<Ashy>
read through both of those before trying this but then you can do: sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos && sudo nix-channel --update && sudo nixos-rebuild --update switch
<Ashy>
also, resolve to buy intel and amd gpus only from now on :/, i do for my personal machines but these 2 laptops are work laptops
bkv has joined #nixos
rogue_koder_ has quit [Ping timeout: 256 seconds]
rogue_koder_ has joined #nixos
<miscellaneousbus>
Ashy true. i cant really swap out this dedicated gpu in my laptop tho (atleast not easily)
bqu2 has quit [Read error: Connection reset by peer]
bqu has joined #nixos
captjakk has joined #nixos
<miscellaneousbus>
well i upgraded, the laptop screen graphics are fine. nvidia modules are loaded. I get "nvidia-modeset: WARNGING GPU:0 Unable to read EDID for ... (HDMI-0)". and also firefox graphics are laggy
<miscellaneousbus>
(HDMI-0 for external monitor)
<energizer>
what is the difference between nixpkgs and pkgs?
is_null has quit [Ping timeout: 265 seconds]
<energizer>
or, what is the difference between nixpkgs and nixpkgs.pkgs?
<energizer>
i'm inferring from the silence that the `config` parameter doesn't have defenders
<Ashy>
miscellaneousbus: no just [ "nvidia" ] in my config
<cole-h>
Or people don't know (like me)
<gchristensen>
who says it needs defending
reallymemorable has quit [Quit: reallymemorable]
<energizer>
gchristensen: not sure!
<energizer>
i'm curious why modules don't take their own config and instead take the whole world's config
sigmundv_ has quit [Ping timeout: 256 seconds]
<simpson>
energizer: What's the alternative? The idea is to allow testing whether some configuration has been already set, I think. Taking everybody's configuration all at once, but lazily, is the Nix way; I don't know if it's good, but it's certainly Nixy.
niso has quit [Ping timeout: 256 seconds]
<peelz>
energizer: it allows you to refer to the final result of a module (with all the imports being merged into it)
<energizer>
peelz: `(pkgs.foo {some_argument=5})` is the final result of that module, no?
<gchristensen>
energizer: (though fwiw its NixOS modules :))
<energizer>
gchristensen: alright
<gchristensen>
nixpkgs doesn't have modules, and pkgs.foo is a nixpkgs package, not a module
<peelz>
^
<energizer>
simpson: the alternative is like the old saying "have you considered calling a function with arguments"
<gchristensen>
I'm actually not sure what you're asking about
<energizer>
lemme find an example
<jjwatt[m]>
yeah, I was wondering what was meant my "modules," too
<simpson>
energizer: Sure. But, like, in Nix, there's a common idiom `self: super:` which turns functions into objects via closure over some attrset. This is like that, but for modules and the whole system configuration.
<peelz>
energizer: I like using this pattern for specifying kernel modules: `boot.extraModulePackages = with config.boot.kernelPackages; [ some-kernel-module ];`
<simpson>
Like you say, the module already knows itself. So it just needs to be passed in the super-module, which is exactly the configuration that all of the modules are contributing to.
<gchristensen>
oh no so many different concepts in one thread hehe
<MichaelRaskin>
That might reflect the structure of module system, though
<gchristensen>
okay, so this config is a nixos module's config, and it represents the final configuration of the system
<simpson>
energizer: Yes. config != options
<gchristensen>
the nixos module system uses a fixed point to merge the various modules together and allow inter-dependence
<energizer>
essentially my question is: what is config.services.home-assistant.lovelaceConfig, and why doesn't the function take lovelaceConfig instead of config?
<jjwatt[m]>
in that example, it does use `config` beyond config.services.home-assistant
bqu has quit [Read error: Connection reset by peer]
rogue_koder_ has joined #nixos
<energizer>
in nixpkgs, if i want to pass data to a function, i pass it directly, but here the module is pulling its own data out of a big object (config.services) instead of simply taking that data directly like a nixpkgs function would. right?
<energizer>
(still trying to wrap my head around what's going on here :-))
<gchristensen>
nixpkgs' package set also uses a large fixed point, but a bit differently I suppose
cybrian has joined #nixos
<gchristensen>
the module system creates, basically, an enormous AST which is then evaluated and reduced in to a system config
<{^_^}>
[nixpkgs] @cdepillabout pushed 2 commits to haskell-updates: https://git.io/JvxbA
<simpson>
energizer: Informally, because we want the modules to accumulate a combined configuration; we don't just want a bunch of packages, but a bunch of glued-together data.
<evils>
cole-h: `dontStrip = true;`
GrimSleepless has quit [Quit: WeeChat 2.7.1]
<cole-h>
That easy, huh
<cole-h>
/facepalm
<simpson>
cole-h: Oh, don't worry, it'll get more fun if your goal is to actually do something like invoke gdb. In that case you'll need to locate the debug info. I think that it's in the manual.
bkv has joined #nixos
<evils>
simpson: you're thinking of `separateDebugInfo`, if you simply don't strip, you can use the binaries with gdb
<energizer>
iow, it seems complicated to have interdependencies instead of a dag, for all the same reasons it's complicated in OOP. does nixos configuration really need to be that way? which modules mutually depend on each other?
Izorkin has quit [Read error: Connection reset by peer]
<cole-h>
evils++
<{^_^}>
evils's karma got increased to 4
Izorkin has joined #nixos
<{^_^}>
[nixpkgs] @veprbl pushed commit from @mikesperber to release-20.03 « bazel_0_26: fix linker flags for darwin (#84614) »: https://git.io/JvxNT
<cole-h>
In my ~/.config/nixpkgs/overlays directory, is the order random, or is there some method in determining which overlay comes first?
<jared-w>
energizer: It means you can write a module without caring about the existence of any other module. Want to write a module that turns on another module? Sure. Want that module to turn on another module? Why not? It allows you to always locally reason about the state of the system that the module interacts with.
<jared-w>
In... theory :p
edeast has joined #nixos
<gchristensen>
I think the module system uses that fairly extensively
peelz has quit [Remote host closed the connection]
peelz has joined #nixos
<jjwatt[m]>
I'm new to nix, too, but as I understand it you're not really passing in a "big object," either. You're passing a ref to the spine of a possibly unrealized environment. It's still functional and lazy! Again, as far as I understand so far, anyway. guix even has "the store monad." You're essentially saying, "I'm going to make these changes" and the machinary makes sure it all adds up and then "does" it, where doing is
<jjwatt[m]>
basically creating a bunch of files and putting them in the right place with extra doing like updating links and stuff (hey, that does seem monadic).
iqubic` has quit [Remote host closed the connection]
morgrimm has quit [Ping timeout: 265 seconds]
iqubic has joined #nixos
edeast has quit [Remote host closed the connection]
is_null has joined #nixos
<cole-h>
I don't know if I should be happy or sad that there are no more PRs failing CI that I haven't already reviewed...
<contrun[m]>
I have a string `s = "outer.inner"`. When I evaluate `{ ${s} = "value"; }`, I got `{ "outer.inner" = "value"; }`. What I want is `{ outer = { inner = "value"; }; }`. How do I do that?
<energizer>
i'd guess you're supposed to split the string
reallymemorable has quit [Quit: reallymemorable]
<contrun[m]>
energizer: There isn't any builtin way to that?
<jlv>
Is there an easy way to add a script (like a `pkgs.writeScript` script) to your bin path?
<blibberblob>
anyone here have an ergodox ez? I can't figure out how to get their ROM flasher tool Wally to build with nix and I don't know much about patching ELFs. Has anyone gotten this to work? Or is there any good alternative which does have a nix derivation?
