<ottidmes>
is it possible to, in an overlay, have a package and its dependencies recursively be based on super rather than self? I now use (import super.path { overlays = []; }).pkg, is there any other / better way?
<reallymemorable>
so apparently after talkign to a colleague the build machine uses the same code
<clever>
reallymemorable: using build slaves makes fetchgitPrivate a lot more complicated to use, which is why builtins.fetchGit is the better replacement
<reallymemorable>
ok
<reallymemorable>
my colleague is basically agreeing with you that your way is better
<reallymemorable>
but there isn't capacity to change it at this time
<reallymemorable>
so im trying to find a way to get this built locally in the meantime
<NemesisD>
that's not such a big deal for me, i'll be building images infrequently and it makes sense to me to sacrifice some build time to have the image fully ready to run when its built
<clever>
NemesisD: having /dev/kvm on the build machine counters most of that perf cost
<NemesisD>
clever: thanks for the coreutils tip. about kvm, i'm on debian, is that a package i should install?
<clever>
NemesisD: its a kernel driver, kvm-intel or kvm-amd, just modprobe it
thc202 has quit [Ping timeout: 245 seconds]
eadwu has quit [Quit: WeeChat 2.3]
jb55 has quit [Quit: WeeChat 2.3]
phizzz has quit [Ping timeout: 246 seconds]
eadwu has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
run500 has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
shibboleth has joined #nixos
andreabedini has joined #nixos
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhd1k
Guest11162 has quit []
shibboleth has quit [Remote host closed the connection]
hc1^ has joined #nixos
sigmundv__ has quit [Ping timeout: 255 seconds]
silver has quit [Read error: Connection reset by peer]
<apajx>
i'm trying to run pokemon terminal, I've built it and installed it with pip (in user space) but I can't get it to run, its complaining about the module `pkg_resources` which I thought would be in setuptools? But perhaps not?
<clever>
steell: yeah, looks like you simply want to use that override, with the URL plex gives you
<steell>
clever: nixos-rebuild fails with `stat: no such file or directory`
<clever>
steell: are you using an rpm package?
<steell>
clever: yeah
<clever>
steell: its possible that the new version is missing key files, can you pastebin the entire error?
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to staging: https://git.io/fhdDl
slack1256 has quit [Remote host closed the connection]
<steell>
clever: extreme noob question: is there a way i can pipe the whole `nixos-rebuild build` output to a file? `nixos-rebuild build > out.txt` doesn't work :/
<clever>
steell: 2>&1 > out.txt
<steell>
ty ;)
<jackdk>
steell: btw, clever's advice is true for any program that writes to standard error (stderr)
<benwaffle[m]>
matthewbauer: Xquartz from nix seems to work fine
<clever>
steell: you would need to add a `set -x` at the start of installPhase, to be able to debug this further
dbmikus_ has quit [Ping timeout: 250 seconds]
vmandela has joined #nixos
<steell>
clever: ah well that revealed the cause
<clever>
steell: is there a file which doesnt exist?
<steell>
++ patchelf --set-interpreter /nix/store/7gx4kiv5m0i7d7qkixq2cwzbr10lvxwc-glibc-2.27/lib/ld-linux-x86-64.so.2 '/nix/store/y3a9kvq92h7svss3pv8ywhy8q49xqyr8-plex-1.15.0.659/usr/lib/plexmediaserver/Plex Media Server Tests'
<steell>
stat: No such file or directory
<clever>
that file isnt in nixpkgs master, and isnt in your rpm file
o1lo01ol1o has quit [Remote host closed the connection]
<vmandela>
samueldr, ping
ost has joined #nixos
hiroshi has quit [Ping timeout: 255 seconds]
<steell>
clever: now builds fine, but the service is failing to start
<steell>
/nix/store/09g97li05qmmqkd8s8h27rll3qsjp11d-plex-x.xx.x.xxx/usr/lib/plexmediaserver/Plex Media Server: error while loading shared libraries: libsoci_core.so: cannot open shared object file: No such file or directory
ost has quit [Ping timeout: 246 seconds]
<clever>
steell: is libsoci_core.so in /nix/store/09g97li05qmmqkd8s8h27rll3qsjp11d-plex-x.xx.x.xxx ?
<teeAyy>
with home-manager, is there a mapping to nix options? im trying to figure out how to configure mpd but services.mpd and programs.mpd dont exist
<Richard[m]>
angerman: thanks! yeah, I'm looking to fully cross compile to windows.
simukis has joined #nixos
<{^_^}>
[nixpkgs] @peterhoeg merged pull request #54917 → vmware: move from services to virtualisation and add support for paravirtual controller → https://git.io/fh1X9
endformationage has quit [Ping timeout: 246 seconds]
rcshm has joined #nixos
palo1 has joined #nixos
<eyjhb>
If I need to open a LUKS volume at boot with a key, where is the correct place to put the key, and point `keyFile`? - Currently I have it in `/keys/external.bin`, and keyFile = "/keys/external.bin"
<eyjhb>
But it doesn't seem to work.. Also, somehow my external is mounted BEFORE my internal /root...
PeterHK has joined #nixos
<PeterHK>
what is the diff between (lib.getBin drv) and drv.outPath ?
palo1 is now known as palo
fusion809 has joined #nixos
<elvishjerricco>
peterHK: As far as I understand, outPath just gets the first of a derivation's multiple outputs. getBin tried to get the bin output, or out of there is no bin
<eyjhb>
Any ideas why I get "error parsing derivation .. expected string Derive", when I enable the "keyFile" in "encrypted-disks.nix"
phizzz has quit [Ping timeout: 255 seconds]
<eyjhb>
What can I do about this ? ```path '/nix/store/80h7w71izz11v7ys6zriz6bbkq75rgpg-initrd.drv' was modified! expected hash 'sha256:17hzyz47kyk7j591rb9pqlmpdlfwikk90lcamrngv6rghsiarcj8', got 'sha256:0ip26j2h11n1kgkz36rl4akv694yz65hr72q4kv4b3lxcbi65b3p'
<florianjacob>
tbenst: pie__ that xerox stuff you're linking looks like they're trying to ship their own print server instead of cups, or something like that. o.0 it will be very challenging to make that work with NixOS. https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=cups-xerox looks like there are ppd files available / „linux cups printer packages“ available for at least some xerox models, if something like that is availabl
<florianjacob>
for your model then that would be the much easier option.
<pbb>
Hi, so I want to automate the build of a custom firmware for my robot vacuum cleaner with nix, but the build process requires setting up a loop-mount. How would I do something like that in a nix build environment since it usually requires root privileges.
<maurer>
I've been getting a lot of 503s from cache.nixos.org (which resolve with repeated attempts) any idea what's up?
PeterHK has quit [Ping timeout: 256 seconds]
elgoosy has joined #nixos
ar1a has joined #nixos
<ar1a>
gonna set up a small homelab on my old laptop, normally i use proxmox or something like that. any reason i should think otherwise and try nixos or something?
<elgoosy>
hi, global node packages like npm -g i some-pkg do not 'work' well with nixos. How do you define/start a basic nodejs env with some global packages?
Makaveli7 has quit [Read error: No route to host]
<pbb>
ar1a: nixos is really a different thing than proxmox. you can do a lot more with it, like declaratively building VMs and containers, and take advantage of the whole nix build system
neminis has quit [Quit: WeeChat 2.2]
Makaveli7 has joined #nixos
<pbb>
elgoosy: why do you need global packages? I always use yarn2nix to build a node_modules directory, and then add node_modules/.bin to my PATH
<pbb>
since yarn2nix builds every npm/yarn package as a nix derivation they will be stored in the nix store, so you use the same node package twice, it will not be downloaded again
<pbb>
but then again I also never used npm install -g back when I used Arch, is there something special about globally installed packages?
<johanot>
pbb: what you need the loop mount for?
<pbb>
johanot: the build script for the custom firmware takes the "official" firmware, loop-mounts it and replaces some files
<pbb>
it does make sense to do it this way other than it requiring root privileges
<johanot>
pbb: could you somehow pull out the official firmware as a source (fixed-output) derivation, before entering the buildPhase?
