https://github.com/NixOS/nixpkgs/pull/54528 (by cdepillabout, 1 week ago, open): lib/modules: Change mkAliasOptionModule to use the priority for the alias
<EffSquared> ottidmes: The whole concept still seems weird to me. There seems to be configs for cudaSupport, slock, wine, ghostscript, storeDirs, etc.
<ottidmes> infinisil: break? no, it would remove the need for that particular workaround, so I welcome it
<EffSquared> ottdimes: And only a few of them are documented, and none of the are inferred from NixOS config variables, but they have to be set seperatly.
<infinisil> ottidmes: Wait, what is that hack useful for anyways?
<ottidmes> infinisil: why even call it a "hack" using that word for just a normal thing, does not do the word justice, that is if you mean: environment.variables.NIXPKGS_CONFIG = mkForce (toString cfg.nixpkgsConfig);
<EffSquared> ottidmes: Thanks for your help, btw.
bpa has quit [Read error: Connection reset by peer]
<{^_^}> [nixpkgs] @volth opened pull request #55229 → perlPackages.GeoIP2: init at 2.006001 → https://git.io/fhShw
<infinisil> ottidmes: Okay wait, why does just `sessionVariables.NIXPKGS_CONFIG = toString cfg.nixpkgsConfig` not work?
<ottidmes> EffSquared: no problem, I found it confusing as well (still is, sometimes), but the reason for this divide is clear, namely that Nix has to work outside NixOS as well
tilpner has joined #nixos
ikitat has joined #nixos
ikitat has quit [Remote host closed the connection]
<ottidmes> infinisil: its been years since I wrote that, but from what I remembered, using the command line non-interactively (or was it login shells, cannot remember exactly) caused it to use the old nixpkgs config location
ikitat has joined #nixos
<ottidmes> infinisil: and like I said, some of it is not necessary and just overkill to just make sure everything everywhere is set the same
<infinisil> Understandable
<infinisil> These `variables*` options could be a bit better done probably
ikitat has quit [Remote host closed the connection]
<infinisil> The implementation i mean
<infinisil> Possibly
<ottidmes> infinisil: just like the shell init stuff, I dislike how it is right now
ikitat has joined #nixos
<infinisil> Ohh the shell init stuff is really bad
<ottidmes> infinisil: I have to write my own workarounds on top of the current options to make them behave like I expect
<ottidmes> but still make sure I don't break other modules in the progress, bah!
<infinisil> Yeah..
<tilpner> Hey, any Hetzner users around? Did anyone get that weird JNLP KVM viewer working?
sicklorkin has joined #nixos
<ottidmes> infinisil: ow, and for why the mkForce on environment.variables.NIXPKGS_CONFIG, its because its already defined: https://github.com/NixOS/nixpkgs/blob/73ad11dd70fde3c5e8c5d5304091de91c4f6930a/nixos/modules/programs/environment.nix#L20
<ikitat> What's the most common/easy approach to pointing a package at a newer version of package source while waiting for that newer version to land in unstable? For example, odpic is currently at 2.4.2 but pythonPackages.cx_oracle currently depends on odpic-3.1.0 and the build breaks.
<EffSquared> tilpner: You mean the rescue console?
<ikitat> It's being held up because haskellPackages has a dependency on odpic that breaks when it's upgraded to 3.1.0
<tilpner> EffSquared: Kind of, but not for Hetzner Cloud
<tilpner> (Were you talking about Hetzner Cloud?)
<aminechikhaoui> tilpner I think you can set the console in the settings to HTML5, so you don't have to use the Java console
<EffSquared> tilpner: Yes, for a dedicated machine. Did you maybe run out off time?
<ottidmes> ikitat: managing your own nixpkgs checkout or overlays, of those two I think overlays are the most popular to handle the case of having a version bump until its ready
<aminechikhaoui> (for servers that have iDRAC at least)
<tilpner> aminechikhaoui: I looked through the settings last time, I don't think any of them were accessible :/
<tilpner> EffSquared: Yes, I asked for 3 hours, and I gave up last time after 30 minutes of trying
<ottidmes> ikitat: I do that for any package I make a PR for, I make it first as an overlay, and then copy it over to a nixpkgs checkout to make a PR, that way I can already start using it immediately
<ikitat> ottidmes: is there an approach for managing overlays in my shell.nix, or should it just be under ~/.config/nixpkgs
<EffSquared> tilpner: Last time I used it, it just worked™.
