<mehlon>
since go binaries are statically linked you could just run it right away
rengglian has quit [Read error: Connection reset by peer]
<nixtacular>
i'm working around it with this one-liner, since i noticed that the versioned names follow the format that you mentioned: `name = "${super.lib.head (super.lib.splitString "-" old.name)}-${version}";`
<infinisil>
Hehe, or just hardcode it
OmnipotentEntity has quit [Remote host closed the connection]
<nixtacular>
yeah i guess my workaround is overkill
<{^_^}>
{ name = "git-minimal"; version = "2.24.1"; }
<infinisil>
Since a year or so there is a `pname` attribute for derivations
alex has joined #nixos
<infinisil>
So you can do `{ pname = "foo"; version = "1.2"; }` and it will set name automatically
<nixtacular>
!
<nixtacular>
that's brilliant
<nixtacular>
i guess that most of the derivations haven't been updated to use `pname`? the ones i'm seeing seem to use `name` w/ string interpolation
Guest58522 has joined #nixos
mexisme has joined #nixos
<infinisil>
Yeah
cosimone has quit [Ping timeout: 248 seconds]
<infinisil>
Note that things like buildRubyGem might not support propagating pname to mkDerivation (yet? Would be easy to make it support that)
rengglian has joined #nixos
<nixtacular>
ah yeah, i just tried it and it failed, and the source looks like it doesn't support it
<rengglian>
Well it does not run
Guest58522 has quit [Ping timeout: 240 seconds]
<rengglian>
It looks like I need to create a package, but fetcher supports only repositories and no local folde
dbmikus has quit [Read error: Connection reset by peer]
mexisme has quit [Ping timeout: 258 seconds]
mbrgm_ has joined #nixos
<infinisil>
,dnw rengglian
<{^_^}>
rengglian: Provide as much info as possible on problems. What specifically doesn't work? What command did you run? What's the error? This makes debugging easier and helps getting faster responses
<gchristensen>
samueldr: do you know anything about tianocore / ovmf / secureboot / qemu?
mexisme has joined #nixos
mbrgm has quit [Ping timeout: 260 seconds]
mbrgm_ is now known as mbrgm
<samueldr>
☑️ ☑️ 🔲 ☑️
<samueldr>
don't know about secureboot, nor the sum of all that
<samueldr>
if you intend to use that to test _that_ PR
<samueldr>
though the testing harness have a big caveat with efi boot
<samueldr>
it might not work as expected
<samueldr>
(unless it's been fixed since ~1-2 months ago when betaboon and I were looking)
turona has quit [Ping timeout: 252 seconds]
turona_ has joined #nixos
<gchristensen>
oh?
<gchristensen>
the EnrollDefaultKeys.efi thing is .... annoying ... from an automation perspective :)
<evanjs>
Seriously excited for _that_ PR to be merged.ecureboot + TPM + NixOS + BitLocker on any machines dual-booting :D
<samueldr>
gchristensen: IIRC, the first boot right now *has* to be MBR
<samueldr>
and there's no way to pass a "VARS" disk
<samueldr>
in fact, EFI boot in tests is a hack IIRC
<gchristensen>
oh dear
<gchristensen>
I don't think that is something I'm ready to fix
turona_ has quit [Client Quit]
iz16 has quit [Ping timeout: 246 seconds]
<rengglian>
Ldd shows 3 libraries, all of them are located in /nix/store. Running just the binary results in "no such file or directory". So my approate would be to make a test package. But the src is always a repo and no local binary...
<infinisil>
If it's not a /nix/store path, you need to patchelf the binary, search for patchelf in nixpkgs for examples
<nixtacular>
infinisil: i updated my bundler overlay with the sha256 and it still doesn't work, i'm getting the old version. https://hastebin.com/ulogejudab.m
<infinisil>
nixtacular: Where did you get the hash from?
<gchristensen>
samueldr: do you recal why it has to be mbr first? because there is no way to specify VARS?
<nixtacular>
i mean the correct hash for the current version of the package in the repo
<samueldr>
I don't think there are any reasons it can't be fixed, but when we looked it was during the transition to the python harness, so it was a bit exhausting to think about
<infinisil>
nixtacular: Hm I see, are you sure that the overlay is applied? Try putting `sha256 = throw "hi there"` to check
mexisme has quit [Ping timeout: 258 seconds]
<nixtacular>
yup, it's getting applied
<rengglian>
lib64/ld-linux-x86-64.so.2
<infinisil>
nixtacular: How are you checking that the old version is used?
<nixtacular>
by running `bundler --version` inside my nix-shell
<nixtacular>
i'm using direnv to set up a nix shell with everything inside of it
<infinisil>
Trying it myself I get 2.0.2
<nixtacular>
hmm
<infinisil>
Using `nix-build '<nixpkgs>' -A bundler --arg overlays 'import ./your-paste.nix`, then `result/bin/bundler --version`
<infinisil>
(plus the ' i missed)
<nixtacular>
weird. yep, i'm getting 2.0.2 when i do that, too
o1lo01ol1o has quit [Remote host closed the connection]
dbmikus has quit [Read error: Connection reset by peer]
<nixtacular>
hmm this is probably something wrong with my shell setup...one sec
<nixtacular>
bundler is getting included via bundlerEnv, i think
drakonis1 has joined #nixos
<nixtacular>
this works fine when i use overrideAttrs and specify the fetcher params
euandreh has quit [Ping timeout: 252 seconds]
jluttine has quit [Ping timeout: 268 seconds]
<andi->
,locate unsquashfs
<{^_^}>
Found in packages: squashfsTools
<andi->
,locate sasquatch
<{^_^}>
Couldn't find in any packages
dashkal has joined #nixos
virus_dave has joined #nixos
o1lo01ol1o has joined #nixos
<infinisil>
nixtacular: Hm, is that shell supposed to have a finished project built or to have an environment to build the project?
<infinisil>
Because right now it does the former
<infinisil>
And I feel like you want the latter, which would mean moving `gems` to `inputsFrom` instead of `buildInputs`
<infinisil>
Though no idea why it would work with .overrideAttrs'ing the src
<nixtacular>
wow. i just changed it to `inputsFrom` and it worked!
<infinisil>
:D
jonten has quit [Ping timeout: 268 seconds]
o1lo01ol1o has quit [Ping timeout: 240 seconds]
<nixtacular>
interesting. i guess that makes sense? but then, like you, i'm not sure why it would work with overrideAttrs'ing the src lol
<nixtacular>
i wasn't aware of inputsFrom
mehlon has quit [Remote host closed the connection]
<virus_dave>
Anyone have any luck with nixos live CD from SD card on a chromebook HP11 B5 ? Seems to hang for me after the bootscreen / "initrd" step. Screen goes blank (but still powered / backlit) and i don't perceive any other action happening then
<nixtacular>
infinisil: oh it gets even weirder. actually, what works is when i put bundix and bundler into inputsFrom. when I delete bundix or leave bundix in buildInputs, i still get the old version.
<jackdk>
clever: thanks. yeah I had base16 working, but most people are used to seeing base32 in nix exprs I felt it made better output (also it's smaller)
<clever>
jackdk: its also confusing when nix gives an error in base32, but that hash appears nowhere
<clever>
jackdk: because nix converted it from 16->32 before printing the error
turona has joined #nixos
<thomashoneyman>
anyone here successfully using yarn2nix with hydra? even with the latest version of it i always get an error from hydra about trying to access the package.json file in restricted mode
<nixtacular>
is there a way to nuke the derivation of my nix shell and start over?
<infinisil>
nixtacular: What are you trying to achieve by nuking it?
<nixtacular>
like force nix-shell to redownload and recompile everything
<infinisil>
Oh that won't solve anything in nix
<nixtacular>
infinisil: i'm trying to see if there's some weird caching thing
<nixtacular>
i'm desperate :-(
<nixtacular>
the bundler situation has gotten worse. now i can't even get my overrideAttrs method to work
<nixtacular>
i'm not sure what i've done, but bundler seems permanently set to 1.17.3 no matter what i do
rengglian has joined #nixos
rengglian has quit [Client Quit]
<infinisil>
I never would've thought that it should work, I'd think the expression isn't what you think it was when it worked
<nixtacular>
which expression? the override or overrideAttrs? or both?