<{^_^}>
[nixpkgs] @veprbl pushed commit from @lovesegfault to release-20.03 « linuxPackages.nvidia_x11: 440.64 -> 440.82 »: https://git.io/JvxxH
revtintin has joined #nixos
<cole-h>
jlv: I think `pkgs.writeScriptBin` might do what you want
<jjwatt[m]>
blibberblob: I have an ergodox infinity. (and plancks and XD75 and some keypads, etc). I set up flashers on my other computer, but ended up building them. I use qmk. The biggest problem I ran into was getting things working right with udev, permissions, etc, but that's cus I was{,am} a NixOS noob. Similar story for flashing my stm32 dev boards. For those, I did mess with binaries sometimes, mostly for certain tools, but in
wavirc22_ has quit [Read error: Connection reset by peer]
<jjwatt[m]>
That has worked for me for several packages like TIC-80, pico8 and an all-in-one emacs+common lisp deal I was just playing around with. I never made them into proper packages, though. Just followed the "manual" route each time. cole-h's suggestion is probably better if you can get it to do it automatically, but then you'll probably need to learn about packaging, too, which is why I skipped it at first.
chagra_ has joined #nixos
wavirc22 has joined #nixos
<blibberblob>
jjwatt[m]: well I'm no expert myself :P currently trying to hack around with patchelf... but getting udev & permissions working sounds like another pain haha
<jjwatt[m]>
bibberblob: hah! well, it's long and messy, but it might save you some pain--my (mis)adventures with getting some arm embedded stuff going (a lot of udev, but it was simpler than it seemed): https://gist.github.com/jjwatt/18c9d05b83e18a691243dd434d96eebb
chagra has quit [Ping timeout: 265 seconds]
<jjwatt[m]>
that was over a month ago now, so I was even more a noob then, but the part about adding the packages to the NixOS system was a key takeaway and I think it's what let me get cookin' on that front
<jjwatt[m]>
and, if by any chance you decide to try to flash with something besides their bin flasher (or flash qmk :)), qmk usually uses dfu-programmer, avrdude or teensy-loader: all of which are in nixpkgs! And, I'm betting one of those can flash your ergodox, considering it's likely very similar hardware and/or the exact same microproc as my ergodoxes (ergodoxen? ;))
<blibberblob>
hmm, well I got the binary to run by doing a bunch of patchelf wizardry... but it crashes as soon as I try to open a file, complaining about "No GSettings schemas are installed on the system"
<jjwatt[m]>
those are the ones I use on my other computer to flash my keyboard gear. I'd switch over to it and and give your more info, but it's down right now. Hit me up tomorrow if you're around and I can probably help
revtintin has joined #nixos
bqu2 has joined #nixos
<jjwatt[m]>
blibberblob: sounds like GTK/GNOME deps. Like, you probably got all the dynamic libs linked in, but there's some other non-compiled dependency. Don't know where GSettings schemas are, but you could probably buy the farm and install like nixpkgs.gnome3 and hope
<oranginal>
I've been doing a few nix-reviews and noticed that some of these take a while to load and are running compilers. Why do these build code?
mexisme has quit [Ping timeout: 260 seconds]
emilsp has joined #nixos
<cole-h>
Because they haven't been cached, so of course they have to be built from scratch.
<cole-h>
Packages only get cached (built by hydra) when they exist in nixpkgs. If it's a PR, it doesn't exist in nixpkgs yet, and therefore cannot be cached.
<oranginal>
But don't many of these packages come from .deb files? Aren't those bins?
revtintin has quit [Ping timeout: 264 seconds]
<evils>
building from source is preferred if possible, even if they are binaries, if it's a library for example, anything that depends on it, will also get rebuilt
emilsp has quit [Read error: Connection reset by peer]
revtintin has joined #nixos
<oranginal>
But what makes rebuilding prefered to just testing with a bin?
<evils>
not sure, i think it's because then we know who built it, and we can check if it's reproducible
<symphorien>
Some libs are patched to adapt the specificities of nixos. For example the default location of ssl certs for openssl.
<symphorien>
If you just fetch a binary with openssl statically linked, it won't find ssl certs
<symphorien>
For example
<oranginal>
Okay. That makes more sense, then.
Acou_Bass has quit [Read error: Connection reset by peer]
Acou_Bass has joined #nixos
jbrock has quit [Read error: Connection reset by peer]
<{^_^}>
[nix] @domenkozar pushed to master « Attach pos to if expression errors »: https://git.io/Jvpfi
thibm has joined #nixos
chloekek has joined #nixos
<{^_^}>
[nixpkgs] @euank opened pull request #84783 → nixos/k3s: add initial k3s service → https://git.io/Jvpfb
<sephii>
(trying again a previous question) I have 2 channels configured on my system: nixos (points to nixos-19.09) and unstable (points to nixos-unstable, used only for specific packages). Now when I installed packages in a non-declarative way (eg. `$ nix-env -i foobar`), it seems to automatically pick up the unstable one (I guess because it has a more recent version). Is there a way to not use unstable by default?
<{^_^}>
nix#1067 (by Gabriel439, 3 years ago, open): `nix-env` selecting old channels in `~/.nix-defexpr`
cybrian has joined #nixos
<exfalso>
seems it's not quite clear how the ambiguity is resolved for multiple channels, but you could check ~/.nix-defexpr
wavirc22_ has joined #nixos
ashkitten has joined #nixos
<exfalso>
I'm not sure in what situation you need both, but if I were you I'd just have nixos-19.09 and import nixos-unstable separately when needed (or maybe create a shell.nix that uses it if it's only needed for specific projects)
wavirc22 has quit [Ping timeout: 265 seconds]
cybrian has quit [Ping timeout: 250 seconds]
<mojjo>
srk: this works: `f = xs: with builtins; with pkgs.lib.types; let type = listOf str; in assert type.check xs; assert all type.functor.wrapped.check xs; xs`
<srk>
cool :)
<srk>
was looking at merge and functor but it's too early for me :)
drakonis has quit [Ping timeout: 256 seconds]
drakonis has joined #nixos
<{^_^}>
[nixpkgs] @mikesperber opened pull request #84785 → emacs: Unbreak on macOS → https://git.io/JvpJV
<bennofs>
bdju: it should hit the channel soon. https://hydra.nixos.org/job/nixos/trunk-combined/tested needs to pass for a channel release. If you click on the latest passed build (116168962), then click on the evaluation listed next to "Part of" (evaluation 1580009), you will find that there's still 2 queued jobs for that eval
<bennofs>
when the eval finishes, a cron job will then make a channel release since the "tested" job was successful for this eval
<sephii>
exfalso: at the moment I'm using `import <unstable>` in my `configuration.nix` and use `unstable.mypkg` for the packages I want to install from unstable, but afaik it requires me to have a channel named `unstable`, right? Is there a way to do this without having `unstable` in my channels?
<marius851000[m]>
Does anyone know how I can get a shell to compile gcc that with target (for gcc) being x86_64-w64-mingw32 ? I'm able to set the crossSystem easily but not target system.
cosimone has joined #nixos
<marius851000[m]>
(I want a linux gcc that can compile to windows with pkgsCross)
<marius851000[m]>
* (I want a linux gcc that can compile to windows without pkgsCross)
<marius851000[m]>
* (I want a linux gcc that can compile to windows without using pkgsCross)
<marius851000[m]>
* (I want a shell that can compile a linux gcc that can compile to windows without using pkgsCross)
<marius851000[m]>
* (I want a shell that can compile a linux gcc that can compile to windows)
<vika_nezrimaya>
wait
<vika_nezrimaya>
but crossSystem does set target system
<vika_nezrimaya>
so it is thee right choice
<chloekek>
Why is haskellPackages.time null?
<bennofs>
chloekek: if i recall correctly, null are packages that come already shipped with GHC
<marius851000[m]>
vika_nezrimaya: if I do that, I will have a gcc.exe file. I want to have the gcc that crossSystem create to compile binary
<vika_nezrimaya>
OHHHH
<vika_nezrimaya>
I see!
<vika_nezrimaya>
Won't you need something like crossSystem.stdenv?
<vika_nezrimaya>
It has gcc and more!
