<{^_^}>
[nixpkgs] @matthewbauer pushed 3 commits to master: https://git.io/Jvm7n
justanotheruser has joined #nixos
four2206 has joined #nixos
logzet has quit [Ping timeout: 248 seconds]
logzet has joined #nixos
Synthetica has quit [Quit: Connection closed for inactivity]
<four2206>
Hello, can someone point me in the right direction with setting up vim to be built with python3? I made a vim.nix file and added my vimrc to be declared from there, and followed the vim page on the nixos wiki to add it with python3 support. Am I missing a step? Or maybe is there an easier way I'm not aware of? thanks
<jackdk>
I don't know the vim infra but what isn't working?
<four2206>
After adding the line here https://nixos.wiki/wiki/Vim#Python_3_support_for_vim to my packages list (not 100% this is where I should have put it), I get an error when building the configuration. error: attempt to call something which is not a function but a set, at /.../nixos/lib/customisation.nix
<disasm>
ah, its's not tied to the plugin, but neovim. extraPython3Packages is what I was looking for
<four2206>
disasm oh, alright. Where in this file do I need to add that?
<noonien>
zeta_0: just `ruby` works for me
<noonien>
zeta_0: if you do `nix-shell -p ruby`
<noonien>
you'll have a shell with ruby available
<disasm>
four2206: as an attr to customize
<disasm>
zeta_0: nix doesn't encourage having development libraries in your environment. So typically with a project, you create a shell.nix that defines all the deps you need, then you use nix-shell to get into a development environment. Same for C, python, etc...
<four2206>
okay, can u send the line that I should put one more time? I got disconnected and tried adding python = python3; above my customrc part of the file
<disasm>
four2206: I think that should be correct... I switched to neovim a while ago and it's slightly different.
m0rphism has quit [Ping timeout: 268 seconds]
<zeta_0>
ok, i found the ruby package in nix packages, i can use nix-shell for ruby, but does ruby come with other packages that i will need, or does it come with a lot of the things builtin like java
<zeta_0>
please excuse my ignorance, i have never used ruby before
<simpson>
zeta_0: Which package are you trying to get working? Ruby's one of those trickier languages, but maybe it's already packaged.
dansho has joined #nixos
Rusty1 has joined #nixos
<four2206>
disasm: might just do the same, seems like the easier solution. I've used neovim before but not yet on nix. One quick question tho. I usually link /bin/nvim to /bin/vim to avoid having to type nvim each time. Is there a way to achieve this same result in nixos?
<Valodim[m]>
What is the "inherit (foo) bar" Syntax? I've seen it in a couple packages, but not in any documentation. Is it just the same as leaving the parens out?
nisstyre has quit [Ping timeout: 250 seconds]
<jackdk>
roughly: `bar = foo.bar;` -- there's like one tangential mention in https://nixos.org/nix/manual/ if you search "the X Athena Widgets", you might find it)
<jackdk>
a better search on the page I just linked: "inherit (src-set) a b c"
Ralith_ has quit [Remote host closed the connection]
palo1 has joined #nixos
<adisbladis>
chagra: I don't think we're affected by the recent announcement.
<adisbladis>
Tbh it may even be good.
<kleisli>
hi all. i'm playing around trying to understand how derivations are built. i wrote this simple expression https://paste.ee/p/y942i with this simple builder https://paste.ee/p/Dsl1g . when I `nix-build` it, nix claims the $out directory doesn't exist. why's that?
<adisbladis>
I'm hoping other distros will use less old Qt versions and make packaging a bit easier on recent versions.
palo1 is now known as palo
palo has quit [Ping timeout: 268 seconds]
<adisbladis>
kleisli: You'll have to create $out
<kleisli>
I see. I thought the idea was that nix gives the builder an out directory it's meant to write into
<clever>
kleisli: $out can also be a file or a symlink
<adisbladis>
Derivation outputs are not necessarily directories, they can be regular files too. So it's completely up to the builder to decide what makes sense as an output.
<clever>
kleisli: its up to the builder to create it
<xavierzwirtz[m]>
whats the trick to puting a file from a derivation in a specific location on disk?
<xavierzwirtz[m]>
I need to write the k3s airgapp images to `/var/lib/rancher/k3s/agent/images/`
<xavierzwirtz[m]>
I guess I could copy the file from the derivation to where it needs to go in a systemd service, feels a little odd though
noudle has joined #nixos
<etu>
xavierzwirtz[m]: It's usually done through services
<xavierzwirtz[m]>
Ill try that way then
<etu>
xavierzwirtz[m]: either if it's possible to configure/patch the program to look in the store instead... or through a service that creats a symlink to the store or copies files
<etu>
It depends a lot on the application and how it behaves. Also what kind of data it is.
