<clever>
veverak: and this then builds it, inside /mnt/nix/store/
<veverak>
clever: I am not pass first succesfull 'switch'
<clever>
veverak: this should work even that early on
<veverak>
ok
<veverak>
clever: thanks, will do
<clever>
veverak: you can then use nix copy again, in the reverse direction, to copy the build product back to /
<veverak>
I actually want to use the flash drive
<clever>
and then another nixos-rebuild switch will just use it
* veverak
trusts them more than sd card
<clever>
veverak: i think the rpi can boot from usb mass-storage now, so you can just dd the original .img you started with, to that usb stick
<veverak>
not zero
<veverak>
:)
lunabo has joined #nixos
<veverak>
(which sucks by my opinion, but nah)
o1lo01ol1o has quit [Remote host closed the connection]
<veverak>
nix-store -r in progress
johanot has quit [Quit: WeeChat 2.2]
eadwu has joined #nixos
tdeo_ is now known as tdeo
fusion809 has joined #nixos
<jasongrossman>
Hi everyone. I seem to remember that there's a script that makes it easily to interactively choose things that have been `nix-env -i`ed to uninstall. I can't remember what it's called.
<simpson>
ar1a: FWIW, AIHI, the main constraint on Nix's implementation language is that it needs to generate a pretty small closure and generally make self-contained binaries. At this point there's also the inertia of piles of C++ to contend with, which is why languages that might only be incremental improvements haven't really been considered (D, Zig, etc.)
jluttine has joined #nixos
<andrewrk>
simpson, closure in this case being the build dependencies, runtime dependencies, or both?
jackdk has quit [Remote host closed the connection]
<simpson>
andrewrk: Both, probably, although I hear that runtime dependencies are much worse.
argent0 has quit [Ping timeout: 246 seconds]
<andrewrk>
if it was only runtime, zig can actually generate binaries that don't even depend on libc, and thus run on nixos without patchelf
<andrewrk>
not that I would recommend using it before 1.0.0 is done
dbmikus_ has quit [Ping timeout: 258 seconds]
<ar1a>
ive never heard of zig before
kreisys has joined #nixos
<ar1a>
"The Zig Standard Library does not depend on libc."
<ar1a>
interesting
<ar1a>
it looks like rust
<andrewrk>
ar1a, feel free to join #zig if you want to chat without danger of being off-topic in #nixos
jluttine has quit [Ping timeout: 258 seconds]
<ar1a>
andrewrk: are you the author of zig by any chance? :P
<andrewrk>
:)
<andrewrk>
yours truly
mobile_c has quit [Read error: Connection reset by peer]
jtojnar has quit [Read error: Connection reset by peer]
jtojnar has joined #nixos
jluttine has joined #nixos
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fhFrq
silver has quit [Read error: Connection reset by peer]
camsbury has joined #nixos
<camsbury>
trying to compile something with `avr-gcc` on NixOS 18.09, and I'm getting `fatal error: avr/io.h: No such file or directory`
<clever>
,locate avr io.h
<{^_^}>
Found in packages: gforth, simavr, arduino, lazarus, codeblocks, arduino_core
<camsbury>
woah nice
<camsbury>
lol
<clever>
hmmm, none of those look like the right choice
<clever>
there should be an avr-libc package somewhere
<camsbury>
yea
<camsbury>
I have that
<camsbury>
but doesn't seem to be doing the job
<camsbury>
I have avr-gcc, avr-libc, and avr-binutils
<clever>
ive not done avr stuff on nixos yet, havent had to modify the firmware since switching
<camsbury>
basically everything i can get
<clever>
nix-repl> avrlibc
<clever>
error: Package ‘avr-libc-2.0.0’ in /nix/store/bssxqlhb7liba974sx8yz3d0arjzvp9s-nixos-19.03pre166449.be445a9074f/nixos/pkgs/development/misc/avr/libc/default.nix:25 is not supported on ‘x86_64-unknown-linux-gnu’, refusing to evaluate.
<camsbury>
true but I also have entirely different sets of keybindings for different modes! plus I use evil-mode anyway for standard editing :D (ex-vimmer)
slack1256 has joined #nixos
<camsbury>
woo
<camsbury>
just finally built a haskell package with haskell's mkDerivation pinned to this unstable release
<camsbury>
that was breaking before
<camsbury>
haha
<camsbury>
I was manually cabal building it derp :D
<camsbury>
qmk is still in the air... I think I just fix the errors at this point
<camsbury>
with cabal 2.2 I was passing one at a time
jackdk has quit [Ping timeout: 259 seconds]
<clever>
camsbury: this is a more complex example
Supersonic has joined #nixos
<camsbury>
the advantage of stack was multiple targets
<camsbury>
at once
<camsbury>
but I could just run multiple commands I spose
<camsbury>
any advantages of runhaskell over cabal?
ottidmes has quit [Ping timeout: 244 seconds]
<clever>
if you just install cabal-install, it can potentially be the "wrong" version
<clever>
and then wont behave the same as mkDerivation does at nix-build time
<clever>
Setup.hs will link against the Cabal library, which nix always provides
<clever>
you can also `ghc Setup.hs -o Setup` and `./Setup configure` if you want to make it slightly faster
<camsbury>
oh nice
<clever>
and the defaultMain inside the default Setup.hs, is just going to do the exact same thing as the cabal binary from cabal-install
<clever>
ive been meaning to add a cabal (bash function) to the .env, so this whole thing becomes invisible
<slack1256>
On nix-env, is there any option that does what build-host does on nixos-rebuild?
<clever>
and `cabal configure` just uses Setup.hs without you noticing
<slack1256>
(I've been searching the irc logs to no avail)
<camsbury>
awesome
<clever>
slack1256: i would just setup build slaves, which is in the nixos manual
<camsbury>
but if I put that bit of text in the default.nix... I can then install the file from my github repo using the fetchTarball and mkDerivation or something?
<camsbury>
or you don't user configuration.nix
<clever>
camsbury: if you put the string from the above nix-build, into a default.nix, you can just nix-build without any args
<camsbury>
but if I want to reference it in another nix file...
<camsbury>
I suppose I just call it with nixpkgs
<camsbury>
and voila
<camsbury>
or not even that
<camsbury>
call it with the empty set to have it use its default pinned nixpkgs
<camsbury>
but that could be a pain with all the pkgs downloading their own nixpkgs
<camsbury>
I guess I could do that on break
<camsbury>
I had used nixpkgs.haskell.lib.overrideCabal
<camsbury>
to get cabal install in the default.nix
<camsbury>
that the shell.nix imported
<camsbury>
so I think that one would be the right version?
kreisys has quit [Ping timeout: 255 seconds]
<clever>
i try to override the .env instead, since its only needed on the shell side
<camsbury>
nice
<clever>
and .env is less haskell-y of a derivation, so normal .overrideAttrs works
<clever>
.overrideAttrs works on the haskell derivations too, but happens at a later stage, and breaks the more haskell features of it, sorta
<camsbury>
but does that take the other packages into account in terms oof deps resolution?
<camsbury>
okay
<camsbury>
what is the magic of .env and how do I learn more about it
<camsbury>
for various languages
<camsbury>
is there some kind of standard
<clever>
at the highest level, you have .override, which is added by callPackage, it can change the args originally passed into the function (like the { stdenv, hello, cmake }:)
<clever>
.env is haskell specific
slack1256 has quit [Remote host closed the connection]
<clever>
overrideCabal happens before the haskell generic-builder.nix, so you can mutate the args passed to mkDerivation, before generic-builder.nix acts on them
<clever>
.overrideAttrs happens after generic-builder.nix, but before stdenv.mkDerivation
<clever>
so its harder to change haskell specific stuff (and overrideCabal wont work on the result), but its easier to change non-haskell things
ddellacosta has quit [Ping timeout: 246 seconds]
o1lo01ol1o has joined #nixos
<clever>
and then at the lowest level, .overrideDerivation happens after stdenv.mkDerivation, so it cant change cross-compile level things
<clever>
which one you need, depends on what your trying to change
<clever>
and if you need several, you have to chain them in the right order
<camsbury>
I've seen .env for other languages though. Maybe Python and Rust?
<camsbury>
when you say cross-compile level things
<camsbury>
you mean things that are ensuring they work together?
vidbina has joined #nixos
<clever>
camsbury: nativeBuildInputs and buildInputs are handled specially in stdenv.mkDerivation, and i think that special magic doesnt work if you further edit them with .overrideDerivation
<clever>
you need to use .overrideAttrs to keep that magic working
drakonis has quit [Quit: WeeChat 2.3]
<camsbury>
okay sure
<camsbury>
this is definitely giving me a more solid understanding, so thank you
jackdk has joined #nixos
bobmolson[m] has joined #nixos
dramforever has joined #nixos
<camsbury>
do you use pure nix-shells?
<clever>
not really
<camsbury>
seems useful in some cases (like making sure you are using the right cabal-install)
DrLambda has joined #nixos
<clever>
i just never install cabal-install
<camsbury>
well I mean any dep that you might have a different version of globally
<camsbury>
that is missing from the build
jackdk_ has joined #nixos
jackdk has quit [Disconnected by services]
jackdk_ is now known as jackdk
<ar1a>
how can i make a systemd service declaratively? I want to make one that runs a shell script on boot, that launches a server
<clever>
ar1a: that spins up multiple weechat instances, each in its own tmux session, each in its own user
DrLambda has quit [Ping timeout: 246 seconds]
iqubic has joined #nixos
mobile_c has quit [Ping timeout: 245 seconds]
<ar1a>
DBI connect('dbname=/nix/var/nix/profiles/per-user/root/channels/nixos/programs.sqlite','',...) failed: unable to open database file at /run/current-system/sw/bin/command-not-found line 13. on a basically fresh install, running on stable
<ar1a>
when running `command-not-found aunpack`
<clever>
ar1a: you need a channel called nixos on root for command-not-found to work
<ar1a>
i just added (pkgs.callPackage ~/.ftb/nixderivation {}) into my home-manager packages
<clever>
that also works
<ar1a>
considered pushing it to nixpkgs?
Zer0_ has quit [Quit: Leaving]
<clever>
i probably should, i have a number of things like that, that i never got around to doing
yokyolu has joined #nixos
<Zer000>
wtf, that was weird. Specifically I wanted to copy the mpv lines from all-packages: http://dpaste.com/1MP3WNX.txt and just add "jackaudioSupport = true" there, but I can't figure out how to reference the "../applications/video/mpv" from my configuration file
<slack1256>
I thought http code 200 was the successful code
<ar1a>
youd think so :)
<ar1a>
so we need to force ipv4 for that address
<clever>
ar1a: pf?
<slack1256>
isn't that the openbsd's firewall?
<ar1a>
yep
<ar1a>
openbsd's iptables
<clever>
ah
<acowley>
I'd like to build a kernel with a particular config file found in the src tree of the kernel fork I'm using. I can set `defconfig` to this file, but then generate-config.pl kicks in and runs `make config` and breaks. I currently hacked it to use a DEFCONFIG environment variable, but I'd prefer to do things right. linuxManualConfig seems much different than generic, and scared me off because I'm naive.
<clever>
ar1a: i think you want to .override with a configfile?
<acowley>
It was surprising to me that generic.nix does `make $kernelBaseConfig`, but then generate-config.pl does `make config`.
<clever>
30 # Manually specified nixexpr representing the config
<clever>
31 # If unspecified, this will be autodetected from the .config
<clever>
jasom: which distro are you on? have you tried without --daemon?
