<xelxebar>
What kind of archives (e.g. tar.bz2, tar.gz, tar.xz etc) back binary cache installs?
<bhipple>
I believe it's tar.xz
<xelxebar>
Thanks. Is there an easy way to browse cache.nixos.org?
<clever>
not really
<bhipple>
Not that I'm aware of; it's somewhat opaque and requires knowing the hash of what you're looking for
<clever>
your meant to eval a nix expr from nixpkgs, to compute what path you want
<clever>
and then query cache.nixos.org to see if it has that path
<xelxebar>
Fair enough. I think my question is actually broader, then.
<gchristensen>
ah?
<bhipple>
Intuitive, you can think of nix as a "source based package manager with efficient binary substitutes". You always query it with enough information that it could compile everything from src if it had to, but then the binary cache steps in making substitutions for packages it already has.
<bhipple>
Intuitively*
o1lo01ol1o has quit [Remote host closed the connection]
<bhipple>
thus the binary cache is optimized for machines querying it with perfect information, rather than humans browsing it in an FTP server style looking for things to download
<xelxebar>
On what variables is tar deterministic? I am working with an upstream package that's having problems with their source tarball getting rebuilt from presumably identical contents but the resulting tarball hashes differently
<clever>
time tar --sort=name --mtime='@1' --owner=0 --group=0 --numeric-owner -c * $extraArgs | $compressCommand > $out/tarball/$fileName.tar${extension}
<evanjs>
*ptar? :P
<bhipple>
clever: ah thanks for that, good to see another example in nix itself using the same set of arguments to validate my searching on reproducible-builds
<clever>
thats used to generate a tar file, containing the entire closure of a store path
<evanjs>
awe not the same as pxz
<clever>
and then you can unpack the tar to / and boot
<clever>
bhipple: nix also has a repeat option in nix.conf, to make it repeat every build N more times
<clever>
bhipple: and if the builds produced different results, nix throws out all results and considers it a failure
<bhipple>
Yeah I've just run a whole bunch of `nix-build --check` cmds to battle test this
<clever>
bhipple: --check only repeats a single thing, while --repeat 1, would check every single dependency as well
<bhipple>
Ah, good to know. I find usually when I'm doing this I'm looking for reproducibility in one specific package that I "know" is "wrong", e.g. picking one off https://r13y.com/ to debug, so usually --check gets me there. The --repeat thing is cool though
<xelxebar>
clever: Beautiful. That actually answers my question as well.
<clever>
xelxebar: you can also set `repeat = 1` in nix.conf, and then it will just always repeat every build
<clever>
then you start running into nixos-rebuild issues, and discovering reproducability problems in places you wherent looking, lol
is_null has quit [Remote host closed the connection]
<clever>
i077: how does it fail? what happens if you use ${electron}/bin/electron instead of trying to patchelf the one they ship?
<i077>
When I build and run the binary (todoist), strace tells me that the program can't find 'libpulse.so.0', but I'm adding libpulseaudio to the rpath
<i077>
clever: haven't tried that yet
<clever>
i077: if a .so file shipped with this package opens pulse, that .so must have the rpath fixed also
<clever>
i077: so you may need to --set-rpath every .so in the package
<clever>
lddtree shows that better
<i077>
clever: ah, thanks. there are two .so's in the src i believe, let me try to patch those
<i077>
do i need to set the interpreter as well as the rpath for the .so's?
<clever>
nope
<i077>
im running `patchelf --print-needed` on each of the .so's and i don't see libpulse on any of them
<i077>
clever: also, where would i tell the derivation to use ${electron}/bin/electron?
<clever>
i077: just use `cat <<EOF > $out/bin/todoist` to generate a shell script, that will run ${electron}/bin/electron on the directory with the package.json
<clever>
then the pre-patched electron in nixpkgs will load the JS, and you can just delete all of the ELF files
<i077>
oh, im using a .deb as the source
<clever>
that .deb contains both js and elf files
<clever>
you could delete the elf, and reuse the ones from pkgs.electron
<i077>
okay, so i'd just replace the patchelfs in the installPhase with creating a shell script via cat
<clever>
yeah
<i077>
then use ${electron}/bin/electron to run that script?
<clever>
the script would run electron, on the js
jluttine has joined #nixos
iyzsong has joined #nixos
<i077>
still confused on where to actually call ${electron}/bin/electron
<i077>
i'm looking at etcher's derivation in nixpkgs for an example
<{^_^}>
[nixpkgs] @marsam pushed 2 commits to release-19.09: https://git.io/Jvsoi
<kandinski>
do youse remember, I'm pretty sure we discussed it here, of a recent lannguage where return is not a statement but a variable?
