<{^_^}>
[nixpkgs] @JeffLabonte opened pull request #82896 → 20 03 backport protonvpn cli ng → https://git.io/Jv1nq
gila has quit [Ping timeout: 264 seconds]
enteee has quit [Ping timeout: 265 seconds]
<ottidmes>
is it just my side of things or is builtins.fetchGit for Nixpkgs slow (as in minutes)? I have experienced this on both my home network (desktop, laptop, server) and different networks (friend's network + VPSes), in all cases I am used the same Nixpkgs release to build, so maybe it is that, or maybe it is just github
<{^_^}>
[nixpkgs] @cdepillabout pushed 2 commits to haskell-updates: https://git.io/Jv1CL
captjakk has joined #nixos
phirsch has joined #nixos
<phirsch>
Hi all, anyone got an idea what could cause this:
<phirsch>
test
<infinisil>
Wait can i
drakonis has quit [Quit: WeeChat 2.7.1]
<infinisil>
Yeah I can
drakonis has joined #nixos
thomashoneyman has joined #nixos
<phirsch>
(using unknown web client, apparently with no multi-line capability. Sorry!) My problem: "*** longjmp causes uninitialized stack frame ***: Singularity runtime parent terminated" when running singularity under nixos 19.09. Stack: _start __libc_start_main/__libc_csu_init/init/wait_child/kill/kill (SIGABORT).
<thomashoneyman>
Quick question re: cachix (if that's cool here) -- I'm switching a couple open source libraries on GitHub to use GitHub Actions + Cachix. Is it better to set up a cache per repository or a cache per organization?
<infinisil>
(yeah I can)
<thomashoneyman>
ie. lib1.cachix.org and lib2.cachix.org or organization.cachix.org which both libraries use
drakonis1 has joined #nixos
drakonis has quit [Client Quit]
drakonis1 is now known as drakonis
<cole-h>
Probably best to do organixzation.cachix.org
<cole-h>
So you don't have to add multiple substituters to your list
lordcirth_ has quit [Remote host closed the connection]
<phirsch>
What I tried is the following, based on an example out of the singularity docs: nix run -i -f channel:nixos-19.09 singularity -c singularity --debug run library://sylabsed/examples/lolcow
kai_w_ has joined #nixos
<phirsch>
It would be great if anyone on nixos 19.09 could confirm that this works - In which case I would be facing a problem with my local install.
<avn>
Folks, anyone familiar with webcams+nixos? I'd try to figure out how to use uvcdynctrl (and motion) with my logitech c270. (sorry for repearing, I disconnected right after asking first time)
<Ankhers>
Does anyone know much about rust on NixOS? I am trying to get into a nix-shell that can build a package, but one of the libs is looking for libclang.so and a couple other things. How can I get them into a place where cargo can find them?
lordcirth_ has quit [Remote host closed the connection]
lordcirth_ has joined #nixos
lordcirth_ has quit [Read error: Connection reset by peer]
lordcirth__ has joined #nixos
h0m1 has quit [Ping timeout: 272 seconds]
lordcirth__ has quit [Remote host closed the connection]
<Ankhers>
cole-h: That is what I have been trying, I am still getting an error about being unable to find libclang.so. If I manually set the LIBCLANG_PATH var in my shell.nix, it works as expected, but I feel like I should not need to do that.
lordcirth__ has joined #nixos
<Ankhers>
(But when I do that, I end up getting errors about being unable to find stdbool.h and friends, but that is a different matter)
davidak has quit [Ping timeout: 246 seconds]
h0m1 has joined #nixos
justanotheruser has joined #nixos
lordcirth__ has quit [Remote host closed the connection]
<cole-h>
And you're sure you have `llvmPackages.clang-unwrapped.lib` in your inputs?
captjakk has quit [Remote host closed the connection]
lordcirth__ has quit [Remote host closed the connection]
<Ankhers>
No. I was using the llvmPackages.libclang and I also tried llvmPackages.libclang.lib. I will try clang-unwrapped instead.
lordcirth__ has joined #nixos
<phirsch>
Just realised I still had an overlay in place which I earlier created in an effort to try to update to singularity 3.4 which we are using on a cluster. I now dropped that overlay and am back to singularity 3.2.1 from stock nixos-19.09, but it still fails (which was the reason I tried to upgrade in the first place). It now fails with 'container
<phirsch>
creation failed: mount /proc/self/fd/3->/var/singularity/mnt/session/rootfs error: can't mount image /proc/self/fd/3: failed to mount squashfs filesystem: invalid argument'
<Ankhers>
clang-unwrapped.lib did not help me here.
lordcirth__ has quit [Read error: Connection reset by peer]
lordcirth__ has joined #nixos
<phirsch>
Please, could anyone on nixos-19.09 check whether you can successfully run 'singularity --debug run library://sylabsed/examples/lolcow', possibly using 'nix run -i -f channel:nixos-19.09 singularity -c singularity --debug run library://sylabsed/examples/lolcow'? Thanks!
lordcirth_ has joined #nixos
captjakk has quit [Ping timeout: 250 seconds]
<Ankhers>
Alright, I guess I am using LIBCLANG_PATH, any ideas how I can get stdbool.h and friends?
<{^_^}>
[nixpkgs] @jonringer pushed commit from @JeffLabonte to release-20.03 « brave: 1.4.96 -> 1.5.112 »: https://git.io/Jv1WE
<Ankhers>
I completely forgot that I actually went through this process a while ago. I don't know why exactly, but I never got it working using mkShell, I had to use clangStdenv.mkDerivation. Sorry to have wasted your time! Thank you very much for helping though!
<pjt_014>
and I got an error that read "error: a 'armv6l-linux' with features {} is required to build '/nix/store/1qj24xjbaig24jh0rx62d2bdl49l5p74-bootstrap-tools.drv', but I am a 'aarch64-linux' with features {benchmark, big-parallel, kvm, nixos-test}"
davidak has joined #nixos
<pjt_014>
am I vaugely on the right track?
<pjt_014>
last time I x-compiled an iso it wasnt this obnoxious
<samueldr>
with this invocation you're asking for a system type armv6l-linux to do the compilation
<samueldr>
so there's no cross-compilation here
<samueldr>
that's why it wants an armv6l-linux system (that it can't find)
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to staging « bluez: 5.53 -> 5.54 »: https://git.io/Jv18f
<dominikh>
does anyone have experience with packaging printer drivers? the one I am looking at is https://github.com/philpem/printer-driver-ptouch – just going through make + make install gives me a filter and a bunch of foomatic XMLs, but how do I turn the XMLs into PPDs? foomatic-db-engine doesn't seem to be packaged; am I missing something, or has simply noone done the work yet?