<jasom>
clever: I'm on gentoo, have not yet tried without daemon, doing so now...
pie__ has joined #nixos
<jasom>
ah, that gave me instructions for creating the /nix directory and a command not found for sudo
<clever>
jasom: ah, once you create /nix/ and give yourself ownership, it can do the entire install without root
<jasom>
trying that now
<clever>
it normally tries to do that itself, via sudo
<jasom>
I assume --daemon won't work without sudo, or is it something else that was throwing it?
evanm has joined #nixos
* jasom
can always install sudo
<clever>
--daemon needs to know what distro your on, and how your service manager works
<clever>
and it isnt auto-detecting that properly
Jantz has quit [Ping timeout: 250 seconds]
<clever>
systemd may even be optional on gentoo??
<clever>
gentoo is crazy like that, lol
<jasom>
oh, that was unclear from the install instructions and I saw " As of Nix 2.1.0, the Nix installer will always default to creating a single-user installation, however opting in to the multi-user installation is highly recommended."
<jasom>
yeah, no systemd here; it's a headless machine anyways
<clever>
but multi-user is only supported on a few distros
<clever>
at least, the automatic setup
<acowley>
clever: I get a lot of config errors when I (buildLinux ...).override (_: {configfile = "foo";})
pie___ has quit [Ping timeout: 245 seconds]
<clever>
you can always upgrade single to multi later
<jasom>
ah, I see it now "Linux running systemd, with SELinux disabled"
<clever>
acowley: what about just pkgs.linux.override { configFile = ./foo; } ?
<acowley>
I don't have the configfile at a local path
illegalprime has joined #nixos
<acowley>
I'm not sure if that matters
<jasom>
it's possible that systemd is not only optional but not the default on gentoo; I haven't done a fresh install of gentoo in a while, so systemd may be the default now.
<clever>
jasom: i havent actively used gentoo, since before systemd took hold on linux, lol
argent0 has quit [Remote host closed the connection]
<jasom>
I'm slowly moving to NixOS for most things, but I still have this machine (a server I'm not going to reconfigure for nixos anytime soon) and my workstation at work (still uses NIS and I am too busy to add NIS support to nixos).
<clever>
yeah, i still have 1 gentoo machine thats sticking around, havent bothered to switch it over
<clever>
but all new installs have been nixos from the start
<jasom>
totally off-topic, but systemd does *not* play nice with NIS out-of-the-box. Whenever a NIS user would try to connect to my workstation, 3 minutes later my X session would restart. It's a 1 line config file fix, but that took forever to track down what was causing it.
<acowley>
Annoying debugging this build as it either fails really fast or really slow (> 30minutes).
<clever>
if you enter a raw function into the repl, it tells you what defined it
<judson_>
Yeah, and I've resorted to that. But it relies on knowing the functions. They honestly tend to have really excellent comments. I sort of expected that they'd act like docstrings and there'd be HTML somewhere...
<clever>
i didnt even think boolToString existed, lol
<judson_>
Is there general tooling around parsing Nix?
<clever>
judson_: hnix is one
slack1256 has quit [Quit: sleep]
<clever>
2019-02-21 18:15:48 < judson_> Is there a unified list somewhere of builtins and nixpkgs lib functions?
<judson_>
Well, see above - there's reason it lives in trivial.nix - because you can write it in place in ~2x the characters, and then you don't have to remember that it exists.
<clever>
2019-02-21 18:16:47 < LnL> I think we have something now
<clever>
thats only going to work for inputs of 0 or 1
<judson_>
Heh.
<ar1a>
clever: any idea? https://ptpb.pw/Q86J/nix this creates the service but neither the server nor tmux are running. if i copy the execstart into my terminal and run it theres no problem and it works as intended
<ar1a>
theres no relevant output in status, just systemd telling me its started the service
<clever>
ar1a: nothing else in the journal, `journalctl -u minecraft.service` ?
<ar1a>
no server running on /tmp/tmux-1000/default
<ar1a>
didnt know about that command ty
<judson_>
So, amusingly I went looking for foldr, because of course the rightmost bool should be least significant... forgetting for the moment that I generate the list of bools with attrVals
<clever>
judson_: attrVals will sort them by the keys first
<ar1a>
still not sure how to fix it tho
<judson_>
attrValues will. attrVals takes a list of names to pull
<clever>
judson_: ah
<judson_>
> lib.attrsets.attrVals ["a" "z" "b] { a = 1; b = 2; c = 3; z = 26; }
<{^_^}>
error: syntax error, unexpected $end, expecting '"', at (string):218:33
<judson_>
> lib.attrsets.attrVals ["a" "z" "b"] { a = 1; b = 2; c = 3; z = 26; }
<{^_^}>
[ <CODE> <CODE> <CODE> ]
<clever>
ar1a: not sure what to try next, havent really used tmux much
<ar1a>
actually that might be output from a previous service launch
<clever>
ar1a: add -f to make it follow, and then try to restart the service
<ar1a>
i just restarted and -f'd journal ctl
<ar1a>
yeah
<ar1a>
it doesnt print anything
<judson_>
ar1a, systemd provides a restricted environment by default. Tmux needs some set... Which I don't recall.
<clever>
i had tmux working like this, but it had its own dedicated user
<judson_>
Specifically, though, tmux needs a tty - does that service need tmux to run?
<ar1a>
where does script get written to and how do you tell serviceConfig about that
<ar1a>
or is it auto
<clever>
ar1a: script automatically gets written to the nix store, and the path added to ExecStart
<clever>
judson_: i think the -d made it run without needing a tty
DrLambda has quit [Ping timeout: 258 seconds]
<ar1a>
yeah that detaches
<judson_>
In which case it also returns immediately with 0 status, right? systemd isn't going to like that without more config. Can you not use ${pkg.bash} .../ServerStart.sh as your ExecStart?
knupfer has joined #nixos
<clever>
RemainAfterExit = "yes";
<clever>
judson_: this flag makes systemd think its still running, after it exits with 0
<clever>
and i suspect it uses cgroups to discover the new pid
<clever>
so it can track all children that tmux made
_kwstas has joined #nixos
vidbina has quit [Ping timeout: 255 seconds]
_kwstas has quit [Remote host closed the connection]
<judson_>
That status looks like it didn't work though?
endformationage has quit [Quit: WeeChat 2.3]
wfranzini has quit [Remote host closed the connection]
<ar1a>
when running the script in my command line it works fine, but when systemd goes the session ends immediately
<ar1a>
probably because the command im trying to run doesnt exist on the path
<{^_^}>
[nixpkgs] @vcunat pushed 0 commits to revert-56126-update/file-5.36: https://git.io/fhF6c
daniele- has quit [Quit: daniele-]
illegalprime has quit [Ping timeout: 246 seconds]
<teto>
I don't get it, in my repl, I have python3Packages.pandas.doCheck = false; yet if I try to build it (same <nixpkgs>), nix builds the tests. Any idea ?
<clever>
teto: did you set python3Packages.pandas.doCheck or are you eval'ing and seeing its already false?
<teto>
evaling
<teto>
I overrode it in an overlay
<jasom>
okay, just got back to look at the results of the installer script without --daemon. New error message: error: cloning builder process: Invalid argument
<clever>
jasom: you need to enable non-root namespacing
<clever>
> python3Packages.pandas.doInstallCheck
<{^_^}>
true
<clever>
teto: python packages all use the installCheckPhase, which runs the tests after `make install`
<clever>
teto: it has its own on/off switch
<teto>
ah that's another one first time I see this
<teto>
great thanks that should solve it
<clever>
jasom: `sysctl -w kernel.unprivileged_userns_clone=1` will immediately enable it, but is lost at reboot
<clever>
jasom: `echo kernel.unprivileged_userns_clone=1 > /etc/sysctl.d/nix-user-chroot.conf` will make it persist after a reboot
<angerman>
I guess I'm just too stupid for nix :-(
<clever>
my first guess is to just namespace things a bit, under the parent library
<clever>
so foo.cabal, with a sublibrary called bar, will show up as foo-bar in the nix
palo has quit [Ping timeout: 240 seconds]
palo1 is now known as palo
<clever>
and when other parts of foo.cabal refer to bar, as you translate it to nix, you know bar is a sublib, so translate it to foo-bar again
<angerman>
nix-tools actually exposes it as `$pkg.components.sublibs.$name`
<clever>
that sounds pretty much the same
<angerman>
the nasty part was jamming it into the packages that are used to resolve dependencies in a way that it wasn't global. Next issue I ran into was that haskell.nix mostly expects to deal with packages and tries to go for `package.components.library` directly. Which if you hand it a derivation won't work. And lastly Setup.hs register will produce a *folder* of configs for a package with sublibraries.
<clever>
package.components.sublibs.bar or package.components.library maybe?
<FrigoEU>
Hey everybody, I have this thing with NixOS/NixOps that I'm not sure how to solve. I've been building a small SaaS application for which I use NixOps to deploy to a small Linode server. I have seperate databases and seperate server processes for every one of my tenants. Currently I have a list of all my tenants in a nix file, and my deployment scripts maps over all of these tenants to make/update a database for each one, start up a se
johanot has quit [Ping timeout: 244 seconds]
mbrock has quit [Read error: Connection reset by peer]
<FrigoEU>
t NGINX routing per url. This works great, but I wish a new user could click somewhere on my landing page and immediately get a NEW environment. I'm not sure how to do this with Nix. Intuitively I would replace the static list of tenants with a single table in a "global" database that keeps track of all tenants, and then run my deployment scripts off of that, but I wouldn't know how to do that in a Nix file. Are there other ways anybo
johanot has joined #nixos
<FrigoEU>
other place where I can better ask this question, let me know!
<johanot>
srhb: without "--no-systemd" it fails (what I tried yesterday), with "--log-path" it also fails (what our startup unit does). Seems like an easy fix :P
<DigitalKiwi>
etu, brute?
agander_ is now known as agander
sigmundv has joined #nixos
jasongrossman has quit [Quit: ERC (IRC client for Emacs 26.1)]
<srhb>
johanot: Oh. What. :P
<srhb>
johanot: But neat!
<srhb>
johanot: Mounts get set up correctly?
thc202 has joined #nixos
<johanot>
yup :P So yeah... the only thing I'm left wondering is whether a change in the upstream module is needed here?
<johanot>
I can see that we have the module vendored, so I can get away with just changing it internally and everyone here's happy
<srhb>
johanot: iirc that part of the module has never been upstreamed, but lejonet has been working on it. I'm sure he'll check that everything works correctly :)
<srhb>
johanot: Also, the test is going to cover it,.
<srhb>
johanot: So I think we're fine, but feel free to share the module with me or lejonet, we don't have to reinvent the wheel :P
<ptotter[m]>
how could I find out more about possible changes than nixos-rebuild dry-build gives?
cantstanya has quit [Remote host closed the connection]
wfranzini has quit [Read error: Connection reset by peer]
wfranzini has joined #nixos
<Taneb>
ptotter[m]: you could run "nixos-rebuild dry-activate", which builds the configuration and tells you what services it'll restart
<srhb>
ptotter[m]: build it, then nix-diff your running system and the result of the build.
<johanot>
"ceph-volume --log-path /dev/stdout lvm activate --all --no-systemd" works
<johanot>
sigh
<johanot>
cmdline parsers
<adamt>
so is ceph-volume really calling out to some lvm binary, and passing all options after lvm to that command instead?
