<arcnmx>
There is https://github.com/NixOS/nix/issues/2236 which potentially interacts or may naturally help with the problem if implemented, but I hadn't found any real specific mention of it in issues or documentation.
<pie_>
just explains more about what one can do with access
<pie_>
arcnmx, yeah ok i dont see an issue either with a quick skim, you could try opening one
Copenhagen_Bram has quit [Read error: Connection reset by peer]
ardumont has joined #nixos
<arcnmx>
Yeah I did find that, though it only asks about shell access. It seems to be a reasonable enough question, how to constrain RCE of build users to nix daemon/sandboxed operations. The problem being if the user needs to be trusted by the daemon, you're basically giving away root to machines and even advised that they keys be stored on disks without a passphrase. At that point limiting ssh doesn't mean much ._.
winem_ has quit [Ping timeout: 250 seconds]
<pie_>
i mean, code exec is code exec
<pie_>
that seems to be the general thing with computers
<arcnmx>
(the answer anyway there probably is to keep build machines isolated/virtualized/etc. for various reasons, but you still have the problem that all build users with access to the same build server have to also implicitly trust each other)
nixy is now known as Guest13185
<pie_>
I dont know enough about how this stuff works to say anything
nixy has joined #nixos
<arcnmx>
Mm, well, it probably at least could use an issue and some mention in documentation. It currently seems unclear that naively/casually setting up a build machine requires giving up more control than one would expect from the way the nix daemon works with local users.
<{^_^}>
[nixpkgs] @matthewbauer opened pull request #60552 → binutils: apply patch when cross compiling from darwin → https://git.io/fjZOP
<pie_>
please do
* arcnmx
nods
<gchristensen>
hrm I thought it was documented pretty nicely in the "trusted-users" docs?
<gchristensen>
(by all means yes)
<{^_^}>
[nixpkgs] @risicle opened pull request #60553 → pythonPackages.asyncssh: 1.15.1 -> 1.16.1, fixing build with some caveats around ec25519 support → https://git.io/fjZOD
o1lo01ol1o has joined #nixos
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/fjZOS
<arcnmx>
gchristensen: trusted-users is indeed documented fine, what was unclear to me is that remote builders need to be trusted to begin with, which seems to change the security expectations of remote building a fair bit. The docs and wiki do not seem to mention this at all.
shibboleth has quit [Quit: shibboleth]
<arcnmx>
(the wiki has a troubleshooting footnote that says "If on NixOS, make sure your account is in nix.trustedUsers in /etc/nixos/configuration.nix" but isn't clear whether it's referring to the "local" machine where this is reasonable and expected, or the "remote" account, which to me is surprising and unnecessary)
<{^_^}>
[nixpkgs] @dtzWill opened pull request #60554 → nanum-gothic-coding: move to where most fonts are (NFCI) → https://git.io/fjZOF
<arcnmx>
My assumption was that since untrusted/allowed local users can initiate builds through the daemon, doing so over ssh with the distributed build functionality would work the same way without having to change to a less secure configuration.
<clever>
yeah
Copenhagen_Bram has quit [Read error: Connection reset by peer]
<arcnmx>
I understood there would be drawbacks to setting it up that way without trusting the user (preventing remote users from supplying binary substitutes for example), but did not expect that it would be disallowed and prevented entirely. The subsequent error message was also unclear to me, since the user does indeed have permission to build derivations under normal circumstances.
<{^_^}>
#57062 (by SchrodingerZhu, 7 weeks ago, open): nvidia building failure for linux 5
<fresheyeball>
\q
fresheyeball has quit [Quit: WeeChat 2.2]
rooke has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
snajpa has quit [Ping timeout: 258 seconds]
bikes has joined #nixos
mexisme_ has joined #nixos
snajpa has joined #nixos
dsiypl4 has quit [Ping timeout: 250 seconds]
<arcnmx>
What is a {memory:} gcroot?
<arcnmx>
presumably the memory of... the daemon? something else?
o1lo01ol1o has quit [Ping timeout: 258 seconds]
roconnor has joined #nixos
parsnip has joined #nixos
<parsnip>
hmm, strange i could freely change the nixos configuration file from a set to a function
Ariakenom has quit [Quit: Leaving]
<roconnor>
Hi everyone, recently (last month or so) I have a problem where using Alt-Tab to switch windows in KDE causes 'kwin_x11' to crash.
<roconnor>
I tried reverting to an older generation of NixOS but now the old generation has kwin_x11 crash immediately on startup.
<roconnor>
Presumably it is some sort of qt upgrage thing gone awry. Is there some way I should be nuking my personal kde folders/setting to reset everything? Would that help?
<roconnor>
Even starting sddm required me to remove /var/lib/sddm/.cache
<roconnor>
Hmm, also the "present windows" corner effect doesn't seem to be working.
<arcnmx>
samueldr: I guess my question is what is "anything" in this case, is it scanning /proc/*/mem for the system, and what does the number represent?
<samueldr>
no idea about the number, but yes, memory
bikes has quit [Ping timeout: 255 seconds]
<samueldr>
though uh, [citation needed] on "yes, memory"
<iqubic>
Also, different question: I'm staying usually live in the PST time zone, but I'm going to be vacationing for a week in the EST timezone. My Nixos laptop hasn't updated the time to the correct timezone. Should I do that myself or what?
