<immae>
( cole-h: the main case that made me realize that was setting `systemd.services.some-service.serviceConfig.WorkingDirectory = ./foo` which created a service file containing the string /full/path/to/foo instead of /nix/store/...-content-of-foo as I expected, so if you want an example that is one of them)
<noonien>
is there any reason this nix derivation http://ix.io/2cwT fails with `path is not valid` ?
cosimone has quit [Ping timeout: 240 seconds]
<cole-h>
immae: Thanks -- I was using `${./foo}` which did add it to the store, where I wanted just `./foo`.
<cole-h>
<3 immae
<{^_^}>
immae's karma got increased to 8
<immae>
cole-h: ha ha you had exactly the case opposite to mine then :D
justanotheruser has quit [Ping timeout: 246 seconds]
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to release-20.03: https://git.io/Jv0j9
<noonien>
that's weird
<noonien>
how can i make it a fixed output derivation then?
<clever>
immae: `systemd.services.some-service.serviceConfig.WorkingDirectory = toString ./foo` would set it to just /path/to/foo, without copying anything
vidbina has joined #nixos
tokudan has joined #nixos
<clever>
immae: assuming systemd isnt messing things up by calling its own toString on things
<clever>
(the systemd modules in nixos)
<immae>
clever: yes and so does ./foo actually, but that’s not what I wanted at that time :)
<clever>
ahh, the module is likely doing toString for you
<clever>
then "${./foo}"
<clever>
yeah
<immae>
yes :)
<immae>
noonien: I have no clue
<immae>
,tofu
<{^_^}>
To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected. See: tofu-vim
<immae>
Hmm
<evanjs>
or lib.fakeSha256 haha
<noonien>
oh, nice, til about fakeSha256
<clever>
noonien: you can also `52i0<escape>` in vim
<noonien>
still, same error: `error: path '/nix/store/9cwxpw6391xfy334b4aivril1qrxgs1l-spanky-deps' is not valid` http://ix.io/2cwZ
<noonien>
does it work for you?
<clever>
same on this end, looking into why
<noonien>
`drwxr-xr-x 3 george users 3 Feb 24 00:27 /nix/store/9cwxpw6391xfy334b4aivril1qrxgs1l-spanky-deps`
<noonien>
is the user/date ok?
<clever>
noonien: it works if i replace python with `mkdir $out`
<clever>
and nix nukes all user/date stuff before testing it
<noonien>
i thought perhaps $out might contain some symlinks to weird places, or somethig, but it doesn't appear to be the case
<clever>
found reference to '9cwxpw6391xfy334b4aivril1qrxgs1l' at offset '75'
<clever>
noonien: oh, fixed-output things must have zero dependencies
turona has quit [Ping timeout: 272 seconds]
turona has joined #nixos
<noonien>
TIL, would have been nice to have a nicer error ^_^
<clever>
noonien: i think $out appears within $out itself, which counts as a dependency
<evanjs>
immae: tried with builtins.fetchGit and "${nixos-hardware}/common/pc/laptop" in imports, still the same error post gc. No inf recursion, though
<clever>
and your sha256, depends on your sha256
<clever>
noonien: yeah, i would call this a bug in nix
<v0|d>
clever: hi, is there a way to run displayManager in a sep. namespace?
<clever>
v0|d: ive not tried it
<v0|d>
clever: do you think doing it makes sense?
<clever>
v0|d: i could see it maybe causing problems with Xorg getting graphics, and just having access to all of your normal files/tools, depending on what namespace you wind up in
<clever>
noonien: you must do the fetch and pre-compile in seperate derivations
mbrgm_ has joined #nixos
<immae>
evanjs: just in case, did you see that the readme of the nixo-hardware repo suggests defining a NIX_PATH and then using <nixos-hardware/...> as import?
<clever>
noonien: you are claiming that this derivation will produce the same output, always, but if you run it on darwin, it will create dylib's instead of .so files, and the python version also matters
<noonien>
i see, i'll try that. pip is giving me headaches
<immae>
(evanjs: I know it should be equivalent to what you wrote, but maybe I’ll have better understanding tomorrow...)
<noonien>
python is such a hassle
mbrgm has quit [Ping timeout: 272 seconds]
mbrgm_ is now known as mbrgm
karetsu has quit [Quit: WeeChat 2.6]
aaa_ has quit [Ping timeout: 272 seconds]
<{^_^}>
[nix] @edolstra pushed 4 commits to eval-optimisations: https://git.io/JvEeO
<samueldr>
well, what I said is wrongly worded, but I think with the link it's clear enough?
<noonien>
thanks, i went with runCommandNoCC
<noonien>
i just hoped there was a an easy way with nix-shell, i went with: `nix-shell -E 'with import <nixpkgs> { }; runCommandNoCC "dummy" { buildInputs = [ python38Packages.pip ]; } ""'`
<v0|d>
samueldr: any chance you are the maintainer of nixos/security/pam.nix?
<samueldr>
sorry, no
<v0|d>
.k
<samueldr>
though, while I am not, what is the issue? (if security related, I can give you the security contact rather than spilling here)
<samueldr>
(I mean, if it's a security problem in nixos, we have a process for it)
<v0|d>
samueldr: have a feature req
<v0|d>
samueldr: need customization on rounds of hashing
<v0|d>
samueldr: do not want to use the defaults.
<v0|d>
its just an integer.
<v0|d>
via alternate rounds, its possible to defeat rainbows.
<tomberek>
is it possible to run two instances of nix-daemon. (potentially an instances with additional env vars used along with impureEnvVars). I did an initial test with NIX_STATE_DIR, but it was not isolated enough and cause some damage to my overall system. Has anyone run multiple nix-daemons?