<johanot>
adamt: not really interested in the details :P just make me a sane arg parser
zupo has joined #nixos
<adamt>
johanot: Patch ceph to use kingpin then. :P
wfranzini has joined #nixos
<johanot>
adamt: don't you use the k word on me
<johanot>
:P
philippD has joined #nixos
<fpletz>
johanot: we have the k8s e2e tests nearly working! just one failure :)
<johanot>
fpletz: Awesome! Good job! Looking forward to reviewing and testing
<johanot>
fpletz: One day we should make some tests for the individual k8s components. e.g. tests.kube-apiserver tests.scheduler etc. These, I think, would also be more ofborg friendly
<fpletz>
yeah, totally, and the complete e2e testsuite takes about 2 hours on my laptop :/
<johanot>
fpletz: buy a new laptop? :P
<fpletz>
increasing the number of cores helps a bit
<fpletz>
in the nixos test vm of course :)
<johanot>
right :) while it's really nice to have a full e2e test, we should also have some quick and slim tests for fast smoke testing
hphs^ has quit [Ping timeout: 245 seconds]
hphs^ has joined #nixos
hphs^ has quit [Max SendQ exceeded]
hphs^ has joined #nixos
hphs^ has quit [Max SendQ exceeded]
hphs^ has joined #nixos
hphs^ has quit [Max SendQ exceeded]
hphs^ has joined #nixos
hphs^ has quit [Max SendQ exceeded]
init_6 has joined #nixos
hphs^ has joined #nixos
hphs^ has quit [Max SendQ exceeded]
<Taneb>
Well, my PR the other day didn't break every single Haskell package!
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
hyperfekt has joined #nixos
winem_ has joined #nixos
<hyperfekt>
I'm trying to output from a systemd unit postStart script, but nothing appears in the journal. Anyone have a clue what's going on? https://git.io/fhFXp
<hyperfekt>
PS: stderr also doesn't seem to appear in the journal
<immae>
hyperfekt: can you try maybe adding a simple "echo foo" and "echo foo >&2" to see if it would just happen that nothing gets out?
<clefru>
Taneb: try harder. in my previous company, you got an internal badge when you submits a PR that broke more than X% of the company's builds.
<clefru>
;)
<hyperfekt>
immae: Yeah, both of those do nothing :<
<immae>
Then check in the systemd manual if it’s expected behavior
<Taneb>
clefru: I'll try to do better in the future
sigmundv has joined #nixos
dramforever has quit [Ping timeout: 255 seconds]
reallymemorable has joined #nixos
<hyperfekt>
immae: I'm trying but it's a novel and nothing is mentioned in the most obvious places. Curiously stderr output from commands called in the script lands in the journal just fine.
dustinm has quit [Quit: Leaving]
ivan has quit [Quit: lp0 on fire]
<immae>
Are you sure that the poststart is ran? Maybe you’re in a case where it doesn’t actually run?
<hyperfekt>
immae: It definitely is, I even get the correct exit code.
<immae>
ok
<immae>
Then I have no clue sorry, but maybe #systemd would be more helpful for your issue
dustinm has joined #nixos
<hyperfekt>
Yeah, I'll ask there. I thought it might be something NixOS specific since that doesn't seem like behavior that one would call 'normal'.
dustinm has quit [Remote host closed the connection]
reallymemorable has quit [Ping timeout: 255 seconds]
<immae>
I’m not absolutely confident that it’s not NixOS, but it looks like a systemd issue
<immae>
you could try to reproduce the issue with a simpler service too
dustinm has joined #nixos
waleee has joined #nixos
agander has quit [Ping timeout: 240 seconds]
Makaveli7 has quit [Quit: Leaving]
ivan has joined #nixos
<hyperfekt>
immae: I got it, turns out the script is executed with -e
<hyperfekt>
Which means we never get beyond the first line
<immae>
ah
<immae>
good :)
rauno has quit [Remote host closed the connection]
xkapastel has joined #nixos
ThatDocsLady has joined #nixos
ng0_ is now known as ng0
FrigoEU has quit [Quit: Page closed]
<equivrel>
Hi, does anyone know how to make `nix-shell` available to my package at runtime
<equivrel>
For context, I am setting up a buildbot (CI) worker using nix, and I'd like it to be able to invoke `nix-shell` using the `shell.nix` provided in whichever commit it's testing.
Alling has joined #nixos
<equivrel>
but it looks like nix-shell isn't in the worker's path...
<immae>
equivrel: did you try adding the "nix" package to buildbot's path?
<Alling>
Hello guys! I tried installing the manticore package using shell.nix, but I got version 2017.08.22, and that's also the version seen here: https://nixos.org/nixos/packages.html#manticore
<hyperfekt>
Alling: With this configuration you should be able to use (import <nixpkgs> {}).manticore for the package version you're looking for.
<Alling>
hyperfekt: OK, I'll try that. Do you know why I'm not "on" unstable even though it's included in the output of nix-channel --list?
<Alling>
I should mention that sudo nix-channel --list doesn't include unstable.
<hyperfekt>
Unfortunately, I'm not aware how the default channel is chosen. Note however that the channel you named nixpkgs points to the nixos-unstable channel.
<equivrel>
immae: indeed, that worked. Thanks!
<immae>
good :)
<Alling>
hyperfekt: Yes, that's intentional so that I can install new versions of packages. Although I don't know if that's the right way to do it.
<therealwaphire[m>
guys, any of you used `boot.kernel.sysctl` to set options that take multiple values?
<therealwaphire[m>
for example, when I do: `"net.ipv4.tcp_mem" = 65536 131072 262144;`
<Alling>
hyperfekt: I tried (import <nixpkgs> {}).manticore but it seems that it made no difference. Nothing new was downloaded and the Manticore compiler reports the same build date.
<therealwaphire[m>
I get a `attempt to call something which is not a function but an integer, at /mnt/etc/nixos/configuration.nix`
<Alling>
Although, weirdly enough, the Manticore compiler says that it was built on 2018-10-15.
<symphorien>
try with quotes, therealwaphire[m ?
<hyperfekt>
Alling: I don't think I'm situated to speak about the right way of things. But if you're not using NixOS may want to switch to nixpkgs-unstable, since that can update without being blocked by some packages needed for NixOS. If you are on NixOS, I would probably rename it just to avoid confusion.
<therealwaphire[m>
<freenode_sym "try with quotes, therealwaphire "> okay, hold on
ubert has joined #nixos
<therealwaphire[m>
aye, works
<therealwaphire[m>
thanks :D
<therealwaphire[m>
I was gonna try with a list first, haha
patrl has joined #nixos
<hyperfekt>
Alling: Could you paste your config somewhere so I can take a look? Also note that only your main channel will be updated using nixos-rebuild --upgrade, you will have to do it manually for the others with nix-channel --update
<Alling>
hyperfekt: I'm on NixOS.
agander has joined #nixos
<Alling>
hyperfekt: So you're suggesting that I rename my nixpkgs to nixpkgs-unstable?
<hyperfekt>
Alling: Lastly, make sure you're using sudo for nix-channel or it won't affect the channels nixos-rebuild is using.
justanotheruser has quit [Ping timeout: 246 seconds]
<Alling>
That's true.
<Alling>
But it should affect nix-shell, shouldn't it?
<hyperfekt>
Alling: If you want to switch the whole of NixOS to unstable, rename it to nixos. If you just want to use it for importing, I suggest nixpkgs-unstable.
<hyperfekt>
Alling: Good question, probably not.
<hyperfekt>
Alling: -not, as in yes, it should affect nix-shell
<Alling>
hyperfekt: Aha, so if I want something unstable, I have to be explicit about it?
<hyperfekt>
Alling: Yeah, you have a default channel that fills the formal arguments and have to import all the others afaik.
<Alling>
hyperfekt: There is something weird going on. After renaming nixpkgs to nixpkgs-unstable, I get this error from nix-shell:
<Alling>
error: file 'nixpkgs-unstable' was not found in the Nix search path
<hyperfekt>
Alling: You probably forgot to nix-channel --update, as one always does ;)
<Alling>
(I haven't rebooted though.)
<Alling>
Aha!
<Alling>
hyperfekt: Woah, there we go!
<equivrel>
I'd like to have nixpkgs available inside a nixos container, so that packages in there can use nixpkgs at runtime. I noticed that by default there doesn't seem to be a nixpkgs anywhere inside the container, presumably because everything is built on the meta-machine. Does anyone know of a nice way to install nixpkgs inside the container?
<equivrel>
I guess I could literally write a derivation for fetching nixpkgs from Github but this feels weird...
knupfer has joined #nixos
emilsp has quit [Remote host closed the connection]
init_6 has quit [Remote host closed the connection]
<equivrel>
e.g. is it possible somehow to set environment.NIX_PATH for a service to point at a nixpkgs?
knupfer has quit [Ping timeout: 240 seconds]
silver has joined #nixos
<equivrel>
what I'm imagining might look a bit like `pkgs.lib.makeSearchPath "" [pkgs]` but this doesn't actually work
<camsbury>
if you fetch that in your config you can do something like
patrl has quit [Quit: WeeChat 2.3]
<camsbury>
nix.nixPath = ["nixpkgs=${tarball}"];
<camsbury>
which I actually do using fetchTarball
<equivrel>
camsbury: I see thanks.
<camsbury>
sure!
<ocharles>
Is there a way to disable Nix caching the result of querying substitutes?
camsbury has quit [Quit: WeeChat 2.2]
<ocharles>
We have a deployment machine that should pull things from Hydra. Occasionally people ask it to deploy some code that Hydra hasn't finished building so the substitution fails. However, that machine then caches that, so when Hydra has finished we have to ssh into the machine and clear /root/.nix to make it talk to Hydra and actually pull the build result down
<ocharles>
If I could just configure that machine to always talk to Hydra, even if it previously failed, this would be much easier
<symphorien>
there is a nix option to set the ttl of the cache iirc
<adamt>
narinfo-cache-negative-ttl
<ocharles>
Ooo
<adamt>
Not sure if it can be set to disable caching altogether though
<adamt>
(there's also a positive version, but it's the negative one you want I think)
emily has quit [Remote host closed the connection]
emily has joined #nixos
init_6 has joined #nixos
<veverak>
so
<veverak>
Hi! I am one of the beginners here
<veverak>
what is the correct way to deploy custom simple C++ app on nixos?
<veverak>
(the target machine has to copile it )
<veverak>
*compile
reallymemorable has joined #nixos
hedning has quit [Quit: hedning]
<Taneb>
Hydra's RunCommand plugin: does it only run one at a time?
<andi->
veverak: create a "package" with stdenv.mkDerivation and add it to environment.systemPackages or to a systemd unit or …
reallymemorable has quit [Ping timeout: 246 seconds]
<veverak>
I see
* veverak
goes to the package tutorials than
knupfer has joined #nixos
hyper_ch2 has joined #nixos
Makaveli7 has joined #nixos
Guanin has joined #nixos
schjetne has quit [Ping timeout: 246 seconds]
schjetne has joined #nixos
emilsp has joined #nixos
kvda has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
troydm has quit [Ping timeout: 246 seconds]
schjetne has quit [Remote host closed the connection]
schjetne has joined #nixos
schjetne has quit [Remote host closed the connection]
knupfer has quit [Ping timeout: 244 seconds]
schjetne has joined #nixos
<CMCDragonkai>
Just a question. If a package is a dependency of a `runCommand` expression. Should that package be in the `nativeBuildInputs`, or should we directly reference it inside the shell script using `${pkgs.something}/bin/tool ...`?
<simpson>
CMCDragonkai: The latter is usually enough.
<CMCDragonkai>
simpson: In what situation should you be putting in th `nativeBuildInputs`?