<{^_^}>
[nixpkgs] @marsam merged pull request #82916 → gitAndTools.gh: fix build on darwin → https://git.io/Jv1Wm
work_ has quit [Quit: Connection closed for inactivity]
butterthebuddha has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
FRidh has joined #nixos
butterthebuddha has joined #nixos
fraun has quit [Ping timeout: 256 seconds]
linarcx has joined #nixos
cyphase has joined #nixos
joehh1 has quit [Quit: WeeChat 2.4]
mjrosenb has quit [Ping timeout: 256 seconds]
mojjo has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<mojjo>
I'm setting up an nginx server on NixOS with two virtual hosts/sub domains. When using 'addSSL', I hit the LetsEncrypt rate limit. This is a known issue. But I wonder why this happens even on the first deploy to a fresh instance with new IP address for only two subdomains. How can that hit the rate limit of 50 certificates per IP/per month? Does
<mojjo>
anyone have experience with this? I managed now to create the certificates up manually but I want to avoid that if possible.
sgrunert has joined #nixos
gila has joined #nixos
jakobrs has joined #nixos
gila has quit [Ping timeout: 264 seconds]
jakobrs has quit [Quit: WeeChat 2.7.1]
cole-h has quit [Ping timeout: 250 seconds]
FRidh2 has joined #nixos
FRidh has quit [Ping timeout: 264 seconds]
lordcirth_ has quit [Remote host closed the connection]
lordcirth_ has joined #nixos
maddo has joined #nixos
Jackneill has joined #nixos
oida has quit [Remote host closed the connection]
jtobin_ has quit [Ping timeout: 264 seconds]
oida has joined #nixos
jtobin has joined #nixos
alexherbo2 has joined #nixos
captn3m0 has quit [Ping timeout: 250 seconds]
captn3m0 has joined #nixos
zupo has joined #nixos
<pjt_014>
mojjo: most of the room seems to be asleep right now (timezones). You may have better luck tomorrow if you try at around six hours earlier
<pjt_014>
though I can personally tell you from looking that if you're using acme, it has an option for setting the interval
<pjt_014>
do man configuration.nix and search for acme.renewInterval
ATuin has joined #nixos
jared-w has quit [Ping timeout: 256 seconds]
feepo has quit [Ping timeout: 256 seconds]
jackdk has quit [Ping timeout: 256 seconds]
claudiii has quit [Ping timeout: 272 seconds]
midchildan has quit [Ping timeout: 272 seconds]
dmj` has quit [Ping timeout: 272 seconds]
sethetter_ has quit [Ping timeout: 272 seconds]
cbarrett has quit [Ping timeout: 272 seconds]
heatm1s3r has quit [Ping timeout: 272 seconds]
claudiii has joined #nixos
midchildan has joined #nixos
alanz has quit [Ping timeout: 256 seconds]
r0bby has quit [Ping timeout: 256 seconds]
dukedave has quit [Ping timeout: 256 seconds]
lukego has quit [Ping timeout: 256 seconds]
nh2 has quit [Ping timeout: 256 seconds]
carter has quit [Ping timeout: 256 seconds]
valwal has quit [Ping timeout: 256 seconds]
bgupta has quit [Ping timeout: 240 seconds]
newhoggy has quit [Ping timeout: 240 seconds]
jlpeters has quit [Ping timeout: 240 seconds]
joshmeredith has quit [Ping timeout: 240 seconds]
nikita` has quit [Ping timeout: 240 seconds]
ctp has quit [Ping timeout: 240 seconds]
zertox has quit [Ping timeout: 240 seconds]
d10n-work has quit [Ping timeout: 240 seconds]
teehemkay has quit [Ping timeout: 256 seconds]
parseval has quit [Ping timeout: 240 seconds]
aria has quit [Ping timeout: 240 seconds]
teozkr has quit [Ping timeout: 240 seconds]
heatm1s3r has joined #nixos
sethetter_ has joined #nixos
cbarrett has joined #nixos
jackdk has joined #nixos
feepo has joined #nixos
jared-w has joined #nixos
dmj` has joined #nixos
zertox has joined #nixos
jlpeters has joined #nixos
aria has joined #nixos
ctp has joined #nixos
joshmeredith has joined #nixos
lukego has joined #nixos
alanz has joined #nixos
teozkr has joined #nixos
teehemkay has joined #nixos
bgupta has joined #nixos
parseval has joined #nixos
newhoggy has joined #nixos
d10n-work has joined #nixos
carter has joined #nixos
dukedave has joined #nixos
civodul has joined #nixos
nikita` has joined #nixos
nh2 has joined #nixos
r0bby has joined #nixos
valwal has joined #nixos
butterthebuddha has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Jackneill has quit [Ping timeout: 250 seconds]
wavirc22 has quit [Read error: Connection reset by peer]
<srk>
,locate xev
<srk>
-> xorg.xev
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
wavirc22 has joined #nixos
<xfix>
hm, OpenSSL 1.1.1e changed the behaviour of EOF according to changelog, that's probably why tests fail
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<hyper_ch>
mojjo: "The main limit is Certificates per Registered Domain (50 per week). A registered domain is, generally speaking, the part of the domain you purchased from your domain name registrar. For instance, in the name www.example.com, the registered domain is example.com. In new.blog.example.co.uk, the registered domain is example.co.uk. We use the Public Suffix List to calculate the registered domain."
<xfix>
> Properly detect EOF while reading in libssl. Previously if we hit an EOF while reading in libssl then we would report an error back to the application (SSL_ERROR_SYSCALL) but errno would be 0. We now add an error to the stack (which means we instead return SSL_ERROR_SSL) and therefore give a hint as to what went wrong.
<hyper_ch>
so www.domain.tld, domain.tld, mail.domain.tld, smtp.domain.tld, imap.domain.tld, pop3.domain.tld --> 6 out of 50
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<hyper_ch>
and if le gets triggered everytime you rebuild, you'll hit the limit pretty quickly
<hyper_ch>
(there's a good reason why I prefer acme.sh and cron)
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
bahamas has joined #nixos
veske2 has joined #nixos
veske has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
bnjjj has joined #nixos
chimay has joined #nixos
<s1341>
morning
<bnjjj>
Hi all, I discover nixos, I already installed vscode but when I want to use extension like rust-analyser for example it doesn't work. Anyone here has already a good configuration with vscode and nixos ?
Jackneill has joined #nixos
<xfix>
I believe you need to install rust-analyzer, and I don't think it's in nixpkgs
malSet has quit [Read error: Connection reset by peer]
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
knupfer has joined #nixos
ghasshee has quit [Ping timeout: 256 seconds]
mjrosenb has joined #nixos
ghasshee has joined #nixos
malSet has quit [Read error: Connection reset by peer]
rsoeldner has joined #nixos
relaxmax has joined #nixos
zupo has quit [Ping timeout: 250 seconds]
malSet has joined #nixos
ATuin has quit [Quit: WeeChat 2.7.1]
malSet has quit [Read error: Connection reset by peer]
gila has joined #nixos
mjrosenb has quit [Ping timeout: 265 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
zupo has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
ATuin has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<rnhmjoj>
Valodim: looks like a randomly generated path made its way into the bytecode. it could probably be taken care of by using faketime, if the rng uses time as a seed
ottidmes has joined #nixos
<manveru>
hmm, the ruby one should be easy to fix too
<rnhmjoj>
is there anyone working on getting faketime in stdenv by default?
<rnhmjoj>
i think this should fix most of the reproducibility issue we have
<manveru>
srxl: you'll need to run `yarn && yarn2nix > yarn.nix` in the dir as well, and delete the node_modules afterwards
mjrosenb has joined #nixos
<manveru>
but i hope that'll get you started
<hyper_ch>
hmmm, how do I set nixos to use an older version of thunderbird?
<zimbatm>
hyper_ch: the first thing to do is to find a nixpkgs channel that has the older version
<zimbatm>
the easiest way to do that is to look at the git log of the thunderbird definition to find the right commit ID
<zimbatm>
I suppose that you still want to use all of the rest of the system with the latest channel
<jdelStrother>
I'm using the sphinxsearch package, which has prefixed binaries like `sphinxsearch-searchd`. What's the nix-y way of making it so those are available as simply `searchd` ?
<jdelStrother>
(new to Nix, and running on macos)
<zimbatm>
so here you would `import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/<commit ID>.tar.gz") {}).thunderbird` and add that to the systemPackages
mjrosenb has quit [Ping timeout: 258 seconds]
<hyper_ch>
zimbatm: thx, I'll tr
Shouou has joined #nixos
<zimbatm>
jdelStrother: I would use `buildEnv` to do create a new derivation that includes both the original package and the preferred aliases
<zimbatm>
^ it's missing the name attribute which you can set to whatever you want
Ariakenom has quit [Ping timeout: 265 seconds]
<hyper_ch>
zimbatm: it didn't like it: error: attempt to call something which is not a function but a string with context, at /etc/nixos/configuration.nix:854:10
<tilpner>
first with buildEnv, second with mkShell
<jdelStrother>
"Are you sure env does anything?" - no, just newbie confusion
<tilpner>
Does the second paste do what you want?