<arcnmx>
samueldr: makes sense, I was mostly curious because I was trying to --delete/query a store path and it was the delete command itself including the path in its command line that was getting caught as a live reference!
<clever>
arcnmx: nix-store --delete /nix/store/foo will not depend on foo, for obvious reasons
<clever>
but, sudo nix-store --delete /nix/store/foo, will result in sudo "using" it, so it can never be deleted
<arcnmx>
clever: yeah, the problem looks like findRuntimeRoots checks environ vars of all processes and sudo exports its commandline as SUDO_COMMAND so got flagged as a reference
<clever>
it also checks the argv
<clever>
but you dont need sudo to delete paths
<clever>
so just dont sudo it
<roconnor>
iqubic: FWIW, kde's clock application can be configured to have the middle mouse wheel scroll between different displayed timezones. That is usuallly good enough for me, but the system timezone is defined in you configuration.nix file.
<clever>
roconnor: i can also reconfigure the xfce clock to show any 1 timezone, and i can put multiple clocks onto a single taskbar
<clever>
so i have 4 clocks on-screen, each showing a different timezone
<arcnmx>
clever: hm, does it? cmdline isn't referenced there from a cursory glance, and I didn't see the same behaviour with any tool other than sudo
<clever>
arcnmx: i think its because the nix deleting the path will exclude itself from the gcroots, but the sudo that started it isnt excluded
<arcnmx>
and yeah, easy to work around once I realised why it was happening, just needed a user with daemon access and was curious
<iqubic>
roconnor: I'm running EXWM.
<iqubic>
But also, it's just a single week, I'm not sure how bad it will be to have the wrong time for a week.
<roconnor>
ah well. The larger point is that you can probably configure your clock to display your visiting timezone; but commands like `ls` won't be affected unless you reconfigure your systems timezone in configuration.nix.
dave_uy has quit [Quit: Ping timeout (120 seconds)]
<iqubic>
Should I reconfigure my timezone in configuration.nix?
ricekrispie2 has joined #nixos
<iqubic>
Will this cause lasting system damage?
dave_uy has joined #nixos
<samueldr>
how often do you use your computer's clock as your main clock?
<samueldr>
or how likely are you to use it during the trip?
<iqubic>
Well, when I'm at home it's almost 100% my main clock. While I'm on my trip, I won't be using my computer except late at night.
<samueldr>
probably no need to futz with timezones anywhere, I'd bet
<iqubic>
I won't change the timezone, it's fine.
ricekrispie has quit [Ping timeout: 258 seconds]
<roconnor>
iqubic: internally Linux uses UTC for everything, so changing the system time generally only changes how things are displayed. There should be no lasting effect if you choose this.
<iqubic>
That is the answer I was looking for. Thanks.
<clever>
iqubic: you can even `export TZ=America/Halifax` to affect only the programs in one shell
<iqubic>
Well, I'd chose TZ=America/Montreal, as that's where I am.
<iqubic>
I don't know what I did with Alsamixer, but now nothing is working. My laptop's built in microphone isn't working, and neither is the external one I had connected by bluetooth.
<iqubic>
The external bluetooth mic was working until literally a moment ago.
<clever>
keep doing things!
<iqubic>
Wait... No. That wasn't working before either.
<jasongrossman>
Does anyone have any experience with connecting a USB (or FireWire) audio interface to a NixOS machine? I'm about to buy one. (The former, not the latter.)
<teto>
gchristensen: I have an XPS like you do. Did you manage to upgrade the bios by copying the .exe to /boot/EFI ? or by using fwup. I am looking at your blog and will go the usb-key way for now
<qyliss^work>
klntsky: check out the mozilla rust overlay
jakkn has joined #nixos
fendor_ has joined #nixos
<klntsky>
qyliss^work: ah, I didn't mention that I wanted to contribute a package to nixpkgs. And I don't see any packages using nixpkgs-mozilla out there.
<qyliss^work>
Oh
<qyliss^work>
I don't believe there's a good way of doing that
<fendor>
What is the state of localization in nixos? E.g. I am having troubles using unicode on NixOs 19.03 KDE. I can not seem to enter them into konsole, neither kitty, and the latter is definitely capable of using unicode.
<fendor>
Thus, sometimes applications die if they output unicodepoints
<fendor>
FRidh, I didnt review my console font, that might change it!
linarcx1 has joined #nixos
<andi->
klntsky: never done that but that but there is a newer argument to buildRustCrate that allows you to pass additional compiler flags. Maybe you can enable nightly features with that? (extraRustcOpts that is)
<teto>
first time using fwupd, gosh that's cool ! was getting mad at dell for the seemingly no instructions for linux whereas XPS is advertised as linux friendly
<{^_^}>
[nixpkgs] @thefloweringash opened pull request #60621 → stlink: fix Darwin build → https://git.io/fjZlh
<jakkn>
hi, I just lost network on a fresh nixos install on a laptop using NetworkManager. It was working before I lost power (no low power notification) but now I find no networks. ifconfig reports only interface 'lo'. NM logs end with "No agents were available for this request." Any ideas?