<pbb>
eh, how would that solve the problem?
rauno has quit [Ping timeout: 244 seconds]
_deepfire has quit [Ping timeout: 244 seconds]
<pbb>
I am currently defining the firmware as a fetchurl in a let statement before my actual derivation and then just pass the variable to the buildscript where to find the firmware
<pbb>
but it then tries to bind-mount this firmware and fails because it is not running as root
Ariakenom has quit [Quit: Leaving]
<srhb>
pbb: Is there any way you can unpack/repack the firmware instead of operating on a loop mount?
<pbb>
maybe, but it would require heavy modification of the upstream build process
<johanot>
srhb: my words exactly :)
<srhb>
pbb: You'll not be allowed to do the loop mount in a nix build unless you're willing to sacrifice a lot of the security and safety of Nix, and probably globally on your system.
<srhb>
(Regardless of whether it's "sane" for this particular piece of software)
<dramforever>
Maybe something like runInLinuxVM?
<srhb>
That could work.
bbarker has quit [Ping timeout: 246 seconds]
<pbb>
I guess I'll give that a try
<pbb>
otherwise I would probably just build a derivation that gives me a build script that I can call manually as root
bbarker has joined #nixos
<dramforever>
I think dockerTools uses runInLinuxVM to do some root-requiring stuff. I remember seeing QEMU boot messages in build logs.
_deepfire has joined #nixos
<srhb>
It does, yes, for runAsRoot
<srhb>
essentially the same logic.
<johanot>
ah "runInLinuxVM" almost forgot that :)
daniele- has quit [Quit: daniele-]
<johanot>
would you recomond requiring that to produce fixed-output as well?
<das_j>
Little question about the channels: What's the difference between the nixpkgs-channels branch nixos-18.09 and the nixpkgs branch release-18.09?
<das_j>
Oh wait, is the release-18.09 branch what hydra builds and nixos-18.09 where hydra advances the channel to afterwards?
<das_j>
dramforever: So if my (backported) commit is on nixpkgs/release-18.09, Hydra will build that at some point and then push to nixpkgs-channels/nixos-18.09?
<das_j>
And probably same with master and nixos-unstable?
<dminuoso>
Hiya. A plain `nix-env -qaP` gives me the following error message: error: cannot import '/nix/store/clcgscrkwim6cnf18nkcngmy5rx0pzfm-source', since path '/nix/store/xx9g3kfhjlixfhlpi5xp48ddj6n01b7d-source.drv' is not valid, at /nix/store/qd5kayd5gv9nnbmvrsxp4cs8aj8b5rzn-home-manager/home-manager/tests/default.nix:14:1
<dminuoso>
This is on a rather fresh nixos installation.
<symphorien>
what happens if you use nix search instead ?
<dminuoso>
symphorien: Appears to work.
<ar1a>
that fails for me too
<ar1a>
this works though nix-env -qaPA 'nixos' git
<das_j>
infinisil: Maybe the acme hook unit needs wantedBy = [multi-user.target] to ensure that it's run in the case of reboot (request service didn't start yet) + modification of the hooks (nix shouldn't restart the unit because it wasn't activated in the first place)
regulus_ has quit [Ping timeout: 246 seconds]
hiroshi has joined #nixos
regulus_ has joined #nixos
asymmetric has quit [Ping timeout: 246 seconds]
dramforever has quit [Quit: Leaving]
reallymemorable has joined #nixos
<ptotter[m]>
a question, if I may: I'm now running nixos on several servers. I'd like to version control configs
<ptotter[m]>
that should be easy, just put them in git
<ptotter[m]>
but I'd like to separate secrets, and maybe other variables, to small files included from configuration.nix
hedning has quit [Remote host closed the connection]
<ptotter[m]>
that way I wouldn't have to worry about making a git checkout with the configuration.nix files of several servers
<Twey>
Just found this command in my build output: gcc -pthread -shared -L/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-zlib-1.2.11/lib -L/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-bzip2-1.0.6.0.1/lib -L/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-expat-2.2.6/lib -L/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-xz-5.2.4/lib -L/nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-libffi-3.2.1/lib
<infinisil>
And in the readme: "Note: MIT license does not apply to the packages built by Nixpkgs, merely to the package descriptions (Nix expressions, build scripts, and so on). It also might not apply to patches included in Nixpkgs, which may be derivative works of the packages to which they apply. The aforementioned artifacts are all covered by the licenses of the respective packages."
<gchristensen>
srhb: okay, update on my autorandr thing -- the dock I connect to is super crappy apparently (despite being first-party hardware!) and sometimes just fails to pass on the proper monitor data
<gchristensen>
so autorandr was doing the right thing ("make it big please") and the kernel was saying "you're crazy, this monitor can't be that big!"
<nbp>
niksnut: I will look for a mic …
<niksnut>
thanks :-)
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
vmandela has joined #nixos
asymmetric_ has joined #nixos
agander has quit [Ping timeout: 255 seconds]
asymmetric has quit [Ping timeout: 246 seconds]
steell has quit [Ping timeout: 246 seconds]
<eyJhb>
How can I install g++? I get unexpected stuff when I do `nix-shell -p g++`
illegalprime has joined #nixos
wedens has joined #nixos
<ivegotasthma>
is there a way I can drop into the build environment of a package so I can play around with the process of building it?
<ivegotasthma>
I faintly remember something with nix-shell along those lines
pointfourone has joined #nixos
pointfourone has quit [Remote host closed the connection]
random_yanek has quit [Quit: random_yanek]
<srhb>
gchristensen: I think I'm experiencing something along the same line.
<srhb>
gchristensen: I'm also experiencing a thing where it seems when docking/undocking, sometimes I lose all outputs, causing the X server to crash.
<Taneb>
There doesn't seem to be a way to pass options to Haddock in the haskell builder infrastructure
<{^_^}>
[nixos-weekly] @garbas pushed commit from NixOS Weekly Robot to gh-pages « Preview of '2275936fee0fbeaa446fcb540493d8a3bcb5e2e1' commit built by Travis-CI \#496022590 »: https://git.io/fhdNM
<ivegotasthma>
if I have a dependency that depends on yarn packages, is it better to install them using yarn or to use the nixos packages?
orivej has quit [Ping timeout: 255 seconds]
<Taneb>
Hmm, I could make a pull request that means every single Haskell package would need to be rebuilt, and I'm not even sure it lets me do what I want to do
<srhb>
Taneb: Things like that usually go in the haskell-updates branch and it's not something to worry about, if you think the change is worth it (and doesn't break compat too much)
<srhb>
Taneb: Full Hackage rebuilds are honestly not that scary.
Zgrokl has joined #nixos
reallymemorable has joined #nixos
<Taneb>
srhb: it's scary for me to test if it works, mostly
<srhb>
can't you test it on a few packages?
<Zgrokl>
hello just installed latest nix on debian, when i nix-env -i cpu got 100% and everything crash
<symphorien>
nix-env -i without arguments installs all of nixpkgs
<symphorien>
nix-env -iA does not have this trap
<Taneb>
srhb: it's adding an option ("haddockFlags ? []") that I want for one thing locally and will almost always be left as default. The one thing I want it for has a lot of dependencies
<srhb>
Taneb: I don't see how this prevents testing :)
<srhb>
Taneb: Honestly, it sounds safe to me!
zupo has joined #nixos
<Taneb>
srhb: oh, it's absolutely safe, like being on the observation deck of a skyscraper
<srhb>
Taneb: :-P Let me know if you want someone to take a look, if that'll help you feel safer.
<Taneb>
srhb: thanks for the reassurance
<Zgrokl>
symphorien: what's is <nixpkgs> ?
