<ToxicFrog>
adelbertc: updating one of my projects to play nice with NixOS, which involves a lot of nixos-rebuild -> test it -> make changes to the source and upload them -> nixos-rebuild...
<ToxicFrog>
Testing in src doesn't help because it's specifically the behaviour once built and installed on a NixOS system that I'm testing.
<samueldr>
ToxicFrog: depending on your setup, can you point `src` (the attribute) to a local folder?
qubasa_ has joined #nixos
Guest66 has joined #nixos
<ToxicFrog>
I can in this specific case, but not always (and doesn't that still want a sha?)
<samueldr>
src = ~/a/full/path; won't
<samueldr>
the sha256 is needed to have access to impure capabilities
<samueldr>
like network access
<samueldr>
(simplified)
<samueldr>
the sha256 is a pinky swear "I say that the output of this build is XYZ, trust me", then you can run different software (like curl)
<samueldr>
a local path doesn't need software to be ran to get it
<samueldr>
hm, might not be the best example since I nested the mkIf one level
<Guest66>
I think that's what I'm looking for.
<samueldr>
it could also have been (mkIf cond { mobile = { /*.../* }; })
Ariakenom has quit [Read error: Connection reset by peer]
growpotkin has joined #nixos
<Guest66>
samueldr: So now I'm doing `config = lib.mkIf cond (lib.mkMerge [ { bla bla } (import ./internal/common.nix) ])`
<Guest66>
Is that too horrible?
<Guest66>
I mean, the import.
<Guest66>
Supposedly to get rid of code repetition.
<samueldr>
what if internal/common.nix was a configuration module that, in the file itself, has the condition. You would then always add `imports = [ internal/common.nix ]`
<Guest66>
I don't think that's possible.
<Guest66>
given `cfg' = config.cartons.encrypted-dns` cond is `cfg'.enabled && cfg'.profile == "cisco"` for the cisco profile.
<Guest66>
for the default profile, cond is `cfg'.enabled && cfg'.profile == "default"`
<samueldr>
with the information I have, I think that should work
<Guest66>
Both use common.nix, so if I was to do it like that I'd have to add a disjunction for each profile in which I require common.nix
<samueldr>
as long as `config.cartons.encrypted-dns.profile` is set
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/JesEE
<Guest66>
Yeah, but then I'd have to `cfg'.profile == "cisco" || cfg'.profile == "default" || ...`.
<Guest66>
That's better?
<Guest66>
Each new profile a new disjunction.
shibboleth has quit [Quit: shibboleth]
<samueldr>
sorry, I think I'm too tired to think about that. Though I will say that I think that using `config = import ./another/file.nix` in the nixos module systems looks like an anti-pattern to me
rntsrtoh^ has joined #nixos
<Guest66>
No problem. :)
<Guest66>
You helped me a lot.
drakonis has joined #nixos
alex``` has quit [Ping timeout: 240 seconds]
freeman42x has quit [Ping timeout: 276 seconds]
<{^_^}>
[nixpkgs] @marsam opened pull request #69273 → xprite-editor: init at 2019-09-22 → https://git.io/JesEa
<aanderse>
anyone have a link to that good example of telling nixos-rebuild to die because the machine is owned by nixops? maybe gchristensen pasted it in a gist or blog post? or someone else?
marusich has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @flokli pushed commit from @talyz to release-19.03 « nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path »: https://git.io/Jeszg
Rusty1 has quit [Quit: Konversation terminated!]
<{^_^}>
[nixpkgs] @flokli pushed commit from @talyz to release-19.09 « nixos/gitlab: Add gnutar and gzip to gitlab-sidekiq's path »: https://git.io/Jesz2
<mojjo>
anyways. the config works only if I build it on my local machine and access via localhost. when built on a remote machine (stage.myserver...) I cannot access port 80.
<Miyu-chan>
Your firewall's closed.
<Miyu-chan>
networking.allowedTCPPorts = [ ... ];
<Miyu-chan>
idk how to feel about that. Methinks that all networking services should set allowed{TCP,UDP}Ports by default, b utthey don't.
<Miyu-chan>
Am I missing some security reason for this?
<srhb>
Well, yes, the reasoning is that you need to make an explicit rule.
<Miyu-chan>
Now that I think about it, I actually don't know how nginx resolves hostnames.
<Miyu-chan>
Because it works with localhost even if I don't have an explicit hostname for it.
<srhb>
It does have a default virtualhost
<srhb>
I don't recall if it's enabled by default
<srhb>
(It doesn't "resolve" anything, just looks at headers, iirc)
<Miyu-chan>
Oh, I don't mean DNS resolution.
<Miyu-chan>
I meant more like "figure out which vhost to choose."
<srhb>
Ah. :) Overloaded terms...
<Miyu-chan>
Yep. :P
<srhb>
Yeah, just the host header
<Miyu-chan>
Right, but how about `curl localhost`
<srhb>
if localhost is a vhost, then that, else if default vhost that accepts any hostname, then that..
<Miyu-chan>
Oh.
<srhb>
(For the server listening on that port)
<Miyu-chan>
Right. Yeah, I think I get it now.
rmeis has quit [Ping timeout: 250 seconds]
<srhb>
So you can do stuff like curl -H "hostname: foo.bar.com" localhost and trigger a different vhost if need be
<Miyu-chan>
Oh cool. Tangential, but network devices seem to be nicely modelled as subsystems of the computer, rather than representing the computer itself. It'd at, the very least, explain why NAT is not free.
lordcirth has quit [Read error: Connection reset by peer]
<Miyu-chan>
Free, not in price, but "logically follows."
lordcirth has joined #nixos
<srhb>
Yeah. A lot of networking is very well-designed and horribly abused anyway. :-)
lordcirth has quit [Remote host closed the connection]
<Miyu-chan>
:D I've really been meaning to learn networking, but the implementations just break me.
<Miyu-chan>
Like, networking makes sense declaratively.
<Miyu-chan>
You can, idk, represent them as a graph.
lordcirth has joined #nixos
<Miyu-chan>
But iptables, iproute, etc. just seem so confusing.
<srhb>
"The internet is just a series of (mutating) graphs"
<mojjo>
checked the logs now, and surprise: "Failed to start Nginx Web Server."
<srhb>
mojjo: Neat :)
<srhb>
mojjo: The error log may make things clearer.
