<lc>
lc: Also, how did you know the hash in unstable is still correct? Did you check the file in master or somehow install it?
<lc>
pistache*
codygman has quit [Ping timeout: 264 seconds]
<pistache>
the hash is not correct in unstable, but it's indeed correct in master (I've checked the file, and I'm trying to install it right now to confirm it works)
<pistache>
yep, it does build on master
fresheyeball has quit [Quit: WeeChat 2.7.1]
smatting has quit [Ping timeout: 260 seconds]
codygman has joined #nixos
smatting has joined #nixos
<lc>
Is there any way I can build the rescuetime package that's on master manually
<pistache>
lc: there's two ways of doing that
<pistache>
you could either copy the current version of rescuetime's definition and import it directly from your configuration
evanjs has quit [Ping timeout: 272 seconds]
leungbk has joined #nixos
user_0x58 has quit [Ping timeout: 246 seconds]
<pistache>
or clone the whole nixpkgs repository, import that as "nixos-master", and use install "nixos-master.rescuetime"
user_0x58 has joined #nixos
evanjs has joined #nixos
<lc>
How would I do the first option
<leungbk>
How can I install the npm package @angular/cli globally? I've tried `nix-env -iA nodePackages.@angular/cli` and some variants thereof but haven't gotten it to work.
<lc>
import filehere, where filehere is the default.nix?
MmeQuignon has quit [Ping timeout: 260 seconds]
bhipple has joined #nixos
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
<Henson>
clever: do you have anything in your OUTPUT chain? It's annoying that a nixos output chain doesn't exist, because I would have to add my own which means I need to run shell scripts in the extraCommands section to check if a chain exists or doesn't exist before deleting or creating it.
<clever>
Henson: nothing in OUTPUT for mine, i only filter incoming
codygman has quit [Read error: Connection reset by peer]
<pistache>
lc: so I don't really remember what's the proper way to do this (I'm a beginner with NixOS as well)
codygman has joined #nixos
<Henson>
clever: ok. Do you think there would be value in having a nixos-fw-output chain (or something similarly named) added to address this problem, or is it perhaps not that big of a problem?
<pistache>
lc: but "(callPackage ./rescuetime.nix { mkDerivation = stdenv.mkDerivation; })" seems to work here
<pistache>
however, I don't understand why I have to provide mkDerivation to callPackage
<clever>
Henson: you could use mkMerge, mkBefore, and mkAfter, to add your own nixo-fw-output, and flush it before all other rules, then append after others
<lc>
pistache: Thanks
<clever>
Henson: but having it in nixpkgs natively would be nicer for others
<pistache>
lc: also use "inherit (stdenv) mkDerivation" rather than "mkDerivation = stdenv.mkDerivation"
<Henson>
clever: how would I go about initiating a conversation with whoever's in charge of the firewall stuff to see if it would make sense to add one? An e-mail, and IRC conversation, a pull-request?
ONDIE has joined #nixos
<Henson>
clever: and IRC -> an IRC
<lc>
Where exactly do I put "callPackage"?
<clever>
Henson: either irc or a PR, check `git blame` to see who has been touching most of it
<pistache>
lc: in home.packages
<Henson>
clever: I also just noticed there's a networking.firewall.extraStopCommands that could be used to delete the chain I create in the networking.firewall.extraCommand section.
dot-product[m] has joined #nixos
marcusr has quit [Remote host closed the connection]
<lc>
pistache: how did you solve the allowUnfree issue. I have allowUnfree in my config.nix but it doesnt seem to care
user_0x58 has quit [Ping timeout: 272 seconds]
user_0x58 has joined #nixos
jluttine has quit [Ping timeout: 256 seconds]
<pistache>
lc: by setting allowUnfree in .config/nixpkgs/config.nix, I think
marcusr has joined #nixos
<lc>
My config.nix in ./config/nixpkgs/cofig.nix is { allowUnfree = true; } and nothing else
<pistache>
lc: let me check
ONDIE has left #nixos [#nixos]
marcusr has quit [Remote host closed the connection]
<dot-product[m]>
I think you have to do it in /etc/nixos/configuration.nix if you are installing system packages. The other config works if you are installing as a user of the NixOS system.
<lc>
I am trying to call the package from my home manager file in ~/.config/nixpkgs/home.nix, and my config.nix is located at ~/.config/nixpkgs/config.nix
<dot-product[m]>
* lc: According to this the former, "~/.config/nixpkgs/config.nix":
<dot-product[m]>
Has anyone attempted to get GUIX scheme to work as a replacement for the nix language but still have nix packages instead of GUIX packages? I am looking at GUIX and it looks nice, except I want to be free to install any packages, not exclusively FSF approved ones.
<emily>
there are non-free package repositories for guix, or you can also probably use nix/nixpkgs on guix
<emily>
you should mirror the line in all-packages.nix when importing stuff
<emily>
but also it would probably be better to just do (import pinned-nixpkgs {}).rescuetime
<pistache>
yes I was going to advise him to clone nixpkgs and import it from there
<pistache>
(it seems the fixed package has not reached nixos-unstable yet)
<leungbk>
How can I install the npm package @angular/cli globally? I've tried `nix-env -iA nodePackages.@angular/cli` and some variants thereof but haven't gotten it to work.
<charukiewicz>
I'm trying to enter the nix-shell for a Haskell library I'm working with that has a tiny dependency list (base, text, and hspec), but for some reason it seems to be recompiling a mountain of packages as well as GHC. Here's my default.nix that my shell.nix relies on: https://github.com/charukiewicz/isbn/blob/master/default.nix - Is there something I could change so that it doesn't randomly start to
rogue_koder has quit [Ping timeout: 260 seconds]
<charukiewicz>
recompile things for 45+ minutes?
<pistache>
lc: so just "(libsForQt5.callPackage ../applications/misc/rescuetime { })" should work, no need to set mkDerivation now that we use the correct callPackage variant
<lc>
I'm getting an xprop error in the output in my terminal, but it seems to be working
eoli3n_ has quit [Quit: WeeChat 2.8]
bhipple has quit [Ping timeout: 246 seconds]
rogue_koder has joined #nixos
punkj has quit [Remote host closed the connection]
bhipple has joined #nixos
eoli3n__ has quit [Ping timeout: 256 seconds]
thc202 has quit [Ping timeout: 240 seconds]
<evelyn>
dot-product[m]: no you can probably get nix to work on guixsd and it will be its own little thing. it probably won't touch guix e.g. they use different store paths
lc has quit [Ping timeout: 264 seconds]
<dot-product[m]>
I know, I am more interested in using scheme to configure nix packages. I am currently working on installing the GUIX package manager on my (NixOS) system to see if I can change things to work with nix packages.
aveltras has quit [Quit: Connection closed for inactivity]
<cole-h>
dot-product[m]: There's also a test module to use guix posted in the comments of that PR by the author
<dot-product[m]>
TBH Nix is kind of not that great of a language in itself and I enjoy using lisps in general. Like basically my litmus test is that while I can write code in Nix I would never choose it to write a project in as it tends to be not that great. I might very well write a project in scheme though (or another lisp. Lisps as a whole are very interchanagable.).
<pie_>
the only thing i've been able to figure out is it works fine with 19.09 but not with anything newer
<pie_>
and i have no idea whats going on with those llvm sybols
<pie_>
sy does llvm end up referring to symbols from like 20 different glibc versions?
rogue_koder has quit [Remote host closed the connection]
rogue_koder has joined #nixos
<pie_>
this is if i use cabal repl with
<EdLin>
I'm trying to get CUPS to work with my PS compatible HP printer that has IPPS/IPP. The test page always says "the printer is in use" and does not print.
smatting has quit [Ping timeout: 264 seconds]
asbachb has quit [Ping timeout: 245 seconds]
andromeda-galaxy has quit [Ping timeout: 260 seconds]
<EdLin>
there we go.
<EdLin>
nevermind. :)
<pie_>
:D
braunse has joined #nixos
braunse_ has quit [Ping timeout: 272 seconds]
sigmundv__ has quit [Read error: Connection reset by peer]
<cole-h>
EdLin: What was the issue? Just impatience? :P
<EdLin>
didn't append /print to the URI
<cole-h>
Haha
<EdLin>
hey, it's the first time I tried while not using the printer driver.
<EdLin>
printer supports CUPS built in.
<EdLin>
and postscript too, so filters aren't needed... :P
<cole-h>
Not making fun of you :D Just entertaining that the solution was so simple
<EdLin>
now it's reporting a paper jam, but no paper is being fed?
<EdLin>
sigh...
* EdLin
throws HP anything out the window now
iqubic has joined #nixos
<cole-h>
:D
<sjanes[m]>
Unfortunately in my experience, just about every printer out there ships with the worst possible timeline of supporting software because... well, you've already bought it--there's no need to make it functional.
nuncanada has quit [Read error: Connection reset by peer]
markus1199 has quit [Ping timeout: 272 seconds]
butcher has joined #nixos
gustavderdrache has quit [Quit: Leaving.]
dedz has quit [Ping timeout: 256 seconds]
lc has joined #nixos
rogue_koder has quit [Ping timeout: 246 seconds]
<Henson>
so, I finally got my networking.firewall.extraCommands stuff figured out, and there are a lot of perils in using this command. Is anybody here well-versed in NixOS firewall stuff so I can discuss what I encountered?
leungbk has quit [Ping timeout: 256 seconds]
felixfoertsch23 has joined #nixos
jluttine has joined #nixos
felixfoertsch has quit [Ping timeout: 272 seconds]
felixfoertsch23 is now known as felixfoertsch
numkem has quit [Ping timeout: 240 seconds]
rogue_koder has joined #nixos
hmpffff has joined #nixos
codygman has quit [Read error: Connection reset by peer]
codygman has joined #nixos
hmpffff_ has quit [Ping timeout: 265 seconds]
mrpi has quit [Quit: killed]
Scriptkiddi has quit [Quit: killed]
ajs124 has quit [Quit: killed]
das_j has quit [Quit: killed]
ajs124 has joined #nixos
mrpi has joined #nixos
das_j has joined #nixos
Scriptkiddi has joined #nixos
m0rphism has joined #nixos
chagra_ has quit [Ping timeout: 246 seconds]
freeman42x[m] has quit [Quit: Connection closed for inactivity]
<andi->
Henson: shoot
punkj has joined #nixos
<Henson>
andi-: so, I tried adding things with the networking.firewall.extraCommands. I talked to clever earlier about whether I should use the built-in nixos-fw and related chains, or the iptables INPUT, OUTPUT, etc chains. Clever suggested the nixos chains....