<symphorien>
it is a shorthand for "/path/to/a/local/copy/of/nixpkgs"
<symphorien>
it is managed with nix-channel
<Taneb>
srhb: so, should I make a PR targetting haskell-updates?
reinhardt has quit [Quit: Leaving]
endformationage has joined #nixos
rauno has joined #nixos
rauno has quit [Remote host closed the connection]
<mara[m]>
nefixthank you ! though this is different, as it uses the default site (https://riot.im/app) completely bypassing the local package
<nefix>
mara[m]: Yeah, the local package isn't the electron app that other distros might have, it's just the website source
<bbarker>
what's a good way to quickly get at some nix haskell libraries from ghci? If I try e.g. nix-shell -p haskellPackages.unliftio -p ghc, I cannot `import Control.Monad.IO.Unlift` in ghci.
dhess has quit [Remote host closed the connection]
<simpson>
I'm not sure whether `haskellPackages.ghcWithPackages` or `ghc.withPackages` is right. But one of those.
<srhb>
haskellPackages.ghcWithPackages.
<srhb>
Or, if you need a different version, haskell.packages.ghc(someversion).ghcWithpackages
o1lo01ol1o has joined #nixos
<bbarker>
great, thanks, working well
ixxie has joined #nixos
<mara[m]>
nefixthat… makes sense, right, okay, so to do it locally it'd have to serve the `/nix/store/...-riot-web-0.17.6` through a webserver somehow, oh i see there's also a https://github.com/Ralith/riot-electron-nix
<nefix>
mara[m]: I haven't tried that
ixxie has quit [Ping timeout: 255 seconds]
<noonien>
does anyone have remote build servers by any chance? i'm looking to fire up a GCE instance when i need to build something, and shut it down once it's finished
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
shane has joined #nixos
shane has left #nixos [#nixos]
<{^_^}>
[nixos-weekly] @garbas pushed commit from NixOS Weekly Robot to gh-pages « Preview of '08f0e7010a4bf84e0b6ff56ddb147c328a940050' commit built by Travis-CI \#496052834 »: https://git.io/fhdxi
<{^_^}>
[nixos-weekly] @garbas pushed commit from NixOS Weekly Robot to gh-pages « Preview of '5a415769c5674d295e8b0dcf0036ce9b30176571' commit built by Travis-CI \#496056363 »: https://git.io/fhdxD
<ivegotasthma>
is it possible to disable the sandbox for a nixpkg?
<ivegotasthma>
,sandbox
<ivegotasthma>
,
<{^_^}>
Special commands: find tell locate - Commands sorted by use count, page 0 (use ,<n> to view page <n>): tofu library IFD unfree -A escape'' libraries declarative paste help callPackage stateVersion unstable pr profiling escape" overlay which-channel xy imperative exec howoldis NUR fancy-uninstall jDwhat nixlang++ ping channels loot pills wololo xml configsearch nixGL pinning runtimeDeps stuck timer cloak dontask error smart-questions tias upgrade
<immae>
ivegotasthma: __noChroot = true
<immae>
(and sandbox needs to be set to "relaxed" to allow that)
<{^_^}>
[nixos-weekly] @domenkozar pushed 3 commits to production: https://git.io/fhdxx
<immae>
ivegotasthma: for that you can have a look at npm2nix
<{^_^}>
[nixos-weekly] @domenkozar pushed to master « Call for Content: 2019/04 »: https://git.io/fhdxp
<{^_^}>
[nixos-weekly] @domenkozar opened pull request #79 → Call for Content: 2019/04 → https://git.io/fhdxh
<ivegotasthma>
immae: I ran node2nix on the project, but I'm not sure if I can include the packages to the override
daniele- has quit [Quit: daniele-]
<immae>
I’m not very familiar with it, you should look at the documentation to use it
<laas>
is it intentional that nonfree firmware is no longer included by default?
<immae>
but you cannot escape the sandbox if the option is set to sandbox=true
<laas>
I did a rebuild recently and my system began failing KMS because of this...
<{^_^}>
[nixos-weekly] @garbas pushed commit from NixOS Weekly Robot to gh-pages « Release of (commit '18c80c5e6d0c443a03f4543b500d0c982214bdb9') built by Travis-CI \#496059216 »: https://git.io/fhdpv
<nefix>
Sorry for telling this again. I'm trying to port https://github.com/VSCodium/vscodium, but I'm really struggling with it. Could someone please help me? Thanks!
Baughn has quit [Quit: ZNC 1.6.2+deb1 - http://znc.in]
<infinisil>
domenkozar: That numbering is a bit odd, I'd have used an ever increasing sequence, you'll get multiple results when you search for NixOS weekly #n how it is now
<nefix>
immae: yeah, I copied the vscode one and changed just the URL and the sha, but it gave me that error
asymmetric_ has quit [Quit: Leaving]
jabranham has joined #nixos
<immae>
I’ll need more precision, it seems to me that you simply misused it rather than an error in the derivation itself
<samueldr>
hi, I had some concerns about the implementation of the tests in #45345, mostly didn't want to recommend doing that hacky stuff to reduce copy/paste in the tests framework, anyone has a better idea?
<vmandela>
samueldr, understood. just wanted to sync with you. Please drop a line on the PR if there are any suggestions from other reviewers. I will be online for only a few more hours today. thanks.
<samueldr>
vmandela: yeah, I really like the feature you revived, and would hope it's ported to the other bootloaders too, afterwards
Guanin has joined #nixos
<immae>
nefix: in this case you should use `callPackage ./vscodium.nix {}`
<immae>
Your file is a function, not a derivation directly
<nefix>
I see
<immae>
(that’s what I meant with misuse, your derivation is probably fine, the error is in the way you’re using the file)
<immae>
he complains that the file he downloaded was unpacked in more than one directory
init_6 has quit []
<immae>
so he doesn’t know which one to chose
o1lo01ol1o has joined #nixos
<nefix>
when is it unpacking the files? Also why it has to choose a file?
ikitat has joined #nixos
<immae>
unpacking is the first step of the build
<immae>
and it choses a directory to "cd" into it and start the build
<ottidmes>
nefix: you want to use sourceRoot = "."; unless you are only interested in one of the directories, then you want sourceRoot = "interesting-dir";
<dminuoso>
Mmm. Im having serious trouble with my resolver. `host` gives me an answer whereas `curl/wget/firefox` fail to resolve the same hostnames.
<dminuoso>
What could be going on here?
<{^_^}>
[nixpkgs] @dotlambda pushed 3 commits to python-unstable: https://git.io/fhdhe
rcshm_ has joined #nixos
<ottidmes>
caching? try dig google.com @resolver-ip, e.g. dig google.com @1.1.1.1
zik_[m] has left #nixos ["User left"]
<dminuoso>
ottidmes: Okay I have no clue whats going on here. If I use dig directly, Im not getting *any* A records.
<dminuoso>
If I use `host` with hostnames that are definitely not cached, I get IP addresses.
<ottidmes>
dminuoso: I shouldnt be so focused on host reporting correct values while the others do not, better focus on why dig does not report any A records, does it not work for any resolver? or does it work for e.g. 1.1.1.1
iqubic` has left #nixos ["ERC (IRC client for Emacs 26.1)"]
<dminuoso>
ottidmes: Im on a train trying to get through the captive portal
<dminuoso>
(Since I have a rather plain linux I have no WISPr detection magic)
<dminuoso>
So I can only use the DHCP assigned nameserver
schjetne has quit [Ping timeout: 255 seconds]
dermetfan has quit [Ping timeout: 255 seconds]
schjetne has joined #nixos
<ottidmes>
dminuoso: then I am afraid I won't be of any help
waleee has joined #nixos
<srhb>
Taneb: Cool, looks good. I'm suddenly in doubt whether they'll prefer staging over haskell-updates, but I'm sure peti or bas will weigh in on that :)
nefix has quit [Quit: Page closed]
<Taneb>
srhb: well, it's out of my hands for now
<dminuoso>
ottidmes: wireshark suggests that dig is sending the DNS query out slightly differently
<dminuoso>
so its not a dig issue
<dminuoso>
But... perhaps it might be related
<dminuoso>
let me wireshark with `curl`
<srhb>
Taneb: Yep yep, it's fine!
