<lovesegfault>
Is there an easy way to _force_ nix-build to build the full dependency tree
<lovesegfault>
even if it's already in the nix store
<lovesegfault>
I'm trying to benchmark a build
<energizer>
bqv: you're right, i thought i checked that but mustve forgotten sudo
<clever>
lovesegfault: define "full", do you want to start at gcc?
<lovesegfault>
clever: I want to build as much as possible, basically
<lovesegfault>
I am trying to benchmark the build of rustc and of gcc
Soo_Slow has joined #nixos
<lovesegfault>
$ time nix-build '<nixpkgs>' --arg overlays '[]' --cores 32 --max-jobs 32 -A pkgsCross.aarch64-multiplatform.rustc
<lovesegfault>
I'm doing this right now
Jackneill has quit [Ping timeout: 264 seconds]
<clever>
lovesegfault: simplest is to just do a useless override at some point (using an overlay) so it has to rebuild that thing, and everything that depended on it
cript0nauta has quit [Ping timeout: 256 seconds]
<cole-h>
lovesegfault: Maybe `--option substitute false` will help?
<lovesegfault>
cole-h: that does some of it
<lovesegfault>
I thought --check would do what I want but it doesn't work as I expected
<lovesegfault>
clever's solution works but it's also not perfect because subsequent builds are faster
<lovesegfault>
unless I write something that changes the introduced garbage on each build cycle
<clever>
lovesegfault: use builtins.currentTime in the overlay
<clever>
> builtins.currentTime
<cole-h>
Ooooh
<{^_^}>
1590538733
<clever>
now it will differ every single time!
* lovesegfault
crosses arms
<lovesegfault>
hmm
<{^_^}>
[nixpkgs] @mweinelt opened pull request #88995 → pinnwand: init at 1.1.0 → https://git.io/Jfwjk
<lovesegfault>
let me try this
<lovesegfault>
clever: where should I introduce that?
gustavderdrache has left #nixos [#nixos]
amir has joined #nixos
<clever>
lovesegfault: the cut-off point between stuff you would expect to be in the cache (the host stdenv and gcc) and the stuff your trying to profile
<lovesegfault>
I'm trying to profile rustc
<lovesegfault>
so maybe in llvm?
<clever>
that would also count the build-time of llvm as well
<lovesegfault>
hmm
<lovesegfault>
I think that's fine
jgeerds_ has quit [Ping timeout: 240 seconds]
Jackneill has joined #nixos
<abathur>
If you can't run it on a system where it's not entangled in the system so you can GC between runs, and if there's not some other magic way, I guess maybe you could override allllll of the packages to add some dumb dependency on a module that just does something silly with builtins.currentTime...
<lovesegfault>
clever: is just adding DIRT = builtins.currentTime; sufficient to change the output hash?
<clever>
should be
cript0nauta has joined #nixos
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/Jfwj8
<Henson>
how are the NixOS boot images created? I'd like to create one of my own but with some extra services.
<Henson>
boot images being the USB images used for installing NixOS
<notgne2>
Henson: iirc its something like `nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix`, though that might be for something else
<notgne2>
I think I've done that for some machines with annoying wifi cards
<cole-h>
adisbladis: Seeing that you've added mypy types (or are in a relatively good place with it), how did the script thing turn out?
kaliumxyz has quit [Ping timeout: 272 seconds]
<Henson>
clever: and the "configuration" arguments points to a NixOS configuration file that gets merged in?
<clever>
Henson: yep
<Henson>
clever: do you know if anything exists to build a NixOS system into an initrd and bzImage to get kexec'd into a running system? I'm working on that, so I can take over a Debian system and install NixOS on it. I've got a script working, and have done it before, but perhaps something that like already exists. But I doubt it.