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/JvEvc
<AmandaC>
That sounds like an XY Problem, tomberek. What are you trying to solve by running two nix-daemons?
butterthebuddha has quit [Read error: Connection reset by peer]
drakonis has joined #nixos
<tomberek>
AmandaC: Yup, it is an XY. I'm trying to define some derivations that transform some data in S3. So i need to give the derivation some credentials for aws. I've tried a few methods, but it seems env vars would be the best. It work well on single-user installs, but NixOS or multi-user needs to have a modified daemon. So i got curious if i can keep the existing daemon and run an "enhanced" daemon on another
<tomberek>
socket that has the required creds.
<tomberek>
(i'm also trying to learn more about the daemon system because i want to build a daemon that performs work asynchronously form a queue.)
<tomberek>
(i'm also trying to learn more about the daemon system because i want to build a daemon that performs work asynchronously from a queue.)
zeta_0 has quit [Quit: rcirc on GNU Emacs 26.3]
<leungbk>
I've been trying to add an Emacs package to the Nixpkgs repo but can't get my NixOS installation to notice it. Would anyone mind help diagnosing this? http://paste.debian.net/1131818/
b has joined #nixos
c0ffee152 has quit [Ping timeout: 255 seconds]
gustavderdrache has quit [Quit: Leaving.]
jonten has quit [Ping timeout: 260 seconds]
CMCDragonkai1 has joined #nixos
zeta_0 has joined #nixos
<CMCDragonkai1>
so systemd services that are not of type oneshot do not have additive ExecStart?
<CMCDragonkai1>
and what's the difference between `ExecStart = lib.mkForce ...` and `ExecStart = [ "" "..."];
drakonis has quit [Quit: WeeChat 2.7]
<{^_^}>
[nixpkgs] @brettlyons opened pull request #80926 → vimPlugins.nrrwrgn: Init at 2019-12-12 → https://git.io/JvEfU
<niso>
is it possible to use antiquotation in strings constructed by builtins.readFile ?
reallymemorable has joined #nixos
h0m1 has quit [Ping timeout: 252 seconds]
<CMCDragonkai1>
niso: probably not! try it in nix repl
<niso>
CMCDragonkai1: i tried it in a derivation and failed - thus the question
* niso
was hoping that there is some kind of hack
* niso
or that he could manually trigger the evaluation
<tomberek>
niso: can you use an import?
<tomberek>
IFD?
h0m1 has joined #nixos
<niso>
tomberek: IFD?
<tomberek>
import-from-derivation
<tomberek>
import a file which is a nix expression, rather than using readFile
drakonis1 has quit [Ping timeout: 258 seconds]
<cole-h>
,ifd
<{^_^}>
import-from-derivation (IFD) is when you evaluate nix from a derivation result, for example `import (pkgs.writeText "n" "1 + 1")` will evaluate to 2. This is sometimes problematic because it requires evaluating some, building some, and then evaluating the build result. It has been described as "such a nice footgun."
<niso>
tomberek: this would require the file to be a well-formed nix expression right?
<tomberek>
yes
drakonis1 has joined #nixos
<niso>
this isn't the case - i'm tyring to (ab)use nix as a templating engine
<niso>
thus example content would be: "some ${expr} special text"
<tomberek>
but you want to inject a nix value, during evaluation time, or build time?
waleee-cl has quit [Quit: Connection closed for inactivity]
leungbk has quit [Ping timeout: 258 seconds]
onixie has quit [Ping timeout: 260 seconds]
learnday20 has joined #nixos
thc202 has quit [Ping timeout: 245 seconds]
<learnday20>
im trying to upgrade to NixOS stable: 19.09 from 1903, upon nixos-rebuild switch upgrade, theres no more login, cursor blinks and upon CM f1, f7 gives tty, any thoughts what I am missing? thank you!
<niso>
tomberek: hmmm alright thanks - guess i'll go with envsubst (or another templating engine)
<tomberek>
niso: i'm not aware of a direct "evalString". Closest would be to import a valid nix expression, perhaps a function, create the resuling value, and write it back out to a file
<dansho>
learnday20, i don't remember what the exact issue was =(
qubasa_ has joined #nixos
<CMCDragonkai1>
does anybody know if systemd unit template files can be used in in systemd.services with overrides?
<CMCDragonkai1>
every time i try it, it says "...ExecStart defined does not exist"
qubasa has quit [Ping timeout: 255 seconds]
<niso>
tomberek: alright, thanks!
vykook has quit [Ping timeout: 258 seconds]
vykook has joined #nixos
adelbertc has quit [Quit: Connection closed for inactivity]
<tomberek>
niso: primitive templating can be done with builtins.replaceStrings
dansho has quit [Remote host closed the connection]
dansho has joined #nixos
endformationage has quit [Ping timeout: 252 seconds]
c0ffee152 has quit [Quit: Lost terminal]
<energizer`>
I want nixpkgs to upgrade the version of a package, what should I do/
<CMCDragonkai1>
clever: i have a config that uses the genList to create a list of configurations, these configurations have to be merged together.. using `mkMerge`
<CMCDragonkai1>
but i'm hitting an infinite recursion error
<CMCDragonkai1>
is there a way to "concat" to another list optionally?
<clever>
CMCDragonkai1: mkMerge and mkIf both use some trickery to avoid the inf recursion
<clever>
CMCDragonkai1: config = mkIf bool { a=1; b=2; } will be translated into config = { a=mkIf bool 1; b = mkIf bool 2; }
<clever>
CMCDragonkai1: that allows it to read config.c, and bypass evaluating bool until later
<clever>
can you read cfg.worker-cpu, without knowing what the return value of genList is?