<tilpner> aminechikhaoui: That would require a Dell server, right? I don't have one
<tilpner> EffSquared: Did it require you to download a file, that you then started with icedtea javaws to get the viewer?
<ottidmes> ikitat: there are many ways to get the overlay in, I manage them through my configuration.nix, but if you want them only local to a shell.nix, you can just use: import <nixpkgs> { overlays = [ (self: super: ...) ]; }, or you can also use one of the standard locations as defined in the manual, which it defaults to if you do not specify it explicitly as I just did now, i.e. import <nixpkgs> { }; will default to
<ottidmes> the logic in impure.nix that checks for those file locations
doyougnu has joined #nixos
<EffSquared> tilpner: Yes, it did. Now that think about it, I might have done that on Ubuntu though... sorry.
<ikitat> ottidmes: thank you
<tilpner> EffSquared: I'm actually desperate enough that I might boot up an Ubuntu VM/livestick for that
<tilpner> Good to hear that it works somewhere at least
<ottidmes> ikitat: personally I have defined a module in which I have an option wherein I define my overlay files, which I then symlink to a directory and I set nixpkgs-overlays in NIX_PATH to that directory, which is as you can see in the logic I just linked, is one of the first things it checks: https://gist.github.com/msteen/a696f198694c0053390a0bae096c4f58#file-system-nix-L46-L51
xkapastel has quit [Quit: Connection closed for inactivity]
<EffSquared> tilpner: Just imagine, Cisco forces you use similar Java utils to manage all their ASA firewalls.
<tilpner> Please don't make me, this is enough broken JNLP for today :/
<EffSquared> tilpner: A quick grep throug nixpkgs shows that there is a config setting for firefox to enable java: config.firefox.icedtea
<EffSquared> Maybe try adding that to your nixpkgs config first
o1lo01ol1o has quit [Remote host closed the connection]
<EffSquared> tilpner: (or config.firefox.jre for the Oracle implementation)
<tilpner> I'll try something like that, thanks
cswl has quit [Quit: Connection closed for inactivity]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55230 → gnome3.orca: 3.30.1 -> 3.30.2 → https://git.io/fhSjY
WilliButz has quit [Read error: Connection reset by peer]
<tilpner> EffSquared: Firefox just offers to download spider.jnlp, it doesn't do anything with it
sputny[m] has joined #nixos
<tilpner> And all the settings are forbidden, so no switching to html5
o1lo01ol1o has joined #nixos
maximiliantagher has quit [Remote host closed the connection]
maximiliantagher has joined #nixos
<ottidmes> makes me remember needing to run some Oracle application in freaking Netscape to get it working properly, that was the only way to get it stable, so we just ran it in Netscape in a VM
<gchristensen> I used to have a windows laptop running winxp just so I could use idrac back in the day
<hodapp> idrac?
<gchristensen> integrated dell remote access controller
<ottidmes> gchristensen: I still have such a laptop laying around just in case I need to run some old stuff, its a really old laptop with old connections like those insertion cards to add functionality and a floppy drive
<hodapp> I have a craptop with 32-bit NixOS on it, though probably years old by now
<{^_^}> [nixpkgs] @lsix pushed to release-18.09 « qgis: 2.18.22 -> 2.18.28 »: https://git.io/fhSjB
<hodapp> new enough for CardBus at least, though I've only a few cards for that
maximiliantagher has quit [Ping timeout: 268 seconds]
dermetfan has joined #nixos
<EffSquared> gchristensen: Alcatel will make you do that stuff too. Unless you buy some overpriced update it will only works under a certain JVM version from the dinosaur age.