<clever>
basically, i just built nixos with nix-build, then forcibly updated the bootloader, so it would boot nixos from the gentoo rootfs
<clever>
then i repaired all the stuff old gentoo files where breaking
<clever>
then somebody else added NIXOS_LUSTRATE to nixos, to automate that repair step
<clever>
but kexec is a lot more flexible, since you can repartition
h0m1 has quit [Ping timeout: 272 seconds]
h0m1 has joined #nixos
<Henson>
clever: this is great. I'll see if I can get your kexec build script working. I've got some Debian systems out in the field that I need to upgrade to NixOS with only internet access, no KVM, so I need to customize the kexec with some extra fail-safe features
<clever>
Henson: if you `nix-build simple-test.nix -A legacy_sata`, you will get a directory with 2 shell scripts
<cole-h>
adisbladis: Pretty cool :D
<clever>
Henson: the 1st one, runs the same kernel/initrd as kexec, but directly in qemu, for testing purposes (mainly to test justdoit)
<clever>
Henson: the 2nd script, will then run qemu against the same disk, but without forcing the kernel/initrd, to confirm the bootloader works right
<clever>
Henson: you could use the 1st one, to confirm your additions can phone-home on bootup
<Henson>
clever: excellent! I'm so glad I asked you that question!
<clever>
Henson: thats basically what line 65 does: wipefs -a ${cfg.rootDevice}
<Henson>
clever: it looks like justdoit installs ZFS. How is ZFS on Linux these days? I used it several years ago, and found it not to be very enjoyable. The memory management was not correct, and the ARC would use up all of my memory and Linux was unable to get it back properly. I would have to create a 5 GB empty file in /dev/shm and then delete it to reclaim memory properly. I asked people on the..
<clever>
Henson: ive not had any issues like that, and ive found the reverse is the problem
<Henson>
clever: ZFS on Linux channel, and they said, "yep, that's the way it is for now" and gave me a bunch of bandage solutions that didn't really work. So I switched to FreeBSD for my ZFS severs and have never looked back.
<clever>
Henson: any kind of load, and it tends to discard the entire ARC
pamplemousse has quit [Ping timeout: 260 seconds]
<Henson>
clever: I also found it to be super slow for scrubbing. A scrub of a 10 TB ZFS pool on Linux would take a couple days, whereas on FreeBSD it would take about 8 hours.
<clever>
Henson: for example, my nas had the arc shrink by almost a gig, for no aparent reason
orivej has quit [Quit: No Ping reply in 180 seconds.]
<clever>
when it was otherwise idle
<Henson>
clever: hmm, that's weird.
hyper_ch_ has quit [Remote host closed the connection]
hyper_ch has joined #nixos
oida has quit [Ping timeout: 240 seconds]
orivej has joined #nixos
oida has joined #nixos
<clever>
Henson: performance for zfs, seems to vary wildly from machine to machine
<clever>
Henson: the nas with 3 disks in raidz1, seems to perform poorly, but its all spinning rust
<clever>
Henson: the laptop is nvme single-disk, and theres no real issues with it
<Henson>
clever: what do you consider poor performance?
pamplemousse has joined #nixos
<clever>
Henson: basic things like `zfs destroy` on a snapshot can take over 5 mins sometimes
<clever>
Henson: and nix-collect-garbage once ran for over 8 hours recently
<Henson>
clever: hmm, that is very slow! On my FreeBSD system a zfs destroy (with async deletion enabled) takes about 3 seconds, the same with a snapshot.
<clever>
Henson: as a test, `time zfs destroy -v naspool/root@zfs-auto-snap_weekly-2020-05-18-00h00`, this snapshot is the final root for 412mb of data
kaliumxyz has joined #nixos
<clever>
and that command took 8 seconds to complete
<clever>
`zpool get freeing` now reports 1.7gig, and then 0
<clever>
*doh*, i didnt include `time`, lol
<clever>
one more dataset with a high churn, 3 seconds to delete 1.38gig
mauli has quit [Ping timeout: 265 seconds]
<clever>
seems fine today
<Henson>
clever: I guess in the end your performance depends on your CPU, memory, IO card, harddrives, OS, ZFS configuration, dataset size, etc. So, a whole lot of factors.
