<selfsymmetric-mu>
This gets me an mpv-shim on my path but doesn't know about conffile.
<selfsymmetric-mu>
I'm going to try `buildPythonApplication`.
<selfsymmetric-mu>
Ah, shame, this repository doesn't have a setup.py
<selfsymmetric-mu>
Should I patch one in?
alex`` has quit [Ping timeout: 245 seconds]
<selfsymmetric-mu>
I know how to write patches to files, but I don't know how to _add_ a file.
lambda-11235 has joined #nixos
<evanjs>
infinisil: Okay sweet, that works. I switched the channels variable to channels = (config.nixpkgs.config.packageOverrides {}); at some point and obviously that doesn't work. Your recommendation worked when I set it to [ pkgs pkgs.stable pkgs.unstable pkgs.unstable-small ]; Thanks!
<{^_^}>
commercialhaskell/stack#5005 (by razvan-panda, 4 minutes ago, open): Executable named hoogle not found on path
ryantrinkle has joined #nixos
dl4mfo_ has joined #nixos
dl4mfo has quit [Ping timeout: 245 seconds]
gentauro has quit [Ping timeout: 272 seconds]
gentauro has joined #nixos
<selfsymmetric-mu>
freeman42y: It's certainly possible. Stack makes some aggressive assumptions if it sees that you're on NixOS. It's burned me in the past.
rprije has joined #nixos
tmaekawa has quit [Quit: tmaekawa]
MmeQuignon has quit [Ping timeout: 268 seconds]
Mateon2 has joined #nixos
Mateon1 has quit [Ping timeout: 245 seconds]
Mateon2 is now known as Mateon1
selfsymmetric-mu has quit [Remote host closed the connection]
<gchristensen>
like 250,000,000 infinisil / emily / adisbladis
<gchristensen>
ish
<emily>
so like over 4 gigs of just hashes @_@
<emily>
bloom filters it'd have to be I guess
<gchristensen>
the metadata export I get produces like 10g of data per export
<nh2>
clever: hmm, even with `nixos/release-combined.nix --arg supportedSystems '[ "x86_64-linux" ]'` it complains at building `error: a 'aarch64-linux' with features {} is required`
jgt has joined #nixos
dansho has quit [Remote host closed the connection]
dansho has joined #nixos
jgt has quit [Ping timeout: 252 seconds]
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
slack1256 has quit [Remote host closed the connection]
felixfoertsch has quit [Ping timeout: 250 seconds]
slack1256 has joined #nixos
<infinisil>
gchristensen: emily: According to a wiki formula for bloom filters, for this many elements we'd need a bloom filter of size 142MB for getting a false positive rate of 10%
<emily>
I think 150 megs of disk space is positively anemic by NixOS standards
redknight_ has joined #nixos
<emily>
looked at /nix/store lately? :p
<emily>
I don't know if there are fancy techniques for incremental updates of bloom filters though
Ariakenom has quit [Quit: Leaving]
<infinisil>
emily: That's pretty easy: Just send a bloom filter for the new paths, then OR it with the existing one
<infinisil>
A union operation
<emily>
right, ok
<infinisil>
Oh wait
<infinisil>
That's not incremental lol
<infinisil>
Still needs 140MB
<emily>
yeah you'd need them to be of different sizes or something
<emily>
there's probably stuff in The Literature.
<emily>
browsers already deal with a version of this problem for the "safe browsing" hash list
<infinisil>
I guess if it's small enough you can send a list of new bit indices instead
<infinisil>
Each new path would only have to add 3 bits
<infinisil>
gchristensen: Do you also know the rate of new paths?
<infinisil>
I guess let's say the cache has accumulated paths over 10 years, then it's ~70000 paths per day
<gchristensen>
note the S3 puts aren't just NARs but narinfos and logs
<infinisil>
Oh neat
<gchristensen>
seems data collection broke a couple weeks ago. I'll look in to it later
<infinisil>
And actually, I also went through the calculation with 1% false positive rate. The major difference would be that the filter size is 280 instead of 140MB, while updates to it are still about the same, so 1MB per day
<gchristensen>
I wonder how to handle the part where the cache is continuously updated
<gchristensen>
or if that even needs handling
<infinisil>
Not sure what you mean
<hyperfekt>
Just out of curiosity, what's the main use case of bringing down latency for single, fast builds? Or is there a lack of parallelism in checking the cache such that this would make lots of trivial builds faster, too?
<gchristensen>
if you fetch the bloom filter data at 9am, and then from 9am to 3pm hydra does a mass rebuild and you fetch nixpkgs at 4pm, how do you tell your machine to fetch those built paths
<gchristensen>
hyperfekt: nix check sthe cache for every build, so not having to do that would be cool
<infinisil>
hyperfekt: Nix currently needs to first: Ask the cache if the root derivation exists, if yes fetch it, if not build it, meaning it needs to recursively do that for all dependencies (well it first checks whether they exist in the local store too)
<gchristensen>
infinisil++
<{^_^}>
infinisil's karma got increased to 122
<infinisil>
gchristensen: I'm thinking it could store multiple bloom filters in increasing distances
<infinisil>
gchristensen: So it would store a bloom filter for the new paths in the last hour, in the last 2 hours, last 4 hours, and so forth
<gchristensen>
yeah, but how does Nix know to fetch a new copy?
<gchristensen>
I guess it could always look
<infinisil>
Probably just store the last fetch time locally
<hyperfekt>
Ah, there's no parallelism between derivations and their dependencies, So it makes deep trees take longer too. How often do people have deep dependency trees not served by the cache that can and should be built quickly?
<hyperfekt>
I mean I totally agree it would be just super cool to not have to contact the cache, but I wonder what the pain of it is in practice.
<gchristensen>
yeah it isn't so bad as is
<gchristensen>
makes it annoying to build without internet though
<hyperfekt>
Well a bloom filter knowing what's in the unreachable cache will hardly be the best fix for that case :b
<infinisil>
I guess it could considerably decrease time-to-first-byte for installations of new things, which might have a deep dependency tree
<infinisil>
Also: Nix can't fetch the root derivation without first having fetched all its dependencies
<gchristensen>
Nix's binar ycache query does start with the final derivation before checking deps of course
<infinisil>
And this recursively, so it really needs to go through the whole chain and ask the cache serially until it knows what to fetch first
<hyperfekt>
infinisil: Wait, really? :o That changes things...
<gchristensen>
I don't think so...
<infinisil>
I'm pretty sure anyways, because Nix doesn't allow invalid paths, and paths whose dependencies don't exist are invalid
<gchristensen>
no, because if a cache has the final build product it has the whole closure
<infinisil>
Ah, hmm
<infinisil>
True
<infinisil>
Might not be that bad after all
<gchristensen>
it isn't so bad ;)
<gchristensen>
besides, Nix can't know what the closure is unless it either built it, OR fetched the narinfo
<infinisil>
I'm just noticing that there's a considerable delay on every nix-build, and that delay seems to be from fetching caches
<infinisil>
checking caches*
<infinisil>
gchristensen: Doesn't the local .drv tell nix what the closure is?
jgt has joined #nixos
<gchristensen>
drvs describe build time closures
<gchristensen>
run time closure is a subset, yes, but Nix doesn't start fetching build time closures unless it has to build
<infinisil>
Yeah, but that plus knowing which paths are in substituters should be enough for it knowing what it needs to build
<hyperfekt>
Well, it might be latency on every nix-build but if they're parallel it shouldn't matter that much? That's why I asked earlier if there is a need for low-latency nix-builds.
<gchristensen>
I thought we were discussing run time closures
<gchristensen>
:)
<infinisil>
Well it needs to download build dependencies too if it's not cached, but if it is it only needs to fetch runtime deps
<hyperfekt>
infinisil: As long as I don't pass in any derivations I'd say. Because at that point it's very unlikely for the cache to have it.
<infinisil>
clever: You need a readme!
<gchristensen>
hyperfekt: the problem is what if projectA's cache provides on derivation foo, bar, baz and projectB's cache provides bar, baz, tux.
<clever>
infinisil: yeah
<gchristensen>
hyperfekt: to make matters worse, bar and baz don't have the exact same content because tehir builds aren't reproducible.