<chloekek>
bennofs: So if I want to overrideAttrs it, I would need to do that on GHC?
<marius851000[m]>
vika_nezrimaya: I think gcc9.lib have missing file that prevent pkgsCross.mingwW64.gettext to compile (like libstc++.dll.a, but there is libstdc++.la)
<marius851000[m]>
* vika_nezrimaya: I think gcc9.lib have missing file that prevent pkgsCross.mingwW64.gettext to compile (like there is no libstc++.dll.a, but there is libstdc++.la)
<vika_nezrimaya>
I'll test it rn
cosimone has quit [Quit: Terminated!]
<marius851000[m]>
vika_nezrimaya: Maybe nixpkgs.pkgsCross.mingwW64.stdenv.cc may be what I want
<marius851000[m]>
* vika_nezrimaya: Maybe nixpkgs.pkgsCross.mingwW64.stdenv.cc may be what I want. I'm trying this. Thank.
<vika_nezrimaya>
`nix-shell -p pkgsCross.mingwW64.stdenv` gives you a whole dev environment with GCC, binutils and some commonly needed stuff such as make
kleisli has quit [Remote host closed the connection]
<bennofs>
chloekek: idk, sorry :) core packages are somehow specially bundled with ghc, but I don't know exactly what the consequences of that are
cosimone has joined #nixos
gmagnusson has joined #nixos
<chloekek>
Alright, maybe I will try something different then.
<chloekek>
There was a breaking change in 1.9.3 that’s causing me headaches and ideally I’d apply a patch file to undo it.
kleisli has joined #nixos
<gmagnusson>
Hi! I'm trying to install Nixos over a Fedora 31 system with UEFI boot with the lustrate method. This worked on my Arch system, but fails here at the "sudo mv -v /boot /boot.bak" step with error "mv: cannot move '/boot' to '/boot.bak': Device or resource busy". I haven't found anything about this in the issues or on google. Does anyone know how to debug this?
mexisme has joined #nixos
revtintin has quit [Ping timeout: 265 seconds]
<gmagnusson>
Nothing in lsof points to /boot. As far as I can tell, it's not in use anywhere
<steevveenn>
Hi! while doing nixos-rebuilding switch this morning I no longer have access to unstable.haskellPackages.Cabal_3_0_0_0 . Any idea why ?
<{^_^}>
steevveenn: 20 weeks, 22 hours ago <tilpner> And it seems odd for the same machine to be virtualbox host and guest at once, you probably only want host or guest, not both
<{^_^}>
steevveenn: 20 weeks, 22 hours ago <tilpner> Sorry, didn't see your reply (no ping). You want virtualisation.virtualbox.host.package = n1903.virtualbox;
<{^_^}>
[nixpkgs] @domenkozar pushed 2 commits to release-20.03: https://git.io/Jvpk2
revtintin has quit [Ping timeout: 260 seconds]
o1lo01ol1o has quit [Ping timeout: 256 seconds]
CMCDragonkai_ has joined #nixos
mnm[m] has joined #nixos
<CMCDragonkai_>
Do overlays work inside ~/.config/nixpkgs/config.nix?
<CMCDragonkai_>
Because my overlay is setup in NIX_PATH and it works with nix-env -i and nix-env -iA but not when I'm using packageOverrides in config.nix
<{^_^}>
[nixpkgs] @Mic92 pushed to release-20.03 « acme: create certificates in subdirectory »: https://git.io/JvpIR
revtintin has quit [Ping timeout: 258 seconds]
o1lo01ol1o has joined #nixos
sigmundv_ has joined #nixos
bqu2 has quit [Ping timeout: 250 seconds]
bqu has joined #nixos
choward has quit [Ping timeout: 256 seconds]
jakobrs has joined #nixos
<jakobrs>
Even if I set enp3s0 to unmanaged in networkmanager, it still gets an ip address (via dhcpcd)
<jakobrs>
Is that normal?
spinus has quit [Ping timeout: 260 seconds]
<kraem>
jakobrs: i *think* you might have to disable dhcpcd with `networking.dhcpcd.enable = false;`
choward has joined #nixos
ottidmes has joined #nixos
mgdm has left #nixos ["WeeChat 1.9.1"]
<jakobrs>
thing is, it works like I'd expect it to from the live usb, which, according to nixos-option, has networking.dhcpcd.enable set to true
<jakobrs>
I'll try that in case it works
linarcx has quit [Quit: WeeChat 2.8]
linarcx has joined #nixos
steevveenn has quit [Remote host closed the connection]
zupo has joined #nixos
sigmundv_ has quit [Ping timeout: 250 seconds]
jakobrs has quit [Ping timeout: 256 seconds]
drakonis_ has joined #nixos
jakobrs has joined #nixos
linarcx has quit [Read error: Connection reset by peer]
<jakobrs>
kraem: It seems to work better now, however I had to reboot
knupfer has quit [Quit: knupfer]
<jakobrs>
s/$/./
knupfer1 has joined #nixos
<kraem>
👍
drakonis1 has joined #nixos
drakonis has quit [Read error: Connection reset by peer]
lemsip has quit [Read error: Connection reset by peer]
knupfer1 is now known as knupfer
drakonis_ has quit [Ping timeout: 265 seconds]
pbogdan has left #nixos ["ERC (IRC client for Emacs 26.3)"]
cybrian has joined #nixos
revtintin has joined #nixos
pbogdan has joined #nixos
<kraem>
jakobrs: i don't know if the default "dhclient" of networking.networkmanager.dhcp is provided as a lib or a service but you can change the option to "internal" and have networkmanager handle dhcp. i imagine that if you set an interface as unhandled by NM it wouldn't provide dhcp for it in case of "internal".
<{^_^}>
[nixpkgs] @Mic92 opened pull request #84801 → <!-- Nixpkgs has a lot of new incoming Pull Requests, but not enough people to review this constant stream. Even if you … → https://git.io/JvpLA
revtintin has quit [Ping timeout: 265 seconds]
linarcx has quit [Read error: Connection reset by peer]
revtintin has joined #nixos
jakobrs has quit [Quit: WeeChat 2.7.1]
drakonis has joined #nixos
arjen-jonathan has quit [Ping timeout: 265 seconds]
drakonis1 has quit [Ping timeout: 250 seconds]
revtintin has quit [Ping timeout: 264 seconds]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
Darkmatter66 has quit [Ping timeout: 260 seconds]
xelxebar has joined #nixos
drakonis_ has joined #nixos
Darkmatter66 has joined #nixos
bennofs1 has joined #nixos
c0c0 has quit [Ping timeout: 256 seconds]
zupo has joined #nixos
drakonis has quit [Ping timeout: 246 seconds]
revtintin has joined #nixos
exfalso has quit [Ping timeout: 265 seconds]
arjen-jonathan has joined #nixos
bennofs1 has quit [Quit: WeeChat 2.7.1]
johnjay has quit [Ping timeout: 265 seconds]
johnjay has joined #nixos
domogled has joined #nixos
<bqv[m]>
<{^_^} "[nixpkgs] @Mic92 opened pull req"> Lol
johnjay has quit [Ping timeout: 256 seconds]
exfalso has joined #nixos
kahiru has quit [Remote host closed the connection]
<mojjo>
My systemd service should not restart in case parsing of environment variables fails. But should restart in any other scenario. Which `Restart=?` config would you suggest? Or is there a special exit code for this, that I could use in the application and then exclude it in the systemd config?