<clever>
dedup: DDT entries 5631543, size 1.31K on disk, 324B in core
<clever>
and that
ddellacosta has joined #nixos
<Henson>
dedup: do you have dedup enabled?
<clever>
had
<clever>
the number of entries is going down, ive been keeping some records
<Henson>
clever: I never enabled it in Linux because there were big warnings on ZFS on Linux saying, "don't do this, it's not stable enough yet". In Aaron Toponce's ZFS tutorial he made it seem like unless you have a mega system to handle dedup, you shouldn't do it, and even if you did, you probably don't want to do it for various integrity reasons.
<clever>
but zfs cant repack the hash tables, so the size hasnt changed
<abathur>
I mostly mean that if there are really are hardware/os/platform differences here I'd expect there to be enough ZFS benchmarks that it'd be easy to cross-verify
<abathur>
and if not, it's probably something idiomatic
<abathur>
I say that without having used ZFS yet
<clever>
Henson: from april 3rd to 15th, my L2ARC was covering at around 6gig used, and getting around a 40% hit rate
<Henson>
clever: is that an SSD?
<clever>
intel optane
<clever>
Henson: but thats only counting what missed the ARC in ram, which was at 3gig, and getting >97% hit rate
<clever>
so only ~3% missed the ram ARC, and had to go out to other places
<clever>
and 40% of that 3%, was found in the L2
<Henson>
clever: hmm, I'm surprised you're experience poor performance, then. If performance is a concern, maybe give FreeBSD a try. You should be able to export your Linux ZFS drives, boot with a FreeBSD install USB stick, import them into FreeBSD, and push some data to and from them using dd to see what kind of performance you get. Then export them and go back to Linux and import them again.
<clever>
Henson: the performance problems are almost entirely in the write and delete paths, rarely in the read path
<Henson>
clever: what kind of disk controller do you have?
<clever>
00:11.0 SATA controller: Advanced Micro Devices, Inc. [AMD] FCH SATA Controller [AHCI mode] (rev 40)
<clever>
product: FM2A88X-ITX+
<clever>
vendor: ASRock
<abathur>
clever: got one of those in my nix desktop
<clever>
abathur: let me see if i can find more, lol
<abathur>
hehe
<clever>
Model Family: Western Digital Red
<clever>
Device Model: WDC WD40EFRX-68N32N0
<clever>
User Capacity: 4,000,787,030,016 bytes [4.00 TB]
<clever>
Henson: 3 of those, in raidz1
<DigitalKiwi>
clever: do you have sync=always or something like that
<abathur>
I have one of the optane 900p devices
<Henson>
clever: am I correct in that because they're a RAID1 you have to wait for 3 writes to complete before your IO operation returns?
<DigitalKiwi>
that made my zfs perform horribly until i figured out why...
<clever>
DigitalKiwi: nope, just sync=standard for most, and sync=disabled for one
<Henson>
clever: what kind of read/write performance do you get from a dataset?
<clever>
Henson: copying a 703mb file from a single-disk xfs, over nfs, and writing to the raidz1, took 8.4 seconds
<clever>
~83mb/sec
<clever>
but thats obviously not pushing it very hard
<Henson>
clever: try something on the NAS, like DD something into a big 1 GB blob in /dev/shm then sync. Then time how long it takes to write it to disk and sync again.
<clever>
copying 4.1gig over nfs now...
<Henson>
clever: you can use "zpool iostat" to see what kind of RW performance you get.
<clever>
Henson: i usually have both `iostat -x 30` and `zpool iostat -v 30` open at all times
<DigitalKiwi>
could dedupe be making it bad
<DigitalKiwi>
it's not doing much anyway
<clever>
DigitalKiwi: dedup is now off, so any further writes arent dedup'd
<clever>
Henson: 52 seconds for that 4.1gig to copy
fresheyeball has joined #nixos
<clever>
for ~80mb/sec
<Henson>
clever: right, but that's taking into consideration your network bandwidth. Try copying the file directly on the NAS.