<{^_^}>
[nixpkgs] @marsam pushed 0 commits to nodejs-stable-12.14.1: https://git.io/JvsoP
<kandinski>
functions will return whatever was last assigned to the name "return"
<clever>
kandinski: haskell sort of does that, though it looks more like a function called return, which sets it
<clever>
kandinski: and behind the scenes c sort of does that, the return value is just whatever was last put into a given register, which can lead to fun bugs if you forget the return statement
<kandinski>
yeah, but return is pure for monads, IIRC
<clever>
but that register is also overwritten by any other thing you call
<kandinski>
no, I'm talking about an imperative language
<kandinski>
and I'm talking about an explicit design feature
<kandinski>
grumble
<kandinski>
it was very similar to the "defer" mechanism in golang
<i077>
im gonna change the src to be the actual git repo instead of the deb, i think that makes things easier for me
<kandinski>
in the sense that both set up a list of things to do when the function has ended
<clever>
i077: i think app.asar is the target you want
<clever>
i077: thats a special type of compressed archive that electron uses
<i077>
ah, let me try that
<clever>
i077: though, it could also be resources.pak? not sure entirely
andi- has joined #nixos
<i077>
oh no, i just realized i forgot to append '/bin/electron' after ${electron}
<clever>
ah
<clever>
that would definitely explain the error
<i077>
but using the directory after fixing that still didnt work, trying app.asar now
<i077>
it works! (but with a menu bar)
<i077>
when i used steam-run there was no menu bar
<i077>
oh uh nvm, i just tried it again and it turns out there is a menu bar either way lmao
dansho has quit [Ping timeout: 268 seconds]
<i077>
no wait, i had to quit the app first, running it with steam-run didn't produce a menu bar. i think it appears bc im using the electron package to run the app?
<clever>
not sure
mir100 has joined #nixos
<i077>
yeah, this is probably off-topic now anyways. thank you so much for the help!
<astk>
im building my first project with nix, and so far have managed to deploy a hello world haskell exe to an AWS using nix-copy-closure
<astk>
i gave the argument to nix-copy-closure to place the exes in ./results, but i cant find this on my AWS instance
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Raito_Bezarius>
Stupid question, but how can I create a directory as some user in /etc/nixos/configuration.nix?
<Raito_Bezarius>
Should I just wrap it into a derivation?
astk has quit [Ping timeout: 260 seconds]
<dminuoso>
Raito_Bezarius: What directory do you want to create, exactly?
<dminuoso>
Raito_Bezarius: Can you explain the context?
astk has joined #nixos
<Raito_Bezarius>
dminuoso: I'm setting up a new user to be used for rsync over SSH and I want some directory to exist already
zupo has joined #nixos
<Raito_Bezarius>
basically, I have some web user, I want that in $home/root exists
<Raito_Bezarius>
I set up the user through users.users.…
<Raito_Bezarius>
I also have NGINX which is going to serve $home/root
<Raito_Bezarius>
So I have some permissions stuff to perform
o1lo01ol1o has joined #nixos
<astk>
one of the exes it should have copied is called "hello" but when i write "which hello" it finds nothing
<astk>
did the nix-copy-closure just set up an environment but not actually copy the exes?
<Raito_Bezarius>
dminuoso: so basically, all I want is to create a directory with some determined permissions, I guess I can use activationScripts for this but I'm unsure
<Raito_Bezarius>
(that looks somewhat dirty)
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
cfricke has quit [Ping timeout: 265 seconds]
<dminuoso>
Raito_Bezarius: The canonical way would be to use a systemd service.
<Shoubit>
I'm getting an error "/nix/store/<hash>-update-users-groups.pl: out of free UIDs or GIDs" which means Avahi fails without an associated user. Anyone familiar with this?
<Shoubit>
(Upgrading from 19.03 to 19.09)
kleisli has joined #nixos
<LnL>
nixos-rebuild boot or switch?
<Shoubit>
switch
<Shoubit>
Let me try boot too
<LnL>
for major upgrades like this I would recommend boot + a reboot
sbetrium has joined #nixos
<Shoubit>
Yeah "boot" seemingly worked so I'll give a reboot a try now. Thanks!
Shoubit has quit [Quit: Leaving]
aveltras has joined #nixos
<LnL>
certain things can behave strange if they are not restarted between major versions
Palpares has quit [Remote host closed the connection]
ramses_ has joined #nixos
Palpares has joined #nixos
<ramses_>
Hey guys, is it possible with nix to assert that a file is present in the nixos config root without copying this file to the nix store? I know that I can reference the path, but then it automatically gets copied into the store...
<ramses_>
Like, I'd like to get an error on rebuild when said file is not there (in a subdirectory of /etc/nixos), but I don't want it to end up in the nix store
<{^_^}>
[nixpkgs] @vcunat pushed 6 commits to release-19.09: https://git.io/JvsA2
<gchristensen>
what is the file?
<karetsu>
ramses_: yes, I did this for openvpn - I didn't want the root stuff going into store
<ramses_>
An ssh private key file that I copy to /run at activation time
inkbottle has joined #nixos
<clever>
ramses_: `toString ./foo.key` will give you the absolute path, rather then the path of the copy in the store
zebrag has quit [Ping timeout: 265 seconds]
<clever>
ramses_: i believe it should still fail if the key isnt there
<ramses_>
clever: that's what I do, but it doesn't give an error if the file is missing...
<ramses_>
It puts the path in the script, whether the file is there or not
<clever>
ramses_: ah, then you want builtins.pathExists
<clever>
and throw an error when it doesnt
ddellacosta has joined #nixos
<ramses_>
clever: trying that! What's the clean way to abort the build process with an error message? I use "abort <msg>"?