likivik[m] has joined #nixos
cosimone has joined #nixos
<vika_nezrimaya>
Oops! I'm forever stuck on an old version of nixFlakes because there's a new flake.lock version 5, and my nixFlakes only reads version 4... what's even more infuriating is that the new version of Nix that reads flake.lock version 5 uses... flake.lock version 5, making it impossible to upgrade using only nixFlakes
revtintin has quit [Ping timeout: 256 seconds]
linarcx has joined #nixos
<niksnut>
vika_nezrimaya: nixFlakes in current nixpkgs should work
linarcx has quit [Client Quit]
<vika_nezrimaya>
oh well this means pulling 3k commits
<vika_nezrimaya>
:3
<vika_nezrimaya>
wish me luck
jophish has quit [Quit: WeeChat 2.4]
<vika_nezrimaya>
I hope flake.lock in Nixpkgs still uses v4
<{^_^}>
[nixpkgs] @adamse opened pull request #84809 → ghc: mention why ld.gold is disabled for musl libc → https://git.io/JvpYC
mexisme has joined #nixos
silver_hook has quit [Ping timeout: 240 seconds]
pbogdan has quit [Quit: ERC (IRC client for Emacs 26.3)]
pbogdan has joined #nixos
mallox_ has joined #nixos
revtintin has joined #nixos
mexisme has quit [Ping timeout: 260 seconds]
<vika_nezrimaya>
error: [json.exception.parse_error.101] parse error at line 3, column 14: syntax error while parsing value - unexpected end of input; expected '[', '{', or a literal - I don't like this...
mallox has quit [Ping timeout: 265 seconds]
<gchristensen>
is the file valid json?
cybrian has joined #nixos
<bqv[m]>
vika_nezrimaya: what's requiring the old lock?
<bqv[m]>
actually, this problem should be solved
<vika_nezrimaya>
Nah, I've already managed to solve the problem
<bqv[m]>
i raised this with eelco a few days ago, nixFlakes in nixpkgs should support v5
<chpatrick>
is there a reliable way to detect if nix-daemon is enabled?
<gchristensen>
chpatrick: maybe look at how nix-info works
<bkv>
ipconfig.sh is rgeat
<chpatrick>
gchristensen: the problem is that I don't think it works if <nixpkgs> isn't available
remirol is now known as lorimer
<clever>
chpatrick: i believe it first checks $NIX_REMOTE, daemon means use the daemon, auto is the default, which tests if it has write to stuff in /nix
<chpatrick>
clever: hmm but on my nixops server NIX_REMOTE is not set, even though the daemon is enabled
<clever>
chpatrick: if its not set, then it defaults to auto, which tests if it can write to things in /nix
<{^_^}>
[nixpkgs] @shlevy pushed to master « emacsPackages: Add standalone agda-input package that doesn't require building Agda. »: https://git.io/JvpOx
cybrian has joined #nixos
Ariakenom has joined #nixos
<{^_^}>
[nixpkgs] @shlevy pushed to release-20.03 « emacsPackages: Add standalone agda-input package that doesn't require building Agda. »: https://git.io/Jvp3f
gxt has quit [Remote host closed the connection]
phreedom_ has quit [Remote host closed the connection]
cartwright has quit [Remote host closed the connection]
est31 has quit [Remote host closed the connection]
KeiraT has quit [Remote host closed the connection]
oida has quit [Remote host closed the connection]
xelxebar has quit [Remote host closed the connection]
andreas303 has quit [Remote host closed the connection]
jb55 has quit [Write error: Broken pipe]
klntsky has quit [Write error: Broken pipe]
ATuin has quit [Quit: WeeChat 2.7.1]
gxt has joined #nixos
silver_hook has joined #nixos
xelxebar has joined #nixos
<freethink>
Is there a w.i.p gui installer anywhere?
<{^_^}>
[nixpkgs] @marius851000 opened pull request #84815 → gcc: copy windows library file to the lib output → https://git.io/JvpsC
<ottidmes>
lunik1: I think that is undecidable, although you could check for things like the kernel, but in general AFAIK it is impossible to decide this. You may check if the initrd/boot stages have changed, but there is no guarantee if they did, that a reboot will actually change anything that matters
<timokau[m]>
And if they didn't, there is no guarantee that there isn't some long-running process from before the update. We try restarting systemd services, but that isn't always possible and some long running processes may not be systemd services.
GrimSleepless has quit [Quit: WeeChat 2.7.1]
cybrian has quit [Ping timeout: 260 seconds]
markus1189 has quit [Ping timeout: 256 seconds]
markus1189 has joined #nixos
<ottidmes>
switching to a new system profile is best effort
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
niso has joined #nixos
<timokau[m]>
Is there a way to pass nix options such as `--timeout` to a remote builder? Passing them naively seems to be ignored.
<{^_^}>
[flake-registry] @edolstra pushed to master « hydra: Use master branch »: https://git.io/JvpGi
<DamienCassou>
hi
<DamienCassou>
how should I configure my system to make nix always use the nixpkgs git clone on my disk instead of an http source? I want that for both the user's nix and for the system
<srk>
DamienCassou: I'm using nix.nixPath = [ "nixpkgs=/etc/nixpkgs" ];
markus1189 has quit [Ping timeout: 256 seconds]
<simpson>
srk++ that's a nifty trick, using /etc/
<{^_^}>
srk's karma got increased to 5
<lordcirth>
srk++ been looking for something like that. Can that work for nixops?
<{^_^}>
srk's karma got increased to 6
<srk>
simpson: might be better to use your home directory but I don't avoid using root account so I don't mind :)
<clever>
lordcirth: that does what you want and more!
<srk>
DamienCassou: system wide
<DamienCassou>
you put that in your `/etc/nixos/configuration.nix`?
<srk>
DamienCassou: yup
<simpson>
srk: It's a nice solution to the question of where to put something so that everybody can read it, most people can't write it, and NixOS won't manage it.
<DamienCassou>
srk: good, thank you.
<srk>
simpson: indeed, I'm using another nixpkgs clone at home dir for work and to pull from /etc/nixpkgs if needed :)
xacktm has quit [Ping timeout: 272 seconds]
revtintin has quit [Ping timeout: 265 seconds]
<nek0>
HI folks. I am trying to set up a remote build server but I run into the error "you are not privileged to build derivations", even though the user i use to log in to the server is in nix.trustedUsers. What am I missing?
amosbird_ has joined #nixos
<lunik1>
I'm not sure if I completely understand the system.copySystemConfiguration option. Does this mean each generation will have its own copy of the configuration.nix used to create it?
reallymemorable has quit [Quit: reallymemorable]
<clever>
lunik1: thats meant to remake a missing configuration.nix on first boot, and doesnt give easy access to the config files
<DamienCassou>
I read on nixos-rebuild man page something about flakes. But I can't find it in any manual
<vika_nezrimaya>
i'm getting a feeling that using github:NixOS/nixpkgs as a flake input isn't gonna use a lot of cached binaries... it builds a lot of stuff like GNOME programs instead of downloading :3
<infinisil>
Does NixOS have something nice and simple to limit network bandwidth?