<Miyu-chan>
Oh god. Don't even get me started on the internet. Like, the negotiation protocol. BGP-XX or smth.
<Miyu-chan>
Sometimes, I'm surprised that the internet works.
<srhb>
Miyu-chan: bgp is great :P
<Miyu-chan>
Oh, BGP does not have a prefix.
<Miyu-chan>
I was mixing BGP and BCP lol, but yeah, BGP is the word.
<Miyu-chan>
s/prefix/postfix/
<srhb>
Miyu-chan: (There' iBGP and eBGP for instance)
<mojjo>
actually even on switching the config I get "Failed to start Renew ACME Certificate for stage.myserver.de."
<Miyu-chan>
Oh no. To the rabbit hole I go.
<mojjo>
"There were too many requests of a given type :: Error creating new registration :: too many registrations for this IP:
<srhb>
Miyu-chan: The worst thing about networking for me is that everything lower than level 3 is a mystery to me :P
<srhb>
mojjo: Hmm, sounds like you hit a rate limit?
<mojjo>
and in the nginx logs, something like " nginx: [emerg] could not build server_names_hash, you should increase server_names_hash_bucket_size: 32"
<Miyu-chan>
That's weird.
<srhb>
It's not.. Long virtualhosts will do that
<srhb>
It's unfortunate though :P
<Miyu-chan>
Oh.
<srhb>
The error message is accurate, however, so there's that...
<Miyu-chan>
> If a large number of server names are defined, or unusually long server names are defined
<{^_^}>
error: syntax error, unexpected ',', expecting ')', at (string):264:46
<Miyu-chan>
Why does the bucket size depend on server name length?
<Miyu-chan>
Also, I might move my questions to #nixos-chat. :P
<srhb>
Speed, I guess..
hyper_ch2 has joined #nixos
ng0 has joined #nixos
<mojjo>
If I disable addSSL and enableACME, there is no error on rebuilding, If I login to the remote machine via ssh: niginx is not started
<srhb>
mojjo: Just increase the parameter it mentioned to 64 :)
hyper_ch2 has quit [Remote host closed the connection]
adelbertc has quit [Quit: Connection closed for inactivity]
aswanson has quit [Quit: WeeChat 2.4]
<MasseR>
I'm trying to update my machine but i got an error 'Linux v5.3 is not yet supported by zfsonlinux v0.8.1', but I don't have anything zfs on my machine (explicitly). Is there a way to see what config / app is causing this?
<{^_^}>
#69240 (by rndd-AK, 22 hours ago, closed): Try zfsUnstable or set the NixOS option boot.zfs.enableUnstable.
Ariakenom has joined #nixos
hyper_ch2 has joined #nixos
wfranzini has joined #nixos
fusion809 has quit [Remote host closed the connection]
<srhb>
MasseR: Maybe what I said was wrong. The entire package might indeed not evaluate at some point, but since a config would only touch what it needs, zfs should not pose an issue if you don't use it.
<srhb>
That sounds more sensible to me, in which case it does sound like a nixos bug, not a nixpkgs one.
<srhb>
So we should check when kernel-latest started failing in the nixos tests.
<mojjo>
one more nginx issue: `basicAuth = { user = "abc"; };` that works, well but `basicAuthFile` does not. I created one with `htpasswd -c ... user` but the server gives me a 500.
<{^_^}>
[nixpkgs] @Mic92 merged pull request #67268 → kernel: set POWERCAP and INTEL_RAPL → https://git.io/fjNYI
asymptotically has quit [Remote host closed the connection]
asymptotically has joined #nixos
johnw has quit [Ping timeout: 264 seconds]
nikola_i has joined #nixos
noudle has joined #nixos
johnw has joined #nixos
pie__ has joined #nixos
eon2 has quit [Ping timeout: 250 seconds]
pie_ has quit [Ping timeout: 240 seconds]
rsoeldner_ has joined #nixos
<WilliamHamilton>
domenkozar[m] thanks, 8.4.3 is indeed not in nixpkgs now, but I have it in a nix-shell generated by some project; could I use that nix-shell to compile ghcide myself there, maybe jailbreaking hie-core in the process? Or is that approach doomed to failure?
asymptotically has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @Mic92 opened pull request #69285 → systemd: make sysinit.target depend on local-fs.target again [backport] → https://git.io/Jesah
nikola_i has joined #nixos
FRidh has quit [Ping timeout: 276 seconds]
sigmundv has joined #nixos
<JaakkoLuttinen[m>
When enabling gnome keyring, it seems to be run as `gnome-keyring-daemon --start --foreground --components=secrets`. How could I add `ssh` to the components? I'd like to use gnome keyring as my ssh agent so it can unlock my ssh keys on login.
<JaakkoLuttinen[m>
I tried searching nixpkgs but I couldn't find where this command is defined.. Perhaps it's some internal default inside gnome keyring package itself..
<JaakkoLuttinen[m>
Or how could I unlock my ssh private keys on login?
<Mic92>
There themes to be a deskopt file for ssh in the package.
<Mic92>
I assume you need to put this into your autostart of your desktop manager.
<Mic92>
All it does is: Exec=/run/wrappers/bin/gnome-keyring-daemon --start --components=ssh
dermetfan has joined #nixos
<eyJhb>
Can anybody answer me, if NixOS stops the old systemd .service before it switches to the new config? E.g. I have some "extraStopCommands" which needs to run on the current configuration, as it matches the startCommands, but if I nixos rebuild switch, will it stop/restart the service with the new config, or do old config stop, new config start?
jgt has joined #nixos
<syd>
I'm a beginner too, but I think it depends on whether your services have `WantedBy = [ "multi-user.target" ]`
<syd>
s/too//
fendor has joined #nixos
mgdm has left #nixos ["WeeChat 1.4"]
Synthetica has joined #nixos
<eyJhb>
syd: shouldn't make a difference regarding that, as still leaves the question unsovled regarding pre and post, or only post
rsoeldner_ has quit [Remote host closed the connection]
rsoeldner_ has joined #nixos
k41 has quit [Ping timeout: 264 seconds]
<syd>
huh, ok, ignore me. Not experienced with these matters ;)
LysergicDreams has quit [Ping timeout: 246 seconds]
jgt has quit [Ping timeout: 252 seconds]
<eyJhb>
syd: it's alright :p It is also somewhat a edge case, or.. I am not sure HOW MUCH of a edge case it is, seeing as there are a lot of scenarios where you would want pre build services to stop, if they are not in the post build
LysergicDreams has joined #nixos
veske has quit [Quit: This computer has gone to sleep]
<{^_^}>
[nixpkgs] @Mic92 merged pull request #69285 → systemd: make sysinit.target depend on local-fs.target again [backport] → https://git.io/Jesah
<{^_^}>
[nixpkgs] @Mic92 pushed 3 commits to staging-19.09: https://git.io/JesV5
o1lo01ol1o has joined #nixos
veske has joined #nixos
<JaakkoLuttinen[m>
Mic92: ok, thanks. but i'm still wondering where this current gnome-keyring command comes from.. doesn't seem to be coming from the desktop files. so i wonder where it's defined and if i could modify that..