Ariakenom has joined #nixos
<jakkn>
no new software installed or configs changed
<{^_^}>
[nixpkgs] @rycee pushed commit from @jansol to release-19.03 « pycdio: fix build »: https://git.io/fjZ8C
<AlexRice[m]>
Does your laptop have a button to turn off the wifi controller?
goibhniu has joined #nixos
<AlexRice[m]>
mine does and I always accidently press it and wonder for ages why i can't connect to anything
<{^_^}>
[nixpkgs] @thefloweringash opened pull request #60623 → openocd: update libftdi dependency, fix Darwin build → https://git.io/fjZ8l
<jakkn>
it's a Lenovo Yoga 710-14IKB. There's an airplane mode key, but I have no drivers for the special keys so I assume they do not work
<jakkn>
they're all fn keys
<AlexRice[m]>
Could try pressing it anyway
<jakkn>
no effect
<AlexRice[m]>
My special keys worked without any setup
<AlexRice[m]>
was worth a try
<jakkn>
scratch that, the logs say different
<jakkn>
state now 'unblocked'
<AlexRice[m]>
does nmcli just have lo?
<jakkn>
yes
jasongrossman has quit [Ping timeout: 245 seconds]
<AlexRice[m]>
Ah, I really don't know then, sorry
<Twey>
How do I generate Gemfile.lock for bundlerApp?
<adisbladis>
Twey: It should already be in the upstream sources?
<Twey>
adisbladis: I want to add a dependency… I'm trying to create a version of asciidoctor that has https://github.com/riboseinc/asciidoctor-bibliography . That package says I just need to add a thing to my Gemfile, but I guess I then need to update Gemfile.lock
<Twey>
https://nixos.wiki/wiki/Packaging/Ruby just says ‘# generate Gemfile.lock’ which doesn't help me :þ I presume there's some kind of Ruby command that creates a Gemfile.lock given a Gemfile, but I don't know what it is
<adisbladis>
Twey: Then I guess you're gonna have to do a `bundle install`
<Twey>
`bundle update` doesn't seem to work on NixOS — it expects some store directory to be writeable
<Twey>
Same with `bundle install`
<fendor>
can I allow broken for a single invocation of nix-shell?
<sondr3>
I'm having some trouble creating shell completions from a CLI tool I'm packaging, when I try to run it and generate shell completions I get `bug: mkdir /homeless-shelter: permission denied`, any idea what that means?
<gchristensen>
it is trying to write data at $HOME which does not exist
<{^_^}>
[nixpkgs] @etu opened pull request #60630 → emby: Drop package and module and refer to jellyfin → https://git.io/fjZ4t
<sondr3>
oh, okay, then I'll just create a temporary home
<sondr3>
thanks gchristensen, that worked like a charm
ng0 has joined #nixos
<teto>
gchristensen: well I tried copying in various places but during the "Flash from file" prompt it doesn't see any of the file. fwupd worked just perfectly
<gchristensen>
nice
<teto>
now trying to disable the "Dynamic Backlight Control" that drives me crazy but looks like it is not possible from linux
<gchristensen>
I took another route for updates, too, which is just booting Win10 off a USB disk and installing from that
<gchristensen>
you have the 9380?
<gchristensen>
that is changable from the firmware interface
<teto>
9365 2 in 1 but the "DBC" has been here for long
<gchristensen>
ah
<teto>
how could anyone find this thing useful ? like you open a menu and the whole screen color changes ffs xD
<gchristensen>
...no idea.
domogled has joined #nixos
dslegends has joined #nixos
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
linarcx2 has quit [Ping timeout: 258 seconds]
<gchristensen>
I tried for a week to get used to it, just in case it was a "thing I'm grumpy about but is actually pretty cool" thing ... but I couldn't.
cmacrae was kicked from #nixos by gchristensen [cmacrae]
<sondr3>
wut
<andi->
that was swift action.. Still tried to figure out what was going on
cmacrae has quit [Remote host closed the connection]
<gchristensen>
I've made that mistake enough times to know exactly what happened :P
<emilsp>
is the passff-host package broken? My firefox's pass plugin can't reach pass.
<sondr3>
as an IRC noob, what happened?
cmacrae has joined #nixos
knupfer has quit [Ping timeout: 240 seconds]
<gchristensen>
they use a text-based IRC client and accidentally copy-pasted the channel text to the input
<cmacrae>
Argh! sorry about the paste, people
<gchristensen>
it happens from time to time :)
<cmacrae>
Fat-fingered my message, haha
<gchristensen>
no worries!
<andi->
for weechat: /set weechat.look.paste_max_lines 0
<andi->
requires confirmation of even 1 line pastes
<gchristensen>
wow! nice!
<cmacrae>
I use ERC in Emacs. I'm sure there's a similar setting
<cmacrae>
Thanks for the reminder andi-
ardumont has joined #nixos
talqu has joined #nixos
<gchristensen>
oh yeah, ERC ... I am especially good at making that mistake in ERC :)
lassulus has joined #nixos
<cmacrae>
I was sat there thinking "Why is all the text in my buffer white? That's weird... oh well"
<cmacrae>
*hits enter*
<cmacrae>
D:
kreisys has joined #nixos
<cmacrae>
Anyway! What I came here to ask colemickens; hope you don't mind the tag! I saw you mentioned on a HN thread somewhere that you were working on Wayland Chromium builds. Did you have any derivations up anywhere, or any sort of working examples?
talqu_ has joined #nixos
<talqu_>
hi, i used this example https://nixos.org/nixos/manual/#module-security-acme-nginx to set up acme. The first time nixos-rebuilt switch worked, but all of the following ones throw an error Failed to start Renew ACME Certificate for my-example-domain.com
knupfer has joined #nixos
<yorick>
is bjornfor on irc somewhere?
