<qqii>
I saw that that the application menu shorcut wasn't working and got my way to figuring out that it was the wingpanel program segmentation faulting
Lears has joined #nixos
furrycatherder has quit [Ping timeout: 252 seconds]
Guest46132 has quit [Ping timeout: 246 seconds]
Guest46132 has joined #nixos
[Leary] has quit [Ping timeout: 258 seconds]
day|flip has joined #nixos
[Leary] has joined #nixos
eof has quit [Ping timeout: 272 seconds]
<{^_^}>
[nixpkgs] @dasJ opened pull request #63842 → nixos/phpfpm: Use systemd's RuntimeDirectory → https://git.io/fjrhh
Lears has quit [Ping timeout: 248 seconds]
cjpbirkbeck has joined #nixos
Miyu-chan has joined #nixos
Guest46132 is now known as Miyu-chan
Miyu-chan has quit [Changing host]
eof has joined #nixos
kisik21 has quit [Remote host closed the connection]
kisik21 has joined #nixos
qubasa_ has quit [Ping timeout: 245 seconds]
qubasa has joined #nixos
orivej has quit [Ping timeout: 248 seconds]
day|flip has quit [Remote host closed the connection]
day|flip has joined #nixos
<day|flip>
im testing iwd. see how that treat me. if it good. then ill keep it on my laptop. wpa is being to much of a pain to deal with
<anttih_>
I have a local package derivation file in the current directory, how do I enter a shell where I have access to it? Do I need to call `callPackage`?
MmeQuignon has quit [Read error: Connection reset by peer]
Shoubit has joined #nixos
sigmundv has joined #nixos
cfricke has quit [Quit: WeeChat 2.5]
kvaster has joined #nixos
thc202 has joined #nixos
MmeQuignon has joined #nixos
mexisme has joined #nixos
kvaster has quit [Remote host closed the connection]
kvaster has joined #nixos
knupfer has quit [Remote host closed the connection]
knupfer has joined #nixos
justbeingglad has joined #nixos
<asheshambasta>
If I'd like to know how to get ssh-agent to run on my system, whats the best place to look for what needs to go in configuration.nix? Right now, it seems like my workflow is all about a combination of guessing and then googling.
knupfer has quit [Ping timeout: 244 seconds]
aswanson has quit [Quit: WeeChat 2.4]
<asheshambasta>
And that question is not just about ssh-agent, but just knowing what to do in configuration.nix in general, to get the system to a particular state.
<dminuoso>
asheshambasta: Alternatively you can also refer to https://nixos.org/nixos/options.html, but the man page is a bit more reliable and explicit.
justbeingglad has left #nixos [#nixos]
<dminuoso>
(The link has links to the appropriate modules though, so it could give more informatino)
<asheshambasta>
dminuoso: thanks; in the man-page then its a matter of looking for something like ssh-agent (which is absent), right?
reinhardt has quit [Quit: Leaving]
<dminuoso>
asheshambasta: Right. Be sure to try camelCasing :)
<dminuoso>
asheshambasta: or just search case insensitive and glue them together
<asheshambasta>
okay, that really helps.
<asheshambasta>
Thanks
<dminuoso>
asheshambasta: so if you run `man 5 configuration.nix -i` you can quickly search for `sshagent` :)
<asheshambasta>
correct
<asheshambasta>
so the manpage seems to suggest that setting programs.ssh.startAgent to `true` should suffice, but ssh-add -k still complains that it couldn't open a connection to my authentication agent.
<kuznero[m]>
Hi all!
<kuznero[m]>
How do I nixos-rebuild without downloading anything? I need to just update root certificates, without which it is impossible to download anything.
<craige>
If anyone's about and inclined, I'm using NixOps to deply from an x86_64 to an aarch64 machine. Rather than use the binary cache (as I expected) NixOps is building all the packages prior to deploying. Is that expected behaviour or mis-configuration on my part?