<JaakkoLuttinen[m>
seems to be defined in the package's dbus stuff
<c0c0>
when installing nixos according to the installation manual, when creating partitions, i get "The resulting partition is not properly aligned for best performance." what does that mean?
<clever>
c0c0: if a filesystem is using 4kb blocks, and your physical drive is also using 4kb blocks, but your partition starts at an offset line 5kb in
<clever>
c0c0: then every 4kb write, involves reading 8kb, modifying a 4kb substring, then writing 8kb back out
<clever>
which just ruins performance
<clever>
you need to delete and remake the partitions with a better offset
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
jgt has joined #nixos
hoijui has quit [Quit: Leaving]
hmpffff has quit [Quit: nchrrrr…]
rsoeldner_ has joined #nixos
yuken has joined #nixos
<yuken>
Hallo. I'm thinking of trying NixOS as a primary desktop, but I'm still not completely sure how the Nix language works, I just can't wrap my head around it.
<emily>
using it in anger is a good way to slowly come to understand it :)
<Miyu-chan>
Think Lisp + functional programming language
<emily>
are you familiar with any other functional programming languages?
<Miyu-chan>
Has a prominent data structure(attrsets).
<yuken>
Never used Lisp or a functional programming language. The languages I know the best are probably just Rust, JS, C#, and (gasp) BYOND.
<Miyu-chan>
Oh RIP.
<yuken>
So the syntax is just very confusing to me.
hmpffff has joined #nixos
<emily>
Rust and JS hvae enough functional elements that you'll probably be able to pick it up
<emily>
but it might be a bit of a mindbending experience :)
orivej has quit [Ping timeout: 245 seconds]
rsoeldner_ has quit [Ping timeout: 265 seconds]
<yuken>
When I tried out Nix a while back, I had issues with compiling a lot of stuff because... as you can imagine, there is nothing standard about Nix
<emily>
if you're inclined, it might be a good idea to learn a functional language like haskell or ocaml a bit to get a better grounding in the basics
<emily>
but you don't need super deep knowledge of nix to use nixos, really
<emily>
it does help though.
<clever>
emily: i went the other way, i learned nix first (and read the c++ that powers it), before fully learning haskell!
<yuken>
Also, does the Nix package manager work at all under any BSD?
hmpffff has quit [Quit: nchrrrr…]
<Miyu-chan>
Does macOS count? /s
zupo_ has joined #nixos
<emily>
rawtaz: more or less
<emily>
hm, I'm surprised wiktionary doesn't seem to have an article for it
<emily>
apparently it's a Britishism
<emily>
I feel like I see it fairly frequently in programming circles
<rawtaz>
dang. so when they leave the EU, the rest of us still in the EU wont be allowed to use it
<rawtaz>
yeah
<yuken>
I only recently learned what anonymous/lambda functions were, I was using them in a game I wrote in C# which was a Dictionary<String, Func>, because I was trying to create class instances from a string. But so far, I don't see anything I don't understand infinisil, thanks for linking that.
<Taneb>
emily: I feel like I've only seen it in programming circles
<syd>
Does anyone here know any of the details in `text`?
<syd>
I'm having the weirdest problem:
zupo has quit [Ping timeout: 252 seconds]
<rawtaz>
to me it's more like using something, you never took the time to dig into and understand, because you really need to because something else sucks (hence in anger)
<syd>
Data.Text.split (== \n) "\55810"
<syd>
["\65533"]
<infinisil>
syd: This is not the haskell channel
<syd>
whoops
<syd>
my mistake
<infinisil>
Np :)
<Miyu-chan>
lol
kcalvinalvinn has quit [Remote host closed the connection]
stalker254[m] has left #nixos ["User left"]
kcalvinalvnn has joined #nixos
rsoeldner_ has joined #nixos
zupo_ has quit [Ping timeout: 276 seconds]
<yuken>
infinisil: Okay, that... was actually a great introduction. The official Nix docs always screwed with me, but so far that seems incredibly simple.
<infinisil>
Props to the author tazjin++ :)
<{^_^}>
tazjin's karma got increased to 14
<tazjin>
yuken: thanks! if there's something in it that's unclear, please file a bug! :)
<yuken>
I assume fetchGit isn't gonna fetch just from GitHub, but any git repository?
<Miyu-chan>
Yes.
<clever>
yuken: behind the scenes, its just running `git fetch`, so it can use anything that git uspports
<Taneb>
yuken: correct
hmpffff has joined #nixos
<Miyu-chan>
Also, I just realized that fetchGit is just straight up morally correct. Git is immutable, so Nix can manage it without loading to /nix/store, allowing successive git calls to it.
<Miyu-chan>
Or smth.
<Miyu-chan>
As opposed to just calling in a derivation.
<clever>
Miyu-chan: fetchGit can be ran on branch names, which is impure
fendor has joined #nixos
<Miyu-chan>
Oh. True.
<clever>
fetchGit is also single-threaded, and pauses the eval while fetching, so it harms performance
<clever>
pkgs.fetchgit will happen in a builder child, and can run in parallel
<Miyu-chan>
Is it because fetchGit is a Nix builtin, and Nix doesn't have parallel evaluation yet?
<Miyu-chan>
Great, now I'm reflecting on my statement. ; ;
<clever>
Miyu-chan: yeah, the builtins and all eval-time things are single-threaded
rsoeldner_ has quit [Ping timeout: 252 seconds]
<Miyu-chan>
Hm, I wonder how hard it'd be to jam in cooperative multitasking.