<clever>
i'll try someting within the nas now...
<abathur>
what's the, eh, storagebench or whatever
sigmundv__ has quit [Ping timeout: 265 seconds]
<notgne2>
that's very impressive compared to my eMMC laptop which will freeze for an hour when downloading a few megabytes
<abathur>
pour one out fot notgne2
<abathur>
for, even
<clever>
[root@nas:/dev/shm]# time dd if=/dev/urandom of=blob bs=1024 count=$((1024*1024*2))
<clever>
Henson: and thats the performance to write the whole 2gig file back to zfs
<clever>
Henson: somehow, its worse then when going over nfs, lol
<clever>
Henson: putting a 2gig file into /dev/shm, also caused the ARC to drop from 6.8gig to 4.79gig
<clever>
but ARC hit% was never below 99.5%
<pjt_014>
I just did the math and that speed's about 1203.69 bee movie scripts per second
<Henson>
hahaha
<Henson>
I think you've just created a new unit of data storage
<clever>
Henson: how do the above numbers look?
<DigitalKiwi>
how many abathur laptops is it though
<pjt_014>
Henson: it's really good sample material for compression testing of small-ish text files
<DigitalKiwi>
err, notgne2
<pjt_014>
Did you brotli can get it from 56K to 20K?
<pjt_014>
pretty good
<clever>
abathur: found the box for the optane module, it doesnt say much, lol
<simukis_>
Ericson2314: around? got some questions about pkgconfig still. You said to add pkgsBuildBuild.pkgconfig as a dep, but I don’t quite follow the suggestion. I’m also using a different package that's easier to work with for the experiment – mesa.
<Ericson2314>
simukis_: you know about depsBuildBuild = [ buildPackages.stdenv.cc ]; ?
<abathur>
2147483648 bytes (2.1 GB, 2.0 GiB) copied, 12.397 s, 173 MB/s is what my 2020 mba managed
<Henson>
clever: well, your system is faster than mine. I'm getting about 54 MB/s write to my RAIDZ6 array with ten 1 TB WB black drives and a Mylex controller, and 210 MB/s read
<simukis_>
not really, no.
<abathur>
clever when I finish this CS match I'll try it on my desktop
<simukis_>
but let me get you a diff I’m trying to produce and maybe you’ll see the issue immediately
pamplemousse has quit [Ping timeout: 246 seconds]
<DigitalKiwi>
maybe iostat slows it down
<clever>
Henson: maybe i'm just spoiled by having nvme on everything else, and the spinning rust is just always that slow, lol
<Henson>
clever: yeah, my laptop has an SSD, but when I travel for work I put an old platter drive in it, and it is sooooo sloooow.
<abathur>
clever: confused about both referencing optane and spinning rust, maybe I missed something?
<clever>
abathur: the nas has an optane that i sometimes use as an SLOG or L2ARC, but its currently inactive
<Ericson2314>
simukis_: basically whenever a package comes with one of these dev executables, it's a shit-show with little good solution
<simukis_>
I still don’t get how in the world a modern build plan generator doesn’t handle this kind of stuff transparently and correctly, it can’t be that hard.
<Ericson2314>
if the package is cross compiled, and will be used with further cross compiled builds, it should be built for the the build platform
<Ericson2314>
if a package is cross compiled, but will be used in further native builds, the tool should be built for the host platform
<simukis_>
my favourite instance of this is gobject-introspection which cannot use `gircompile` to get both host and target executable for its own purposes.
<Ericson2314>
ohhhhh g-i
<Ericson2314>
the true innermost circle
<Ericson2314>
and using a a native build's tool might ave different hard-coded paths etc (e.g. with lllvm-config)
<Ericson2314>
so basically we have these exectuables which are sensitive to two targets
<simukis_>
Ericson2314: luckily the host-build-target distinction is handled pretty well in nix itself, its mostly a problem in getting meson to use the right things in right places.