<jfmartin>
Adding to profile dir in my .bashrc fix it with GNOME but not in KDE
asheshambasta_m has joined #nixos
orivej has joined #nixos
<etu>
jfmartin: Something I think you can do is to create symlinks in .local/share/applications/ that point at the .desktop symlink for the application in .nix-profile/share/applications/
<etu>
Then it wouldn't break on updates of the packages etc
asheshambasta_m has quit [Ping timeout: 252 seconds]
ee1943 has quit [Ping timeout: 245 seconds]
ee1943 has joined #nixos
asheshambasta has quit [Ping timeout: 252 seconds]
justanotheruser has joined #nixos
<jfmartin>
etu: it fixed the problem, thank you
<eyJhb>
Currently trying to get Vagrant to work, but it needs `vagrant-share`, but I keep getting this error `Encoded files can't be read outside of the Vagrant installer.`. Any clue how to solve it?
jfmartin has quit [Quit: Leaving]
knupfer has quit [Quit: knupfer]
knupfer1 has joined #nixos
knupfer1 is now known as knupfer
marek_ has joined #nixos
marek_ has quit [Changing host]
marek_ is now known as marek
hyper_ch2 has quit [Remote host closed the connection]
<ambro718>
Where is a png desktop icon supposed to be installed in share/icons? It's just one icon size 128x128.
o1lo01ol1o has joined #nixos
<ambro718>
I want to put it in share/icons so the desktop file doesn't refer to it by absolute path (which breaks making shortcuts in some dekstops as they copy the desktop file).
<ambro718>
If I just put it into share/icons/, then something in buildEnv breaks it by making a share/icon/icon-name.png directory which is empty\
yunratobe has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
lem0n4de has joined #nixos
polmaan has quit [Ping timeout: 248 seconds]
polmaan has joined #nixos
knupfer has joined #nixos
ajirx has quit [Remote host closed the connection]
MmeQuignon has quit [Read error: Connection reset by peer]
o1lo01ol1o has quit [Remote host closed the connection]
orivej has quit [Ping timeout: 268 seconds]
aswanson has joined #nixos
<lem0n4de>
Hello, I have been able to setup a custom nix-channel, primarily by inspecting home-manager and some other repos. It works now currently but there is this problem. How do I build a package that is dependent on another package in my repo? For example I want to build package A which depends on package B but both are not on nixpkgs. How do I reference package B in package A's buildInputs?
Okinan has joined #nixos
ajirx has joined #nixos
<infinisil>
marek: it restarts all services that changed, which it can determine by looking at the store path. A different store path -> service changes
ajirx has quit [Remote host closed the connection]
o1lo01ol1o has quit [Remote host closed the connection]
asheshambasta_m1 has quit [Quit: Leaving.]
stepcut has quit [Ping timeout: 244 seconds]
zupo has quit [Ping timeout: 248 seconds]
<nh2[m]>
domenkozar: can you make somehow that I can comment on https://github.com/NixOS/nix/issues/1681 ? I made a backport of the memory fixes to nix 2.0.4 and want to tell people about it, but the issue is locked.
o1lo01ol1o has joined #nixos
<{^_^}>
nix#1681 (by ledettwy, 1 year ago, closed): nix copy uses too much memory
xkapastel has quit [Quit: Connection closed for inactivity]
Lears has quit [Read error: No route to host]
[Leary] has joined #nixos
anttih_ has joined #nixos
steell has joined #nixos
stepcut has joined #nixos
stepcut has quit [Ping timeout: 248 seconds]
o1lo01ol1o has joined #nixos
ng0 has quit [Quit: Alexa, when is the end of world?]
jabranham has joined #nixos
stepcut has joined #nixos
fusion809 has joined #nixos
mexisme has joined #nixos
<{^_^}>
[nixpkgs] @vbgl pushed to master « coqPackages.gappalib: disable for Coq 8.10 »: https://git.io/fjot3
steell has quit [Ping timeout: 258 seconds]
<kraem>
I enabled bash as the default shell from fish and now I can't login with lightdm. Found this: https://github.com/prikhi/lightdm-mini-greeter/issues/2 - problem is my setup is nomodeset with a nvidia optimus laptop so screen goes blank when I access another TTY. I can confirm I'm typing the right password because i was able to switch TTY, type my username and password blindly and reboot.