Synthetica has joined #nixos
goibhniu2 has quit [Remote host closed the connection]
<genesis>
yeap i know, but since i use -f ... and usually it's work, it stop working with nix upgrade.
tdammers has joined #nixos
<tdammers>
is there a language reference for the nix language anywhere? all I can find are a few tutorial-style chapters in https://nixos.org/nix/manual/
<jgt>
how do I update a package with nix-darwin? I have pkgs.weechat in my environment.systemPackages, and that means weechat is at version 2.3. I'd like to be on a newer version.
<tdammers>
I suspect that as far as complexity goes, Nix would sit somewhere in the middle between the two
<manveru>
yaml spec is the stuff of nightmares :P
<tdammers>
manveru: I'm not talking about the complexity of the language itself; the way it's presented is still pretty good
<manveru>
true
<tdammers>
manveru: say about yaml what you want, the language spec is exhaustive and fairly solid
<jgt>
if I install weechat outside of nix-darwin with `nix-env -i weechat`, I get version 2.4
<jgt>
but with nix-darwin, I only get 2.3
Glider_IRC has joined #nixos
<gchristensen>
I have a deep appreciation the YAML group to include JSON as a formal subset
<manveru>
so if it was a recent update, darwin might not be up to date yet
<jgt>
manveru: ah, so does that mean 2.3 is the latest version of weechat on the darwin channel?
<jgt>
(I don't think 2.4 is a recent update)
npmccallum has joined #nixos
<manveru>
hmm, doesn't look like it
aither has joined #nixos
<Guest13>
I installed the package manager using the curl command in the website but when i tried to use any command such as nix-env it doesn't work
<jgt>
weechat 2.4 was released 2019-02-17
<manveru>
darwin is pretty much up to date
<rihardsk[m]>
hi, is there a way to force runtime dependencies in a nix package? im trying to package a node.js app which calls out to python via require("child_process").spawn('python3', ['stuff']). i was hoping that it'd be enough to add python to the package's propagatedBuildInputs but it seems it's not the case - when i doo nix-store -q -tree for the packages store path there's no sight of python3 there
<Guest13>
`fish: nix-env: command not found...`
<manveru>
jgt: `nix run nixpkgs.nix-info -c nix-info` on both machines?
<andi->
rihardsk[m]: usually wrapProgram is used or that
<zen_monk>
openssl and tor are not in nix packages? how do i get them?
<qyliss^work>
,locate bin tor
<qyliss^work>
,locate bin openssl
<simpson>
> [ openssl tor ]
andrewrk has quit [Ping timeout: 240 seconds]
sigmundv_ has joined #nixos
<{^_^}>
[ <CODE> <CODE> ]
<{^_^}>
Found in packages: tor
<{^_^}>
Found in packages: openssl.bin, openssl_1_1.bin, libressl_2_7.bin, libressl_2_9.bin, netcat-openbsd.bin, openssl-chacha.bin
<simpson>
zen_monk: What have you tried so far?
<zen_monk>
simpson: i just checked nixos packages
<gchristensen>
anyone want to patch whahtever needs to be patched to make a missing interpreter not error with the same thing as if the file being executed didn't exist?
<simpson>
Is your CI image configured to use the binary cache? Is networking to the cache enabled?
<simpson>
Oh. Setting NIX_STORE_DIR will make existing binary caches useless.
<Ben_>
Is there a way around that?
<Ben_>
The thing is that I want to cache the store on the build server bewteen builds but populate it from the nix cache.
<symphorien>
Ben_: is /nix writable ?
<adisbladis>
Ben_: I've been using docker volumes for this purpose.
<simpson>
Ben_: I don't know much about Gitlab, but on Travis, one simply goes for it and doesn't worry about redownloading packages into /nix/store.
<zen_monk>
`services.weechat.enable = true;` , this code does not work when i place it in: `home.nix` ? will weechat work without this `code` or do i need to place it in: `configuration.nix` for weechat to work ?
<Ben_>
I don't know about writing to /nix. I am using the nixos/nix docker container.
<{^_^}>
[nixpkgs] @kmicklas opened pull request #60645 → Fix Android NDK for 19.03 → https://git.io/fjZ0F
<gchristensen>
b
<gchristensen>
oops
<adisbladis>
Ben_: Are you using your own runners?
bikes has quit [Ping timeout: 250 seconds]
<Ben_>
Yep, I have my own runner.
dsiypl4 has joined #nixos
bikes has joined #nixos
<adisbladis>
Ben_: Ok, then I suggest going down the route of configuring /nix as a docker volume.
<adisbladis>
Ben_: You'll also want to pass through the nix-daemon socket
<gchristensen>
I'd like to refer to a nix store path absolutely in an expression, like this: MYTHING = /nix/store/fr9k1x5m5m3r5866z76d8i60cfp9rbrw-bash; but when this gets made in to a derivation it is copied in to the store, and MYTHING becomes /nix/store/bsnl4z6drx3dz7f9g4y0my7f10s55sqa-fr9k1x5m5m3r5866z76d8i60cfp9rbrw-bash. is there a way for it to not be copied?