reallymemorable has joined #nixos
<hyper_ch>
set nic connection speed to 10mbps :)
<{^_^}>
[nixpkgs] @matthewbauer merged pull request #84689 → kwallet-pam: just provide plugin path for qtbase → https://git.io/JvxmF
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to master: https://git.io/JvpZP
<vika_nezrimaya>
DamienCassou: Flakes are great but from my experience they require a lot of reading on the proposed RFC49, current examples of flake-built repos and other stuff
griff__ has joined #nixos
<vika_nezrimaya>
They're in the preview phase AFAIK
<vika_nezrimaya>
so you won't be able to find a lot of documentation in the manual
<bkv>
vika_nezrimaya: you should still probably use a channel
revtintin has joined #nixos
<bkv>
i mean, you could do what i've done, and use master by default but pin expensive builds to nixos-unstable
<bkv>
but yeah i found using master directly to be ...inconvenient
<vika_nezrimaya>
the thing is - I'm fairly used to building from my checkout which is usually several kilocommits behind
<bkv>
lmao
<vika_nezrimaya>
yep I'm not really used to daily updates
<vika_nezrimaya>
should make it a part of my daily routine but make my checkout lag a day or two behind so Hydra can catch up on packages
<infinisil>
srk: Copied from a random website, seems to work: sudo tc qdisc add dev eno1 root tbf rate 1024kbit burst 10kb latency 70ms peakrate 2048kbit minburst 1540
reallymemorable has quit [Quit: reallymemorable]
<srk>
cool
<infinisil>
Way too complicated lol
* srk
makes a note
kleisli has quit [Remote host closed the connection]
romildo has joined #nixos
<vika_nezrimaya>
when I was starting to commit into NixOS I thought something like "you're not serious on your NixOS development unless you dogfood your own changes"
<bkv>
vika_nezrimaya: why use a local checkout though? any change you need can now really be done through your flake :p
<lordcirth>
I've got my laptop running 20.03 from a local checkout, yeah
<infinisil>
srk: To delete: sudo tc qdisc del dev eno1 root
<lordcirth>
I'd run master if it was fast enough to compile
<vika_nezrimaya>
I was fixing cross-compilation issues initially when I started it, and flakes really weren't around at that time
<lordcirth>
I need to fix LXQT
kleisli has joined #nixos
<vika_nezrimaya>
nowadays I'll probably keep my GitHub fork's master as my "semi-stable" branch and update it daily
<srk>
infinisil: noted. ty! :)
griff__ has quit [Quit: griff__]
eoli3n__ has quit [Ping timeout: 256 seconds]
kleisli has quit [Remote host closed the connection]
kleisli has joined #nixos
evertedsphere has quit [Quit: leaving]
evertedsphere has joined #nixos
zaeph1 has joined #nixos
<bkv>
i would hate to have to keep a fork up to date
justanotheruser has quit [Ping timeout: 260 seconds]
jbrock has quit [Ping timeout: 250 seconds]
<DamienCassou>
srk: I tried your idea and I now get `error: file 'nixos-config' was not found in the Nix search path (add it using $NIX_PATH or -I), at /home/cassou/Documents/projects/nixos/nixpkgs/nixos/default.nix:1:60`
<{^_^}>
[nixos-org-configurations] @edolstra pushed 4 commits to master: https://git.io/JvpC9
igghibu has joined #nixos
drakonis has joined #nixos
drakonis has quit [Read error: Connection reset by peer]
drakonis_ has quit [Ping timeout: 258 seconds]
drakonis has joined #nixos
asbachb has joined #nixos
linarcx has joined #nixos
<asbachb>
Hej. Do hydra build everything or only the things which changed?
<bkv>
there is no difference between those two sets
jbrock has quit [Quit: jbrock]
jbrock has joined #nixos
<clever>
asbachb: nix uses the hash of the build directions to compute $out, so if the steps to make somehting havent changed, it finds the old product in the store, and just reuses it
johnny101m has quit [Quit: -a- Connection Timed Out]
kleisli has quit [Remote host closed the connection]
aiowej has quit [Remote host closed the connection]
johnny101m has joined #nixos
<asbachb>
clever: So hydra trusts it's own previous builds and "reuse" them?
cybrian has joined #nixos
kleisli has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<evanjs>
Ughhh is there some way to block ~/.config/mimeapps from being written? I have it managed with nix/hm (can't remember) but one of my apps (Postman, IIRC?) keeps writing to it, and then my rebuilds fail until I remote it, etc
jbrock has quit [Client Quit]
jbrock has joined #nixos
<evanjs>
home-manager is the one failing (because it prioritizes safety/doesn't typically overwrite non-home-manager-managed files)
emmanuelrosa[m] has joined #nixos
<zeta_0>
evanjs: are you having some build issues today as well? here's where i'm stuck at: https://dpaste.org/Xs44
morgrimm has joined #nixos
<zeta_0>
i don't remember making any major changes to my home-manager, so i have no idea what's wrong
<lordcirth>
evanjs, you could set it read-only, or even chattr +i
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « mednafen: 1.22.2 -> 1.24.1 »: https://git.io/Jvp4o
<kraem>
an sre at my job saw a shell.nix i checked in on one of the repos i'm working on and got curious (they're just reevaluating what official tool they're going to use as an official one for getting environments set up for the engineers). i said i would try to package one of the repos they have to "showcase" nix. most of their old stack is using ruby. read nixpkgs manual for ruby and tried to use
<kraem>
`$(nix-build '<nixpkgs>' -A bundix --no-out-link)/bin/bundix --magic` as suggested but it seems it's having trouble fetching the private repos. found this https://github.com/nix-community/bundix/issues/69 - tried installing bundix with nix-env for the problem with it not able to get my credentials. anyone with experience with ruby "in" nix able to help out? thanks!
<{^_^}>
nix-community/bundix#69 (by lavoiesl, 25 weeks ago, open): Fetching private gems via a private git repo
<ajs124>
Is there a way to find pull requests that modify a certain file?
<ajs124>
My specific issue is that I'm trying to find PRs against packages with names that are hard to search for.
eoli3n__ has joined #nixos
mexisme has joined #nixos
zeta_0 has joined #nixos
miscellaneousbus has joined #nixos
reallymemorable has quit [Quit: reallymemorable]
<zeta_0>
has anyone here had problems getting ghcide working in a nix-shell? ghcide is not able to recognize some of the modules from my default.nix file? i already have all of the needed environment variables setup so that can't be the issue
w3emperor_ is now known as esemds
bkv has quit [Ping timeout: 260 seconds]
mexisme has quit [Ping timeout: 246 seconds]
<zeta_0>
also, is there a way to get emacs to automatically open
pbogdan has joined #nixos
<zeta_0>
whoops my mistake, i had that saved to paste in #emacs
<numkem>
clever: that's what I'm looking into (nixops), is there a more complete detail of what can be put in `deployment.*`? I'm looking at the HTML manual and it's pretty light on details regarding that. I want to target an ssh host that I already have the SSH key to
<zeta_0>
ghcide is not recognizing some modules in a nix-shell, so maybe it needs hoogle/haddock ?
<clever>
numkem: if the machine is already created, then you need to use the none backend, which wont do any aws special things
<numkem>
clever: the manual mentions to leave the `deployment.targetEnv` empty. That's what I assume you mean about?
<clever>
numkem: yeah, none is the default targetEnv
jbrock has quit [Quit: jbrock]
jbrock has joined #nixos
<numkem>
clever: that's awesome, thank you. How do you define with SSH key it's using?
<vika_nezrimaya>
/nix/store/kmlvbpkac2dr7nfmk4dykc7gvs2lxf11-folks-0.14.0.drv: eds-add-contacts-stress-test timeouts on my machine, is a dependency of GNOME, nixpkgs flake ref 939fcdcbddf5713552a9a4ed61389f13f4a88188
<zeta_0>
clever: is this the way to add ghcWithHoogle in my generic haskell default.nix file, or is the syntax way off? https://dpaste.org/nq6a
<clever>
numkem: nixops will create its own keypair and use that to deploy, but the ssh agent leaks and gives it more keys it can use
<clever>
zeta_0: ghcWithHoogle is a function, not a package, you must run it on a list of packages
o1lo01ol1o has quit [Ping timeout: 265 seconds]
<numkem>
clever: ok... but assuming I already have an key for a machine, is there a way to give it given I'm using the none backend?
<clever>
numkem: temporarily add it to an ssh-agent with ssh-add
<numkem>
clever: with the name maching? the name of the expresion?