<clever>
ramses_: for nixos itself, there is a special option assertions
<clever>
ramses_: the advantage that this option has, is that nixos can eval the entire system, an report multiple errors at once
<clever>
so fixing things wont turn into a game of whack-a-mole
<ramses_>
clever: awesome, this seems to work very well!
<ramses_>
A bit tricky though, since it seems that mentioning the path of the missing file in the error message, might by itself cause the file to be copied to the nix store
<clever>
ramses_: toString prevents the copy
<ramses_>
clever: yes, that's what I did, but if ever we forget about this, it might still end up there
<clever>
yeah
<gchristensen>
ramses_: this is a tricky thing, because evaluation may happen on a machine which is not on the machine which will actually run your config
<ramses_>
gchristensen: I am aware. I made this behaviour optional for this reason. But I don't currently see a better alternative to avoid having private keys in the nix store..
<gchristensen>
I understand
<gchristensen>
you could make a wrapper around nixos-rebuild which checks for you?
<ramses_>
Whether the file is there?
<gchristensen>
yeah
aswanson has quit [Quit: WeeChat 2.6]
aswanson has joined #nixos
<ramses_>
In our current workflow, we rarely build the system on another machine than the one that will run it. However, our machines are deployed in remote places to which we cannot easily access, so avoiding the key not being in place is way higher on my list of priorities. If someone accidentally switches into a config without the key, we might lose
<karetsu>
is there a 'better' way of trying to set up a nix-shell for python things that aren't in nixpkgs than having a bazillion fetchPypi declarations? It really feels like I'm fighting against what should be simple
v88m has joined #nixos
Henson has joined #nixos
cosimone has joined #nixos
<dminuoso>
karetsu: I gave up and just use the plain python virtual environments
<dminuoso>
karetsu: So my nixshell is a simple: (pkgs.python35.buildEnv.override { extraLibs = [ pkgs.python35Packages.virtualenv ]; }).env
<dminuoso>
nixos has a tendency to expose how nasty and shitty software is packaged.
<karetsu>
it just feels wrong having a virtualenv and a requirements.txt when coming from cabal which is much nicer
<hmemcpy>
Do I need to set special permissions on this new user to make nix available to it? Sorry, little new to it all...
<dminuoso>
Ive been trying to install hmatrix in cabal v2-* using a shell.nix. However, the nixos package liblapack provides a static library liblapack.a while hmatrix appears to expect a shared library.
gustavderdrache has joined #nixos
dsx has joined #nixos
nolan_d has joined #nixos
drakonis1 has quit [Ping timeout: 265 seconds]
wavirc22 has quit [Ping timeout: 268 seconds]
benedikt93 has quit [Quit: benedikt93]
benedikt93 has joined #nixos
<benedikt93>
Hi all, a nixos-rebuild switch just failed for me with an error along the lines of "activation script snippet 'nix' failed". Is there any place I can look for logs of what actually happened? The nixos-rebuild output wasn't any more conclusive than that... Thanks!
waleee-cl has joined #nixos
opthomasprime has joined #nixos
dansho has quit [Remote host closed the connection]
dansho has joined #nixos
<nolan_d>
Hey, wondering if NixOS would be a good fit for this project? At work, we need to ship a ready-made VM containing our own tooling but also various standard binaries and libraries. We want to support atomic upgrades and a single version for everything--our shipped code, dependencies, etc.
<nolan_d>
So essentially I need a base installation, with our own Java/Elixir codebases bundled in as services, and on-prem customers need to be able to perform atomic upgrades between known states. I'd like to avoid Docker containers, since our service has several, and I don't want potential version mismatches between individual containers.
<gustavderdrache>
you can build docker containers with nix from a single derivation - that's what i do for some projects at $WORK
<gustavderdrache>
*single expression
<nolan_d>
Anyhow, seems like what we'd want to do is package our product as a derevation including our own code plus pinned versions of system dependencies, but I don't know how hard it is to package that into a pre-built image a customer can download, or how hard it is to push upgrades out to customers. I'm also running Fedora on my desktop, though I did install nix. How hard is it to build custom VM images with the nix tool?
hmemcpy has quit [Remote host closed the connection]
<gustavderdrache>
i think there's also a way to build OVA/OVF files but i forget where that is
<nolan_d>
Oh nice.
c0c0 has joined #nixos
ng0_ has joined #nixos
ng0_ has joined #nixos
<nolan_d>
So there's a lot of terminology here and I'm a bit overwhelmed. If we want to package our product, should I be looking into how to create a channel? If so, can channels depend on other channels? Like, if our on-prem code needs an ffmpeg installation, can we depend on Nixos' ffmpeg package from its main channel?
<nolan_d>
And can channels be private, or otherwise not publically available?
ng0 has quit [Ping timeout: 240 seconds]
<gustavderdrache>
i've never worked with channels, so i'll wait for someone more knowledgeable to handle that part
<gustavderdrache>
but basically you can package your project using just a single file that can be passed to `nix-build` since the artifact is going to be a VM image or similar
<nolan_d>
Hmm, yeah, just want to make sure we aren't exposing source code to customers.