<jdelStrother>
tilpner: yep, perfect thanks
ghasshee has quit [Ping timeout: 256 seconds]
ghasshee has joined #nixos
matthiaskrgr has quit [Quit: Free ZNC ~ Powered by LunarBNC: https://LunarBNC.net - currently broken?]
nikivi has quit [Read error: Connection reset by peer]
CMCDragonkai1 has joined #nixos
gentauro has quit [Read error: Connection reset by peer]
gentauro has joined #nixos
<zimbatm>
jdelStrother: hmm you are right, I forgot about that
zupo has joined #nixos
<zimbatm>
another approach is to use `sphinxsearch.overrideAttrs (orig: { postInstall = "ln -s $out/bin/sphinxsearch-searchd $out/bin/searchd"; })` but that will rebuild the package
<zimbatm>
or use `pkgs.runCommand "searchd" {} "mkdir -p $out/bin && ln -s ${sphinxsearch}/bin/sphinxsearch-searchd $out/bin/searchd"` and then install both packages
magnetophon has quit [Remote host closed the connection]
bahamas has joined #nixos
slasl has joined #nixos
<slasl>
How to use the "lib.mkForce"?
<tilpner>
foo = lib.mkForce bar;
<tilpner>
Where foo refers to an option, and bar is a value you want to set foo to
<ottidmes>
FRidh2: Ah, let me see if I can fix my auto fixer script to include a patch for that
srxl has quit [Remote host closed the connection]
organixpear has quit [Remote host closed the connection]
<FRidh2>
ottidmes: actually seems to be working again
<FRidh2>
don't ask why...
<ottidmes>
why? :P
<ottidmes>
I just tried, updated to latest nixos-unstable, vscode 1.43, but it still works fine for me, so not sure what happened either for it to break on your end
dejanr has quit [Quit: WeeChat 2.7.1]
iyzsong has quit [Ping timeout: 256 seconds]
enuiarte has joined #nixos
aswanson has joined #nixos
iyzsong has joined #nixos
reallymemorable has joined #nixos
chimay has quit [Ping timeout: 256 seconds]
mjrosenb has joined #nixos
cosimone has quit [Quit: Terminated!]
reallymemorable has quit [Quit: reallymemorable]
chimay has joined #nixos
mjrosenb has quit [Ping timeout: 250 seconds]
niso has joined #nixos
gustavderdrache has joined #nixos
knupfer has quit [Ping timeout: 246 seconds]
reallymemorable has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
bvdw has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
chagra_ has quit [Ping timeout: 250 seconds]
bvdw has joined #nixos
chagra_ has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<arianvp>
binary builds for vlc seem to have disappeared from 19.09 branch
<arianvp>
can I backtrack somehow how that is? through hydra I suppose?
malSet has quit [Read error: Connection reset by peer]
<arianvp>
ah
ATuin has joined #nixos
<arianvp>
ohh nixpkgs jobset for 19.09 is in the nixos folder, not in the nixpkgs folder.
<gchristensen>
wat
<gchristensen>
my kingdom for declarative jobsets :P
<arianvp>
finding things in hydra laways confuses me :P
<gchristensen>
at least it loads faster than it used to :P
<gchristensen>
_used to_
kenshinCH has joined #nixos
andreas303 has quit [Remote host closed the connection]
<flokli>
gchristensen: hm, it seems I can't request reviews from people without commit bits anymore. was there anything changed in the permissions recently?
<kenshinCH>
hello! I'm trying to override some python packages, and in particular to chain two overrides: `python38.override ({ packageOverrides = self: super: { ...} }).override { ... }`
andreas303 has joined #nixos
<kenshinCH>
is that a thing? I don't see the packages from the second override when I use the resulting python attribute
le_jonge has quit [Quit: quit]
<gchristensen>
flokli: you've never been able to request reviews from someone outside of the org, that is why we had to add every maintainer to a nixpkgs team
<flokli>
it gathers some information about how you get there
<NinjaTrappeur>
better follow that gist apparently :)
<flokli>
no, don't follow that gist. actually, it's still cloudfront
<flokli>
it'd need to be fastly-ifyed
psiperator[m] has joined #nixos
iyzsong has quit [Ping timeout: 256 seconds]
smeag0l has joined #nixos
smeag0l has left #nixos [#nixos]
o1lo01ol1o has quit [Remote host closed the connection]
jonge has joined #nixos
<pistache>
NinjaTrappeur: no, I'm passing by Telia. here is the traceroute: https://termbin.com/n0oq
<pistache>
I tried contacting support@fastly.com, but they won't help as I'm not a Fastly customer, and they say that the problem is probably within Orange's network
sgrunert has quit [Remote host closed the connection]
iyzsong has joined #nixos
iyzsong has quit [Client Quit]
<NinjaTrappeur>
pistache Orange does not provide any public weathermap, Telia seem to be a direct transit (they do not seem to pass by any IX), debugging this one is going to be tricky.
kreyren has quit [Remote host closed the connection]
<NinjaTrappeur>
This telia transit is probably throttled.
kreyren has joined #nixos
kenshinCH has quit [Quit: WeeChat 2.7.1]
<NinjaTrappeur>
I guess trying to sshuttle or VPN to a ovh box or something passing by franceix is your best bet :/
<pistache>
yes, this is how I avoid the problem
<pistache>
but as Orange is a big french ISP, that may host quite a lot NixOS users, I thought trying to report the problem somewhere could be useful
cosimone has joined #nixos
<pistache>
it's also an intermittent problem, and it doesn't seem to manifest neither right now, nor yesterday, so we can hope it has been fixed at some point
kiwi_39 has joined #nixos
Miyu-saki has quit [Ping timeout: 240 seconds]
aswanson has quit [Ping timeout: 246 seconds]
Miyu-saki has joined #nixos
aswanson has joined #nixos
Miyu-saki is now known as Guest83260
<kiwi_39>
Hello, I'm trying to upgrade my system which happens to have two packages that get built from source (virtualbox and flightgear). Is there a way to force these packages to be built sequentially? I do not have enough disk space to build both at the same time (about 6.6GB free). The option boot.tmpOnTmpfs is not enabled.
<lassulus>
maybe -j 1 ?
<kiwi_39>
Is that an option to nixos-rebuild?
<lassulus>
yes
<kiwi_39>
ok
alexherbo28 has joined #nixos
<kiwi_39>
It now seems to be building them sequentially.