<xavierzwirtz[m]>
Ideally k3s would let me change where it looks for images with an env var
rheeseyb has joined #nixos
o1lo01ol1o has joined #nixos
Chiliparrot has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<clever>
the clients obviously wont respect the changes, but will connect to the patched daemon
<wedens[m]>
btw, will doing something like `pulseaudio = symlinkJoin [ pkgs.pulseaudio myconfig ]` in an overlay, where 'myconfig' contains modified files work? I'm not sure how symlinkJoin handles existing files
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78672 → pythonPackages.argparse: init at 1.4.0 → https://git.io/JvYvI
<clever>
wedens[m]: id use buildEnv for that, but that will likely cause a mass rebuild
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78673 → pythonPackages.commentjson: init at 0.8.2 → https://git.io/JvYvY
<wedens[m]>
yeah, it will. I'm just curious whether it'll have the desired effect of changing the files
<clever>
wedens[m]: you can just nix-build that pulseaudio, to see if it did what you want
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78674 → pythonPackages.flower: init at 0.9.3 → https://git.io/JvYvc
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78675 → pythonPackages.gitlab: init at 1.0.2 → https://git.io/JvYvl
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78676 → pythonPackages.inotify: init at 0.2.10 → https://git.io/JvYv0
<Dandellion>
thanks everyone I'll give this a try
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78677 → pythonPackages.mimesis: init at 3.3.0 → https://git.io/JvYva
FRidh has quit [Quit: Konversation terminated!]
FRidh has joined #nixos
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78678 → pythonPackages.nbconflux: init at 0.7.0 → https://git.io/JvYvr
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78679 → pythonPackages.pdfrw: init at 0.4 → https://git.io/JvYv6
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78681 → pythonPackages.pipdeptree: init at 0.13.2 → https://git.io/JvYvX
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78682 → pythonPackages.pypattyrn: init at 1.2 → https://git.io/JvYvD
<{^_^}>
[nixpkgs] @FRidh pushed 1000 commits to staging-next: https://git.io/JvYvy
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78683 → pythonPackages.pytest-memprof: init at 0.2.0 → https://git.io/JvYvH
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78684 → pythonPackages.python-highcharts: init at 0.4.2 → https://git.io/JvYvQ
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78698 → pythonPackages.dash-daq: init at 0.3.3 → https://git.io/JvYfW
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78699 → pythonPackages.thriftpy2: init at 0.4.10 → https://git.io/JvYf4
<{^_^}>
[nixpkgs] @arnoldfarkas opened pull request #78700 → pythonPackages.property-cached: init at 1.6.3 → https://git.io/JvYfB
lstanley has quit []
lstanley has joined #nixos
thc202 has joined #nixos
hyper_ch2 has quit [Remote host closed the connection]
yourfate has joined #nixos
<yourfate>
I'm trying to install nixos in a VM behind a corporate proxy. I set http(s)_proxy and ftp_proxy, also the capitalized versions, and I set the networking.proxy.default in the nixos config
<yourfate>
I can curl websites just fine
<yourfate>
but nixos can't connect to servers during theinstall
<aveltras>
wedens[m]: like this ? workOnMulti = (import "${reflexPlatformSrc}/nix-utils/work-on-multi") { reflex-platform = reflexPlatform; }; , if so, this doesn't work either, same error
<aveltras>
oh, seems it was due t something else in the file
XenGi has joined #nixos
<aveltras>
still loading but i think thats ok now, thanks
<grin[m]>
hello; first time user (tester) here, and have quite a bad experience with the installer, namely that it doesn't install. This is a VM (non-efi) and while installer keeps telling me "You must set the option ‘boot.loader.grub.devices’ or 'boot.loader.grub.mirroredBoots' to make the system bootable" these options are set in the config. I guess some automagic process make me sad since specifically "enable" grub causes conflic
<grin[m]>
between my config and nixos' own.
<grin[m]>
It's also not clear whether `nixos-install` uses the config or the already built system (eg. do I have to rebuild every time I change something in the config).
<clever>
grin[m]: for non-efi installs, you must set something like boot.loader.grub.devices = [ "/dev/sda" ];
<clever>
grin[m]: that tells grub which drive to install the MBR stub into
mexisme has joined #nixos
<grin[m]>
<clever "grin: for non-efi installs, you "> it is set. also tried device ="/dev/sda";
<{^_^}>
[nix] @edolstra pushed to flakes « Shut up warning »: https://git.io/JvYIZ
<grin[m]>
rebuild stopped complaining that the system won't be bootable, but the installer isn't happy.