<gustavderdrache>
if you want to do that, you'll have to do it very explicitly :P
cust0dian has quit [Remote host closed the connection]
<gustavderdrache>
nix derivations are pretty strict about what does and does not make it into a build artifact
<simpson>
nolan_d: ...But you're on-prem?
cust0dian has joined #nixos
<nolan_d>
Eventually, yes. Not quite yet.
<Shoubit>
nolan_d, a "channel" is essentially just a convenient way of referring to a specific set of Nixpkgs and as such obtaining the list of installable packages with some guarantees like tests have passed. You don't have to use it at all, you can simply use Nixpkgs pinning, and it can even be stored locally (but most people just grab them straight from Github using helper functions like fetchTarball)
<simpson>
Well, your choices are (a) give your code to your customers, or (b) don't give your code to your customers.
__Sander__ has quit [Quit: Konversation terminated!]
<Shoubit>
(e.g. afaik the "nixos-" channels have tests, "nixpkgs-" channels don't)
<nolan_d>
Or c) precompile all your artifacts so implementation isn't immediately available, and make decompiling an explicit license violation. That's what I'm aiming for here.
Kritnich has quit [Quit: Bye bye.]
<nolan_d>
Shoubit: Ah, so I can reference packages/versions cross-channel?
<Shoubit>
As in from several channels? Yeah. Though you'll most likely just use Nixpkgs pinning (just a specific revision of the Nixpkgs repository) and a binary cache for anything that isn't in cache.nixos.org so you can avoid rebuilding stuff
<Shoubit>
The reason you'll be better off with pinning is that using nix-channels introduces state to your system, because channels change and you need to make sure to run nix-channel --update all the time to match it. Instead you can just make sure every dev has the same revision of Nixpkgs declaratively with pinning.
<nolan_d>
Gotcha. What's the best way to build a system like this? I imagine what I want is to build a minimal chroot, add in my dependencies until it works when I'm chrooted in, then package that up.
<monadplus>
[NixOS] How do you set up your kb layout in order to write unicode characters like math symbols ? I tried to set up it a couple of times with no results...
mDuff has quit [Ping timeout: 265 seconds]
<monadplus>
I tried services.xserver.extraLayouts but I wasn't unable to make it work..
chagra_ has quit [Ping timeout: 272 seconds]
Tucky has quit [Quit: WeeChat 2.7]
chagra_ has joined #nixos
rogue_koder has joined #nixos
<Taneb>
Got a weird issue
<Taneb>
"warning: executing SQLite statement 'delete from NARs where ((present = 0 and timestamp < ?) or (present = 1 and timestamp < ?))': database disk image is malformed (in '/root/.cache/nix/binary-cache-v6.sqlite')"
<Yaniel>
and it's even on the radar of the developer, excellent
drakonis has joined #nixos
<{^_^}>
[nixpkgs] @jojosch opened pull request #79159 → mariadb: mytop add "clear" to PATH → https://git.io/Jvsjs
chagra has joined #nixos
domogled has quit [Quit: domogled]
chagra_ has quit [Ping timeout: 265 seconds]
<aveltras>
what would be the reason to have an error like "error: undefined variable 'next-gtk-webkit'" when rebuilding my configuration while nix search find it ? nixos.next-gtk-webkit (next-gtk-webkit) Infinitely extensible web-browser (user interface only)
<aveltras>
srhb: must be sth like that then, i'll try to installe the "next" package instead, thanks
<srhb>
aveltras: Since you're having channel mismatches, maybe you'll want to compare your user's channels vs. those of root too, because it's bound to cause confusion again :)
<aveltras>
the nix-channels --list doesn't return anything when not run as sudo
ixxie has quit [Read error: Connection reset by peer]
ixxie has joined #nixos
<aveltras>
here(s the content of NIX_PATH, not sure everything's normal
<srhb>
aveltras: Maybe it's just been a while since you did nix search --update-cache ?
<aveltras>
srhb: clearing the cache fixed it :)
<srhb>
Ah, there we go.
<aveltras>
thanks
ng0_ is now known as ng0
permissionshelp has joined #nixos
<permissionshelp>
I'm having issues with a docker container for application development that mounts a volume. My co-workers using ubuntu aren't having a problem. Is this because in Ubuntu the user id/group ids are something like `1000:1000` whereas in nix they are `1000:100`? Has anyone dealt with this issue?
<evanjs>
Closing out most of my open PRs now. Woo! Just wonder if #78420 is ready to merge
<permissionshelp>
srhb: I tried that, but then inside the container couldn't see the contents.
<srhb>
permissionshelp: What did you try exactly?
<permissionshelp>
I tried `chown myuser:users sharedfolder` which let me access it locally but then docker couldn't see it. I know this is wrong but I'm not sure why exactly.
leotaku has quit [Ping timeout: 265 seconds]
<srhb>
permissionshelp: You should match the uid/gid to the process _inside_ the container
erictapen has joined #nixos
noudle has joined #nixos
<srhb>
permissionshelp: The names on your system has no bearing on what's going on.