<Taneb>
At least until someone puts it back into my hands and suggests changes ;)
__Sander__ has quit [Quit: Konversation terminated!]
<srhb>
Taneb: It was mostly a preemptive "sorry if I lead you astray, you can blame me if it feels better" :-P
<Taneb>
:P
<simpson>
Hm. I'm noticing a pattern of slow builds on my Darwin machine, with almost no CPU being allocated to tasks that I know should be CPU-limited. I don't have much experience with Darwin; is this typical of the platform, or is my machine misconfigured?
<dminuoso>
Not bad. So apparently this DNS server refuses to answer if I send an additional OPT record, even though it contains nothing..
<dminuoso>
This is brilliant.
<dminuoso>
DNS resolving is not that hard.
<srhb>
eon`: (The bug, in short, causes long shebang lines like in switch-to-configuration to not work anymore, and as you might have noticed from your output, suddenly bash is interpreting a perl script and failing hard)
<WilliamHamilton[>
people of nixos, how do you download video files from firefox (for example, there is a plugin called videoDownloadHelper, but it requires a companion program that I don't understand how to install), so asking for the general problem
<srhb>
WilliamHamilton[: I hear youtube-dl supports various non-youtube-things
<srhb>
WilliamHamilton[: Never tried it though.
<reallymemorable>
I tried the following command and got the following error. Does this mean the user is somehow not created yet?
<{^_^}>
[nixpkgs] @asymmetric opened pull request #56095 → solc: make z4 dependency optional → https://git.io/fhdjJ
vidbina has joined #nixos
<WilliamHamilton[>
srhb: let's see in my usecase
wfranzini has quit [Remote host closed the connection]
<srhb>
reallymemorable: Usually yes, but why are you doing this?
<srhb>
reallymemorable: (They're usually called nixbld1..N, but what you're doing seems suspect)
<reallymemorable>
I am trying to trouble shoot an issue when compiling a program -- nixbld didnt have access to my ssh keys
<WilliamHamilton[>
srhb: unfortunately I have to kinda scrap the page before getting to the video, and youtube-dl isn't capable of doing that by himself
<gchristensen>
nixbld should _not_ have access to your SSH keys, reallymemorable
steell has quit [Ping timeout: 272 seconds]
<reallymemorable>
so i have to assign to each of tthe nixbld(s)?
<gchristensen>
what are you trying to do?
<srhb>
WilliamHamilton[: Aw, okay..
<gchristensen>
no, nixbld shouldn't have any ssh keys
<reallymemorable>
so I assign it to each of the nixbld1, nixbld2, etc?
<srhb>
reallymemorable: It depends how you're trying to fetch the thing. In some cases, your user (and only your user) should have access to the key, in some cases the nix-daemon user should (usually root)
<srhb>
reallymemorable: No.. What are you trying to fetch and how? :)
<reallymemorable>
will giving nix-daemon access to the ssh keys give the nix builders access to th ekeys?
<srhb>
reallymemorable: It depends how you're fetching the thing.
<srhb>
reallymemorable: That's why I'm asking.
<gchristensen>
,X-Y
<gchristensen>
,XY
<reallymemorable>
the program relies on a lot of private git repositories that dont use the current fetchGit funcion in Nix
<gchristensen>
I don't know how this dang thing works, but what are you trying to accomplish? because the way you think you wnant to do it is almost certainly thewrong way
<reallymemorable>
and i can't change them
<srhb>
reallymemorable: Giving the builders, or the daemon, access to your keys will not really help you in this case. You won't be able to get network access without making a fixed output derivation, and custom calling git from within a nix expr will almost certainly not give you a fixed output derivation.
<srhb>
Unless you do, in essence, exactly what fetchGit and friends do already.
<catern>
is there a way to get a shell inside a Nix builder sandbox? or something like that?
<srhb>
catern: There was a talk on nixcon 2018 about this.
<srhb>
Well, roughly.
<reallymemorable>
currently the staging machine that builds this project gives nix builders access to a specific set of ssh keys used to build the project
<gchristensen>
github.com/mic92/cntr
<ottidmes>
reallymemorable: if your cannot change the Nix sources, but want them to use a different fetcher than they use right now, you could do something somewhat hacky, by using an overlay to replace the fetcher they currently use with the one you want to use
<clever>
it will recursively add .override to every attr in the set
<srhb>
clever: Yup :) Fixed it yesterday, but stashed it. :-)
rydnr has joined #nixos
<lejonet>
srhb: yeah, that is kind of what I've managed to figure by googling, but I'm not sure how to fix it :P
<srhb>
lejonet: Literally what clever said :) Replace callPackage in all-packages.nix with callPackages
dbmikus has joined #nixos
<lejonet>
srhb: oh, my mind didn't really register a difference lol :P
<srhb>
It's subtle!
<lejonet>
It is indeed, I blame weird day at work :P
<srhb>
lejonet: Next up is figuring out why ceph-mgr-aio bails.
<lejonet>
srhb: yeah, I recall that there was a way to build the VM outside of the test, so that you can run the test manually to figure that out
<srhb>
lejonet -A driver
<lejonet>
srhb: according to its docs, it shouldn't need anything more after it got its keyring
<srhb>
lejonet: monitor data directory at ... is empty, have you run mkfs?
<srhb>
Hmm maybe that's not the root cause.
<lejonet>
yeah, that gets fixed later
<lejonet>
The biggest "problem" is the fact that it gets to the ceph target before any of the daemons are actually setup in the beginning
vmandela has left #nixos ["Leaving"]
<johanot>
srhb: the ceph module could really use "easyCerts" :)
<lejonet>
so there are a lot of false negatives in the start up
<lejonet>
johanot: "easyCerts"?
<Nivpgir>
why is my nix search not finding any packages on a fresh installation? even things which should exist... for example: nix search -u htop gives no results
<srhb>
johanot: :-P Get back to merging in the dependency improvements
<johanot>
lejonet: an option we added for the kubernetes module to basically auto-bootstrap :)
<lejonet>
johanot: haha
<johanot>
and ceph is all about keys, just like kubernetes. so I guess the module _could_ use an "enableEasyMode" option after all
fendor has quit [Ping timeout: 244 seconds]
<johanot>
srhb: aye aye :P
<srhb>
johanot: Assuming you agree. It sounded to me like solid improvements.
<lejonet>
johanot: well, they are all about keys, but they aren't certs :P
<johanot>
"easyKeys"? :P
<srhb>
ceph is a lot easier to bootstrap than kubernetes
<srhb>
Famous last words, I know, but..
<lejonet>
well, its more the fact that bootstraping non-cert keys that it uses isn't that simple, but its a novel idea that is definitively doable :)
<johanot>
srhb: if you only consider auth, then yes
<johanot>
setting up crushmap, bootstrapping osds etc. I just wish more of that could be done in a declarative way
<srhb>
Of course :)
<reallymemorable>
This error is because nix builders can't read my config file, right? Because I know that the config file exists and the keys have been used by other machines.
<lejonet>
johanot: in theory, at least the "source" for the CRUSH map could be done declarative
wedens has quit [Quit: Connection closed for inactivity]
<srhb>
reallymemorable: Sandboxed builds can't see your filesystem at all.
<srhb>
reallymemorable: Though there's not a lot of output there..
<reallymemorable>
but it's set to no sandbox
<reallymemorable>
i must be missing something obvious
<srhb>
It's hard to say.. But I think you're going down a path that will lead to a lot of pain and surprising behaviour. Is there any way you can have all the deps available as a local directory tree instead? Like say with submodules.
<srhb>
reallymemorable: What you're doing to, seemingly, defeat Nix here, is going to cause hard-to-debug issues down the road, even if you get it working.
<srhb>
reallymemorable: Maybe you have an expression we can look at?
<johanot>
lejonet: right. My dream is to have my crushmap as one big attrset with all my osd's declared there as well. But that would of course imply auto adding and removing osd's on system switch.