<infinisil>
nixtacular: I did notice earlier that you didn't override the name, which is why the derivation is still called /nix/store/...-1.17.3, even though it's the newer version
<infinisil>
The overrideAttrs probably
<infinisil>
Though I don't think i've seen it
<nixtacular>
infinisil: actually i tried it both ways. i've been using -1.20.1
<nixtacular>
plus should it matter? i'm still replacing the top-level bundler package, no?
virus_dave has joined #nixos
<infinisil>
Should what matter?
<nixtacular>
*2.0.2
<nixtacular>
should it matter whether i override the name?
<infinisil>
Ah no that's irrelevant
<virus_dave>
hm, ok that didn’t help. Is there a resource for how to go about debugging a boot process?
<nixtacular>
so strange. i mean, the `nix-build` command you pasted definitely works. it's just nix-shell.
<infinisil>
virus_dave: When does it fail?
<infinisil>
virus_dave: I don't know of any tutorial, but I do know some stuff about debugging boots
<infinisil>
nixtacular: What's the code now?
<virus_dave>
it shows the graphical boot options, where i chose either “nixos 19.09 … Installer” or “ … Installer (debug), then shows loading /boot/bzImage… ok, then loading /boot/initrd… ok
<virus_dave>
then the graphic clears and the screen stays blank but still backlit
<virus_dave>
not sure how to tell. it’s the 19.09 live CD default, whatever that is. There isn’t grub installed on the chromebook (i’m booting from an SD card)
<infinisil>
Hm I'm not sure how well chromebooks are supported
<infinisil>
I think sphalerite runs NixOS on one though
dbmikus has quit [Read error: Connection reset by peer]
<virus_dave>
i could just stick with galliumos, which seems to work fine, and nix-env as package manager, but after my recent success on the R-Pi, and a general desire to migrate to nixos, i wanted to give it a try :D
<virus_dave>
is there a boot option i can use to basically say “just boot enough to give me a basic root shell”? I vaguely recall something like that from my linux days 2 decades ago
<infinisil>
Hm, my only idea right now is to import all-hardware.nix and build an iso from that
<infinisil>
virus_dave: You can change the grub entry to have `init=/bin/sh`
<infinisil>
I guess trying that first would be good
<infinisil>
And then there's also `debugtrace` you can add to the command to have more output, if stage-1 is able to start at all
<virus_dave>
ok, that led to the same results. Looking at all-hardware.nix, the file comment seems to indicate it’s already the basis of the installer images, which is what i’m using.
<virus_dave>
that == init=/bin/sh
<virus_dave>
i notice it also *very briefly* flashes a single line of text after clearing the grub screen, but it happens so fast i haven’t been able to read it.
selfsymmetric-mu has quit [Disconnected by services]
selfsymmetric-mu has joined #nixos
<infinisil>
Ah I don't think all-hardware includes proprietary stuff by default though
<infinisil>
hardware.enableAllFirmware and hardware.enableRedistributableFirmware might be worth trying
<infinisil>
Though I'm pretty clueless in general
<infinisil>
virus_dave: You could take a video of it, then pause at that frame :)
<virus_dave>
Ha, yeah that’s actually what i’m trying right now :)
dbmikus has joined #nixos
<infinisil>
I'm gonna go now though. Here's a link for how to build a custom iso though: https://nixos.wiki/wiki/Creating_a_NixOS_live_CD , you might also want to search for chromebook stuff in nixpkgs and nixos-hardware
<infinisil>
nixtacular: Fyi you can also do that in `nix repl '<nixpkgs>'`
drakonis_ has quit [Read error: Connection reset by peer]
<nixtacular>
infinisil: my nixpkgs is too old :-/
<evanjs>
Holy crap... just how much does ibus need to think it's running >_>
<evanjs>
Tried just adding a service for ibus-daemon, nope... guess I'll just check the python code. ibus.enable doesn't seem to do anything service wise.
<evanjs>
Like I still need to run ibus-setup and etc
<{^_^}>
[nixpkgs] @ryantm merged pull request #57034 → uefitool: init at A55 and 0.27.0 → https://git.io/fhp7W
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
jlv has joined #nixos
<{^_^}>
[nixpkgs] @ahesford opened pull request #77002 → pam_gnupg: init at fbd75b7 → https://git.io/JejZw
<jlv>
Is there any reason not to use `builtins.fetchGit` instead of something like `pkgs.fetchFromGitHub`? It's not nice not having to specify a redundant hash to fetch from git.
lunik1 has joined #nixos
<jlv>
*It's nice not
<kini_>
I guess `fetchFromGitHub` avoids a git dependency (since it just grabs tarballs from github.com iirc), so that makes your build leaner?
<ryantm>
jlv: fetchFromGitHub would let us handle some GitHub specific issue, should one arise.
iz16 has joined #nixos
<nixtacular>
for the sake of future posterity, i'll say that i've thoroughly investigated whether one can use a newer version of bundler with `bundlerEnv`, and i'm pretty sure that it's currently impossible
juhe has quit [Quit: Leaving.]
virus_dave has quit [Quit: virus_dave]
lunik1 has quit [Ping timeout: 268 seconds]
<softinio>
can anyone recommend anyone I can ping here on IRC to have a PR reviewed?
<clever>
,pr softinio
<{^_^}>
softinio: 0. Sorry. 1. If you complain about PR being in limbo, always provide a number («I have an unmerged PR (#23924)…»), bot will print PR title and it might bring you an impulse-merge. 2. Please look up who commits similar work and ping these people (or request-review), keeping up with all the PRs is not really possible.
<softinio>
clever:yeah I have pinged someone who had reviewed before but he seems not to be around so didn't want to be a pest to chase more as I do know all of us are volunteering our time to OSS
<softinio>
will paste here in case anyone can take a look good idea
<softinio>
ryantm: when you add new vim plugins there is a script you run to add it and that automatically updates existing ones .... what I do is have the updates to existing ones its own commit then a separate commit for the new one which is the procedure I was told to follow for adding vim plugins when I first did it (this is not my first one :-) )
<softinio>
ryantm: for ref see adding new plugins section of https://nixos.wiki/wiki/Vim update.py script does itr
jmeredith has quit [Quit: Connection closed for inactivity]
<softinio>
jlv: thank you sir appreciate it
felixfoertsch23 has joined #nixos
felixfoertsch has quit [Ping timeout: 252 seconds]
<softinio>
jlv: I would like to know how to become a reviewer too if you find out let me know got specific areas I want to contribute a lot too so be good if I can help with reviews such as vim plugins
<softinio>
ryantm: Ok so you only need extra privileges to review someone elses work and merge? if so how do you get that?
Guest92090 has joined #nixos
<ryantm>
There isn't some set procedure for how to become a merger, but the general principle is do a lot of good work and become well known enough to warrant it.
<softinio>
ryantm: thank you sir for merging my PR appreciate it
zeta_0 has joined #nixos
zeta_0 has quit [Remote host closed the connection]
zeta_0 has joined #nixos
zeta_0 has quit [Remote host closed the connection]
justanotheruser has joined #nixos
mutantmell[m] has joined #nixos
<ryantm>
softinio: No problem. I suspect the fastest way to become a merger is making a bunch of high-quality reviews. Like ones where you've run `nix-review pr ###` and ran the binaries to check for problems and combed over the exprs.
<ryantm>
After the merger people have merged a bunch of PRs that you got into a perfect state, they'll be clamoring for you to merge it yourself.
mexisme_ has joined #nixos
mexisme has quit [Ping timeout: 260 seconds]
duckfullstop has quit [Quit: Why do you need...?]
mq32 has quit [Ping timeout: 260 seconds]
<ryantm>
jlv: your s3ql PR needs to be squashed into one commit
duckfullstop has joined #nixos
mq32 has joined #nixos
<softinio>
ryantm:thanks for heads up on what to do ... do you have an ideal flow you follow to test other peoples PRs and binaries? is it documented anywhere? Want to practice to make perfect :-)
<thomashoneyman>
quick q: if i have a path (./src) and i want to append a string (ie. "myfile") to create a new path (not string) (ie. ./src/myfile), how would i go about this?
spacefrogg has joined #nixos
tjg1 has joined #nixos
day|flip has joined #nixos
<clever>
thomashoneyman: ./src + "/myfile.txt"
<thomashoneyman>
thanks!