<Henson>
andi-: I also tried using the nixos-fw-accept and related chains for the targets for my rules...
<Henson>
andi-: but then I discovered some serious problems. Whenever I use the nixos-fw-accept or other targets, it prevents them from being cleaned up properly on reload and restart because there are still references to them...
<Henson>
andi-: and in the case of NAT connections I found that the nixos-nat-pre and nixos-nat-post chains weren't actually created in one circumstance (later that changed and they were there). So it seemed as though assuming the built-in NixOS chains are there isn't that great of an assumption...
<andi->
Yeah, I usually just make up my own and have a wrapper function that creates both the create and the delete function
<Henson>
andi-: and partway through all of this I discovered that for every creation command in extraCommands, I needed to add a deletion command in extraStopCommands. But not only that, I need to append "|| true" to it in order to prevent trying to delete something that hasn't been created from causing an exit code 1 failure...
<andi->
Since day 1 of using NixOS I've had the idea to have structured firewall rules that fix that...
<andi->
Yeah that || : is an essential part :/
<andi->
For my latest project I've started using `nft` since that is a lot more declarative and the cleanup just works (tm)
<Henson>
andi-: and furthermore, any error that you make in doing this, which causes the firewall.service to fail, causes the firewall not to be restored correctly. There were many times that the jump to nixos-fw was not added to the INPUT table, and since INPUT is ACCEPT by default, cause my system to be left wide open many times. I think if I were to call "systemctl restart firewall.service" that may..
<andi->
If you are stuck with iptables I'd recommend just using `ferm` and writing a converter from `networking.firewall.alowed…` to ferm
<Henson>
andi-: have restored the firewall back to the state when I booted the system. Fortunately I was doing "nixos-rebuild test" for all of these and could just reboot.
<andi->
Yeah, I feel your pain...
<Henson>
andi-: but none of this was clear when I started out, and my firewall was left wide open many times. Fortunately I was looking for this and rebooted the computer whenever it happened.
* Henson
breathes
<andi->
I think getting rid of the 80% use-cases for extraCommands is the only way forward. Also having some kind of verification before actually applying the changes.
<clever>
i also think using iptables-restore would be better for performance
quinn has joined #nixos
<clever>
but increases the complexity
<andi->
not just performance also atomic
<clever>
yeah
<andi->
either it is all correct or nothing
<andi->
but that probably breaks with all the extraCommands users
ris has quit [Ping timeout: 246 seconds]
<clever>
you would just run them after the iptables-restore, and tell them to migrate
<andi->
sure
<Henson>
andi-: I'm not stuck with iptables, it's just what I'm familiar with. "ferm" is a better tool?
<andi->
Henson: ferm is a nice wrapper for iptables
<andi->
it does syntax checks and uses iptables-restore under the hood
<Gaelan>
I'm having a really weird issue: if I try to build an SD card image from a file that includes <nixpkgs/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix>, it works fine. But if I copy that file into my own directory verbatim (except for changing relative imports to <nixpkgs> imports), it fails with error: assertion (((args) ? localSystem) -> (! (((args) ? system) || ((args) ? platform)))) failed at /nix/store/v2j8i2bzayjas4injx2j7npjni4cwwa0-nixos-20.09
<leungbk>
How can I install the npm package @angular/cli globally? I've tried `nix-env -iA nodePackages.@angular/cli` and some variants thereof but haven't gotten it to work.
<leungbk>
hlisp has quit [Ping timeout: 256 seconds]
Ralith_ has quit [Remote host closed the connection]
<cole-h>
leungbk: Define "haven't gotten it to work."
<cole-h>
Do you see an error message?
<leungbk>
error: syntax error, unexpected '@', expecting ID or OR_KW or DOLLAR_CURLY or '"', at /etc/nixos/configuration.nix
alp has joined #nixos
<cole-h>
Yep. You'll need to quote it.
<leungbk>
I'm not sure how to deal with the @ and the /
Ralith_ has joined #nixos
<cole-h>
`nix-env -iA nodePackages."@angular/cli"` is probably what you want
hlisp_ has quit [Remote host closed the connection]
<bqv>
sorry, was cheekily using this as a clipboard
<bqv>
done now :p
<leungbk>
cole-h: I'm now getting `error: attribute 'nodePackages' in selection path 'nodePackages.@angular/cli' not found`, and I've also tried `pkgs.nodePackages."[...]"`
hlisp has joined #nixos
<cole-h>
You probably need to point it to your nixpgks. Try `nix-env -f '<nixpkgs>' -iA nodePackages."@angular/cli"`
<leungbk>
cole-h: It works, thanks!
<cole-h>
:)
butcher has joined #nixos
<euank>
There's a couple packages that like having both git tag and revision in `--version` (i.e. containerd/runc/docker). They right now use `fetchFromGitHub rev = vx.y.z` to build a specific tag. Adding a commit variable just to plumb into `make COMMIT=$hash` seems like it would be easy for that variable to get out of date...
<euank>
But doing a full clone to do `rev-parse HEAD` and get the commit seems slower and worse than what fetchFromGitHub defaults to
<euank>
I see two possible solutions here that don't require manually updating a commit nor cloning a git repo to build
<euank>
1) Adding a resolveGithubRevision function that can go from a tag to a revision using `api.github.com`, or 2) add a package update script that does said resolution and is used to update the tag + commit, thus removing the manual bit there
<euank>
I've seen a few packages that have update scripts of some sort with them. I haven't dug around to see if there's anything akin to the 1st option there already in use
cole-h has quit [Quit: Goodbye]
<euank>
I guess my very vague question is: "do either of those things seem better or worse? Do either of them seem reasonable?"
fabianhjr has quit [Quit: Leaving.]
leungbk has quit [Remote host closed the connection]
alp has quit [Ping timeout: 256 seconds]
<Fare>
I inspected the docker output to determine what was taking so much space in my images... and the answer is, 1GB of .git for nixpkgs!!!
<Fare>
just wow
cjpbirkbeck has quit [Quit: cjpbirkbeck]
<{^_^}>
[nixpkgs] @vcunat opened pull request #87237 → gcc10, gfortran10, gnat10: init at 10.1.0 → https://git.io/JfcCi
alp has joined #nixos
nbrspo^ has quit []
tsrt^ has joined #nixos
hlisp has quit [Remote host closed the connection]
<Fare>
So... how do I get a copy of nixpkgs in the image, but with a massively stripped down git directory?
mallox has joined #nixos
rauno has joined #nixos
<bqv>
awesome. having a guix daemon pays off, now that i have a package i want to try that's packaged for guix but not for nix :D
<Fare>
bqv, what package?
<bqv>
i do find it weird how guix seems to like to "update substututes" several times in one run, though
<bqv>
Fare: jami
<Fare>
and... in the other way, could I be using the more-than-free nix kernel on a guix distribution, so I can use the wifi, etc.?
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @r-ryantm to master « mup: 6.7 -> 6.8 (#87242) »: https://git.io/Jfc8W
<asbachb>
Hi. I generate some system image via `nixos-generate`. I wonder if there's a way to bake some configuration in that image so that when I use the image I don't need to specify that configuration explicitly. Like setting a default value from false to true.
<hyper_ch>
I use it to attach files to email that are being scanned
knupfer has quit [Ping timeout: 272 seconds]
sigmundv__ has joined #nixos
splintah has quit [Ping timeout: 272 seconds]
<chvp>
I'm not trying to send mails to other machines
<chvp>
I just want local programs to be able to deliver mails locally
<hyper_ch>
:)
o1lo01ol1o has joined #nixos
pjstadig has joined #nixos
o1lo01ol1o has quit [Ping timeout: 260 seconds]
<pjstadig>
I'm on 19.03.173691.34c7eb7545d (Koi) and I'm struggling to get openjdk11 to load libsodium. I've tried overrides, but I'm not sure that's what I need or that I'm doing it right.
<infinisil>
pjstadig: Nobody can be helpful with the little amound of information you gave on the problem :)
<pjstadig>
infinisil: I'm happy to give more information :) what should I let you know?
<pjstadig>
I'm trying to dynamically load the libsodium library in the JVM, but it complains that it cannot find the library.
<simpson>
What have you tried? What did you want to have happen?
<pjstadig>
I have libsodium installed. I tried using some overrides to add libsodium to openjdk11's buildInputs, but I'm not sure that's even the right approach.
<pjstadig>
i want libsodium to be in openjdk11's environment
<simpson>
Hm. I'm not sure which libsodium binding you're using, but perhaps you want to write a derivation which uses libsodium and openjdk11 as build inputs?
jasom has quit [Ping timeout: 244 seconds]
alexherbo2 has joined #nixos
fdert has quit [Read error: No route to host]
<pjstadig>
simpson: thanks! i'll see if i can give that a try.