<gchristensen> yeah......
agander has quit [Quit: Leaving]
troydm has joined #nixos
<EffSquared> tilpner: If you packaged firefox with some form of JVM, it should show up in the extensions list. As a result you should be able to run jnlp in your browser.
srghma has joined #nixos
<EffSquared> tilpner: I also remeber that you could open the jnlp with icedtea directly without a browser, at least the Cisco ASA crap.
upsaday_ has joined #nixos
<tilpner> EffSquared: That's what I tried last time: bin/javaws -jnlp ./spider.jnlp -nosecurity
<tilpner> And it starts, but then it fails to connect
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55231 → papirus-icon-theme: 20190106 -> 20190203 → https://git.io/fhSjr
upsaday has quit [Ping timeout: 244 seconds]
<{^_^}> [nixpkgs] @Ma27 merged pull request #55122 → ndppd module: refactor and fix → https://git.io/fhSg2
<{^_^}> [nixpkgs] @Ma27 pushed 6 commits to master: https://git.io/fhSjP
<tilpner> EffSquared: Firefox's extension menu is empty with both icedtea and jre
orivej has quit [Ping timeout: 244 seconds]
<symphorien> is icedtea still supported with firefox quantum ?
<{^_^}> [nixpkgs] @dywedir merged pull request #54752 → linux_testing_bcachefs,bcachefs-tools: 20190123 → https://git.io/fhiTB
<{^_^}> [nixpkgs] @dywedir pushed 3 commits to master: https://git.io/fhSjD
<EffSquared> tilpner: That, or might be the mimetype mapping, There are some useful resources online, can not find the one I used, but something like this: https://stuffivelearned.org/doku.php?id=apps:firefox:jnlpfix
srghma has quit [Quit: Page closed]
<tilpner> Ubuntu finally finished installing, so I'll try it there to rule out any nixpkgs bugs
<EffSquared> tilpner: Hetzner might also pass some args to the jnlp, so maybe also check the html code for arguments to pass to javaws
<tilpner> Good idea, I'll look
<tilpner> There are a bunch of arguments inside the actual .jnlp, not the html
eadwu has joined #nixos
<{^_^}> Channel nixos-unstable-small advanced to https://github.com/NixOS/nixpkgs/commit/73ad11dd70f (from 2 hours ago, history: https://channels.nix.gsc.io/nixos-unstable-small)
sicklorkin has quit [Ping timeout: 246 seconds]
realrokka has joined #nixos
eadwu has quit [Client Quit]
Alling has quit [Ping timeout: 256 seconds]
_kwstas has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55232 → openmpi: 3.1.3 -> 4.0.0 → https://git.io/fhSjj
<tilpner> ... it was a firewall issue
_kwstas_ has joined #nixos
peacememories has joined #nixos
_kwstas has quit [Ping timeout: 246 seconds]
_kwstas_ is now known as _kwstas
realrokka_ has joined #nixos
realrokka has quit [Ping timeout: 246 seconds]
tilpner has quit [Quit: WeeChat 2.3]
eadwu has joined #nixos
iqubic` has joined #nixos
WilliButz has joined #nixos
iqubic has quit [Ping timeout: 250 seconds]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55233 → osrm-backend: 5.21.0 -> 5.22.0 → https://git.io/fh9eZ
tilpner has joined #nixos
<{^_^}> [nixpkgs] @markuskowa closed pull request #55232 → openmpi: 3.1.3 -> 4.0.0 → https://git.io/fhSjj
Henson has joined #nixos
<Henson> if I want to run a command contained in a derivation in a pure environment, should I use nix-shell with the "--command" flag, or is there a more proper way to do that? Once deploying a derivation, I want to make sure when it runs on various systems its operation is not influenced by the various settings of the machine on which it's running. nix-env would be easiest, but that would expose the...
<EffSquared> tilpner: Classic. :-D Good luck with the rescue.
<Henson> program to whatever environment variables were in the shell that runs the command from the profile.
<tilpner> EffSquared: I should have seen this coming, my ISP likes to block things it shouldn't have any business blocking. Thanks for your help! :)
<sphalerite> Henson: for hardcore mode, env -i it ;)
<Henson> sphalerite: that's a good suggestion.
<sphalerite> Henson: that still doesn't prevent side effects like programs determining HOME from /etc/passwd lacking a $HOME envvar or otherwise reading/writing files.