<clever>
infinisil: basically, it will query multiple upstream binary caches, and then present a single cache interface to downstream clients
<infinisil>
hyperfekt: I think the only solution to getting such substitute authorization is to declare this in derivations via an attribute like `allowedSubstituters = [ "https://cache.nixos.org/" "https://foo.cachix.org/" ]`
<clever>
infinisil: and also cache every narinfo in ram, and cache the nar files to disk
<gchristensen>
infinisil: rip cachecache and corporate-internal caches
<infinisil>
gchristensen: You could still whitelist more caches in nix.conf
<infinisil>
clever: I see, neat
<infinisil>
gchristensen: Yeah actually, we could differentiate between untrusted substituters and trusted ones. A trusted one can substitute any derivation, an untrusted one can only substitute derivations which have it declared in `allowedSubstituters`
<hyperfekt>
I might be a bit slow because it's late and I should be in bed, but I don't see the fundamental problem - as long as you introduce tracking for which flake a derivation (as in the Nix language feature) is from. And even today non-reproducible derivations can produce different content, for example if built by Hydra and me locally.
<clever>
infinisil: it would need to be based on the public key to be secure
<infinisil>
gchristensen: Then people could go "I provide aarch caches for these derivations in cache.example.com", and make a PR to nixpkgs with `allowedSubstituters = optional stdenv.isAarch "https://cache.example.com/";`
sushi_ has joined #nixos
<infinisil>
clever: Ah good point
<hyperfekt>
infinisil: Having to declare substituters it in the derivation would kinda suck because changing the set of allowed ones would change the derivation :/
<clever>
hyperfekt: but you still have the problem of recursively adding it to everything in your closure
<no-n>
3:27 PM <no-n> does anyone know how to link to liblua on nixos?
<no-n>
3:27 PM <no-n> I tried nix-shell -p lua53Packages.lua but my linker can't find liblua
<infinisil>
clever: It would have to be part of the final derivation so Nix knows the allowed substituters just from the .drv
<clever>
infinisil: ack
<infinisil>
Are passthru's in the .drv?
* infinisil
is not sure
<infinisil>
No they can't be
<clever>
infinisil: they arent
<hyperfekt>
But if it's in the drv getting rid of / adding one substituter precludes me from using all the others :<
dk_ has joined #nixos
<infinisil>
Yeah it's not optimal that this would influence the drv itself..
<infinisil>
hyperfekt: Well you could still add the cache you want temporarily to the trusted set so it can substitute anything
<hyperfekt>
Hmm seems like a limited hack, because then we go back to having universally trusted caches. It'd work for stuff built by Hydra cause we kinda trust that but not for other stuff with more than one substituter. Or adding two partially trusted substituters.
<dk_>
Hey everyone - Just took my first pill and have been playing with NixOS all day. So far it has been very informative and fun, but I'm having some issues getting KDE running within Virtualbox, built from latest ISO image. Demo appliance works as expected, but cannot get the custom one going. No screens found. Any thoughts?
<infinisil>
clever: hyperfekt: I guess Nix could have a separate database field where it stores passthru.allowedSubstituters, then it wouldn't have to be part of the .drv but it could still query it
<clever>
infinisil: the database mainly just stores the existance, hash, and signature of store paths, but not metadata about them
<clever>
and drv files are all named after a hash of their contents
<hyperfekt>
Would that mean having to eval any derivation I want substituted?
<gchristensen>
(you do now)
<infinisil>
clever: Yeah but it could be changed to store more stuff
<infinisil>
And I think this would be reasonable if such an allowedSubstituters thing wants to be implemented
<clever>
gchristensen: nix-copy-closure can copy just drv files to a remote machine
<clever>
gchristensen: it would also complicate build slaves quering the binary cache for things
<clever>
currently, the api for asking if a slave has a list of paths, includes a bool allowing it to fetch
<hyperfekt>
What would be the ideal properties we want from limited trust substituters? Is there any point to being able to not trust the same substituter to provide runtime deps?
<clever>
and it just wont answer until it has checked its own caches, and then report what it couldnt get
<infinisil>
hyperfekt: Not sure what you mean
ottidmes has quit [Ping timeout: 245 seconds]
<hyperfekt>
Currently a substituter provides the whole closure, right? But what if a derivation had a different set of allowed substituters than its dependencies? Seems like a possibility when you make it part of a derivation.
<infinisil>
clever: Hey, I'm just trying to use your kexec script again, but it seems to be failing now and I have no clue what it could be. The error is ultimately "Nothing has been loaded!" after the `kexec -e` step
<Gilfoyle->
Question, trying to run powerdns with a sqlite3 backend. Able to get it to run, however even with powerdns.sqlite located under /var/lib/powerdns and with it's perms set to 777 powerdns is treating it as a RO db. Anyone try setting this up before and run into a similar issue?
<clever>
infinisil: ohhh right, nixos-infect is using the lustrate method
<infinisil>
Ah yeah and that doesn't support changing the root fs
<{^_^}>
undefined variable 'pdns' at (string):262:1
<clever>
> pdnsd.meta.description
<{^_^}>
"Permanent DNS caching"
<no-n>
I am including all the right files according to manpage synopsis but getting implicit function declaration errors for stuff like getaddrinfo and freeaddrinfo
<Gilfoyle->
clever: So just disable it, and import my own local variant then yeah?
<clever>
Gilfoyle-: yep
rprije has quit [Ping timeout: 258 seconds]
rprije has joined #nixos
slack1256 has quit [Remote host closed the connection]
mexisme has quit [Ping timeout: 264 seconds]
rprije has quit [Ping timeout: 245 seconds]
rprije has joined #nixos
<Gilfoyle->
Okay that worked, thanks clever.
palo1 has joined #nixos
slack1256 has joined #nixos
palo has quit [Ping timeout: 272 seconds]
palo1 is now known as palo
jboy has quit [Ping timeout: 264 seconds]
orivej has joined #nixos
jgt has joined #nixos
slack1256 has quit [Remote host closed the connection]
jgt has quit [Ping timeout: 264 seconds]
jollyjester has joined #nixos
<jollyjester>
hello i've just added the nixos-unstable channel and i'm getting the following error: error: unable to download 'http://releases.nixos.org/nixos/19.03': HTTP error 404
<jollyjester>
nevermind somehow it got fixed by just removing some channels
FRidh has quit [Read error: Connection reset by peer]
<nkaretnikov>
so i'm still trying to define my custom package set as described here: http://sandervanderburg.blogspot.com/2014/07/managing-private-nix-packages-outside.html in my case, i define an application and a library (two actually, but one of them is a wrapper). and the defined library version is not used by the application. (i checked the used shared library location and ran strings on that to see if my debug prints are
<nkaretnikov>
there.) any ideas?
philr_ has joined #nixos
eyJhb is now known as eyJhb
<jackdk>
I tend to use overlays for this sort of thing. https://git.sr.ht/~jack/nix-overlay/ works for me but I do not claim that it's idiomatic
wfranzini has quit [Remote host closed the connection]
<nkaretnikov>
i don't have the code online yet, but if you want more information: the application is qemu and the libraries are libusb1 and libusb. I just changed the qemu build script to build with usb support and use a local version of libusb (by specifying a location on disk).
wfranzini has joined #nixos
<nkaretnikov>
jackdk: i'm aware of that approach. however, i haven't used overlays. i just wanted to make it as painless as possible. the blog post was there, so i went with that
philr has quit [Ping timeout: 272 seconds]
<nkaretnikov>
i'd rather not switch to using overlays at this point. i just need to figure out what's wrong. any tips on how to debug this?
iyzsong has joined #nixos
<jackdk>
"have you missed a rec?", "show us the code?", "builtins.trace everywhere to see what's being evaluated?" that's all I got
FRidh has joined #nixos
<nkaretnikov>
jackdk: look at the last example in the blog post. is there a need for a rec there?
<nkaretnikov>
jackdk: i essentially have the same thing (with different inputs, but still close enough)
winem_ has joined #nixos
<nkaretnikov>
i'd rather not show the code yet, it's a bit messy and would take time to organize and push.
<nkaretnikov>
yeah, i might try the trace thing.
<jackdk>
I don't think a rec is required there, but I also have a few things to do this evening, so all I can do is wish you luck from here.
<{^_^}>
[nixpkgs] @FRidh pushed 2 commits to python-unstable: https://git.io/fjF3b
<nkaretnikov>
hahaha, i figured it out... tl;dr: i was checking the wrong executable. i was expecting it to appear in my PATH, but turns out i use nix-build, so it was happily sitting in the result directory.
<nkaretnikov>
a bit frustrating, but i'm also glad that i don't have to debug the nix build script. so i'll call it a win :)
<iqubic>
So I'm trying to upgrade my channels, a stable channel, and an unstable channel. The channel update worked, but now the "sudo nixos-rebuild switch" is failing with http://dpaste.com/3YE6SCY
<adisbladis>
symphorien: That's only the stable channel though.