<{^_^}>
[nixpkgs] @zimbatm pushed commit from @max-wittig to master « gitlab-runner: 12.10.1 -> 12.10.2 (#87245) »: https://git.io/JfczX
<{^_^}>
[nixpkgs] @Mic92 opened pull request #87252 → nixos/zfs: populate PATH with needed programs for zed → https://git.io/JfczH
ggpeti[m] has joined #nixos
<{^_^}>
[nixpkgs] @utdemir opened pull request #87253 → <!-- To help with the large amounts of pull requests, we would appreciate your reviews of other pull requests, especiall… → https://git.io/Jfcz7
dermetfan has joined #nixos
fusion809 has quit [Remote host closed the connection]
alp has quit [Ping timeout: 265 seconds]
zakkor has quit [Quit: Connection closed for inactivity]
never_released_ has joined #nixos
never_released has quit [Ping timeout: 256 seconds]
sigmundv__ has quit [Remote host closed the connection]
<pjstadig>
is there an example of inheriting from an existing derivation to add a dynamic shared library?
butcher_ has joined #nixos
alp has joined #nixos
<simpson>
pjstadig: I am not a JNI expert but I am not sure that this is the right approach; I suspect that you might want to place a JRE and libsodium in the same environment, next to each other.
<simpson>
I only tested this with nix-shell. I still have no idea which binding you're using or what you're incanting to make it go.
jakob_55 has joined #nixos
MmeQuignon has joined #nixos
<pjstadig>
I think you're right. I need libsodium to be on the JVM LD_LIBRARY_PATH, so I can dynamically load it.
<pjstadig>
the current value for the Java system property "java.library.path" is "/run/opengl-driver/lib:/run/opengl-driver-32/lib:/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib"
jakob_55 has quit [Quit: Leaving]
<pjstadig>
simpson: I tried your derivation and got the same error: variable $src or $srcs should point to the source
<fgaz>
so... anyone have any idea about that cross toolchain?
cjpbirkbeck has quit [Quit: cjpbirkbeck]
virus_dave has quit [Ping timeout: 272 seconds]
virus_dave_ is now known as virus_dave
o1lo01ol1o has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
sethetter_ is now known as sethetter
hlisp has joined #nixos
splintah has joined #nixos
o1lo01ol1o has joined #nixos
<{^_^}>
[nixpkgs] @symphorien opened pull request #87261 → nixos/tt-rss: small improvements → https://git.io/Jfcra
<{^_^}>
[nixpkgs] @peti pushed to release-20.03 « cabal2nix: update from version 2.15.0 to 2.15.3 »: https://git.io/Jfcrw
hlisp has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « Merge remote-tracking branch 'origin/master' into haskell-updates. »: https://git.io/JfcrP
incognito9999_ has joined #nixos
incognito9999 has quit [Quit: ZNC 1.7.2+deb3~bpo9+1 - https://znc.in]
troydm has quit [Ping timeout: 256 seconds]
troydm has joined #nixos
ninjajnin[m] has left #nixos ["User left"]
<betawaffle>
on the zfs root wiki page (https://nixos.wiki/wiki/NixOS_on_ZFS) it uses partition 1 for zfs, 2 for bios, and 3 for efi. what goes into that decision? are the partition number completely arbitrary?
<{^_^}>
[nixpkgs] @arianvp opened pull request #87263 → nixos/resolved: Include dbus alias of resolved unit → https://git.io/Jfco4
<betawaffle>
if i was to put a lot of thought into this, what are the benefits of numbering them differently from their order on disk?
<gchristensen>
I think that is probably a historical accident
<qyliss>
I do mine in disk order
<qyliss>
But I haven't always
<qyliss>
It's nice if partition 1 is your main partition, maybe?
<betawaffle>
k. and the numbers i pick influence the `-partN` suffixes, right?
<gchristensen>
is it? :P
<qyliss>
Yeah
<betawaffle>
gchristensen: what numbering scheme do you use?
kcalvinalvin has quit [Ping timeout: 256 seconds]
<gchristensen>
I don't think I use an intentional scheme :)
<betawaffle>
fair enough
<betawaffle>
i'll go with disk-order
kcalvinalvin has joined #nixos
<betawaffle>
is there any benefit to leaving unused space at the end of the disk? ie. for swap and/or ssd over-provisioning?
<bqv>
oh
<bqv>
by the way
<bqv>
you know how i was on about having used btrfs for years and years without any disk corruption
<bqv>
turns out that's just because i'd never used quotas
greymalkin has quit [Ping timeout: 256 seconds]
<bqv>
i turned them on recently and within 3 days had quite a lot of corruption
<bqv>
praise be to rollbacks
<betawaffle>
ahh. well luckily i'm gonna use zfs
<bqv>
i know, you just reminded me
<bqv>
i still refuse to use zfs
<bqv>
but at least now i know i can just not use quotas and be ok
<niso>
bqv: did you try to pass a btrfs subvolume to a nixos-container?
<gchristensen>
betawaffle: modern ssds are well overprovisioned and don't need the extra space really
<betawaffle>
i'm interested to hear your reasons bqv
alexherbo2 has joined #nixos
<betawaffle>
gchristensen: btw, this is a sabrent rocket 4.0
greymalkin has joined #nixos
<bqv>
niso: nope, never tried that
<bqv>
betawaffle: eh, mostly just preconceptions. zfs was monkeypatched in from an entire other operating system, it'll never feel right to me compared to something like btrfs
<bqv>
plus, i know and am intimately familiar with btrfs
<betawaffle>
gchristensen: and with 64 g of ram, i don't really need on-disk swap either
<niso>
bqv: i see, thx
<betawaffle>
bqv: i understand the feeling. i look forward to bcachefs
<bqv>
niso: my set up is /nix on it's own sub, the nixos root on it's own sub, and /home on it's own sub, plus a few other misc subs that aren't important
<bqv>
yeah
jperras has quit [Ping timeout: 256 seconds]
<niso>
bqv: why /nix on it's own sub?
<betawaffle>
i think i'm going to go with some variations of the datasets described in gchristensen's blog posts
<niso>
bqv: i was asking since systemd-nspawn seems to support btrfs-subvolumes, which, in theory, would be awesome for backups
<bqv>
niso: so it can be shared across systems, and so i can fiddle it specifically without affecting the rest of a system
<bqv>
ah, cool
jperras has joined #nixos
<niso>
bqv: ah, makes sense, nice :)
<betawaffle>
i'd like someone to write a comprehensive guide on keeping secrets out of the nix store
<bqv>
(this nixos's /nix actually started out on gentoo, which is pretty cool :p)
<niso>
betawaffle: are there other options than a) working with filepaths as strings b) using nixops to manage secrets?
<betawaffle>
niso: nixops doesn't seem like it would be a good fit for a workstation though...
<gchristensen>
not really needed anyway
<niso>
betawaffle: i've read of a couple of people who are suing nixops to deploy to localhost (i'm actually just in the process of migrating to that too)
<betawaffle>
is nixops still a bunch of python scripts?
<niso>
betawaffle: yes
<betawaffle>
not sure why i distrust scripts so much in general (shell, python, perl, etc)
* niso
is wondering why tools like nixops are written in python rather than haskell
<bqv>
would you rather it was written in node.js
<betawaffle>
bqv: definitely not!
<bqv>
:p
<bqv>
silver linings
<betawaffle>
i'd be cool if everything was written in stuff like zig, rust, haskell, etc
<betawaffle>
i find those more trustworthy (well, not zig quite yet)
<gchristensen>
I'm not sure why nixops would be written in haskell
<gchristensen>
at its core it is two shell commands: nix-build; nixos-rebuild --targetHost ....
<bqv>
i too, find myself less trusting of nontrivial things being written in scripting languages
<booterror>
And I want to know if using btrfs is better than lvm+ext4
<niso>
gchristensen: typesafety would be quite nice, e.g. i was running into somewhat cryptic errors due to the dynamic way nixops uses dicts (atleast with the hetzner backend)
<bqv>
booterror: eminently, yes
<simpson>
Interesting, seeing the same mistake in two different ways.
<betawaffle>
booterror: depends on your needs, but presumably feature-wise yeah
<simpson>
booterror: Nope, not really. If you're concerned, set up two systems and do benchmarks to test.
<maddo>
what's the difference in nixos between hplip and hplipWithPlugin?
<simpson>
betawaffle, bqv: Nope, not really. If you're concerned, implement nixops in two different languages and do benchmarks to test.
<gchristensen>
niso: gotcha, hopefully NixOps 2.0 will deal with and eliminate most of those errors
<maddo>
as in, would hplip without plugin work?
<bqv>
simpson: never said speed was my concern :p
<booterror>
I use lvm for dynamic volume creation and resizing, and snapshotting only
jb55 has quit [Remote host closed the connection]
<betawaffle>
so now i've got another question... i want to use the same computer for work and personal stuff, and i want to use nixos for both. but my work requires some system settings and some services that i'm not interested in having around outside of work
eoli3n__ has quit [Ping timeout: 256 seconds]
jb55 has joined #nixos
<niso>
question about nixops: are there plans on using kexec as a plugin/backend to provision soon-to-be nixos machines?
<gchristensen>
betawaffle: you can have specialisations so you can swap between two versions of your system
<betawaffle>
can i do some kind of lightweight dual-booting of slightly different nixos systems sharing most stuff?
<simpson>
bqv: Then benchmark for bugs, using something like a fuzzer. What *is* your concern? I'm merely observing the tribal nature of discourse about programming languages.
<betawaffle>
gchristensen: what does the workflow look like there?
<MichaelRaskin>
booterror: I have exactly one reason I use BtrFS for store (on top of LVM2, though, next to ext4 /home): dynamical inode allocation
rogue_koder has quit [Remote host closed the connection]
<bqv>
simpson: i said it, i just trust it less. it's not necessarily a rational concern, but i'm not obliged to like all software equally...