<clever>
numkem: nixops will just try every key in the agent
<numkem>
clever: will try that out, never really used ssh-agents before, thank you
<clever>
numkem: just run `ssh-agent`, export the vars it says to export, then run `ssh-add` on a private key file
cybrian has quit [Quit: cya]
<clever>
numkem: then anything using ssh (ssh itself, scp, nixops) will just magically be able to use those keys without prompting for a passphrase
<numkem>
clever: that does sounds like magic. I guess I'll use that in the future. I recall seeing something about it in the default configuration.nix so maybe it's aready working
cybrian has joined #nixos
<clever>
numkem: you can run `ssh-add -l` to test if an agent is running, and list what is in it
tek[m] has left #nixos ["User left"]
<numkem>
clever: yup it was
LysergicDreams has quit [Ping timeout: 256 seconds]
mallox_ has quit [Quit: WeeChat 2.8]
LysergicDreams has joined #nixos
kleisli_ has joined #nixos
kleisli has quit [Read error: Connection reset by peer]
o1lo01ol1o has joined #nixos
<zeta_0>
clever: this is my haskell implementation in home.nix: https://dpaste.org/WPKj , and i'm trying to figure out how to add ghcWithHoogle into my generic default.nix without changing the code too much: https://dpaste.org/5oZm
felixfoertsch has quit [Ping timeout: 265 seconds]
felixfoertsch23 is now known as felixfoertsch
<clever>
zeta_0: developPackage cant really be modified to use ghcWithHoogle directly, enless it already has an option to enable that
o1lo01ol_ has joined #nixos
o1lo01ol1o has quit [Ping timeout: 265 seconds]
est31 has quit [Remote host closed the connection]
o1lo01ol_ has quit [Remote host closed the connection]
est31 has joined #nixos
o1lo01ol1o has joined #nixos
kleisli_ has quit [Remote host closed the connection]
kleisli_ has joined #nixos
<zeta_0>
clever: that sucks, i need developPackage because it automatically calls cabal2nix on the cabal file of whatever project is there, and i need ghcWithHoogle in order for ghcide to be able to recognize modules and show documentation in a nix-shell, i already setup ghcide's needed environment variables in home.nix(which nix-shell inherits): https://dpaste.org/jk1H
<LeshaInc>
hi, does anyone know how to install nvidia driver from nixos unstable?
reallymemorable has quit [Quit: reallymemorable]
<zeta_0>
clever: so i'm not sure why ghcide is not recognizing some modules in the nix-shell
reallymemorable has joined #nixos
<clever>
zeta_0: have you looked at the source of developPackage ?
<zeta_0>
clever: i also need to figure out how nix-shell works in emacs, that might be causing me problems as well
<numkem>
clever: in the case of nixops, what would be the best thing to do regarding importing unstable nixpkgs? I've taken a look at your `nix/sources.nix` but honestly I'm not sure what I understood
morgrimm has joined #nixos
<zeta_0>
clever: is that incorrect, i hope i was not looking at the wrong src code for developPackage
<energizer>
the main feature i'm looking for is that i want to avoid building stuff that other people in other organizations have already built. if someone else has already built some version of numpy, i don't want to build it again
<energizer>
it looks like nixbuild.net is focused on within-org build-reuse, rather than public
<thibm>
hum… that's again another story
<thibm>
energizer: what you'r asking for is not doable, IMHO
<energizer>
explain?
<thibm>
You need to trust builds (like you trust hydra). So you can't get builds from random folks and put it on a cache for everyone
noudle has joined #nixos
<thibm>
I mean, you could, but it's a bad idea
<energizer>
well, i don't mind trusting nixbuild.net
<thibm>
In fact, it's what cachix does. But in this case, you know who you need to trust: the one that caches the stuff + cachix itself
lsix has quit [Quit: WeeChat 2.7.1]
pamplemousse has joined #nixos
<thibm>
brb
<thibm>
With a public gathering cache, if this is what you want, you need to trust everyone
thibm has quit [Quit: WeeChat 2.6]
<energizer>
i dont see why i'd need to trust anybody except the build service
<{^_^}>
[nixpkgs] @worldofpeace pushed 2 commits to master: https://git.io/Jvpz4
<das_j>
are there any known breakages with getent and nscd? seems like nscd is not even asked for a cached result
thibm has joined #nixos
<energizer>
you do `poetry add numpy==1.18.2` which generates a lockfile with hashes inside, then poetry2nix.mkPoetryEnv generates a derivation. you upload that to nixbuild which builds it. i do the same and get the same derivation, i query nixbuild which says "yeah i built that already, here you go"
<thibm>
(Sorry, I needed to switch internet connection. (And then the cat brought a bird -_-))
<gchristensen>
energizer: that would be fine
<thibm>
Yes you need to trust the build service. You said "if someone else has already built some version of numpy". I assumed you meant "anyone"
<evanjs[m]>
<lordcirth "evanjs, you could set it read-on"> Not sure if I can since home-manager still needs to put stuff there
<thibm>
This lead to NixOS model: people trust hydra, and build their own packets if they override them or whatever
<mdash>
energizer: right, this is basically just hydra then
<dottedmag>
mdash: thanks. would never guess to read the changelog. changelogs are expected to be diffs between versions, and not a repository of new stuff!
<mdash>
anyone know if there's something like `runInLinuxVM` for nix on macos?
reallymemorable has quit [Quit: reallymemorable]
o1lo01ol1o has quit [Ping timeout: 256 seconds]
<miscellaneousbus>
so i have a thinkpad x1e gen2 which has a dedicated GPU (nvidia gtx 1650). I've configured nvidia prime as described in the nixos wiki. glxinfo | grep vender shows 'Intel' and nvidia-offload ... shows nvidia. So i think its working properly. but the external monitor doesnt work. According to the arch wiki, it says i should use optimus manager (https://wiki.archlinux.org/index.php/Lenovo_ThinkPad_X1_Extreme_(Gen_2)
<miscellaneousbus>
#Prime_features). I'm guessing i cant use both GPUs? or I have to reconfigure and reload X everytime?
<thibm>
energizer: (if the guy from nixbuild.net choose to not share store paths, it's for a good reason. You could ask him)
numkem has joined #nixos
<clever>
energizer: you can just run your own hydra and build whatever you want
<thibm>
He could get people pay for a cache hit, and he does not. (It's what dropbox & co does, by the way)
<energizer>
clever: but then nobody else will upload to it and i wont get to freeload off them
<clever>
energizer: if you let others upload to it, youll have a security nightmare
<mdash>
energizer: the other option is cachix/hercules i think
zupo has quit [Ping timeout: 256 seconds]
<thibm>
energizer: that what I said first: you could technically do what you want, but it's a bad idea, and nobody will do it
<energizer>
clever: you and i upload some expressions or derivations. turns out my expression generates some of the same derivations as yours, so i can use the artifacts that were already built from your derivations. i dont see the security issue
morgrimm has joined #nixos
<clever>
energizer: what if i upload a derivation with `src = /etc/shadow;` ?
<clever>
energizer: what if my fixed-output derivation does a query against 192.168.1.1 ?
<energizer>
clever: you're in a build sandbox, so it doesn't matter?
zupo has joined #nixos
<clever>
energizer: if you declare the hash of $out, nix gives you unrestricted access to the network, but the build fails if you dont meet the claimed hash
<clever>
energizer: thats how things like fetchgit can run tools like git to fetch things
<energizer>
clever: does hydra build packages in response to PRs?
<gchristensen>
no
<clever>
energizer: nope, only after the pr gets merged
<energizer>
clever: ok so people can make network requests, which could be used for abuse
<gchristensen>
and if I can enumerate your cache, I could potentially get things you didn't want me to
knupfer has quit [Remote host closed the connection]
morgrimm has quit [Ping timeout: 256 seconds]
knupfer has joined #nixos
<{^_^}>
[nixos-channel-scripts] @tilpner opened pull request #36 → mirror: add redirection for store-paths.xz → https://git.io/JvpgL
<thibm>
nixspectre
<energizer>
ok i see
pbogdan has joined #nixos
<energizer>
the enumerable store thing is continually frustrating!