<{^_^}>
[nixpkgs] @primeos pushed 3 commits to release-19.03: https://git.io/fjZE6
<manveru>
at work we actually use a ruby cron daemon :P
<MichaelRaskin>
I stopped using cron later than I stopped using NixOS mainline
bikes has quit [Remote host closed the connection]
<aanderse-work>
i wanted to make this a systemd service... but i've already pushed enough change on the guys at work over the past 6 months with the introduction of nixops :p
<manveru>
well, nothing wrong with cron if it works :P
<manveru>
it was just a PITA to get nix to build a docker image that runs cron, so i rewrote that
<nh2>
gchristensen: how to read that? The most recent entry has a green tick
<gchristensen>
your changes must have introduced libnice via a transitive dependency
asymmetric has quit [Read error: Connection reset by peer]
<gchristensen>
or maybe made libnice non-darwin by mistake
<nh2>
gchristensen: ah sorry, I misread what you wrote as "does not build". But what you've linked doesn't seem to be the right gstreamer version, that's gstreamer-0.10, not the 1.* series
<genesis>
i try to fix my .travis.yml to make it build my default.nix but without modify it from a nixpkgs version, would it be possible ?
srid has quit [Ping timeout: 258 seconds]
<nh2>
hmm `The server at hydra.nixos.org is taking too long to respond`
<gchristensen>
nh2:ah, right, then maybe it doesn't build -- you'd have to find the jobset for hydra and see if it does
<{^_^}>
[nixpkgs] @Lassulus pushed commit from @nyanloutre to master « electron-cash: 3.3.6 -> 4.0.2 »: https://git.io/fjZuy
o1lo01ol1o has quit [Ping timeout: 246 seconds]
srid has joined #nixos
drakonis_ has joined #nixos
talqu__ has quit [Read error: Connection reset by peer]
<immae>
genesis: can you explain a bit more what you’re trying to do? You have a default.nix in your repo, and you want to build some derivation in it via travis, but you cannot use nix-build for that because (???)
<nh2>
davlum: all-packages.nix has: `keepassxc = libsForQt5.callPackage ../applications/misc/keepassx/community.nix { };` so you can try `nix-env -i keepassxc`
<immae>
genesis: oh, you have a default.nix of the form `{ nixpkgs }: (rest of it)`, is that it?
<gchristensen>
seems likely, nh2
<genesis>
yes
<immae>
if so, you can do something like nix-build -E 'import ./. { nixpkgs = import <nixpkgs> {}; }'
<nh2>
how can I simulate evaluating for darwin so that I can iterate on it?
<nh2>
(I'm not sure I want to do that right now but could do it if it's quick to fix)
<gchristensen>
nix-instantiate . -A hello --system x86_64-darwin
<genesis>
immae error: anonymous function at /home/genesis/devel/Magick2CPC/default.nix:1:1 called without required argument 'stdenv', at (string):1:1 , same pb
<nh2>
gchristensen: thanks!
<immae>
if so, you can do something like nix-build -E 'import ./. { nixpkgs = import <nixpkgs> {}; }'. If it’s things from nixpkgs (sort of like what you can find in pkgs/ in nixpkgs), you should use instead 'nix-build -E callPackage ./. {}'
<immae>
oups my message did something strange
<immae>
genesis: if you have other arguments in your default.nix you need to provide them all. If it’s things from nixpkgs (sort of like what you can find in pkgs/ in nixpkgs), you should use instead 'nix-build -E callPackage ./. {}'
mwilsoncoding_ has quit [Ping timeout: 256 seconds]
<nh2>
gchristensen: ah, I think my mistake is to try evaluate `gst_all_1`. Some of the subpackages are not supported on darwin. So my ofborg invocation probably does not make sense. What do I have to call to tell it to only build those packages from it that are supposed to work ok darwin / the respective platforms?
fendor has quit [Ping timeout: 246 seconds]
<genesis>
immae works perfectly on travis
<immae>
cool
<immae>
good luck with your project resurrection then ;)
<genesis>
immae++
<{^_^}>
immae's karma got increased to 4
tboston_ has quit [Ping timeout: 246 seconds]
<gchristensen>
nh2: ofborg can't do that right now
<nh2>
gchristensen: so I should instead tell it to build the individual packages?
<gchristensen>
yeah
talqu has quit [Quit: Leaving]
<gchristensen>
you can do it all as one command and it'll partition them based on evaluability
<genesis>
immae : drawback is that it's fetching with revision, instead of build current directory of course
<immae>
genesis: if I may suggest, you’re "stuck" here with whatever travis defines as "<nixpkgs>", it can be an unstable version, or an outdated one, etc (maybe you can configure it in your travis account, I have no idea). I don’t know the conventionnal way it is done on travis, but you have ways to force the nixpkgs version that you like if you need it:
<{^_^}>
[nixpkgs] @vcunat merged pull request #58611 → gnutls: respect NIX_SSL_CERT_FILE, remove 3.5.10 on darwin → https://git.io/fjkwR
tboston_ has joined #nixos
<genesis>
immae : but the idea was to compiled the git tip, whatever, i think it's not possible to not write a special nix file for that instead use the nixpkgs in his project repository
<genesis>
nix-build will not ignore fetchFromGitHub ...