<gchristensen>
betawaffle: on stable, not quite as nice as unstable -- but: nesting.clone = [ { services.somethingextra = true; ... } ] and then sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration
rogue_koder has joined #nixos
<gchristensen>
niso: sounds like a cool idea
<betawaffle>
gchristensen: where does `fine-tune` and `child-1` come from?
<simpson>
bqv: Of course. It's just confusing to me. To trust something is to be vulnerable to it; it seems strange to trust *any* code above other code.
<gchristensen>
betawaffle: this is exactly why it isn't so nice on stable :P
magnetophon has quit [Ping timeout: 260 seconds]
<betawaffle>
what's it like on unstable?
<niso>
gchristensen: thanks, credits to clever
<betawaffle>
tbh, for a workstation unstable seems reasonable. doesn't it?
<bqv>
i don't necessarily trust x written in haskell just because it's written in haskell, but i'm definitely more likely to trust it than any given y written in python
<gchristensen>
betawaffle: specialisation.example-sub-configuration.configuration = { somethingextra ... }; then sudo /run/current-system/specialisation/example-sub-configuration/bin/switch-to-configuration test
<niso>
bqv: agree
<betawaffle>
and the `test` part is just to make it non-persistent on reboot, right?
<niso>
simpson: also imo maintenance of scripting languages is way more difficult
<betawaffle>
and how do you switch back?
<simpson>
niso: How so? In any language, when a library or construct changes, the code may also need changes, and I can imagine how choice of language impacts that, but I don't really know what a "scripting language" is or why they're worse at it.
<gchristensen>
betawaffle: great question
<simpson>
Nix certainly doesn't know or care, AFAICT.
<gchristensen>
betawaffle: sorry, I don't know
<betawaffle>
maybe it would be a different switch-to-configuration?
<gchristensen>
yeah
<gchristensen>
but it is probably possible :P... all of my uses of it are one-way transitions
<infinisil>
simpson: I guess they meant s/scripting language/dynamically-typed language/
<gchristensen>
btw people have been pretty respectful I think and nobody seems to be a jerk herew.r.t. langs, so thanks for that
eoli3n__ has joined #nixos
<niso>
simpson: by scripting language i was refering to something un-typed. I do find refactoring way easier if the language forces me to encode why i need something (and for what), since the compiler will throw an error if i do something which goes against the previous specification
rople has joined #nixos
rople has quit [Client Quit]
<simpson>
niso: IYSS.
<niso>
s/untyped/dynamically-tyed
<booterror>
read on nixos docs that you can essentially host your system's packages for another machine to install packages, that sounds cool actually
<fgaz>
betawaffle: there's a nixops alternative that's written in a static compiled language (go maybe). let me look it up
<booterror>
useful for people with network limitations
rople has joined #nixos
<gchristensen>
simpson: it might be time to drop it :P
vidbina has joined #nixos
<booterror>
Can that be used to derive a sync state as in 2 machine have same set of packages and one updates based on the packages of the other machine?
<simpson>
gchristensen: It seems so. I hope that you can understand why I often sense that there are memetically-driven irrational opinions about programming languages, and why I dislike the resulting tribalism.
lunik1 has quit [Read error: Connection reset by peer]
lunik10 is now known as lunik1
zupo has joined #nixos
<gchristensen>
edef: "2020-05-01 01:54:05 julm damned, using a /nix/store over a ZFS dataset using normalization=formD breaks the libsass unpacking, which contains two directories whose names have the same normalization :("
<emily>
betawaffle: I name my system pools after the host
magnetophon has quit [Ping timeout: 258 seconds]
<betawaffle>
this'll be on NVMe, should i set autotrim=on?
<edef>
gchristensen: oof
<gchristensen>
betawaffle: I wouldn't, no, nixos will schedule a regular trim anyway and that'll have less load on your storage
<betawaffle>
k
mallox has quit [Quit: WeeChat 2.8]
proofofkeags has joined #nixos
<betawaffle>
what do people thing about atime=off vs relatime=on ?
<emily>
atime has no value unless you use one of the few programs that look at it
<fgaz>
Wait is there an option for scheduled trim?
<emily>
or care about strict POSIX compliance
<gchristensen>
I'm an atime=off kind of person
<julm>
gchristensen: more precisely, the utf-8 sequence is not invalid, it's two unicode sequences that normalise to a same sequence, hence producing a filename conflict when the filesystem (ZFS here) enforces the normalizing of filenames
<gchristensen>
julm: yeah
<gchristensen>
julm: but the lesson is the same: a package could do it, a package did do it, a package will do it :P
<julm>
:)
<betawaffle>
so i want mountpoint=none on my pool and mountpoint=legacy on each of the datasets that i actually want mounted, right?
<betawaffle>
none will be inherited for all the intermediate datasets that are just supposed to be containers for mounted datasets?
plutes has quit [Ping timeout: 246 seconds]
lsyoyom has quit [Ping timeout: 258 seconds]
jluttine has quit [Ping timeout: 256 seconds]
<maddo>
fgaz: fstrim.service comes pretty much by default on every distro nowadays
<maddo>
once a week is the generally accepted consensus
jluttine has joined #nixos
<maddo>
betawaffle nowadays, relatime basically packs every advantage of noatime with none of its drawbacks
<maddo>
if you're using something like a text based email client (like I am) you definitely want relatime instead of noatime
<betawaffle>
for my "root" dataset (mounted at /), if i go with gchristensen's style of rolling back to an empty snapshot on every boot, does it make sense to use `sync=disabled` for it?
<betawaffle>
since by definition i wouldn't care about that data being preserved
<emily>
maddo: hm, does maildir require atime with mutt et al. or is that only for mbox?
<emily>
seems like a good reason to move off mbox if the latter
jasom has joined #nixos
<gchristensen>
sure, betawaffle
<xfix>
i want to say if a software depends on atime, it's likely broken, that vaue is likely never particularly reliable
<xfix>
* i want to say if a software depends on atime, it's likely broken, that value is likely never particularly reliable
<betawaffle>
so here's what i've got, let me know if anything seems wrong: `zpool create -o ashift=12 -O acltype=posixacl -O compression=lz4 -O dnodesize=auto -O mountpoint=none -O relatime=on -O xattr=sa -R /mnt rpool $DISK-part2`
<gchristensen>
interesting, dnodesize
<betawaffle>
"Consider setting dnodesize to auto if the dataset uses the xattr=sa property setting and the workload makes heavy use of extended attributes."
<exarkun>
on CI-as-a-service (eg circleci) I sometimes have nix builds get killed because (as far as I can tell) resources for the job (memory I guess) have been exhausted
<exarkun>
are there any better options for dealing with this situation than playing with --max-jobs and --cores?
<exarkun>
It seems like a shame to turn jobs down to 1 when 90% of builds could run 2 or 4 in parallel and there are just one or two that need the whole system to themselves
<maddo>
emily the latter I believe
<maddo>
and xfix: correct
<maddo>
that's why a migration to maildir is generally preferrable nowadays
<emily>
exarkun: so, stdenv passes -l to make with the same value as -j, which tries to make it avoid going over a certain load average
<emily>
exarkun: in theory if all your builds cooperate to avoid using up too much CPU then you can run more of them in parallel without overloading things
<emily>
this is probably only applicable if you have parallel builds that aren't picking that up from the usual make machinery though
<exarkun>
pretty sure a bunch of my problematic builds don't do t hat
<exarkun>
the specific package that raised this issue for me is a python package, not using make anywhere
<emily>
maybe you can try and get them to limit their CPU then (but it's dependent on support in the build system implementing the job schedulign)
<exarkun>
it has -j but no -l equivalent afaict
<exarkun>
I wonder how effectively high load proxies for "you're about to get oom killed"
<emily>
I feel like "cgroups" is the answer to these resource limiting questions but I don't know how those can be integrated with Nix builds if at all
<exarkun>
"the build system has to cooperate" is a useful answer though, I suppose eventually I could fashion a solution out of that
<emily>
ultimately if you can't stop the builds increasing memory pressure then you pretty much just have to run fewer of them I think
<exarkun>
just wondered if I was missing a "--this-job-needs-to-run-alone=somename"
KeiraT has quit [Remote host closed the connection]
<emily>
exarkun: you could mark those jobs as big-parallel and use remote builders to ship them off to a less contended host
vuko has quit [Quit: leaving]
<emily>
that's what nixpkgs does
vuko has joined #nixos
KeiraT- has joined #nixos
<exarkun>
if I had a fancier CI system maybe :)
<emily>
i guess that doesn't really fit in with circleci, but
<exarkun>
perhaps someday
<emily>
maybe you can do a thing where you build the small jobs in parallel in one CI task and the big ones sequentially in another
<exarkun>
Hm, yes probably
<azazel>
exarkun: just wondering, which part of the build ? The "instantiate" or the store realize?
<exarkun>
I have thus far managed to avoid internalizing a sound understanding of those two concepts
<emily>
"nix evaluation" vs. "running builds"
<emily>
is a simpler way of thinking about it
<emily>
if you're running out of memory in the former then you're probably doing horrifying things though
KeiraT- is now known as KeiraT
<exarkun>
The latter, then. The problem most commonly comes partway through the test suite for one particular package.
<betawaffle>
the home one will behave as expected, right?
<betawaffle>
(it'll still mount my user directory, right?)
<emily>
betawaffle: ashift might want to be 13 depending on your hardware
<emily>
unfortunately it's pretty hard to find conclusive answers
<gchristensen>
I think you'll need to specify a mount for it
<betawaffle>
emily: this is a sabrent rocket nvme
<emily>
you might also want compression=on rather then =lz4
<azazel>
ah, so if it's the testing, how it's different than a situation with another build tool?