<{^_^}>
#72407 (by adrianparvino, 13 weeks ago, open): nixops: containers are incompatible with unstable nixos-container.pl
orivej has quit [Ping timeout: 265 seconds]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
chloekek has quit [Quit: WeeChat 2.6]
<karetsu>
building caffe2 is a chore, is there no way we could have cuda stuff pre-built?
<gchristensen>
I think there is concern around licenses
<gchristensen>
it is definitely a chore, though :/
WinchellsM has joined #nixos
<WinchellsM>
Is it possible to pass a file path as an argument to a nix function? Say the file path is `file_path`. Then can I just make it an argument to my function and, in the function body's `preConfigure` do something like `cp ${file_path} copy_of_file`?
<karetsu>
ah yes, I forget about allowUnfree -_-
leotaku has joined #nixos
<gchristensen>
karetsu: mind if I PM?
<karetsu>
go ahead
<clever>
WinchellsM: yeah, just make sure to not quote the path
<WinchellsM>
clever: Ok nice
karantan has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
ramses_ has quit [Remote host closed the connection]
permissionshelp has quit [Ping timeout: 260 seconds]
arjen-jonathan has quit [Ping timeout: 265 seconds]
fusion809 has quit [Remote host closed the connection]
xelxebar_ has joined #nixos
xelxebar has quit [Ping timeout: 240 seconds]
smatting has quit [Ping timeout: 268 seconds]
karetsu has quit [Quit: WeeChat 2.6]
karetsu has joined #nixos
virus_dave has joined #nixos
o1lo01ol1o has quit [Ping timeout: 240 seconds]
<virus_dave>
Yet another QQ for y'all.
<virus_dave>
i'm trying to define a fixed-output package that gets deployed on both osx and nixos. One of the outputs is a wrapper script, which ends up getting shebang-patched differently on the two platforms depending due to the different bash packages on each
<virus_dave>
how is this typically handled? a platform-specific FOD hash seems pretty obvious, but also seems a little weird. Is there a different way people do this?
<clever>
virus_dave: anything with a runtime dependency (such as on a shell) must not be fixed-output
<clever>
virus_dave: you want to split it into 2 pieces, the fixed-output half that works on any platform, and then a non-fixed half that is platform specific
karetsu has quit [Client Quit]
karetsu has joined #nixos
karetsu has quit [Client Quit]
karetsu has joined #nixos
<virus_dave>
oh man, really? that sounds even worse than having platform-specific hashes :(
karetsu has quit [Client Quit]
karetsu has joined #nixos
<gustavderdrache>
think of it this way: it separates the integrity of the input (the script to patch) from the platform-specific post-processing that happens
<shapr>
silly question, are there nix packages for installing proprietary tools like the Xilinx backend toolchain?
<gustavderdrache>
if you combine the two, you'd have to update the hash every time, say, the bash derivation's hash changed in the nix store
<virus_dave>
gustavderdrache: yeah, that was why i was asking. OK, knee-jerk recoiling aside, this might not be so bad. Something like a wrapper derivation which isn't FOD but does the patching, which takes as buildInput the unpatched, FOD derivation.
<gustavderdrache>
tbqh i like the split, because it means that nix can cache the input separately and it's faster to work on downloaded sources when you're working on a derivation
<gustavderdrache>
but the mental model does take some getting used to
<gustavderdrache>
if your input is an archive or a file you can get from online, you can just tweak `mkDerivation` to not invoke configure/make and go straight to the patching phase
karetsu has quit [Client Quit]
<virus_dave>
^ yeah that doesn't map so cleanly into what i'm trying to do, but i get your point
karetsu has joined #nixos
<virus_dave>
(i think)
<gustavderdrache>
what's the input, if you don't mind my asking?
<gustavderdrache>
is it downloaded or from another derivation?
<virus_dave>
FOO sources from github -> patched sources -> artificial nix derivation -> invoke SBT on the patched FOO sources (** this normally produces some shell scripts, which are currently patched **)
ddellacosta has quit [Quit: WeeChat 2.2]
<gustavderdrache>
hmmm... wouldn't that just be fetchFromGithub and a patch phase in mkDerivation?
<gustavderdrache>
or are there some extra details in between those arrows?
<virus_dave>
sure, but the build is what's producing the bash wrapper scripts, and the result of that build is what absolutely needs to be FOD due to $REASONS.
<gustavderdrache>
ah
<gustavderdrache>
fair enough
<virus_dave>
^^ that's almost exactly what i'm doing now
<virus_dave>
except with FOD hashes on the package
<gustavderdrache>
cool, just making sure i understood the context
<gustavderdrache>
it does sound like you'll want to daisy-chain the derivations, then
<virus_dave>
so i think i can make this one not-patch, then wrap it with another, non-FOD which does the patching perhaps
<virus_dave>
:thumbsup:
<gustavderdrache>
the `src` attribute can be another derivation, so it won't even be too difficult
<m15k>
Hi. Any idea how to `fetchFromGitlab` via ssh?