<{^_^}>
prikhi/lightdm-mini-greeter#2 (by julianwachholz, 2 years ago, closed): Authentication doesn't seem to work
hyper_ch2 has quit [Remote host closed the connection]
<kraem>
Rolling back to a previous generation doesn't work though - are my only option to boot from a live iso and work myself from there in that case?
hyper_ch218 has joined #nixos
mexisme has quit [Ping timeout: 245 seconds]
hyper_ch218 has quit [Remote host closed the connection]
hyper_ch2 has joined #nixos
Mateon1 has quit [Quit: Mateon1]
knupfer has joined #nixos
kvaster has joined #nixos
tommyangelo has joined #nixos
furrycatherder has joined #nixos
baum has joined #nixos
hyper_ch2 has quit [Remote host closed the connection]
<codedmart>
How do I go about fixing/debugging `builder for '/nix/store/qqnzkfay3lay298l2lblg4ccbm2vcd9g-mopidy-with-extensions-2.2.2.drv' failed with exit code 25`
cransom has quit [Client Quit]
cransom has joined #nixos
stepcut has quit [Ping timeout: 245 seconds]
furrycat1 has joined #nixos
furrycat1 has quit [Client Quit]
furrycatherder has quit [Ping timeout: 246 seconds]
zupo has joined #nixos
dansho has joined #nixos
<codedmart>
This seems related https://github.com/NixOS/nixpkgs/issues/36205 as I am seeing this message as well `collision between `/nix/store/y946pnv7xhvlq7db1q73v38xjc5hxyf6-python2.7-backports.ssl_match_hostname-3.7.0.1/lib/python2.7/site-packages/backports/__init__.pyc' and `/nix/store/r15slky11v9b0kgg0rsyikwzl4zcyyqd-python2.7-backports.functools_lru_cache-1.5/lib/python2.7/site-packages/backports/__init__.pyc'`
<aminechikhaoui>
oh thanks for reporting, I'll have a look
ardumont has quit [Ping timeout: 276 seconds]
arjen-jonathan has quit [Ping timeout: 245 seconds]
boogiewoogie has joined #nixos
rauno has quit [Ping timeout: 252 seconds]
<boogiewoogie>
hey, I want to reclaim a swap partition for my main drive as I don't need the swap space anymore. as far as I understand, I'll have to edit what's usually the file /etc/initramfs-tools/conf.d/resume -- how
<boogiewoogie>
do I go about it in nixos?
<boogiewoogie>
fstab is already corrected
<lordcirth>
boogiewoogie, did you manually correct fstab, or did you remove it from configuration.nix?
<boogiewoogie>
I edited hardware-configuration.nix
<{^_^}>
[nix-mode] @matthewbauer pushed 3 commits to fix-84: https://git.io/fjoYw
boogiewoogie has quit [Remote host closed the connection]
wfranzini has quit [Remote host closed the connection]
MmeQuignon has joined #nixos
boogiewoogie has joined #nixos
<tommyangelo>
I'm trying to create a systemd service relying on a package built using buildFHSUserEnv. I can build it, but what I can't figure out yet is how to get the service to "see" the files the package installs. gist is here: https://gist.github.com/ravloony/2f5682fad481168dfb5778e911f47bee
<Ralith>
tommyangelo: could you get away with using patchelf rather than buildFHSUserEnv?
civodul has quit [Quit: ERC (IRC client for Emacs 26.2)]
jasom has quit [Ping timeout: 246 seconds]
xkapastel has joined #nixos
kisik21 has joined #nixos
<tommyangelo>
Ralith: I already tried that, but the binary downloads a new version of itself and execs to it
<Ralith>
o jesus
<Ralith>
and this is a security product?
<tommyangelo>
It's insane
<Ralith>
I'm not an expert, but there must be some shell script or something buildFHSUserEnv spits out that enters the environment
<Ralith>
maybe have a look at how steam-run works
<kisik21>
ok so Cachix can push a thing into a cache. Does it push dependencies too? can I push a whole system closure and expect its dependencies to be pulled in? Does it push what can it fetch from cache.nixos.org, will that count against my storage quota?
<tommyangelo>
It's also a rootkit that installs a kernel module and phones home everything, including keystrokes, so they can do machine learning to figure out whether you have a virus or are being phished or whatever. If my company was not mandating it, I wouldn't touch it with a bargepole.
<kisik21>
tommyangelo: which security product you're talking about?
<{^_^}>
[nix-mode] @matthewbauer pushed to fix-84 « Handle more edge cases in keywords »: https://git.io/fjoY5
<simpson>
kisik21: Yes, yes, no. If you build something that's based largely on nixpkgs, then it largely won't count against your quota.