<johanot>
(in a safe manner) <- that last part is difficult
<lejonet>
johanot: yeah, the crushmap is very mappable to a attrset
<reallymemorable>
some repos are used by ssh agents, some are private, and some are submodules
sigmundv__ has quit [Ping timeout: 244 seconds]
<reallymemorable>
there is no way for us to change the dependencies because we license them and do not own them
timor has joined #nixos
<srhb>
reallymemorable: That usually doesn't stop me. :-P
<timor>
Is this the right channel for hydra-related questions?
<srhb>
reallymemorable: But I don't think I have enough information to really help a lot. I can vaguely handwave that if you're using git directly from within your build, you're likely doing something wrong. You probably also want builtins.fetchgit for private repos.
<srhb>
timor: Yup.
<timor>
Is there a way to either a) pin a certain package (build step) to a specific build machine, or b) prevent a certain machine from building said package, without having to override (which I suspect will change the hash) the `requiredSystemFeatures` attribute of the underlying derivation?
<srhb>
timor: A feature unique to the machine should do a)
<timor>
srhb: Hmm maybe my question was a bit unclear. I am familiar with the features behavior, I want to know whether a) and b) are possible without changing the derivation.
<judson_>
kubenix looks really cool
<srhb>
timor: What do you mean by derivation here? requiredSystemFeatures does not change the hash of the drv.
ubert has quit [Quit: Leaving]
<simpson>
I've been using kubenix in production for a bit. It's got some rough edges but sure beats writing YAML by hand.
<srhb>
timor: So, there's no simple way to do it without the override, but the override is essentially free.
<timor>
srhb: Oh it does not? Then that is the way to go. I thought up to now only the passthru attribute did not change the hash. Thanks
<srhb>
timor: I remembered it as being a passthru
<srhb>
timor: If it's not, then blergh.
<srhb>
That will indeed change the hash.
rfold has joined #nixos
<{^_^}>
[nixpkgs] @matthiasbeyer opened pull request #56099 → dasht: init at v2.3.0 → https://git.io/fhFvf
<philipp[m]>
How can I find out where stuff that `buildPythonPackage` is defined? Just grepping the string means a lot of reading...
<srhb>
philipp[m]: How about grepping for "buildPythonPackage ="
<srhb>
philipp[m]: One of the benefits of our function definition syntax.
<judson_>
Related to https://nixos.org/nixpkgs/manual/#users-guide-to-vim-pluginsaddonsbundlesscripts-in-nixpkgs I'm finding that configuration for plugins is spotty - if you need to reference e.g. airline#section that doesn't work because plugins load after your customRC section. I've resorted to having ~/.config/nvim/plugin files for that, but I'd rather have all my config in a *.nix file or directory.
<judson_>
I'm tempted to PR an "after" section, but want to make sure I'm not missing something obvious.
<philipp[m]>
srhb: Lot's of `buildPythonPackage = python.pkgs.buildPythonPackage;` and similar 🙂 So there is no general way to find it?
zupo has joined #nixos
<symphorien>
judson_: with writefile you could make a fake vim plugin with your after section
<srhb>
philipp[m]: I see only four results for that, and I can see which one is relevant.
<symphorien>
Also you could run your after section in an autocommand
<srhb>
philipp[m]: But no, if you don't count that as general, there's no general way :)
<judson_>
Hm. But I'd have to figure out the ordering of it.
<philipp[m]>
Found it by looking at PR and the diffs they have... Not really a good solution but I guess it will work in most cases.
knupfer has quit [Quit: knupfer]
knupfer1 has joined #nixos
<judson_>
An opt package that gets loaded by and autocommand might be the best approach.
<judson_>
That seems like a small value for "best" though.
<lejonet>
srhb: ceph-mon is being an ass and systemd is being a bigger ass and refusing to give me logs xD
<rfold>
Does NixOps have a command to spawn a transient VM, such that ctrl+C will shut it down and clean it up like nothing ever happened? That'd be useful for running automated tests for my application. I could write a Bash script that does this, although it would leave garbage behind if it crashes (e.g. power failure).
<srhb>
lejonet: frm within the driver?
<lejonet>
srhb: yep
<srhb>
lejonet: How are you trying to get the logs?
<srhb>
lejonet: I'm pretty sure it really is failing on the mgr though..
<lejonet>
srhb: journalctl -u ceph-mon-aio :P
<lejonet>
well, I can't get to the mgr part in the driver... xD
<srhb>
oh..
<srhb>
lejonet: I'm considering disabling the ceph target before bootstrapping. Do we have a ceph target?
<lejonet>
I guess I could run a really ugly one and make the nix-store writable so I can change -f to -d in the service :P
<lejonet>
srhb: yes, there is a ceph target
knupfer1 is now known as knupfer
<srhb>
lejonet: Can we then do all bootstrapping and start each component manually?
<srhb>
timor: :/ Then I don't know of a good way, sorry.
<timor>
srhb: no problem
<srhb>
timor: A secret system type.. >_>
<srhb>
That's horrible though
klntsky has quit [Remote host closed the connection]
<timor>
srhb: maybe there is a good way make a hack based on passthru
klntsky has joined #nixos
<lejonet>
srhb: lol, changing -f to -d in the service made it come up just as it should (and honestly, probably should change that in the generated service, otherwise it seems like it doesn't log at all)
<srhb>
lejonet: Hmm, seems counter intuitive.
<srhb>
Maybe they're being "too smart"
<lejonet>
-f is "log to usual place" and -d "log to stderr"...
<srhb>
Oh.. :P
<srhb>
Perhaps they just got with the times
<lejonet>
both runs it in foreground :P
<srhb>
Both as in -fd?
<lejonet>
nah, each one of em
<srhb>
wat. OK. -d sounds right for us for sure
<srhb>
In fact I always hated the ceph log files.
<lejonet>
xD
<lejonet>
What log files? ;)
<lejonet>
but yeah, -d definitively sound like what we should have, should check the other daemons too
dermetfan has joined #nixos
<srhb>
lejonet: mgr still fails, but yes, nice logs with -d!
<lejonet>
and ofc ceph-mgr-aio Just Work(TM) instead... they be trolling!
<lejonet>
I'll mod the module to make em all with -d, because it seems like it is -f that is actually making em screw up with systemd
ost has joined #nixos
<srhb>
lejonet: Aren't they all from the same ExecStart?
<lejonet>
almost, different binaries
_deepfire has quit [Remote host closed the connection]
_deepfire has joined #nixos
<lejonet>
but the command line for each daemons ExecStart is more or less the same apart from the specific daemon binary being run
_deepfire` has joined #nixos
<srhb>
Right, that's what I meant..
_deepfire` has quit [Remote host closed the connection]
ij has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
waleee has quit [Quit: WeeChat 2.3]
ost has quit [Ping timeout: 255 seconds]
o1lo01ol1o has joined #nixos
<lejonet>
ofc that didn't do anything to ceph-mgr-aio failing when run by the testscript...
<lejonet>
srhb: so I'll patch the test ^^ because atm it seems like the test goes as it should :)
<srhb>
clever: and partOf at the same time :-P
<lejonet>
(with that change)
<srhb>
lejonet: Yes, agreed :)
<clever>
srhb: behind the scenes, there is a tgtd daemon, which runs the iscsi target, but it doesnt support its own config files!
slidercrank has joined #nixos
<srhb>
clever: I... WHAT? :D
<clever>
srhb: then you have tgtadm, an ELF binary, that will RPC into tgtd, and add/remove things
Nivpgir has quit [Remote host closed the connection]
<clever>
srhb: then you have tgt-admin, a perl script, that parses the config file, and calls tgtadm, to configure the daemon correctly
<lejonet>
srhb: I had the intention of creating a more complex test for it too, to test that remote communication works too
<srhb>
lejonet: Let's maybe split this into a secondary task though :)
<clever>
srhb: i decided to skip that perl script, and make a systemd unit for every single target, and just call tgtadm directly, to add/remove things from tgtd, rather then re-sync the daemon to the cfg
<lejonet>
srhb: ofc ^^
<clever>
srhb: but, you need to restart those target units, any time tgtd restarts, and other fun problems
<srhb>
clever: o_o
<{^_^}>
[cabal2nix] @peti pushed to master « git-annex: disable networkbsd flag for LTS-13.x builds »: https://git.io/fhFvE
<clever>
srhb: how would i get the service on lines 25-38, to restart any time the service on 59 restarts?