<clever>
grin[m]: what path are you editing?
<grin[m]>
<clever "grin: what path are you editing?"> `/etc/nixos/configuration.nix `
<grin[m]>
According to manual as far as I see.
<clever>
grin[m]: nixos-install reads /mnt/etc/nixos/configuration.nix, and is meant to build a copy of nixos currently mounted in /mnt/
<clever>
grin[m]: nixos-rebuild reads /etc/nixos/configuration.nix and is meant to update the currently running nixos (mounted at /)
<grin[m]>
ah.
<grin[m]>
this seems to be a surprise action.
<grin[m]>
let me grep the manual again.
<clever>
grin[m]: nixos-install is basically a script that runs nixos-rebuild, inside a chroot
<grin[m]>
aah. yes, it's there but it looks like it's connected to the UEFI config ☹︎
<grin[m]>
sorry, I read it like 5 times and still missed. would be useful if install would mention which config it reads.
mexisme has quit [Ping timeout: 245 seconds]
<grin[m]>
after knowing the answer it seems obvious, but not for the newcomers. since this is probably the first potential problem (install) it may be made a little bit more verbose or helpful.
<grin[m]>
thank you for the answer, install seems to be very busy retrieving packages now. I guess it'll work. 🧁
jgeerds has quit [Ping timeout: 265 seconds]
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
<clever>
grin[m]: are you starting from a pre-made virtualbox image or an iso file?
<thefloweringash>
is there any work on untrusted remote builds based on nix 2.0 style persisted signatures? it'd be approximately the same as "drv=$(nix-instantiate ...); nix copy --to ssh-ng://$b; r=$(ssh $b "nix-build $drv"); nix copy --from ssh-ng//$b $r"
<thefloweringash>
use case: sharing build hardware without the scary warnings about "trust this builder as much as you trust any user", like the aarch64 community box
Rusty1 has joined #nixos
newhoggy has quit []
newhoggy has joined #nixos
<gchristensen>
how would persisted signatures fix it?
<thefloweringash>
no trust required in either direction
<thefloweringash>
the persisted signatures probably aren't critical, but you'd need a way for the remote to sign things
<gchristensen>
there is no way around needing trust when receiving build outputs which aren't content-addressed
<thefloweringash>
I should clarify, no "trusted-user" style trust required. the client receiving the build needs to trust the signing key of the builder
<gchristensen>
I guess I'm not sure what you mean, can you clarify?
<thefloweringash>
the thing that makes the aarch64 builder unsafe is that each remote user is a nix "trusted-user", and can upload arbitrary contents to any store path
<thefloweringash>
(correct me if I'm wrong at any point!)
ftzm has joined #nixos
<gchristensen>
right
<gchristensen>
so one solution is to only allow users to upload content-addressed paths
<gchristensen>
there is a secondary risk of somebody using a kernel exploit to break out of the sandbox, but I'm going to assume you're assuming that won't happen :)
<thefloweringash>
if the "sending inputs" step is never done, by uploading .drvs (which don't need signatures), and letting the builder do either building or substitution, then you get most of the win
<gchristensen>
true
<gchristensen>
that does mean you can't use it as a remote builder in the /etc/nix/machines sense
<thefloweringash>
and for the "receiving outputs" you sign on the builder, and have the clients trust the builder's key
<thefloweringash>
ah, yes, exactly!
<gchristensen>
back in a few!
<thefloweringash>
I'd love to have the remote builder style builds, without the current "trusted-user" requirement.
fendor has quit [Read error: Connection reset by peer]
fendor_ has joined #nixos
<thefloweringash>
it seems like it'd be a fairly small change to nix that'd enable my use case of letting semi-random people safely build on my hardware, or making the community builder safe
bukkitgerman has joined #nixos
<simpson>
I'm not sure how that follows. Somebody malicious could still perform a miscompilation, and as long as nobody else builds the package, the malicious version will get cached.
<simpson>
(Put another way, the dangerous part of Nix-built code is that it will be loaded by an extremely unsafe and powerful code-loader. Doesn't matter how well-intentioned the compiler is, as long as the code-loader is so powerful.)