<{^_^}>
[nixpkgs] @davidak opened pull request #77009 → anarchism: init at 15.1-11 → https://git.io/JejcO
kini_ has quit [Remote host closed the connection]
<thomashoneyman>
clever: i'm using your method of setting the private ssh key in etc/nix/<key> and then having the build machine sshKey set to that path and user as 'root'
<thomashoneyman>
but i'm still getting rejected
<thomashoneyman>
do you have a sec to quickly scan over this snippet of the config and see if something might be missing?
<CMCDragonkai>
In a python project, if there's a script calls another python script (by subprocess) (provided by a dependency) and that script needs to be able to import your own project, how do we configure the nix expression to wrap the the script to propagate PYTHONPATH? Right now `buildPythonPackage` injects python code into the scripts that adds the site packages, but that won't work if we are going through a "shell boundary"
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
Acou_Bass has quit [Ping timeout: 240 seconds]
chagra_ has quit [Ping timeout: 268 seconds]
Rusty1 has quit [Quit: Konversation terminated!]
Acou_Bass has joined #nixos
[Leary] has joined #nixos
Lears has quit [Ping timeout: 265 seconds]
bvdw has quit [Read error: Connection reset by peer]
bvdw has joined #nixos
<clever>
thomashoneyman: ~/.ssh/known_hosts also plays a factor
<jackdk>
if you have a question about borgbackup, just ask it. you might find insight in formulating your question precisely, and if your question is only incidentally about borgbackup someone might be able to help you
<evernite>
I can't figure out how to use the `paths` option correctly when I want to specify multiple source directories.
<pie_[bnc]>
evernite: though "Type: list of strings or string convertible to it"
<pie_[bnc]>
so as I'd have guessed you should be able to set it to something like [ "apath" "bpath" ]
<chrisaw>
Guys am I missing something here? Trying to install home-assistant which has pyOpenSSL as a depdency. When it tries to build pyOpenSSL that has cryptography>=2.8 as a dependency. No problem! However, when it tries to install that it comes up with: ERROR: Could not find a version that satisfies the requirement cryptography>=2.8 (from pyOpenSSL==19.1.0) (from versions: none)
<chrisaw>
Strange thing is though that package does exist in nixpkgs - it was merged back in Oct 2019 so should have had more than enough time to roll through Hydra.
kqb has joined #nixos
kqb2 has joined #nixos
smatting has joined #nixos
kqb2 has quit [Client Quit]
kqb has quit [Client Quit]
veske has quit [Quit: This computer has gone to sleep]
tmaekawa has quit [Quit: tmaekawa]
gagbo has quit [Ping timeout: 268 seconds]
kqb has joined #nixos
sam_d has quit [Remote host closed the connection]
kqb has quit [Client Quit]
kqb has joined #nixos
<FRidh>
chrisaw: it's a regression in our home-assistant package. We upgraded the python package set, but have not yet fixed up ha
<kqb>
test
<chrisaw>
@FRidh Short of switching channels to stable - any ideas how I could do a quick 'N dirty workaround t at least get it building?
<FRidh>
chrisaw: use home-assistant from an older nixpkgs revision or indeed stable
<CMCDragonkai>
If I use `systemd.packages = [ pkgs.somePackage ];`, this would automatically install the systemd unit files from that package. If there are 2 service files there, is there a way to only enable one of them?
veske has joined #nixos
<LnL>
FRidh: hey, is flit something new or did I just never run into it?
Synthetica has joined #nixos
veske has quit [Client Quit]
kqb has quit [Quit: Leaving]
<FRidh>
LnL: its been around for a couple of years now, but its only since PEP517/518 that it is getting traction because now pip can handle it through pyproject.toml
<FRidh>
we're finally starting to get alternatives to setuptools in the field
<FRidh>
but we need to upgrade our flit, we're at 1.3. The newerone is however split in two packages
<Dandellion>
is there some way to "subscribe" to packages and modules. Just to keep up with changes and updates and whatnot if you're using them?
<FRidh>
Dandellion: not really. You can become a maintainer, and then you can get pinged at github in case of PR's, but that's it.
lukash_|away is now known as lukash_
<Dandellion>
FRidh: yeah I was thinking of something similar to the ofBorg maintainer ping. I kinda feel like that should be a thing. It's easy to get lost in the upgrade notes, and having more users with eyes in the process might be good to catch bugs early and whatnot.
<TheGamingBarrel_>
I personally use fetchTarball for it, using unstable while on 19.09
<Taneb>
Aleksejs: I should imagine so
<chrisaw>
@FRidh: I know about that but I'm not sure how to actually override the package itself?
<{^_^}>
[nixpkgs] @FRidh pushed 53 commits to staging-next: https://git.io/Jej8j
<TheGamingBarrel_>
You need to add a section in your nixpkgs.config, I'll upload a code snippet in a sec
<chrisaw>
I'm trying to override the home-assistant package in nixpkgs unstable with (hopefully) a working one so I can get on with my rebuild but man - it's driving me crazy! :P
<Aleksejs>
clever: never mind. Turns out, this PC has old HDD with actual disks and it died
hyper_ch2 has joined #nixos
<chrisaw>
Ah, so attrs>=19.2.0 is required by hypothesis==4.41.0. So if I can use that fancy nixpkgs overrides stuff to roll that back to commit 603af4d2af569c0b8780b7deb2ae94753688acde for that - I should be golden.
TheGamingBarrel_ has quit [Remote host closed the connection]
TheGamingBarrel has joined #nixos
<FRidh>
chrisaw: home-assistant needs a bit of effort again
<FRidh>
it won't be trivial
<FRidh>
not the least because of a nice impurity in the pyopenssl build which started failing from 2020 on.
<chrisaw>
Yeah I saw that - I'm actually happy to pick this up and help on it. I want the cloud functionality working anyway which I don't believe does currently. Right now though I just need to get my box up and running again with the previous stable version. I literally can't get a shower until I do! (home automation, yay! :P)
<chrisaw>
FRidh: One question - I have the pieces but can you help me assemble them here? I know I need to use nixpkgs.config.packageOverrides *and* I know I'm going to need fetchTarball - but how can I combine those to override the package for hypothesis to its previous version?
<FRidh>
hmm maybe that's how we could get more maintainers...connect the result of the builds to their showers :P
<chrisaw>
Haha! :P I'm already a maintainer on a few things so not sure it's going to be very effective on me! :P
jgeerds has joined #nixos
<FRidh>
chrisaw: if you use the nixos service, then it has this *.package option, so you can pass it directly a package. No need to use nixpkgs.config. In fact, you better not use that anyway as it will apply to all your nixpkgs imports.
<chrisaw>
FRidh: services.nixos.hypothesis.package = ... -- this kind of thing?
euandreh has quit [Remote host closed the connection]
Neo-- has joined #nixos
<chrisaw>
That looks like *exactly* what I need right now - I know I'm being an idiot here though and that's not the correct line. Tried without 'services.' too and that's a no-go. :| Automate things they said. It makes life easier they said. LIES! ALL LIES! :P
<FRidh>
*.package is where you can set a home-asistant package. First, we do need to fix our home-assistant package. That you can do by overriding that package, however, I don't recommend doing it through overrides because it's going to be painful. Like I said, it really needs some fixing.
<FRidh>
just point it to a stable version so it works, or, take a local nixpkgs checkout, fix the package, and point to that
<chrisaw>
That gets me to back before the merge of 2.8 - good stuff there. The problem is (as far as I understand it anyway) - the hypothesis package doesn't have a service (unless you're telling me there's one by default provided by nixos?) so that method wouldn't work.
erictapen has joined #nixos
<FRidh>
no, hypothesis is a test dependency
fendor has quit [Ping timeout: 240 seconds]
<chrisaw>
I can tell - it's certainly testing me! :[
tjg1 has quit [Quit: don't keep calm and fuck this, fuck that, fuck you and fuck off]
<chrisaw>
Ohhh, wait - I think I get what yuo're saying FRidh - I was under the impression that using that .package = method I was overwriting the home-assistant package only but the dependencies would be pulled from my normal channel. It looks like it actually overwrites the package and the dependencies if I'm correct.