<CMCDragonkai1>
yea
<CMCDragonkai1>
`cfg.worker-gpu.enable` is a boolean
<CMCDragonkai1>
`cfg.worker-gpu.instances`
<clever>
and the outer mkMerge appears to do nothing, it could be deleted
<CMCDragonkai1>
is the number of services to start
<clever>
but, what about cfg.worker-cpu itself?
<CMCDragonkai1>
well i abridged it
<clever>
what other keys exist within cfg?
<CMCDragonkai1>
there's other stuff
<clever>
can you list every key of cfg.*, without evaluating genList?
<CMCDragonkai1>
`cfg.scheduler` and `cfg.worker-cpu`
<clever>
does genList set anything in that region? like cfg.foo?
jojojojojo has joined #nixos
<tomberek>
anyone familiar with the workings of nix-daemon. I'm trying to start a daemon with additional env vars (creds) such that a derivation with impureEnvVars would be able to use them. I've done a few experiments with NIX_REMOTE=unix://path/to/socket, but i'm not sure about the ramifications of having two nix-daemon's running at the same time
<clever>
tomberek: you can just override the systemd service to set the vars there
<clever>
CMCDragonkai1: yeah, i see the problem, it cant know what genList returns, until it knows what config.something.worker-cpu is
<tomberek>
clever: i found the nix.envVars option as well... is running two of them okay? would be nice to strictly separate which socket provided access to the deamon with the right vars
<clever>
CMCDragonkai1: and it cant know what config.something is, until it has figured out that genList only touches config.systemd
boxscape has joined #nixos
<clever>
CMCDragonkai1: you must do config.systemd = mkMerge ....;
<clever>
tomberek: its probably fine, any time you run nix commands as root, they bypass the daemon entirely, and deal with file-locks in /nix/store to manage things
<clever>
tomberek: 2 nix-daemons should do the same
<CMCDragonkai1>
how does that work?
<CMCDragonkai1>
clever: mkMerge on what exactly?
<tomberek>
clever: they both seem to try to use the same socket file, so i also had to change NIX_STATE_DIR
<clever>
CMCDragonkai1: instead of line 4 returning { systemd.services = ... }; you want line 4 to return { services = ... ; } and then line 1 would do config.systemd = mkMerge ....
<CMCDragonkai1>
clever: i've updated the netire file
<CMCDragonkai1>
with the entire module src
<CMCDragonkai1>
can you have a look
<clever>
tomberek: that might break everything, if the db.sqlite is swapped out
<clever>
CMCDragonkai1: can you rename the file in the gist to end in .nix ?
eyJhb has quit [Quit: Clever message]
<CMCDragonkai1>
clever: done
<tomberek>
clever: yeah, i broke things already once, would like to avoid doing it again, but it would be a nice abstraction to have two seperate sockets and manage access
<clever>
CMCDragonkai1: remove the systemd. from line 9, and add it back at line 119, { systemd = mkIf enable worker-cpus; }
eyJhb has joined #nixos
eyJhb has quit [Changing host]
eyJhb has joined #nixos
judson has quit [Remote host closed the connection]
<CMCDragonkai1>
clever: worker-cpus is still a list
<CMCDragonkai1>
clever: does that work?
judson has joined #nixos
<clever>
CMCDragonkai1: you need to mkMerge it again i think
inkbottle has quit [Quit: Konversation terminated!]
<CMCDragonkai1>
ok that worked
<CMCDragonkai1>
what is the source of this problem
<CMCDragonkai1>
clever: something to do with fixed point problem?
<clever>
CMCDragonkai1: the problem, is that nix must know every attribute being set on line 119 (top-level, like config.foo), so it can recursively push things down until later
<clever>
CMCDragonkai1: so it turns config = mkMerge [ {} {} {} ]; into `config = { a = mkMerge []; b = mkMerge []; c = mkMerge[]; }`
eyJhb has quit [Client Quit]
<clever>
CMCDragonkai1: and it must know that, before it can compute what config.services is (to satisfy the let on 5)
eyJhb has joined #nixos
eyJhb has joined #nixos
eyJhb has quit [Changing host]
<clever>
CMCDragonkai1: lib.genList is a barrier, that stops it from knowing what your setting, until you already know what config.services is
<clever>
CMCDragonkai1: but you cant know what config.services is, because genList might be setting services
bvdw has quit [Read error: Connection reset by peer]
<{^_^}>
[nixpkgs] @jonringer pushed commit from @colemickens to staging « pythonPackages.importlib-metadata: 1.3.0 -> 1.5.0 »: https://git.io/JvELv
Acou_Bass has joined #nixos
infinee has joined #nixos
Flambe has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
zeta_0 has quit [Quit: doing a rebuild switch]
<{^_^}>
[nixpkgs] @Lassulus merged pull request #78113 → nixos/transmission: Allow others to read the directory → https://git.io/JvIVq
<{^_^}>
[nixpkgs] @Lassulus pushed commit from @Infinisil to master « nixos/transmission: Allow others to read the directory »: https://git.io/JvELE
zupo has joined #nixos
Flambe has quit [Ping timeout: 255 seconds]
zeta_0 has joined #nixos
chimay has joined #nixos
linarcx has joined #nixos
c0c0 has joined #nixos
<c0c0>
i created a python virtualenv and installed the pandas library in it. i get a runtime error saying "ImportError: libstdc++.so.6: cannot open shared object file: No such file or directory". is this a NixOS-specific problem?