<kisik21>
simpson: awesome! :3 just what I need
srid6390803 has joined #nixos
<tommyangelo>
kisik21: CrowdStrike
<tommyangelo>
Ralith: thanks, having a look
<Ralith>
talk about defeating the point
<{^_^}>
[nixpkgs] @aanderse merged pull request #63786 → mysql: drop support for deprecated package & module option → https://git.io/fjraE
<boeg>
Is this the right place to ask questions about the nix package manager?
ThatDocsLady has joined #nixos
<nh2>
boeg: yes
<boeg>
Great! I'm using the nix package manager on macos, and are right now trying out for isolated development environments with nix-shell too, and was thinking; How do I clean up whatever was installed for said isolated? Like if I want to delete it from the machine, deleting the root folder isn't enough, because the packages installed via nix for the environment is also places in the nix store as far as I can see.
<nh2>
gchristensen: I was thinking recently of making a nixops backend for terraform, so that you could simply state terraform things in nixops with palo's terranix, and nixops would invoke terraform-the-binary. How does this compare to `terraform-provider-nixos`? Is a `provider plugin` strictly necessary?
ris has joined #nixos
<gchristensen>
no, my terraform thing turns out to not be very useful :P
<gchristensen>
as you can replicate it easily with simple local commands
<ashkitten>
boeg: you usually don't need to worry about that unless the nix store is using a lot of space, but if you really want to delete old derivations you can run `nix-collect-garbage`
<boeg>
ashkitten: Thanks!
<ashkitten>
boeg: depending on how the development environment was set up, you can end up with gc roots for it which makes it persistent, iirc. i can't remember how to deal with ttat
<ashkitten>
boeg: but honestly, it's not usually an issue to have extra store paths laying around unless you're tight on space. i wouldn't worry about it
<alj[m]>
Hello! How do I use uboot when i build it myself? I want to install nixos and dont know how to combine nixos and the new uboot image
<boeg>
ashkitten: Thanks, was just wondering about it, reading the nix pill on the topic right now
dansho has quit [Ping timeout: 248 seconds]
stranger___ has joined #nixos
<stranger___>
what do you think? will this fix the issue? #63024
<{^_^}>
[nix-mode] @matthewbauer merged pull request #85 → Fix handling of keywords in identifiers → https://git.io/fjrAQ
<{^_^}>
[nix-mode] @matthewbauer pushed 6 commits to master: https://git.io/fjoO2
CcxWrk has joined #nixos
<{^_^}>
[nixpkgs] @aanderse opened pull request #63862 → nixos/mysql: run ExecStartPost as root (again) to preserve compatibility with secured installs → https://git.io/fjoOr
nschoe has quit [Ping timeout: 248 seconds]
<infinisil>
baum: I think the most important part of the error you didn't include
<baum>
infinisil: the output of the deployment process?
Blessjah has quit [Remote host closed the connection]
<infinisil>
baum: No, scroll to the right in journalctl
<gchristensen>
could deepSeq be used to force importing and validating a file is syntactically correct, without actually executing the code?
<infinisil>
gchristensen: What code? What file? What validation?
<gchristensen>
the file is a nix expression, which is typically a function. I don't want to call the function, but I want to be certain that if something were to try to call the function , it would at least be syntactically correct
<pie_>
obviously im misunderstanding something here
<gchristensen>
aanderse: I don't know golang, and I'm a bit busy, but what is up? :P
<pie_>
well...tostring does work...but why??
<baum>
infinisil: true, well thanks for having a look at it. i'll keep pondering on finding the best way to debug this.
zupo has joined #nixos
<infinisil>
pie_: toString converts a path to a string, just interpolating a path makes it be imported into the store
<infinisil>
It's just how Nix does it
<pie_>
oh wait i think i get it
<pie_>
you mean interpolating it substitutes the store path
<infinisil>
Yea
zupo has quit [Remote host closed the connection]
<aanderse>
gchristensen: an upstream project nixos packages has added a way to store a secret outside of their config file. there are more secrets in the config file which the same idea could be applied to. would significantly cleanup the nixos module :)
<pie_>
argh wtf. for some reason i just figured paths are treated as strings when you do string things
<aanderse>
but... you're busy, someone will eventually get around to it. no worries
zupo has joined #nixos
<pie_>
infinisil, makes sense though i guess, thanks
<gchristensen>
aanderse: (yeah but pitching it to the channel might snipe some people interested in extracting secrets from the nix store)
<infinisil>
:)
alex`` has quit [Ping timeout: 246 seconds]
<pie_>
infinisil, ...still not sure where the illegal name thing comes from though
zupo has quit [Remote host closed the connection]
<pie_>
the only thing touching the keys is mapAttrs!