<kiwi_39>
@lassulus Thank you!
kiwi_39 has quit [Remote host closed the connection]
<ottidmes>
kiwi_39: although it is not what you asked for, I tend to be low on disk space on my NixOS install too when doing upgrades, I tend to just do it in parts, so you could also just comment one of the two, build, and afterwards uncomment and build again, lame, but it works
alexherbo2 has quit [Ping timeout: 250 seconds]
alexherbo28 is now known as alexherbo2
jdelStrother has quit [Ping timeout: 240 seconds]
orivej has joined #nixos
Ariakenom has quit [Ping timeout: 250 seconds]
cosimone has quit [Remote host closed the connection]
cosimone has joined #nixos
c0c0 has quit [Ping timeout: 246 seconds]
abathur has joined #nixos
rsoeldner has quit [Remote host closed the connection]
<ottidmes>
just curious, why did nixos-install get a nixos user rather than going straight to root?
veske2 has quit [Quit: This computer has gone to sleep]
veske has quit [Quit: This computer has gone to sleep]
kolbycrouch has quit [Remote host closed the connection]
acarrico has joined #nixos
rogue_koder has joined #nixos
c0c0 has joined #nixos
abathur has quit [Quit: abathur]
abathur has joined #nixos
FRidh has joined #nixos
FRidh2 has quit [Ping timeout: 264 seconds]
glittershark has joined #nixos
zupo has quit [Ping timeout: 256 seconds]
o1lo01ol1o has joined #nixos
zupo has joined #nixos
Naptra has joined #nixos
jakobrs has joined #nixos
justanotheruser has quit [Ping timeout: 272 seconds]
<jakobrs>
Is it possible to import a nix file `imports = [ ./file.nix ]` style as an expression?
o1lo01ol1o has quit [Ping timeout: 250 seconds]
philr has quit [Ping timeout: 250 seconds]
<jakobrs>
I'd like to import a file, but *only* want one attribute that's defined in it
lordcirth_ has quit [Remote host closed the connection]
lordcirth_ has joined #nixos
<jakobrs>
ottidmes: It's a module
<jakobrs>
It depends on config, lib, pkgs, etc
<jakobrs>
I don't know precisely what it depends on (it's autogenerated)
kenshinCH has joined #nixos
<ottidmes>
jakobrs: then put in the module you are importing in, { ...whatever..., ... }@args: and then do (import ./file.nix args).oneAttribute
<jakobrs>
thanks
hmpffff has joined #nixos
<kenshinCH>
I have a python package that builds correctly via a `default.nix` like the ones in nixpkgs (`buildPythonPackage` etc). What's the best way to write a `shell.nix` using that `default.nix` and dropping me in a shell with `python` with all the right packages available?
<kenshinCH>
waleee-cl: with the first one I get `'shell' missing` (although I'm doing a `callPackage`. Does that change something?). The second one would require re-listing all the dependencies, right?
<waleee-cl>
kenshinCH: I haven't actually used any of them, I just remembered seeing them there
<waleee-cl>
kenshinCH: in the way outlined in ci.nix I think you can omitt the packages after "inherit (default)" and 'inherit' all packages from it? I'm not super-familiar with the syntax and can't check atm
CMCDragonkai1 has quit [Ping timeout: 250 seconds]
captjakk has joined #nixos
jjakob has quit [Ping timeout: 256 seconds]
o1lo01ol1o has joined #nixos
chagra_ has quit [Ping timeout: 264 seconds]
chagra_ has joined #nixos
glittershark has quit [Ping timeout: 256 seconds]
glittershark has joined #nixos
blaggacao has quit [Read error: Connection reset by peer]
drakonis has quit [Ping timeout: 246 seconds]
jakobrs has quit [Ping timeout: 256 seconds]
blaggacao has joined #nixos
misuzu has quit [Quit: leaving]
misuzu has joined #nixos
<Orbstheorem>
Hello, I've added gnome3.gucharmap to systemPackages and noto-fonts{,-emoji,-extra} to fonts.fonts, but I still can't see the font in gucharmap. (I've only rebuild-test). And I missing something? :/
kreyren has quit [Remote host closed the connection]
kreyren has joined #nixos
lordcirth_ has quit [Read error: Connection reset by peer]
lordcirth__ has joined #nixos
erasmas has joined #nixos
chagra_ has quit [Ping timeout: 256 seconds]
chagra_ has joined #nixos
chagra_ has quit [Client Quit]
chagra has joined #nixos
<samrose>
are there people currently working toward packaging discourse for nixpkgs?
<samrose>
(realizing it prob ain't gonna be easy)
<srk>
why not, just follow the docker file :)
<srk>
(or files in this case with bunch of options)
<ToxicFrog>
When do activation scripts run? In particular, can I be confident that they will run after /etc/group and /etc/passwd have been populated, and thus, I can test group membership?
<samrose>
srk: sure thing just checking here to see if efforts are under way that i can contribute to
<yorick>
srk: pkgsCross.x.buildPackages should be equivalent to pkgs
<srk>
I see
<yorick>
(clever?)
<srk>
yorick: else if targetPlatform.isGhcjs
<srk>
then throw "no C compiler provided for this platform"
<yorick>
srk: hrm, so I need two levels of buildPackages
chagra has quit [Ping timeout: 250 seconds]
<srk>
hah, yeah, cool
chagra has joined #nixos
<Taneb>
If I have a derivation that builds a file "/nix/store/abcdef-foo", is there a handy wrapper that makes it easy to wrap that into a derivation that produces a single file "/nix/store/uvwxyz-name/bar"?
smolck has quit [Remote host closed the connection]
lordcirth__ has quit [Read error: Connection reset by peer]
<s1341>
ok. i have a derivation for https://github.com/I60R/page that I would like to try to upstream into nixpkgs...
jumper149 has joined #nixos
<s1341>
how do I decide where in the pkgs tree to put it?
<ToxicFrog>
samrose: what I get from that is that the activation scripts are what create /etc, and thus, nothing in them should rely on /etc being properly shaped, because they execute in unspecified order.
alexherbo2 has quit [Ping timeout: 250 seconds]
<immae>
ToxicFrog: actually activation scripts can be ordered, see activationScripts.<name>.deps :)
<immae>
in you case you wand to add "users" as dependency
<immae>
Ah, users and groups actually
karantan has joined #nixos
<s1341>
ok. I found a similar tool (vimpager) and I'm going to put it there..
f18d7dc7_ has quit [Remote host closed the connection]
blaggacao has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
bahamas has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
karantan has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
bahamas has quit [Ping timeout: 264 seconds]
captjakk_ has joined #nixos
blaggacao has quit [Ping timeout: 256 seconds]
alexherbo2 has joined #nixos
captjakk_ has quit [Remote host closed the connection]
veske has quit [Quit: This computer has gone to sleep]
veske2 has quit [Quit: This computer has gone to sleep]
cole-h has joined #nixos
blaggacao has joined #nixos
endformationage has joined #nixos
jb55 has joined #nixos
rail_ has joined #nixos
rail_ is now known as rail
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
bahamas has joined #nixos
o1lo01ol1o has quit [Ping timeout: 250 seconds]
alexherbo27 has joined #nixos
chloekek has quit [Quit: WeeChat 2.7]
alexherbo2 has quit [Ping timeout: 258 seconds]
alexherbo27 is now known as alexherbo2
<raboof>
if 'nix build -A package' fails to find the file to patch, but 'nix-shell -A package', 'unpackPhase; cd source; patchPhase' works, what am I doing wrong?
<clever>
raboof: and that is the script you would have to run, to reproduce the failure in nix-shell
blaggacao has joined #nixos
<s1341>
ottidmes: fixed
o1lo01ol1o has joined #nixos
absoluutely_ has joined #nixos
gila has quit [Ping timeout: 265 seconds]
gila has joined #nixos
jumper141 has joined #nixos
jumper141 has quit [Client Quit]
aveltras has joined #nixos
jdelStrother has joined #nixos
epl692 has quit [Ping timeout: 256 seconds]
<jdelStrother>
Heya
gila has quit [Ping timeout: 264 seconds]
blaggacao has quit [Read error: Connection reset by peer]
alexherbo2 has quit [Ping timeout: 250 seconds]
lordcirth__ has joined #nixos
<raboof>
clever: hmm, thanks, that gives me more to go on at least :)
Mateon2 has joined #nixos
<jdelStrother>
I'm struggling with bundlerEnv & mini_racer. Given a gemset containing just mini_racer & libv8 (https://gist.github.com/jdelStrother/ecbc5f8500ca3d079779f5b2a35852e3), building the mini_racer derivation fails, apparently because it can't compile the libv8 gem. However, if I change the gemset to only contain libv8, that derivation works fine
cartwright has quit [Remote host closed the connection]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
chloekek has joined #nixos
cartwright has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
shafox has joined #nixos
jjakob has joined #nixos
cosimone has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
<ottidmes>
s1341: some more feedback, replace stdenv for lib, since you are only using stdenv.lib from it, and in the meta attrset, you already use with stdenv.lib; so no need to have stenv.lib.licenses.mit, it can just be licenses.mit
epl692 has joined #nixos
<mudri>
How can I work out how to set `services.xserver.videoDrivers`? I have an AMD GPU (Radeon HD 6470M), and I don't know whether this is “recent” according to the manual (in which case it recommends defaults) or not (in which case it gives `ati_unfree` as an option).