<energizer`>
a virtualenv contains references to parts of the interpreter and the stdlib, so you can't share the virtualenv itself across computers
<c0c0>
Pipfile and Pipfile.lock is version-controlled so that other people can reproduce the environment
<energizer`>
that can work if the dependencies are simple enough
<energizer`>
if you have people on different operating systems it's more complicated
<c0c0>
we basically use it to specify a list of python libraries that anyone can install with a one-liner
<c0c0>
nothing too fancy
aaa_ has joined #nixos
<c0c0>
we have some OS X users, some non-NixOS linux users and me being new to NixOS :D
philr has joined #nixos
<energizer`>
that's probably fine then
lsix has joined #nixos
<energizer`>
but more a #python question :-)
<dminuoso>
08:50:21 energizer` | a virtualenv contains references to parts of the interpreter and the stdlib, so you can't share the virtualenv itself across computers
<dminuoso>
You absolutely can.
<energizer`>
perhaps you're thinking of pex or shiv?
<dminuoso>
You can set up a virtual environment with `--always-copy`, such that venv will copy the python dependencies rather than symlink it.
<dminuoso>
We were debating on how to cleanly package our python app here, and we just couldn't make it work with nix. So we decided to just ship a tarball containing all the python dependencies. You only need a python interpreter and some shared libraries, which we handle with nix
<energizer`>
virtualenv (though not venv) also has --relocatable
<energizer`>
dminuoso: normally I use `pip wheel` or `shiv`, both work well IME as long as the destination has a python interpreter of the correct version
<dminuoso>
Relocable just turns all references from absolute to relative ones
malSet has quit [Quit: Quit.]
malSet has joined #nixos
<energizer`>
yep
<dminuoso>
To me, most of this is just a strong indicator that Python is really inadequate for deployment.
<dminuoso>
energizer`: See, between venv, virtualenv, poetry, shiv, wheels, pyinstaller and many many more, you have a large mess of community hacks. The language designers failed to provide for a strong module system or a way to tie binary distributions into everything.
zupo has joined #nixos
<dminuoso>
I dont want to have juggle a mess of unrelated tools, developed by independent people, where you constantly have to watch out for which packages are supported by what tool, hope that your tool will still work or be maintained a month from now.
<dminuoso>
I think it's that most of python developers just don't care or know what the problem is, because few of them were ever exposed to good solutions.
<dminuoso>
That might even be the justification behind the entire language.
<jluttine>
seems like nixos hasn't updated my letsencrypt certificates in a while. now one cert expired. this has worked for the past few years, but now suddenly broken. any ideas if there have been some changes in nixos that could cause it to suddenly stop working?
boxscape has quit [Remote host closed the connection]
cfricke_ has joined #nixos
<dminuoso>
jluttine: The letsencrypt API changed its version a while ago
<dminuoso>
jluttine: You likely need to update your channel and get the latest version of the ACME bot
<dminuoso>
Oh heh, I read "root" as in "GC roots" and was majorly confused :)
<energizer`>
`lorri shell` gives me a shell but it doesn't provide the binaries on PATH that `nix-shell` does. Am I misunderstanding what `lorri shell` is supposed to do?
<jluttine>
dminuoso: not sure yet. looking at the logs, it looks like acme service used to run once every week, now it hasn't run in many weeks for some reason.
<jluttine>
dminuoso: updating the channel, then fixing some complaints about missing acme configs (email and agreeing to terms), then rebuilding, and seems to work now
o1lo01ol1o has quit [Remote host closed the connection]
anderslu1dstedt has quit [Ping timeout: 265 seconds]
<dminuoso>
And indeed, sm-notify seems to try for 15 minutes
<dminuoso>
https://bugzilla.redhat.com/show_bug.cgi?id=1181708 is another related bug. These might not even share the same symptom, but perhaps just give you an indication that waiting patiently for 15 minutes might be a good idea.
<Taneb>
OK, I'll give it some time
<Taneb>
Do you know how long it takes for it to go "I've been waiting a while"?
<dminuoso>
Is that a message you are seeing?
<Taneb>
No, I'm not seeing a timeout thingy
<Taneb>
Just it's getting stuck and not moving
sigmundv has joined #nixos
<dminuoso>
I really question the sanity of the sm-notify developers. To block the boot process on this is ludicrous.
<dminuoso>
Or perhaps its just the nixos supplied systemd unit that's buggy
<dminuoso>
Where does your sm-notify come from? Is it some official nixos module?
<Taneb>
This machine is still on 18.09. Should be the NixOS module but it's been a while since I've touched it
<dminuoso>
That should include some `After=network.target`
anderslu1dstedt has joined #nixos
<dminuoso>
Well, or rather its nix equivalent of course.
<dminuoso>
Hold on.. that's just a gimmick unit to create the specified directory. Nevermind
anderslundstedt has quit [Ping timeout: 240 seconds]
<Taneb>
Problem was one of the drives hadn't mounted properly
<Taneb>
Which I'd seen before and forgotten
vykook has quit [Ping timeout: 258 seconds]
v88m has quit [Ping timeout: 255 seconds]
<Taneb>
Although the machine still isn't responding to ping...
bahamas has joined #nixos
ghasshee has quit [Ping timeout: 252 seconds]
<jluttine>
can i somehow control the cipher version/type of my letsencrypt certificates when using acme? some clients are giving the following error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH
mexisme has quit [Ping timeout: 272 seconds]
<dminuoso>
jluttine: "some clients" meaning what exactly?
<jluttine>
when browsing the page on my phone, some browsers work ok, some give that error
<dminuoso>
jluttine: That is unrelated to letsencrypt.