<zeta_0>
clever: oh it's returnShellEnv not returnShell, let me change that and check if it works
<energizer>
clever: is the security situation remediable? what about some dumb controls like whitelisted src= domains and restricted read permissions on the filesystem
<energizer>
for this kind of service
<gchristensen>
caches can be protected with usernames andpasswords of course
<gchristensen>
or other mechanisms
<thibm>
energizer: I think it's not possible by design
pbogdan has joined #nixos
dingenskirchen has joined #nixos
<thibm>
Like I said, the same issue happens at the processor level, for instance
<thibm>
(cache hit leaking info)
<zeta_0>
the default.nix is throwing another error: error: attempt to call something which is not a function but a set , https://dpaste.org/xYx7
<thibm>
You could rebuild the entire dependency DAG each time, if you want :p
<thibm>
I prefer to build numpy on my laptop, in this case :p
<zeta_0>
i wrapped the whole `in` expression with () so maybe that's what is causing the error, emacs is not throwing any syntax error, so it must be a logic error
<energizer>
the main feature i want is a public shared cache with a lot of packages in it. if i can get that without worrying about malicious packages and managing abuse complaints that would be a great service
<gchristensen>
but not cache.nixos.org, which has hundreds of millions (and hundreds of terrabytes) of prebuilt packages? :)
vykook has quit [Ping timeout: 240 seconds]
<zeta_0>
clever: well, it's not working, i tried to implement it the way you explained, but it's still throwing errors: https://dpaste.org/CEbm
<energizer>
gchristensen: right, not that, because that doesn't have any of the lockfile-generated builds
<gchristensen>
huh?
jbrock has quit [Quit: jbrock]
<clever>
zeta_0: what errors is it throwing?
jbrock has joined #nixos
o1lo01ol1o has joined #nixos
<clever>
zeta_0: line 22 breaks env being used as a function
<gchristensen>
energizer: what kind of lockfile?
<energizer>
gchristensen: naersk and poetry2nix take Cargo.lock poetry.lock, respectively
<zeta_0>
clever: i need that piece of code to keep the terminal path shortened, can i just rename the `env` variable to something else on line 22 to fix the error?
<zeta_0>
clever: i think this is what you meant(i took out the () that wrapped the `in` expression and placed withHoogle in there): https://dpaste.org/svGm
<zeta_0>
clever: no, i don't think that worked, it went into a nix-shell without any errors, but the path was not shortened and it didn't build any hoogle stuff, so i don't thinks that's working either
<thibm>
Just add "doc" output and let the magic happen. I love Nix
rogue_koder_ has joined #nixos
<wucke13>
How do I force a list ( [] ) to be empty?
dhess has joined #nixos
swflint has quit [Ping timeout: 260 seconds]
<thibm>
what do you mean?
<cole-h>
Are you trying to configure something that expects a list and setting it to `[]` gives an error?
swflint has joined #nixos
<wucke13>
I want to override a systemd.service which is generated by a module. Specifically, I want wantedBy to be empty. However, after 'wantedBy = [];', 'multiuser.target' still remains in it
jbrock has quit [Quit: jbrock]
<cole-h>
Try `= lib.mkForce [];`
jbrock has joined #nixos
chagra_ has quit [Ping timeout: 258 seconds]
pbogdan has quit [Remote host closed the connection]
chloekek has quit [Ping timeout: 260 seconds]
<wucke13>
Ah yeah, that did the trick. Thank you two :)
<cole-h>
What do you mean? Just plug in the commit hash of that PR
<energizer>
what is the difference pr snapshot and a commit?
<thibm>
I mean I'm lazy to change the commit if the PR gets updated :)
<thibm>
But that will do the job, thanks
<immae>
thibm: in that case put the branch name in the original fork as suggested by vika_nezrimaya
<immae>
this one "is" the PR, it will follow its changes
<cole-h>
thibm: If you have a checkout, you can do this: `git fetch origin pull/####/head:somebranchnamehere`
<thibm>
vika_nezrimaya: immae: true. I think I need to go to bed
<thibm>
(The PR repo is mine, and the PR is mine…)
<thibm>
It was for a fetchTarball in nixos configuration
<thibm>
BTW, how fetchTarball works to avoid hash? It's a fixed-output with hash computed after the download?
<cole-h>
Oh. That would have been helpful information... :P
<immae>
(there is however a slight difference: github will show you what will change when you "merge" the PR, which might be distinct from what the PR branch contains, if for instance you’re not rebased on top of the last commit in the main branch)
<thibm>
(because it's builtin)
<thibm>
I se
<thibm>
I see
<cole-h>
If the PR is yours, why not just point to a local checkout instead of `fetchTarball`ing it?
<cole-h>
s/a local/the local/
jbrock has quit [Quit: jbrock]
jbrock has joined #nixos
<thibm>
Because it's on a remote server ;)
jbrock has quit [Client Quit]
jbrock has joined #nixos
<gchristensen>
how about builtins.fetchGit
vykook has quit [Ping timeout: 256 seconds]
<thibm>
I wanted to avoid pinpointing the commit, because fetchTarball has this power. But it's fine
morgrimm has joined #nixos
<gchristensen>
builtins.fetchGit can take a ref (branch name) and no hash
<{^_^}>
[nixpkgs] @rycee pushed commit from @marsam to master « fira-code: 2 -> 3 »: https://git.io/Jvp2A
<thibm>
Same question, how does it work internally? I'm just curious
<thibm>
(to avoid the fixed-output hash)
<gchristensen>
the fetching of the URL or the fetching of the repository happens as you, and only once it done, Nix hashes the result
<gchristensen>
whereas pkgs.fetchurl runs th efetch as a nix build, an has to know what it will produce
vykook has joined #nixos
noudle has quit []
thibm_ has joined #nixos
<gchristensen>
not sure if that helped answer it though :)
<thibm_>
(sorry, my computer just crashed)
<thibm_>
OK, that was my intuition, thanks
morgrimm has quit [Ping timeout: 265 seconds]
<MichaelRaskin>
In case compile-time computation was not scary enough, Nix has evaluation-time downloads
<immae>
(different topic) Do you have guides to upgrade a postgresql server under nixos? I looked on the wiki but I saw nothing there. Or should I try to adapt what I find for instance in Archlinux’ wiki?
<thibm_>
Should I change name to pname+version when updating a package?
<immae>
julm: it does indeed
<cole-h>
My vote is yes. I remember seeing a treewide name -> pname conversion (for simple cases) in the past, so I think it's a good idea thibm_
<thibm_>
OK
thibm_ is now known as thibm
leotaku has quit [Read error: Connection reset by peer]
leotaku has joined #nixos
cosimone has quit [Quit: Quit.]
<immae>
julm: I can see that someone had the same issue as me just a few weeks ago and documented it, it’s great :D
vykook has quit [Ping timeout: 258 seconds]
<cole-h>
thibm++ Thanks, I was actually going to suggest you change name -> pname+version :P
<{^_^}>
thibm's karma got increased to 2
<cole-h>
(on your herbstluft update PR)
jbrock has quit [Quit: jbrock]
<thibm>
hehe. I added the man output, so I thought about changing the pname+version. I just force-pushed
jbrock has joined #nixos
jbrock has quit [Client Quit]
<thibm>
I will not test it now, it's midnight here and when I tried to rebuild my system using the new package my laptop crashed (it's running a heavy VM, now). So I'll test it tomorrow
jbrock has joined #nixos
<zeta_0>
clever: ya, it's not working correctly, i think i'm going to have to remove line 22: https://dpaste.org/1B65
<thibm>
cole-h: does the cmakeFlags expand bash variables?
<thibm>
I don't think so
<thibm>
oups, I will respond on Github, sorry
<cole-h>
If it doesn't, then you should just need to `${placeholder "out"}`
relaxmax has quit [Quit: Leaving]
vykook has joined #nixos
<cole-h>
thibm: No need to apologize; I like IRC > GitHub correspondence anyways :P
romildo has joined #nixos
morgrimm has joined #nixos
<thibm>
Yes but it will be hard for other people than the two of us to follow the conversation :p
<thibm>
I'm testing your changes. $out does not work, as expected
<thibm>
With placeholder it works
<cole-h>
I'm looking through the nixpkgs repo to see if that's something people do
<cole-h>
instead of your original solution
<cole-h>
Don't push yet :P
<thibm>
There are a lot of places in nixpkgs when *FlagsArrays is used to expand $out
<cole-h>
Yeah, I'm seeing the same
__monty__ has quit [Quit: leaving]
<MichaelRaskin>
Placeholder is relatively recent
<thibm>
I prefer cole-h's solution
<cole-h>
Since ~2.0, no?