<chrisaw>
That makes things a whole lot easier - I don't have to override every single dependency if that's the case.
<FRidh>
right
tjg1 has joined #nixos
<chrisaw>
So I just need to find the magic commit when it last worked properly and use that. Makes a lot more sense. :)
<chrisaw>
Once I get this built and installed, I've got a few other bits and bobs to do to get my system up and stable again, then I'll take a look at fixing this properly in nixpkgs and PRing it.
<FRidh>
except it probably won't now because of the pyopenssl impurity
<chrisaw>
If necessary I can fork nixpkgs and then override my hass package to the one I've fixed though - at least I have the nixos side of things clear now. :)
<jtojnar>
It is more of a python QT bindings issue
<{^_^}>
[nixpkgs] @Rakesh4G opened pull request #77040 → Keras 2.3.1 backport to 19.09 → https://git.io/JejBg
<o1lo01ol1o>
I'm digging into a remote (darwin) builder that doesn't have an /etc/nix/nix.conf ; how can figure out where to set .conf values that will be respected by the system?
<Taneb>
./result exists so we can inspect the output of a build easier. If you don't want it created, you can add --no-out-link to the nix-build invocation
<chloekek>
nix-build && result/bin/foo is my development workflow.
<klntsky>
clever: sometimes if you forget to unlink it manually the whole project starts rebuilding, despite the fact that there are no changes other than the link itself.
<clever>
klntsky: src = lib.cleanSource ./.;
leah2 has quit [Ping timeout: 252 seconds]
<clever>
that will exclude result when checking the source to see if it changed
<Enzime>
what's the difference between the nixpkgs-unstable/nixos-unstable branches on nixpkgs and nixpkgs-channels?
<freddy2001>
big thanks :)
<freddy2001>
i'll try it out
freddy2001 has quit [Remote host closed the connection]
<clever>
Enzime: nixos-unstable has extra tests ran, to make sure it cant brick a nixos machine, things like ensuring it doesnt corrupt the grub config file
<Enzime>
no I meant between the two GH repositories
<Enzime>
is there any difference between those branches
<clever>
Enzime: i dont think there is any difference now
<chrisaw>
I realise this is a complete newbie question but where does the checksum (long string) come from in mkOverride() ?
<chrisaw>
Oh, disregard.
<adisbladis>
,TOFU chrisaw
<{^_^}>
chrisaw: To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected. See: tofu-vim
<adisbladis>
chrisaw: That's usually how you get them ^
delli3_ has joined #nixos
<chrisaw>
^ That's how I usually get them but in this case it's kinda weird. The "expected:" isn't even what I set in the first place!
<adisbladis>
freddy2001: builtins.fetchGit doesn't take a sha256 param
<adisbladis>
builtins.fetchGit works by cloning a repo _outside_ of the sandbox and then adding the files to the store, essentially turning a clone into a fixed-output at eval-time.
<infinisil>
E.g. have a script like `recursive-atime /nix/store/...-system` that would return the latest access time of all paths in -system's closure (which you can get with nix-store -qR)
<infinisil>
Then check that for all profiles in /nix/var/nix/profiles/system-* and delete the ones that have an older latest access time than e.g. 1 week ago, then run a garbage collection
knupfer has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/Jejg8
Palpares has quit [Remote host closed the connection]
justanotheruser has quit [Ping timeout: 258 seconds]
<yorick>
seems to work on intel, yes
Palpares has joined #nixos
<turbo_MaCk>
yorick: yes seems there is some error on aarch64 I'm currently checking what this might be about but it seems that previous version (6.2) built on ARM just fine
evernite has quit [Ping timeout: 252 seconds]
denbrahe[m] has joined #nixos
meck has joined #nixos
meck has quit [Client Quit]
meck has joined #nixos
<denbrahe[m]>
anyone had problems with fan control? (thinkpad x220t)
<denbrahe[m]>
my temperature is very high without load
<denbrahe[m]>
same setup on arch linux doesnt give problems
<turbo_MaCk>
It's sort of hard to guess without so limitted information what this might be at least for me. I would probably try to create new topic on https://discourse.nixos.org/ maybe someone has experience with similar issues or at least it would be easier to share logs and stuff.
<{^_^}>
[nixpkgs] @lourkeur opened pull request #77090 → nixos/activation: add types to options → https://git.io/Jej2q
ng0_ has joined #nixos
qwt43 has joined #nixos
<qwt43>
hello; for some reason my xfce4-pulseaudio-plugin doesn't show in the tray. I have pulseaudio both installed and working, and sound media keys work too.
knupfer has joined #nixos
<qwt43>
There is no error message, the plugin is currently just reserving a pixel or two in the panel. I installed pavucontrol just in case it was needed, but I don't think that the plugin depends on it.
turbo_MaCk has quit [Ping timeout: 265 seconds]
<qwt43>
Does anyone here know what causes the xfce4-pulseaudio-plugin to not display?
<{^_^}>
#77088 (by Infinisil, 10 minutes ago, open): nixos/systemd: Explicitly put default path packages after others
meck has joined #nixos
turbo_MaCk has joined #nixos
<worldofpeace>
infinisil: yeah, I think even recently in the gnome3 module the default environment PATH for the gnome-shell-wayland service is reset because it would be broken
<infinisil>
reset as in?
<worldofpeace>
{}
<worldofpeace>
PATH = {}
<infinisil>
Ohh
<infinisil>
Yeah that's not very nice
<infinisil>
It's unfortunate that lists have unspecified ordering
<infinisil>
Maybe we should just ban lists
<infinisil>
Somehow
<worldofpeace>
Totally agree on it not being nice, for me I've just taken note of that being an unfortunate issue to be wary of.
boogiewoogie has joined #nixos
ng0_ is now known as ng0
kiwi_29 has joined #nixos
<kiwi_29>
Does anyone know how to set boot.plymouth.logo to point to a local file?
<kiwi_29>
I'm doing it like "boot.plymouth.logo = /etc/some-file.png", but nixos does not accept it
<infinisil>
worldofpeace: Hm yeah I've had my eye on that one for a while, I didn't take a super close look, but overall it seems pretty much ready
<infinisil>
I'd test the error message probably
<worldofpeace>
infinisil: Cool, I thought the PR was pretty ready too. Just missing a release note mentions.
<kiwi_29>
devalot: Since the config option is of type "path", i was thinking i could directly write "/path/to/file". Is there a way to add a file to the nix-store?
<devalot>
kiwi_29: You may want to read the source code to the Plymouth nix module. I wonder if that path is copied into /boot during activation.
<kiwi_29>
I know that changing that option does cause the initramfs to be recompiled
Lears has joined #nixos
captn3m0 has quit [Ping timeout: 268 seconds]
<kiwi_29>
now taking a gander at the source...
noudle has joined #nixos
rogue_koder has joined #nixos
alex`` has quit [Ping timeout: 258 seconds]
[Leary] has quit [Ping timeout: 240 seconds]
captn3m0 has joined #nixos
racolite has joined #nixos
<racolite>
What is the 'canonical' way to add my own packages to nixos? Specifically, I want to be able to refer to nixpkgs for the build step but have my own repostitory of 'private' packages I can call from configuration.nix
<__monty__>
,overlays racolite
<{^_^}>
__monty__: Did you mean overlay?
<{^_^}>
racolite: Overlays look like `self: super: { foo = ...; }`. Use the self argument to get dependencies, super for overriding things and library functions (including callPackage). More info: https://nixos.org/nixpkgs/manual/#sec-overlays-install
<racolite>
Yeah, I'm a bit confused about overlays (actually a lot) but I am quite new to the idea of nixos
Tucky has quit [Quit: WeeChat 2.7]
<__monty__>
racolite: I recommend reading the section on overlays in the nixpkgs manual.
<racolite>
Essentially, say I have a default.nix + file-a.patch
<racolite>
and this packages builds with nix-build
<__monty__>
You're most of the way there, the overlay would be something like `self: super: { mypackage = super.callpackage path/to/mypackage/default.nix {}; }`
<racolite>
So
<racolite>
Essentially I could git clone a 'repository' of packages
<infinisil>
__monty__: Not quite, since it builds with `nix-build` directly
<racolite>
which are the build instructions
<__monty__>
infinisil: I figured the callPackage wouldn't hurt?