<adisbladis>
There is a linuxPackages_4_19 on unstable
<Miyu-chan>
How do I allow firewall imperatively?
<Miyu-chan>
I ran this:
<Miyu-chan>
iptables -A nixos-fw -p tcp --dport 2222 -j nixos-fw-accept
<iqubic>
adisbladis: I can pull it from unstable easily.
<adisbladis>
iqubic: I know, I was pointing out to symphorien that the website only reflects the stable channel.
<iqubic>
WTF is going on here.
o1lo01ol1o has joined #nixos
<iqubic>
Uname states that I'm currently running 5.1.21.
<Miyu-chan>
Ah. I know why now.
<iqubic>
But I can't even use kernel versino 4.19 on account of this: "error: attribute 'spl' missing, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/tasks/filesystems/zfs.nix:31:11"
lambda-11235 has quit [Quit: Bye]
b has quit [Ping timeout: 258 seconds]
jollyjester has joined #nixos
Chiliparrot has joined #nixos
<jollyjester>
hey, can someone tell me the default channels that get shown when doing nix-channel --list and sudo nix-channel --list
<jollyjester>
i kind of messed up my channels and can't rebuild
<{^_^}>
[nixpkgs] @FRidh pushed 3 commits to python-unstable: https://git.io/fjFsZ
<iqubic>
jollyjester: That really depends on the system that each individual is running.
<iqubic>
There is no set default.
obfusk__ has quit [Ping timeout: 252 seconds]
<iqubic>
I have no idea what's going on with the kernel packages right now.
<jollyjester>
warning: name collision in input Nix expressions, skipping '/home/eon/.nix-defexpr/channels_root/nixos-19.03'
<jollyjester>
error: attribute 'nixos' in selection path 'nixos.xclip' not found
<jollyjester>
hmmmmm
<jollyjester>
any way to fix this?
<srhb>
Did you call it nixos-19.03 instead of nixos?
<jollyjester>
uhh yes lol
<jollyjester>
oops i guess
<jollyjester>
how do i call it nixos?
<jollyjester>
i just did nix-channel --add [url]
<jollyjester>
with sudo obviously
<srhb>
jollyjester: Try nix-channel --help
<jollyjester>
yea ok
<jollyjester>
makes sense
<jollyjester>
yep i think that fixes it
<jollyjester>
thanks for all the help
<srhb>
Sure thing.
jollyjester has quit [Quit: leaving]
domogled has joined #nixos
<M-Gregoire49>
Hello!
<M-Gregoire49>
I'm struggling with something I thought would be easy: I'm trying to install https://github.com/domenkozar/hnix-lsp from my NixOS configuration. I could easily clone the repo and import the default.nix file from my config but I'm looking for a way for NixOS to clone the repo for me so I don't have to when starting on a fresh install.
<M-Gregoire49>
Is there an easy solution I'm missing?
<{^_^}>
[nixpkgs] @vcunat pushed to master « texlive: remove myself from meta.maintainers »: https://git.io/fjFsr
<srhb>
M-Gregoire49: pkgs.fetchfromGitHub for instance.
<M-Gregoire49>
I can directly use fetchFromGithub in an import?
<srhb>
M-Gregoire49: Sure. :)
<{^_^}>
[nixpkgs] @FRidh pushed 3 commits to python-unstable: https://git.io/fjFsX
<srhb>
M-Gregoire49: It just produces a path, import takes a path as well.
orivej has quit [Ping timeout: 245 seconds]
<M-Gregoire49>
Wow, hasn't even crossed my mind ahaha
<M-Gregoire49>
I use pkgs.nodePackages.bash-language-server and pkgs.nodePackages.javascript-typescript-langserver
<M-Gregoire49>
but for some reason, bash-language-server from the same file (/https://github.com/NixOS/nixpkgs/blob/7d16cd787d70824907d0a311621e6776e35e8f72/pkgs/development/node-packages/node-packages-v10.json#L59) can't be found:
fusion809 has quit [Remote host closed the connection]
nek0 has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<nek0>
Hi folks. Is anyone here familiar with deploying to Hetzner via nixops?
wfranzini has quit [Remote host closed the connection]
wfranzini has joined #nixos
o1lo01ol1o has joined #nixos
<nek0>
I have a configuration, that fails at partitioning the discs at the point where they should e encrypted.
<nek0>
The exact error message is "blivet.errors.CryptoError: luks_format failed for '/dev/md/root'".
dnlkrgr has joined #nixos
o1lo01ol1o has quit [Ping timeout: 258 seconds]
o1lo01ol1o has joined #nixos
fendor_ has joined #nixos
fendor_ has quit [Remote host closed the connection]
ng0 has joined #nixos
<{^_^}>
[nixpkgs] @primeos opened pull request #66818 → [19.03] Security backports for gollum, jekyll, and html-proofer → https://git.io/fjFGG
<dnlkrgr>
hey! I'm trying to install nixos and I'm stuck on this step: https://nixos.org/nixos/manual/index.html#sec-installation-partitioning-UEFI. I have a `NVMe SSD` and get a `Warning: The resulting partition is not properly aligned for best performance.` message when creating the swap partition. I tried adding `-a optimal` to all the `parted` commands b
<dnlkrgr>
ut the message still shows up. What else could I do there?
<dnlkrgr>
freeman42x, thanks I also found it but I got strange results: https://pastebin.com/ACzn4hzm Does this make sense? Because then I would get a sector number of 0.
<__monty__>
How can I prevent my laptop from going to sleep because of inactivity? Is the desktop environment responsible for this? Ideally I'd like the display to turn off but definitely not networking because I use this machine remotely.
<Xyliton>
I tried changing my binary cache to the "fixed" fastly one but nixos-rebuild still attempts to fetch stuff from cache.nixos.org and fails to download some packages because of a timeout. How should I proceed; right now I can't update my system at all :/
lord| has quit [Read error: Connection reset by peer]
mexisme has quit [Ping timeout: 264 seconds]
<__monty__>
Oh, the gdm option isn't in the manual either.
noudle has joined #nixos
<__monty__>
Ok, looking at the code there is an option for gdm added two weeks ago but nothing for other displaymanagers.
fendor has joined #nixos
<Xyliton>
Looks like the timeouts are happening for mono 5.20.1.27 and possibly rustc
<marek>
is there a way to have a derivation that is always taking up master of a git repository and ignoring the sha256? kinda like a proxy? we have a QA that wants to install always latest software from a specific github repo, regenerating it at each commit is an option, but would like something more transparent
<{^_^}>
[nixpkgs] @adisbladis opened pull request #66819 → emacs-packages: Make elpa & org package sets overrideable → https://git.io/fjFZJ
wfranzini has quit [Remote host closed the connection]
<Miyu-chan>
The TL;DR is that a derivation is built using `bash -e default-builder.sh`.
<pie_>
jollyjester: how much do you know
<pie_>
jollyjester: you want to write a nix expression that overrides argument or mkDerivation attributes, depending on how the package is constructed, and then you either want to nix-build / nix-env it, or use it in your expression that wants it as an input
<pie_>
damn, still crashing
<pie_>
./result/bin/wikidpad: line 3: 1204 Trace/breakpoint trap /nix/store/1cy5kgmirql14hv09v3cwssvm7y8p0hy-python3-3.7.4-env/bin/python /nix/store/ky9q90ccg6iwvbs468v1i88abg4ms2rw-source/WikidPad.py
<pie_>
(WikidPad.py:1204): GLib-GIO-ERROR **: 12:37:40.765: No GSettings schemas are installed on the system
<pie_>
Miyu-chan: i imagine just because i added the hook, my launcher script isnt magically going to work
<jollyjester>
pie_: can you just link me the manual page on it
<jollyjester>
so i can look into it
<Miyu-chan>
Can I see the expression?
<pie_>
jollyjester: well, its not /one/ manual page (well it is, its just a very big manual)
<Miyu-chan>
I think it's called buildPythonPackage
<jollyjester>
pie_: what option should i set
<jollyjester>
i don't recall
<freeman42x>
I installed the library libpqxx but I am still getting the error: fatal error: libpq-fe.h: No such file or directory. Any ideas how I can fix this?
<pie_>
options.nixpkgs = { zathura.useMuPdf = false; }; or something like that. and this /does/ make more sense than homemanager just implicitly passing on extra config options
<__monty__>
jollyjester: Why do you prefer poppler btw? Mupdf is faster and produces higher quality output in my experience.