<sphalerite> Henson: nix-shell --pure still preserves a few impure envvars
<Henson> sphalerite: yes, that's not a problem. I just want a reproducible execution environment.
<sphalerite> Henson: for a really really pure environment, you could use namespacing to make a completely clean-slate filesystem. But it depends on how much effort you want to go to.
<sphalerite> Or build a docker image and run it in the runtime of your choice, which is basically that but without reinventing the wheel.
ikitat has quit [Ping timeout: 250 seconds]
<Henson> sphalerite: I don't think I need to go to that extreme. I'm going to be starting some commands from an init script, and want any successes or failures in the execution of the software to be due to how the software is actually built and written, and not because of environment variable or LD_CONFIG differences between systems.
<sphalerite> yeah that sounds fair
peacememories has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
dejanr has joined #nixos
<EffSquared> tiplner: Sure, no problem. Always learn something too. ;-)
_kwstas has quit [Quit: _kwstas]
elgoosy has quit [Remote host closed the connection]
drakonis has joined #nixos
EffSquared has quit [Quit: Leaving]
tilpner has quit [Quit: WeeChat 2.3]
<{^_^}> [nixpkgs] @svanderburg pushed to master « xcodeenv: enable Xcode 10.1 support »: https://git.io/fh9eP
maximiliantagher has joined #nixos
<{^_^}> [nixpkgs] @aanderse opened pull request #55234 → redmine: 3.4.8 -> 4.0.1 → https://git.io/fh9eM
tilpner has joined #nixos
<{^_^}> Channel nixos-18.09-small advanced to https://github.com/NixOS/nixpkgs/commit/d4a1e8975a6 (from 74 minutes ago, history: https://channels.nix.gsc.io/nixos-18.09-small)
<{^_^}> [nixpkgs] @svanderburg pushed to master « titaniumenv: add Xcode 10.1 and Titanium 7.5.1 support »: https://git.io/fh9ey
maximiliantagher has quit [Remote host closed the connection]
maximiliantagher has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<{^_^}> [nixpkgs] @markuskowa merged pull request #55152 → star: 2.6.1d -> 2.7.0a → https://git.io/fhSMt
<{^_^}> [nixpkgs] @markuskowa pushed 2 commits to master: https://git.io/fh9eS
Henson has quit [Quit: KVIrc 4.2.0 Equilibrium http://www.kvirc.net/]
kumikumi has quit [Ping timeout: 256 seconds]
Makaveli7 has quit [Quit: Leaving]
upsaday_ has quit [Remote host closed the connection]
upsaday_ has joined #nixos
dejanr has quit [Ping timeout: 246 seconds]
eadwu has quit [Quit: WeeChat 2.3]
<tobiasBora> Hello,
eadwu has joined #nixos
<tobiasBora> There is one thing that is retaining me to move my main laptop to nixos is that I'm affraid at some point to find a program that I cannot run on nixos at all even if I've a binary because of the way nix deals with libraries.
<tobiasBora> So I'd like to know, is there a way to "simulate" for a given process a "usual distribution"?
<tobiasBora> an*
<tobiasBora> so that in order to run my binary I can just untar and exec the file?
<symphorien> there is buildFHSUserEnv
<simpson> Sure, there's the FHS user environment, for packages like Steam that really can't be modified.
<symphorien> that's the basis of steamrun
<simpson> But those sorts of binaries are blessedly rare.
<tobiasBora> amazing
<tobiasBora> you guys have solution to everything :-)
<tobiasBora> I can also compile "manually" libraries using this trick?
<tobiasBora> well
upsaday_ has quit [Remote host closed the connection]
<simpson> Why would you want to?
upsaday_ has joined #nixos
<infinisil> tobiasBora: If you really find such a program (and you need it), feel free to open an issue for it in nixpkgs asking for it getting packaged
<tobiasBora> well I guess what I'm talking about is in fact nix-shell
<{^_^}> [nixpkgs] @svanderburg pushed to master « titaniumenv: fix broken function header »: https://git.io/fh9vI
<tobiasBora> infinisil: ok thanks. Actually I used to have a problem with sagemath at some point. Now it's kind of fixed (actually I still need a trick to use the good token because jupyter is loaded with the wrong token by default)
<tobiasBora> but I'm affraid to find another problem like that later on. But thank you very much!