<immae>
ah if you want to build the tip of the branch I guess you have to checkout before building, I don’t know how to do that (it’s travis configuration here)
<genesis>
travis checkout for you, perharps i could trick it removing fetch instruction, i donno.
<genesis>
(tricks nix-build)
<immae>
I cannot help you with travis, sorry :)
Ralith_ has quit [Ping timeout: 246 seconds]
Guest53468 has joined #nixos
knupfer has quit [Remote host closed the connection]
dansho has joined #nixos
waleee has quit [Ping timeout: 246 seconds]
drakonis_ has quit [Read error: Connection reset by peer]
<{^_^}>
[nixpkgs] @c0bw3b pushed commit from @r-ryantm to master « mixxx: 2.2.0 -> 2.2.1 (#60632) »: https://git.io/fjZz9
<emilsp>
,help
<{^_^}>
Use `,` to list all commands, `,foo = Foo!` to define foo as "Foo!", `,foo =` to undefine it, `,foo` to output "Foo!", `,foo somebody` to send "Foo!" to the nick somebody
<pie_>
feels kind of unintuitive but it makes sense
<gchristensen>
another better option is to not stringify v
drakonis has quit [Ping timeout: 258 seconds]
<pie_>
I want to prepend a string to it though so its unavoidable?
<gchristensen>
you could do two traces
<pie_>
eh, i guess i could compose two traces
<pie_>
(?)
<gchristensen>
(builtins.trace "debugopts:" v)
<pie_>
doesnt that just print "debugopts:"
<pie_>
huh
<pie_>
meh, adds an extraneous newline but ok, that works different than i thought it did
drakonis_ has quit [Ping timeout: 264 seconds]
<pie_>
ill keep that around for later
<gchristensen>
(lib.traceValSeqFn (v: (builtins.trace "debugopts:" v) (defaultOpts.debug // debug)) <- builtins.trace will print debug.opts:, and then presumably lib.traceValSeqFn will print the v
linarcx has joined #nixos
dsiypl4 has joined #nixos
<pie_>
i dont suppose theres a pretty printed version of tojson? :p
<clever>
use IFD to write it to a file, then pipe it thru jq, and readfile it back in, then trace that!!!
o1lo01ol1o has quit [Remote host closed the connection]
<pie_>
clever, eh, then i just wont do it probably, i figured it might be nice to just dump some extra debug info because why not, but that sounds a bit heavy
<{^_^}>
[nixpkgs] @burke closed pull request #60439 → [wip] Bump most apple-source-releases to macOS 10.14.1 → https://git.io/fjGQi
o1lo01ol1o has joined #nixos
<infinisil>
I vote we should change builtins.trace to support arbitrary values, and it should make a good effort to convert it to a string by default
Synthetica has quit [Quit: Connection closed for inactivity]
hio has quit [Quit: Connection closed for inactivity]
<gchristensen>
it does
<pie_>
hm topretty doesnt add indentation, ah well :p
<gchristensen>
the problem here was from trying to stringify it by hand
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
<thefloweringash>
if you set boot.initrd.network.ssh.hostECDSAKey, then the initrd-ssh module will configure them as boot.initrd.secrets
<thefloweringash>
but when I set this up, grub didn't support initrd secrets, so I made my own initrd with the keys in and specified it in boot.loader.grub.extraInitrd
<pbb>
I am using systemd-boot, but I guess it doesn't support initrd secrets either? I can not see any part in initrd-ssh.nix that would touch boot.initrd.secrets. It should land in extra-utils?
<emilsp>
and what's the status of encryption with zfs - is luks still my best option ?
<pbb>
seems like the networking in initrd did not work as expected, I just rebooted to the new installation with networking and sshd in initrd, but it doesn't renew the lease
<pbb>
will have to wait until someone gets there, lost remote access now
<thefloweringash>
pbb: after some experimentation, gzip seems to extract cacatenated files, but cpio only sees the first archive
ckoparkar_ has quit [Ping timeout: 250 seconds]
<pbb>
that explains why I could not see the files. I now assume they are there, but with dead networking it will not help
ckoparkar has joined #nixos
mabel has quit [Ping timeout: 258 seconds]
yastero has quit [Remote host closed the connection]
mabel has joined #nixos
Shouou has quit [Ping timeout: 245 seconds]
hio has joined #nixos
anpryl has joined #nixos
zupo has joined #nixos
sigmundv_ has joined #nixos
<genesis>
,locate optparse.h
<{^_^}>
Found in packages: swiProlog, pythonDocs.html.python27
<AlexRice[m]>
does anyone use ghcjs and know if there is a solution round #47437
<pie_>
its an app thing not a nix thing, idk i had to rename a symlink from ${plugin} to ${nameOf plugin} where nameOf means /wehatever/hash-name -> name
<gchristensen>
is it for a home system, or like a bigger environment?