<pie_>
Miyu-chan: so yeah i guess i just need this hook to run. question is why the hook isnt running (presumably(
<{^_^}>
[nixpkgs] @rasendubi opened pull request #66824 → jetbrains.mps: init at 2019.1.5 → https://git.io/fjFZ1
gentauro has joined #nixos
ericsagnes has quit [Ping timeout: 245 seconds]
jgt has joined #nixos
<dasj19>
hello nixos, I am a nixos beginner and I try to do some customization.. for example adding a custom keyboard layout, I ended up here: https://github.com/NixOS/nixpkgs/pull/47764 and would like to help fix the issue... but in order to test my theory I have to modify a file from the xkeyboard-config-2.27 package.
<freeman42x>
dasj19, is that file generated as part of some nix package installation?
bakakuna has joined #nixos
ericsagnes has joined #nixos
gentauro has quit [Ping timeout: 272 seconds]
<dasj19>
freeman42x: yes... look at the last post from https://github.com/NixOS/nixpkgs/pull/47764 where I reported the issue.... the package would be xkeyboard-config-2.27
smakarov has quit [Remote host closed the connection]
<dasj19>
freeman42x: there is no evdev.lst file in that package
gentauro has quit [Ping timeout: 268 seconds]
<{^_^}>
[nixpkgs] @FRidh pushed to python3 « Temporarily set python = python3; to identify what would break »: https://git.io/fjFnL
<freeman42x>
dasj19, :/ damn
<dasj19>
freeman42x: I think that specifically that file gets created at compile time
shibboleth has joined #nixos
<freeman42x>
dasj19, but is it created at compile time based on code from that tar file? or from which code?
chloekek has quit [Ping timeout: 246 seconds]
<dasj19>
freeeman42x: I am pretty sure that it is the tar of xkeyboard-config-2.27
<dasj19>
I'll search for the configuration.nix code that triggers it
revtintin has quit [Quit: WeeChat 1.9.1]
<gchristensen>
would anybody like to be in the first group of maintainers to join the Nixpgks Maintainers group?
<freeman42x>
dasj19, extract everything from that tar file. Open the folder with your favorite editor/IDE. Search in project for "evdev.lst". There are 4 usages. Then figure out how to control how it is generated
<gchristensen>
or, would anyone like to nominate somebody?
<dasj19>
okay freeman42x: what would be the step after that
<tilpner>
gchristensen: You should probably detail what that is, what the requirements and responsibilities are
<gchristensen>
good thinking.
<freeman42x>
dasj19, the step after what?
<tilpner>
gchristensen: AFAICT it's putting everyone from maintainer-list.nix into a GitHub organisation team with Triage permissions, which allow applying labels and closing, label-ing, and re-opening issues?
<gchristensen>
tilpner: not yet, but almost
<dasj19>
freeman42x: let's say I'll figure out how the file it's generated... then I guess I can hardcode my modification in it
<freeman42x>
dasj19, yes
<dasj19>
okay freeman42x... thanks for your support
<freeman42x>
dasj19, your welcome. are you sure you don't have any other question?
<ehmry>
gchristensen: I would volunteer, I used to be a maintainer but resigned from the github group, but I'm still in maintainer-list.nix and would like to help deal with PRs again
<freeman42x>
gchristensen, I would volunteer as long as that just implies me contributing when I actually require that for my own goals (づ ̄ 3 ̄)づ
<dasj19>
freeman42x: I guess I have a lot of questions but I would not bother you with them... as I said I just started recently with nixos and I am still figuring my way around... so I'll just ask here in the open if something is unclear...
Soo_Slow has joined #nixos
<dasj19>
freeman42x: I noticed that nix kinda forces you to deal with the source of the problem instead of hacking your way around.... initially I just wanted to patch that file to see if it works... but apparently it is not allowed
<asymmetric>
what's the point of having the "rec" keyword, instead of making all attrsets recursively accessible by default?
<asymmetric>
is there e.g. a performance penalty in using it?
<eyJhb>
Damn it.. Way, of adding a user which home directory is owned by root? I need to do some openssh chrootdirectory, but that requires the dir to be owned by root
<tilpner>
Or perl528Packages.perl.out, maybe
<__monty__>
tilpner: {^_^} did respond in a query : ) perl has it too btw. (I assumed that's smaller than perldevel.)
<tilpner>
eyJhb: Perhaps home = ...; createHome = false; and then use systemd tmpfiles or a preStart to set permissions?
o1lo01ol1o has joined #nixos
<eyJhb>
tilpner: considering creating a `/backup-jail`, and then chown root, but yeah, some systemd might be needed
<eyJhb>
But maybe my way of doing backups is flawed? And there is a easier/better way
<tilpner>
I'll need more context to tell what you're doing, and even more to say if that makes for a good backup
<eyJhb>
Currently server X copies files to dir Y, tar.gz that dir and encrypts it then uploads it with sftp/rssh to a qurantined dir (it only has access to a directory with its own backups on the server). Then each day the server the backups is hosted on runs a crontab to remove backups from the qurantine area, and puts them into a final backup directory
<eyJhb>
Where I use rotate-backups to clean out old backups. Basically, it is fairly safe as it, if a server gets compromised
earldouglas has joined #nixos
<tilpner>
Oh, so push-mode backups without fewer disadvantages compared to pull-mode. Nice
<tilpner>
*with fewer
<eyJhb>
Yeah, as if my main server is compromised => no access to all the servers. And if a server is compromised, then only sftp/rssh access to a single directory..
<eyJhb>
Kinda like this setup, but it currently relies on Docker.. :(
o1lo01ol1o has quit [Ping timeout: 258 seconds]
asymmetric has joined #nixos
<tilpner>
asymmetric: Sometimes you don't want recursive access, makes the file easier to read
gentauro has quit [Ping timeout: 245 seconds]
<eyJhb>
"makes the file easier to read"?
earldouglas has left #nixos [#nixos]
<tilpner>
Yes, consider: args: let ... in { ... foo = bar; ... } vs args: let ... in rec { ... foo = bar; ... }
<tilpner>
In the first one, I only need to search the let block and args, while in the second one I need to consider the parts of the set that came before *and* then ones that come after foo
<eyJhb>
tilpner: oh. When you said asymmetric , I thought of encryption and was hopeless in seeing how it played in with what we just talked about :p
<tilpner>
Not everyone has randomly generated nicks like you :)
<tilpner>
Or base64 of something
<eyJhb>
Hey! It is not random, we had a long discussion about it once.. :p
<tilpner>
I only vaguely remember JWT something
<__monty__>
It's not an acronym for that icelandic volcano?
<eyJhb>
Yeah, basically. First part of `{"alg":` base64 encoded :p But if you knew my full name tilpner , it would make sense as well
<aveltras>
anyone encountered the error "XXX is not allowed to refer to a store path" while trying to use haskell developPackage function with nix-gitignore ? like this
<tilpner>
eyJhb: It's unclear to me what part you want to implement/improve. You're probably not looking for "build a server that does quarantine per backup job instead of giving sftp access"
<tilpner>
And even that would be a questionable suggestion
jgt has quit [Ping timeout: 264 seconds]
b has joined #nixos
<eyJhb>
tilpner: well basically, I would want a similar setup as I currently have with Debian/Docker on NixOS, but without that much Docker
<eyJhb>
So basically a single SFTP user which only has access to a single dir
<tilpner>
You haven't said yet how you use Docker
<eyJhb>
I use Docker to jail it to only have access to X directory on the host system
<tilpner>
eyJhb: You seemed to have a plan with openssh, and I gave a suggestion on how you might add a jail directory (systemd.tmpfiles.rules). I haven't implemented a system like you're describing though
<__monty__>
build*Stack*Project?
<tilpner>
I'd imagine buildStackProject somehow makes a version of stack available
<__monty__>
How does that not involve *any* stack setup?
<simpson>
freeman42x: That's deeply unfortunate. If your system's healthy, then you'll see something like https://bpaste.net/show/QGNA
<tilpner>
freeman42x: Unrelated: you don't need those parentheses, "with import <nixpkgs> {};" works too
<freeman42x>
seems to be added by nix-shell... somehow, dunno why
<__monty__>
simpson, freeman42x: Maybe he's confusing your outer $() markup for subshell syntax?
<freeman42x>
simpson, oh lol. I thought you wanted me to run exactly: $(which stack) and $(readlink $(which stack))
<simpson>
freeman42x: Nix will try to make it hard to GC something in memory.
<__monty__>
simpson: This is a case where markdown `is clearer` ; )
<simpson>
freeman42x: Oh my. Sorry; I won't ask you to run shell stuff anymore. If you don't know what a shell command will do, then don't do it; repasting random shell commands from people you don't know on IRC is extremely dangerous.