<thefloweringash>
how do you cause a miscompilation?
rheeseyb has quit [Quit: Konversation terminated!]
hyper_ch2 has quit [Remote host closed the connection]
rheeseyb has joined #nixos
<thefloweringash>
can you expand on that?
hyper_ch2 has joined #nixos
<simpson>
Sure. A compiler is *any* function from source code to machine code, isn't it? Including the functions which (classically) insert backdoors into binaries.
ng0 has quit [Quit: leaving]
newbie21 has joined #nixos
<newbie21>
Hi
<newbie21>
My computer does not show Wifi NIC after installed NixOs
<{^_^}>
[nixpkgs] @vcunat pushed to release-19.09 « Merge #75437: kramdown-rfc2629: init at 1.2.13 »: https://git.io/JvYti
<thefloweringash>
simpson: sorry I'm still not following. In the model of a builder where you trust the admins and its signing key, can you as an untrusted user cause another untrusted user to receive a malicious build?
dingenskirchen1 has joined #nixos
<simpson>
thefloweringash: If you trust, then that's not interesting. Recall that "I trust this" means "I am vulnerable to exploits from this".
domogled1 has joined #nixos
domogled has quit [Read error: Connection reset by peer]
domogled1 is now known as domogled
cosimone has joined #nixos
<simpson>
This is why only the content-addressed packages would be okay; they *can't change contents* without changing the hash.
dingenskirchen1 is now known as dingenskirchen
<thefloweringash>
maybe it's not interesting, but it seems like a useful improvement
<simpson>
IYSS, but I'm also in #nixos-aarch64, and AFAICT this is all because folks aren't patient about compile times on ARM.
smatting has joined #nixos
<simpson>
Sure, I get it; ARM compile times are not pleasant. So? When I was your age, we all used Gentoo, and we had to wait for our compilers, and we loved it! We'd recompile everything all the time.
<AmandaC>
Oh goddesses above, I remember being asked to do something in a tech school class, but I needed to updatemy USE flags to be able to communicate with the hardware I was asked to messwith, and spent the whole class with a heater on my lap whileI rebuilt the world.
<simpson>
thefloweringash: Specifically, in your example, machine $b has tools that *claim* to be Nix. How would you enforce that machine $b never miscompiles?
cosimone_ has joined #nixos
Chiliparrot has joined #nixos
cosimone has quit [Ping timeout: 248 seconds]
turion has joined #nixos
<thefloweringash>
simpson: I am going to take the "uninteresting" approach of trusting the nixos infra people to make trustworthy infrastructure, much like they maintain the global binary cache
<thefloweringash>
I also used gentoo about 15 years ago. I got better.
veske has quit [Quit: This computer has gone to sleep]
<thefloweringash>
My use case really is: I have faster-than-average arm hardware, I'd like to share it, how safe can I make this?
<thefloweringash>
I'm hoping that use case doesn't seem too far fetched?
newbie21 has quit [Ping timeout: 260 seconds]
<simpson>
Today, given how code is loaded on the typical Linux kernel, I'd suggest that you *can't*, and that trying is not worthwhile. This isn't arbitrary or capricious; certain kinds of artifacts are quite safe to load, and others are not.
<simpson>
Although you can get your hardware added to the community build pool, I think.
newbie41 has joined #nixos
<thefloweringash>
IIUC, you're saying that running services like ofborg is unsafe, since it will build any PR submitted to nixpkgs?
<simpson>
I don't know. I don't have any authority over what folks do. I just wish folks would understand why so much trust is a *bad thing*. Even if people are trust*worthy*, actually *trusting* them leads directly to security weakness.
<simpson>
Yeah, we trust gchristensen (that is, we are vulnerable to gchristensen's choices) in running ofborg.
<newbie41>
simpson I have `enableAllFirmware` and reboot the machine, but the NIC is still missng.
<simpson>
newbie41: dmesg time. Why doesn't the kernel find your device?
<thefloweringash>
simpson: but since he trusts any github user to be able to perform builds, then ofborg is practically unsafe?
<hexa->
newbie41: do you know the model of your wifi card?
<newbie41>
I use Thinkpad X1 Extreme 2nd, come with Intel Wi-Fi 6 AX200 2x2 AX,
<simpson>
thefloweringash: Yep, seems you understand. This is a portion of why it would be nice if we had the equivalent of $(guix challenge), which allows end-users to doubt a package's integrity and regenerate it from known-good builders.
<hexa->
newbie41: you'll need kernel 5.4 or later
<newbie41>
How can I specify the kernel in nixos config
<thefloweringash>
is there some extra reading I can do on the nature of the attacks possible from a nix build environment?