<betawaffle>
emily: because better compression might be chosen?
<emily>
yeah, zfs supports zstd as of recently
civodul has joined #nixos
<exarkun>
azazel: Maybe it isn't different at all. This is problem. There are many others like it but this one is mine. ;)
johnjay has quit [Read error: Connection reset by peer]
<emily>
betawaffle: also, can I recommend full disk encryption? ZFS' native encryption is pretty great
<emily>
(less of a clear-cut choice for a server though)
johnjay has joined #nixos
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<betawaffle>
emily: slightly worried about forgetting the key, tbh
<emily>
write it down and put it in a afe place and it's still better than no encryption whatsoever :) but yeah, it's a tradeoff
<emily>
I've found I'm thankfully pretty good at memorizing diceware passphrases, but I store my disk encryption keys in my password manager just in case
morgrimm has joined #nixos
<hyper_ch>
emily: pass?
<betawaffle>
i may enable encryption on a per-user basis or something
<hyper_ch>
zfs encryption works well, been using it since it was introduced... there's however a small issue under certain circumstances
mauli has joined #nixos
<emily>
hyper_ch: 1password; pass doesn't meet my needs unfortunately (mainly metadata encryption, but the browser autofill quality seems lower too)
<betawaffle>
emily: i'm also not worried about my disks getting into the wrong hands
<emily>
I would prefer something tied to my yubikey though, so pass has that going for it
<emily>
hyper_ch: browser autofill is actually an important security feature, beyond being convenient. phishing prevention is one of the biggest benefits of a password manager
<emily>
and the clipboard isn't exactly a secure channel in many ways
<hyper_ch>
I see browser as dangerous tools that can't be trusted with access to passwords
<azazel>
exarkun: what I meant was that maybe it isn't really a nix problem, but a problem with the way the testing is done, and so that you can look up for solutions in a broader community other than the nix one. But I'm sure you thought of it. In my CI jobs I tend to maintain a control over the CI workers so I have better control of their config when they run the jobs
<betawaffle>
gchristensen: if that's the case, should i leave home as mountpoint=none?
<emily>
hyper_ch: shrug, you can do autofill with a process-separated architecture. 1password does on mac/windows, you can even code it yourself with pass, all you need is the browser to spit out a domain name and the credentials data to come back after user approval
plutes has joined #nixos
<hyper_ch>
emily: I don't trust browsers :)
butcher_ has quit [Ping timeout: 260 seconds]
<exarkun>
azazel: Ah, I see. Yes, indeed. The problematic package definitely has a number of questionable decisions in its test suite. That's a problem it's going to take a while to work through, alas.
<emily>
this model doesn't involve trusting browsers, though?
<emily>
the amount of trust is "you manually decide to give it the password for a site". the only way to avoid that is never logging into anything with your browser
<emily>
hyper_ch: also, generally on desktop linux as soon as you copy something from pass output to paste into your super secure ssh terminal or whatever, your browser could easily read it from the clipboard and exfiltrate it to a malicious server, so if you're this worried about your browser process getting access to your passwords then just avoiding autofill extensions is not nearly enough
evanjs has joined #nixos
<emily>
sorry for the offtopic though, this is probably more -chat material >_>
orbekk has quit [Ping timeout: 256 seconds]
orbekk1 has joined #nixos
<{^_^}>
[nixpkgs] @ryantm merged pull request #87215 → jitsi: use X-Internet for desktop categories → https://git.io/JfcvO
<{^_^}>
[nixpkgs] @adisbladis opened pull request #87268 → nixos-container: Use new configuration & state directories → https://git.io/Jfc1G
kqb has joined #nixos
kqb2 has joined #nixos
kqb has quit [Client Quit]
kqb2 has quit [Client Quit]
kqb has joined #nixos
kqb has quit [Client Quit]
chagra has quit [Ping timeout: 256 seconds]
zeta_0 has joined #nixos
zupo has joined #nixos
vidbina has quit [Ping timeout: 256 seconds]
ddellacosta has joined #nixos
<viric>
these days I have some problems with some systemd time synchronisation service in 20.03
proofofkeags has quit [Ping timeout: 258 seconds]
<viric>
Network Time Synchronisation. I didn't care so far
drakonis has joined #nixos
<{^_^}>
[nixos-search] @garbas pushed to fix-search-on-correct-index « make request to the right search page, fixes #4 »: https://git.io/Jfc1H
<{^_^}>
[nixos-search] @garbas opened pull request #7 → make request to the right search page, fixes #4 → https://git.io/Jfc1Q
hlisp_ has joined #nixos
<zeta_0>
i finally got ihaskell `somewhat` working in my (lorri+direnv+emacs-direnv) setup, in a lorri shell, whenever i type either: ihaskell/ghc/jupyter --version commands, all the binaries are being detected in emacs shell(M-x shell), but whenever i run: M-x ein:run, these errors are thrown? https://dpaste.org/00Wk
<nopsled>
hello; are there any good resources around for patching ubuntu executables to run on nixos?
chagra has joined #nixos
<simpson>
nopsled: There's the FHS user environment: https://nixos.org/nixpkgs/manual/#sec-fhs-environments However, since most software on Ubuntu is open source, you'll likely have a better time using the versions from nixpkgs, or packaging whatever's missing.
<thefenriswolf>
not sure if this is user error but for me a nix-channel --update fills up my ram completely
<xfix>
yeah, you may want to use swap with ZFS
<thefenriswolf>
I know arc is supposed to use as much ram as possible, but this seems a little extreme
beww has joined #nixos
<xfix>
when a program suddenly requests a lot of use RAM, ZFS may not free up RAM quickly enough
<xfix>
a lot of RAM*
<thefenriswolf>
I tried restricting max arc size with boot.kernelParams = ["zfs.zfs_arc_max=xyz"] but it seems to be ignored
<xfix>
this isn't arc related
<xfix>
it's just how ZFS works
bew has quit [Ping timeout: 246 seconds]
<betawaffle>
thefenriswolf: i'm setting a zfs root up right now!
proofofkeags has joined #nixos
<thefenriswolf>
arc is the read cache stored in ram, I just want it to not eat my whole ram
hlisp_ has quit [Ping timeout: 272 seconds]
proofofkeags has quit [Remote host closed the connection]
hlisp has joined #nixos
<xfix>
have a swap partition, or if you don't want one, use zram to have swap in RAM
proofofkeags has joined #nixos
proofofkeags has quit [Remote host closed the connection]
lunik1 has quit [Quit: :x]
proofofkeags has joined #nixos
<thefenriswolf>
betawaffle tell me how it went
<thefenriswolf>
xfix thanks
<betawaffle>
it's going well so far
proofofkeags has quit [Remote host closed the connection]
<thefenriswolf>
the install went really smooth for me as well, I just had the issue that the arc doesn't free ram quickly enough and the kernel oom killer kicks in if I want to use a little ram
lunik1 has joined #nixos
proofofkeags has joined #nixos
proofofkeags has quit [Remote host closed the connection]
<xfix>
yeah, having swap is a good idea
proofofkeags has joined #nixos
<gchristensen>
I'd rather have oom and get things killed
<xfix>
don't make your swap huge then, even 512MB of swap will do
lunik1 has quit [Client Quit]
<thefenriswolf>
will do thanks, can I set up my swap across a raid0 with mdadm?
<xfix>
Linux managed memory a bit differently when you have any swap
<xfix>
manages*
justanotheruser has quit [Ping timeout: 252 seconds]
<xfix>
even zram should be fine if you really don't want to reserve space on disk for swap
<azazel>
Let's just say that Linux without swap fails to cope with memory pressure
lunik1 has joined #nixos
<viric>
Running two "nix-env -i" in parallel still produces an env missing one of the two. :)
<viric>
^ niksnut :)
<thefenriswolf>
thanks guys you were really helpful
<betawaffle>
thefenriswolf: how much ram do you have?
<thefenriswolf>
16G
lunik1 has quit [Client Quit]
ultranix has joined #nixos
<azazel>
do you plan to put it to hibernation?
<xfix>
my recommendation: put `zramSwap.enable = true;` into your configuration.nix, this will create swap in RAM
<azazel>
sometime I mean
<est31>
running without swap for years
<est31>
if you are under memory pressure, swap wont help you much either
<est31>
yeah it'll prevent a freeze so that you can close apps
<est31>
but that's it
<xfix>
are you using ZFS?
<est31>
sysrq will still work
<thefenriswolf>
azazel no, this machine never hibernates
<xfix>
i think not having swap is viable when not using ZFS
<{^_^}>
[nixpkgs] @blitz opened pull request #87273 → virtualbox: Fix build issue due to open-watcom-bin → https://git.io/Jfcy0
waleee-cl has joined #nixos
erasmas has joined #nixos
<azazel>
est31: If I just could remember the sysrq magic keys when I need them!
<est31>
you can use acpi reboot if you want as well
<est31>
issue is that it wont save opened files
<ultranix>
hello, does the generic builder not know how to extract a *.gz file? seems basic to me
<est31>
but that's what you got journaling file systems for :p
dedzy has joined #nixos
<azazel>
w/o swap my X session just freezes slowing down responsiveness to ages
<xfix>
REISUB, if you need mnemonic
<xfix>
reverse of BUSIER
<est31>
yeah
<xfix>
Reboot Even If System Utterly Broken
<est31>
the advantage of this is that it unmounts the fs cleanly
<est31>
unsaved work will still be lost but at least the journal doesnt have to be consulted any more at next boot
<est31>
the solution to memory pressure is to buy more ram
<azazel>
xfix: mmm you lost me, but I remember from the days when kernel compilation was normal stuff that the sysrq keys had to enabled explicitly at compilation time... are they available by default?