<racolite>
Is there a way to grab the package from a git repo as a path?
drakonis_ has joined #nixos
<infinisil>
And default.nix doesn't have to be a function to be nix-build'able, but if it is then it won't be a problem (but still a bit unorthodox since it's not what callPackage is for)
juhe has joined #nixos
<worldofpeace>
infinisil: I'm considering merging the PR without a release note in the same PR
<infinisil>
worldofpeace: I thought of that too, I'm not too fussed about release notes
freddy2001 has quit [Remote host closed the connection]
<infinisil>
And xml is a pain to write for me at least
<worldofpeace>
infinisil: It would be cool if we kept track of things that "Needs release note" greater than a label
<raboof>
for the projects I'm closely involved with, we're using markdown plus some project-specific tools/directives. That works pretty well for us: you can use regular tools for editing, but can still integrate custom things relatively easily
<raboof>
for example `@apidoc[Foo]`will introduce a link to that part our online API docs, etc
<{^_^}>
[nixpkgs] @iv-nn opened pull request #77100 → vimPlugins.vista-vim: init at 2020-01-06 → https://git.io/Jejay
<raboof>
(the *particular* tooling we're using wouldn't make sense for nix - but the approach might)
wpcarro has quit [Ping timeout: 260 seconds]
Naptra has joined #nixos
<infinisil>
raboof: Cool, feel free to describe the approach you use in the RFC
<jared-w>
and for better or worse, that's the standard of markdown most people seem to expect and want as commonmark lacks a few things people want (like tables?)
cosimone has joined #nixos
<infinisil>
I'm wondering about tooling for github markdown though
<infinisil>
Does e.g. sphinx/readthedocs work with it?
<jared-w>
infinisil: at least in the front-end development land there's *tons* of it. Lots of stuff works with it.
<jared-w>
looks like sphinx doesn't have out of the box GFM but people have written plugins to support various extra bits github flavored markdown (and various others) support
<infinisil>
I see
<infinisil>
jared-w: Hm though it looks like commonmark supports links just like github's markdown, it's not a special extension: https://spec.commonmark.org/0.29/#links
dm9 has joined #nixos
<infinisil>
But it's href-style links, where you can give a relative location
<infinisil>
Which isn't as nice as e.g. named-reference links
<jared-w>
gotcha. Makes sense. Most of the various "extensions" have thankfully standardized or converged on the same syntax, so I'm not terribly surprised commonmark has it
cosimone has quit [Read error: Connection reset by peer]
<infinisil>
jared-w: That's what I meant with relative references
<infinisil>
Though maybe that's as good as it gets
<infinisil>
Hm that html disabling extension is nice too
<infinisil>
And autolinks too
<infinisil>
And tables of course
rleppink has joined #nixos
waleee-cl has joined #nixos
hax404 has quit [Quit: WeeChat 2.6]
<jared-w>
there's a reason GFM is so popular :)
<jared-w>
not as wild as pandoc, but hits the sweet spot for adding extra useful things to commonmark
<rleppink>
Hi! I am trying to package some software that attempts to write to its own install directory, which is obviously not allowed in the nix store. What is the idiomatic Nix way to handle this? I have been looking at makeWrapper, but that seems mostly for environment variable stuff?
<rleppink>
Not really sure how to look for it in the documentation, any pointers would be greatly appreciated.
<qyliss>
Can you convince the software to write elsewhere?
<{^_^}>
[nixpkgs] @thefloweringash opened pull request #77103 → makeKernelHeaders: expose at top-level, support kernel 5.3 and newer → https://git.io/JejVQ
<rleppink>
qyliss: Do you mean whether it has a flag or argument for where it writes? Not that I can find, currently.
<Miyu-saki>
Is there a way to merge 2 derivations for nix-shell?
<Miyu-saki>
I made our builds modular, so that the one rebuild won't affect the other.
<Miyu-saki>
But for nix-shell, we need the build environment of both.
alex`` has joined #nixos
<Miyu-saki>
One idea I guess is to nix-shell in nix-shell.
<Miyu-saki>
On that idea, I wonder if Ericson's ret-cont can help with this.
<thomashoneyman>
...how would I even go about debugging the error ".jobsets must only have a single job named 'jobsets'"?
jmeredith has joined #nixos
<thomashoneyman>
the value of the 'jobsets' job seems entirely undocumented
<thomashoneyman>
but from shlevy's repo it's supposed to be...another spec.json file? so you have a spec.json file pointing at a Nix derivation which produces a near-identical spec.json file?
bvdw has quit [Read error: Connection reset by peer]
dozn has joined #nixos
dozn_ has joined #nixos
dozn has quit [Remote host closed the connection]
bvdw has joined #nixos
dozn_ has quit [Read error: Connection reset by peer]
captn3m0- has quit [Ping timeout: 268 seconds]
dozn has joined #nixos
dozn has quit [Read error: Connection reset by peer]
dozn has joined #nixos
<Ankhers>
Does anyone have experience with using godot on nixos? It seems to freeze my desktop whenever I try and open it. If it makes a difference, I am on nixpkgs unstable. Is there something I can do to get a log of what happende on startup?
dozn has quit [Client Quit]
<infinisil>
qyliss: Nice
dozn has joined #nixos
turbo_MaCk has quit [Ping timeout: 268 seconds]
<o1lo01ol_>
Is it possible to split the nix store across two mount points? A build machine we have is provisioned with half the internal drive on / and half on /private/foo.
tsrt^ has joined #nixos
klntsky has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @flyfloh opened pull request #77113 → python-miio: init at 0.4.8 → https://git.io/Jejru
FRidh has joined #nixos
<gchristensen>
o1lo01ol_: you could put a file on each and mount them as loopback devices and make an mdraid on top and mount that as /nix :)
<qyliss>
oh that's a good idea
rleppink has quit [Remote host closed the connection]
<o1lo01ol_>
gchristensen: oh, yeah, that's not bad
<gchristensen>
but you "could" do that in the same way that you "could" use a pitchfork as a fork
<o1lo01ol_>
gchristensen: my other option is to file a complaint with the BBB
<gchristensen>
oh?
<gchristensen>
I don't think it is a good idea to do what I suggest, but it is indeed possible :)
<thomashoneyman>
oh, good lord, it's because i was producing a single flat spec.json instead of one containing multiple jobset keys, each of which is a valid spec.json
<thomashoneyman>
all is well
<o1lo01ol_>
gchristensen: well, not really, but macincloud says we're paying for 100gb of internal drive space; really we're paying for 2 50gb disks.
<thomashoneyman>
thank you journalctl
<gchristensen>
o1lo01ol_: ouch
<gchristensen>
then I don't know if that would work, anyway
<judson>
What's the story these days with NixOps? I've been using it for personal stuff, but it seems like it still relies on Python2
wolfshappen has joined #nixos
<simpson>
Python 2 is still a thing.
<judson>
An EOL thing...
klntsky has quit [Ping timeout: 240 seconds]
<judson>
And partly: it's mostly fine for me to maintain my hobby stuff. I can't see recommending it e.g. to replace Puppet, which pains me.
klntsky has joined #nixos
lord| has quit [Read error: Connection reset by peer]
<judson>
And Python2 only suggests that it's too much maintenance for the labor available. I'd be happy to be told that's wrong.
<simpson>
Only CPython 2.x is EOL. PyPy's 2.7.x branch would be fine, if we were to more sincerely support it.
<simpson>
(Additionally, I'm pretty sure that folks are going to just keep using CPython 2.x until some showstopping security vulnerability happens that can't be easily fixed by Red Hat.)
<judson>
Yeah, I've run headlong into that particular wall once or twice before.
<simpson>
As for replacing Puppet, sure. That's not an easy task. Puppet or Terraform or etc. do a lot of extra stuff beyond just the core of things, and nixops is definitely following along with a model that could use an update.
<simpson>
I don't know if there's any teams actively working on nixops replacements.