<hexa->
via boot.kernelpackages
<hexa->
you'll probably want pkgs.linuxPackages_latest for the time being
<{^_^}>
[nixpkgs] @andir opened pull request #78706 → buildRustCrate: do not overlay OUT_PATH on src/ → https://git.io/JvYqm
alex`` has joined #nixos
<thefloweringash>
I don't think what I'm talking about relates to compilers. I'm still not entirely convinced we're talking about the same thing here.
<simpson>
Okay, no worries.
newbie41 has quit [Remote host closed the connection]
<gchristensen>
simpson: "not sure how that follows" if we trust the Nix daemon (and its administrator) to faithfully validate every input is content addressed, and assume no kernel exploits, it is safe to assume that if someone gets a pwned output, they were attempting to build the same pwnd output. nobody trusts ofborg beyond the build output and "did it build?" nobody but the builder executes what it creates. I
<gchristensen>
typically consider ofborg builders to likely be compromised.
<simpson>
gchristensen: Ah, TIL, thanks. And yeah, we do have to assume that all of the Nix binaries are not tampered with; that's the root of the trusting-trust problem here.
<NoctisLabs>
Is there a way to detect what system the configuration.nix is running on with the machineid or a hardware identifier and only import the configuration for that machine? I'd like to see an example if you have one.
<thefloweringash>
simpson: when you said "given how code is loaded on the typical Linux kernel, I'd suggest that you *can't*,", what were you referring to? that's the stuff I'm interested in
astrofog has joined #nixos
newbie10 has joined #nixos
<newbie10>
Thank you, upgrade the firmware fix the NIC problem
newbie10 has quit [Remote host closed the connection]
waleee-cl has joined #nixos
<simpson>
hexa-++
<{^_^}>
hexa-'s karma got increased to 1
nikola_i has quit [Ping timeout: 260 seconds]
<hexa->
:)
<simpson>
thefloweringash: I'm not sure where to start without getting extremely academic. http://erights.org/talks/thesis/markm-thesis.pdf has multiple relevant chapters. I expect, though, that reading about the Confused Deputy is necessary first.
<simpson>
thefloweringash: When we run a binary on Linux, we *endow* the executing process with a bevy of permissions. We then *trust* the binary to attenuate its permissions, shedding and closing things it does not need; we *trust* it to not make certain syscalls. See the problem?
phreedom has quit [Remote host closed the connection]
phreedom has joined #nixos
<simpson>
(The way E, or my language Monte, loads code is *explicit* about permissions and capabilities. I would let other folks compile Monte modules; loading Monte code is safe.)
<newbie84>
I have another problem. I used my android phone connected to the laptop in USB tethering mode during NixOS installation, bc I could not enable the WiFi NIC at that time. But now, I can not boot the machine without connect the android phone at USB tethering mode :(
veske has quit [Quit: This computer has gone to sleep]
<Yaniel>
boot with the phone connected, disconnect phone, run the nix ocnfiguration generator again, rebuild os
<Yaniel>
the configuration generator should only touch hardware-configuration.nix so your existing configuration.nix is safe
<grin[m]>
what does it mean to have "torbrowser" in `nix search` or `nix-env -qaP` but getting *error: selector 'torbrowser' matches no derivations* when trying to install?
<alexarice[m]>
grin: the package name probably doesn't match the derivation name
<evanjs>
grin[m]: nixos.tor-browser-bundle-bin
<evanjs>
indeed it doesnt
<grin[m]>
tried various variations but it's really just guessing.
<{^_^}>
#78714 (by drewboardman, 14 minutes ago, open): "nix-channel --update" fails -- "warning: the group 'nixbld' specified in 'build-users-group' does not exist"
kleisli has quit [Remote host closed the connection]
<Guest50319>
the error changes depending on whether i sudo or not
kleisli has joined #nixos
vidbina_ has quit [Ping timeout: 268 seconds]
<Guest50319>
basically it looks like that `/channels` dir never got created
<makefu>
lets have a quick look into the pkgbuild in aur
sigmundv has joined #nixos
<Guest50319>
you're thinking maybe it's the package?
Guest50319 is now known as drew_b
<makefu>
maybe, i am not sure :)
<evanjs>
Okay so... Lately I figured out that Android Studio is much better suited to android dev on NixOS, because it's in an FHS because it basically needs that to work as intended
<evanjs>
My question--or actually maybe just thinking out loud--but I wonder how hard it'd be to get IDEA Ultimate into an FHS like that
<evanjs>
Though to be honest, having primarily used InteliiJ Ultimate stuffs before, Android studio does seem to be better suited for Android dev (who would've thought) -- I just miss some of the lints and helper utilities atm
<drew_b>
@makefu I don't think I'm using the daemon
<drew_b>
idk how to ping your nick
<drew_b>
new to irc
<makefu>
that worked :)
<makefu>
let me find an archlinux vm for testing real quick
<drew_b>
error: program '/usr/bin/nix-env' failed with exit code 1
<drew_b>
i wonder if this has to do with unprivileged/privileged
orivej has quit [Ping timeout: 268 seconds]
<evanjs>
Oh right, to rephrase my question from earlier, is there a less painful way to run `nix-prefetch-git <github repo>` and manually updating a derivation?