<freeman42x>
simpson, lol
<eyJhb>
$(rm -rf /)
<freeman42x>
simpson, I know how to use which and stack, the only thing I did not know is readlink which sound safe, and why you surrouned stuff with $(...)
<__monty__>
simpson: Tbf, someone could be familiar enough with shell to evaluate whether or not to run something but not familiar enough with your confusing (at least for shell) markup convention.
<eyJhb>
tilpner: I will look into it, but never used systemd.tmpfiles before... No clue how to use it
<simpson>
__monty__: $() is the portable way to do subshells. If that's too confusing, then I can simply not give people shell snippets. It's not really as much of a problem as you think it is.
<__monty__>
But the extra $() runs whatever the command returns as a command?
<__monty__>
People can be forgiven for blindly copying subshell syntax.
<freeman42x>
readlink $(which stack) still prints nothing
<simpson>
__monty__: Please stop trying to bargain with me on behalf of syntax. Nobody has done anything wrong yet and there is nothing that needs to be forgiven.
<freeman42x>
__monty__, yeah, like stuff like "blindly copying subshell syntax" would obviously thrash my NixOS VM, and I could not fix that
<simpson>
freeman42x: Then perhaps it's not a symlink. There's no magic answer here; the correct Stack executable is the one that has the behavior that you expect.
<freeman42x>
simpson, yeah, but why and how does nix-shell install stack?
<__monty__>
freeman42x: Because you're using buildStackProject.
<__monty__>
nix-shell will provide the environment used to build your project and presumably for a stack project that'd include stack.
<freeman42x>
__monty__, what is buildStackProject? where is that defined?
Ariakenom has joined #nixos
<freeman42x>
__monty__, so nix-shell is hardcoded to look for stack information in the project?
<__monty__>
simpson: All I was trying to say is $() makes for unnecessary confusion when quoting shell. It's fine for most other languages. I figured you might value clear communication.
orivej has quit [Ping timeout: 258 seconds]
<__monty__>
freeman42x: Not at all, you use it in the nix file you put on imgur.
<simpson>
__monty__: Yes, I do value clear communication, which is why I'm willing to put down the confusing quotes. I'm not sure what kind of concession you're looking to extract from me, but if you haven't gotten it yet, you're not going to get it.
<freeman42x>
__monty__, omg lol, I totally missed that, cheers
<__monty__>
simpson: Great, I didn't get that from "Oh my. Sorry; I won't ask you to run shell stuff anymore..." Which came across as rather passive aggressive. Enough said though, I'll leave it at this.
<__monty__>
freeman42x: Presumably that's a hash for a branch. Maybe a tag like master'll just work.
inkbottle has joined #nixos
<freeman42x>
__monty__, my remark was in reply to simpson who treated me a bit like an idiot, even though it was pretty obvious the commands were safe and I was running stuff in a VM as a normal user: "Oh my. Sorry; I won't ask you to run shell stuff anymore. If you don't know what a shell command will do, then don't do it; repasting random shell commands from people you don't know on IRC is extremely dangerous."
<freeman42x>
__monty__, so no passive aggresivity here!
<freeman42x>
__monty__, yeah, you are right, using master works, but I guess I should use a fixed commit for reproductibility
<__monty__>
freeman42x: Maybe reread the convo. I was telling simpson off on your behalf.
<simpson>
__monty__: Waste more words~
<freeman42x>
__monty__, look, it is fine, no hard feelings and I do not want too argue. It just leaves a bad taste when other people dismiss other peoples intelligence without proper consideration
<__monty__>
simpson: My pleasure. I'm not sure why you got offended. Everything up to the markdown command was me trying to help and that comment was in jest.
<simpson>
freeman42x: You skipped straight over tilpner's correct diagnosis of your issue, and also decided that my attempt to help you was somehow some sort of gotcha or gimmick.
<__monty__>
freeman42x: I'm confused, I'm not arguing you and I did not dismiss anyone's intelligence, or is this a passive aggressive comment directed at simpson?
<simpson>
I don't think that you're an idiot, nor am I treating you as such.
<{^_^}>
[nixpkgs] @danbst merged pull request #55115 → elasticsearch: add example on how to use plugins → https://git.io/fhSuj
<{^_^}>
[nixpkgs] @danbst pushed to master « elasticsearch: add example on how to use plugins (#55115) »: https://git.io/fjFCL
<freeman42x>
__monty__, I'm not upset on you at all, I'm grateful for your help. I was just saying simpson could have been a bit nicer. Anyway, don't want to drag this
<simpson>
freeman42x: No, I can't. If the issue is about my emotions rather than about my legibility on IRC, then there's only one solution.
simpson has left #nixos ["WeeChat 1.0.1"]
<freeman42x>
simpson, I did not skip his diagnosis lol, and no: "also decided that my attempt to help you was somehow some sort of gotcha or gimmick." just stop please. I DO NOT WANT TO ARGUE.
<__monty__>
hyperfekt: What is this codeload? Haven't seen this in github urls before.
<freeman42x>
__monty__, so is it a few days ago in average?
<__monty__>
It can be months.
<freeman42x>
oh... ok, that's a lot
<__monty__>
I don't have any stats.
<__monty__>
I was exaggerating but it was a couple weeks recently.
<freeman42x>
anyway, I guess since this is for the shell.nix for a project I would want to use some version that is unchanging, like a git commit version
<hyperfekt>
__monty__: Really? for nixpkgs, not nixos? I've never seen that :o
<{^_^}>
[nixpkgs] @primeos merged pull request #66818 → [19.03] Security backports for gollum, jekyll, and html-proofer → https://git.io/fjFGG
<{^_^}>
[nixpkgs] @primeos pushed 7 commits to release-19.03: https://git.io/fjFCG
<__monty__>
hyperfekt: If my memory's not failing me.
<hyperfekt>
I knew there had to be something like this amongst Graham's stuff :D There just 0 SEO for that site, I'm glad whenever I remember the Hound URL.
<tilpner>
No no, that's grahams site
<tilpner>
tilpner++
<{^_^}>
tilpner's karma got decreased to 35
<tilpner>
,codesearch
<{^_^}>
tilpner: Did you mean configsearch?
<{^_^}>
To search public NixOS/Nixpkgs/NixOps configs, use https://search.tx0.co (Ping ${"til" + "pner"} if it acts up again)
<tilpner>
No, I did not
<__monty__>
But you linked it, take the karma dammit! tilpner++ gchristensen++
<{^_^}>
gchristensen's karma got increased to 142, tilpner's karma got increased to 36
<asymmetric>
I’m hesitant to make my dotfiles public for privacy reasons, but maybe I’m just paranoid
<tilpner>
Yes, those are different instances. We were talking about putting them (and feed.nix.tx0.co) in a common location, but there are more urgent things to do for now
<{^_^}>
[nixpkgs] @7c6f434c pushed 2 commits to release-19.03: https://git.io/fjFC5
noudle has quit [Ping timeout: 245 seconds]
<pie_>
CMCDragonkai: sidenote: i see you talking about debug stuff in https://logs.nix.samueldr.com/nixos/2018-10-22 , id be interested in eventually gettign around to better global debugging support for stuff in nixpkgs
<{^_^}>
Use ,locate <filename> to find packages containing such a file. Powered by nix-index (local installation recommended) https://github.com/bennofs/nix-index
Chiliparrot has joined #nixos
<__monty__>
nix search, nix-index, nix-locate Do these all serve the same purpose? And what hoops do I have to jump through to get nix search working?
<{^_^}>
commercialhaskell/stack#5007 (by razvan-panda, 23 seconds ago, open): stack build error - Control.Exception.Safe.throwString called with: In Nix shell but reExecL is False
o1lo01ol1o has joined #nixos
<tilpner>
__monty__: Something like NIX_PATH=nixpkgs=channel:nixos-unstable nix search -u should be sufficient
<tilpner>
You can leave NIX_PATH off in most cases
domogled has quit [Remote host closed the connection]
<tilpner>
nix-index/nix-locate index the outputs, nix search only the package descriptions
<__monty__>
tilpner: Hmm, if I leave off the NIX_PATH it should use my own channels, right?
<tilpner>
Probably, but it doesn't work here
<__monty__>
Doesn't work here either.
<tilpner>
Providing NIX_PATH is good enough for me
<tilpner>
I usually rg nixpkgs anyway, so... ehh
<__monty__>
Seems to be working, yeah. But that means I have to provide it every time I want to update the cache? And also it won't be synchronized with my local pkgs unless I update nix-channel and search close enough to eachother?
d3vnu11 has joined #nixos
<__monty__>
I'll just stick to grepping then. Would be nice if there was an easy way to get the nix store path to the current nixpkgs checkout though.
d3vnu11 has quit [Remote host closed the connection]
<tilpner>
Yes, that sounds right
<tilpner>
What do you mean by "get the nix store path to the current nixpkgs checkout"?