<simpson>
CMCDragonkai: When there's no better way. Build inputs are for when a package ambiently needs some dependency in its environment.
zupo has joined #nixos
<CMCDragonkai>
simpson: That maybe true for somethings. But it does appear things like coreutils and findutils are just part of the stdenv, that we assume when writing `runCommand`.
asymmetric_ has joined #nixos
<simpson>
Sure.
asymmetric has quit [Ping timeout: 264 seconds]
<noonien>
hello folks
hedning has joined #nixos
<noonien>
by installing a package, can it add a systemd service?
<symphorien>
No. You need a nixos module for this
<noonien>
i thought that might be the case, however, i see quite a few packages adding systemd packages in $out/lib/systemd or $out/etc/systemd, why is that?
<{^_^}>
[systemd] @Mic92 pushed 0 commits to refs/tags/241.20190221: https://git.io/fhFyl
<{^_^}>
#56185 (by spacekitteh, 4 hours ago, merged): Add new maps to sc2-headless
<{^_^}>
[systemd] @Mic92 pushed 0 commits to refs/tags/v241.20190221: https://git.io/fhFy8
<{^_^}>
[systemd] @Mic92 pushed 0 commits to refs/tags/241.20190221: https://git.io/fhFyl
<{^_^}>
[nixpkgs] @vcunat pushed commit from @dtzWill to staging « nghttp2: 1.35.1 -> 1.36.0 »: https://git.io/fhFy4
<{^_^}>
[nixpkgs] @vcunat pushed commit from @dtzWill to staging « nghttp2: 1.35.1 -> 1.36.0 »: https://git.io/fhFy4
<johanot>
therealwaphire[m: beware that those kubernetes features are very new (as in.. not in stable yet), but should be in unstable
<noonien>
symphorien: hmm, i can't tell what libredirect does, it appears to have something to do with LD, the app i'm trying to install doesn't need any .so, the deb actually comes with an openvpn binary which i want to replace with the openvpn derivation, and some text templates which it needs and has hardcoded the path for them as well
<johanot>
etu: I thought he answered me there, but it made no sense :D
<noonien>
symphorien: OOH, THATS NICE! thanks for that!
<johanot>
s/he/it
<etu>
johanot: nah, I pasted my issue number a while back to see if it responded
<symphorien>
noonien: note that libredirect is a ugly hack, so if you can avoid it, please do
<noonien>
yeah, LD_PRELOAD "solutions" usually are, however, in this case, it seems to be my best solution
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<symphorien>
yes, seems like it
<noonien>
i hope it works, since this is a go binary, and i'm guessing Lthe library intercepts libc calls
<symphorien>
ah
<symphorien>
hmm
<symphorien>
well you don't know untilyou try
<emily>
go uses syscalls directly I think, so LD_PRELOAD might not help :(
<noonien>
yeah, will do. i'm actually trying to get nordvpn running, it's just a wrapper on top of openvpn but it's really nice to have
<noonien>
they only probide a .deb for ubuntu tho, it has no dependencies, but it does have some paths hardcoded
<therealwaphire[m>
<freenode_joh "therealwaphire: beware that thos"> alright I'll try playing around.. Is there anything else I can do it it doesn't work right?
patrl has joined #nixos
zduch4c has joined #nixos
<zduch4c>
hello
<adamt>
therealwaphire[m: Your IRC client is doing something wonky
<manveru>
that irc client is matrix :)
<adamt>
therealwaphire[m: johanot's point is that the K8s module has just undergone a substantial refactor, and that you'll have the best time if you use the module that was just merged into master. :-)
Alling has quit [Ping timeout: 256 seconds]
johanot has quit [Quit: WeeChat 2.2]
<zduch4c>
I set a parameter to a list in my configuration.nix; the parameter being environment.gnome3.excludePackages, and the list being pkgs.gnome3.optionalPackages. There is one thing I want to do with the list---remove certain elements from it. However, I noticed that I can't use `let' in my configuration file. What can I do?
<therealwaphire[m>
Oh, okay yeah I saw a post from 2017 using services.kubernetes
<therealwaphire[m>
I'll use the latest one then
<therealwaphire[m>
@adamt replying is fucky with the irc bridge on matrix :0
<zduch4c>
or, perhaps I can---I just don't know how to make it work
<therealwaphire[m>
:P
<ottidmes>
zduch4c: could you show us an example of your let use, you should just be able to use it in your nix files
<adamt>
therealwaphire[m: The module from 18.09 would also work, but it requires more effort
Makaveli7 has quit [Quit: Leaving]
<zduch4c>
nevermind ottidmes, I based my knowledge of let on Emacs Lisp which works differently, so it didn't translate. What I want to do is something (in pseudocode) akin to (let ((packages pkgs.gnome3.optionalPacakges)) (remove x from packages) (remove y from packages) ... (set environment.gnome3.excludePackages to packages))
<ottidmes>
zduch4c: so you want excludePackages to act like includePackages? whitelist instead of blacklist?
jasongrossman has quit [Ping timeout: 244 seconds]
<zduch4c>
ottidmes: something akin to that, I want to exclude all packages from a list I give, but that list being modified to whitelist the stuff I want
zupo has joined #nixos
<ottidmes>
zduch4c: yeah so the list you give acts like the whitelist, alright, you can do that, let me write something
<zduch4c>
yes, in simpler terms I basically want to do `environment.gnome3.excludePackages = pkgs.gnome3.optionalPackages; remove somepackage environment.gnome3.excludePackages' (if it were possible)
hyper_ch2 has quit [Ping timeout: 256 seconds]
<therealwaphire[m>
<freenode_ada "therealwaphire: This is an examp"> Thank you
<therealwaphire[m>
So if I wanted to use the module from 19.03, what would i have to do?
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<therealwaphire[m>
<therealwaphire[m "So if I wanted to use the module"> forgive my stupidity, new to nixos :P
<therealwaphire[m>
I know i have to add the 19.03 channel but where do I go from there?
Tucky has joined #nixos
patrl has quit [Quit: WeeChat 2.3]
zupo has joined #nixos
neminis has joined #nixos
<adamt>
therealwaphire[m: If it's a host doing nothing else, you could just considerer getting an early leg up on 19.03 and use unstable :P
zduch4c_ has joined #nixos
zduch4c has quit [Ping timeout: 256 seconds]
<adamt>
Otherwise you would have to add the relevant kubernetes modules to the list of disabledModules, and then import the one from 19.03
<zduch4c_>
thanks a lot ottidmes (I hope I got your nick right, I don't have history here)! You saved my butt AND my OCD
zduch4c_ has quit [Client Quit]
<therealwaphire[m>
<freenode_ada "therealwaphire: If it's a host d"> haha, that's always an option but it's one of my two servers that's going to be in the cluster
<therealwaphire[m>
so I'd like it to be HA
<adamt>
On a side note, you kinda need three servers to do any kind of reliable high availability, due to how quorum works
<therealwaphire[m>
oh I'll be fine with the illusion of HA then :P
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
drakonis has joined #nixos
<wirew0rm>
has anyone managed to create a QtQuick Projekt in qtcreator? I always get the "No kits found" error. Qt widgets projects work. I also added qt5.qtquickcontrols{,2} to my shell.nix
hiroshi has quit [Ping timeout: 246 seconds]
<wirew0rm>
I also get a lot of these on the command line: Skipping prl file '/nix/store/[...]-qt-full-5.12.0/lib/libQt5Quick.prl', because it cannot be opened (No such file or directory).
jacereda has joined #nixos
<sphalerit>
,locate dhall-format
<therealwaphire[m>
<freenode_ada "Sometime pretty soon, yeah. Ther"> then I guess it's a bad time to start with k8s :P
<therealwaphire[m>
anyways, I think I've messed something up in my nix system
<jacereda>
how do you access the expanded propagated link flags required for a certain buildInput? I mean, if I have `buildInputs=[foo]`, how can I turn that into `-L<foo-path> -lfoo -F<path-to-some-propagated-framework> -framework <some-propagated-framework>`
<therealwaphire[m>
so... if I don't put "root" in the allowedUsers of the nix derivation, will root be still able to do things like `nixos-rebuild switch` ?
<sphalerit>
jacereda: typically using pkg-config
<jacereda>
sphalerit, oh, thanks, let me try
<sphalerit>
therealwaphire: derivations don't have an allowedUsers
<wirew0rm>
i found the missing .prl files in qtdeclarative, but adding it as a qt version does not work
<sphalerit>
well, they can, but it don't do anything in particular.
<__monty__>
sphalerit: `dhall format` is a command of the basic executable, so dhall-haskell I guess? Also, what happened to your e?
<sphalerit>
__monty__: I'm also on here via matrix, and currently on airport wifi which seems to not like my tinc, so I can't get into my weechat
<therealwaphire[m>
<sphalerit "therealwaphire: derivations don'"> I mean this:
<therealwaphire[m>
so by default, all users are allowed to connect to the `nix` daemon, right?
<sphalerit>
yes
<therealwaphire[m>
should I also remove the trustedUsers part?
<sphalerit>
yes, trustedUsers are allowed to place arbitrary data into store paths, which isn't necessary usually
<sphalerit>
(and allows escalation to root from those users)
<therealwaphire[m>
I don't understand what that means yet but I think I'll add it back if I have the need for it :P
<therealwaphire[m>
thanks, mate
<sphalerit>
np!
<therealwaphire[m>
<sphalerit "then, `nix build -f '<nixpkgs/ni"> so as far as I understand, this builds the system in the local directory (which is user writable) and then tells root to switch to that profile, right?
_kwstas has joined #nixos
_kwstas has quit [Remote host closed the connection]
zupo has joined #nixos
_kwstas has joined #nixos
_kwstas has quit [Remote host closed the connection]
<sphalerit>
It builds it in the nix store as normal, except using your user (which is an allowed-user)
<sphalerit>
Then switches the system, yes
<sphalerit>
It's basically what nixos-rebuild does, just with different users and skipping the building nix part
<therealwaphire[m>
I see, I see
<therealwaphire[m>
thanks, man, that was really helpful
hedning has quit [Quit: hedning]
<jacereda>
sphalerit, I just tried `configureFlags = ["--extra-libs=$(pkg-config --libs glew)"]` and it yields: ./configure: eval: line 852: unexpected EOF while looking for matching `"
_kwstas has joined #nixos
_kwstas has quit [Client Quit]
<sphalerit>
jacereda: the configure script will probably use pkg-config correctly itself, just make sure to have pkgconfig in the derivation's nativeBuildInputs
zupo has quit [Client Quit]
<jacereda>
sphalerit, I'm trying to add a patch to the library that requires glfw, so I don't think it will do the trick. I've tried to manually put that --extra-libs argument in the configure flags and it works, but I was wondering what would be the right way to do it
<jacereda>
sphalerit, the unpatched library doesn't depend on glfw, so it won't look for it in the configure phase
<sphalerit>
jacereda: aah OK. Fair enough. That sounds like a reasonable way to do it
<sphalerit>
I suppose the most reusable way would be to patch the configure script (or the source it's generated from) but I imagine that would be a fair bit more effort.
<symphorien>
I think you can append to $configurFlagsArray in bash in preConfigure
<sphalerit>
Definitely worth it if you want to upstream your patch of course, but if you just want to use it on systems that have nix, probably not
<jacereda>
sphalerit, yeah, it would make sense that way and contribute the patch upstream, but they've refused that patch in the past
<jacereda>
symphorien, thanks, will try that
<sphalerit>
Ah, well then!