<Ericson2314>
well even we have trouble with these sorts of executables
<Ericson2314>
I'll get the issue
<simukis_>
(interestingly apart from gcc7 not cross-compiling because of a -Werror flag, the only other problems I encountered with crosscompilation all are using meson)
<abathur>
clever: try `nix-shell -p sysbench`, then `sysbench fileio prepare` then `sysbench fileio --file-test-mode=rndrw run` ?
<simukis_>
Ericson2314: anyway, I filled out a couple of tasks for broken packages recently, (https://github.com/NixOS/nixpkgs/issues/created_by/nagisa) and may end up picking at them as I have time, but any help would be appreciated.
<cole-h>
energizer: Have you tried adding jack to your build inputs?
<srid>
setfacl -m u:nginx:x /var/lib/mysites
<srid>
^^ Can I automate stuff like this in nix?
<energizer>
cole-h: i haven't tried. just noticing that it's packaged separately on some distros. you think it'll just work?
<cole-h>
Only one way to find out.
<abathur>
clever: (vaguely curious here, because I suspect my desktop is not getting anywhere near enough performance out of my optane because drivers, but I haven't chased it too hard because it's not like I'm going back to windows or anything,
<Ericson2314>
simukis_: I will try to use your g-i issue to get them to look more at my PR
<clever>
prepare ended with: 2147483648 bytes written in 47.78 seconds (42.86 MiB/sec).
<clever>
abathur: and run ended with: Illegal instruction (core dumped)
<abathur>
gah
<abathur>
my write run on my desktop was 851.62 MiB/sec
<abathur>
wonderwhy the core dump
<abathur>
my actual run claimed throughput of 554 MiB/s read and 369 write
<abathur>
but it didn't run on macOS, unfortunately
<elvishjerricco>
clever: *cont. from #zfsonlinux* But you're implying Nix doesn't call sync on X before writing to its db
<elvishjerricco>
That would seem foolish
jluttine has quit [Ping timeout: 246 seconds]
<elvishjerricco>
even with ext4's journaling, sync would ensure it's really there first
spacefrogg has quit [Quit: Gone.]
aw has quit [Quit: Quitting.]
aw has joined #nixos
<clever>
elvishjerricco: my rough understanding, is that when you close() a file, the fs driver is supposed to flush everything to disk, and not return until its commited
<clever>
elvishjerricco: but ext4 is sometimes doing naughty things, and data can still be lost after that point
spacefrogg has joined #nixos
<elvishjerricco>
clever: flush and close only ensure its in kernel memory and not in userspace cache (most libc's have their own IO cache)
<elvishjerricco>
clever: flushing doesn't guarantee its persistent, but fsync does. If Nix isn't truly syncing paths before writing to the DB that they're there, that's a problem
<clever>
elvishjerricco: one case i can see, where nix isnt entirely at fault, is if you just built something, and the binary in the derivation didnt fsync()
<clever>
elvishjerricco: then nix read $out, hashed it, and recorded its presense in db.sqlite
<elvishjerricco>
clever: Right, I'm claiming it should be Nix's job to make absolutely certain the entire path is fsync'd before recording it in the db
<elvishjerricco>
not the derivation's
felixfoertsch has quit [Ping timeout: 272 seconds]
<clever>
so nix would have to open every file in $out and fsync() each one...
<elvishjerricco>
clever: I believe there's more efficient ways to do that but yea
<elvishjerricco>
Honestly shouldn't be that slow. If the derivation did fsync everything itself, it'd be nearly instant. Otherwise it's just necessary overhead
<elvishjerricco>
Regardless, even if /nix/store and the db are on the same file system, you'll have the same exact issue if the paths aren't synced
<tarelerulz>
How should you set up the system? I enable sound , KDE but I did not un # the part dealing with more then one user. I added my normal user via the command line. I did the command on the site. I add a hand full of app use su , while under my normal user , is that not the way like it mess stuff up?