<Miyu-chan>
This reminds me that I tried to do privilege escalation using SSH through Nix-daemon but realized that all SSH commands are done through your user.
<eyJhb>
infinisil: was more thinking PRs, not a issue, but guessing it is currenlt manual work?
<eyJhb>
Would be interesting to see, if we have any duplicates
<infinisil>
Well you can also search for PRs
<eyJhb>
Yeah, but doing 1.400~ manually, to check for duplicates would not be fun
<infinisil>
eyJhb: Use the search function!
<ajs124>
eyJhb: there's even duplicates for inits of packages. I know because I created one, because I forgot to search.
<eyJhb>
infinisil: how would you search?
<infinisil>
eyJhb: Can you not see the field above the PR list where you can enter stuff?
<eyJhb>
If I want to know for ALL the opened PRs currently, if there are CURRENTLY any dubs
<eyJhb>
Not for a new one
<infinisil>
Ohh, you want to check for duplicates generally without a specific package in mind?
<infinisil>
Not sure why you'd want that, but no I don't see an easy way to do so
<eyJhb>
Yeah, not for a new one :p Sorry for the confusion. - To see if we could close some PRs, no reason for them to stand as open, if e.g. we have a package with version 1.2.3, but there is a PR to "update" it to 1.2.0, or we have two PRs, where one updates it to 1.2.1, and another 1.2.4
hyper_ch2 has quit [Remote host closed the connection]
mexisme has quit [Ping timeout: 246 seconds]
craige has joined #nixos
<symphorien>
yuken: for rust there is alternatively the mozilla overlay
drakonis_ has joined #nixos
<Yaniel>
considering that a bunch of the tooling expects rustup to be available so it can change toolchains on the fly it's probably easier to install rustup from nixpkgs and let that do the rest
<Yaniel>
unless you don't use any such tools of course
rople has quit [Ping timeout: 268 seconds]
<yuken>
I'll probably grab rustup then, I was just making sure it had no real issues.
<Yaniel>
not really beyond it doing everything in your home directory as usual
__monty__ has joined #nixos
__monty__ has joined #nixos
__monty__ has quit [Changing host]
drakonis has quit [Ping timeout: 246 seconds]
drakonis_ has quit [Read error: Connection reset by peer]
<Yaniel>
i.e. stuff will be per-user and stored in ~/.cargo instead of shared across the system
<{^_^}>
[nixpkgs] @globin pushed 3 commits to release-19.09: https://git.io/JesKU
Synthetica has quit [Quit: Connection closed for inactivity]
growpotkin has joined #nixos
chiefgoat has joined #nixos
<{^_^}>
[nixpkgs] @fpletz opened pull request #69295 → nixos/systemd: pick more upstream tmpfiles confs → https://git.io/JesKG
<eyJhb>
WOndering, is there any reason why the firewall does not purge any previous configuration on start?
<gchristensen>
it tries to, but is not 100% thorough
<eyJhb>
Not trying to be mean, but it tries very very badly. It doesn't remove 99% of rules
<eyJhb>
As far as I could see yesterday at least
<eyJhb>
Tried setting networking.firewall.enable from true to false, and did a switch, had all the same rules pretty much. Resolved it by rebooting
<eyJhb>
But might need to test it again, from what you are saying :D
<gchristensen>
are you doing custom rules?
<eyJhb>
I had custom rules yes, but I would still expect it to remove the rules it added itself
<gchristensen>
the port forwards and whatnot are all cleanly managed in my experience
<gchristensen>
but yeah, overall it doesn't do a great job at this. I think othre firewall implementations make it much easier, but iptables is very difficult to manage iirc
<gchristensen>
like nftables, for example, I think, has a much nicer atomic update thing
<tilpner>
fern was also mentioned in this context
<eyJhb>
Yeah, it is.. I was thinking if it should just do a purge on everything in iptables on start, as everything should be managed in NixOS anyways
<clever>
eyJhb: the issue is more that, if you change the rules, the firewall script gets restarted, and applies the changes
<clever>
eyJhb: but if you disable the firewall, it just doesnt re-run the firewall service
<gchristensen>
well no I don't want a purge, I want an atomic switch
<clever>
and the stop entry is configured to not turn things off, because you dont want a restart to leave you without a firewall
<gchristensen>
purging screws up my services and breaks things for the time it takes to switch
<clever>
its expecting the start to overwrite for you
<eyJhb>
clever: but shouldn't it still run the stop function before the switch?
<clever>
eyJhb: what i just said
<eyJhb>
Sees like it generally is a bigger issue
<eyJhb>
I really just hated working with it, as it isn't atomic like you would expect it to be (being a part of NixOS and all)
<gchristensen>
+1
<clever>
eyJhb: there are a lot of edge cases with rebuild switch
<eyJhb>
Also, I have opened this issue #69265, because I think there is a bug with the extraCommands, I think they should run before any drop/reject, as the description states
<clever>
and the tests cant easily test that, because you have to build 2 configs, boot one, switch to the 2nd, then confirm state
<clever>
eyJhb: if you set extraCommands multiple times, the order when it merges things isnt always obvious, and is based on the order of things in the imports array
<clever>
eyJhb: in my case, the commands where being ran before nixos-fw-accept had been created, causing failure
hyper_ch2 has quit [Remote host closed the connection]
<clever>
using mkAfter fixes that
<eyJhb>
Ahh, yeah, but in this case with the `raw`, you have no way of adding before the drop as far as I can see
rauno has quit [Ping timeout: 240 seconds]
jgt1 has joined #nixos
<clever>
eyJhb: i believe the drop only happens after it has tried nixos-fw-accept
<clever>
and nixos-fw-accept has no default, so you can append more to it
jgt has quit [Ping timeout: 245 seconds]
<eyJhb>
So, what would you suggest that doesn't involve adding before rpfilter -j DROP?
<eyJhb>
But also either way, I would expect it to add it before the -j DROP from that description
<clever>
eyJhb: have you looked at the example router.nat.nix i linked above?