_kwstas has joined #nixos
_kwstas has quit [Remote host closed the connection]
reallymemorable has quit [Ping timeout: 250 seconds]
jabranham has joined #nixos
<therealwaphire[m>
just one more thing
<therealwaphire[m>
does sha-512 give different output on the same input?
zupo has joined #nixos
<adamt>
No
<therealwaphire[m>
then why does `mkpasswd -m sha-512` give me different outputs on typing the same password? o.O
<adamt>
therealwaphire[m: That's because a random salt is added to your password for security
<therealwaphire[m>
oh!
sjy[m] has joined #nixos
<adamt>
therealwaphire[m: I think it's the part between the 2nd and 3rd "$"
<therealwaphire[m>
results in strings of variable length as well!
<adamt>
It looks like it's the salt that has differing lenghts, but yeah
<adamt>
It's to prevent the same hash for people using the same password, basically
<therealwaphire[m>
oh that's awesome
<adamt>
If you're interested in that sort of stuff, you can google rainbow tables
<das_j>
(Also: This branch breaks your system for very obvious rasons)
<therealwaphire[m>
<freenode_ada "If you're interested in that sor"> okay now this is weird, I've generated hashes on the same password and did `nixos-rebuild switch` twice and yet, my password isn't getting set
Makaveli7 has joined #nixos
<infinisil>
das_j: Oh nice, das_j++! There are a couple more secure defaults, but yeah something like that. Ping me if you open a PR :)
ym555 has joined #nixos
<das_j>
infinisil: What defaults are you thinking of? Also do you think is can get merged if most services (95%) just have sandboxedUnit = false?
xkapastel has joined #nixos
hedning has joined #nixos
<das_j>
(also maybe I should wait until 19.03 is released)
reallymemorable has joined #nixos
justanotheruser has joined #nixos
schjetne has quit [Ping timeout: 245 seconds]
agander has quit [Ping timeout: 246 seconds]
<sphalerit>
das_j: nah do it right after the branch-off on Monday ;)
<das_j>
Oh monday it is? \o/
<adamt>
therealwaphire[m: NixOS has a concept called mutable users, that basically defines whether NixOS will update passwords etc. for users
<therealwaphire[m>
any problems with setting that to false?
<adamt>
therealwaphire[m: Only if your users think they can just log into a server and change their password
<therealwaphire[m>
oh, nah, the only people using the server are me and my friend
<adamt>
We've disabled mutableUsers for all our servers, but probably have it enabled on our local workstations.
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
<dmj`>
I'm attempting to use the papertrail module for NixOS, from the iohk-nixops setup. Under the hood it's just calling journcalctl -f | ncat --ssl logs5.papertrailapp.com 38787. On my ec2 instance (in a vpc) I can send unencrypted bytes, but it will not allow encrypted bytes outgoing (the --ssl flag). Why would this be (note this doesn't happen on my other servers)
o1lo01ol1o has quit [Remote host closed the connection]
endformationage has joined #nixos
o1lo01ol1o has joined #nixos
<therealwaphire[m>
<freenode_ada "We've disabled mutableUsers for "> that's very sane, actually
Jetien_ has quit [Ping timeout: 255 seconds]
knupfer has joined #nixos
knupfer has quit [Remote host closed the connection]
knupfer has joined #nixos
DrLambda has quit [Ping timeout: 246 seconds]
ixxie has joined #nixos
noam has joined #nixos
<dhess>
Does hydra.nixos.org's nixpkgs jobset run the nixos release.nix tests? Or are those run separately?
<samueldr>
dhess: nixpkgs:trunk is configured to eval pkgs/top-level/release.nix and nixos:trunk-combined is configured to eval nixos/release-combined.nix
<dhess>
samueldr: I just didn't know which job to look at, thanks for the pointer
<samueldr>
:)
<samueldr>
yeah, that was my alternative assumption, not knowing whith jobset :)
<samueldr>
which*
agander has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
ij has quit [Ping timeout: 246 seconds]
o1lo01ol1o has joined #nixos
<dhess>
ok next Hydra q: assume you have 2 jobsets (call them A and B) each keying off the same Git checkout URL. Is there a way to sequence them such that Hydra will always run job A before B?
<dhess>
like in the case of nixpkgs:trunk and nixos:trunk-combined, say you wanted to run nixpkgs:trunk evaluations first before nixos:trunk-combined
Arahael has quit [Ping timeout: 244 seconds]
<dhess>
even though they both trigger off the same nixpkgs Git repo
ikitat has joined #nixos
fusion809 has quit [Remote host closed the connection]
<pie_>
emperical experience seems to show that emacsWithPackages only works with emacs packages and not others
hmm322 has joined #nixos
<pie_>
or at the least doesnt work with stuff that provides binaries, because it doesnt set the proper PATH in the wrapper?
o1lo01ol1o has quit [Ping timeout: 240 seconds]
<jabranham>
how can I add "Persistent=true" to the timer created by services.borgbackup.jobs ?
<therealwaphire[m>
so, haha, some more newbie questions :P
<therealwaphire[m>
how do you go on deploying something like this?
<dhess>
pie_: I believe that's true. I bundle my emacsWithPackages up with the required binaries in a buildEnv
<symphorien>
ah das_j was quicker
<hmm322>
Hi, I'm struggling to understand what is `self` and `super` in terms of overlay. If I have 3 overlays `a`, `b` and `c` and it is invoked in that order, `super` in `b` would be the result of invoking `a`, so what does the `self` in `b` points to?
<pie_>
dhess, would be nice if this was documented or something
<jabranham>
das_j: ah, great, thanks
<das_j>
jabranham: Name seems to be borgbackup-job-$name
adamt has quit [Ping timeout: 272 seconds]
agander has quit [Ping timeout: 244 seconds]
<hmm322>
or is this not the correct place to ask such questions
<dhess>
hmm322: self in b points to any packages that b puts in the overlay itself. It's like a "rec" or "let" binding
<das_j>
Basically, super is the package set returned by the previous overlay and self is the package set returned by the last overlay
<hmm322>
that chart is great
<hmm322>
thanks!
<dhess>
hmm322: a good rule of thumb is that super is almost always the right one to use.
<das_j>
Yes, but I forgot who made it
<hmm322>
almost forget about that one
<hmm322>
when to use `super` over `self`
<hmm322>
and vice-versa
<das_j>
Use super. If you need a package that is modified by another overlay (or your overlay), self is the way to go
<das_j>
But be aware of the possibility of an infinite recursion
<jabranham>
hmm322: It's not 100% accurate, but I like to think of "super" as "nixpkgs" and "self" as "nixpkgs + my overlays"
<dhess>
hmm322: I only use self when I define foo and bar in the same overlay.nix file, and bar wants to use the local foo, not the original (super) foo
<das_j>
jabranham: It's 100% accurate if you only have one overlay
<hmm322>
thanks guys!
<dhess>
so like, bar = callPackage ./bar.nix { inherit (self) foo; }
<dhess>
pie_: I may be wrong, but that's how I use it, anwyay.
<pie_>
dhess, id make a github issue but i dont have access to my GH right now
<pie_>
i kind of just figured the various withPackages infrastructures work with anything
<pie_>
but i didnt think very hard. hm.
ikitat has quit [Remote host closed the connection]
<pie_>
note to self: withPackages stuff lets you shoot yourself in the foot
<dhess>
I think it's the same with ghcWithPackages, at least
hmm322 has quit [Quit: Page closed]
o1lo01ol1o has joined #nixos
<dhess>
but then I can't think of any Haskell packages that depend on external binaries being in the path like Emacs packages do, so it's less likely to be a problem.
<dhess>
Oh actually I wrote a package that does exactly that :D I should test it with ghcWithPackages
<Taneb>
dhess: "sbv" as on Hackage looks for z3 on path, but in nixpkgs it's been patched so that it doesn't
<Taneb>
(we hardcode the path to z3)
o1lo01ol1o has quit [Ping timeout: 255 seconds]
<dhess>
Taneb: yeah it would be nice if there were some automatic mechanism for that, but that's probably a Haskell tooling issue more than a Nix one
<unacceptable>
Is there a way to control the size of the tmpfs mounted underneath /run/user/{my-uid} ?
<unacceptable>
Or to make it disk-backed? Packer wants to use it and it's quite hard to convince it not to
<srhb>
unacceptable: Yes, both are possible. Normally it's set to some percentage of your total memory
<srhb>
I'd advice you to avoid making it disk-backed (it's intended not to be, and bigger builds should prefer /tmp)
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
ddellacosta has joined #nixos
<srhb>
unacceptable: You'll need to look up logind config settings to tune it.
<srhb>
Actually, making it physically backed might be a bit harder than I anticipated. But tuning its size is just RuntimeDirectorySize as linked above.
zupo has joined #nixos
evanm has joined #nixos
reallymemorable has joined #nixos
schjetne has quit [Ping timeout: 272 seconds]
softinio has joined #nixos
ikitat has joined #nixos
ij has joined #nixos
selfsymmetric-pa has quit [Remote host closed the connection]
ninjin_ has quit [Ping timeout: 256 seconds]
markus1189 has joined #nixos
rcshm has joined #nixos
zupo_ has joined #nixos
zupo has quit [Ping timeout: 240 seconds]
equivrel has quit [Remote host closed the connection]
<NemesisD>
has anyone else experienced nix eating your haskell package's data files? i'm using cabal2Nix and it seems to create a space in the store where the files would go, e.g. /nix/store/xxxx-my-package-0.0.0.1-data/, but its empty, and the data files are meant to be in /nix/store/xxxx-my-package-0.0.0.1-data/share/ghc-8.6.3/x86_64-linux-ghc-8.6.3/my-package-0.0.0.1/somefile. they're in the tarball when i sdist
rcshm_ has joined #nixos
o1lo01ol1o has joined #nixos
agander has joined #nixos
<therealwaphire[m>
so, guys, I started out with kubernetes by a simple:
<therealwaphire[m>
`services.kubernetes.roles = [ "master" "node" ];` and `nixos-rebuild switch`
<therealwaphire[m>
but, uh, for some reason `kubectl` isn't able to find any nodes
<gchristensen>
do you have swap?
<therealwaphire[m>
<freenode_gch "do you have swap?"> yes
<gchristensen>
sorry, I don't really know anything about k8s..
<simpson>
therealwaphire[m: $ kubectl top no
<simpson>
"We require more minerals"
<noonien>
i have a package that i build using `buildPythonApplication`, how can i define the runtime dependencies it needs? in this case it requires networkmanager
<noonien>
i have networkmanager installed on the system anyway, but i don't think it's a good idea to define the derivation without the dependency
hedning has quit [Quit: hedning]
<simpson>
noonien: I'm not sure how that would interact with networkmanager in particular, due to the need for the system service to also be present and running, but you should be able to `propagatedBuildInputs = [ networkmanager ];` in the attrset as if it were a normal derivation.
<noonien>
awesome, thanks!
<simpson>
therealwaphire[m: $ kubectl describe po $UNHAPPY_POD
<simpson>
I don't need the results. This is for you.
<infinisil>
das_j: I'm not sure if they all make sense to use by default, but there's a couple others in man systemd.exec
<simpson>
You'll get a readable (and search-engine-able) status code, and also some logging information about what's wrong. I am guessing that the machine you're working on just isn't big enough but I don't know your details.