<jluttine>
ah
vykook has joined #nixos
mexisme has joined #nixos
<jluttine>
is there something i can do to fix this on my (nixos) server?
<dminuoso>
Configure whatever TLS server you are running appropriately?
bahamas has quit [Ping timeout: 260 seconds]
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
<jluttine>
dminuoso: i use nginx and my virtual hosts have "enableACME" and "forceSSL" set. what else is needed for appropriate SSL configuration?
anderslundstedt has joined #nixos
<dminuoso>
TLS works by the client and server agreeing on a particular cipher suite. A cipher suite consists of a key exchange algorithm, a block cipher and a message authentication algorithm.
<dminuoso>
So this usualy works by the server offering a set of suites, with the client picking one they like best.
<dminuoso>
The client itself might have blacklists too, so not every suite offered to them is acceptable
rgb[m] has joined #nixos
<dminuoso>
At the same time, you shouldnt want to offer unsafe cipher suites. For one reason, there's certain attacks that can force clients to pick an unsafer suite, and you want to promote safe cipher suites.
anderslu1dstedt has quit [Ping timeout: 258 seconds]
<dminuoso>
You have to translate that into nixos options of course, but it should give you a good starting point with strong security and wide compatibility.
<jluttine>
dminuoso: ok, thanks. so there's nothing builtin in nixos that would make this just work :(
<jluttine>
i would have expected this issue to hit many others, because i don't think i've done anything out of the ordinary
<dminuoso>
jluttine: No. But perhaps the case could be made to include some strongTls option that preseeds such options.
<dminuoso>
It's certainly not unreasonable
<dminuoso>
jluttine: Just to complete that tour by the way. Certificates play a miniscule role in TLS. They are used at precisely one step for just one single message, which is to confirm the identity of the server when the key exchange takes place.
energizer` has quit [Ping timeout: 260 seconds]
<dminuoso>
The certificate itself is irrelevant to TLS, it's just the crucial part that establishes the party you are talking to is the correct one - beyond that the certificate has no use.
<jluttine>
dminuoso: ok. thanks for the detailed explanation! :)
<jluttine>
sounds like fixing this with my skills would take quite a lot of time now.. have to think what to do..
<dminuoso>
jluttine: It's worthwhile reading up on this. Providing security is easier when you have a rough understanding of the parts involves.
cfricke has joined #nixos
<jluttine>
hmm.. maybe services.nginx.sslCiphers is the option i could play with hmm.. :/
waleee-cl has joined #nixos
cinimod has joined #nixos
<raboof>
I want to do some debugging/hacking on grpccurl. I did "nix-shell '<nixpkgs>' -A grpccurl", and then "unpackPhase; patchPhase; cd source; buildPhase"
<raboof>
that seems to succeed (though it does log some errors, https://pastebin.com/Pm1fj0hF) - but where can I now find the built artifact?
linarcx has quit [Read error: Connection reset by peer]
linarcx has joined #nixos
<cinimod>
Can anyone suggest a way of building *all* the Haskell packages (I want to see how much breakage a change in the one of the base libraries will cause)?
bvdw has quit [Read error: Connection reset by peer]
iqubic` has joined #nixos
bvdw has joined #nixos
bahamas has joined #nixos
bahamas has joined #nixos
iqubic has quit [Ping timeout: 240 seconds]
colemickens_ has joined #nixos
bahamas has quit [Ping timeout: 265 seconds]
<{^_^}>
[nixpkgs] @rnhmjoj merged pull request #80895 → pythonPackages.pysaml2: fix tests on 32bit systems → https://git.io/Jv0yI
<{^_^}>
[nixpkgs] @vbgl pushed commit from @marsam to master « dune_2: fix hash »: https://git.io/JvEG4
<RRedcroft>
Hi guys, is anyone here using Mopidy with gmusic? I cant get it working due to a collision between 'python2.7-backports.ssl_match_hostname' and 'python2.7-backports.functools_lru_cache'
<jluttine>
tilpner: actually, doesn't seem to work.. i used lib.mkBefore "foobar" and the output was just "foobar" although there's a real non-empty default string
philr has quit [Ping timeout: 255 seconds]
erictapen has joined #nixos
<clever>
jluttine: if you have both a default and a non-default setting, it will ignore the default one entirely
<raboof>
ok I had to add /run/user/1000/tmp.H2P8zilijT-grpcurl-1.4.0/bin to my PATH to find those tools... but still no binary
<RRedcroft>
is it possible to access files from a package in /store via scripts?
<RRedcroft>
more specifically i'd like to access "$out/share/google/chrome/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so" from vivaldi-widevine for use in qutebrowser
<Taneb>
How would I go about packaging a scala application?
erictapen has quit [Ping timeout: 272 seconds]
<immae>
RRedcroft: how about referencing "${pkgs.vivaldi-widevine}/share/google/chrome/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so"?
<RRedcroft>
tried that but it didnt find it/work
<aanderse>
anyone recently upgrade a kde laptop/desktop to 20.03 beta?
<aanderse>
alt+f2 isn't bringing up krunner...
<aanderse>
krunner is running, though
<__monty__>
RRedcroft: You tried it in a nix file, right? That wouldn't work in a bash script.
<RRedcroft>
Oh no, doing it in the qutebrowser config.py file
<RRedcroft>
__monty__: How would i go about launching via a nix file?
<immae>
RRedcroft: ah! how is vivaldi-widevine installed for you?
<Taneb>
Am I right in thinking that fixed-output derivations will stay cached if you change the derivation itself as long as the name and hash don't change?