<eyJhb>
Basically, before any reject rules are setup
<eyJhb>
Yeah, but I am not into iptables enough to know the firing order :p
<{^_^}>
[nixpkgs] @aanderse opened pull request #69297 → nixos/zabbixServer: move pid file from default (/tmp) to /run/zabbix … → https://git.io/JesKo
jonringer has joined #nixos
<clever>
eyJhb: run `iptables-save`, look under `*filter` and look at the `-A input` area, all packets start there
<clever>
-A INPUT -j nixos-fw
<clever>
in my case, `-A INPUT` only has a single entry, that tells it to run thru `-A nixos-fw` next
Makaveli7 has quit [Quit: WeeChat 2.6]
<clever>
i dont know why (from -save only) but this line appears after the 3 `-t filter -A nixos-fw` in my router.nat.nix
<clever>
-A nixos-fw -j nixos-fw-log-refuse
<clever>
which says that anything not matching a thing in `nixos-fw` will go to `nixos-fw-log-refuse`
<eyJhb>
Yeah? But what are you saying is the equivalent to what I am doing in that issue?
<clever>
eyJhb: id have to read it closer to see what exactly is different with the rp stuff
c0c0 has quit [Ping timeout: 252 seconds]
<eyJhb>
Might sound rude, but does it matter what it does? Having to remove the -j DROP, to insert whatever one might need, to readd it, seems like something that shouldn't be done
<eyJhb>
In any case
<clever>
eyJhb: there is also -I to insert at a given offset if you want to use that
domogled has joined #nixos
c0c0 has joined #nixos
<eyJhb>
That sounds like something that could be useful! But in general, it seems that firewall/nat could use a makeover, to make it "better"
<clever>
yeah
<eyJhb>
But not by me, I would screw it up so badly
<clever>
it should support allowing a port on a given interface, without having to use extraCommands
<clever>
id also love to set it use iptables-restore
<das_j>
clever: Dare to look at the nftables implementation of ajs124 and me? :P
<eyJhb>
I am just glad my router works now. Everything is NixOS now! Except my Unifi AP, Chromecast and Phone (counting on you samueldr )
<clever>
the reason, is that the kernel is using RCU lists for the firewall, read-copy-update
<eyJhb>
das_j: link?
<samueldr>
eyJhb: I wouldn't hold my breath for the chromecast
<clever>
any time you modify the rules, you must copy the entire table, (and modify the copy), then update a single pointer
<clever>
and any packets that arrive after the pointer-update will use the new rules
<clever>
but, copying that table, gets slower, every time you add a rule
<clever>
so if you run `iptables -A` 20 times, the 20th call is 20x slower then the 1st call
<gchristensen>
lol
<clever>
cat ${something} | iptables-restore, will do the entire update, many rules, in a single atomic operation
<gchristensen>
can we reverse engineer the restore format and generate it in Nix?:)
<clever>
the problem, is that you have to generate output similar to `iptables-save` from nix, and then use that
<clever>
gchristensen: but, that conflicts with extraCommands, and a lot of junk wants to use bash loops to run iptables multiple times
<gchristensen>
aye
<clever>
gchristensen: some services like fail2ban also mutate the rules, on the fly
<clever>
docker might also do something, cant remember
<gchristensen>
definitely
<gchristensen>
docker does all sorts of stuff
<eyJhb>
samueldr: holding my breath for the phone part mosly :p
<das_j>
eyJhb: Also as a disclaimer: Docker, libvirt and friends all use iptables, so this breaks
<eyJhb>
das_j: most things hurt already
<clever>
gchristensen: basically, each table is just a `*nat` line, some update operations, and a `COMMIT` line, and everything is applied atomicly
<clever>
:PREROUTING ACCEPT [20006224:1592249935]
<das_j>
eyJhb: me_irl
<eyJhb>
Ohh, brothers then das_j ;) :p
<{^_^}>
[nixpkgs] @peterhoeg opened pull request #69300 → nixos/home-assistaant: set bluetooth perms → https://git.io/Jes6Y
<clever>
gchristensen: this is setting the default target for the chain, and the numbers are packet and byte counters, if you wanted to save them on shutdown and restore on bootup
<clever>
-A PREROUTING -j nixos-fw-rpfilter
<clever>
gchristensen: the rest, is just a partial iptables argument list, with the `-t raw` omitted
<clever>
the original use for save&restore, was to just save at shutdown, then restore on bootup, so your firewall becomes a giant mess of state, that just persists thru reboots, lol
<eyJhb>
Well, sometimes something is better than nothing
<eyJhb>
But not really
<c0c0>
i enabled "services.openssh.enable = true" and set up a user with "openssh.authorizedKeys.keys", and now i can ssh into the NixOS machine remotely. however, when i do so, the backspace key doesn't work properly. the cursor moves to the right instead of to the left when i hit backspace. any hints what could be the problem?
<clever>
but nothing says you cant declaratively generate a fake "state" and restore it on bootup
<ajs124>
das_j: that's not bad. there's always nixdroid :P
<das_j>
yeah, I don't like the developers either
<clever>
c0c0: what does `stty` say about `erase` ? on both the local machine, and after you ssh into the remote
<alexarice[m]>
c0c0: in the past I've had problems with $TERMINAL (I think) being set to the wrong value which causes problems
<c0c0>
just noticed i don't have this problem using xterm. i only have it when i use termite
<c0c0>
when i use termite, then $TERM is 'xterm-termite' both locally and after ssh-ing into the machine
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
mexisme has quit [Ping timeout: 250 seconds]
veske has quit [Quit: This computer has gone to sleep]
Tucky has joined #nixos
<c0c0>
not sure what's the problem with termite and ssh
veske has joined #nixos
<eyJhb>
c0c0: export TERM="vt100"
<eyJhb>
Is what I normally do, I use urxvt
<c0c0>
eyJhb: locally?
<eyJhb>
When SSH'ed into the host
o1lo01ol1o has quit [Remote host closed the connection]
<eyJhb>
I have actually just set it is a environment variable on my NixOS machines I SSH into :p
<eyJhb>
Couldn't care less, just want it to work
o1lo01ol1o has joined #nixos
<gchristensen>
I'm trying to package Net::Prometheus for nixpkgs. at build time, after patching a few files, I get an error: Can't open perl script "Makefile.PL": No such file or directory -- anyone know anything?