<gchristensen>
pie_: you can't have a thing in the Nix store called ".foo"
<infinisil>
^^
<pie_>
oh.
<pie_>
why not?
zupo has joined #nixos
<infinisil>
Dotfiles something
<gchristensen>
the first character must be alphanumeric
<{^_^}>
[nixpkgs] @etu merged pull request #63156 → phpfpm: do not run anything as root → https://git.io/fj2AK
<pie_>
would it be reasonable to request the error message to be changed a bit so that its more evident that its a store problem and not an eval problem
<gchristensen>
pie_: sounds good. open a ticket?
zupo has quit [Remote host closed the connection]
<pie_>
yeah i guess, in nix?
<gchristensen>
yea
<infinisil>
pie_: What do you suggest instead?
<pie_>
infinisil, no idea but i was confused, so im asking "is it just me?" :P
zupo has joined #nixos
<pie_>
infinisil, i figured if other people think its reasonable i might as well open an issue
<gchristensen>
"Trying to import «path» in to the Nix store with the name «.foo» is invalid: it must begin with a letter or a number" might be good
zupo has quit [Remote host closed the connection]
<gchristensen>
"Note: builtins.path can be used to give it an alternative name, if you cannot rename the file no disk."
<boogiewoogie>
hey, so, still trying to reclaim some swap space I don't need anymore for my root partition. I've removed the swap entry from the hardware-configuration.nix. any special (nixos-)way I should proceed? I don't assume I can somehow repartition the running system?
<samueldr>
nixos will not touch partitions...
<samueldr>
... and a corollary is that it will only create a swap file, not resize it, neither remove it
<samueldr>
so, there's no special nixos way to handle that, it would be like you would any other linux distro
<vika>
`nix build nixpkgs.nixUnstable --system armv7l-linux --builders "ssh://nixos-builder armv7l-linux" --max-jobs 4` is gonna use 4 cores of my PC and also nixos-builder machine in the local network, am I right?
<vika>
or wait, do I need to specify localhost in here too?
<samueldr>
if the swap partition was directly after the partition, it might be possible to expand the partition, and expand the fs on the running system
<boogiewoogie>
samueldr: okay, thanks. had it numbered the wrong way unfortunately :P
<boogiewoogie>
alright then!
<aveltras>
let's say i want to have the same configuration.nix on my laptop and desktop. Is there a way to have some kind of condition to enable libinput only on the laptop for example ?
<samueldr>
not exactly, a strategy could be to have the configuration in multiple files, and load them from a non-tracked configuration.nix
o1lo01ol1o has quit [Remote host closed the connection]
<samueldr>
e.g. my configuration.nix is not tracked in git, it loads `./machines/somename`; in turn those are tracked and load common files
zupo has quit [Read error: Connection reset by peer]
o1lo01ol1o has joined #nixos
knupfer has quit [Quit: knupfer]
zupo has joined #nixos
knupfer has joined #nixos
<aveltras>
samueldr: i see, thanks for the answer
<samueldr>
(I'm sure there are other strategies to use for that purpose)
Ariakenom has quit [Quit: Leaving]
boogiewoogie has quit [Remote host closed the connection]
<vika>
One is hostname matching
<vika>
aveltras: you can match your different machines by hostnames
wildtrees has joined #nixos
zupo has quit [Client Quit]
<aveltras>
vika: arent the hostname defined in the config ?