<Taneb>
I'm considering temporarily putting a system feature on a number of packages so that our CI only tries to build them on one machine and doesn't hammer the network
<clever>
Taneb: if your using something like hydra, the fixed-output things wind up in the binary cache, and then it never runs the derivation again, just copies the existing product
<Taneb>
Good, that's my intent (I am using something that is Hydra)
fendor has joined #nixos
sgrunert has quit [Remote host closed the connection]
<tmplt>
simpson: an embedded rust project, so I need arm-none-eabi-gcc. This is an ad-hoc shell.nix, though. Exporting in the shell works, but I'd prefer to override it instead.
<clever>
tmplt: have you tried pkgsCross?
<simpson>
tmplt: At some point, it may be easier to use the nixpkgs cross-compiling subsystem, obtaining a cross-compiling stdenv.
<clever>
tmplt: ive been using pkgs.pkgsCross.arm-embedded.stdenv for some stuff on the rpi
fendor has quit [Read error: Connection reset by peer]
<__monty__>
.nix-profile/bin is later in my PATH than /usr/bin which means my configurable vim is shadowed by the system vim. What's the usual solution for this?
fendor has joined #nixos
<tmplt>
clever: thanks, I'll check it out
<clever>
__monty__: i think ~/.nix-profile/bin should be first in the path
<__monty__>
clever: Maybe it's the fish integration that messes up the order?
<buckley310>
does `boot.zfs.forceImport* = true` have any side-effects other than allowing the OS to import already-imported pools? eg, is there any downside for standard desktop SSDs?
Neo-- has joined #nixos
chimay has joined #nixos
<arianvp>
are the nix config otpions in configuration.nix system-wide?
<gchristensen>
like what?
<arianvp>
I added a binary cache in it, but it's not picked up by users
<arianvp>
on my system
<gchristensen>
yeah, should be
<{^_^}>
[nixpkgs] @crawford closed pull request #80869 → buildRustPackage: add support for non-default bins → https://git.io/Jv0rE
<arianvp>
it's not working :/ any idea how to debug?
<clever>
arianvp: how is it not being picked up? what isnt using it?
<arianvp>
i don't know! it just builds the package from source. eventhough all hashes match
<clever>
arianvp: what path is it building, that you expect to be in the cache?
<arianvp>
my package that I uploaded to the cache
magnetophon has quit [Ping timeout: 265 seconds]
<clever>
arianvp: what is the full store path for it?
<simpson>
Stupid question before I go on an adventure: Is it possible in a Nix build to have TTYs set up? I'm not seeing a recipe in the manual. I have a test runner that would like to do TTY stuff, and I want to know whether I should fix the Nix builder to set up TTYs, or fix the test runner to be okay with non-TTY usage.
<m15k>
evanjs: Seems that there's no special handling for keyboard.
chagra has joined #nixos
LouisDK has joined #nixos
leungbk has joined #nixos
Flambe has joined #nixos
<leungbk>
I've been trying to add an Emacs package to Nixpkgs, rebuilding my installation of NixOS to use my modified branch of the Nixpkgs repo, but my installation doesn't seem to detect the package. Would anybody be able to help me diagnose this? http://paste.debian.net/1131818/
Chiliparrot has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
cosimone has joined #nixos
<hoppfull>
Hello. I'm trying to connect to docker hub with VSCode and I got an error message "The name org.freedesktop.secrets was not provided by any .service files". I googled this and found a solution for ubuntu that suggests to install "gnupg2" and "pass". gnupg2 is available in nixos but not pass. Am I on the right path here? Is there some special way to
<{^_^}>
[nixpkgs] @lsix pushed commit from @r-ryantm to release-20.03 « python27Packages.mockito: 1.2.0 -> 1.2.1 »: https://git.io/JvEgA
stree has quit [Remote host closed the connection]
cosimone has quit [Quit: Quit.]
<pnobre>
so, back to nixos after the weekend (a long weekend, I must say) and trying to figure out where the files in this dir `/nix/store/some-hash-desktops/share/xsessions` are coming from ... as I currently have there what seems to be a gnome on xorg (that's correct), gnome on wayland (I have wayland disabled), xfce (that would also be correct, although I'd like to make some changes to it) and xterm (I'd also like to get rid of this one)
nerdmaxx has joined #nixos
<pnobre>
I can see xfce.desktop in `/nix/store/some-hash-desktops/share/xsessions` just dunno where the others are coming from...
stree has joined #nixos
LysergicDreams has joined #nixos
<evanjs>
manveru: yeah it works as root on the jenkins box so likely just something with my build env
psyanticy has quit [Quit: Connection closed for inactivity]
ixxie has quit [Ping timeout: 272 seconds]
vykook has quit [Ping timeout: 272 seconds]
<cinimod>
I'd like to trace what is in `meta.platforms` but if I try `let isBrokenRes = builtins.trace "foo: ${name} ${drv.meta.platforms}" isBroken' drv;` then nix complains `error: cannot coerce a list to a string`
<gchristensen>
are there any known problems with specifying a /dev/disk/by-id/... path for grub? like is there reason / need to use /dev/sdx or a different /dev/disk/xxx/xxx path instead for example
<cinimod>
How should I trace the list?
<cole-h>
gchristensen: by-id should work. It's just a symlink to the /dev/sdx path
<cole-h>
Are you asking because you're having a problem specifying that?
<cole-h>
Or just clarifying
<niksnut>
I've used /dev/disk/by-id,uuid,label
<gchristensen>
nice, niksnut
<gchristensen>
cole-h: just double-checking some assumptions, I have a particular server class which has a hard time booting -- and making sure this isn't related
Neo-- has quit [Ping timeout: 240 seconds]
vykook has joined #nixos
<samueldr>
[15:00:56] <gchristensen> stage-1, trying to find the disk
<samueldr>
[14:57:50] <gchristensen> I've seen fishy things with that too
<samueldr>
[15:00:41] <samueldr> at which point?