<est31>
not to put wear on your SSD or defer to slow HDD
dedz has quit [Ping timeout: 264 seconds]
<xfix>
well, yes, you need to enable SysRq, because for whatever reason systemd breaks it by default
civodul has quit [Read error: Connection reset by peer]
dedz_ has quit [Client Quit]
dedzy has quit [Ping timeout: 256 seconds]
growpotkin has joined #nixos
nschoe_ has joined #nixos
nschoe has quit [Ping timeout: 260 seconds]
hlisp has joined #nixos
__monty__ has joined #nixos
plutes has quit [Ping timeout: 260 seconds]
civodul has joined #nixos
<{^_^}>
[nixpkgs] @CheariX opened pull request #87277 → <!-- To help with the large amounts of pull requests, we would appreciate your reviews of other pull requests, especiall… → https://git.io/JfcHl
<betaboon>
is it possible to set the NIX_PATH that lorri uses from within the shell.nix ?
<{^_^}>
[nix] @balsoft opened pull request #3577 → Improve 'waiting for' message by supplying a reason for the message → https://git.io/JfcH4
<balsoft>
BTW Please review https://github.com/NixOS/nix/pull/3564 if you have some time. It's a pretty annoying issue and I hope to get this merged in time for 2.4.
<{^_^}>
nix#3564 (by balsoft, 3 days ago, open): Wait for build users when none are available
oida has joined #nixos
<balsoft>
It's especially annoying because of 32 build users by default on NixOS, which can cripple performance when you run 4 nix-build commands in parallel on an 8-core machine. I believe that after this is merged in nixpkgs, we can rather safely set the default nrBuildUsers to maxJobs in 21.03.
hlisp has quit [Ping timeout: 272 seconds]
splintah has quit [Ping timeout: 264 seconds]
<{^_^}>
[nixpkgs] @Luflosi opened pull request #87283 → dino: allow newer versions of libsignal-protocol-c → https://git.io/JfcdC
webster23 has joined #nixos
<betawaffle>
what fonts can be given to `console.font`?
<betawaffle>
can i use a font from my `fonts.fonts` list?
<{^_^}>
[nixpkgs] @1000101 opened pull request #87284 → blockbook: fix go version → https://git.io/Jfcdw
<niso>
betawaffle: it seems to accept any font which is supported by setfont
xcmw has quit [Client Quit]
<niso>
betawaffle: for documentation on the format you can check "man setfont"
shuwan4games has quit [Quit: exit]
<the_pumpkin_man[>
Hello, I am trying to figure out how to write Nix expressions, I already had a look at the Nix manual and to Nixpkgs manual. Now, how do you package something ? Like how do you figure out dependencies, test the expression, etc ?
<betawaffle>
for some reason that manpage isn't helpful. i must be missing some underlying information
<aanderse>
whats the quickest and easiest way to create a nixos container that uses my ~/nixpkgs checkout?
<cole-h>
`<command to create container> -I nixpkgs=~/nixpkgs`?
<cole-h>
:D
<cole-h>
(sorry, I don't know how to create a container on NixOS0
<balsoft>
aaron: access happens at eval time on your host machine
<balsoft>
aaron: the container is isolated from your host system. And you won't be able to access your $HOME in the container.
oborot has joined #nixos
<balsoft>
However, each time you type something like /home/you/nixpkgs in nix (as opposed to "/home/you/nixpkgs") it's a path and not a string. If you convert that path to a string, it becomes "string with context" and copies your path (/home/your/nixpkgs) to nix store, also adding that store path to your container's closure.
<niso>
cole-h: while -I nixpkgs is the fastest way it's easy to forget this flag uppon deployment (talking from experiense :/ )
<balsoft>
Which your container later accesses.
<cole-h>
niso: Fair. It was the "quickest and easiest way" I could come up with, though ;)
<balsoft>
niso: god save the flakes, we don't have to do this awkward stuff anymore
<emily>
oh joy, I can't even do that because it's a trusted user setting, and my user isn't a trusted user because trusted user means passwordless root
<{^_^}>
[nixpkgs] @peti pushed 131 commits to haskell-updates: https://git.io/JfcFc
<emily>
and even when I throw caution to the wind and run nix as root it just hard-403s... hmm :(
<emily>
I get the impression this functionality wasn't extensively tested
<cole-h>
lol
<bqv>
To be fair, it's a feature I'd never have used
<aanderse>
balsoft: hmm... i specified nixos-container create test --config-file ~/test.nix (where test.nix is a machine config that has nixpkgs.pkgs = /home/aaron/nixpkgs {}; ) but it seems to build against my channel still :\
<emily>
bqv: you'll need it once you nix flake update one too many times and start getting rate-limited
knupfer has quit [Ping timeout: 246 seconds]
knupfer1 is now known as knupfer
<balsoft>
<aanderse "balsoft: hmm... i specified nixo"> Hmm, interesting
<balsoft>
aaron: oh, I should've just RTFMed a bit, sorry
<balsoft>
In declarative containers, `containers.your-container.pkgs = import /home/you/nixpkgs {};
<balsoft>
In imperative containers, use NIX_PATH=nixpkgs=/home/you/nixpkgs
<balsoft>
Or maybe there's a better option for imperative, I don't know
<dxtr>
Hmm, let's say I am making a shell script that needs to access a file in a package but that file isn't being symlinked from /nix/store - how would I go about getting the path to said file?
<bqv>
error: /home/you: no such file or directory
hlisp has quit [Ping timeout: 258 seconds]
<balsoft>
bqv: do I seriously need to write (you: "NIX_PATH=nixpkgs=/home/${you}/nixpkgs") ?
<balsoft>
bqv: It's bound in the lambda, so fix yo interpreter
<cole-h>
A more apt reply would have been `<LAMBDA>`
<bqv>
Ah, oops. the interpreter is me, and I'm a bit lightheaded right now so misread
<aanderse>
balsoft: and we have a winner! thanks
<aanderse>
niso: unfortunately... not a winner :|
<bqv>
I'll send myself in for debugging…
Soo_Slow has joined #nixos
<niso>
aanderse: strange, since this does work with my setups (and since nixos-container loads <nixpkgs> as an arugment for config - which prolly explains the win). just an idea, if you install the package via environment.systemPackages you do get the correct version?
<aanderse>
niso: i'm more specifically interested in modules, the package is less relevant...
<{^_^}>
[nixpkgs] @AndersonTorres opened pull request #87288 → tinywm: init at 2014-04-22 → https://git.io/Jfcbx
Noisytoot has joined #nixos
chagra has joined #nixos
hlisp has quit [Ping timeout: 260 seconds]
<quiet_laika[m]>
has anyone used the haskell package text-icu under nix?
c0c0 has quit [Quit: WeeChat 2.6]
<quiet_laika[m]>
im getting a linker error: `.stack/snapshots/x86_64-linux-nix/13d609b3132405701f41f71ea00793613f4a8de2d1ace3d2aee0158da3f30e2b/8.6.5/lib/x86_64-linux-ghc-8.6.5/text-icu-0.7.0.1-JejFEKt5vpa5ez9tKsOTMT/libHStext-icu-0.7.0.1-JejFEKt5vpa5ez9tKsOTMT.a(text_icu.o):function __get_max_bytes_for_string: error: undefined reference to 'ucnv_getMaxCharSize_64'`
<quiet_laika[m]>
(and a ton more similar messages)
<betawaffle>
who here uses sway on nixos?
jakobrs has joined #nixos
<srk>
quiet_laika[m]: works for me via pkgs.haskellPackages.text-icu
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<balsoft>
betawaffle: me
<betawaffle>
got any juicy tips?
cjpbirkbeck has joined #nixos
<betawaffle>
this is _sort of_ my first time using sway
<virus_dave>
qq: Is there a reason why i wouldn't be able to supply as `patches` to a derivation, symlinks to patchfiles ? That is, `patches = [ ./some_real.path ./a-symlink.patch ];` where `a-symlink.patch` is a symlink pointing elsewhere
<niso>
aanderse: balsoft: alright, cannot reproduce, this sucessfully allows me to upgrade/downgrade the mysql server via my nixpkgs fork in an imperative container https://pastebin.com/z3CGmF7V
<cole-h>
virus_dave: If you posted code/multiline text, we on IRC can't see it. Please paste it somewhere.
<virus_dave>
If i go into repl and try to build the derivation, it fails with a "permission denied" trying to apply the symlink patch. But if i instead `:s my-der` and do `genericBuild` in the subshell, it builds just fine
<cole-h>
virus_dave: Because builds happen in a sandbox
<cole-h>
If that symlink is in your user somewhere, the builder just copies that symlink to the build sandbox and fails when it tries to read it (because the real file is not owned by the builder)
<niso>
aanderse: in my test i downgraded mysql to 5.7.25 (and re-upgraded it to 5.7.27)
<euank>
virus_dave: is there a reason you want the patch to be a symlink? I'm curious why that's desirable and maybe there's some alternative solution to the root problem you're trying to fix there
<virus_dave>
Good Q: [1] We have a monorepo using bazel internally. [2] Bazel invocation is done inside a `nix-shell` which refers to a custom local (in-monorepo) tree of nix files. This tree does things like "apply custom patchfiles to upstream wrapped nixpkgs". [3] Some tests for 1stparty code inside the monorepo actually want to invoke bazel themselves, since they're testing functionality that invokes bazel. [4] Bazel tests are executed inside a bazel sand
<virus_dave>
for the same reason nix uses one. This sandbox is populated with symlinks to the original files. [5] The tests which invoke bazel thus specify "all of the nix files" as being runtime dependencies of those tests, so they (or rather, symlinks to them) are created inside the test sandbox, within which a nix-shell'd bazel invocation happens. [6] BOOM
<euank>
And bazel is making absolute symlinks rather than relative ones? If they were relative and the nix-build src included the entire monorepo, it seems like the symlinks could resolve
<euank>
Or is it that the src includes a subset of the monorepo, and thus even a relative symlink would be outside of it and break?