<simpson>
morph seems pretty cool. Strange name, but also makes me think of "Morph the Cat", also strange name but good stuff. What kind of multi-homing could I do with it? It seems like I could use morph from one of many machines to manage a home fleet.
lord| has quit [Read error: Connection reset by peer]
stites has joined #nixos
<stites>
hey all -- I upgraded my box recently on 19.09 and the bump from zfs-0.7.13-1 to -0.8.2-1 is causing the root pool to self-stall in Stage 1
wolfshappen has quit [Ping timeout: 260 seconds]
lord| has joined #nixos
<stites>
has anyone run into this before? so far I'm hitting the same problem with 3 different kernel versions (on 19.09: latest, 4_19, 4_14) and both zfs stable and unstable.
wildtrees has quit [Quit: Leaving]
wolfshappen has joined #nixos
<stites>
zfs-0.8.2 runs fine on my laptop, though. Is there an upgrade path I'm supposed to use?
<evanjs>
Is there an easy way to replicate xmonad's config option, but for, e.g. taffybar? Tried copying it fairly literally the other day and got so lost
<evanjs>
configuration in question is services.xserver.windowManager.xmonad.config -> nixpkgs/nixos/modules/services/x11/window-managers/xmonad.nix
<evanjs>
lassulus: there's a service for it. We can specify enable and package via home-manager. And yes, that's what I was trying to copy from xmonad's config (e.g. `xmonadBin = pkgs.writers.writeHaskell "xmonad" {`)
alex`` has quit [Ping timeout: 258 seconds]
<evanjs>
I think adding dependencies is where I was getting blocked. Though I figure it should largely be the same as any other haskell package/derivation
<lassulus>
ah, alright, what was the problem? something like pkgs.writers.writeHaskell { libraries = [ haskellPackages.taffybar haskellPackages.someotherdep ]; } '' my config bla '' should work
alex`` has joined #nixos
<{^_^}>
[nix] @edolstra merged pull request #3303 → build: fix sandboxing on darwin → https://git.io/Jejty
<lassulus>
I should document nix-writers in the manual someday
<evanjs>
That looked similar to what I was doing. I think it had something to do with what happens after installation. Checking now
<evanjs>
(e.g. where taffybar checks for the config, etc)
<lassulus>
hmm, the automatic recompilation could be a problem, because the config and the result are probably in the nix-store
<infinisil>
lassulus: Why not today?
<infinisil>
Random (but actually not) question :)
<evanjs>
I figure it's similar to xmonad's recompilation but I'm not certain
wolfshappen has quit [Ping timeout: 258 seconds]
pbb has quit [Ping timeout: 252 seconds]
<lassulus>
I have to pack for my flight, I still haven't got to get a decent setup for writing documentation (its docbook isn't it?) and I'm a somewhat lazy person :D
<gchristensen>
what editor do you use?
<lassulus>
hmm, I guess the xmonad recompilation wouldn't work if you use the config option
<lassulus>
infinisil: I saw that, I'm not a big fan of docbook (I already broke master twice by having wrong tags) but I'm not sure I would prefer something else
<evanjs>
lassulus: yeah, currently, xmonad is usable when specifying the config option. It looks like it does have a wrapper with xmonadEnv, though
wolfshappen has joined #nixos
<lassulus>
gchristensen: thanks, I will check it hopefully soon
<gchristensen>
cool
<infinisil>
lassulus: You might like asciidoc, one of the contenders then, which is made to make writing docbook easier
pbb has joined #nixos
<evanjs>
oh boy. _and_ there's xmonad-nix.patch for telling xmonad to use NIX_GHC rather than "ghc" in XMonad/Core.hs. Seems like a bit more than what I was seeing earlier >.>
<evanjs>
it basically redirects the compilation to nix equivalents, which I assume would end up evaluating to something from xmonadEnv
pbb has quit [Excess Flood]
pbb has joined #nixos
<lassulus>
I vaguelly remember something with xmonadEnv, but I didn't look really into it when implementing the xmonad.config option, because I mostly didn't care for runtime recompilation
drakonis has quit [Ping timeout: 245 seconds]
<evanjs>
Yeah that bit is annoying. I just want to get things working with nixos-rebuild, so I _don't_ have to recompile during runtime
erictapen has quit [Ping timeout: 268 seconds]
<lassulus>
then you could probably skip the bits in xmonadEnv and build the binary just with writeHaskell directly? or whats the problem?
<samueldr>
I figure some fixes are general ruby improvements?
<evanjs>
Okay, it looks like I'm using home-manager's xmonad.config option at the moment, which does have some home.file entries. ... is what I was going to say...
<evanjs>
But now I realize I wasn't specifying config :D
<qyliss>
samueldr: indeed; see #nixos-ruby
<samueldr>
great :)
<evanjs>
getting an error in my new config now (!!!) which is good. I'll address that and see where it takes me
<nixnewbie>
OK, since we're here, where is CFLAGS? :P
pbb_ has quit [Quit: No Ping reply in 180 seconds.]
<evanjs>
nixnewbie: no don't worry, that's literally where any of my gentoo machines are atm
<zeta_0>
the shell path that is
<gustavderdrache>
the real CFLAGS were inside us all along
<evanjs>
I used sqlite for eix's backing store, git instead of rsync for emerge, several layman overlays, the list goes on. I know the feeling :P
<gustavderdrache>
(just kidding, stdenv.mkDerivation handles most of the CFLAGS for you)
pbb has joined #nixos
<nixnewbie>
evanjs, today I had the realization that I was spending waaaay too much time trying to update (and failing) than doing productive sysadmin stuff
<nixnewbie>
the upside was learning a shitload of things, but after 7+ years, I think gentoo has given me everything it could give me
<evanjs>
nixnewbie: yup. I still dick around with NixOS a ton, but I'm waaay more productive than I was with gentoo. Plus, now once I make a change and commit it, it's relevant to all my other NixOS computers
<gchristensen>
(please do try to avoid the coarser language in the Nix IRC channels :))
<nixnewbie>
gchristensen, sorry, will do
<gchristensen>
thahnks!
<DigitalKiwi>
why is librecad2 failing to build
<DigitalKiwi>
it hasn't changed
<zeta_0>
gchristensen: i inserted pkgs // right after `in` in the larger default, i don't know if the syntax allows that, and i am not sure how to paste the shellHook into the larger default.nix file as well, could you take a quick look?
<DigitalKiwi>
at least not afaict
<DigitalKiwi>
gchristensen how do i check the hydra?
<nixnewbie>
so, basically, either my user owns /nix or I've to use the daemon thingy
pbb has quit [Ping timeout: 252 seconds]
<evanjs>
gchristensen: *messing around. yeah good point, thanks!
<DigitalKiwi>
i can't find an issue about it so i'm confused if it's just me or what :<
pbb has joined #nixos
wildtrees has joined #nixos
<nixnewbie>
one last thing: I'm looking for a package manager that I can integrate in a large project I work on with a lot of components/packages (not an OS, but requires to install in a certain path tens of different compilers and other stuff)
<zeta_0>
gchristensen: i got the smaller default.nix file working for smaller haskell projects like with yesod, i want paste the shellHook from that file into the larger default.nix file, so i can get a shorter path there as well, but i keep getting these weird syntax errors when i just directly past it, so i am stuck
<eoli3n_>
how zfs manage filesystems size in the pool hen size is not set at creation ? it defaultly 100%/nb of filesystem ?
<__monty__>
nixnewbie: Changing the store prefix doesn't require using the nix daemon afaik.
<nixnewbie>
some packages should be install-and-forget, some others should be part of a change-the-source + build + install loop
<nixnewbie>
do you think nix can be of any use in this?
<zeta_0>
gchristensen: the only thing that i have inserted is the `pkgs //` right after the `in` part, other than that i haven't made any other changes to the file
<nixnewbie>
__monty__, how? is it possible to retain source and build directories and let the user change them and reinstall easily?
<__monty__>
nixnewbie: I'm not sure what you mean but nix won't rebuild things that don't change.
<symphorien>
nixnewbie: I think nix can help, but note that imo nix is hard to mix with other means of building software, so if you try using nix for this, you will probably have to package every dependency with nix
<nixnewbie>
symphorien, that'd be fine, it's mostly autoconf/cmake stuff, we already have our (very suboptimal) solution using makefiles
<symphorien>
nixnewbie: write a file which says "I want foo, bar and baz with source = this directory". Each time you change something, reinstall the file. If something has not changed, nix will reuse it. If something has changed, nix will recompile.
asheshambasta has quit [Ping timeout: 246 seconds]
<nixnewbie>
symphorien, OK, but I don't want to recompiler *everything* if a single line has changed. I want incremental builds (i.e., preserve build directories)
<__monty__>
Nix doesn't do incremental builds.