<samueldr>
[15:00:13] <gchristensen> another system which seems to not be finding its by-id disks, very annoyingly
<samueldr>
udev shenanigans could be happening here
<gchristensen>
I'm not really able to dig in to that stage-1 failure at the moment for diagnostics, but happy to talk further
<samueldr>
it is udev that handles making those
<gchristensen>
(still fighting this one where the bios doesn't find the bootloader on this particular server :)) yeah it is a bit weird, since almost all of the systems do fine and then this particular class doesn't.
<samueldr>
so, 99.99% sure since it's stage-1 that's failing that, for your initial question "no, no problems with grub for using those"
<gchristensen>
yeah -- these are two different chassis
<samueldr>
if it's consistent, it might be that a hwdb file for udev is not copied to stage-1
<gchristensen>
interesting
<samueldr>
is it fancy hardware?
<gchristensen>
well, not sure -- it only happens on a very specific type of system
<samueldr>
thus my question :)
<gchristensen>
hmm I think it is fancy
* samueldr
searches for the relevant file in nixpkgs
<evanjs>
manveru: wow.... yep... was using the wrong credentials.... :D
<samueldr>
this is the subset of rules that is being copied to stage-1
<gchristensen>
hm!
<samueldr>
I'm not udev-savvy enough to help you track which file is being used in the booted system
<samueldr>
(assuming the booted system has the right links)
<Cadey>
gchristensen: please don't make nix a lisp
<gchristensen>
Cadey: what?
<gchristensen>
samueldr: I'll have to get in to the system at stage-1 and try it out, probably not today -- great pointer though. I need to focus on this grub thing for now :)
<samueldr>
gchristensen: for the grub thing, would installAsRemovable help in being more stable?
<samueldr>
e.g. is systemd-boot stable?
<samueldr>
IIRC our systemd-boot setup uses the fallback location
<gchristensen>
hmmm good question, this makes me think maybe it isn't an ARM one since I think it is a bios boot not uefi
<gchristensen>
how about this for useless :P
<{^_^}>
[hydra] @dasJ opened pull request #719 → Show what type of path was found in search results → https://git.io/JvE2p
<jared-w>
gchristensen: Just out of curiosity, I've noticed that nixpkgs has a slowly ever growing amount of open PRs. Has there been any thought into systematic ways to fix that? Maybe auto merging stuff that passes tests? Idk. Just randomly noticed that and I think I remember that you have bors setup for nixpkgs so in theory it helps merge stuff in automatically?
<jared-w>
ah nice, not too bad then. Looks like I coincidentally started paying attention right during an upswing of the PR number so that's why it looked monotonic to me :p
<gchristensen>
:D
<jared-w>
(would be nice to have it be roughly zero tho, just saying)
<gchristensen>
a bot merging another bot's PR is probably not a good idea
<gchristensen>
yeah, it'd be nice to close out PRs which aren't likey to merge any time soon, though I doubt it'll ever be approximately zero -- we 1500+ prs a month
<cransom>
that was one of the prequels that didn't get greenlit for the terminator franchise
<rycee>
I've seen a few projects having a bot that comments on issues that haven't moved in some amount of time and if nobody answers the bot within some time limit then the issue is closed.
cosimone has joined #nixos
<jared-w>
Sure; not saying to go crazy, but if they're super routine "bump the digits" PRs, it makes sense that there should be an equally minimal amount of work required for a human to merge it in. Even if they're just "rolled up" into a larger routine-updates style PR which then has less overhead for a human to approve
<gchristensen>
rycee: yeah, I think that has been suggested by an RFC. I don't like that very much, because it means I get about a dozen emails every month where I just hav et ogo comment on an issue "this is still a bug" to keep it from closing
mexisme has quit [Quit: WeeChat 2.7]
<gchristensen>
a roll-up is interesting
<rycee>
gchristensen: Yeah, I would hope there is a way to tell the bot that "this issue should remain open and don't check it again"
<jared-w>
Seems more like a mis-configured stale bot than anything else, tbh. Rust has used roll-ups to very high effectiveness. It's particularly powerful with drive-by PRs that touch different parts of the codebase in harmless ways
<AmandaC>
Inactivity isn't a very good indicator of a bug's value, imho. There's nothing that frustrates me more than getting some error, googling it, and it's reported in some project, which then had their bot close the issue, obviously unresolved
<andi->
Yeah, I'd go as far as automate the "keep my tickets open" step because it is really discouraging of actually reporting a bug
jackal_ is now known as jackalxyz
<gchristensen>
jared-w: for some context, take a look at debian's open bug count :)
<gchristensen>
(on second thought, not even sure how to do that)
<jared-w>
Or if anything, just mark the bug as "stale" or "unassigned" until it's been moved into an appropriate category. I'd imagine many of those stale bugs are just small things that get hidden beneath a growing pile of busywork; it's not surprising to see bugs that are duplicates, or were fixed ages ago but never identified appropriately
<{^_^}>
[nixpkgs] @worldofpeace pushed commit from @mkg20001 to release-20.03 « ettercap: fix pango not finding hb.h from harfbuzz (#75789) »: https://git.io/JvEV6
<nilsirl[m]>
How can I view the version of a package that is currently installed?