malSet has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
absoluutely__ has joined #nixos
<ottidmes>
mudri: keeping it as the default, i.e. not setting it, let's it go through most of them, then you can see which one it takes
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<ottidmes>
I would always prefer the free ones, cause with ati_unfree you might be stuck on an old kernel
blaggacao has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
jakobrs has joined #nixos
<mudri>
ottidmes: I'm just wondering because having it not set works okay, but 3D graphics performance is not good.
bahamas has quit [Ping timeout: 264 seconds]
malSet has joined #nixos
<mudri>
(compared to Windows on the same machine)
malSet has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
<jakobrs>
Are there *really* old Nix builds anywhere? I mean, from 2006
absoluutely_ has quit [Ping timeout: 246 seconds]
<jakobrs>
Specifically after commit 4b9e7f95
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
zupo has joined #nixos
pjt_014 has quit [Remote host closed the connection]
jjakob has quit [Quit: No Ping reply in 180 seconds.]
<ottidmes>
mudri: I had the same, but I had to run modesetting to get it to work under free drivers and recent kernels, only with ati_unfree did I get decent performance, but it was an old kernel I did not want
jjakob has joined #nixos
<atemu12[m]>
jakobrs: Have you tried building Nix from an old Nixpkgs revision? Nixpkgs goes back quite some time
pjt_014 has joined #nixos
<jakobrs>
Oh, I didn't think about that
<jakobrs>
I'll try that
pjt_014 has quit [Remote host closed the connection]
pjt_014 has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has quit [Ping timeout: 256 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<yorick>
is there some sort of (nixos {}).override?
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
gila has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
<ottidmes>
yorick: how do you mean? the modules? there is disabledModules allowing you to overwrite NixOS modules
malSet has quit [Read error: Connection reset by peer]
blaggacao has quit [Read error: Connection reset by peer]
<yorick>
ottidmes: I have existing nixos configurations and I'd like to add modules tot them
<ottidmes>
yorick: your configuration is a module like any other, so just import it
absoluutely__ has quit [Ping timeout: 256 seconds]
<yorick>
ottidmes: I means, I have a package set with a bunch of `nixos { imports = [ ./asdf; ] }`, and I'd like to add something to it
malSet has joined #nixos
captjakk_ has quit [Remote host closed the connection]
malSet has quit [Read error: Connection reset by peer]
organixpear has joined #nixos
malSet has joined #nixos
<ottidmes>
yorick: ah, forgot about that existing, ehm, just a guess, but maybe: nixos { imports = [ ...additions... ]; config = origNixos.config; }
<yorick>
I'm not sure if nixos exposes the inputs
<yorick>
config is the full outputs
malSet has quit [Read error: Connection reset by peer]
<ottidmes>
yorick: or you could do some hijacking, pass to the package set a custom definition of nixos that adds what you want?
davidak has joined #nixos
{^_^} has quit [Remote host closed the connection]
<ottidmes>
you could even add your own override function to it, if you cannot be to invasive
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has quit [Ping timeout: 264 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
<jakobrs>
`nix-store --gc --delete` has been broken since at least 2012 (because the delete option conflicts with the delete operation),
<jakobrs>
And it's probably been broken since 2005
bahamas has joined #nixos
alexherbo275 has joined #nixos
<jakobrs>
So I don't think it's used in any scripts
mjrosenb has joined #nixos
<jakobrs>
Would it be safe to remove the delete option from --gc?
alexherbo27 has quit [Ping timeout: 256 seconds]
<jakobrs>
Moreover, --delete is never used inside of nixpgks (according to grep)
<ottidmes>
If that is really the case, rewording the manual to not have the option, while still saying basically the same thing, i.e. its default behavior is to delete, would be an improvement, but its not up to me
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<jakobrs>
I'll do that and make a pull request
<jakobrs>
And then we'll see what happens
<s1341>
ottidmes done.
wildtrees has joined #nixos
<jakobrs>
Oh, btw, NixOS/Nix#3343
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has quit [Read error: Connection reset by peer]
<cransom>
jdelStrother: i have a similar error for v8/rails that i haven't got a solution either. it all started when `therubyracer` was pulled because it's been abandoned upstream.
blaggacao has joined #nixos
blaggacao has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<jakobrs>
When editing the manual in xml, should I manually re-word-wrap the text?
blaggacao has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
blaggacao has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
tobiasBora has joined #nixos
<tobiasBora>
Hello,
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
<ottidmes>
yorick: if it is specific to a nixpkgs set: self: super: { nixos = cfg: super.nixos ((if builtins.isList cfg then cfg else [ cfg ]) ++ [ ./my-module.nix ]); }
malSet has quit [Read error: Connection reset by peer]
<ottidmes>
s1341: It should be a list of maintainers: maintainers = [ maintainers.s1341 ]; and maybe update your title to match your commit, i.e. drop the v from the version
captjakk has quit [Remote host closed the connection]
captjakk has joined #nixos
horek has joined #nixos
LysergicDreams has quit [Ping timeout: 264 seconds]
reallymemorable has quit [Quit: reallymemorable]
ben_ is now known as ben
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
lovesegfault has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
gila has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
CptCaptain has quit [Quit: WeeChat 2.7.1]
captjakk has quit [Ping timeout: 264 seconds]
agander_m has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<ottidmes>
s1341: Good job, it is looking great now!
LysergicDreams has joined #nixos
<s1341>
@ottidmes: thanks for your help!!!
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<fendor>
after a year I am still not sure, what is the difference between `nix-store`, `nix-build`, etc.. and `nix-command` which seemingly can do all of their functionality?
opthomasprime has joined #nixos
opthomasprime has left #nixos [#nixos]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<ottidmes>
I think the plan was to allow redoing the API while not having to be backwards compatible, but it seems like they froze that idea pretty early on and went on to focus on flakes, which I assume will have yet a different API
malSet has joined #nixos
absoluutely__ has joined #nixos
<ottidmes>
I mean, `nix` (the 2.0 command) hasn't seen any big changes since its release that I am aware, still no manpages, not feature complete with the 1.0 commands, etc.
<ottidmes>
The only nix commands I use are, nix repl, nix why-depends, and nix eval --raw, other than that I just stick with the oldies
malSet has quit [Read error: Connection reset by peer]
absoluutely__ has quit [Remote host closed the connection]
absoluutely__ has joined #nixos
jakobrs has quit [Quit: WeeChat 2.7.1]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
zupo has joined #nixos
malSet has quit [Read error: Connection reset by peer]
captjakk has joined #nixos
absoluutely__ has quit [Remote host closed the connection]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
ottidmes has quit [Quit: WeeChat 2.7.1]
captjakk has quit [Ping timeout: 256 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
<bqv[m]>
What about nix-shell, how do you do that otherwise
<bqv[m]>
But yes the state of documentation is horrible, I just rely on my bash history mostly
LysergicDreams has quit [Ping timeout: 246 seconds]
eoli3n__ has joined #nixos
relaxmax has quit [Ping timeout: 264 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
jdelStrother has quit [Ping timeout: 240 seconds]
absoluutely_ has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
ris has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
o1lo01ol1o has quit [Remote host closed the connection]
ottidmes has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
Intensity has joined #nixos
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
bvdw has quit [Read error: Connection reset by peer]
energizer` has joined #nixos
wolke has joined #nixos
bvdw has joined #nixos
absoluutely_ has quit [Ping timeout: 246 seconds]
zeta_0 has joined #nixos
absoluutely__ has quit [Remote host closed the connection]
<energizer`>
when someone requests a project to be packaged into nixpkgs, is there a workflow that results in the project eventually being packaged? or do projects get packaged only if, by coincidence, somebody decides to package it (regardless of it being requested)?