<clever>
m15k: you want either pkgs.fetchgitprivate (which was deleted) or builtins.fetchGit
zebrag has joined #nixos
<dashkal>
I've got a hybrid intel/nvidia laptop. I can get glx working with intel, or with the nvidia (via bumblebee), but never both. (a) Is it possible to get glx working on the intel with a bumblebee setup, or (b) would it just work to start my window manager with optirun and effectively put everything on the nvidia? Nvidia Prime doesn't seem to support my two extra monitors setup.
inkbottle has quit [Ping timeout: 265 seconds]
<AmandaC>
m15k: what clever said. fetchFromFoo is to standardise around common export interfaces for websiteslike github/gitlab -- they don't even use git
<{^_^}>
[nixpkgs] @lsix merged pull request #79161 → octave: build without qscintilla by default → https://git.io/JvsjE
<m15k>
AmandaC: I see. It's just some syntactic sugar.
<AmandaC>
( I assume that's their purpose anyway. So that if one day Github/Gitlab/etc randomly decide to change the interface for such things, it's nota massive rewrite )
ixxie has quit [Ping timeout: 268 seconds]
<AmandaC>
And it's easier on bandwidth since its not getting the entire history of the project
<AmandaC>
not really sugar. more a utility function
<m15k>
k. I'll check `fetchGit`.
<m15k>
Thanks!
knupfer has quit [Remote host closed the connection]
karetsu has quit [Quit: WeeChat 2.6]
knupfer has joined #nixos
cosimone has joined #nixos
shibboleth has quit [Quit: shibboleth]
<evanjs>
Is there a good approach to making kernel images with initramfs support from a NixOS host? Trying to fit a step that does so into our CI (Jenkins) which is running on NixOS but unsure where to start
rogue_koder_ has quit [Ping timeout: 265 seconds]
zupo has joined #nixos
<ajs124>
evanjs: what exactly are you trying to do? You can build linuxPackages.kernel to get a bzImage?
Baughn has joined #nixos
adamtkh has quit [Ping timeout: 258 seconds]
<{^_^}>
[nixpkgs] @ajs124 opened pull request #79175 → sogo: init at 4.3.0 → https://git.io/JvGUE
adamtkh has joined #nixos
scoates has left #nixos ["WeeChat 2.5"]
<{^_^}>
[nixpkgs] @worldofpeace opened pull request #79176 → xorg.libXft: add color emoji rendering support → https://git.io/JvGU6
<evanjs>
ajs124: I'm trying to take a kernel, build a module on top of it, and produce an initramfs with said module in it
<ajs124>
why not integrate the module into the kernel?
<evanjs>
Though, if the driver on nixos works fine, that might be a better route. Coworker said he tried the staging version of rtl8188eu (which is what's in the nixpkgs tree) and it didn't work with AP mode, but I havenb't tested on NixOS
kleisli has quit [Ping timeout: 268 seconds]
<evanjs>
Yeah that's what I was thinking
<evanjs>
Just availableKernelModules or whatever the equivalent is for initramfs
<evanjs>
*initrd? Not sure haha
<ajs124>
boot.initrd.availableKernelModules
<clever>
evanjs: you want boot.kernelPackages and boot.initrd.availableKernelModules
<evanjs>
hrm alright. Wondering how I can fit this into CI (Jenkins pipeline in this case). End target is a non NixOS system
<clever>
evanjs: and you can use `boot.kernelPackages = pkgs.linuxPackages.extend (self: super: { foo = self.callPackage ./foo.nix {}; });` to add a new thing in
<clever>
evanjs: you can use nix-build to compile fragments of a configuration.nix as well
* clever
grabs example...
<evanjs>
clever: ah okay sweet I was already grabbing my override from one of my musnix configs so I'll just affix it to that
<evanjs>
hrm. alright, wasn't sure how much effort would be involved in simply requiring an app to use e.g. a different libc, and nothing else. thinking back to #38552 ...
<brano543>
Hell, I am new to Nix and still trying to learn. I am not on Nix-os and I am trying to write configuration.nix file which creates a postgresql. I have second derivation which creates a extension for postgresql. My trouble is that every time I try to link the output of extension I get permission denied to create symlink. Could anybody help me? This
<brano543>
is how my configuration.nix looks like and it fails on this line ln -sfn ${pkgs.mapnik-german-l10n}/extension/* ${postgresql}/share/postgresql/extension. https://pastebin.com/nw06Y3mr
<clever>
brano543: you can only ever create files in $out, not your inputs
<brano543>
clever: so how do I place the extension files to postgresql install directory then?
<clever>
brano543: you dont
<clever>
brano543: you use the services.postgresql.extraPlugins option in nixos
<clever>
brano543: that will automatically call pkgs.postgresql.withPackages, and give it a list of plugins
<clever>
brano543: .withPackages will then create a new derivation, that symlinks all of the chosen extensions together, and tells postgresql to look there
<brano543>
clever: I have also tried to do this inside withPackages, but it seems configuration.nix doesn't see anything I defined in an overlay. postgresql = pkgs.postgresql_12.withPackages (ps: with ps; [ postgis mapnik-german-l10n ]); this line fails he doesn't know mapnik
<clever>
brano543: the postgresql module calls .withPackages for you, so stacking it like that may fail
<brano543>
clever: I mean doing this during build of postgresql
<clever>
brano543: can you pastebin the code your using, when you try to use services.postgresql.extraPlugins ?