<AmandaC>
nilsirl[m]: depends how it's installed. `nix-env -q <package-name>` -- not sure for a environment.systemPackages
<nilsirl[m]>
AmandaC: I'm looking for packages installed via systemPackages :)
rail has joined #nixos
<AmandaC>
nilsirl[m]: Hrm. You might be able to fanagle some stuff from /run/sw/current-system or wherever that is. IIRC it simply simlinks them, so if you readlink deep enough you'll find the /nix/store path which has it's version in it
<nilsirl[m]>
ty, that works. Not perfect but good enough. (better than going on nixos.org and not even being sure the installed version is the same as on the website)
chimay has quit [Ping timeout: 255 seconds]
<AmandaC>
If at all possible, I'd suggest doing something like `foo -v`, `foo --version`, `foo version` if the tool has it; for anything you'd share publically.
<pbb_>
I tried specifying the port with "--builders ssh://foo@bar:1234", "--builders ssh://foo:bar?port=1234", I tried NIX_SSHOPTS, and then I even tried to put a wrapper for the ssh binary in the path which adds -p62954 and I built an FHSUserEnv containing an ssh_config file
<pbb_>
None of those worked, because the daemon is reading the ssh_config file
<nilsirl[m]>
For some reason, my `.profile` is no longer loaded/sourced anymore. That wasn't the case before. Is this related to NixOS? (I'm on nixos-unstable)
<deni>
in my configuration.nix if I have imports = [ ./mymodule.nix ] how do I pass parameters to it? imports = [ ./mymodule.nix { foo = bar;}] does not seem to work
<{^_^}>
[nixpkgs] @worldofpeace opened pull request #80985 → perl-packages: don't use openssl_1_0_2 → https://git.io/JvEr8
<deni>
the error I'm getting is that option foo defined in configuration.nix does not exist
<clever>
deni: that is a list containing a path and a set, not the result of applying the set to a function
drakonis has quit [Ping timeout: 258 seconds]
<deni>
clever: if mymodule.nix is expecting some inputs and I want to override foo how would I do that then?
Jackneill has joined #nixos
<v0|d>
hello, is there a better way to set a static ether arp record besides networking.localCommands?
vidbina has quit [Ping timeout: 265 seconds]
<clever>
deni: it would be best to make it into a normal nixos option
zupo has quit [Ping timeout: 255 seconds]
<deni>
clever: hmmm....that makes total sense ... I don't know why I didn't think of that
<deni>
thank you!
zupo has joined #nixos
fendor has quit [Read error: Connection reset by peer]
<energizer`>
worldofpeace: Thanks. Is there a way to query help from the nix CLI?
<worldofpeace>
energizer`: I think there's a manual `man configuration.nix`. And if you're using a GUI you should have a NixOS manual you can view in a browser locally with all the options
linarcx has quit [Ping timeout: 255 seconds]
<deni>
clever: what type does pkgs.writeScript return? It doesn't appear to be a path.
<deni>
clever: I'm trying to write a config file and then I'm passing it to the module as a nixos option
<clever>
deni: its a derivation that builds to a shell script
<clever>
deni: note that it takes 2 params, a name and the script
<deni>
clever: so I'd need writeTextFile it seems?
<deni>
since this is a config file and not a script
<clever>
deni: do you want a file or a script?
<clever>
yeah, writeTextFile is what you want then
<deni>
clever: that said... I'm trying to pass the output of that function to a module as a nixos option. And I've defined the option as types.path.... and it's complaining that what I'm passing in isn't of types.path
<deni>
ah it appears writeText is what I'm looking for actually...however when I pass that in to the module as "${that_drv}" I get an error saying cannot coerce a set to a string
<clever>
deni: what is the definition of that_drv?
<growpotkin>
Hey so I've made a million shells for dev environments; but how do I go about making one for running PHP? The usual searches didn't turn up anything directed at shells, I was almost considering using nixops and a VM; but I'm sure somebody here has an existing shell they could share.
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/JvEKI
<leungbk>
I've been trying to add an Emacs package to Nixpkgs, rebuilding my installation of NixOS to use my modified branch of the Nixpkgs repo, but my installation doesn't seem to detect the package. Would anybody be able to help me diagnose this? http://paste.debian.net/1131818/
drakonis1 has quit [Quit: WeeChat 2.7.1]
<{^_^}>
[nixpkgs] @reardencode opened pull request #80990 → Add J-Link binary package for embedded debugging → https://git.io/JvEKn
<deni>
gchristensen: thank you! I guess it was confusing that I found the nixos-* branches in nixpkgs but as it turns out actually I should have been looking at the release-* branhces.
colemickens_ has joined #nixos
habbah has quit [Changing host]
habbah has joined #nixos
drakonis has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos
hoppfull has joined #nixos
drakonis has joined #nixos
drakonis_ has quit [Ping timeout: 260 seconds]
o1lo01ol1o has quit [Remote host closed the connection]
Flambe has quit [Ping timeout: 260 seconds]
o1lo01ol1o has joined #nixos
vidbina has joined #nixos
m0rphism has quit [Ping timeout: 252 seconds]
<hoppfull>
How do you add extra paths to PATH in nixos?
o1lo01ol1o has quit [Ping timeout: 265 seconds]
rogue_koder has quit [Ping timeout: 240 seconds]
<hoppfull>
Do I have to do it in configuration.nix or is it possible to tie it to my user in /home?
rogue_koder has joined #nixos
hoppfull has quit [Remote host closed the connection]
drakonis has quit [Ping timeout: 258 seconds]
dingenskirchen has quit [Quit: dingenskirchen]
dingenskirchen has joined #nixos
<LnL>
gchristensen: I've not really used those together yet
<turq>
i have tried to install xmonad, but when i enter my password at the login screen i am only returned back to the login screen. how do i even begin to debug what's going on here?