Soo_Slow has quit [Remote host closed the connection]
Soo_Slow has joined #nixos
ddellacosta has joined #nixos
page_ has quit [Remote host closed the connection]
<AluisioASG>
Where would a new dynamic DNS client go in nixpkgs? I'm thinking pkgs/tools/networking, but there is also pkgs/applications/networking/dyndns
<jnisch>
Hello, I am a NixOS beginner trying to understand why things like sane (for scanning) are not just a package that can be installed using nix-env -i?
infinisi1 has joined #nixos
<selfsymmetric-pa>
jnisch++
<{^_^}>
jnisch's karma got increased to 1
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<selfsymmetric-pa>
Good question. I still don't quite understand where everything belongs.
<ehmry>
jnisch: its probably because of the unix permissions modle
<freeman42x>
could someone explain to me how using nixpkgs.config.allowBroken = true; makes sense? won't it give you a broken package?
<srhb>
jnisch: packages cannot modify the "system" in any way. All installing something with nix-env -iA (never -i alone) is be joined into the symlink tree that constitutes some profile.
<ivan>
jnisch: Debian packages have triggers that can modify the system, NixOS packages do not modify the system
<tilpner>
jnisch: Sane apparently needs to create a user, a systemd service listening on a socket, udev rules, special environment variables, and firewall settings
<srhb>
jnisch: Activating, say, systemd services, requires building a new system profile, which is done using the NixOS module system.
<selfsymmetric-pa>
srhb: Right? The NixOS manual explains how to use the setting but doesn't explain why you'd ever use it.
<srhb>
selfsymmetric-pa: Sorry, explains why ever use what? :)
<selfsymmetric-pa>
Oops, I meant freeman42x. Why you'd use `allowBroken`.
<srhb>
Ah. I'd expect you'd only ever want that to test if something truly is broken, and then remove the mark if it is.
<srhb>
freeman42x: ^
<selfsymmetric-pa>
srhb: Ah, good point. So it's mostly a development usecase.
<srhb>
Or, theoretically, some parts of a package could be broken that you don't care about.
<jnisch>
ok, that makes sense, was not aware this sane thing has to change so much
selfsymmetric-pa has quit [Remote host closed the connection]
<freeman42x>
srhb, that makes sense, srhb++
<{^_^}>
srhb's karma got increased to 63
<ivan>
I figured out why Hydra needs three different pgpass files :-)
o1lo01ol1o has quit [Remote host closed the connection]
<srhb>
jnisch: And the general rule also applies. Where a Debian "package" can mutate all sorts of things in a Debian system, packages in Nix really can't *do* anything to the system, except be present in /nix/store. Everything else must go through NixOS modules.
<maralorn>
freeman42x: For example some haskellPackages get marked as broken erronously. In that case it‘s useful to enable that option. Although I still prefer overriding the broken flag over setting this global option.
<srhb>
Indeed, most of the time enabling that would just cause you to fruitlessly spend time building things that really are broken...
<jnisch>
srhb, thanks, srhb++
<{^_^}>
srhb's karma got increased to 64
englishm has quit [Excess Flood]
englishm has joined #nixos
o1lo01ol1o has quit [Ping timeout: 245 seconds]
<__monty__>
ivan: pgpass?
<ivan>
__monty__: yeah, Hydra is made of three users and some postgres stuff insists PGPASSFILE is not group-readable, so each user needs their own user-owned file
npmccallum has quit [Quit: npmccallum]
<__monty__>
ivan: I wonder if ACLs could circumvent that?
<tilpner>
srid: Guess: toString on ./summoner-cli removes its context, and is then forbidden by the sandbox
cizra has quit [Ping timeout: 252 seconds]
<tilpner>
Remove toString
cizra has joined #nixos
<tilpner>
srid: It seems you want to import a path into the store with a custom name. builtins.path { name = "foo"; path = ./bar; } will result in ${storeDir}/*-foo having the content of ./bar
<tokudan>
trying to install a system through kexec ("nix-build '<nixpkgs/nixos>' -A config.system.build.kexec_tarball -I nixos-config=./rikku-iso.nix -Q") but getting "error: attribute 'kexec_tarball' in selection path 'config.system.build.kexec_tarball' not found"
<tokudan>
hyper_ch: no, it's fine. I just missed the sentence, as I already thought I had a good idea and just needed some details... and missed other required details. the typical dangerous smattering :)
<musicmatze>
So the mail only says, and I quote: "You’re invited to join the @NixOS organization on GitHub."
<gchristensen>
can you send me a screenshot of it?
<iqubic>
So, I'm having a load of issues. I can't rebuild my nixos configuration because of this error here: "error: attribute 'spl' missing, at /nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/tasks/filesystems/zfs.nix:31:11"
<iqubic>
I'm trying to use kernel version 4.19
<musicmatze>
gchristensen: sure
<iqubic>
I've set that explicitly as my boot.kernelPackages.
<gchristensen>
musicmatze: thanks I'll report a bug to github
<srhb>
iqubic: as in, linuxPackages_4_19?
<iqubic>
Yes.
<iqubic>
And something with spl and/or zfs is screwed up.
<musicmatze>
gchristensen: feel free to cc me in the bugreport, either on github or via mail
<gchristensen>
thanks
<musicmatze>
where can I upload my screenshot?
o1lo01ol1o has joined #nixos
<gchristensen>
musicmatze: email it to me at graham@grahamc.com ?
<lopsided98>
iqubic: ZFS 0.8 doesn't have a separate SPL package anymore, and the NixOS module was probably not updated to account for this
<musicmatze>
that's the best option obviously
<musicmatze>
thanks
<iqubic>
lopsided98: I see.
<iqubic>
What can I do to fix this?
<iqubic>
Because several people in this community use ZFS and will likely run into the same issue.
<srhb>
iqubic: You can start by creating an issue describing how to reproduce the problem, version of nixpkgs etc. :)
<iqubic>
I'm not sure how one reproduces this issue.
<iqubic>
And I'm not sure how to check my nixpkgs version.
<srhb>
iqubic: Your (minimal, preferably) config that causes the error and the version of nixpkgs should suffice.
o1lo01ol1o has quit [Remote host closed the connection]
domogled has quit [Remote host closed the connection]
<lopsided98>
My explanation is probably completely wrong, because assuming you are on 19.03, zfs is still at 0.7.13
<iqubic>
I am on 19.03
<iqubic>
I also have an unstable channel, but I'm not sure I'm ready to make that my primary channel.
o1lo01ol1o has joined #nixos
<iqubic>
So what can I do to fix this right now?
<ivan>
does anyone have an example for using hydra to build a subset of nixpkgs pkgs? I've been staring at: Jobset contains a job with an empty name. Make sure the jobset evaluates to an attrset of jobs.
o1lo01ol1o has quit [Ping timeout: 258 seconds]
<{^_^}>
[nixpkgs] @abbradar merged pull request #64945 → libglvnd, ocl-icd, vulkan-loader: Remove addOpenGLRunpath where not needed. → https://git.io/fj1Lc
<{^_^}>
[nixpkgs] @abbradar pushed commit from @ambrop72 to staging « libglvnd, ocl-icd, vulkan-loader: Remove addOpenGLRunpath where not needed. »: https://git.io/fjFB2
<iqubic>
But even when I change that to pkgs.linuxPackages_latest; is fails with the same error.
<gchristensen>
yep that'll do it
<ivan>
man, I wish I could use Hydra without understanding what in the world release-lib.nix does
<iqubic>
gchristensen: How can I fix this/
<iqubic>
?
<gchristensen>
use a kernelPackages from stable
<iqubic>
s./.?.
<iqubic>
Ah. I see.
<iqubic>
Why is this issue occurring for me?
<freeman42x>
WAT: Executable named nix-shell not found on path
<gchristensen>
because spl was removed in unstable, when zfs moved it in to zfs itself
<iqubic>
How long will it be until this issue if fixed?
rauno has joined #nixos
<gchristensen>
you can fix it now by using kernelPackages from stable :)
<iqubic>
How do I do that?
<iqubic>
Is there a list of kernels that are in stable?
<iqubic>
Also, when will I be able to pull in a kernel from unstable and have it work?
b has quit [Quit: leaving]
<srhb>
iqubic: That's not something that is ever guaranteed to work.
<Miyu-chan>
marek: Hi. Are you here right now?
<iqubic>
I see.