<simpson>
A model of stochastic contribution~ I like it.
o1lo01ol1o has quit [Ping timeout: 250 seconds]
absoluutely_ has joined #nixos
<simpson>
There's no workflow that I know of where people intentionally take requested package issues and fulfill them. Perhaps some folks do that, though.
<Yaniel>
the workflow to get something packaged for sure is to do it yourself
lorimer has quit [Read error: Connection reset by peer]
karantan has joined #nixos
<xfix>
out of curiosity, what do you want to have packaged?
<xfix>
if there is something like that
karantan has quit [Client Quit]
shibboleth has joined #nixos
shibboleth has quit [Client Quit]
shibboleth has joined #nixos
<energizer`>
i want to use another project that isn't packaged almost daily
LysergicDreams has joined #nixos
<Yaniel>
which is...?
<lordcirth__>
If you want packages to do updated more regularly, help review PRs. There are so many
<energizer`>
i mean a different one every day
<Yaniel>
oh
<Yaniel>
well, for most things the packaging process should be fairly straightforward
shibboleth has quit [Remote host closed the connection]
shafox has quit [Remote host closed the connection]
shibboleth has joined #nixos
chimay has quit [Ping timeout: 250 seconds]
karantan has joined #nixos
karantan has quit [Client Quit]
karantan has joined #nixos
shibboleth has quit [Max SendQ exceeded]
<tobiasBora>
Hello,
absoluutely_ has quit [Ping timeout: 246 seconds]
<tobiasBora>
I just installed zoom-us, but I have an error sh: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.27' not found (required by /nix/store/mzyjzbck2a9q4wq5q34pyc88v52gpaab-v4l-utils-1.16.7/lib/libv4l2.so.0)
<cole-h>
What kind of arguments are you talking about?
<lovesegfault>
energizer`: if you have bound ..., like {...}@args: { callPackage ./mypkg { args }
<cole-h>
Does `callPackage ./mypkg {}` not work for you?
<lovesegfault>
this assumes the pkg itself has a {foo,bar,...} to be able to handle all the unnecessary inputs being passed
kleisli has quit [Ping timeout: 250 seconds]
<energizer`>
pkgs.mkShell { buildInputs = pkgs.callPackage foo { automatically pass all the arguments from the signature of foo } ; }
o1lo01ol1o has joined #nixos
orivej has quit [Read error: Connection reset by peer]
orivej has joined #nixos
<energizer`>
cole-h: nope. `pkgs.callPackage ./default.nix { };` trying to call a default.nix that begins with `{lib , buildPythonPackage , fetchPypi , python , PyGithub , GitPython , toml , click , tqdm , paramiko}:` and i get `error: cannot auto-call a function that has an argument without a default value ('lib')`
<cole-h>
`{ inherit (pkgs) lib }`?
reallymemorable has joined #nixos
karantan has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<energizer`>
same result
okaman has joined #nixos
<ottidmes>
energizer`: what is pkgs in your case? Cause lib sure is in any Nixpkgs as such and should work like you just shown
aveltras has quit [Quit: Connection closed for inactivity]
eoli3n__ has quit [Ping timeout: 250 seconds]
<NobbZ[m]>
Why that huge inherit list? An empty attrset should totally suffice...
<energizer`>
NobbZ[m]: `error: cannot auto-call a function that has an argument without a default value ('lib')`
captjakk has joined #nixos
<energizer`>
it would be nice if repl.it had a nix runner so i could demonstrate there
<NobbZ[m]>
But don't you need to `callPackage (import ./.) {};`?
<okaman>
Is anyone able to receive phone calls using `zoom-us`? I get a message that the phone service is unavailable. Could be a zoom service error but not sure where to start.
phreedom has quit [Remote host closed the connection]
<ottidmes>
energizer`: try calling nix-shell with the explicit file you mean it to use
phreedom has joined #nixos
<ottidmes>
energizer`: I am pretty sure it should not give you this error for callPackage, but rather for nix-instantiate/nix-build/nix-shell
akegalj has quit [Quit: leaving]
<ottidmes>
energizer`: nix-build --no-out-link --expr '{ lib, runCommand }: runCommand "lib-version" { } "echo ${lib.version} > $out"' would give your error for example
captjakk has quit [Ping timeout: 250 seconds]
domogled has quit [Quit: domogled]
oida has joined #nixos
<energizer`>
ottidmes: nix-shell shell.nix gives a better error message that explains the actual problem, i was missing the `fetchPypi` argument in my arglist
kleisli has joined #nixos
drakonis has joined #nixos
<energizer`>
aside from the debuggability issue, this is a little verbose. i have to list the deps in buildInputs, and in the arguments to the expression, and at the callsite
<cole-h>
thequux[m]: Cool, was just wondering. I might use that when I switch to NixOS. Or I might try ufw. Firewalld is too hands-on for me though (but I don't want to change anything right now and am thus stuck)
zupo has joined #nixos
puck has quit [Remote host closed the connection]
puck has joined #nixos
chagra has joined #nixos
<ottidmes>
cole-h: I am configuring my custom router, that came in today, with NixOS, I am planning on just using iptables and networking.firewall, any tips?
<thequux[m]>
If you do, let me know how it works out. I've been using this module for roughly the last hour and it's a lot nicer to work with than my earlier hand-written nftables zone-based firewall
<cole-h>
thequux[m]: I should disclaim: I'm not planning on switching to NixOS just yet :P
turion has joined #nixos
<cole-h>
ottidmes: Better off asking thequux[m] ^
<thequux[m]>
ottidmes: Do you already have in-depth knowledge of iptables? If not, I recommend using nftables instead. It's much nicer to configure and *way* faster
<turion>
I get this all the time on my hand-crafted default.nix:
<turion>
But how do I know what it evaluates to?
<turion>
error: expression does not evaluate to a derivation (or a set or list of those)
<turion>
$ nix-build
<cole-h>
It would help if you could post your default.nix as well
<ottidmes>
thequux[m]: I had almost none, now I do a bit after looking into them
puck has quit [Excess Flood]
<turion>
cole-h: I'm sure there is some simple mistake, will post in a sec. But I'm also interested in learning how I could have found that error myself
<thequux[m]>
@otAnd is this your first time building a linux router?
lorimer has joined #nixos
puck has joined #nixos
<thequux[m]>
* ottidmes: And is this your first time building a linux router?
<turion>
Can I somehow inspect the value it produces?
<turion>
I tried builtins.trace, it doesn't get called or doesn't output anything for whatever reason
<ottidmes>
thequux[m]: Yep, first time, I did setup my server to be the DHCP and DNS server some time ago, which worked, except that I tried to keep my ISP router running as well, which caused too many conflicts, so I stopped using it, but now with a dedicated machine for the purpose, I can do that stuff on NixOS
<NobbZ[m]>
turion: you can use `nix repl` to introspect
<thequux[m]>
turion: `nix eval '(import ./default.nix)'` is what I usually use, though doing it in `nix repl` may be easier to poke at the result
xkapastel has quit [Quit: Connection closed for inactivity]
<colemickens>
No.