<zeta_0>
gchristensen: nevermind, i'll try this again later
<__monty__>
Only at the coarse "package" level.
<symphorien>
nix only preserves full "packages"
<nixnewbie>
OK, how hard would it be to hack it so that it does?
<__monty__>
But I happily use nix with haskell projects. Provide deps with nix and use cabal for incremental builds.
<{^_^}>
[nixpkgs] @Infinisil opened pull request #77133 → lib/types: Fix path type check → https://git.io/JejXb
<__monty__>
nixnewbie: You could split it up so each file is a package. Not worth the trouble though.
philr has joined #nixos
<symphorien>
quite hard, because there is a sandbox to prevent you from making impure builds
<nixnewbie>
I think impure builds is exactly what I'm looking for
<adisbladis>
__monty__ : Also that would kill evaluation performance
zeta_0 has quit [Quit: rcirc on GNU Emacs 26.3]
<nixnewbie>
in fact, if a base component changes a little, I don't want to rebuild all of its deps :P
<gchristensen>
nixnewbie: then nix is probably not what you're looking for
<__monty__>
Sure, I did say it wasn't worth the trouble.
<__monty__>
nixnewbie: You never rebuild *deps* because of changes. Only dependen*ts*.
<nixnewbie>
right
<nixnewbie>
that's what I meant
erictapen has quit [Ping timeout: 268 seconds]
<nixnewbie>
so, nix packages are actually pure, I mean not just in theory, but in practice, I've the guarantee of a deterministic build? byte-by-byte?
<__monty__>
Nope.
Thra11 has joined #nixos
<nixnewbie>
but in theory it'd be possible to have that
<infinisil>
And could be do some /dev/random magic to have it use a deterministic seed?
<infinisil>
s/be/we
<gchristensen>
infinisil: you could, but more common people want to make the order random
<infinisil>
If it's possible to make it deterministic, then I think that's the better approach by far. Doesn't require any extra work and it fixes it for all programs
<gchristensen>
it is possible if you control the mount point
<drakonis>
infinisil: that would be a horrible idea
<infinisil>
drakonis: Elaborate
<nixnewbie>
basically what nix does is `./configure --prefix=/nix/store/$(hash of the hashes of all the deps)-curl-7.64.0`. neat way of handling poorly designed build systems
mmlb has quit [Remote host closed the connection]
<drakonis>
unless i'm reading it wrong, you're saying to use /dev/random to produce a single seed, yes?
<drakonis>
just to see if i got it wrong the first time
<nixnewbie>
ln -s /dev/zero /dev/urandom
<infinisil>
drakonis: A seed is always singular
<infinisil>
nixnewbie: No not that
<drakonis>
fair enough
<infinisil>
To seed /dev/random with a fixed number
<drakonis>
right, i see
<infinisil>
Such that its random sequence is deterministic
<drakonis>
i understood it incorrectly the first time then
<drakonis>
also please dont actually kneecap system rng to make it deterministic
<gchristensen>
drakonis: don't worry, we won't :P
<adisbladis>
drakonis: In the context of the build sandbox it would make sense
<infinisil>
Ah no, it would probably be the nix daemon implementing a random generator
<{^_^}>
[nix] @edolstra pushed to master « Fix use of uninitialized store path »: https://git.io/Jej1s
<gchristensen>
adisbladis: that'll work great until r13y.com turns off the sandbox :)
pbb has quit [Quit: No Ping reply in 180 seconds.]
<adisbladis>
gchristensen: Once the sandox is off all bets are off anyway and r13y results are not very useful :)
<nixnewbie>
is the hash in the file name the hash of 1) the files of the deps or 2) of their configuration? I guess 2)
<gchristensen>
adisbladis: I'm not sure that is true
pbb has joined #nixos
<gchristensen>
like reproducibility for packages on macos should be a goal too
<nixnewbie>
The long strings prefixed to the directory names are cryptographic hashes[1] of all inputs involved in building the package — sources, dependencies, compiler flags, and so on
<LnL>
gchristensen: kill the uuids!
<infinisil>
But even implementing this deterministic /dev/random and file listing thing as a nix.conf option would be really nice. With this you could achieve effort-less determinism on at least Linux
<infinisil>
Could be enabled by default if the sandbox is enabled
<infinisil>
Well, or just not have a nix.conf option and always enable it when the sandbox is on
erictapen has quit [Ping timeout: 258 seconds]
<LnL>
gchristensen: I think it's relatively reproducible on same the same machine, but there's a bunch of stuff that shifts around on different hosts / os versions :(
ixxie has quit [Ping timeout: 240 seconds]
boogiewoogie has quit [Ping timeout: 252 seconds]
<nixnewbie>
for security purposes, builds have to be reproducible on a setup that is easy to achieve and trustworthy, not *all* configurations. the point is to have some random people verifying that the official builds are correct, not that every setup produces the same
<__monty__>
I'd be very surprised if deterministic builds weren't a thing in academia for ~30 years.
<nixnewbie>
30 years ago cyber was not big (cit.)
drakonis1 has joined #nixos
<nixnewbie>
so, if I want to use nix for the use case described above, I guess my best option would be to use some user directory as the source, prevent it from being hashed, disable the sandbox and somehow preserve the build directory. this would happend only on devs machines, the CI would do regular nix things
eoli3n_ has quit [Quit: WeeChat 2.7]
drakonis_ has quit [Read error: Connection reset by peer]
<nixnewbie>
at this point the only "downside" would be that if I update the compiler, I've to rebuild everything. but from a certain perspective that's good
drakonis_ has joined #nixos
dozn__ has joined #nixos
<adisbladis>
nixnewbie: Or run your development builds impurely in nix-shell
<nixnewbie>
I need a tl;dr for nix-shell
drakonis1 has quit [Ping timeout: 252 seconds]
<qyliss>
Down to 95M!
dozn_ has quit [Ping timeout: 268 seconds]
o1lo01ol1o has joined #nixos
<pie_[bnc]>
> emacsWithPackages (p: [ p. proofgeneral_HEAD ])
<nixnewbie>
I could use as "hash of the sources" the hash of the last commit in common with master on the current branch. this way dependants will be rebuild only once the current branch si merged into master
selfsymmetric-pa has joined #nixos
<nixnewbie>
adisbladis, interesting, thanks for the explanation
<simpson>
nixnewbie: No worries, this sort of desire is usually transient and goes away after debugging the immediate issue.
waleee-cl has quit [Quit: Connection closed for inactivity]
<nixnewbie>
I can feel people bleeding from the eyes reading what I'm trying to do
<simpson>
(BTW, to answer your earlier question more fully, it's up to the language and toolchain used, not Nix, to provide incremental builds. I have incremental per-module builds for the Monte language in Nix, for example.)
hpfr has quit [Ping timeout: 265 seconds]
<nixnewbie>
simpson, if the build directory is wiped away, it's quite hard to do incremental builds at object file level (unless you have ccache, but that's another story)
chloekek has quit [Ping timeout: 265 seconds]
<simpson>
nixnewbie: Right. That's not a limitation of Nix so much as a failure of the underlying compilation model (of C or whatever)
<__monty__>
Maybe you're really looking for a "cloud build system?" A la Bazel or something?
<simpson>
This isn't just conceptual. It's not possible, AFAIK, to toss ccache/icecream in with Nix and get a working incremental Bazel-alike.
bbarker2 has quit [Ping timeout: 265 seconds]
knupfer has quit [Ping timeout: 245 seconds]
<__monty__>
nixnewbie: Maybe read "Build Systems à la Carte" to get a better grip on what you're looking for and which systems support those requirements?