<dftxbs3e>
I'm at home but it's a quite big system aha
__monty__ has joined #nixos
<dftxbs3e>
I run lots of stuff on it, I plan to move my machine to a place where it'll run VMs and folks there have great interest in Guix/Nix kind of systems
zen_monk has quit [Client Quit]
<lordcirth__>
dftxbs3e, ooh, the Talos systems seem pretty cool
<dftxbs3e>
So eventually a shared machine where several people have various VMs on it
<dftxbs3e>
and they would really like to run nixOS on it
dslegends has quit [Read error: Connection reset by peer]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<lordcirth__>
If you can get nix packages for the bare minimum required to get a shell, you might attract some helpers
<dftxbs3e>
lordcirth__: alright, getting to work : - )
<infinisil>
What work is there to do for porting NixOS though? I'd imagine just fixing packages to build on that arch, but I don't think there's anything NixOS specific
<infinisil>
s/arch/platform
<dftxbs3e>
most important stuff has powerpc64le support by now
<dftxbs3e>
I imagine just boot stuff
<dftxbs3e>
for iso
<infinisil>
As long as grub and such compile, I don't see what could cause problems. But I'm not a very crossy guy in that sense, so maybe I'm missing something
<dftxbs3e>
yes I think it's not that much work either
<dftxbs3e>
it has a source based mode right?
camsbury has quit [Remote host closed the connection]
* infinisil
has no idea what that is
<gchristensen>
I'd love to get NixOS running on POWER etc.
<dftxbs3e>
infinisil: it means that the package manager isnt just downloading binaries, it compiles from source
<__monty__>
dftxbs3e: Yep, it only downloads binaries if they're in the cache.
zen_monk has quit [Quit: WeeChat 2.4]
<dftxbs3e>
nope it didnt because it downloads binaries directly
<dftxbs3e>
ill build
stigo has joined #nixos
<__monty__>
You can disable the cache.
o1lo01ol1o has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @volth opened pull request #60662 → nixos/undervolt: minor refactoring → https://git.io/fjZab
zen_monk has joined #nixos
o1lo01ol1o has joined #nixos
<myme>
Howdy! I've enabled gnupg.agent (+ssh) and it's working great in my shell (konsole+zsh). However, it seems like Emacs (started directly from KDE) isn't able to find the agent (there's no SSH_AUTH_SOCK in env). Running emacs from the shell works though.
leotaku has quit [Ping timeout: 244 seconds]
<myme>
I thought I'd ask if that's something "familiar" before I start digging some more.
<tilpner>
myme: Did you restart KDE after enabling that?
tv has joined #nixos
<tilpner>
(Logout and login again?)
<myme>
tilpner: I've booted several times, yes. This is an annoying "papercut" I've been having over the course of some weeks.
leotaku has joined #nixos
<myme>
It's the same if I launch emacs through Plasma's launcher, or rofi. I'm using I3 as my window manager though (might be relevant).
<nyanloutre[m]>
hello, I frequently see arguments in favor of not using static uid/gid for services. Would it be advisable to cleanup services that don't need it ?
<tilpner>
What are arguments in favor of individually allocated ids?
<myme>
infinisil: Worked beyond my *wildest* expectations! ;-)
<myme>
Thanks a bunch.
<infinisil>
Noice
msgctl has quit [Remote host closed the connection]
<infinisil>
zen_monk: What are you using to configure your emacs packages?
<zen_monk>
once i find that path then i can copy and paste the code into ~/.emacs , i just don't knom where nixos installed `emacs.el`, my goal is to get weechat to run within emacs.
<infinisil>
zen_monk: So this is your first time using emacs?
shibboleth has joined #nixos
<zen_monk>
infinisil: i installed and configured my emacs packages in home.nix, i don't knom where nixos installed weechat.el, i need the path for it ?
<zen_monk>
infinisil: well I think i just need the path to `weechat.el`, do i need to add what you said earlier: infinisil I mean, you can get the path to .el files through pkgs.emacsPackagesNg.weechat
<lordcirth__>
dftxbs3e, I would modify the nixpkg for the linux kernel and build that.
<infinisil>
zen_monk: Yes I know and yes I know, try just adding (require 'weechat) to your emacs init
<AlexRice[m]>
dftxbs3e: were you trying to build nixos?
<infinisil>
zen_monk: As qyliss suggested, you don't need to have the path
<lordcirth__>
AlexRice[m], he's trying to get nixos running on his powerpc64le Talos workstation
<zen_monk>
infinisil: ok, lets see if it works
<infinisil>
And who put paste.ee in that ,paste list, it needs javascript to do syntax highlighting and it doesn't even have syntax highlighting for nix!
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Shouou has quit [Ping timeout: 246 seconds]
janneke has quit [Remote host closed the connection]
jb55 has quit [Ping timeout: 246 seconds]
janneke_ has joined #nixos
<zen_monk>
infinisil: it's not automating anything, do i have to do everything manually ?
zupo has joined #nixos
<zen_monk>
:(
<samueldr>
sorry infinisil, looks like it was me, I was the one to add a mix of services instead of suggesting a specific one
o1lo01ol1o has quit [Remote host closed the connection]
<dftxbs3e>
AlexRice[m]: yup, just as they said. lordcirth__: Alright, doing this now!
<samueldr>
(IIRC I looked at a list of paste services used here but didn't vet them much :/)
<simpson>
infinisil: These are all ideas about content-addressed storage in general; be careful not to mistake IPFS with the designs that IPFS enables.