<tobiasBora> Also if I have, say, a .deb package (imagine that I downloaded the latest teamviewer and that I need it quite quickly, and that for some reason I have no access to the tarball), can I load a "lightweight debian-like environment" to install the deb? Or my best try is to manually extract the .deb and plug it into buildFHSUserEnv? Or to use docker/virtualisation?
<symphorien> depends on the .deb
<symphorien> the only thing I had problems with because of nixos is printer drivers
<symphorien> installing a printer driver .deb in a vm or container won't help :)
<tobiasBora> symphorien: hum, so what is your solution?
<infinisil> Everything should get packaged with Nix, because Nix works flawlessly on other Distros, whereas other distros PMs mostly don't work at all on NixOS (or any other distro really)
<infinisil> Ideally
<simpson> tobiasBora: That sounds like three variations on whether you can avoid learning how to debug NixOS when it doesn't do what you want.
<symphorien> usually patchelf and libredirect can solve most driver related problems
<tobiasBora> infinisil: that's the point, I know that ideally != reality. Especially when I'm in a hurry :P
<simpson> tobiasBora: To look at things another way: Suppose that you're on Debian and you need the latest teamviewer but it's only available as a tarball without a debian/ directory. What would you do? Is that a question about Debian's abilities or about your desires?
<symphorien> *most printer driver
<simpson> tobiasBora: Why should software change its behavior merely because you're in a hurry?
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55235 → notejot: 1.5.3 -> 1.5.4 → https://git.io/fh9vB
<{^_^}> [nixpkgs] @worldofpeace merged pull request #55235 → notejot: 1.5.3 -> 1.5.4 → https://git.io/fh9vB
<{^_^}> [nixpkgs] @worldofpeace pushed commit from @r-ryantm to master « notejot: 1.5.3 -> 1.5.4 »: https://git.io/fh9vo
<tobiasBora> Well I'm not blaming nixos for anything, it's an amazing OS, really, and I love it. Like functionnal programming. But sometimes, "clean solutions" require time, and often knowledge, and I know that usually when I need a new tool I'm in a hurry. Like, I'm talking to someone, I need to update (or why not downgrade) my teamviewer in 10mn so that my collegue don't run away, I want to know if I have a
<tobiasBora> dirty-but-easy solution to fix things quickly, even if later on I can spend more time to write it properly in nix's spirit. It's a bit like in haskell: usually a pure fonction cannot write on the stdin. But to debug, I *love* printing stuff, so I'm happy to be able to "hack" temporary the purity with some debug tools (that should not even exist in theory).
vk3wtf has joined #nixos
<simpson> Sure, bringing new technology to the workplace is usually a frictionful event.
<tobiasBora> And to give a more practical example, 5 hours ago I had an issue with a .jar that was not working as intended, and if samueldr and clever was not here to help me, I would have some troubles for tomorrow... So without them I'd have loved to have a dirty-but-easy solution ;)
<simpson> Understandable. Nix is not really about those.
<{^_^}> [nixpkgs] @Ma27 pushed 4 commits to release-18.09: https://git.io/fh9vD
<{^_^}> [nixpkgs] @worldofpeace merged pull request #55230 → gnome3.orca: 3.30.1 -> 3.30.2 → https://git.io/fhSjY
<{^_^}> [nixpkgs] @worldofpeace pushed commit from @r-ryantm to master « gnome3.orca: 3.30.1 -> 3.30.2 »: https://git.io/fh9vy
<tobiasBora> simpson: well nix have lot's of great solution, and I'm just trying to explore ;-) Actually buildFHSUserEnv may be part of the answer.
<bbarker> I'm attempting to use vsftpd, and I guess this is my first time trying to use a module; how do I import and enable it (located at nixpkgs/nixos/modules/services/networking/vsftpd.nix)? `services.networking.vsftpd.enable = true;` is not sufficient
orivej has joined #nixos
<buckley310> I do online CTFs fairly frequently, so I always keep something like this around for when I need to run an unmodified binary. just `nix-shell [filename].nix` and then raw binaries just work. http://ix.io/1A3V
<{^_^}> [nixpkgs] @Mic92 merged pull request #53875 → vimPlugins: Update → https://git.io/fhnKl
<{^_^}> [nixpkgs] @Mic92 pushed 2 commits to master: https://git.io/fh9vQ
<buckley310> though of course your milage may varry depending on how picky the software in question is...