<drew_b>
maybe this is something I want to look into?
<drew_b>
I tried that before, and it didn't work
<cransom>
right. that sounds fine. i assume something looking for /usr/bin/bash is a problem, maybe it's not allowed in sandboxing? is it listed in sandbox-paths in /etc/nix/nix.conf? i know nothing about the nix bundled for other distros, but thats my only thought.
<infinisil>
hexa-: srhb: It should be possible to override ExecStart completely with `ExecStart = mkForce ...`. You'll have to copy the previous definition, but not the whole service
<cransom>
drew_b: it will build things, but you probably want nix-shell instead.
<hexa->
infinisil: copy the previous definition?
Chiliparrot has joined #nixos
<drew_b>
yeah i have a nix shell in there
<drew_b>
@cransom will these cachix binaries be available inside my nix shell?
<hexa->
the thing is, it has a confPath variable in it, which is why I want to prefix it
<clever>
drew_b: if cachix is configured correctly, and you use the same nix expressions, nix-shell will download what it can from cachix
<cransom>
drew_b: if you followed cachix setup for your project, it should.
<arcnmx>
makefu: iirc it's convention that the base-devel metapackage is an implicit dependency for basically everything
LiuWen has quit [Quit: LiuWen]
<srhb>
hexa-: The actual issue here may be that the module in question isn't exposing enough information to the user for you to be able to reuse values in a custom fashion. Maybe the module needs fixing :)
<srhb>
hexa-: (Like if it generates a config file for you based on some values, but you're not able to get _at_ that configfile)
<hexa->
hehe, possibly
<drew_b>
@cransom, will cachix automatically set up pushing my project to its caches?
<drew_b>
i dont want that
<hexa->
exactly
<drew_b>
it's work stuff
dingenskirchen has quit [Remote host closed the connection]
<clever>
drew_b: cachix only pushes if you run the push command within cachix
<drew_b>
any way to disable that?
<arcnmx>
makefu: "Packages in the AUR assume that the base-devel group is installed, i.e. they do not list the group's members as build dependencies explicitly"
<clever>
drew_b: just dont run the push command?
<makefu>
arcnmx: ooookay, thanks. makepkg might hint to that if it encounters issues
<drew_b>
do you know if it's just `push` or is it `cachix push`?
dingenskirchen has joined #nixos
<arcnmx>
mm it's not exactly a good convention, but it's a thing to be aware of o:
<sigwinch28>
Is there any consensus on how to set/change a user's profile picture (as seen in places like sddm, kde plasma menus, etc.)? The closest I can find is https://github.com/NixOS/nixpkgs/issues/20872
<makefu>
arcnmx: i've updated my comment. thanks :)
<drew_b>
@clever my nixshell is finding the binaries on my host
<drew_b>
instead of cachix
fendor has quit [Ping timeout: 265 seconds]
mudri has quit []
prompt32 has joined #nixos
mudri has joined #nixos
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
prompt32 has left #nixos [#nixos]
lsix has quit [Quit: WeeChat 2.6]
waleee-cl has quit [Quit: Connection closed for inactivity]
psyanticy has joined #nixos
Jackneill has quit [Remote host closed the connection]
phreedom has quit [Remote host closed the connection]
phreedom has joined #nixos
<OmnipotentEntity>
Is there a newer version of this? https://github.com/grahamc/nixos-cuda-example I'm getting that /nix/store/hash-nvidia-x11-version/bin/nvidia-smi does not exist.
<OmnipotentEntity>
The file seems to be in /nix/store/hash-nvidia-x11-version-bin/bin/nvidia-smi instead.