<turion>
It didn't let me finish my line in a sense
<ottidmes>
turion: When trying to inspect I tend to run into problems like it being a function, and then it becomes annoying, so I just make sure that I am actually returning a derivation, i.e. calling mkDerivation or one of the wrapper of that runCommand / or one of the language specific builders
<ottidmes>
thequux[m]: I did too :)
<turion>
Arrrgh I've given one argument too few to callCabal2nix
<ottidmes>
if it was not for some stupid mistake in my configuration that builds a Linux PBA for sedutil encryption, causing my unlocker to fail on boot... (easy to fix, but unrelated to configuring the router, so pretty annoying that I now have to work on that)
lucus16 has joined #nixos
<lucus16>
pkgsStatic.stdenv is not static D:
justanotheruser has quit [Ping timeout: 250 seconds]
<thequux[m]>
ottidmes: There's a certain amount of black magic involved in building a firewall, and I'm not sure where I can point you for suggestions on getting started.
<thequux[m]>
I'm a big fan of the zone-based approach, though ith the traditional way of defining them, they're a lot more work, but they force you to think about what traffic should be allowed to flow between each network. With my module, for each rule, I can define which zones it should apply to, and that makes it much easier to manage
<ottidmes>
thequux[m]: and zones are like subnetworks? I plan to have sub LANs as you can see in my config, so that sure sounds interesting
<thequux[m]>
So, for example, I can say "The lan and my various VPNs can send data out to the WAN. The management network is not allowed to touch anything else. The federated network I'm part of is to be treated like the WAN."
chagra has quit [Ping timeout: 250 seconds]
<thequux[m]>
In general, zones can group subnets or interfaces
<thequux[m]>
In the future, my module will be able to do either, but for now, I've only got partitioning by interfaces defined.
<ottidmes>
So it is higher level that regular iptables, I could get the same result with iptables, but it would be less clear from the low levels calls
<thequux[m]>
Very much so
* niso
thought nftables superset iptables
chagra has joined #nixos
<ottidmes>
Definitely going to look into them then :D but I guess for my first build I will be using mostly the vanilla NixOS firewall with some few extra iptables rules, just to get the basics setup
<thequux[m]>
Actually, perhaps a better way of looking at it is that it's a well-known and understood structure for a firewall. You can build a zone-based firewall using iptables or nftables directly, but having atool to help you can drastically reduce the amount you need to write
<thequux[m]>
niso: yeah, nftables can do a struct superset of what iptables can do
<ottidmes>
And understandability and the likelihood of making a slight mistake with big consequences, I guess
<thequux[m]>
The structure in general gives you most of those benefits
<thequux[m]>
That said, as I was writing the module, I discovered a slight misconfiguration in my old firewall that left my router wide open to the WAN, so take that with a grain of salt
jojojojojo has quit [Remote host closed the connection]
jojojojojo has joined #nixos
chagra has quit [Ping timeout: 240 seconds]
chagra has joined #nixos
nDuff has quit [Read error: Connection reset by peer]
okaman has quit [Remote host closed the connection]
<turion>
Does anyone have experience with nix CI on gitlab.com?
<ottidmes>
thequux[m]: your old firewall was also with zones? and how do you test that situation (I really love to not be wide open to the WAN by accident)
<thequux[m]>
So, my big fuckup was that I had `policy accept`. Don't do that :-D
<thequux[m]>
But in general, the only way to do it is to have some service running that shouldn't be accepted (netcat works fine) and to try to connect to it from various places
<pistache>
ottidmes: a good tool to help test the FW is to add LOG rules, and to check rule counters
garbas has quit [Quit: WeeChat 2.7.1]
<ottidmes>
thequux[m]: makes sense, maybe I should test that while keeping the rest of the network, to just see my test case for it working or not
garbas has joined #nixos
<ottidmes>
pistache: thanks, I will look into that :)
<pistache>
also, if you can make your firewall stateless, it makes it simpler to understand its behaviour, although it will make the rules more verbose
<thequux[m]>
At some point I want to find a way to virtualize enough of nftables to be able to throw test packets at a virtual host and validate what happens
captjakk has joined #nixos
<pistache>
it may also not be really possible to make your firewall *entirely* stateless, it depends
<thequux[m]>
I actually have a plan in mind for how to do what I'm looking for: spawn a network namespace that doesn't share the host, create a bunch of veth pairs in it, then move half of them into another namespace. Run scapy in both, and send a bunch of packets from the controller namespace, and make sure they show up in the right place in the target namespace.
<drakonis>
a good start.
<thequux[m]>
(or pop out of the target namespace in the right place, as the case may be)
<garbas>
drakonis: sorry my pasting currently doesnt work on my weechat (or screen or mosh)
<drakonis>
dont worry about it.
Makaveli7 has quit [Quit: WeeChat 2.7.1]
enteee has joined #nixos
chloekek has quit [Ping timeout: 256 seconds]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
garbas has quit [Quit: WeeChat 2.7.1]
growpotkin has joined #nixos
<infinisil>
How about changing environment.systemPackages to an attribute set
<infinisil>
E.g. `environment.systemPackages.ripgrep = pkgs.ripgrep`
<infinisil>
Then you could remove packages again that are set elsewhere
<infinisil>
And you could also get an error if you assign the same key multiple times
<infinisil>
(aka you have multiple versions of the same package)
<infinisil>
(it wouldn't be called systemPackages though, for backwards compat)
<immae>
right
<immae>
(I’m all for it as far as I am concerned :p )
<cole-h>
environment.packageAttrs?
gustavderdrache has quit [Quit: Leaving.]
<cole-h>
environment.systemPackageAttrs?
jgeerds has joined #nixos
<infinisil>
Maybe something like that
<infinisil>
Or just `environment.pkgs` or `environment.packages`
<cole-h>
`environment.packages`++
<cole-h>
Not that it matters, but it brings it (somewhat) nicely in line with `home.packages` from hm
cosimone has quit [Remote host closed the connection]
<cole-h>
(except home.packages is still a list x) )
<infinisil>
Hm yeah
<gchristensen>
infinisil: and allows for removing packages (foo = null)
cosimone has joined #nixos
<infinisil>
(yeah, mentioned that already :))
<gchristensen>
oh
<clever>
gchristensen: what about order though?
<clever>
gchristensen: what if i want foo to come before bar?
<gchristensen>
why would you?
<clever>
foo defines a shell script that overwrites a binary in bar
<infinisil>
I don't think the order of systemPackages has any meaning
<clever>
and buildEnv should prefer one over the other
<gchristensen>
hrm
<infinisil>
You need to use lib.hiPrio/lowPrio for that
<clever>
infinisil: buildEnv already does priority based on order, and warns on collision
<infinisil>
Well then let's deprecate order-based priority, people should use {hi,low}Prio instead
<infinisil>
:P
<cole-h>
:D
<clever>
yeah, i can see that being a valid solution
garbas has joined #nixos
<infinisil>
But really, the order of elements in list options really is rather insignificant
<infinisil>
Or should be
<infinisil>
Because if you do e.g. `imports = [ ./foo ./bar ]` or `imports = [ ./bar ./foo ]`, this changes the order of all list options defined in both
<clever>
yeah
<infinisil>
Which arguably shouldn't happen
<infinisil>
Really, I'm thinking about straight up deprecating types.listOf
<infinisil>
Because of the "can't override that" problem and the "order matters" problem
<infinisil>
Won't happen probably, but I'm just looking at what current uses of listOf could be changed to
chiefgoat has left #nixos ["Leaving"]
philr has joined #nixos
captjakk has joined #nixos
<cole-h>
Overriding lists is pretty annoying
zeta_0 has quit [Quit: rebooting]
<infinisil>
Maybe at least `listOf str`s could be transparently changed to `attrsOf bool`
<atemu12[m]>
infinisil: Maybe, instead of outright replacing systemPakages with an attrset, how about converting it to one in the backend?