<srhb>
clever: I want to handwave something something requires/requiredby, but...
<srhb>
Frankly I'm not sure.
<clever>
and 25-38 is also a one-shot, with an execstop
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhFvg
<srhb>
lejonet: I feel like all we need to do now is check that things that have ceph as a dep still work
<clever>
because its actually managing "services" within the tgtd proc
<srhb>
clever: Sounds like it needs its own init system :-P
<lejonet>
srhb: mhm, going to amend the test with the testing of the target firstly
<clever>
srhb: thats practically what tgt-admin was, it would diff the config against the daemon state, and then run modify commands to re-sync it
<srhb>
lejonet: Awesome, thank you :)
<lejonet>
srhb: its basically just copy-pasting the checking parts from earlier in the test anyway :D
<noonien>
anyone running nixos on a raspberry pi zero w?
<lejonet>
so probably -d is also "ump the verbosity" too, they just don't tell you that :P
<srhb>
Could be, yeah.
<srhb>
I have to run soon, I'll catch up with you tomorrow evening if you're on, and we can get a branch up and poke krav about it once he's back from vacation.
<lejonet>
srhb: sounds good :) lets do a PR to the PR :D
<srhb>
lejonet++
<{^_^}>
lejonet's karma got increased to 2
<lejonet>
srhb: lol :P srhb++
<{^_^}>
srhb's karma got increased to 31
<musicmatze>
>10 ppl @ nixos meetup stuttgart right now... soon we'll rule the world!
<{^_^}>
[nixpkgs] @dotlambda pushed 4 commits to python-unstable: https://git.io/fhFvM
<musicmatze>
I mean >10 ...
<lejonet>
srhb: its nice to be back and poking this again :P
<ikitat>
Any good way to send overlays to a nixos host, particularly one provisioned by nixops?
<lejonet>
srhb: in the mean time, I'm gonna do a fork of his branch (aka "steal" it to my own fork of nixpkgs) and add in the tweaks to the test (and bump to 13.2.4) in it
<srhb>
lejonet: Great!
_lawlesseel has quit [Ping timeout: 256 seconds]
orivej has joined #nixos
<lejonet>
oh and the callPackage -> callPackages fix too
<srhb>
Yar :)
<ikitat>
I'm (foolishly?) trying to have a dev environment in darwin while still being able to create linux executables
<lejonet>
But first, dinner :P
timor has quit [Ping timeout: 246 seconds]
aswanson has quit [Quit: WeeChat 2.2]
dermetfan has joined #nixos
infinee has quit [Quit: leaving]
ij has quit [Ping timeout: 255 seconds]
<musicmatze>
Holy crap, now we are 15 ppl at the nixos meetup stuttgart
<reallymemorable>
is there an nyc meetup?
aswanson has joined #nixos
tmaekawa has joined #nixos
<JosW>
musicmatze: great you're lucky! Wish we had one in Groningen the Netherlands...
<{^_^}>
[nixpkgs] @dotlambda pushed 2 commits to python-unstable: https://git.io/fhFff
<JosW>
srhb: the one before config isn't right?
kreisys has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
dcol has joined #nixos
<pie__>
florianjacob, thanks for the reply, it wasnt actually my question
<srhb>
JosW: It is, but you're missing a closing brace at the end :)
<pie__>
would have to go back and find who it was though
<srhb>
JosW: ... { config = { ... }; };
<pie__>
tbenst[m],
<dcol>
I'm trying to patchelf the rpath of a binary to run it on NixOS, but for some reason it doesn't seem to work. When I run the binary after patching with patchelf it still complains of a missing library, however when I put it in my LD_LIBRARY_PATH it seems to work. What could be the reason for this?
<clever>
dcol: does the package have its own libraries?
<clever>
dcol: when one of those libraries tries to load another, it uses its own rpath, not the rpath on the executable
<dcol>
clever: I've isolated just the binary, so I don't think so. why would it run when I set the LD_LIBRARY_PATH then?
<pie__>
<florianjacob> tbenst: pie__ that xerox stuff you're linking looks like they're trying to ship their own print server instead of cups, or something like that. o.0 it will be very challenging to make that work with NixOS. <florianjacob> tbenst: pie__ that xerox stuff you're linking looks like they're trying to ship their own print server instead of cups, or something like that. o.0 it will be very challenging to make that work with NixOS.
<clever>
dcol: if it is needed by another lib, and not the executable, the it uses that libs rpath
<pie__>
oh and i just noticed you already highlighted the other guy so nevermind
<clever>
dcol: lddtree should reveal that
kreisys has joined #nixos
<srhb>
clever: TIL :)
<srhb>
No more find . -type ... -exec ldd
<dcol>
clever: ah yeah, I get what you are getting at now. that makes a lot of sense, tbh. thanks!
<srhb>
,locate lddtree
<{^_^}>
Found in packages: pax-utils
<clever>
srhb: lddtree isnt like `find .`, but rather, it will show the dep-tree of the DT_NEEDED's
<srhb>
Glorious.
<srhb>
Yeah, I figured :)
<srhb>
So it's much better!
<JosW>
srhb: Thanks, that got me past the IN error. Need to get used to this syntax
<zimbatm>
ty colemickens
dermetfan has quit [Ping timeout: 255 seconds]
slidercrank has left #nixos ["I'll be back"]
<reallymemorable>
I get this error when I tried to build my project: `The builder will not be able to see any running ssh agent sessions unless ssh-auth-sock is also set in the nix-path.`. But when I `echo $SSH_AUTH_SOCK` it's empty. What do I put in there before adding it to NIX_PATH?
<clever>
reallymemorable: as a normal user, except for the socat, which the example shows being used with sudo
<reallymemorable>
is doing it from sudo different from just running it as root?
DeaDSouL has joined #nixos
agander has quit [Ping timeout: 255 seconds]
<clever>
reallymemorable: not really that different, just make sure the $SSH_AUTH_SOCK is pointing to the socket for the users ssh-agent
agander_ is now known as agander
rcshm_ has quit [Remote host closed the connection]
rcshm_ has joined #nixos
fendor has joined #nixos
<clever>
reallymemorable: the main uid issue, is that when a member of nixbld connects to $SSH_AUTH_SOCK, ssh-agent rejects them hard, for security reasons
<clever>
so you have to setup an socat to act as a proxy, which is connecting from root
<clever>
and ssh-agent has an exception to allow root, so `sudo ssh` can still use the agent
matijja has quit [Ping timeout: 245 seconds]
<reallymemorable>
cool thank you
<reallymemorable>
trtying now
<reallymemorable>
just to be clear though
<reallymemorable>
the "Could not open a connection to your authentication agent." error can be ignored for now
<clever>
reallymemorable: it sounds like SSH_AUTH_SOCK still isnt set right, so the ssh-add is failing
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « lftp: do not look for expat and zlib in /usr/include »: https://git.io/fhFfy
<reallymemorable>
how can i address this?
<clever>
reallymemorable: when you run ssh-agent, it will print a few lines out
<clever>
just copy/paste those back into the terminal
<reallymemorable>
ok -- now i just get a Permissions 0640 for '/home/gort/.ssh/id_rsa' are too open
<reallymemorable>
when i do ssh-add
<clever>
thats a warning that anybody in your group can read your ssh key, you may want it to be chmod 600
<reallymemorable>
yeah i set the root to all
knupfer has joined #nixos
<reallymemorable>
also wont that prevent nixbld from accessing?