<Raito_Bezarius>
is there a way to create a "data-derivation", I put there a binary and some file and I want to be able to get the path where it is stored?
<Raito_Bezarius>
I tried to set installPhase and cp -r . $out/ but that didn't work well I think
<euank>
I know there's a reasonable example in there, let me find one
<gilligan>
infinisil: can you provide docs for the poetry2nix changes that were just introduced through your merged PR please? :)
<cole-h>
virus_dave: Maybe your problem could be solved by making the symlinks be relative -- is that be possible?
eoli3n__ has quit [Quit: WeeChat 2.8]
<Raito_Bezarius>
euank: thanks!
<infinisil>
gilligan: Oh didn't even think of the readme docs
<virus_dave>
package `src` cannot be "the whole monorepo" for somewhat boring reasons. in fact, the `src` for this is an upstream <nixpkgs> that's been fetchFromGithub'd
<infinisil>
gilligan: I'll keep the PR in my notifications to do this later :)
<euank>
Hm. I guess maybe that's not super helpful Raito_Bezarius; if you have an input tarball or such, you probably need an unpack phase. If you don't, copying things over in the installPhase is reasonable
<virus_dave>
@cole-h i don't think that's possible, but i also don't see how it would help, since the whole monorepo isn't in the sandbox; only a subset of it, via "duplicated directory structure subset containing per-file symlinks into the source monorepo"
<euank>
You can override the phases that run specifically if you want more control. I guess if you have a more specific question after poking through that, I could try for it.
<cole-h>
virus_dave: Right, just got to that... Could the files be copied instead of linked? ;^)
<euank>
If you start with a tarball, doing something like fetchurl and overriding the unpack phase to `tar -C $out` can be handy to avoid having to write the files twice at least
numkem has quit [Ping timeout: 246 seconds]
Neo--- has quit [Ping timeout: 260 seconds]
<euank>
virus_dave: you need to copy in the parts of the monorepo that are referenced though anyway I think
<gilligan>
infinisil: thank you
<gilligan>
infinisil: spent some time on the README, would like to keep it up to date ;-}
<euank>
One possibility could be to have a whole-monorepo derivation that you use as a src and then copy it over including rewriting symlinks... but that sounds like a quite different setup than you've got now and like a mess to work with.
vidbina has quit [Ping timeout: 256 seconds]
<Raito_Bezarius>
euank: I indeed tried to use installPhase and copying stuff
aveltras has quit [Quit: Connection closed for inactivity]
<Raito_Bezarius>
but it's complaining during the cp
<Raito_Bezarius>
that $src does not exist or something like this
<Raito_Bezarius>
I'm forcing phases = ["installPhase"] only
<Raito_Bezarius>
it's complaining indeed that $src does not exist
eoli3n__ has joined #nixos
<Raito_Bezarius>
nevermind
<euank>
sounds like you got it working? If so, great
<Raito_Bezarius>
yes :)
<Raito_Bezarius>
euank++ thanks
<{^_^}>
euank's karma got increased to 1
<adisbladis>
gilligan++
<{^_^}>
gilligan's karma got increased to 0b1
<adisbladis>
We should totally have a PR template with docs included
<Raito_Bezarius>
Also, is there a good way to setuid a binary?
<virus_dave>
@euank @cole-h not easily (to copy rather than symlink), but it's potentially possible
<adisbladis>
Raito_Bezarius: security.wrappers
<Raito_Bezarius>
adisbladis: thanks!
<Raito_Bezarius>
adisbladis: does it edit the binary directly?
<Raito_Bezarius>
or generate a derivation?
<cole-h>
virus_dave: Maybe try disabling the sandbox and see if that works? `--option sandbox false` Disclaimer: I'm not responsible for any dead kittens
<adisbladis>
No, it's a NixOS module activation step
<adisbladis>
The store cannot contain setuid binaries
<Raito_Bezarius>
so it creates wrappers somewhere?
<adisbladis>
Yep
<Raito_Bezarius>
can I get the path somehow?
<Raito_Bezarius>
I need to some linkage
<Raito_Bezarius>
symlink*
eoli3n__ has quit [Quit: WeeChat 2.8]
<cole-h>
/run/current-system/sw/wrappers/<bin-name> I think
eoli3n__ has joined #nixos
<Raito_Bezarius>
Thanks, cole-h !
* cole-h
boots up vm to check
<cole-h>
Raito_Bezarius: I was wrong -- /run/wrappers/bin/<bin-name>
<Raito_Bezarius>
:D
<Raito_Bezarius>
cole-h++, adisbladis++ thanks!
<{^_^}>
adisbladis's karma got increased to 69
<{^_^}>
cole-h's karma got increased to 44, that's Numberwang!
<infinisil>
!
<cole-h>
infinisil: I'm extremely disappointed you don't have a special spice specifically for 69 karma (and presumably 420)
<cole-h>
>:(
<cole-h>
infinisil--
<infinisil>
:P
<cole-h>
Literally unusable
eoli3n__ has quit [Client Quit]
eoli3n__ has joined #nixos
eoli3n__ has quit [Client Quit]
eoli3n__ has joined #nixos
<Raito_Bezarius>
can I do builtins.filterSource on a nix store path?
<Raito_Bezarius>
wait, that's kinda stupid
<Raito_Bezarius>
nevermind
<bgamari>
Does anyone know what would cause nix-store --export to fail with:
<bgamari>
error: hash of path '/nix/store/l9in14pg5smp2gw1mys40zw0r8k8h7la-python-2.7.18' has changed from 'sha256:1gzxf1si048n3n65clr2a2b0qdqsxw6c2a0rb26z765922m3sb0c' to 'sha256:1127x2375rklhj6i68n10yfagqjmnqb698fliqkqnj50if34k97p'!
eoli3n__ has quit [Quit: WeeChat 2.8]
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « Merge pull request #86961 from NixOS/haskell-updates »: https://git.io/JfcpB
Noisytoot has quit [Quit: Leaving]
<clever>
bgamari: what if you run `nix-store --verify-path` on that path?
<bgamari>
clever, unfortunately this came from CI so I can't easily check
<clever>
bgamari: it sounds like something modified /nix/store after a build was done
<bgamari>
hmm
<clever>
bgamari: `nix-store --verify --check-contents` will just check every path, and report any problems
<clever>
so you could run that after the build, but before the export
<bgamari>
clever, yes, I suppose I'll need to try that
eoli3n__ has joined #nixos
eoli3n__ has quit [Client Quit]
<niso>
clever: the readme in kexec mentions that it's a copy of nixpkgs from nixos-unstable (2016), i can't find it in the current nixpkgs. is there a reason it wasn't merged?
<clever>
niso: which readme?
eoli3n__ has joined #nixos
chloekek has quit [Ping timeout: 256 seconds]
<niso>
clever: in your nix-tests repo path: kexec/Readme.md
Hedgework has quit [Ping timeout: 260 seconds]
<clever>
niso: the required changes are likely in 20.03 and probably 19.09 as well now
Forkk has quit [Ping timeout: 240 seconds]
cosimone has joined #nixos
HedgeMage has quit [Ping timeout: 265 seconds]
cruxeternus has quit [Ping timeout: 260 seconds]
devalot has quit [Ping timeout: 256 seconds]
drvirgilio has quit [Ping timeout: 260 seconds]
cransom has quit [Ping timeout: 260 seconds]
eoli3n__ has quit [Client Quit]
knupfer has quit [Remote host closed the connection]
knupfer has joined #nixos
numkem has joined #nixos
eoli3n__ has joined #nixos
<Raito_Bezarius>
is there a modulo operator in Nix?
<clever>
niso: that file within nixpkgs provides the service
alp has quit [Remote host closed the connection]
alp has joined #nixos
domogled has quit [Read error: Connection reset by peer]
devalot has joined #nixos
domogled has joined #nixos
<niso>
clever: yes, i was thinking of a higher layer of abstraction, as in: Is it possible to do something like: nix-build '<nixpkgs/nixos>' -A some.path.kexec_tarball -I nixos-config=./conf.nix and get a tarball as a build product?
<clever>
niso: just add kexec.nix to the imports list, and you should get that
<{^_^}>
[nixpkgs] @mweinelt opened pull request #87297 → [20.03] squid: apply patches for CVE-2020-11945 → https://git.io/Jfchy
aquarial has joined #nixos
alp has quit [Remote host closed the connection]
<clever>
niso: it cant be in imports normally (enless its got some config added in), because it messes with fileSystems."/"
<ghkbrew>
So, assuming that this is openGL drivers problem, I've also tried installing nixGL and running it with that
<ghkbrew>
which produces:
<ghkbrew>
nixGLIntel rstudio(process:17475): Gtk-WARNING **: 17:05:03.206: Locale not supported by C library. Using the fallback 'C' locale.Qt: Session management error: None of the authentication protocols specified are supported/nix/store/1agnjh00lpcjfpnm6fsnzzd675h2920x-qtwebengine-5.12.7/libexec/QtWebEngineProcess:
<ghkbrew>
/nix/store/mdpm4b2w8y5ybrv4rqyg98npvkwj7wg3-gfortran-7.4.0-lib/lib/libstdc++.so.6: version `GLIBCXX_3.4.26' not found (required by /nix/store/1agnjh00lpcjfpnm6fsnzzd675h2920x-qtwebengine-5.12.7/lib/libQt5WebEngineCore.so.5)Trace/breakpoint trap (core dumped)
<danimal-moo[m]>
OpenSCAD also has a QT/OpenGL fail on startup, as of a few weeks ago. I'm trying it from nixos master branch right now to see if an angel has saved it yet...