<thibm>
placeholder is really nice
<romildo>
Rebuilding NixOS unstable is failing at cherrypy. Has anybody seen it?
<cole-h>
Yeah, I prefer placeholder just because it allows you to use `cmakeFlags`. It just seems strange to have to modify a phase to add a cmake flag when there's an array ready-made for it
<MichaelRaskin>
Yes, placeholder is nice (and was added because the FlagsArray's are annoying)
<cole-h>
OK, cool. Then, thibm, I'd say, yeah go ahead and make the change if 1) it works; and 2) you like it
arjen-jonathan has quit [Ping timeout: 260 seconds]
<immae>
julm: no, just the link to the PR you gave, which is perfect and exactly what I wanted. It’s still not in the manual pages though, so that’s why I missed it
<immae>
documentation and do-it-all script, what else? :D
<cole-h>
thibm: Hm, is there a reason to have both a `doc` AND `man` output? What's the different between contents?
numkem has quit [Ping timeout: 264 seconds]
<thibm>
man is manpage, doc is html files + license, news, bugs, etc
<thibm>
I think its fine, some packages has doc+man
<cole-h>
Fair. Just wondering why the separation
<thibm>
e.g., libxml2
<thibm>
sure
cosimone has joined #nixos
kaliumxyz has joined #nixos
morgrimm has quit [Ping timeout: 256 seconds]
fendor has quit [Read error: Connection reset by peer]
vykook has joined #nixos
<cole-h>
thibm: Any chance I can convince you to quote the herbstluft URL in the meta as well? ;)
pbogdan has quit [Quit: ERC (IRC client for Emacs 26.3)]
<thibm>
Should URL be unquoted? I remember a tree-wide change unqoting all urls :p
<cole-h>
rfc#45
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
<zeta_0>
the shellHook and withHoogle attributes are not working, what's going on guys? https://dpaste.org/EgVV
<thibm>
cole-h: thank you for your review btw
<cole-h>
thibm: :)
o1lo01ol1o has quit [Remote host closed the connection]
<cole-h>
romildo: Sorry, I have no idea. My guess would be that you interrupted the build.
<zeta_0>
as soon as i place the withHoogle attribute in there, it stops working correctly, it has been a pain trying to get hoogle working in default.nix
vykook has joined #nixos
<romildo>
cole-h, yes have interrupted the build. Any clues on a fix?
<cole-h>
If you want to see its reverse dependencies, you need to let it build AFAIK
<MichaelRaskin>
Because for many systems brute-force by local users via su is possible but way more rate-limited than GPU brute-forcing of a known hash.
<qyliss>
romildo: you might want -q --tree :)
zeenk has quit [Quit: Konversation terminated!]
<nschoe>
qyliss, qyliss how many rounds is okay?
<julm>
cole-h: ok, so those commits were cherry-picked March 31. on the 20.03 releases and because the rendition of the manual is 19.09 their changes are not yet effective. is there a public rendition of the 20.03 manual somewhere?
kleisli_ has quit [Remote host closed the connection]
<qyliss>
well, in theory one
Naptra has quit [Remote host closed the connection]
<nschoe>
xD
<qyliss>
But I'd just pick a number that takes a second or so for your computer to calculate
<nschoe>
The man page does not say how many rounds are used when not specified
<qyliss>
For my pretty old computer that was 1000000
plutes has joined #nixos
kleisli_ has joined #nixos
plutes has quit [Max SendQ exceeded]
<MichaelRaskin>
What theory ever makes one round of a standard hash OK???
<nschoe>
xD
<MichaelRaskin>
10^6 rounds are worth ~4 keypresses in the password length or so…
<qyliss>
The theory that hashes are not reversible.
plutes has joined #nixos
<MichaelRaskin>
Erm. Hashes being irreversible is not what matters
<nschoe>
Just to be sure I understand: when I use mkpasswd -m sha-512 --round=N it means it will hash the password N times. Then the hash it gives me, I will copy it to configuration.nix in the option ´hashedPassowrd´. If I take a big number so that it takes a long time to answer (~1 second). It means every time I will use `sudo`, it will also take ~1 second to check my password?
<qyliss>
yes
<lordcirth>
You don't crack passwords by reversing the hash, but by guessing
<qyliss>
I'm assuming a sufficiently good password.
shibboleth has quit [Quit: shibboleth]
<nschoe>
qyliss, okay and how does it know how many times it must hash my password when it asks me for sudo ?
plutes has quit [Remote host closed the connection]
<ekleog>
MichaelRaskin: fwiw, 26 chars in diceware is like 70-80 bits of entropy, which is already not that bad
<nschoe>
MichaelRaskin, oh okay I see. Itś obvious now that you stated it...
silver_hook has quit [Quit: ZNC 1.7.2+deb3 - https://znc.in]
<MichaelRaskin>
I believe even 15 non-pronounceable is OK-ish in practice.
<julm>
2010. "infamous codahale article (How To Safely Store A Password) appeared, leading to lots of misunderstanding"
<MichaelRaskin>
It's just that there is an easy trap to have a 26-word _phrase_, and that's horrifyingly low entropy
morgrimm has quit [Ping timeout: 265 seconds]
<MichaelRaskin>
Apparently, Bitcoin ASICs are rated in terahashes per second nowadays
<ekleog>
qyliss: AFAIR, the standard recommendation for the number of rounds is 100k or above (not sure why, but afair that's the standard)
<nschoe>
Against a brute-force, why is pronounceable different?
<qyliss>
There are 56 bits of entropy in my password
silver_hook has joined #nixos
<{^_^}>
[nixpkgs] @doronbehar opened pull request #84858 → nerdfonts: make it easier to configure and build → https://git.io/Jvpr1
<MichaelRaskin>
Because everyone willing to bruteforce, will weight approximately-pronounceable ones higher. And there is like 2^n phrases of n letters
<ekleog>
qyliss: be wary, now that we know both that it's 26 chars and 56 bits, we can probably infer stuff and reduce its entropy :p
<adyatlov>
Nobody?
<qyliss>
and then I can change it :)
mekeor has quit [Quit: crypto-anarchism and cyber-communism!]
<qyliss>
I'll pay 100 currency units for a copy of my unhashed password.
<MichaelRaskin>
So, 30 seconds for 1024 bits of entropy! (hides)
<qyliss>
So I should have 2¹² seconds
<ekleog>
your password would be cracked in about 1hr and a bit
<ekleog>
(assuming a single round)
<qyliss>
oh right
<qyliss>
but I have 1 million
<ekleog>
so you're safe, thanks to that million :)
<qyliss>
Aha!
jmcasey has joined #nixos
<adyatlov>
MichaelRaskin drop nix-env?
<bqv>
has it been noted that the matrix bridge is down
<bqv>
or is it just my homeserver?
<MichaelRaskin>
Well, a lot of people switch to _some_ kind of declarative management of profiles or their replacement (which might still use nix-env but only as --set, not as -iA or -u)
<MichaelRaskin>
Some people use homemanager, for example
<MichaelRaskin>
Some just do everything via nix-shell's
jbrock has quit [Quit: jbrock]
<adyatlov>
Hmm. Interesting. I'm thinking too traditionally
jbrock has joined #nixos
<adyatlov>
But if you do everything with nix-shell your packages will be wiped by nix-collect-garbage every time right?
<MichaelRaskin>
Well you can do nix-build's to pin or install lorri or …
jbrock has quit [Client Quit]
jbrock has joined #nixos
romildo has quit [Quit: Leaving]
<adyatlov>
Wow. lorri, homemanager how do you find out about that cool stuff