<adisbladis>
It is potentially possible with recursive nix, though thats brand spanking new shiny stuff so may or may not be ready
<o1lo01ol1o>
I accedently updated my nix channels with sudo (on a single user install on darwin) and now: warning: opening lock file '/nix/store/rllg6vpfgf6jb1pr71p7skk2c2gizzcy-readline70-001.drv.lock': Permission denied; will use bash from your environment
<o1lo01ol1o>
Do I need to uninstall nix?
selfsymmetric-pa has quit [Remote host closed the connection]
drakonis_ has quit [Ping timeout: 265 seconds]
NoctisLabs has quit [Ping timeout: 258 seconds]
drakonis_ has joined #nixos
<nixnewbie>
adisbladis, that'd enable me to install stuff from a nix-shell?
<adisbladis>
nixnewbie: Nope, nothing would. Though it would potentially give you incremental compilation even in pure builds.
<zeta_0>
if i remove the `rev` and `sha256` from an installation, will it automatically install the latest ones every time i do a rebuild switch with nix?
<jperras>
make sure you change the permissions after you mount /nix as well
<scheming_around>
Ok thanks for the quick response, I'll work through this now
<scheming_around>
*deep sigh*
Jackneill has joined #nixos
<scheming_around>
Do single user installations work OK?
<zeta_0>
?
<jperras>
unsure - I just went through the multi-user setup a few days ago
Mark_ has joined #nixos
domogled has quit [Quit: domogled]
<lassulus>
zeta_0: depends on the fetcher you use, where is the rev and sha256 defined?
philr has quit [Ping timeout: 265 seconds]
<Mark_>
Hi, I am planning on buying a System76 Galago Pro and installing Nixos on it. I have been told for that laptop to have working wireless and graphics I need to make sure I am using Linux Kernel 5.3 or higher. Is this what current version of Nixos uses? if not is it something that is easily configurable?
<Mark_>
huh, is there a nixos repl bot in here? thats pretty nice
<Mark_>
pity about the version
<jackdk>
{^_^}++
<{^_^}>
{^_^}'s karma got increased to 164
<zeta_0>
Mark_: i am using the system76 galago pro with nixos installed on it and it works fine
<lassulus>
zeta_0: fetchFromGitHub won't work without a rev and sha256
<Mark_>
interesting, do you have a public repo with your config I could refer to just in case? I wonder are you using the '2019 version' as I think they got refreshed fairly recently and this kernel version requirement came from their support today
<lassulus>
but maybe you can use builtins.fetchGit for that, which doesn't need that
<nixnewbie>
what about nix on windows?
<zeta_0>
lassulus: ok, that is good to know, but a new commit may break though right?
<lassulus>
Not sure what you mean, if upstream pushes broken stuff on master and you depend on the moving master stuff will also break for you
Jackneill has quit [Remote host closed the connection]
<zeta_0>
Mark_: yes my system76 galago pro is a 2019 version, its about 6 months old, so i don't think you'll have any problems, but your probably going to want to call the system76 tech support and ask them to make sure
Thra11 has quit [Quit: WeeChat 2.7]
<zeta_0>
lassulus: i guess for now i will just stick with the rev and sha256 for now, it is a hassle having to change them every one in a while, but, oh well
<__monty__>
nixnewbie: That's *not-a-thing* as of yet.
<lassulus>
I have an update script for something like that which puts the new rev and sha256 in a json and nix just imports it from there
<qyliss>
This is just how big Asciidoctor needs to be
<lassulus>
only lines 4-7 are relevant
<qyliss>
Maaaaybe you could get it down to 100
<qyliss>
But you'd have to just review every file in every gem and make a call on it
<qyliss>
It would take days
<qyliss>
So 125M is how big it's going to be
<zeta_0>
lassulus: cool, i'll take a look, thanks for the help
<zeta_0>
lassulus++
<{^_^}>
lassulus's karma got increased to 6
zeta_0 has quit [Quit: rebuilding]
<nixnewbie>
adisbladis++
<{^_^}>
adisbladis's karma got increased to 26
<infinisil>
qyliss: An interesting minimization technique i'd like to see: Do the workflow you want once, trace syscalls while doing that, remember all files that were accessed. Then build the minimized version by stripping all other files
<qyliss>
that's going to break ALL THE TIME
evernite has quit [Ping timeout: 252 seconds]
<infinisil>
It would be good enough for e.g. users rebuilding the manual for a simple option change
<DigitalKiwi>
samueldr: i wish to file a complaint
<samueldr>
hm?
<arcnmx>
infinisil: is there a recommended way to use nixos as a submodule? I'm using submoduleWith { modules = import (modulesPath + "/module-list.nix"); } with some tweaks but not sure if there's something more proper?
<{^_^}>
[nixpkgs] @kalbasit opened pull request #77143 → vim-plugins: turn filetype and syntax before sourcing the plugins → https://git.io/Jejyf
<samueldr>
(this is not a custom thing)
<infinisil>
arcnmx: Not that different than what you did :)
<DigitalKiwi>
so anyway how do i figure out what's wrong with librecad it's started not working anymore and apparently i'm the first person to notice/say anything
<DigitalKiwi>
anyone want to lend me a faster computer >.>
<arcnmx>
infinisil: thanks, that seems to match what I'm doing (tweaks = pkgsModule) so guess I'm heading in the right direction :)
<samueldr>
DigitalKiwi: first thing might be sharing what's the actual issue you're experiencing :)
<DigitalKiwi>
i found a PR that added a git version and that one compiles
<DigitalKiwi>
on nixos-unstable and librecad doesn't build
TheGamingBarrel has quit [Ping timeout: 265 seconds]
<zeta_0>
vaibhavsagar: quick question, ihaskell works fine, but for some reason the auto-completion and some other features are not activated by default, do i have to manually activate them or is my installation missing something in home.nix? https://hastebin.com/dusilikuzu.bash
fusion809 has quit [Remote host closed the connection]
<zeta_0>
vaibhavsagar: also, i forgot to mention, that i am using emacs and changed to polymode to get the ihaskell kernel to work, so i don't know if this change has anything to do with it?
<nixnewbie>
I wonder how much time the kernel spends resolving symlinks in nixos compared to a regular distro :P
<qyliss>
The big thing that slows down NixOS is the dynamic linker
<qyliss>
There's no reason we need to make it go through 20 directories on every exec, but that's the way it works currently
<gchristensen>
it'd be interesting to get firm data on that
<qyliss>
I think the Distri person had some
<maurer>
If that is actually true, we could probably do some hack to tell it "load *exactly* this .so" rather than resolving
<maurer>
since we don't do the drop in replacements that a normal dynamic loader would
<gchristensen>
maurer: we could patch glibc with abandon
<maurer>
I mean, we might even be able to upstream it, I suspect the glibc folks would be fine with something like -rpath but for an explicit "resolve this so to this path always"
<maurer>
but I'd want to know that it was actually important before someone wasted time
<gchristensen>
:)
logzet has quit [Ping timeout: 248 seconds]
<nixnewbie>
but seriously, in 2020 binaries should be PIE
<nixnewbie>
it's the default in modern GCCs, why is it disabled?
<gchristensen>
qyliss: do you know about the derivation attributes for controlling closures?
<qyliss>
allowedRequisites and friends?
<gchristensen>
yeah, and specifying maximum output sizes and stuff
<qyliss>
oh neat
jlv has quit [Remote host closed the connection]
<qyliss>
I tried to use allowedRequisites but bundlerApp didn't pass it through
<qyliss>
And I'm fed up of Asciidoctor for today :P
turbo_MaCk has quit [Quit: WeeChat 2.7]
<gchristensen>
:D
zeta_0 has quit [Quit: rcirc on GNU Emacs 26.3]
<gchristensen>
nixnewbie: good find, we will look in to why it is not enabled by default
<gchristensen>
thank you
justanotheruser has quit [Ping timeout: 248 seconds]
<qyliss>
. o O ( pkgsMusl.asciidoctor )
<qyliss>
(building now)
<gchristensen>
nixnewbie: the formatting is unclear, but: " The following flags are disabled by default and should be enabled with hardeningEnable for packages that take untrusted input like network services. " is right before "pie"
<nixnewbie>
gchristensen, I see. however I strongly suggest to enable PIE everywhere, it's simple and effective. also it's been the default in GCC for a while. I guess is being disabled explicitly
<{^_^}>
[hydra] @hamishmack opened pull request #700 → Fixes for macOS → https://git.io/JejSV