<clever>
and what problem its having
<brano543>
clever: when you say services.postgresql.extraPlugins you mean I should add extraPlugins option inside systemd.services.postgresql?
<clever>
brano543: no, it should be inside services.postgresql
<clever>
brano543: services.postgresql is a nixos module, that defines postgresql options, it will then set systemd.services.postgresql options for you
<{^_^}>
[nixpkgs] @bignaux opened pull request #79182 → hdl_dump: init at unstable-2019-12-25 → https://git.io/JvGkc
<clever>
systemd.services.postgresql the nixos module for systemd, it will then use those options, to auto-generate a postgresql.service file
<brano543>
clever: That might only work on NixOS only, I had to tinker around to make it work on my system.
<clever>
brano543: can you pastebin your current code?
<clever>
brano543: what happens if you set services.postgresql.enable = true; and then use https://pastebin.com/4fqJ2sbc again?
fresheyeball has joined #nixos
captn3m0 has joined #nixos
captn3m0- has quit [Ping timeout: 265 seconds]
<brano543>
clever: he option `systemd.services.postgresql.unitConfig.RequiresMountsFor' has conflicting definitions, in `/home/pandora/.nix-defexpr/channels/nixpkgs/nixos/modules/services/databases/postgresql.nix' and `/app/pandora-import/services/postgresql.nix'
mkenigs has joined #nixos
<clever>
brano543: comment that line out in your config, and build again
<brano543>
clever: then it builds and generates me postgresql.service file
<clever>
brano543: now try setting services.postgresql.extraPlugins and build again
<brano543>
clever: inside buildEnv or where?
<clever>
brano543: the same place you set services.postgresql.enable
johnw has joined #nixos
<brano543>
clever: The option `systemd.services.postgresql.extraPlugins' defined in `/app/pandora-import/services/postgresql.nix' does not exist.
<clever>
brano543: i said services.postgresql.extraPlugins not systemd.services.postgresql.extraPlugins
<clever>
brano543: services and systemd.services are 2 different things
<brano543>
clever: it build the derivation successfully
<clever>
brano543: now try deleting everything thats under systemd.services.postgresql and see if it still builds
<brano543>
clever: now it complains as it can't evaluate this statement paths = [ eval.config.systemd.units."postgresql.service".unit postgresql ] in default.nix. It says now he doesn't know postgresql.service
<m15k>
Any hint how to `fetchgit` from a private ssh repo?
<clever>
brano543: why cant you use those default options?
<clever>
m15k: builtins.fetchGit
mkenigs has quit [Remote host closed the connection]
monadplus has quit [Ping timeout: 265 seconds]
astk has quit [Ping timeout: 260 seconds]
<m15k>
I'm a little bit unsure how to setup the private ssh key.
<clever>
m15k: builtins.fetchGit just uses whatever keys ssh would use by default
<clever>
m15k: so ~/.ssh/ and your ssh agent
<m15k>
Yeah. Thats the point :)
<brano543>
clever: I don't know how to evaluate that package :D When I do eval = import <nixpkgs/nixos> { }; without my own configuration.nix he says file 'nixos-config' was not found in the Nix search path (add it using $NIX_PATH or -I). That is why I created the file for him
<astk52>
ah, it seems to be building the package hello from the store
<clever>
brano543: that will work even outside of nixos, you just have to combine `import <nixpkgs/nixos> { configuration = ./configuration.nix; }` and the eval.config.systemd.units."postgresql.service".unit your already doing
<brano543>
clever: Could you help me figure out the last piece of puzzle. How do I now copy the extension files to psotgresql from mapnik derivation? As you suggested I did add this line services.postgresql.extraPlugins = [ pkgs.postgis pkgs.mapnik-german-l10n ]; in configuration.nix. But still from mapnik derivation he refuses to create the files :( this
<clever>
das_j: have you looked into the S3 config?
<das_j>
master has some old RAID, the build nodes run completely diskless
<brano543>
clever: hmm it is strange, he install it to $out/share/postgresql/extension,but that is the one inside store for mapnik, I don't see this copied over to resulting directory I am afraid.
<clever>
brano543: how are you looking to see if it got copied?
<mgdm>
Hello. Not sure if anyone here is familiar with the Tweag jupyterWith stuff, but I'm trying to add a new kernel to it. It works, but for the example I've got this setup script that needs to be run. I'm wondering if I can roll that into the shell.nix, but I can't see how. Code is here: https://github.com/tweag/jupyterWith/compare/master...mgdm:postgres-kernel?expand=1
<brano543>
clever: nix-build created result-3 directory
<clever>
brano543: it created a result-3 because your -A pointed to a set of many things, not one thing
cosimone has quit [Quit: Quit.]