<danimal-moo[m]>
There was some sort of major QT-builder related change in nixpkgs a while ago. Lots of things broke, but they were already incorrect according to QT docs, and the breakage was the price of progress. At least, that's my interpretation of the convo on a nixpkgs github issue.
<danimal-moo[m]>
OpenSCAD is fixed on master, huge thanks my fellow Nixians! 😁
<danimal-moo[m]>
Good luck ghkbrew, hope someone can help you more directly
<ghkbrew>
thanks, that's my hope as well :)
vidbina has joined #nixos
fendor has quit [Read error: Connection reset by peer]
<ghkbrew>
Is it unusual that it's loading libstdc++ from the gfortran package? when try "ldd /nix/store/1agnjh00lpcjfpnm6fsnzzd675h2920x-qtwebengine-5.12.7/libexec/QtWebEngineProcess" it finds the libstdc++ from the gcc package which seems more reasonable
<clever>
ghkbrew: what path is libstdc++ at?
<ghkbrew>
well in the error message "/nix/store/mdpm4b2w8y5ybrv4rqyg98npvkwj7wg3-gfortran-7.4.0-lib/lib/libstdc++.so.6"
<clever>
where does ldd find it?
<cole-h>
FWIW, in a nix-shell, I also get a sigtrap upon starting
<ghkbrew>
My hypothesis is the the LD_LIBRARY_PATH set by nixGL is screwing with the seach path and making it grab the wrong libstdc++, but I don't know how it could be happening
zupo has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
eyenx[m] has quit [Quit: killed]
eyenx has quit [Quit: bye]
<danimal-moo[m]>
The nix manual has a section on using nix-shell to drop into the build environment for the target package. I've never done that, but it would be a good place to run experiments from, to check dependencies and check paths.
o1lo01ol1o has joined #nixos
<energizer>
if `nix-env -if https://...master.tar.gz` provides a binary in the environment, what's the equivalent nix-shell command? `nix-shell https://...` doesnt seem to do that
<simpson>
energizer, clever: Perhaps -A instead? I was able to start (but am not patient enough to wait for) building one of my libraries directly from GH this way, just now.
eyenx has joined #nixos
eyenx has joined #nixos
eyenx has quit [Changing host]
<clever>
simpson: nix-shell -A will give a shell suitable for building a thing, not using a thing
<Raito_Bezarius>
does NixOS support 32 bits executables on 64 bits out of the box?
<clever>
Raito_Bezarius: the kernel has it enabled, and you can easily request nix itself to fetch/build 32bit binarie
<Raito_Bezarius>
so, is there any reason why I could get "accessing corrupted shared libraries" on a 32 bits executable which seems dynamically linked but ldd shows nothing "not a dynamic executable"
<clever>
simpson: that would fetch a tar, import the default.nix within it, then shove it into the buildInputs of another dummy drv, and shell into that dummy
<clever>
Raito_Bezarius: what does file say about the binary?
dermetfan has quit [Quit: WeeChat 2.8]
<Raito_Bezarius>
clever: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /nix/store/an6bdv4phxsz14q2sk57iscl2dc7bnj1-glibc-2.30/lib/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=a38dd052a3e3d7437548fe6b604b8d5f2a2d5c0b, stripped
<clever>
Raito_Bezarius: thats a 64bit ld-linux
<energizer>
clever: is this not possible? or maybe it's what flakes is for
<Raito_Bezarius>
clever: oops, autopatchelf has done this
<clever>
energizer: you can just use import and one of the fetch functions
<Raito_Bezarius>
is there a way to fix that w/o manually doing the patchelf dance?
<clever>
Raito_Bezarius: you need to use a 32bit stdenv and kgs tree
<Raito_Bezarius>
what is kgs tree?
<clever>
Raito_Bezarius: use pkgs.pkgsi686Linux instead of plain pkgs
<Raito_Bezarius>
oh okay
<Raito_Bezarius>
i'm depending on 0 package
<clever>
then everything will be 32bit
<Raito_Bezarius>
nice
<clever>
Raito_Bezarius: get your stdenv from pkgsi686Linux too
<Raito_Bezarius>
is pkgs.pkgsi686Linux.stdenv enough?
<Raito_Bezarius>
or should I use explicit 32stdenv or something like that?
<{^_^}>
[nixos-search] @garbas pushed to second-click-on-search-does-not-trigger-search « search on page load and on second search query, fixes #5 »: https://git.io/JfCfA
<{^_^}>
[nixos-search] @garbas opened pull request #8 → search on page load and on second search query, fixes #5 → https://git.io/JfCfx
__monty__ has quit [Quit: Too slow, zaeph : /]
numkem has quit [Ping timeout: 260 seconds]
<MichaelRaskin>
Fare: BTW, trying to find out whether runtimeDeps does anything lead me to find that httpstat sets this with no effect…
<{^_^}>
[nixpkgs] @7c6f434c pushed 2 commits to release-20.03: https://git.io/JfCJ1
<{^_^}>
[nixos-search] @garbas merged pull request #8 → search on page load and on second search query, fixes #5 → https://git.io/JfCfx
<{^_^}>
[nixos-search] @garbas pushed to master « search on page load and on second search query, fixes #5 (#8) »: https://git.io/JfCJD
<{^_^}>
[nixos-search] @garbas pushed 0 commits to second-click-on-search-does-not-trigger-search: https://git.io/JfCJy
<{^_^}>
[nixos-search] @garbas pushed to netlify-and-spa « a single page app and want history pushstate to work so you get clean URLs »: https://git.io/JfCJ7
<{^_^}>
[nixos-search] @garbas opened pull request #9 → a single page app and want history pushstate to work so you get clean URLs → https://git.io/JfCJd
ddellacosta has quit [Ping timeout: 264 seconds]
user_0x58 has quit [Quit: Leaving]
splintah has quit [Ping timeout: 272 seconds]
nschoe has quit [Ping timeout: 252 seconds]
<Fare>
MichaelRaskin, no current plan for gerbilPackage-stable, though, if everything goes well, maybe next year.
<Fare>
so... just gerbilPackage-unstable.gerbil-utils ? and gerbilPackage be an alias to gerbilPackage-unstable for now? Or no gerbilPackage ?
<T0pH4t>
hello all, question is there something special about nix build that prevents connecting to s3? I'm trying to run a nix-build that downloads some test data in cmake and it fails to connect to s3. If in enter the build environment created 'env-vars file' things work fine.
<Fare>
It also doesn't look either professional or usable—just amateurish and obsessed with the wrong details.
<Fare>
T0pH4t, during the build you should be in a black box that can't see the network.
<T0pH4t>
@Fare, can i disable this??
cr4y1 has quit [Remote host closed the connection]
cr4y1 has joined #nixos
<clever>
T0pH4t: nix always disables all network access at build time
<T0pH4t>
ugg
<clever>
T0pH4t: the correct solution is to have nix download things for you, using things like pkgs.fetchurl, and to copy it to the right place
<T0pH4t>
@clever ok... so i have something int my main os /tmp directory that exist, but nix env doenst see it
<clever>
T0pH4t: it ensures that the package rebuilds properly when inputs change
<MichaelRaskin>
Fare: I normally expect gerbilPackages-unstable, and no standalone gerbilPackage helper function at the toplevel
<T0pH4t>
do things get chrooted?
<clever>
T0pH4t: nix also chroot's the whole build
<clever>
T0pH4t: only the inputs you declared in the nix file can be used and nothing else
<T0pH4t>
i see, ok @clever @fare thx
<{^_^}>
[nixos-search] @garbas pushed to netlify-and-spa « another try »: https://git.io/JfCUV
cr4y1 has quit [Remote host closed the connection]
<Raito_Bezarius>
clever: is there any way to do luks encryption using justdoit on servers?
<Raito_Bezarius>
how would you boot it?
morgrimm has joined #nixos
<Raito_Bezarius>
(i know there are few solutions to boot luks on servers but don't know what's the path of least resistance using justdoit)
<clever>
Raito_Bezarius: you would need to enable the initrd ssh stuff
<Raito_Bezarius>
in the configuration.nix in advance, right?
<clever>
Raito_Bezarius: yeah
<Raito_Bezarius>
clever: alright
<Raito_Bezarius>
clever: there should be no problem to kexec an already kexec'd system, right? :-D
<clever>
Raito_Bezarius: shouldnt be any issue
<{^_^}>
[nixos-search] @garbas pushed to netlify-and-spa « another try 2 »: https://git.io/JfCUX
slack1256 has quit [Remote host closed the connection]
o1lo01ol1o has quit [Remote host closed the connection]
<{^_^}>
[nixos-search] @garbas merged pull request #9 → a single page app and want history pushstate to work so you get clean URLs → https://git.io/JfCJd
<{^_^}>
[nixos-search] @garbas pushed to master « a single page app and want history pushstate to work so you get clean URLs (#9) »: https://git.io/JfCTg
<{^_^}>
[nixos-search] @garbas pushed 0 commits to netlify-and-spa: https://git.io/JfCTa
dnlkrgr has quit [Ping timeout: 272 seconds]
cosimone has quit [Read error: Connection reset by peer]
<Fare>
ok, and if I don't put gerbilPackages-unstable directly in all-packages, but only in pkgs.gerbil-support, what is the correct idiom to override it in an overlay?
<MichaelRaskin>
Wait, gerbilPackages-unstable is probably fine at top-level, I am only against gerbilPackage
Maxdamantus has joined #nixos
<MichaelRaskin>
But I would also expect that your overlay would just override what gerbil you feed to gerbil-support, no?