<c0c0>
eyJhb: that works
<eyJhb>
c0c0: I would just go with that :p
orbekk1 has quit [Quit: WeeChat 2.4]
orbekk has joined #nixos
orbekk has quit [Client Quit]
orbekk has joined #nixos
o1lo01ol1o has quit [Ping timeout: 240 seconds]
hmpffff_ has quit [Quit: nchrrrr…]
turion has joined #nixos
k41 has quit [Remote host closed the connection]
joehh has quit [Ping timeout: 245 seconds]
bgamari has quit [Ping timeout: 240 seconds]
<aleph->
Something breaking with iptables?
syd has joined #nixos
hyper_ch2 has joined #nixos
<{^_^}>
[nixpkgs] @peterhoeg opened pull request #69301 → check-openvpn: init at 0.0.1 → https://git.io/Jes6N
hmpffff has joined #nixos
<exarkun>
using <nixpkgs/nixos/tests/make-test.nix> it seems like VM disks are re-used... including side-effects from previous runs? ack?
veske has quit [Quit: This computer has gone to sleep]
bgamari has joined #nixos
<gchristensen>
do you have like qcow.whatever files in ./ ?
<exarkun>
I don't seem to
<gchristensen>
how about /tmp ? I don'tremember exactly, but if you run them at the CLI (as opposed to being in an nix-build, they'll reuse state)
<exarkun>
hm yea it might just be the `-A driver` case
dansho has quit [Ping timeout: 268 seconds]
dsx has quit [Quit: dsx]
<exarkun>
there are qcows in various /tmp/vm-state-<machine> directories, yea
<DariusTheMede>
I'd like to have my own cache on the shared machine for which I do *not* have sudo
<exarkun>
okay maybe my problem is misunderstanding what `execute` does
johanot has joined #nixos
<exarkun>
and how perl works in general
zacts has joined #nixos
chiefgoat has quit [Ping timeout: 265 seconds]
<davidtwco>
Is anyone aware of an issue using mosh on 19.03? Using `programs.mosh.enable = true;`. When I connect, I get the following message:
<davidtwco>
zsh:1: command not found: mosh-server
<davidtwco>
/nix/store/fzjr4vfv9vblvc731mg79s11zpbaq0wb-mosh-1.3.2/bin/.mosh-wrapped: Did not find mosh server startup message. (Have you installed mosh on your server?)
<davidtwco>
Connection to $host closed.
<exarkun>
`my $log = $machine->execute(...);` is wrong because execute returns two values and that assignment just drops the 2nd, which is the actual output
<gchristensen>
davidtwco: you need to enable mosh on the remote server too, did you do that?
<davidtwco>
gchristensen: yeah, they both have programs.mosh.enable = true;
hmpffff has quit [Ping timeout: 245 seconds]
<davidtwco>
I found #25835 on GitHub that seems like a similar-ish issue but with fish.
<{^_^}>
https://github.com/NixOS/nixpkgs/pull/25835 (by therealpxc, 2 years ago, merged): Fish: source NixOS environment on non-login shells + source shell init on NixOS even when parent shell has done so
<davidtwco>
(oops, that's the PR that fixed it, #25789)
<karetsu>
how do I unlock the gnome keyring when I log in with lightdm without logging in to gnome? I'm looking in security.pam but it seems there are a billion options
<karetsu>
ah found it
o1lo01ol1o has joined #nixos
dsx has joined #nixos
drakonis_ has quit [Ping timeout: 245 seconds]
<DariusTheMede>
I am trying nix-shell -I nixpkgs=../nixpkgs --option substituters ""
<DariusTheMede>
But I think something is still trying to get something from the network
<eyJhb>
Anybody have a better way of getting a package version than `nix eval --raw nixpkgs.poppler_utils.version` ? As that syntax is having a hard time with poppler_utils, plex, etc.
xkapastel has quit [Quit: Connection closed for inactivity]
<DariusTheMede>
clever: what should my host be? I am on macos but the machine to which I wish to copy is x86_64 GNU/Linux
<DariusTheMede>
Will that still work?
<waleee-cl>
quick question, has nixos-unstable moved to gcc 8 for some packages?
<clever>
DariusTheMede: you would run `nix-copy-closure --from host` on the destination
<clever>
DariusTheMede: and `host` is the machine that did have internet access, and has a copy of the thing
fusion809 has joined #nixos
* DariusTheMede
thinks this sounds like magic
<DariusTheMede>
or witchcraft
<clever>
DariusTheMede: it copies storepaths from one machine to another, both machines need nix installed
Ariakenom_ has quit [Remote host closed the connection]
<clever>
DariusTheMede: they dont have to be the same os, and you can have binaries from the "wrong" os in your /nix/store/
Ariakenom__ has joined #nixos
<waleee-cl>
Anyone got a hunch on how long qt takes to compile? (on a fairly new core i5)
<DariusTheMede>
bash: nix-store: command not found
<DariusTheMede>
Yet nix-store seems to be on both the source and destination hosts
<tilpner>
DariusTheMede: ssh DariusTheMede@Persia nix-store --version gives you a version number, right?
<DariusTheMede>
nix-copy-closure (Nix) 2.2.2
<tilpner>
No, run the ssh thing
asymptotically has joined #nixos
<DariusTheMede>
bash: nix-store: command not found
<tilpner>
Does your shell config set PATH, so that nix-store can be found?
<tilpner>
(Because that will not happen via ssh)
<tilpner>
(At least, not the login shell parts)
iqubic has quit [Ping timeout: 250 seconds]
o1lo01ol1o has joined #nixos
Ariakenom__ has quit [Ping timeout: 276 seconds]
<DariusTheMede>
I have if [ -e /home/dominic.steinitz/.nix-profile/etc/profile.d/nix.sh ]; then . /home/dominic.steinitz/.nix-profile/etc/profile.d/nix.sh; fi # added by Nix installer in .bash_profile
<tilpner>
DariusTheMede: I suspect that is not being executed here
jgt has quit [Ping timeout: 246 seconds]
<DariusTheMede>
tilpner: any suggestions on what I could do?
<exarkun>
If I define a function `{ pkgs, ... }: ...` then, eg, callPackages will automatically pass `pkgs` to it
<exarkun>
If I define a function `args: thatFirstFunction args` then, eg, callPackages will not automatically pass pkgs to it
<exarkun>
How do I insert higher-order behaviors in this context?
<tilpner>
DariusTheMede: I'm not too familiar with bash, SE suggests this is read. Is this from your .bash_profile on localhost or Persia?