<clever>
brano543: you need to add another attribute to -A to make it more specific
<clever>
brano543: for example, nix-build -A services
o1lo01ol1o has quit [Remote host closed the connection]
<{^_^}>
input-output-hk/iohk-ops#352 (by cleverca22, 1 year ago, merged): [DEVOPS-836] configure hydra to upload everything to S3
Jackneill has joined #nixos
<clever>
das_j: that configures hydra to upload everything to an S3 bucket, then you can just use https://bucket.awssomething.com as your cache
<clever>
das_j: if the build machine has aws secrets, you can also use s3://bucket to keep things private
dansho has quit [Ping timeout: 265 seconds]
<das_j>
yeah, but s3 isn't free ;)
<das_j>
my in-memory cache is
<clever>
das_j: in theory, ssh://big-fat-host could also be used, where s3://bucket was
<brano543>
clever: hmm, it is still not in the resulting directory, although I see in nix store under different postgresql file osml10n.control (this should be the resulting file of mapnik derivation). Seems like he created his own copy and didn;t include it to the one I needed.
<clever>
das_j: and then your hydra will push everything to another machine
<das_j>
oohhh
<das_j>
nice
<das_j>
now I get it
<das_j>
does the s3 thing also remove old evals?
<jared-w>
problem: https://github.com/chisui/zsh-nix-shell doesn't support aliases, functions, or basically much else besides environment variables (because they don't propagate through bash -> zsh well)
<clever>
das_j: the s3 based hydra has zero garbage collection
<das_j>
Andreas Schrägle: weekly reboot for GC?
<clever>
das_j: and if you use ssh://big-fat-host, that host wont know what hydra has done recently, and what to keep, so any GC will potentially delete recent things
<jared-w>
solution: Gloriously ugly hack involving writeShellScriptBin and exporting a modified path
<das_j>
oh
<clever>
brano543: if you read the .service file in result, where is it getting the postgresql binary from?
dingenskirchen has quit [Remote host closed the connection]
dingenskirchen has joined #nixos
WinchellsM has joined #nixos
<jared-w>
clever: can't you do nix-collect-garbage with a --delete-older-than flag or will that not work?
<WinchellsM>
Is there a way I can pass the environment variable `DISPLAY` into a nix-build script?
eacameron has joined #nixos
cosimone has joined #nixos
<WinchellsM>
In my `installPhase` I need to launch the program I just compiled on the current DISPLAY in order to auto-generate a file to place in `$out/bin/filename`
<brano543>
clever: hallelujah ! the postgresql.service goes to dir which has it copied !
<WinchellsM>
When I do this I get an `X11 Display is not available` error since there is no DISPLAY in the pure environment nix-build sets up
<clever>
brano543: so everything is already working perfectly
<jared-w>
WinchellsM: builtins.getEnv? I think impureEnvVars = ["DISPLAY"]; might be what you're looking for though
<clever>
brano543: yeah
<brano543>
clever: I have one more question. How do I override now the version to use postgresql_12 instead of default one? Remeber I was using pkgs.postgresql_12.withPackages before.
<clever>
jared-w: that only works for fixed-output derivations, and wont actually let you connect to the unix socket
<clever>
brano543: services.postgresql.package
Jackneill has quit [Remote host closed the connection]
<genesis>
clever : now i need my 2 latests PR pfsshell and hdl-dump to be merged if people want to use that doc, but i have complete the necesseray tools to get ready :)
<{^_^}>
[nix] @LnL7 opened pull request #3344 → ssh-store: add remote-store and remote-program query params → https://git.io/JvGIQ
kleisli has joined #nixos
<clever>
genesis: what about having nix use pfsshell in a derivation, to spit out a pre-made disk image?
<clever>
genesis: so you can just dd that to a drive, and your done
<genesis>
? i document the dd tricks
<genesis>
i don't understand your remark
<clever>
genesis: what i mean, is to automate it so you dont even have to run pfsshell
<{^_^}>
[nixpkgs] @dkudriavtsev opened pull request #79186 → ifmetric: init at 0.3 → https://git.io/JvGId
<clever>
brano543: you want services.postgresql.package = pkgs.postgresql_12;
erictapen has joined #nixos
<brano543>
clever: God bless you good Sir !
<brano543>
clever: You gave me a great starting point. I will tinker around in the next few days. I have just last question. If I ever would need to define my own module, I would just call imports = []; at the beginning of configuration.nix?
<clever>
brano543: yep
<brano543>
clever: Thank you so much for your time and patience. Have a wonderful day !
<clever>
yep
<kvda>
Greetings, how do i add local git nixpkgs-channel into nix-channel?
<kvda>
I'm attempting to add a new package
<kvda>
But want to test locally
brano543 has quit [Remote host closed the connection]
claudiii has joined #nixos
virus_dave has quit [Quit: virus_dave]
ddellacosta has quit [Ping timeout: 268 seconds]
monadplus has quit [Ping timeout: 240 seconds]
<clever>
kvda: it doesnt need to be in nix-channel
<clever>
kvda: just run nix-build -A package, in the root of the git repo
<evanjs>
anybody know how I can override options in busybox's config? Like I can pass stuff into extraConfig, but the stuff generated before-hand seems to take precedence, and enableMinimal seems to do too much
<kvda>
clever is there a particular way of doing bins in packages? all that is needed is to download the package, unzip and run the install script, which just moves the files in right location
<clever>
kvda: any elf binary must be patched with patchelf first
<kvda>
elf?
<clever>
kvda: linux binaries
dockerandnix has joined #nixos
<kvda>
oh, is there a keyword that i can search though package to find an example?