<clever>
thats the whole point of the agent
<reallymemorable>
i need everyone in the group nixbld to be abble to access
<reallymemorable>
ok
<clever>
nixbld talks to the agent, which has a copy of the key loaded in memory
<reallymemorable>
got it
<clever>
and the agent will never give the key out, only sign things for you
<clever>
and now you can start the socat as root, pointing to the unix socket the agent is running on
<reallymemorable>
ok so I chmod 600 /path/to/id_rsa
<reallymemorable>
and added the identity
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<reallymemorable>
ok so this seems crazy. I entered this: `sudo socat UNIX-LISTEN:/tmp/hax,fork,mode=0070,group=nixbld UNIX-CLIENT:$SSH_AUTH_SOCK` and it asks me for the password for my user but i never set one and it wont let me leave it blank
<reallymemorable>
i have to set a password first?
lord| has joined #nixos
ost has joined #nixos
ost has quit [Client Quit]
dermetfan has joined #nixos
<clever>
reallymemorable: thats just normal sudo rules, you must know your own pw, or set one with something like `passwd reallymemorable`, as root
vk3wtf has joined #nixos
alex`` has quit [Ping timeout: 245 seconds]
<reallymemorable>
ok i did that
<reallymemorable>
when i run this: `sudo socat UNIX-LISTEN:/tmp/hax,fork,mode=0070,group=nixbld UNIX-CLIENT:$SSH_AUTH_SOCK` it just seems to be running indefinitely though
<clever>
thats normal
<clever>
its listening on /tmp/hax
<clever>
use a second terminal, with `-I ssh-auth-sock=/tmp/hax -I ssh-config-file=/tmp/ssh-config` in the nix-build command
<clever>
or add ssh-auth-sock=/tmp/hax:ssh-config-file=/tmp/ssh-config to your $NIX_PATH variable
<reallymemorable>
i have to do this in between: touch /tmp/ssh-config
<reallymemorable>
no?
<clever>
yeah
alex`` has joined #nixos
<{^_^}>
[nixpkgs] @schmittlauch opened pull request #56103 → ktouch: fix build failure due to dependecy missing → https://git.io/fhFJU
acarrico has quit [Ping timeout: 255 seconds]
rcshm_ has quit [Read error: Connection reset by peer]
shibboleth has quit [Quit: shibboleth]
rcshm_ has joined #nixos
_kwstas has joined #nixos
<{^_^}>
[nixpkgs] @hedning merged pull request #56046 → Add and enable Bolt to support Thunderbolt 3 settings in GNOME → https://git.io/fhd4c
<{^_^}>
[nixops] @AmineChikhaoui pushed to master « VirtualBox: handle deleted vms from outside NixOps »: https://git.io/fhFJh
vk3wtf has quit [Ping timeout: 264 seconds]
<monotux>
I'm retarted. what do I do about this?
<monotux>
error: packages '/nix/store/8s85vwzn2vc0jqls93rdr6r5bcmr7dza-akonadi-mime-18.08.0/share/mime/subclasses' and '/nix/store/3bggvz3j19j880rc9ga35nfxax60vrj9-marble-18.08.0/share/mime/subclasses' have the same priority 5; use 'nix-env --set-flag priority NUMBER INSTALLED_PKGNAME' to change the priority of one of the conflicting packages (0 being the hi
<monotux>
ghest priority)
<pbb>
since a few days I'm getting this error when rebuilding my laptop's nixos unstable system:
<{^_^}>
#53672 (by eadwu, 6 weeks ago, closed): switch-to-configuration not interpreted using perl
<selfsymmetric-pa>
Hi! I'm having some trouble with ghc and nixos. When I attempt `stack install` I get `attribute ghc844 missing`. I'm not sure what that's about so I'm attempting to install that attribute globally. However I cannot find that package in the nix package search.
<eon`>
pbb: basically you habe to rollback to a kernel that does not have this issue
<selfsymmetric-pa>
Anybody know where I could get myself a ghc844?
<pbb>
I can not do that, my hardware is only supported by 4.20 :(
zupo_ has joined #nixos
<pbb>
or is it fixed in the latest patch-release?
<eon`>
pbb: yes if you update nixpkgs-unstable you will have the kernel with the patch reverted
<eon`>
pbb: but to switch to it you will need a kernel that does not have this issue :/
<slack1256>
selfsymmetric-pa: ^
<samueldr>
pbb: rollback as in nixos generation rollback, not downgrading to a previous kernel version :)
<pbb>
okay, thanks. I now ran the script with the correct interpreter manually
<selfsymmetric-pa>
slack1256: Thank you so much!!
<pbb>
which worked fine
<slack1256>
I recomend playing with `nix repl` to see how is nixpkgs structured
<samueldr>
well, previous, but previous to 4.20
<slack1256>
After a while you can `Ctrl-R` on your terminal for the correct command
zupo has quit [Ping timeout: 246 seconds]
<__monty__>
Or run fish and get those history suggestions by default.
<__monty__>
: >
slack1256 has quit [Remote host closed the connection]
acarrico has joined #nixos
slack1256 has joined #nixos
<philipp[m]>
I'm packaging a game written in löve for myself. löve games are essentially just a zip file of lua code that gets interpreted by the love executable, syntax is like `love game.love`. I want to package it in a way that I just have to type `game` to run it.
<{^_^}>
[nixops] @AmineChikhaoui pushed 2 commits to master: https://git.io/fhFUG
<{^_^}>
[nixpkgs] @artemist opened pull request #56108 → lepton: init at 1.2.1 → https://git.io/fhFUc
eadwu has joined #nixos
Ralith_ has quit [Read error: Connection reset by peer]
Ralith_ has joined #nixos
<fpletz>
offlinehacker: currently testing a fix for kubelet-bootstrap... setting restart=on-failure for kubelet makes the test more unstable on my machines o.O
<johanot>
fpletz: is "docker load" not atomic?
<johanot>
ah. even if it is, kubelet-bootstrap is a oneshot
trubi has joined #nixos
srl295 has joined #nixos
endforma1 has joined #nixos
endformationage has quit [Ping timeout: 255 seconds]
wfranzini has quit [Remote host closed the connection]
jackdk has joined #nixos
wfranzini has joined #nixos
<georgyo>
I have a build that in the tests does a getaddrinfo(NULL, "ntp", NULL, &res)
<lejonet>
Hmm, if I want to add a packages bin folder to the path of a program in another derivation, I would do wrapProgram $out/to/binary --prefix PATH ":" "${pkgs.thing}/bin" right?
<georgyo>
This fails because in the sandbox environment neither /etc/services nor the nscd socket exists
hiroshi has joined #nixos
<georgyo>
Is there a way to make /etc/services exist in the sandbox without making adding extra-sandbox-paths to /etc/nix/nix.conf
<ikitat>
When using nixops create/deploy can I get the target to reference overlays?
<symphorien>
georgyo: use libredirect to fake the fact that /etc/services exist
<ottidmes>
lejonet: or maybe buildEnv?
<lejonet>
ottidmes: that seems to be a package override thing, I'm doing this as part of a package already (ceph-volume needs to know the paths to lvm2 stuff)
ma27_ has joined #nixos
<ottidmes>
lejonet: wrapProgram is probably better yes, I just mentioned it as a potential alternative, I used it to override a existing binary with a script that wrapped that binary and changed some of its arguments, but from the outside it should be seen as the same package as it was, so buildEnv with hiPrio did the job
ma27 has quit [Ping timeout: 255 seconds]
<lejonet>
ottidmes: it seems like a neat function to know about indeed :) (for end users)
<{^_^}>
[nixpkgs] @oxij opened pull request #56109 → [Demo] splice.nix: poor man's implementation of Gentoo-like use-flags → https://git.io/fhFU7
sigmundv__ has joined #nixos
emily has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @oxij opened pull request #56110 → [Demo, RFC] Gentoo-like use-flags (will not evaluate by design) → https://git.io/fhFU5
selfsymmetric-pa has quit [Ping timeout: 255 seconds]
<{^_^}>
#56046 (by callahad, 1 day ago, merged): Add and enable Bolt to support Thunderbolt 3 settings in GNOME
<callahad>
(also huge thanks to jtojnar and hedning for lots of review and hand-holding :))
<catern>
Hey #nixos, does anyone know anything about how to deal with build processes/tests which try to perform NSS lookups for the "services" database? (that database contains the mappings of e.g. "ssh is port 22")
<catern>
It looks like glibc doesn't go through nscd for the "services" database
<catern>
Also, does nscd even run in the Nix build container?