<vika>
You can split config in several modules :3
o1lo01ol1o has quit [Remote host closed the connection]
<vika>
and use recursive sets
<aveltras>
ye, the goal was to only have to curl configuration.nix during a nixos install
domogled has joined #nixos
<vika>
is it acceptable if your configuration.nix fetches a github repo by itself?
o1lo01ol1o has joined #nixos
<vika>
If yes, place your config in the github repo, then curl a configuration.nix boilerplate and customize it
<aveltras>
but wondering if that "maria" could be read from the hardware
<aveltras>
some kind of mac adress for a network card but more related to the computer as a whole
<vika>
Hardware is an illusion. It doesn't exist from nix's perspective :3
<vika>
The spoon doesn't exist
daGrevis has quit [Quit: daGrevis]
<vika>
Nix is built to abstract from such worldly matters
daGrevis has joined #nixos
<cransom>
one of the nix plugins may work. i've never used `builtins.exec` but it may let you hack that in.
<vika>
That could definitely work
oida has quit [Remote host closed the connection]
<vika>
it would be a bit impure but that impurity here is perfectly intended
<aveltras>
but just in general linux language, do you know what could identify the hardware ?
oida has joined #nixos
<vika>
Ethernet MAC addresses are supposed to be unique
<cransom>
ifconfig, lshw, dmidecode
<simpson>
aveltras: What is "the computer"? It's like the Argos; what you're actually identifying is a collage of parts.
<vika>
simpson: good metaphor :3
<vika>
And these parts make a ship, and to Nix it doesn't matter which parts its built of. It can float.
<vika>
It floats in a certain way ("x86_64-linux")
<simpson>
vika: Lucky 10000: There's an old philosophical riddle involving the Argos: If we replace each plank of the Argos, piece by piece, then are we left with the original Argos? What if we assemble a new old Argos from the replaced planks?
Jackneill has quit [Remote host closed the connection]
<vika>
to Nix, it doesn't matter. The crew would still be the same
<vika>
Nix is about the crew, not the ship!
<alj[m]>
how do I "install" a u-boot binary and boot with it?
<simpson>
aveltras: Oh, your problem's easier than I feared. Yeah, it's possible for your custom NixOS modules to introduce new configuration options. I don't know where the technique is documented; probably somewhere in the NixOS manual.
<vika>
@alj I think that depends on your hardware. Raspberry Pi machines accept kernels at a certain place... on others you'll need to flash it in a certain SD card sector
<alj[m]>
it doesnt, but thanks :D i think i found the right sector.
<aveltras>
seems sth like "cat /sys/class/net/*/address | head -n 1" might be enough here
arjen-jonathan has joined #nixos
asheshambasta_m has quit [Quit: Leaving.]
<vika>
I'd recommend to grep -v 00:00:00:00:00:00
<vika>
it's lo
<vika>
and it's the same on every single machine
<{^_^}>
[nix] @grahamc opened pull request #2974 → checkStoreName: give more precise/verbose error information → https://git.io/fjo3h
daGrevis has quit [Quit: daGrevis]
<aveltras>
vika: didn't understand sorry, not that familiar with grep
daGrevis has joined #nixos
<pie_>
gchristensen, i forgot to say, maybe one could label said categort or errors with like "store error:" or something, so its not just periodic whack a mole when someone is bothered :p
<gchristensen>
what do you mean?
<pie_>
yeah that wasnt clear
<pie_>
theres other error strings in the file you linked to the issue
<pie_>
"path '%1%' is not in the Nix store" does suggest that the problem is store related
<gchristensen>
pie_: yeah ( did you see my PR?)
o1lo01ol1o has joined #nixos
<pie_>
but not all the strings say that
Synthetica has quit [Quit: Connection closed for inactivity]
<pie_>
no didnt see the pr
<pie_>
saw the pr now
<pie_>
looks good to me i guess
<pie_>
my verbalization is horrible today, im trying to say this issue could be extended further than that one error message.
ThatDocsLady has quit [Quit: Leaving]
<pie_>
though i guess maybe its a slippery slope to all the errors in nix :p
<pie_>
anyway, thanks for the quick fix
o1lo01ol1o has quit [Remote host closed the connection]
rauno has joined #nixos
gratto has quit [Ping timeout: 252 seconds]
Xal has quit [Ping timeout: 245 seconds]
<{^_^}>
[nixpkgs] @dingxiangfei2009 opened pull request #63865 → dockerTools: use skopeo on the right platform → https://git.io/fjosI
Xal has joined #nixos
gratto has joined #nixos
<{^_^}>
[nixos-homepage] @edolstra pushed 2 commits to master: https://git.io/fjost
<{^_^}>
[nixos-homepage] @edolstra merged pull request #286 → Replace list of old releases with link to GitHub → https://git.io/fjoOI
<{^_^}>
[nix] @matthewbauer opened pull request #2975 → Don’t use entire /etc/nsswitch.conf file → https://git.io/fjoss
<kraem>
samueldr: thank you for the tips - i don't have ssh enabled (good tip though - will probably enable it after i've solved this for situations like these) - would I be able to do `sudo systemctl start sshd` blindly on tty 2 or are the /etc/ssh/sshd config file not present at all if i've never enabled ssh in configuration.nix? will try masking masking the graphical unit first though
arjen-jonathan has quit [Ping timeout: 250 seconds]
<clever>
kraem: the installation cd or a normal install?