<emily>
exarkun: I sometimes do { pkgs, ... } @ args: as a workaround
<emily>
not ideal, I know
wfranzini has quit [Remote host closed the connection]
<DariusTheMede>
I assume on Persia
<exarkun>
darn :/
<tilpner>
DariusTheMede: You assume?
Guest66 has joined #nixos
<DariusTheMede>
tilpner: I don'
<DariusTheMede>
t know how to check
<DariusTheMede>
Oh sorry
<DariusTheMede>
What I posted is from Persia
<tilpner>
DariusTheMede: And when you login interactively, this adds nix-store to your PATH properly?
<DariusTheMede>
My localhost is macos and doesn't use .bash_profile
<tilpner>
As that same user
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
<clever>
DariusTheMede: on darwin, you must mess with .bashrc in the home dir
<{^_^}>
[nixpkgs] @eraserhd opened pull request #69304 → osxsnarf: init at 0.1.0 → https://git.io/JesPB
<clever>
DariusTheMede: darwin's bash will never run a global file from /etc when doing non-interactive ssh
mexisme has joined #nixos
<tilpner>
DariusTheMede: This is about the host "Persia". We don't know what OS it runs
<DariusTheMede>
clever: on Persia or on my local macos computer?
<DariusTheMede>
I assume Persia
<clever>
DariusTheMede: on the remote machine, from `ssh remote nix-store --version` when it fails
growpotkin has joined #nixos
mexisme has quit [Ping timeout: 252 seconds]
<DariusTheMede>
copying 1933 paths...
<DariusTheMede>
Time for my hot chocolate
<tilpner>
DariusTheMede: What did you change?
<DariusTheMede>
thanks clever and tilpner
lockshaw_ has joined #nixos
rouma has joined #nixos
<DariusTheMede>
I put f [ -e /home/DariusTheMede/.nix-profile/etc/profile.d/nix.sh ]; then . /home/DariusTheMede/.nix-profile/etc/profile.d/nix.sh; fi # added by Nix installer in .bashrc
DariusTheMede has quit [Ping timeout: 245 seconds]
<rizary_>
hi.. when I enter into nix-shell with `-p docker`, and try to load with `docker load i ...`, i got an error: `Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?`
<clever>
rizary_: you need to enable docker in configuration.nix to get the daemon running
<DariusTh`>
This gave me /nix/store/k24zjshzcp0s1ps0q6c0n188qbgmgxp2-jupyter-R-kernel.drv
<DariusTh`>
And on my macbook I did nix-copy-closure --to DariusTheMede@Persia /nix/store/k24zjshzcp0s1ps0q6c0n188qbgmgxp2-jupyter-R-kernel.drv
nalck has quit [Quit: nalck]
jgt has quit [Ping timeout: 276 seconds]
shibboleth has joined #nixos
<DariusTh`>
But running that derivation (https://pastebin.com/Jdzt7jsX) on Persia still tries building '/nix/store/myfzvw3m2fzg7r3xkzr15c0flbc9mxiq-bash-4.4.tar.gz.drv'...
<DariusTh`>
I don't seem to have that on my macbook so I don't what to nix-copy-closure in addition
<{^_^}>
[nixpkgs] @matthewbauer opened pull request #69309 → androidndk: get correct libs for x86_64 → https://git.io/Jes1q
<DariusTh`>
Anyway I am done for the day
jgt has joined #nixos
endformationage has joined #nixos
growpotkin has quit [Ping timeout: 268 seconds]
<{^_^}>
[nixpkgs] @matthewbauer opened pull request #69310 → [wip] wafHook: don’t depend directly on python → https://git.io/Jes1s
<{^_^}>
[nixpkgs] @matthewbauer pushed to release-19.03 « Revert "daemon: init at 0.6.4" »: https://git.io/Jes1l
<{^_^}>
[nixpkgs] @matthewbauer pushed to release-19.09 « treewide: replace daemon with enableDaemon »: https://git.io/Jes1B
zacts has quit [Quit: WeeChat 2.4]
<{^_^}>
[nixpkgs] @liff opened pull request #69311 → haskellPackages.hadolint: fix build by disabling static linking → https://git.io/Jes10
<{^_^}>
[nixpkgs] @matthewbauer pushed 4 commits to release-19.09: https://git.io/Jes1u
<exarkun>
is cabal2nix really the recommended way to package a Haskell stack project for nixos?
iqubic has joined #nixos
Zer0xp has joined #nixos
timclassic has left #nixos ["User left"]
ATuin has joined #nixos
mexisme has joined #nixos
akamaus has joined #nixos
ixxie has joined #nixos
<akamaus>
greetings
dermetfan has joined #nixos
<exarkun>
pkgs.callPackage isn't passing mkDerivation to this cabal2nix-generated expression
avod has quit [Remote host closed the connection]
domogled has quit [Quit: domogled]
<exarkun>
oh it's supposed to be some haskell callPackages instead
mexisme has quit [Ping timeout: 276 seconds]
ixxie has quit [Quit: Lost terminal]
<akamaus>
is it possible to override a single module so it comes, say, from master branch of nixpkgs while the rest of system is from nixos-19.03?
Ariakenom__ has quit [Remote host closed the connection]
abrar has joined #nixos
dansho has quit [Ping timeout: 265 seconds]
zupo has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
<akamaus>
clever: cool trick! Unfortunately, looks like it doesn't work in my case. Old module is probably ok, what I want to replace is the derivation it uses to create systemd service. And seems like module from master branch still uses the derivation from my stable pkgs.
<clever>
akamaus: if you want to replace the derivation, you need an overlay
mcbits has quit [Ping timeout: 264 seconds]
LysergicDreams has quit [Ping timeout: 265 seconds]
<qyliss>
hounded: can you share your configuration?
<qyliss>
the reference to fileSystems is because you haven't told NixOS how to mount your root filesystem
<akamaus>
hounded: one should have fileSystems in /etc/nixos/configuration.nix before installation. It probably determines (besides other stuff) where to install grub stage code. I remember seeing similar error during struggle nonstandard grub setup.