<clever>
catern: nope
<catern>
OK, makes sense
alex`` has quit [Quit: WeeChat 2.3]
<catern>
So there's no /etc/nsswitch.conf in the container, so it defaults the configuration to be "services: files"
<catern>
But there's also no /etc/services in the container, so something like "getent services ssh" just fails
<catern>
Thoughts?
<clever>
catern: libredirect or qemu
<catern>
Er, I don't think those are appropriate for an otherwise totally normal build, I'd rather just patch out the call than use those...
<clever>
catern: libredirect lets you patch such things at runtime
<catern>
I would be surprised to hear if no-one else has run into this before
<ottidmes>
callahad: gratz on the merge and thank you for contributing! this way you can get the most out of NixOS, by also being able to package things yourself and makes changes as you see fit :)
<clever>
catern: i just added /etc/protocols to extra-sandbox-paths to solve my issues
cantstanya has quit [Remote host closed the connection]
vk3wtf has joined #nixos
cantstanya has joined #nixos
lawlesseel has joined #nixos
<catern>
clever: but that's not upstreamable to Nixpkgs
<clever>
yeah, thats where libredirect can help
<catern>
Hmm I guess I should just patch the software upstream to not make this lookup
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<catern>
Since it's really bad anyway to look at system-wide config in a build/test
drakonis has joined #nixos
kreisys has joined #nixos
xkapastel has quit [Quit: Connection closed for inactivity]
Ariakenom has joined #nixos
kyren has quit [Ping timeout: 252 seconds]
selfsymmetric-mu has joined #nixos
kyren has joined #nixos
ma27_ has quit [Quit: WeeChat 2.2]
gagbo has joined #nixos
<selfsymmetric-mu>
Hi! I have a silly question. How does `nix-env --install --attr nixos.haskell.compiler.ghc844` correspond to `configuration.nix`? I naïvely tried adding `haskell.compiler.ghc844` to my `environment.systemPackages`, but that does not work so I think I am making a category error of some kind.
Ariakenom has quit [Read error: Connection reset by peer]
<clever>
selfsymmetric-mu: do you have a `with pkgs;` near the systemPackages?
<selfsymmetric-mu>
Yes, the expression is `(with pkgs; [ haskell.compiler.ghc844 ])`, which gives me `attribute ghc844' missing`.
<selfsymmetric-mu>
That suggests to me that `pkgs.haskell.compiler` was found.
<selfsymmetric-mu>
Hm. Perhaps my channels are out of sync between root and user.
<selfsymmetric-mu>
I will double check that.
rprije has joined #nixos
Thra11 has quit [Ping timeout: 246 seconds]
<clever>
selfsymmetric-mu: it will warn you if you have 2 nixos channels, every single time you use nix-env
<reallymemorable>
has anyone here used the NixOS GUI on an instance installed on EC2?
<selfsymmetric-mu>
That's a great warning!
<clever>
reallymemorable: what part of the GUI do you want to use?
<selfsymmetric-mu>
Anyway, yes, this was a difference between the sudo configuration update and user installation. Gosh I make that mistake too many times.
<selfsymmetric-mu>
I need to inject a warning in an alias or something.
<clever>
selfsymmetric-mu: i try to never have channels on the user, root is the only source of channels
xkapastel has joined #nixos
<selfsymmetric-mu>
That's the setup I used to have, but I'm trying to placate stack's implicit Nix integration.
<reallymemorable>
clever: basically I have given up any hope of getting my NixOS permissions right to build the project locally. So I want to clone the EC2 staging environment so that I can test the project in a web browser.
<clever>
reallymemorable: what was the end-result when using socat and /tmp/hax?, that should still work
<reallymemorable>
on the final step i still hit a wall with the user being unable to open /tmp/ssh-config
rfold has quit [Quit: leaving]
<clever>
reallymemorable: what does `echo $NIX_PATH` report?
<clever>
reallymemorable: that looks like a different error, its not complaining about ssh-auth-sock
Havvy has quit [Quit: Computer Restarted or Restarting IRC]
<clever>
reallymemorable: try `nix-store --add-fixed sha256 /tmp/ssh-config`, and then replace the /tmp/ssh-config in $NIX_PATH with the path it returned
<reallymemorable>
the nix builders cant access the ssh keys
<clever>
they shouldnt have access to the keys
<clever>
the agent handles that
<reallymemorable>
sorry yes thats what i meant
<reallymemorable>
how do i remove something from nix path
<reallymemorable>
so that i can put in the new thing that just output
<clever>
reallymemorable: echo the current value, then just copy/paste it to a new `export NIX_PATH=....`
<clever>
and edit it before you run that cmd
<reallymemorable>
yes i did
<reallymemorable>
i replace ssh-config-file=/tmp/ssh-config
<reallymemorable>
?
<clever>
yeah, make that ssh-config-file=/nix/store/something
<reallymemorable>
with ssh-config-file=/new/output
<clever>
yeah
freeman42y has joined #nixos
<reallymemorable>
same error
<{^_^}>
[nixops] @PsyanticY opened pull request #1102 → [WIP] Support persistant spot → https://git.io/fhFkO
<clever>
reallymemorable: with the new path?
<reallymemorable>
yes
DeaDSouL has quit [Ping timeout: 246 seconds]
fendor has quit [Read error: Connection reset by peer]
<clever>
reallymemorable: you have ssh-config-file= in there twice
<clever>
so its not using the new path
<reallymemorable>
ah shit ok i will remove the wrong one
<reallymemorable>
same error
DeaDSouL has joined #nixos
<clever>
reallymemorable: what path is it showing in the error?
freeman42x has quit [Ping timeout: 258 seconds]
cthachuk has joined #nixos
<reallymemorable>
Can't open user config file /nix/store/pzjx83n84q72nv81sj6civj6rhp5za9b-ssh-config: No such file or directory
<reallymemorable>
so its looking at the right thing now
<clever>
reallymemorable: try setting nix.useSandbox = false; in the host configuration.nix, and nixos-rebuild switch to apply it
<reallymemorable>
ok
<reallymemorable>
i do that as root
<reallymemorable>
do i need to log back into my user sessions after rebuilding?
Thra11 has quit [Ping timeout: 246 seconds]
<clever>
nope
<cthachuk>
On nixos, I have installed the 'boost' derivation but cmake cannot find the header files. I see the libraries in ~/.nix-profile/lib but don't know where to look for the header files; they're not in ~/.nix-profiles/include. Any suggestions? Thanks!
<reallymemorable>
i am getting the same error with useSandbox false
<clever>
,libraries cthachuk
<{^_^}>
cthachuk: Don't install libraries through nix-env or systemPackages, use nix-shell instead. See https://nixos.wiki/wiki/FAQ/Libraries for details.
<cthachuk>
lever thanks, I'll read up on that now
<clever>
reallymemorable: try switching back to ssh-config-file=/tmp/ssh-config, and also add nix.sandboxPaths = [ "/tmp/ssh-config" ]; to the configuration.nix, and do another nixos-rebuild
PLPD-Bot has quit [Remote host closed the connection]
<reallymemorable>
and leave tthe useSandbox false in?
<clever>
reallymemorable: ive been using linux since ~2005, and i learned the most when i installed http://www.linuxfromscratch.org/
<reallymemorable>
the devs want me to learn how to do some basic haskell stuff
<thomasd>
hi all, I'm trying to build a project with julia-1.1.0, but julia-1.0.3 is chosen instead. I know julia-1.1.0 is available in the nixpkgs commit I am using, under the julia_11 alia. how, in my default.nix file, can I force julia-1.1.0 to be used?
<reallymemorable>
ive been on the business side
<reallymemorable>
and they are too busy to help me
<reallymemorable>
clever: that looks super cool thank you