<samueldr>
if you haven't enabled sshd in your configuration.nix, no, it wouldn't be installed
<kraem>
enabling the sshd? i was thinking of doing it from the normal install
o1lo01ol1o has quit [Ping timeout: 246 seconds]
<clever>
the install cd is also weird, sshd is enabled, but not running on bootup
<kraem>
ah alright it's not even installed without enabling it
hlolli has joined #nixos
<hlolli>
I've never set up a ftp server before, can I make a public readable ftp server like this http://ftp.gnu.org/gnu/emacs/ with the html static page genereted, with nixos?
<philipp[m]>
I guess this is one of the cases, where nginx conf is just easier to generate than apache xml, at least from my experience.
<aanderse>
philipp[m]: with either nginx or apache you don't need to write a single line of nginx or apache config
<hyper_ch>
I have encountered a weird issue: when I set boot.kernelParams = [ "ip=dhcp" ]; then once I booted up, I don't have any dns entries in my resolv.conf
<aanderse>
for this type of situation
<aanderse>
ngnix has "locations" iirc, and apache has servedDirs and servedFiles
<philipp[m]>
Yes, but somebody had to make them generate configs.
<filedesless>
hey how do you guys deal with confidential informations? like credentials I such. I want to git my config.nix, but not expose my mail or other passwords
<aanderse>
philipp[m]: of course. but not you. that is one of the awesome parts of nixos :)
<aanderse>
filedesless: you shouldn't be storing credentials in configuration.nix
<filedesless>
how then?
<aanderse>
what services are you using that ask for passwords?
<filedesless>
I was thinking about using ddclient
<aanderse>
filedesless: this module needs to be fixed as it gives the user no option to securely provide a password
<filedesless>
I see
<filedesless>
would that hold for mail clients?
<kraem>
samueldr: i managed to mask the display-manager and removed modeset from the systemd boot entry - problem is nothings in my path = i can't call any command because it can't find them when i call them - located nixos-rebuild in the /nix/store but the command says it can't find utils like find and date
<aanderse>
it looks like ddclient might not support the concept of a password file, so the systemd service should create a secure configuration file at runtime which only the service has access to and patch the password in
<aanderse>
filedesless: it seems like someone attempted to implement this but it broke the service, so it was reverted
endformationage has joined #nixos
peter has joined #nixos
fragamus has joined #nixos
peter is now known as Guest43570
<aanderse>
filedesless: any other examples of secrets in your configuration.nix?
Guest43570 is now known as spacewalker
spacewalker has left #nixos [#nixos]
<filedesless>
I wanted to try something like offlineimap or similar to sync my mails
civodul has joined #nixos
<aanderse>
i don't see a password option in that service and i've never used it. example?
ddellacosta has joined #nixos
MmeQuignon has quit [Ping timeout: 272 seconds]
fragamus has quit [Client Quit]
<filedesless>
you're right, but there has to be a way to identify me
<filedesless>
think it was done via some dotfile
<filedesless>
which I also cannot git
<hyper_ch>
why can't you git a .dotfile?
<filedesless>
I mean one with my credentials
<hyper_ch>
single user system?
<filedesless>
yea
<hyper_ch>
I have a mysecrets file in /root and you could put credentials in there... and then read them out from the configuration.nix file and then write that .credential file upon every rebuild anew
<hyper_ch>
would that be an option?
<kraem>
samueldr: i don't know what happened with the PATH and my nix environment but i managed to fix it through setting the services.xserver.windowManager.default to the one I'm using since that was needed by lightdm.greeters.mini.enable - i'm now in my system and i'm back with using fish as my shell - any idea what might have happened when switching to bash?