<therealwaphire[m>
@simpson oh lol, sorry about that
<infinisil>
das_j: All the Private* ones, Protect*, Restrict*, CapabilityBoundingSet, NoNewPrivileges and RemoveIPC
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<therealwaphire[m>
but I've already tried it and it doesn't show anything useful... just "no nodes available"
<therealwaphire[m>
@simpson trying it on my laptop as well as on my server, not one of them works
<therealwaphire[m>
same error
<simpson>
therealwaphire[m: Waaaait, did you do a sanity check? $ kubectl get no
<therealwaphire[m>
that's the first thing I did
<therealwaphire[m>
`no resources available`
<therealwaphire[m>
`No resources found.`
<simpson>
Hm. Do you have a /var/log/kubelet.log?
<simpson>
We are rapidly approaching the lower edges of my k8s knowledge, but maybe there's an obvious error in there. Basically, you got no Nodes. No Nodes means no Pods can be scheduled.
<therealwaphire[m>
of course, that's what I'm asking haha
<therealwaphire[m>
why are there no nodes when I've already assigned the role
<mog>
anyone here use go? i want to have a nix-shell where i can experiment and develop some packages before i actually go build real packages. the gopath is being set to /nix/store/8r2mnz1c8sxr8w38bc0ap212zp88ngl1-go-1.11.5/share/go/pkg/mod so its read only and doesnt work
<simpson>
therealwaphire[m: I don't know! Does your prospective node have a /var/log/kubelet.log?
hedning has joined #nixos
<therealwaphire[m>
I'm currently testing this so the same server is master as well as the node
<simpson>
Curious. I'm not sure what next, sorry; I have yet to set up my garage for figuring out this stuff myself.
<therealwaphire[m>
I understand
agander has quit [Remote host closed the connection]
<therealwaphire[m>
I'll look into it more and report back if I fix it
<therealwaphire[m>
if nothing works, I'll upgrade to 19.03 and see if the problem is still there
ym555 has quit [Ping timeout: 268 seconds]
hedning has quit [Quit: hedning]
<simpson>
Oh! I'd assumed that you were test-driving 19.03. A relatively serious rework of the k8s modules just landed there, IIUC, and I'm waiting for 19.03 to come out before I start playing around.
hedning has joined #nixos
<therealwaphire[m>
I see
illegalprime has joined #nixos
<therealwaphire[m>
in that case, let me try upgrading and I'll try the same thing again
<simpson>
Good luck.
hedning has quit [Client Quit]
<ixxie>
therealwaphire[m: there is also #nixos-kubernetes btw, in case this wasn't mentioned already
evanm has quit [Ping timeout: 256 seconds]
<therealwaphire[m>
damn
<therealwaphire[m>
it wasn't
<simpson>
Oh! That sounds useful.
<simpson>
There's also #kubernetes, but low-level questions about cluster management don't do well there.
<gchristensen>
ixxie: oh cool
<therealwaphire[m>
joined but the room has never been active
<judson_>
Hrm. I thought I understood how modules work...
<judson_>
config sets work like the toplevel configuration, right? Shouldn't I be able to use imports there?
<judson_>
Or is this peculiar to home-manager?
Arahael has joined #nixos
<infinisil>
judson_: What do you mean by config sets?
<gchristensen>
{ config = { ... }; } <- config can't contain imports, they have to be a peer to config
<ikitat>
is there a builtin equivalent to bash's `env`?
hedning has joined #nixos
<gchristensen>
what for?
hedning has quit [Client Quit]
<ikitat>
debugging
<infinisil>
ikitat: The only somewhat related thing is builtins.getEnv
<ikitat>
infinisil: which requires me to know the env I'm looking for, I'm curious about what is available
<gchristensen>
debugging what? There is no real utilization of the environment during Nix evaluation. maybe explain your problem little bit more?
<infinisil>
^
<clever>
,xy
* clever
pokes infinisil
* infinisil
pokes gchristensen
* gchristensen
pokes himself
<ikitat>
I'm trying to mount overlays into a target host via nixops. clever gave some help yesterday but I'm a bit lost
<clever>
ikitat: i think you want to copy a directory full of overlays to $out/overlays, and then set nixpkgs-overlays=/run/current-system/overlays in nix.nixPath
<ikitat>
clever: /run/current-system/overlays refers to the target host?
<clever>
yeah
{^_^} has quit [Remote host closed the connection]
{^_^} has joined #nixos
* gchristensen
pokes {^_^}
<gchristensen>
,tofu
yl has joined #nixos
<ikitat>
yeah, I was trying to understand where $out comes from and what other attributes are available. Sifting through code.
<clever>
ikitat: that part of the code is running under bash, so you can just `env ; exit 1` to see the vars
<ikitat>
ah, *smacks forehead*
<ikitat>
assuming that nixops is staging things on the host to be put into the guest environment...
<ikitat>
but it's hard to see what's happening. I'll keep pressing on
<ikitat>
thank you again
Makaveli7 has quit [Ping timeout: 244 seconds]
<clever>
nixops will build everything using normal nix, which can then either be built locally, or with build slaves (if enabled)
<clever>
and then it will copy the products to the remote targets
<gchristensen>
it sounds like you might have misunderstanding, and maybe we can help fix clarify?
<ikitat>
Okay, this is great, thank you. I hope I can contribute a bit to the documentation about how to get to this. It seems like deploying ad-hoc code would be a common need.
pbb has joined #nixos
<ikitat>
I don't know the NixOS documentation very well, but have been through nixpkgs, nixops, and nix manuals and would not have been able to get close to this without your help :)
Guanin has quit [Ping timeout: 259 seconds]
drakonis has joined #nixos
<clever>
ikitat: the path copying is a nix level feature, so i would expect it to be in the nix manual
<ikitat>
but injecting overlays via nixops is nowhere to be seen
<clever>
yeah, system.extraSystemBuilderCmds is much more of an internal thing i discovered by just reading the source of nixos
<clever>
but nix.nixPath is in the nixos options docs
drakonis_ has quit [Ping timeout: 250 seconds]
ij has joined #nixos
knupfer has quit [Ping timeout: 264 seconds]
winem_ has quit [Ping timeout: 272 seconds]
elgoosy has joined #nixos
<clever>
ikitat: and nixpkgs-overlays being in NIX_PATH to setup overlays, thats probably in the nixpkgs manual
<aanderse>
i grabbed a copy of pkgs/development/interpreters/php/ and put it in my home directory. made a few small modifications to php. then in my configuration.nix file i add this: services.httpd.phpPackage = (pkgs.callPackage /home/aanderse/php {}).php72;
<aanderse>
but when i build i get this error:
<aanderse>
error: attribute 'override' missing, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/services/web-servers/apache-httpd/default.nix:15:9
<aanderse>
i'm so confused because i'm passing php in the same way php is defined in pkgs/top-level/all-packages.nix
<aanderse>
anyone have any thoughts?
<clever>
aanderse: i think you want to use callPackages
* aanderse
looks at all-packages.nix again....
<aanderse>
:-D
<aanderse>
thanks clever!
<clever>
callPackage will add a .override to its return value, so the entire set php/default.nix returned, has a .override
<clever>
but when you .php72, the override is lost
<clever>
callPackages is a variant, that will add it to every attr inside the set instead
hedning has joined #nixos
<clever>
i would also say to use overrideAttrs, but given that apache is trying to do its own .override afterwards, overrideAttrs wont work right
<aanderse>
yeah that makes sense
<aanderse>
saved me some head banging on keyboard, thanks again :)
hedning has quit [Client Quit]
softinio has quit [Quit: Connection closed for inactivity]
<{^_^}>
If a Nix file foo.nix starts with something like `{ stdenv, cmake }:`, you can build it with `nix-build -E '(import <nixpkgs> {}).callPackage ./foo.nix {}'`
<grp>
hi. Porting a server to nixos I've stumbled upon a problem. In the server currently in production, there are many binaries and scripts with different group permissions and even setuid. When trying to replicate this in nixos I've hit a wall: nix store doesn't allow me to store them with custom permissions, not even root:root go-rwx. What mechanism should I use to achieve this?
tertl3 has quit [Remote host closed the connection]
<symphorien>
what use case do you have for specific permissions on non setuid executables ?
johanot has joined #nixos
<grp>
for example, many database query scripts and other utilities that run against core equipment
<symphorien>
you mean, they contain passwords ?
grumble is now known as `-_-`grumble
<grp>
some do, yes
<symphorien>
the nix store cannot contain secrets. put the secrets in a non nix managed file, and have the script take the file in arguments
johanot has quit [Remote host closed the connection]
<symphorien>
there is no real way around
<grp>
but even then, I'd like everyone to tab complete what they can actually run
<symphorien>
you can create a different PATH for each of them
<grp>
seems like I'll make a /local folder with everything there
drakonis_ has joined #nixos
<grp>
which kind of sucks... because I'll have to make wrappers to the real scripts, since I'm not going to maintain /nix/store paths to libs and such manually
<symphorien>
if they are not performance critical, you could use a #!/usr/bin/env nix-shell shebang
tertl3 has joined #nixos
<symphorien>
but instead I would purge the scripts of secrets, and package them in group1-utils group2-utils and so on
<clever>
i sometimes make shell.nix files, with a shellHook that will just `exit` at the end
<symphorien>
and then users in group1 install group1-utils in their profile
<symphorien>
but not group2-utils
<clever>
so when you try to run `nix-shell foo.nix`, it runs some things (impurely), and then exits
<symphorien>
so that they get the right tab-completion
<catern>
sob
ikitat has quit [Ping timeout: 272 seconds]
<clever>
and the env when running those things, is provided by nix-shell
<catern>
hydra's dependencies are incorrect
<catern>
how totally ironic
ng0 has quit [Remote host closed the connection]
drakonis has quit [Ping timeout: 264 seconds]
<grp>
symphorien: but then I'd have to tell everyone (or su -c) to update their profiles everytime I deploy a new script
<symphorien>
you can automate that in /etc/profile
ng0 has joined #nixos
<symphorien>
something like export PATH=$(extra-utils-for $(id -u)):$PATH
<symphorien>
where extra-utils-for is a shell function which chooses what to install
<catern>
geeze, is anyone even using the Perl support in Nixpkgs except for Nix and Hydra themselves?
<catern>
is there a convenient way to see a list of any packages depending on a given package in Nixpkgs?
<symphorien>
nox-review can inderectly tell you this
JosW has joined #nixos
tertl3 has quit [Remote host closed the connection]
ikitat has joined #nixos
[Leary] has quit [Remote host closed the connection]
Lears has joined #nixos
`-_-`grumble is now known as grumble
<catern>
sigh, to correct Hydra's dependencies I'm gonna have to package some perl :(
<clever>
catern: is it not packaged on either end? ive noticed desync between hydra's release.nix and the nixpkgs expression for it before
tertl3 has joined #nixos
<catern>
no it's just one of hydra's deps (the Starman web server) only loads a certain library if you try to use a specific feature, and I expect that no-one has tried to use this feature yet for Nixpkgs Starman, since the library it loads isn't even packaged
<catern>
(and so if you try to use this feature for Hydra - by setting the env var to turn it on - it crashes on trying to load the library)
<clever>
ahhh
<clever>
what is the feature?