<OmnipotentEntity>
ok figured it out
wildtrees has joined #nixos
wildtrees has quit [Remote host closed the connection]
wildtrees has joined #nixos
alex`` has quit [Ping timeout: 265 seconds]
<OmnipotentEntity>
@grahamc[m], courtesy ping for a new pull request (minor bug fix) on your cuda example.
v88m has joined #nixos
srid-irccloud has joined #nixos
alex`` has joined #nixos
<drew_b>
@makefu the only thing that worked was the sandbox thing
<drew_b>
you never messed with $HOME/.config/nix/ ?
lightbulbjim has quit []
lightbulbjim has joined #nixos
drakonis has joined #nixos
Ralith_ has quit [Ping timeout: 268 seconds]
cosimone has quit [Quit: Quit.]
ps4 has joined #nixos
rheeseyb has quit [Quit: Konversation terminated!]
chloekek has joined #nixos
jeaye has quit [Quit: WeeChat 2.4]
jeaye has joined #nixos
protocol has quit [Remote host closed the connection]
protocol has joined #nixos
sondr3 has joined #nixos
<wild_buffalo>
hey so I'm trying out nixops
<wild_buffalo>
and I'm attempting to deploy a simple machine to VirtualBox
<wild_buffalo>
So I can play around with NixOS
<wild_buffalo>
when attempting to deploy it
<wild_buffalo>
with `nixops deploy -d playground`
<wild_buffalo>
I get the following error:
<wild_buffalo>
error: a 'x86_64-linux' with features {} is required to build '/nix/store/9r98z3m1acfpqvwi97d45sabg0hni3mf-append-initrd-secrets.drv', but I am a 'x86_64-darwin' with features {benchmark, big-parallel, nixos-test}
<pbb>
My setup has some drives using dmraid -> bcache -> LVM, but the logical volumes are not activated after a reboot. How can I fix this?
ps4 has quit [Remote host closed the connection]
aveltras has quit [Quit: Connection closed for inactivity]
fendor has joined #nixos
fendor has quit [Client Quit]
fendor has joined #nixos
Aussieteen has joined #nixos
Ralith_ has joined #nixos
Gohla has joined #nixos
TallerGhostWalt_ has quit []
TallerGhostWalt_ has joined #nixos
weechat_4 has joined #nixos
weechat_4 is now known as mingc
emacsomancer has quit [Read error: Connection reset by peer]
emacsomancer has joined #nixos
Aussieteen has quit [Ping timeout: 268 seconds]
<jluttine>
how to add executables to PATH in python development environment? i've added some packages to depsBuildBuild but those executables don't appear on PATH..
<jluttine>
this was how it was instructed to me last spring
<jluttine>
has it changed somehow?
<jluttine>
(using nixos-unstable)
<wild_buffalo>
So it looks like I need to setup a remote build to be able to deploy stuff with NixOps in MacOS. Is that true? Does anyone know a way to make the build happen in the deployed machine itself? Sort of like how Ansible would do it?
evck has quit []
evck has joined #nixos
<makefu>
jluttine: i'd guess you can add it via propagatedBuildInputs
<jluttine>
makefu: hmm.. doesn't seem to help..
<makefu>
jluttine: do you have a shell.nix to share?
<mehlon>
I already have the appropriate git repo on my device
<mehlon>
now I just want to enable it in my configuration.nix
fusion809 has quit [Remote host closed the connection]
<ongy[m]>
Is there some trick with (session) dbus instance and nix-shell? I can't connect to the bus (socket missing). I don't have any dbus package directly in my deps though
fusion809 has joined #nixos
<tilpner>
mehlon: What happens when you set services.guix.enable = true?
Neo-- has joined #nixos
<mehlon>
tilpner: The option `services.guix' defined in `/etc/nixos/configuration.nix' does not exist.
<mehlon>
I tried including the whole service file inside of configuration.nix but the pkgs.guix attribute doesn't exist
<tilpner>
mehlon: Oh, you only have the repo, but you're not using it
<tilpner>
mehlon: Set NIX_PATH=nixpkgs=path/to/checkout
<mehlon>
oh
<tilpner>
Assuming you checked out the PR there
cqc has quit []
cqc has joined #nixos
<tilpner>
This particular PR would be usable without switching your entire nixpkgs tree over
<{^_^}>
[nixpkgs] @matthewbauer merged pull request #78397 → uberwriter: add shared-mime-info to environment and update → https://git.io/JvtwT
<{^_^}>
[nixpkgs] @matthewbauer pushed 3 commits to master: https://git.io/JvY0D
<mehlon>
tilpner: I set the variable, and tried NIX_PATH=$HOME/nixpkgs/ sudo nixos-rebuild switch but that still produced the same error: services.guix not defined
<mehlon>
alright it worked with the overlay and the import, thank you tilpner
psyanticy has quit [Quit: Connection closed for inactivity]
cosimone has quit [Quit: Quit.]