<pie_>
gchristensen, yeah i renamed the stuff, but its still an inconsistency
<pie_>
well actually
<pie_>
is let actually any different
<pie_>
i guess you could rename it with a let, but not with a with.
<infinisil>
Another reason to get rid of "with"
<clever>
another, is that it mutates errors
<infinisil>
I've been intentionally avoiding "with" in all new code I write
<clever>
> let a = 42; in b
<{^_^}>
<LAMBDA>
<clever>
> let a = 42; in shouldnotexist
<{^_^}>
undefined variable 'shouldnotexist' at (string):255:16
gratto has quit [Read error: Connection reset by peer]
<clever>
this fails at parse time
<noobooboon>
When I run `cat /sys/devices/system/cpu/vulnerabilities/l1tf`, I get "Mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable"
gratto has joined #nixos
<clever>
> with { a = 42; } in shouldnotexist
<{^_^}>
error: syntax error, unexpected IN, expecting ';', at (string):255:18
<clever>
> with { a = 42; }; shouldnotexist
<{^_^}>
undefined variable 'shouldnotexist' at (string):255:19
<clever>
but this fails (with an identical message) at eval time, when the value is forced
<pie_>
infinisil, just because its imperfect doesnt mean you should lynch it :D
<clever>
so the callstack and time of failure is drastically different
jabranham has quit [Quit: ERC (IRC client for Emacs 27.0.50)]
<clever>
with also introduces a slight overhead in attr lookups
<pie_>
clever, the error mutation stuff might have been something i complained about at some point. that was probably when i learned let is scoped differently
<infinisil>
clever: Yeah, and with emacs I have nix-instantiate --parse as a very simple error reporting mechanism, which isn't very useful anymore as soon as I have a single "with" in there
<infinisil>
pie_: This is why I want to get rid of it ^^
<clever>
i just dont use it
<clever>
you can also, `let inherit (lib) mkOption; in ...`
<pie_>
yeah i usually just do that
<clever>
which is similar to with, but has a whitelist, and it should fail at parse time
<pie_>
what with can do but let probably cant is bringing stuff in scope at eval time? sounds sketchy tho
<pie_>
wait that sounds wrong...let cant exactly know ahead of time either if something exists.
<m1cr0man>
Hi folks. Trying out nix declarative containers for the first time. If I run with the privateNetwork=false; option will this act the same way as host networking in docker?
o1lo01ol1o has quit [Ping timeout: 252 seconds]
<clever>
m1cr0man: i think so
<m1cr0man>
well like will a port in the container be exposed on the eth of the host?
<manveru>
did you try it? :)
<m1cr0man>
no :P I shall haha
erasmas has quit [Quit: leaving]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<pie_>
does readDir have any sort of ordering or is it totally arbitrary_
<manveru>
given that it's nix, i figure it's deterministic...
<m1cr0man>
oh my god it worked first time XD
<m1cr0man>
the answer is yes
<manveru>
pie_: it's sorted, but don't ask me by what :)
<pie_>
the implementation of that part does look a bit fancier
<clever>
pie_: line 4/8, the callPackage it generates can search up the call chain for you
<clever>
so you dont need a reference to pkgs
jluttine has quit [Ping timeout: 258 seconds]
<pie_>
hm
<pie_>
also there seems to be people using makeScope in several places in nixpkgs
<pie_>
so either i missed some memos
<clever>
also, `pkgs.newScope self` is identical to `callPackageWith ( self.nixpkgs // self )` i beliee
<pie_>
or im just too dumb
m0rphism has quit [Ping timeout: 244 seconds]
<pie_>
how did everyone other than me understand this stuff >:(
jluttine has joined #nixos
<pie_>
clever, i really wish newScope wasnt a splice.nix thing
<pie_>
I have to go searching around for it every time i misremember where it is.
<clever>
pie_: i dont look at the implementation anymore, i just refer to simple-test.nix
<pie_>
makeScope doesnt actually tell you that newScope as used there only makes sense with a lib.callPackageWith
<clever>
pie_: i found an example somewhere and copied it
<pie_>
clever, somethng im not sure about though, i guess its very corner-case-y but if i have a name conflict (which I happen to have had before...) and i use this implicitly scoped callpackage, i wont have a way to disambiguate the two?