<catern>
Starman supports passing down an already listening socket to it, systemd-socket-activation-style
<clever>
ah
drakonis has joined #nixos
drakonis_ has quit [Ping timeout: 258 seconds]
<clever>
there are also 2 different ways systemd can do that
<clever>
either systemd does accept() always, and launches a new worker for each connection
drakonis_ has joined #nixos
<clever>
or systemd waits for a connection attempt, then spawns the real daemon, and gives it the listening socket
<catern>
(Starman's support predates systemd so it uses neither of those ways, but it's enough support that I can write a tiny wrapper to make it compatible)
<catern>
well - it's the second approach (pass in already listening sockets, with the fd numbers in an env var) just with a different env var from what systemd uses
<clever>
catern: ahh
drakonis has quit [Ping timeout: 264 seconds]
<samrose_>
if I want to use `nixpkgs.writeShellScriptBin` then I probably do not want to set an env var like this in that script eh? `export RUST_SODIUM_LIB_DIR=/nix/store/l1nbc3vgr37lswxny8pwhkq4m937y2g4-libsodium-1.0.16;`
<asymmetric>
bsima: that defines the systemd service, but in my case, the systemd service is in a package, and the module should enable it and start it
<asymmetric>
or maybe it should actually redefine it? not sure, that seems error prone
<shazow>
anyone able to get chromecast streaming with vlc on nixos? I just get "searching..." forever, is there another service I need to enable? chrome browser is able to chromecast just fine though
drakonis_ has quit [Ping timeout: 257 seconds]
hedning has joined #nixos
matijja has joined #nixos
feepo has joined #nixos
illegalprime has joined #nixos
samrose_ has quit [Quit: Konversation terminated!]
samrose_ has joined #nixos
samrose_ has quit [Client Quit]
samrose has joined #nixos
jb55 has quit [Ping timeout: 245 seconds]
<asymmetric>
bsima: that's the nixos nginx module, not sure if it matches what i'm trying to do
xeji has quit [Quit: WeeChat 2.2]
oida has quit [Ping timeout: 256 seconds]
schjetne has joined #nixos
Guanin has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
tertl3 has quit [Remote host closed the connection]
Guanin_ has joined #nixos
schjetne has quit [Ping timeout: 246 seconds]
asymmetric has quit [Ping timeout: 268 seconds]
Guanin has quit [Ping timeout: 245 seconds]
o1lo01ol1o has quit [Ping timeout: 250 seconds]
Guanin_ has quit [Ping timeout: 258 seconds]
reallymemorable has quit [Ping timeout: 244 seconds]
reallymemorable has joined #nixos
<cbarrett>
hello. nixops question. has anyone thought of using a docker image to store the nixops state file? Check my assumptions please, but I think everyone could share the same image for read operations, for any changes you would need to push a new version of the image. This is assuming I have a private registry already (I do)
<clever>
cbarrett: the problem with any idea like that, is that if 2 people mess with the state file at the same time, you get merge conflicts, and aws resources can get lost, and never destroyed, running up a bill
arjen-jonathan has quit [Ping timeout: 252 seconds]
<cbarrett>
that's true
<cbarrett>
my thought was that CI would do most writes and right now the only other user is me. so it wold work
shibboleth has quit [Quit: shibboleth]
elgoosy has quit [Remote host closed the connection]
<clever>
cbarrett: i would recomend just having a central box that you run nixops on, and maybe have an api to remotely trigger `git pull` and `nixops deploy`
<cbarrett>
curious why? it seems silly to have to have a machine to get more machines
<clever>
cbarrett: thats just how nixops is currently designed
oida has joined #nixos
jb55 has joined #nixos
charukiewicz has joined #nixos
<ottidmes>
samrose: this line is the problematic one: failed to open: /homeless-shelter/.cargo/git/.cargo-lock-git
<charukiewicz>
Has anyone here encountered issues with their Haskell project building twice in a row when using cabal2nix + nix-build? Is there some parameter that needs to be set to prevent this?
drakonis_ has joined #nixos
<ottidmes>
samrose: you should change HOME in your build to point it to some writable location
<samrose>
ottidmes: hmm thank you I will see if I can figure that out
<samrose>
charukiewicz: when I encounter buildign twice, for me it has usually been due to issies with recursion in my code
<charukiewicz>
I have two executables defined in my .cabal file, but they both reference the single library definition that contains most of the modules. Could that be it?
drakonis1 has joined #nixos
drakonis has quit [Ping timeout: 258 seconds]
<clever>
charukiewicz: that design is how you prevent it from building twice, can you pastebin the build log?
<samrose>
ottidmes: so you are saying with that example that running a `mkdir` creates a dir that the package build process will have access to write to?
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
<charukiewicz>
clever: sure, one moment, let me rebuild. We're at 179 modules in this project, and have moved from stack to nix now that we're about to deploy it. This double-build really slows things down.
<LnL>
clever: I sometimes wonder, do you do that with everybody or just me? :p
<softinio>
clever: did you see my earlier question? Any ideas? You think I should post it on discourse?
waleee has quit [Ping timeout: 246 seconds]
<laas>
clever: that doesn't seem to have built-in functions actually
<clever>
LnL: my irc client only highlights if my name is at the start, so i dont always think about others names being in the middle of a msg
<drager1>
Is there anything like "build-essential" present in nix?
<laas>
in general I feel like nixos has way too little documentation tbh
<clever>
drager1: nix-shell -p
<clever>
softinio: i dont know the vim plugin framework that well
<__monty__>
What is this, gang up on clever with questions hour? : )
<softinio>
on the subject of irc clients is weechat the most recommended these days? Currently using irccloud but I want to change to something more local
<softinio>
clever: ok thanks
<clever>
softinio: i still use irssi
<softinio>
ok
<LnL>
clever: mine includes everything unless there's no word boundary to avoid partial matches
<clever>
LnL: ah, i'll try to avoid pasting you too much
ixxie has joined #nixos
<laas>
softinio: you can also use a matrix client with the matrix bridges like I do
<laas>
the benefit is that you don't have to have an IRC client open 24/7 if you don't want to miss messages
drakonis_ has quit [Ping timeout: 264 seconds]
<clever>
laas: i run irssi on a box that is basically dedicated to irc (and its also an old 4tb nas)
drakonis1 is now known as drakonis
<drager1>
clever: Thanks
<LnL>
clever: it's fine, but I do get confused sometimes when seeing my own messages in the morning :)
<LnL>
for builtins there might be some documentation in the nix manual
<LnL>
but a bunch of functions have a non native fallback in lib so most of them are probably there
hamishmack has joined #nixos
selfsymmetric-pa has quit [Remote host closed the connection]
<ddellacosta>
is there any recommended way to add a script to a given profile so you can e.g. use scripts for udev actions and whatnot? The only example I found of that was kind of a hack. More generally, what is the sanctioned way to add your own packages to the system so they can be used by more than one profile?
<ddellacosta>
I know the basics of how to create a new derivation, I'm mostly just confused about how that fits into profiles
<drager1>
Hmm, pkg-config can't find openssl on my nixos (a lib is compiled that checks with pkg-config). Is there anything special in nix I need to do?
<drager1>
I have installed openssl and pkg-config
drakonis_ has quit [Ping timeout: 264 seconds]
<clever>
,libraries drager1
<{^_^}>
drager1: Don't install libraries through nix-env or systemPackages, use nix-shell instead. See https://nixos.wiki/wiki/FAQ/Libraries for details.
<clever>
drager1: you want `nix-shell -p openssl pkgconfig`
<drager1>
clever: That works
<drager1>
Amazing, thanks
<drager1>
Will check the docs {^_^}, thanks
<manveru>
{^_^}++
<{^_^}>
{^_^}'s karma got increased to 154
<clever>
heh, the bot has more karma then i do!
<manveru>
clever++
<{^_^}>
clever's karma got increased to 98
<manveru>
damn man, time to welcome our new robot overlords
<ddellacosta>
symphorien: I'm not asking about udev
rcshm has quit [Remote host closed the connection]
<symphorien>
ah I reread you message
<symphorien>
you should hardcode the store path of the script in the udev rule
<disasm>
my karma is down in the dumps, lol :)
drakonis_ has joined #nixos
orivej has quit [Ping timeout: 246 seconds]
drakonis_ has quit [Client Quit]
erasmas has quit [Quit: leaving]
<infinisil>
clever: I think I tested the karma implementation with {^_^} at some point :P
<clever>
thats what i was guessing
lopsided98_ has joined #nixos
o1lo01ol1o has joined #nixos
lopsided98 has quit [Ping timeout: 252 seconds]
<ddellacosta>
hmm I guess I can maybe just use nix-env -f and specify the system profile using -p to install a custom script system-wide? Is that a bad idea?
<clever>
ddellacosta: very, the system profile only works with --set, and using -i or -e will break it
<ddellacosta>
clever: ah okay. Then I guess I'm still confused as to what the right approach is
<symphorien>
you can use environement.systemPackages
<clever>
ddellacosta: your only options are to manually add it to the systemPackages array, or use roots profile (just nix-env -i as root)
<bgamari>
gchristensen, have you looked at the packet iscsi situation at all?
<ddellacosta>
okay, thanks clever
<bgamari>
gchristensen, also, I think NixOS is still stuck at 18.03
<gchristensen>
bgamari: mind pinging Packet support about that?
<clever>
what iscsi features/options does packet.net have?
<gchristensen>
it provides block storage over iscsi
<clever>
ah, like EBS on AWS
<gchristensen>
yeah
<bgamari>
gchristensen, sure
wfranzini has quit [Remote host closed the connection]
<clever>
ive got a nixos module for connecting to iscsi during the initrd, probably need to update it
o1lo01ol1o has quit [Ping timeout: 255 seconds]
wfranzini has joined #nixos
<clever>
it was originally meant for root on iscsi, but nothing says it cant be non-root
* bgamari
wrote one at some point as well but I suspect clever's is better
<clever>
bgamari: main problem with this, is that it predates the initrd having proper network, so i peek at the static ip config, and bring the network up with `ip`
<bgamari>
mine is somewhat packet-specific
<gchristensen>
bgamari: I sent them new images of couple weeks ago, but they've been a bit swamped.
<gchristensen>
so getting some ticket traffic will help :-)
<clever>
bgamari: mine was originally to netboot an rpi, and i later used it to netboot a laptop as well
<bgamari>
gchristensen, done
<gchristensen>
thanks
ixxie has quit [Ping timeout: 245 seconds]
<bgamari>
clever, cool
ixxie has joined #nixos
<clever>
bgamari: when i was netbooting the rpi, it still had /boot/ on an SD card, but later on with the laptop, it had a non-netboot grub, in the MBR of the iscsi image
<clever>
bgamari: and ipxe is able to re-route the legacy bios routines for reading the hdd, so grub thinks its a local hdd, but its actually iscsi
* bgamari
has a macchiatobin which he would like to netboot
<bgamari>
unfortunately I've had trouble getting the ethernet PHYs to detect carrier
selfsymmetric-pa has quit [Disconnected by services]
elfsymmetric-pas has joined #nixos
elfsymmetric-pas is now known as selfsymmetric-pa
selfsymmetric-pa has quit [Disconnected by services]
elfsymmetric-pas has joined #nixos
<clever>
mdash: its also got a 484sx, so it can be difficult to even run some software, due to the lack of an FPU
<mdash>
clever: hardly even a computer
schjetne has quit [Ping timeout: 250 seconds]
eadwu has quit [Quit: WeeChat 2.4]
<mdash>
wonder which is faster, a 486sx or a Cortex-M0 emulating one
<clever>
mdash: this is also one of those weird machines, where the config for the bios, is a special parittion on the hdd
<clever>
mdash: so if this drive fails, i'm never configuring the bios again
eadwu has joined #nixos
<softinio>
laas: thx for tip what exactly is matrix i have seen people talk about it but have never looked into it? Any particular client for matrix u recommend?