<{^_^}>
[nixpkgs] @fpletz pushed commit from @WilliButz to release-19.09 « grafana: 6.3.5 -> 6.3.6 »: https://git.io/JesM9
endformationage has quit [Quit: WeeChat 2.6]
rouma has quit [Ping timeout: 265 seconds]
o1lo01ol1o has joined #nixos
alienpirate5 has quit [Changing host]
alienpirate5 has joined #nixos
alienpirate5 has joined #nixos
o1lo01ol1o has quit [Ping timeout: 265 seconds]
<dooms>
exarkun: while I've not much experience with it, there is stack2nix as well
Soo_Slow has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @Mic92 pushed commit from @teh to release-19.09 « dynd: fix build »: https://git.io/JesD3
<exarkun>
hm okay. at least I could believe that's more likely to look at my stack configuration and do the right thing. I guess, like cabal2nix, it needs to be rerun anytime the its sources (ie, the stack config files) change
<hounded>
Ok, thanks I'll have a look at the configuration file -- this is a test deploy to a brand new nixos machine...
Ariakenom has joined #nixos
Guest66 has left #nixos [#nixos]
<rhitakorrr>
exarkun: cabal2nix can be run automatically as part of your derivation (e.g. pkgs.callCabal2nix). Maybe there's something like that defined for stack as well? I don't know myself.
rmeis has joined #nixos
<qyliss>
hounded: what do you mean by that? how are you deploying it?
<exarkun>
rhitakorrr: cool, didn't know about callCabal2nix, I'll investigate that angle.
<clever>
rhitakorrr: cabal2nix needs a copy of the src, and you can usually get that with `fetchFromGitHub` or related
<clever>
rhitakorrr: but stack2nix level stuff, typically just gets git rev's from the stack file, and doesnt know what the sha256 of things are, so it cant purely generate the nix
Neo-- has joined #nixos
emptyfl4sk has joined #nixos
<tokudan>
I've recently discovered the nixos-hardware repo and want to import a specific nix in my configuration.nix. how do I do that without maintaining a local clone or setting up a channel? basically I want to use fetchFromGitHub, but cannot figure out how to do the actual import. right now I've got let nixos-hw = fetchFromGitHub {...}; in { imports = [ noideawhatneedstogohere ]; ... }
<manveru>
mostly because bundler behaves very stubborn... i've got a version of bundix that generates the Gemfile/Gemfile.lock from the gemset.nix to circumvent that, but it's pretty alpha
<emptyfl4sk>
hmm. I'll have to just add everything to the Gemfile for now
m15k has joined #nixos
is_null has quit [Ping timeout: 245 seconds]
is_null has joined #nixos
<manveru>
that works too :)
<emptyfl4sk>
is there a better workaround?
<manveru>
not yet
kleisli has joined #nixos
joehh has joined #nixos
psyanticy has quit [Quit: Connection closed for inactivity]
<m15k>
Someone already setup a bash-completion for a go package?
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos
<LnL>
vault has bash completions
evils has joined #nixos
is_null has quit [Ping timeout: 245 seconds]
kleisli has quit [Remote host closed the connection]
<m15k>
I wonder how the completions are linked to shell.
<duncan>
there's usually a script sourced in /usr/share/bash-completion/bash_completion, which sources all the completions (interactive and non-interactive)
<duncan>
and maybe in /etc/bash-completion.d there may be other completions.
is_null has joined #nixos
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos
emptyfl4sk has quit [Quit: WeeChat 2.5]
<{^_^}>
[nixpkgs] @wkral opened pull request #69323 → virtualbox: Temporary fix for kernel >= 5.3 → https://git.io/Jesyy
<{^_^}>
[nixpkgs] @Mic92 merged pull request #65817 → build-support: Add p11_kit to appimage dependency set → https://git.io/fj97q
<__red__>
I really wish I could get to nixconf and go to the hackathon
<__red__>
I guess an online hackathon is out of the question huh? ;-)
kleisli has joined #nixos
<cransom>
that's every day!
magnetophon has joined #nixos
<wrl>
irc is a 24/7 hackathon!
<__red__>
interestingly, "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" - that directory doesn't exist on my system
kleisli has quit [Remote host closed the connection]
<nalck>
Is there a good way to prevent multiple of the same services to be launched when doing a `nixos-rebuild switch`? I noticed I had accrued quite a few today after experimenting a bit with my configuration.nix.
<clever>
__red__: that will only exist if you have a channel called nixos, on root
<clever>
__red__: which should exist by default if your using nixos
<pbb>
I get "Detected unsafe path transition /var/lib/deluge -> / during canonicalization of /var/lib/deluge." when switching to a new system configuration. /var/lib/deluge is a symlink to /mnt/data/deluge. Is this problematic and how can I fix it?
<__red__>
yeah it is - I'm just hungry for more exposure is all. I got spoiled by the office hours last week ;-)
<clever>
nalck: systemd should stop the service for you, but you may have that mis-configured
kleisli has joined #nixos
<nalck>
clever: how would I know if it were mis-configured?
<__red__>
clever: Gotcha - I think I named my channel nixpkgs instead of nixos
<__red__>
which would explain it
mexisme has quit [Ping timeout: 265 seconds]
<clever>
nalck: does the service fork itself into the background? does the ExecStop actually stop it?
hounded has quit [Remote host closed the connection]
<worldofpeace>
I think that's the main part with nix that people struggle with, which is "what is the development workflow". So I think showing how a NixOS dev works on nixos will really help with this.
<__red__>
very much so
<__red__>
I see all the amazing things it can do.
Palpares has joined #nixos
<__red__>
I did a talk at defcon on Nix, NixOS, et al
<__red__>
had several people actually follow up and do actual nixos installs too
<__red__>
but truthfully - most of my work is cargo-cult
<rawtaz>
__red__: really nice of you, thanks for that
<rawtaz>
__red__: is the talk available in video online somewhere?
<__red__>
the talk itself was not in the main con, and was not recorded
<__red__>
The talk was an hour long
<__red__>
The purpose of the slides was to really guide a demonstartion
<rawtaz>
darn, thats really too bad. would be interesting to see
<__red__>
what I should do is just do the talk to myself and record ity
<rawtaz>
__red__: ignorant question, but.. how is this different from any other package manager that has a package for qmk that builds out of the box?
<__red__>
and the other party trick I did was swicth backwards and forwards between stable and unstable on my production server
alex``` has quit [Quit: WeeChat 2.6]
<__red__>
well, remember that the result of a qmk compile is a binary blob to be flashed off the machine. So building for a "distribution" makes no sense.
alex`` has joined #nixos
freeman42x has quit [Ping timeout: 276 seconds]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]