<quinn>
tarelerulz: try installing pavucontrol and checking the output and application settings
<quinn>
*tabs
<tarelerulz>
my sound works fine/
<quinn>
sorry i'm not sure what your question is
<tarelerulz>
I installed geany , an ide , using Su , root , with the package manager , it can't find /bin/sh: g++: command not found
<tarelerulz>
So I was wondering maybe I did something wrong in the way I installed/setup
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « python27Packages.plexapi: 3.4.0 -> 3.6.0 »: https://git.io/JfrkZ
Rusty1 has quit [Quit: WeeChat 2.3]
<simpson>
tarelerulz: I don't know Geany, but probably you'd want to set it up with tools using nix-shell and an environment.
<tarelerulz>
What is tools?
domogled has quit [Ping timeout: 240 seconds]
<quinn>
tarelerulz: are you trying to edit c++ with it? geany shouldn't depend on g++ to run without a file open
<tarelerulz>
I had like retroarch not work either. so I'm thinking maybe I'm not doing something right
<lovesegfault>
What's the best way to run a Windows VM on NixOS?
<quinn>
my guess is it's an automatic integration with c++ that's failing. you should probably do as simpson recommends and add it with nix-shell -p and then run geany if you're editing c++
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « python27Packages.identify: 1.4.15 -> 1.4.16 »: https://git.io/Jfrku
<quinn>
lovesegfault: i don't know about nixops, but i like virt-manager for VMs
<tarelerulz>
quinn how do you do that?
<lovesegfault>
quinn: do the graphics work well?
<lovesegfault>
I mainly need to run a gui
<quinn>
tarelerulz: open a terminal, run nix-shell -p <c++ compiler>, then run geany from that terminal
<quinn>
lovesegfault: IIRC virt-manager uses VNC or SPICE for graphics? i wouldn't play vidya with it but it's not ridiculously bad
<lovesegfault>
got it
* lovesegfault
goes try
<quinn>
not an expert, but i think if you want really good VM graphics you want PCI passthrough to a graphics card, and the next best option for me has been virtualbox (but i hate it in every other respect)
<quinn>
GL
<simpson>
tarelerulz: I tried $(nix-shell -p geany), checked that `g++` was already in the resulting shell environment, and then opened Geany and made a new main.cxx project. I was able to build and run a hello-world.
o1lo01ol1o has joined #nixos
mauli has joined #nixos
<quinn>
tarelerulz: FYI you can also write a shell.nix for your project that includes C++ then integrate that with direnv and then geany will find the compiler without you needing to install it system wide or run nix-shell yourself
<energizer>
ldlework: `callpackage ./data.nix {}` should be enough, dont need the `import`
o1lo01ol1o has quit [Ping timeout: 265 seconds]
mauli has quit [Ping timeout: 272 seconds]
<tarelerulz>
so quinn , why when I installed it the normal way did it not work?
<tarelerulz>
I mean it cool , You helped me out. I think there is something I'm not understand , I have other apps that don't work correct like retroarch and I think there might be a general reason
<quinn>
tarelerulz: that's really a question for simpson. my theory is that you don't have g++ installed at all. i think it worked for simpson because they aleady had g++ installed, because i don't see g++ in the derivation for geany (http://ix.io/2nsx)
<simpson>
I don't have g++ installed. g++ is part of GCC; GCC is available in the typical stdenv.
<simpson>
But we can imagine going beyond stdenv. $(nix-shell -p geany ruby) gets me the `irb` command, for example, although I don't know if Geany has Ruby integration.
<quinn>
simpson: i mean it definitely depends on g++ at build time, but i think it needs a propagatedbuildinput or something to stay in the path after it's installed.
maxdevjs has quit [Ping timeout: 272 seconds]
<quinn>
i didn't know that g++ came with gcc tbh, but that's still my reasoning. tarelerulz: what happens if you open a terminal and type g++?
<tarelerulz>
nix-shell -p geany , what does that do?