<infinisil>
gchristensen: It remember it potentially being useful for a bunch of things
cosimone has quit [Quit: Terminated!]
<gchristensen>
yeah.... but a bit unsafe to use it for anything
<evanjs>
wait... "Successfully evaluated my system configs with the _module change". But emacs wont work now... unless I misconfigured something
<infinisil>
pkgs.hello.__attrPath would give [ "hello" ], but it won't be a guarantee that `getAttrByPath pkgs.hello.__attrPath == pkgs.hello`
<gchristensen>
what use cases do you think it would be good for?
<infinisil>
evanjs: Works for me! _module was only removed from outside the module system, within it there's no problem with it
<evanjs>
What the--hrmmmm
<evanjs>
wonder if it's related to me referencing my nixosConfig from within the emacs module
nckx has quit [Ping timeout: 264 seconds]
nckx has joined #nixos
<infinisil>
gchristensen: Ohhh, I just looked up why I originally implemented it, and the reason was rfcs#33, where I wanted deprecation warnings to automatically be able to show what attribute it's talking about
<gchristensen>
btw I'm almost done getting {^_^} back up -- I'm sorry for the delay
<cole-h>
You should be >:( I've missed my `> fortune`s
<infinisil>
Currently people need to manually make sure that the attribute name is referenced in the warning, otherwise people have no idea where it comes from (seen that mistake a couple times in PRs)
<cole-h>
(jkjk)
<gchristensen>
cole-h: careful, your karma might suffer :P
<cole-h>
👀
<cole-h>
Uhh... I mean... take your time!
<gchristensen>
(IRL, not {^_^} karma)
Naptra has quit [Remote host closed the connection]
<cole-h>
Oh, pfft, who cares then.
<infinisil>
Hm I might go ahead and make a PR for the __attrPath thing
<monokrome>
,locate curl-config
* monokrome
did it wrong?
<cole-h>
Ever since I started using Nix, my contributions have skyrocketed. It makes it so much easier to set up temporary environments that Just Work™ and don't need to do much fiddling around
<infinisil>
monokrome: (bot's taking a break)
<evanjs>
infinisil: .... okay I have no idea what just happened, but um... yeah. same. works for me, now :D
<monokrome>
o >.<
<cole-h>
monokrome: Bot's dead. You can find that in `curl` and `curlFull`
<monokrome>
it isn't in either
<cole-h>
The dev output, sorry
<monokrome>
I have it installed
<cole-h>
`curl.dev` and `curlFull.dev`
<monokrome>
oooh ok
<monokrome>
thanks!
<cole-h>
:)
<monokrome>
=^.^= appreciate it
relaxmax has quit [Quit: Leaving]
<NobbZ[m]>
I really love `nix run`, why isn't this a thing in other distros?
{^_^} has joined #nixos
<Yaniel>
what's it do?
<infinisil>
Because it's probably impossible to implement if you don't have something like Nix :)
<infinisil>
Or ugly
<gchristensen>
,botsnack
<{^_^}>
Oh thanks, have a cookie yourself
<NobbZ[m]>
Arch's pacman and also Gentoos emerge should be able to do something similar… Not as isolated, but the "install and remove on next GC" should be possible
<energizer`>
`run foo` is a strange name for "create a shell containing foo"
<cole-h>
> fortune
Jackneill has quit [Ping timeout: 250 seconds]
<{^_^}>
"You're currently going through a difficult transition period called Life."
<NobbZ[m]>
Both allow to install packages "as dependency"
<cole-h>
🎉 gchristensen
<gchristensen>
woof that fortune is a bit tooooooooo on the nose, {^_^}
<cole-h>
When building a package with GNUmake, is there a special place to put `PREFIX=` so it gets recognized by both `buildPhase` and `installPhase`?
<cole-h>
`makeFlags = [ "PREFIX=$out" ];` didn't appear to do it
<multun>
{^_^} gone emo
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
<infinisil>
cole-h: configureFlags possibly
* cole-h
tries
<cole-h>
Nope x)
<infinisil>
Try just a derivation attribute directly
<infinisil>
(-> env var)
<cole-h>
That didn't work either :(
<cole-h>
`PREFIX = "$out";`
<cole-h>
I could just put it in postPatch. That seems to work.
<infinisil>
Does it not get passed or is $out wrong?
<cole-h>
`export PREFIX="$out"`
<cole-h>
It doesn't get passed
<cole-h>
Or doesn't appear to
<infinisil>
How about `PREFIX = placeholder "out"`
<infinisil>
(or try that with configurePhase too)
<infinisil>
configureFlags
<cole-h>
Yep that does it. I'll put it in configureFlags and see if that works too
<infinisil>
It's a real gamble sometimes about whether $out gets substituted or not, placeholder is a bit more safe :2
<cole-h>
configureFlags = no bueno.
blaggacao has quit [Read error: Connection reset by peer]
<witchof0x20>
Any recommendations on how to benefit from https://github.com/NixOS/nixpkgs/pull/80680 ? I'm currently running my system on 19.09, with some packages selected from nixpkgs-unstable. I tried just using `nixpkgs_unstable.nixops` but that has the same issue
malSet has quit [Read error: Connection reset by peer]
captjakk_ has quit [Remote host closed the connection]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
fendor has quit [Read error: Connection reset by peer]
m1cr0m4n has quit [Ping timeout: 268 seconds]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
malSet has joined #nixos
malSet has quit [Read error: Connection reset by peer]
lovesegfault has quit [Quit: WeeChat 2.7.1]
o1lo01ol1o has quit [Remote host closed the connection]
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Ping timeout: 250 seconds]
mrCyborg has joined #nixos
zeta_0 has joined #nixos
mrCyborg has quit [Ping timeout: 246 seconds]
zeta_0 has left #nixos ["rcirc on GNU Emacs 26.3"]
cyraxjoe has quit [Ping timeout: 246 seconds]
MightyJoe has joined #nixos
o1lo01ol1o has joined #nixos
jgeerds has quit [Ping timeout: 264 seconds]
alexherbo2758 has joined #nixos
captn3m0 has quit [Ping timeout: 256 seconds]
alexherbo275 has quit [Ping timeout: 250 seconds]
captn3m0 has joined #nixos
<mudri>
Hi. To cut a long story short, I decided to make the following changes to the nixos-unstable branch of nixpkgs so as to test out Agda 2.6.1. But when I install it (via `ghcWithPackages`, as I did before), it's noticeably slow and memory-hungry (compared to the previous version). Any idea what could be happening? https://www.irccloud.com/pastebin/mcK25epx/
<mudri>
When I say “previous version”, I mean Agda 2.6.0.1, compiled on the standard Hydra maybe a week or two ago.
<infinisil>
mudri: Well the only thing that changed is the version, so that's gotta be it
maddo has quit [Quit: See ya]
<mudri>
And I'm pretty sure it's not a regression in Agda. I've checked with users on other distros.
<infinisil>
Hmm
<mudri>
infinisil: Maybe also the default GHC settings or something since last week?
<infinisil>
Maybe it's a combination of a change in Agda and Nix (so non-nix users aren't getting it)
alexherbo2758 has quit [Ping timeout: 264 seconds]
anon35565[m] has left #nixos ["User left"]
<infinisil>
mudri: Oh, I'd try to build the version just before the change you made
<mudri>
infinisil: I'd love to, but it doesn't build any more.
<infinisil>
Can you fix it?
gila has quit [Ping timeout: 240 seconds]
<mudri>
hackage-packages.nix has moved on, and it no longer has the right dependencies for 2.6.0.1. Maybe I could chase them down, though.
<mudri>
Oh, and just to make sure I'm not going completely mad, there should be no difference between compiling here and compiling on Hydra, right?