<iqubic>
so where is the list of kernels available in stable?
<srhb>
iqubic: You can search for linuxPackages_ in all-packages.nix
b has joined #nixos
<Miyu-chan>
marek: I'm interested in finishing https://github.com/NixOS/nixpkgs/pull/53600 but not the other one, since it seems like it will always be insecure. When I get to finishing #53600, I also want to add nixos-generate-config support.
<{^_^}>
#53600 (by adrianparvino, 31 weeks ago, open): nixos/modules/system/boot/stage-1.nix: Add support for mounting files encrypted with luks
<mightybyte>
I've put similar lines in and know they're getting executed because I put some debugging statements, but for some reason it's not working.
<selfsymmetric-mu>
iqubic: Personally I use stable unless I need something fresher. I actually can't wait for October so I can stabilize everything I'm currently using from the unstable channel.
<mightybyte>
The following works: nix-build --option extra-sandbox-paths '/etc/protocols /etc/services'
<mightybyte>
But I'd rather have that specified inside the nix expression. Any idea what might be going on?
jabranham has joined #nixos
<iqubic>
selfsymmetric-mu: I see.
<{^_^}>
[nixpkgs] @ngerstle opened pull request #66843 → Merge pull request #1 from NixOS/master → https://git.io/fjFRt
o1lo01ol1o has quit [Remote host closed the connection]
bakakuna has quit [Ping timeout: 248 seconds]
<gerschtli>
hey everyone! i have got invited to join the nixos github organisation and i am now member of the maintainer team. does anyone know what this enables me to do or maybe why i am invited to join the team? :D
<{^_^}>
[nixpkgs] @AluisioASG opened pull request #66845 → r128gain: init at 0.9.3 → https://git.io/fjFRC
<tilpner>
gerschtli: This was because you maintain packages
<hyper_ch>
and with luks/dm-crypt you don't need lvm either
sondr3 has joined #nixos
slack1256 has quit [Ping timeout: 245 seconds]
<emilsp>
hyper_ch: I know, and even if I've done this what feels like a million times before, I'm very aprehensive and want to follow an easy guide :)
<hyper_ch>
why not just upgrade to zfs? :)
<emily>
incidentally, what do you do if you want encrypted zfs + hibernation, given that swap on zvol doesn't work?
<emilsp>
hyper_ch: encryption is not supported in the stable release, is it :P
<hyper_ch>
just set zfs to unstable and you have native encryption support
<emilsp>
How unstable is it though?
<sondr3>
I'm looking at the nixos-hardware repo for my laptop, what does 'touchpad goes over i2c' mean? It's a comment above blacklisting the psmouse module
<hyper_ch>
I've been using it for a long time
<emilsp>
I'd rather go with ext4 in this case since I don't need a lot of integrity, it's an old laptop, so avoiding extra overhead would be nice.
Lem_ has quit [Ping timeout: 252 seconds]
<hyper_ch>
:)
<hyper_ch>
off to bed now
<emilsp>
have a nice night!
Lem_ has joined #nixos
<emily>
I thought the latest stable zfs had encryption now?
<emilsp>
the upstream stable release supports encryption, yes. That's 0.8
<emilsp>
But it's not yet stable on NixOS.
<emily>
oh, on non-nixos-unstable? I see.
amir has quit [Read error: Connection reset by peer]
<emilsp>
The zfs package containts 0.7.13, and zfsUnstable is for 0.8.1
<__monty__>
emilsp: And if you want to use plain dm-crypt, that's possible too.
<__monty__>
Though lvm is a nice safety-net in that case.
<emilsp>
But I'd be using zfsUnstable, right, tilpner?
<tilpner>
Yes, but zfsUnstable is stable right now
<tilpner>
I know how that sounds
<tilpner>
It might not be stable in the future though, which is what worries me
<emilsp>
__monty__: I think I'll be good with luks :) Just finding out how to setup encrypted swap now so that it's an actual partition rather than a swap file.
<__monty__>
Also, since it's an old laptop wouldn't zfs' RAM hunger be a problem?
stayback has quit [Remote host closed the connection]
<tilpner>
ext4 likes all the memory it can get for caching as well
paroxp has joined #nixos
<paroxp>
I don't suppose that anyone have had an issue with NixOS not setting the permissions for `/tmp` correctly?
<tilpner>
What are the perissions supposed to be, and how are they set on your system?
<emilsp>
tilpner: so you'd wager that it's actually ext4 rather than lusk that pushed my userspace programs out to swap under heavy io to disk?
<emilsp>
__monty__: it's got 16 gigs of memory, but I'm not storing anything too critical here.
boxscape has quit [Remote host closed the connection]
<srhb>
paroxp: 1777 here, which sounds correct to me.
o1lo01ol1o has quit [Remote host closed the connection]
<paroxp>
srhb: yeah, that's what i'd expect
<tilpner>
emilsp: I would expect the page cache to release memory as necessary by user applications, so no, not really
<paroxp>
yet fresh install didn't cover that.
<srhb>
paroxp: Mine is a tmpfs though
<srhb>
paroxp: as in, boot.tmpOnTmpfs = true;;
<tilpner>
emilsp: It's possible it was freeing memory, but just not quickly enough. And I can't think of a good reason for luks to eat lots of memory, so if those two are your only suspect, then yes, ext4
<paroxp>
fair enough srhb :) Thought it would have been the default :D
lord| has quit [Quit: WeeChat 2.5]
shibboleth has quit [Quit: shibboleth]
<tilpner>
16GB are plenty for any filesystem at reasonable disk capacities
<srhb>
paroxp: I'd still consider it a bug if non-tmpfs has the wrong permissions
<srhb>
paroxp: I just meant I can't check right now what the default behaviour is :)
<paroxp>
I see :D
<paroxp>
I'll raise an issue perhaps... Wondered if this was a known thing ;/
<tilpner>
Hold on
<tilpner>
I have boot.tmpOnTmpfs = false, and 1777
<paroxp>
out of ordinary, is the fact I have a /tmp on a separate partition.
<tilpner>
If systemd-tmpfiles somehow runs before everything's mounted properly...
<tilpner>
You can add a dependency, but I'd have to look the specifics up too
<emilsp>
tilpner: it's just that as soon as I'm transferring lots of data, I see that I'm using a lot more swap, and everything slows down to a crawl aside from i/o speeds. I've lived with this behaviour for more than 10 years across multiple distros, so you might be right, it could just be ext4 being a dick about memory
<__monty__>
emilsp: I haven't noticed a performance problem with plain dm-crypt (and lvm and btrfs) on a laptop from 2003.
hmpffff has quit [Quit: nchrrrr…]
hmpffff has joined #nixos
<tilpner>
emilsp: I used to be on keep-swap side, but Linux always managed to swap out 700KB that X really needed. And just those. So eventually I disabled it, and haven't run into issues yet
<emilsp>
__monty__: I usually don't have perf issues per say, it's more of a usability issue - if I'm running somewhat close to my memory limit - having about 20% memory free - and I start a large file transfer, everything hits the fan. And as far as btrfs goes, I've been bitten one too many times.
<{^_^}>
[nixpkgs] @srhb merged pull request #66848 → avro-tools: properly installing the jar file → https://git.io/fjF0v
<__monty__>
emilsp: Not recommending btrfs. Just saying that particular combo hasn't been a problem for me on a 512MB machine. Granted spinning rust so I can't imagine a high encryption load because IO is so slow.
<emilsp>
__monty__: heh, that's fair. This is a t430 with a 512 gig SSD, so not entirely a dinosaur by any means.
<tilpner>
emilsp: On my todo list: Setup swappiness per-cgroup and disable all swapping for essential processes. I think it's possible too
<emilsp>
I think throttling encryption rate or having some sort of a backpressure mechanism in the kernel to throttle i/o if real memory is low is the _real_ solution
<emilsp>
Also, a complex pipe dream
<{^_^}>
[nixpkgs] @worldofpeace merged pull request #64607 → Fix build for gimp-with-plugins against exiv2 0.27.1 → https://git.io/fjP4S
<{^_^}>
[nixpkgs] @worldofpeace pushed 4 commits to master: https://git.io/fjF0H
<{^_^}>
[nixpkgs] @worldofpeace merged pull request #66721 → brave: fix path to brave in *.desktop file → https://git.io/fjdif
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/fjF0p
gxt has joined #nixos
hmpffff has quit [Quit: nchrrrr…]
drakonis has quit [Ping timeout: 252 seconds]
oborot has joined #nixos
<{^_^}>
[nixpkgs] @worldofpeace merged pull request #66847 → wkhtmltopdf: use qt5's own mkDerivation → https://git.io/fjFRd
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/fjFEU
<oborot>
Does anybody know how I can get Nix to re-build a particular package of mine form source? I override the st package with my own local repo, and it doesn't seem to build after the initial rebuild.