<infinisil> tobiasBora: Yeah, buildFHSUserEnv works often, but it's not a panacea
<infinisil> tobiasBora: There are some little tricks here and there to get around the purity
<infinisil> Like, turning off the sandbox, using forbidden builtins
jackdk has joined #nixos
xkapastel has joined #nixos
<infinisil> Oh, and some other forbidden stuff, like, dare I say it, a writable /nix/store (pls don't do this)
<simpson> I feel like it's not worth speculating without a particular problem package in mind.
<infinisil> Maybe, but they asked for nasty escape hooks, and there are indeed some, which might work
<bbarker> a more general question regarding my above question: the appendix cleared it up, i should be using services.vsftpd.enable (omit the networking)
<tobiasBora> ahah thanks! Not sure what you mean by forbidden builtins though ^^
<buckley310> now i am curious in what situations a writable nix store would be useful xD
<gchristensen> good for nothing
<gchristensen> good for breaking your tools
<infinisil> buckley310: There's lots of packages that think it's alright to store their data where they're installed..
<ottidmes> infinisil: the writable store, I guess that is all or nothing, not on a per package basis?
iqubic` has left #nixos ["ERC (IRC client for Emacs 26.1)"]
<gchristensen> all or nothing
<infinisil> Yeah
<infinisil> Really, it shouldn't even be considered an option
<simpson> infinisil: So why do you consider it an option?
<infinisil> A writable store will void any support from me lol
<infinisil> simpson: I guess I don't really, but they asked for dirty things :P
<infinisil> bbarker: Gonna take a look..
drakonis has quit [Quit: WeeChat 2.3]
<bbarker> infinisil, oh sorry, i'm an idiot - i solved it mid question and forgot to edit it rephrase as an answer, not a question
<infinisil> bbarker: It's `services.vsftpd.enable = true;`, it's probably best to look at the options from either `man configuration.nix` or https://nixos.org/nixos/options.html
<bbarker> yeah ... and thanks
<infinisil> Ah, you did mention services.vsftpd.enable already sorry
<bbarker> incidentally, is there a standard ftp client of sorts in nixos?
<bbarker> i feel like I'm traveling to the past
<simpson> I don't know what's popular with the kids. Classic tools like ncftp are available, as well as some others that I don't recognize. Which client were you hoping for?
simukis has quit [Quit: simukis]
<infinisil> bbarker: Try the one in inetutils
<bbarker> Someone from astronomy suggested lftp as it allows parallel streams and chunking up of files, which seems to be in nixpkgs
<infinisil> I see
doyougnu has quit [Ping timeout: 245 seconds]
<infinisil> Hmm, what's the modern day ftp though?
<infinisil> Ah, sftp
<bbarker> i typically just use sftp yeah
<gchristensen> depends on the use case
<bbarker> but, i guess some folks with large amounts of data (and some folks behind the times) use ftp
<gchristensen> a previous place used netcat a lot to send a big file to multiple destinations at once
<gchristensen> there is evidently a proprietary tool which uses udp and streams data much faster than other protocols
<bbarker> it seems like i heard google was trying to create an alternative to TCP that does this for the web
<infinisil> gchristensen: But like, with guarantees that it actually arrived?
<gchristensen> yea
<bbarker> i'm sure it will be great if Google replaces the TCP protocol with their own stack they control ...
<infinisil> Ah, that QUIC thing maybe
<bbarker> oh right
<gchristensen> I'm not talking about QUIC, but yeah
doyougnu has joined #nixos
eadwu has quit [Quit: WeeChat 2.3]
itorres has quit [Ping timeout: 250 seconds]
itorres has joined #nixos
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55236 → ocamlPackages.utop: 2.2.0 -> 2.3.0 → https://git.io/fh9fZ
<disasm> gchristensen: what about RINA?