<Guest40768>
softinio: It's a federated chat system with bridges onto other networks
Guest40768 is now known as adamt
adamt has joined #nixos
adamt has quit [Changing host]
sondr3 has joined #nixos
<clever>
softinio: from this end, all i know of matrix is that its the thing that spams the channel every time the server crashes, and 200 people disocnnect
<softinio>
clever: lol
<mdash>
irccloud is the same way :)
dbmikus_ has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<clever>
which is why i prefer to host my own kind of thing like that, just run irssi in screen on a server
<mdash>
i can't make up my mind, i'm in a bunch of other channels using matrix but i use irssi here
<mdash>
(not least because this channel is large and very active, thus bloating my server db)
camsbury_ has quit [Remote host closed the connection]
<clever>
the irc logs for this machine are ~5gig
camsbury has joined #nixos
<jabranham>
how would I do "nix-shell -p <something>" so that I have a shell with R and some R package I specify (e.g. ggplot2)?
<elfsymmetric-pas>
My PR is kind of dead here, just crickets. Not sure what else needs to be done. If anyone could take a look I'd appreciate it. https://github.com/NixOS/nixpkgs/pull/54443
<softinio>
clever: yeah running irssi or weechat on my vps and using it via tmux is what I am aiming for
<softinio>
but will take a look at matrix
endformationage has quit [Ping timeout: 255 seconds]
drewr has quit [Ping timeout: 252 seconds]
<bsima>
so i have a set of packages like "{ mypkg = import ./mkpkg.nix{}, ... }", what is the best way to extend existing <nixpkgs>.pkgs with my set of packages?
kreisys has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
kreisys has joined #nixos
arjen-jonathan has quit [Ping timeout: 264 seconds]
<mdash>
bsima: make it an overlay, probably
aanderse has quit [Remote host closed the connection]
<bsima>
oh hm
shibboleth has joined #nixos
BlessJah has quit [Remote host closed the connection]
elfsymmetric-pas has quit [Remote host closed the connection]
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
BlessJah has joined #nixos
dbmikus_ has quit [Ping timeout: 250 seconds]
camsbury has joined #nixos
rcshm has joined #nixos
BlessJah has quit [Remote host closed the connection]
jfroche has joined #nixos
<ottidmes>
if I want to override some files in Nixpkgs, but only during the duration of running some Nix code, what are my options? scopedImports cannot be used, since its already being used. I am thinking of maybe trying libredirect, although its a hack, it seems less error prone that creating a backup, changing it, and restoring the file afterwards
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
slack1256 has quit [Remote host closed the connection]
freeman42y has joined #nixos
ikitat has quit [Ping timeout: 255 seconds]
dermetfan has quit [Ping timeout: 255 seconds]
<mdash>
ottidmes: what shenanigans are you trying to achieve?
freeman42x has quit [Ping timeout: 258 seconds]
<ottidmes>
mdash: I have a generic nixpkgs update tool, if my nix-prefetch tool can prefetch the package, it can be updated too (in almost all cases, there are always some limitations/exceptions), but besides changes done too a fetcher call (i.e. fetchFromGitHub), you might also want to change bindings
camsbury has quit [Remote host closed the connection]
<ottidmes>
mdash: a prime example being some version binding in the package rec attrset or let binding
init_6 has quit [Ping timeout: 255 seconds]
camsbury has joined #nixos
<ottidmes>
mdash: so I now I am a bit stuck on how to combine these two tools, because changing those bindings can effect the fetcher arguments as well
<ottidmes>
for example, the version is being used in the url passed to fetchurl, a common occurance
<ottidmes>
this will then impact the hash reported by nix-prefetch
<LnL>
I've used a weird hack for something like that, but I doubt the principle is usable
<ottidmes>
and my update tool, nixpkg-update (not sure about the name yet), can update any of the fetcher arguments succesfully, but it needs the output of nix-prefetch for this to work. So right now I would have to call nix-prefetch, get the information necessary to make nixpkg-update work, then I can change the bindings in the file, then I have to call nix-prefetch again, this time actually calculating the hash, then I
<ottidmes>
have the actual changes I want to apply to the file
<ottidmes>
LnL: problem is, nix-prefetch is already using scopedImports internally, otherwise I could just use it to hijack the import calls and in case it imports the files I want changed, point it to the changed files
camsbury has quit [Ping timeout: 244 seconds]
BlessJah has joined #nixos
vidbina has joined #nixos
<LnL>
yeah, I think what you need is something that walks the ast
<ottidmes>
already have that, my nixpkg-update tool does all that
<ottidmes>
its more that nix-prefetch, the second call, needs to see the intermediate changes done to the file
<LnL>
not sure I'm following then
_kwstas has quit [Quit: _kwstas]
<ottidmes>
basically its like you want to make changes to a file, but to determine the changes you want to apply to the file, you need to apply some other changes first, but you want those changes not to be persistent
Makaveli7 has quit [Read error: Connection reset by peer]
Makaveli7 has joined #nixos
ixxie has quit [Ping timeout: 245 seconds]
<ottidmes>
right now this would work: nixpkg-update "$(nix-prefetch hello --no-compute-hash --output expr)" --version 2.9 (this only changes the version binding, the prefetch call is just used to get location information), then you would need to call: nixpkg-update "$(nix-prefetch hello --output expr)" (this time around, since the version binding was changed, the new hash can be calculated). I am trying to combine these
<ottidmes>
two calls
dckc has quit [Remote host closed the connection]
<clever>
bgamari: uhhh, do i even have a floppy drive on a modern system.....
o1lo01ol1o has quit [Remote host closed the connection]
<clever>
sondr3: and donttttttt forget to umount before yyyyou unplug it
simukis has quit [Quit: simukis]
<sondr3>
too late, im writing this from a toaster now
<vaibhavsagar>
does a nixos-container write to the host /nix/store?
<vaibhavsagar>
relatedly, can I configure a nixos-container so the host /nix/store is not enumerable?
<vaibhavsagar>
i.e. the container can access a known path but not list all paths
<ottidmes>
how do I get the path to a library in NixOS, ldconfig does not seem to work (I am in nix-shell -p libname)
<clever>
vaibhavsagar: nixos-container will share the host store and nix-daemon with the guests
<clever>
ottidmes: the libraries are in $NIX_LDFLAGS
<vaibhavsagar>
hmm, so anything that's built in the container will go into the host store as well?
<clever>
ottidmes: the cc-wrapper around gcc makes it obey that, so gcc -lname can just find things
<clever>
vaibhavsagar: yeah
<vaibhavsagar>
is there another way to provide this kind of isolation besides e.g. docker?
<vaibhavsagar>
that means I can't really use nixos-container to provide isolation if so
<ottidmes>
clever: thanks! any way to process it easily, not thats really hard to write some shell loop that goes over it, is the loop thing my only option?
<clever>
vaibhavsagar: what kind of isolation do you want? because not even docker is really good at that
<vaibhavsagar>
ideally I would like something like a chroot, but running nixos
<clever>
ottidmes: why exactly do you need the path to a given library?
<vaibhavsagar>
we're trying to provide access on one of our build servers to a third party, without giving them access to our client work in /nix/store
<furrycatherder>
how are things usually patched to find the right locale?
<clever>
furrycatherder: an env var like this is setup by things like bashrc
<ottidmes>
clever: good question :P thinking about it some more, its way easier to just nix eval to get the path, but to answer your question, I need it to iterate fast over my program without the need for building it after each change, the only hardcoded path would be that of the .so file I want to LD_PRELOAD
<furrycatherder>
clever: do things need to be patched to look at LOCALE_ARCHIVE?
<elvishjerricco>
vaibhavsagar: I don't think nixos-container has what you need. You could maybe figure out how to mess with systemd-nspawn to get it, but the systemd folks claim nspawn should NOT be considered a security measure
<clever>
furrycatherder: i think glibc always obeys that
<elvishjerricco>
vaibhavsagar: (for reference, nixos-container is based on systemd-nspawn)
<clever>
elvishjerricco: docker also says docker is not a security measure
<elvishjerricco>
clever: Really? That link above was from 2014. Is that still their policy?
<furrycatherder>
clever: i'm building the yocto sdk and their perl is complaining about missing en_US, i noticed glibc only has en_GB...
<clever>
ottidmes: and you cant just run something like `make` in nix-shell?
<clever>
furrycatherder: at build time, you want to add glibcLocales to your nativeBuildInputs
<vaibhavsagar>
elvishjerricco: thanks
<ottidmes>
clever: its a bash script, but I could probably use make to build the bash script, but then I wont be winning much over having to call nix-build or make, this way I can just change and immediate see the effects of my changes like normally with a script
<elvishjerricco>
vaibhavsagar: I'd probably just spin up a qemu for them, bind mount the paths you need into some directory, and share that directory with the VM somehow
<clever>
ottidmes: yeah, i'm thinking you want something like nix eval or just plain nix-build
<vaibhavsagar>
that's a really good idea
<elvishjerricco>
vaibhavsagar: `nix path-info -r /nix/store/...` should tell you the exact list of paths you need for that.
<elvishjerricco>
or `closureInfo` if you need it in a nix expression
<LnL>
ottidmes: import from derivation allows you to literally change the expression as long as your logic can run inside a nix build
Ariakenom has quit [Quit: Leaving]
<noonien>
is there any way to pin certain versions of packages?
schjetne has joined #nixos
hyperfekt has joined #nixos
work_ has joined #nixos
shibboleth has quit [Quit: shibboleth]
<ottidmes>
LnL: I don't mind IFD or even bulitins.exec, but the problem with what you suggests is that it does limit the reach of the tool a bit, right now it can update any fetcher call, it does not even have to be part of a package. Right now I am trying libredirect, but if that does not pan out, I might try your suggestion, thanks!
<hyperfekt>
Does anyone know of a way to add package dependencies, as in when x is installed, also install y and z? Supplying the packages at build time or patching paths won't do, unfortunately.
<hodapp>
anyone running Dropbox? When I try to actually start it it fails with "ImportError: libglapi.so.0: cannot open shared object file: No such file or directory"
<hodapp>
why dropbox needs that library is beyond me
<simpson>
,runtime
<simpson>
,runtimeDeps
<{^_^}>
In order of preference: Patch source OR ((if it uses PATH -> wrap with new $PATH) AND (if it uses dlopen, (patchelf --set-rpath in postFixup OR wrap with new LD_LIBRARY_PATH)))
<simpson>
Hm. Not the one I wanted.
<ottidmes>
noonien: you can override a package to pin it to a version, but its dependencies will still update, if you don't want that, you could just pin nixpkgs to that point of time, but that does bring with it security risks by not updating
<simpson>
hyperfekt: Does propagatedBuildInputs work? How are the dependencies used at runtime?
<clever>
simpson: propagatedBuildInputs doesnt have any impact on the runtime of packages
schjetne has quit [Ping timeout: 246 seconds]
<hyperfekt>
simpson: The dependencies are called by scripts which are written once when the program is called. Specifically I'm looking at transcrypt, which seems to be a real edge case for Nix. https://git.io/fhFxv
reallymemorable has quit [Quit: Lost terminal]
<hyperfekt>
simpson: If we were to hardcode the paths no update would reach ever be applied and the functionality would break on all systems that don't have the same packages in the store.
slack1256 has joined #nixos
<hodapp>
also, where should one even find libglapi.so.0?
<hodapp>
looks like it's in mesa_noglu.... but I feel like this is a minefield I've trod before
<ottidmes>
,locate libglapi.so
<{^_^}>
Found in packages: libGL_driver, driversi686Linux.mesa_drivers
<simpson>
clever: Yeah, it was a pretty stupid guess.