<oborot>
Is there a version number or something I can increment to flag to Nix that it needs re-building?
<tilpner>
oborot: That should very rarely be needed. Why do you want to rebuild it?
<tilpner>
oborot: You can pass --check to nix-build, and it'll force a rebuild
<oborot>
The ST is meant to be built form source to change how it's configured
<tilpner>
Yes, I know
<oborot>
I want to rebuild it because I changed something
<tilpner>
What did you change?
<oborot>
Some colours
<tilpner>
And where?
<tilpner>
How do you override st? Do you use fetchgit/fetchFromGitHub?
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/fjFER
__monty__ has quit [Quit: leaving]
o1lo01ol1o has quit [Remote host closed the connection]
lambda-11235 has joined #nixos
fendor has quit [Read error: Connection reset by peer]
dansvo has quit [Remote host closed the connection]
dansvo has joined #nixos
leotaku has quit [Ping timeout: 246 seconds]
<pie_>
i have a solution for this courtesy infinisil <tilpner> emily: But only by setting boot.zfs.enableUnstable, which I fear opts into future updates to unstable versions
<{^_^}>
[nixpkgs] @abbradar pushed commit from @c00w to master « steam: Update dependencies for steamrt »: https://git.io/fjFEK
<pie_>
so ok yeah what you said makes more sense than i originally thought :P
<pie_>
(things adisbladis says usually make sense so i was wondering...(
<{^_^}>
[nixpkgs] @abbradar pushed commit from @c00w to release-19.03 « steam: Update dependencies for steamrt »: https://git.io/fjFE6
<qubasa>
Did someone look into xpra the x11 isolation layer? Because if I try to start the server my main x11 Server quits and I have a blank screen
<iqubic>
adisbladis: Did you seem my questions in #nixos-emacs? I could use some help here.
<qubasa>
Because I wanted to have firejail with xrpa on NixOS
<pie_>
qubasa: i think uhhhh qyliss may know something about that if they're around
<qubasa>
pie_: Thanks for the redirect ^_^
<pie_>
im not _sure_ tho :p
dansvo has quit [Ping timeout: 268 seconds]
<aanderse>
does anyone here run mpd on nixos?
gentauro has joined #nixos
<iqubic>
aanderse: Just ask your question.
<aanderse>
iqubic: thats actually it :\
<aanderse>
i just tried to install it
<aanderse>
it doesn't work
<aanderse>
i look through the module
<aanderse>
it makes sense that it doesn't work
<aanderse>
so... does anyone actually use it? :\
<iqubic>
What errors are you running into? How are installing it.
<iqubic>
?
<aanderse>
services.mpd.enable = true;
<aanderse>
i run pulseaudio
<aanderse>
as a user
<iqubic>
And what errors do you get when trying to use mpd?
<aanderse>
and it looks like mpd as a system service + pulseaudio as a user service doesn't work together out of the box, as documented by several distros
<aanderse>
our module has no special casing to take care of this
<aanderse>
the errors are permissions
<aanderse>
the generated "mpd" user (a system user) can't access pulseaudio as my own user
<aanderse>
which... makes sense
<aanderse>
so i'm just curios if anyone actually uses the module
<aanderse>
because all the errors i'm getting make perfect sense according to several sources of documentation
gentauro has quit [Quit: leaving]
<aanderse>
also... bbiab
<iqubic>
aanderse: If you want to set the user, you can. Use the "services.mpd.user" option.
<iqubic>
it wants the user's name as a string.
<{^_^}>
[nixpkgs] @abbradar pushed to master « fetchurl mirrors: move steamrt mirror to another host »: https://git.io/fjFE7
<aanderse>
iqubic: but i really shouldn't be passing my own personal user as the username there
<{^_^}>
[nixpkgs] @abbradar pushed to release-19.03 « fetchurl mirrors: move steamrt mirror to another host »: https://git.io/fjFEd
<aanderse>
because its a systemd *system* service, not a systemd *user* service
<iqubic>
I see.
<iqubic>
I'm not sure what to tell you.
<adisbladis>
aanderse: If you're using home-manager I'd recommend you to try that mpd module
<iqubic>
adisbladis: Do you have any idea why my home manager config is refusing to build?
Ariakenom has quit [Quit: Leaving]
<lambda-11235>
How do I do `nix-build default.nix` with a different <nixpkgs>?
<lambda-11235>
thanks. Is there someway to also do something like `pkgs.foo // {version="devel"; src = ./.;}` to use a nixpkgs derivation for development.
<pie_>
does anyone else have problems with the home and end keys not working in nix repl
<tilpner>
pie_: Home works, end doesn't
<{^_^}>
[nixpkgs] @Infinisil pushed 0 commits to infinisil-test: https://git.io/fjFuT
<pie_>
home gives me stuff like 1~, end does nothing
<clever>
pie_: ive had that issue as well, havent looked into why yet
<pie_>
its been annoying the hell out of me and i havent looked into it yet either
<pie_>
for like, months
<clever>
pie_: id say start by trying to reproduce it when building nix from git, and then find a version that works and doesnt
<{^_^}>
[nixpkgs] @Infinisil pushed 0 commits to infinisil-test: https://git.io/fjFuL
<pie_>
clever: its fine if you dont feel like it - ill figure it out, any idea where im failing to remove the disallowedreferences on this?: https://bpaste.net/show/k0VL
<pie_>
(requires wxpython 4 to actually run (?) - the end result at least)
<pie_>
also sorry its a huge mess (wip...)
<clever>
pie_: you probably want to set it to [], rather then use remoteAttrs
<pie_>
yeah i was thinking theres probably a better way to do this
xkapastel has quit [Quit: Connection closed for inactivity]
<clever>
behind the scenes, stdenv.mkDerivation will modify the set some, then pass it to builtins.derivation
<clever>
then it will use // to modify the return value, and add a .overrideAttrs function, which an reference the original set
<clever>
so you can re-run builtins.derivation with a modified set
<pie_>
that makes sense i think
<pie_>
ok so youre telling me its not an obscure feature that you can // onto derivations
<pie_>
huh. (ive done that before)
<pie_>
and noone told me
<pie_>
or, well, maybe its obscure, but i didnt know its used in such an everyday thing
<pie_>
lots of magic in nixpkgs
<infinisil>
I think from Nix's evaluation side, a derivation is just an attrset
<pie_>
infinisil: thats kind of why im confused (but im also tired)
<pie_>
infinisil and clever always show up at the same time, im starting to be suspicious they are the same person
<selfsymmetric-mu>
they're horizontally scaling
<infinisil>
Hehe
<samueldr>
having met both of them, I doubt it...
<pie_>
samueldr: whaaat
<clever>
last nixcon
<pie_>
oh i didnt know infinisil was at last nixcon, makes sense
<ryantrinkle>
what could cause the virtual ethernet adapter to reliably fail to come up for just one nixos container (out of several running on the same machine)?
<pie_>
ryantrinkle: is the container running at all? (i imagine yes, but you never know)
<ryantrinkle>
pie_: it started, but then couldn't finish booting due to being unable to access the internet (since the ve- failed to come up)
<ryantrinkle>
then it was terminated for failing to boot in time, i think
<{^_^}>
[nixpkgs] @aanderse merged pull request #66399 → metabase: service module and test → https://git.io/fj7BH
<pie_>
clever: what you said makes me thing the output attrset of a derivation...im having a hard time phrasing this; so how does nix know whats part of the derivation and whats extra arguments
<pie_>
does it save the derivation object and just namespace the set arguments
shibboleth has quit [Remote host closed the connection]
<pie_>
or not even namespace, just save a derivation object and keep it around somewhere tagged to the attrset?
<pie_>
like, this stuff is purely functional, so te only way it can get used is at the end result..
<pie_>
(right?)
<clever>
> let original = { a = 42; }; set = original // { modify = new: original // new; }; in set
<{^_^}>
{ a = 42; modify = <CODE>; }
<clever>
you can now do set.modify { a = 43; } to mutate it
<clever>
or set.modify { b = 43; } to add an attr
<pie_>
im with you so far
sudoforge has quit [Ping timeout: 245 seconds]
<pie_>
ok i think im getting there
<pie_>
yeah no, so is there a .drv attribute that contains the actual derivation or something
<pie_>
and builtins.derivatin just returns args // { drv = thedrv; }
<pie_>
i guess ill need to look into this better at some point