<gchristensen> what is that
Mateon2 has joined #nixos
<simpson> disasm: Cool idea, but of the competitors with similar designs, I personally am hoping for NDN, Named Data Networking.
Mateon1 has quit [Ping timeout: 250 seconds]
Mateon2 is now known as Mateon1
<simpson> From the folks who brought us TCP/IP and the hacks to make TCP/IP scale, mostly.
alex`` has quit [Read error: Connection reset by peer]
alex``` has joined #nixos
jasongrossman has quit [Ping timeout: 246 seconds]
itorres has quit [Ping timeout: 244 seconds]
mizu_no_oto has joined #nixos
<gchristensen> oh cool
teh[m] has joined #nixos
itorres has joined #nixos
<gchristensen> ndn://cache.nixos.org
teehemka_ has joined #nixos
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<mdash> gchristensen: !!!
<gchristensen> (not real)
<dhess> gchristensen: what's ndn
<mdash> oh, this was a wish not a new feature :)
dsiypl4__ has quit [Ping timeout: 244 seconds]
<mdash> dhess: https://named-data.net/ has some stuff
<mdash> dhess: NDN is to TCP/IP as content-addressed storage is to filesystems. sorta.
mizu_no_oto has quit [Quit: Computer has gone to sleep.]
<{^_^}> [nixpkgs] @r-ryantm opened pull request #55237 → ocamlPackages.resource-pooling: 0.5.2 -> 0.6 → https://git.io/fh9fr
freeman42x has quit [Ping timeout: 252 seconds]
doyougnu has quit [Ping timeout: 244 seconds]
maximiliantagher has quit [Remote host closed the connection]
erasmas has quit [Quit: leaving]
sigmundv_ has joined #nixos
doyougnu has joined #nixos
alex``` has quit [Ping timeout: 246 seconds]
civodul has quit [Quit: ERC (IRC client for Emacs 26.1)]
dermetfan has quit [Ping timeout: 240 seconds]
eadwu has joined #nixos
doyougnu has quit [Ping timeout: 240 seconds]
drakonis has joined #nixos
<__monty__> Is ndn similar to ipfs or dat://?
vk3wtf has quit [Ping timeout: 250 seconds]
<{^_^}> [nixpkgs] @Ma27 merged pull request #55222 → nixos/nextcloud: use matching nginx package when configuring nginx → https://git.io/fhSx2
<{^_^}> [nixpkgs] @Ma27 pushed 2 commits to master: https://git.io/fh9fS
<{^_^}> [nixpkgs] @veprbl merged pull request #55210 → pythia: 8.235 -> 8.240 → https://git.io/fhSbP
<{^_^}> [nixpkgs] @veprbl pushed commit from @r-ryantm to master « pythia: 8.235 -> 8.240 »: https://git.io/fh9fH
tdbgamer has joined #nixos
<Unode> __monty__: not quite. ndn is more like transparent proxy
garbas has joined #nixos
{^_^} has quit [Remote host closed the connection]
iqubic has joined #nixos
{^_^} has joined #nixos
<Unode> there's some interesting videos from netflix explaining how they use an NDN-like solution to distribute their content without bringing the entire internet to its knees.
<iqubic> So some steam games just don't want to run on nixos.
<Unode> iqubic: to be expected, some don't run even on Ubuntu :P
<iqubic> Right. I have a game that runs on Ubuntu, but fails on Nixos.
<Unode> run steam from the console so you get maximum debug info
<iqubic> Trying to get `SpaceChem' to run is a big pain.
<Unode> other than that, it's possibly a missing library
<iqubic> Unode: I have been doing that.
garbas has quit [Client Quit]
<iqubic> Unode: It is.
ryantrinkle has quit [Ping timeout: 268 seconds]
<Unode> I have space chem as well, let me check
garbas has joined #nixos
<iqubic> I think I need the 32 bit version of Mono.
<iqubic> Either that or I need the 64 bit version. Something about Mono.
<Unode> iqubic: yup it's mono alright
<iqubic> Alright.. So how can I fix this?
<Unode> just tried it and fails as well. I also get: System.DllNotFoundException: libnative.so
<iqubic> Yeah. libnative.so is a library written for this game and is incuded in the download.