mexisme has quit [Read error: Connection reset by peer]
tnks has quit []
tnks has joined #nixos
mehlon has quit [Remote host closed the connection]
mehlon has joined #nixos
mehlon has quit [Remote host closed the connection]
Chiliparrot has joined #nixos
mehlon has joined #nixos
<mehlon>
just froze up my system by trying to build something in gentoo
alex`` has quit [Ping timeout: 265 seconds]
jgt has joined #nixos
mehlon has quit [Quit: Leaving]
civodul has joined #nixos
mexisme has joined #nixos
<jgt>
does anyone know how to update my nix-darwin channel?
tilpner has quit [Remote host closed the connection]
<jgt>
I'm trying `nix-channel --update darwin`, but it just says "unpacking channels..." and appears to do not much else
tilpner has joined #nixos
cosimone has joined #nixos
<sondr3>
as in no more output?
shibboleth has joined #nixos
<pikajude>
do nixos containers have their own network interfaces?
<pikajude>
could i run something behind openvpn without affecting the rest of the container
<jgt>
sondr3: no, no more output
<sondr3>
jgt: cause it'll unpack and then say `created 2 symlinks in user environment` and that's it
<pikajude>
the rest of the machine*
tilpner has quit [Remote host closed the connection]
<pikajude>
lol
<jgt>
sondr3: when I `darwin-rebuild changelog`, the latest entry is "2018-03-29"
tilpner has joined #nixos
alex`` has joined #nixos
<jgt>
basically I want to use a later nixpkgs version, and with nix-darwin I don't know how to do this
drakonis has joined #nixos
<jgt>
maybe the package version I want isn't even in nixpkgs yet. Is there an easy way to look up the version of a package on nixpkgs somewhere? I know there's usually these handy websites like howoldis.
<sondr3>
jgt: nix search <pkg> or nixos.org
noudle has quit []
FeudalBear is now known as justanotheruser
<jgt>
sondr3: unfortunately `nix search elm2nix` just gave me a package description, but not the version
<Raito_Bezarius>
Or is there a simpler way nowadays?
<sondr3>
yeah, it's a really weird quirk that I hate too. I tried making my own utility to fix it but Rust couldn't parse the json file on the webpage with Serde because of how many different formats the license object was in :P
tilpner has quit [Remote host closed the connection]
tertl3 has quit [Quit: Connection closed for inactivity]
<jluttine>
adisbladis: oh wait, what we discussed 1.5h ago, didn't actually work.. the local python package wasn't installed in development mode but in normal mode, so changes in the local package weren't reflected in the environment.. :( i wonder how i can make a development installation of a python package..
dingenskirchen has quit [Quit: dingenskirchen]
dingenskirchen has joined #nixos
rauno has quit [Ping timeout: 260 seconds]
<jluttine>
what is the current way of installing python packages in development mode so that i can also add executables to PATH in the same environment?
<pikajude>
i have this weird thing where the non-interactive login shell environment doesn't have anything useful whatsoever when I ssh in to the server
<pikajude>
and i guess something must be configured incorrectly
<pikajude>
like, bash isn't in the path for example
wiml has quit [Ping timeout: 260 seconds]
<exarkun>
adisbladis: Lucky you
<adisbladis>
exarkun: With that said, I think that nixpkgs pythonPackages is unsuited for python development anyway.
mzan has joined #nixos
<exarkun>
I wonder if you think that, having said it doesn't even work for me, I'll disagree. :)
<lassulus>
Uh, I never got xpra to work with nixos as a server
<infinisil>
wild_buffalo: With your first file in the reddit post do this:
<infinisil>
,callPackage
<{^_^}>
If a Nix file foo.nix starts with something like `{ stdenv, cmake }:`, you can build it with `nix-build -E '(import <nixpkgs> {}).callPackage ./foo.nix {}'`
<infinisil>
WinchellsM: ^
<simpson>
infinisil++ jackdk++
<{^_^}>
infinisil's karma got increased to 200, jackdk's karma got increased to 7
<pikajude>
okay, so this is a dumb question, but i have a container with privateNetwork = true; and it's not getting a nameserver from resolvconf, though the host is
<pikajude>
why is that
dingenskirchen has quit [Remote host closed the connection]
dingenskirchen has joined #nixos
knupfer has quit [Ping timeout: 248 seconds]
<infinisil>
pikajude: It could be that without it this wasn't necessary because it was able to use DHCP with the router to get the nameserver
<pikajude>
right
<pikajude>
so i'm trying to figure out how to configure it properly
<infinisil>
Did you try setting networking.nameServers?
<infinisil>
nameservers*
<pikajude>
oh no, even if i manually set it, the router is unreachable