<infinisil>
manveru: Hehe neat
dsiypl4_ has joined #nixos
<manveru>
but no syntax highlighting :(
<infinisil>
Yeah darn
<infinisil>
manveru: And you need javascript which is meh
<infinisil>
ANd you can't curl it directly
<kalbasit>
hardbin: The world's most secure encrypted pastebin, guaranteed * (* this is not a guarantee)
<kalbasit>
lol
<manveru>
i'd love to use IPFS, but last time i tried it, it started scanning our whole company network and the admins kicked me thinking it's some malware :P
<infinisil>
haha
<infinisil>
manveru: Ah, that would be `services.ipfs.localDiscovery` you'd have to turn off
<{^_^}>
"Whether to enable local discovery for the ipfs daemon.\n This will allow ipfs to scan ports on your local network. Some hosting services will ban you if you do this.\n"
mexisme has joined #nixos
<manveru>
is that even good for something?
<manveru>
just faster to find peers i guess
<infinisil>
And I think it probably plays a big role to speed up networking. Because if two peers don't know about each other when they're really right next to each other, that would be very wasteful
<infinisil>
Oh, I guess routing would still find them though
<infinisil>
Eh, not sure
<manveru>
i used it back in 2017 before that option was there
<infinisil>
Probably just faster peer discovery yeah
jb55 has joined #nixos
<{^_^}>
[nixpkgs] @etu opened pull request #60669 → nixos/gitea: Unbreak the gitea-dump module → https://git.io/fjZwQ
<pbb>
Hi, the "tzinfo-1.2.5" gem fails to build with ruby 2.6. After commenting out the customization in gem-configs it builds, but uses /usr/share/zoneinfo. Any ideas?
<{^_^}>
[nixpkgs] @marsam closed pull request #60193 → gpgme: disable tests on darwin → https://git.io/fjsGJ
<camsbury>
Currently working with a bunch of python package overlays - upgrading sqlalchemy via `overlays`, only to find that I have to rebuild `pandas` and `numpy`, which depend on `sqlalchemy`, as a result. Is there a way to forego lower level dependencies having such a big impact?
<camsbury>
Looking for something like an `overrideBuildInputs`, for which I could just put the old version in
fendor has quit [Quit: Leaving]
<__monty__>
camsbury: You could put the overridden attributes in a seperate attrset. That way you have to specify when you want to depend on them.
<pie_>
camsbury, if i understand correctly, no not really, thats the whole paradigm. you could try having two versions, one with the overlay, one not, and then take packages from the appropriate place
<pie_>
right, what __monty__ said
<pie_>
camsbury, hopefully you wont get any version mismatches
zeta has joined #nixos
<pie_>
(depends on the library i guess)
<camsbury>
thanks guys
<camsbury>
yeah I guess the real problem I want to solve is rebuilding the world whenever *my library* depends on a newer version of a thing
dsiypl4_ has quit [Ping timeout: 246 seconds]
<infinisil>
camsbury: You can do that with `self: super: { my-package = super.my-package.override { thing = self.thing_different_version; }; }`
<zeta>
where is `nginx` in nixos manual, i can't seem to find it ?
<pbb>
what is the difference betwen gem install and gem build?
<zeta>
Cannot send to nick/channel, i already setup my nick, why am i getting this error ?
<manveru>
gem install will copy it to the gempath
<manveru>
and also build it
<manveru>
while gem build makes a gem from a project
<infinisil>
nand0p: In line 7, you can just write `poolUrl = escapeShellArg "stratum1...";` instead
<pbb>
so gem install takes a .gem file as input, while gem build takes a project folder as input?
<manveru>
gem build takes a gemspec
<manveru>
but yeah
<pbb>
ok thanks a lot :-)
Guest53468 has quit [Quit: WeeChat 2.4]
zeta has quit [Quit: WeeChat 2.4]
<infinisil>
nand0p: Looks good to merge after that
<nand0p>
infinisil: ok thanks.... will do this asap
imdoor_ has quit [Quit: imdoor_]
fendor has joined #nixos
<genesis>
,locate nix_run_setup
<{^_^}>
Couldn't find in any packages
<gchristensen>
never heard of that ,what is that?
<camsbury>
infinisil: still a bit confused I guess... using a `shell.nix` for a python project, where I am using the python packages I need in `buildInputs`
<camsbury>
those are what become available to me when I `nix-shell`, and so I tried to just add the new version of the package to the list of `buildInputs`, but it still isn't working out. Any kind of overlay has me thinking it would still be injected in the others?
<camsbury>
I guess they are available because I'm using `mkDerivation` with `env = buildEnv { name = name; paths = buildInputs; };`
sondr3 has quit [Quit: WeeChat 2.4]
<clever>
camsbury: do `echo $env` inside the shell?
<{^_^}>
[nixpkgs] @romildo merged pull request #60401 → mate.mate-control-center: look up keyboard shortcuts in system data dirs → https://git.io/fjGg4
<MmeQuignon>
It's my first day with nixos. A teacher introduced it a few days ago and I liked it ! So I decided to give it a try but I have a question. Where could I find documentation about packages ? For example, I can customise vim from my .config/nixpkgs/config.nix but I can't find a list of modifiable packages nor a list of customisable options.
<jasongrossman>
MmeQuignon: There's no complete list of the things that are NOT part of Nix or nixpkgs or NixOS. The only thing that springs to mind that you probably want to know about is home manager.