<quinn>
it spawns an instance of bash that has geany available in $PATH (basically)
<tarelerulz>
when I open a terminal , and type g++ command not found ,
<quinn>
as do i (on a very minimal VM)
palo1 has joined #nixos
noudle has joined #nixos
<quinn>
simpson: this makes me think that you have something that depends on g++ (as a propagatedbuildinput i guess?) in your system already
<quinn>
tarelerulz: anyways just to be sure how about you nix-shell -p geany and then run it from there
simba1 has joined #nixos
<quinn>
wait, actually my desktop doesn't have g++ in path without nix-shell -p geany, and it has it in path when i do nix-shell -p geany. maybe nix-shell -p automatically adds stdenv to the path? anyways i would just add g++ to your system config or try that direnv trick i told you about
<tarelerulz>
haha you make sound so easy, I'm new to Nixos. I had time finding out how to install something
<tarelerulz>
I kind of get the whole big config file
<quinn>
cole-h: this is cool, are the hooks for dealing with GPUs? i'm not very familiar with VM
<cole-h>
Yeah, they're necessary because I only have one GPU
<lovesegfault>
I really want a PCIe 4 NVME RAID-0
<cole-h>
Probably unnecessary on multi-GPU systems, but I need to tell nouveau to let go of my card, so that's how I do it
<quinn>
tarelerulz: for now just add gcc to your environment.systemPackages in configuration.nix and do nixos-rebuild switch and you should be fine. there are more elegant ways to do it, but this will get you developing your stuff while you acclimate to nix
<cole-h>
You shouldn't use compilers outside of nix-shell, tbh
<quinn>
cole-h: is this full-screen only then? re compilers outside of nix-shell, that's just because it's not 'the nix way' not because it's unsafe right? IMO it's unreasonable to tell a new user to learn how to use shell.nix for every project before they start programming on their own computer again
<cole-h>
quinn: I'm pretty sure it's because our compilers are patched to add some env vars for various things, and I don't know if adding them to packages sets those up.
<cole-h>
re full-screen only: Yes. If I need access to my host, I SSH in. If I need graphical access, I shutdown my VM.
<quinn>
OH okay, i take it back then. tarelerulz: just try running nix-shell -p gcc and then opening geany from a terminal whenever you want to develop C++ i guess
<tarelerulz>
The new user , me , just picked up the boot , hello world level like first chapter here.
<quinn>
well are those instructions manageable for you right now?
LevelChart8 has quit [Quit: LevelChart8]
<quinn>
cole-h: wow that sounds really unergonomic. have you considered doing integrated graphics for host, pci gpu for guest?
<cole-h>
¯\_(ツ)_/¯
<cole-h>
Different strokes for different folks. I don't think it's unergonomic at all.
<cole-h>
If I use integrated for host, I lose the ability to take advantage of my card in any way. Seems like I'm gimping my system when I use Linux more often than Windows.
<lovesegfault>
grrr great xen is failing to build
<quinn>
lovesegfault: are you trying to use xen with virt-manager? kvm will probably be easier
<lovesegfault>
Why do I even need xen
<quinn>
idk lol
<tarelerulz>
what is the way you should install and app?
<cole-h>
quinn: btw just tested: `nix-shell -p gcc` sets env vars like TARGET_*, *_FOR_TARGET, etc, while adding it to environment.systemPackages doesn't
<quinn>
tarelerulz: desktop programs (for me) go in environment.systemPackages.
<quinn>
cole-h: oh that's kewl. does that mean tarel could just add gcc to configuration.nix?
<quinn>
i also admire your patience in doing a nixos-rebuild to test something for IRC, i'm much too lazy for that
<cole-h>
No, that's the opposite of what I said. If you put it in configuration.nix (environment.systemPackages), the user's env won't inherit those variables, meaning things are liable to break.
justanotheruser has quit [Ping timeout: 272 seconds]
<lovesegfault>
Is there a way to remove cflags that are set by the system definition for a single package?
<quinn>
cole-h: oh okay, ty
<tarelerulz>
nix-env -qa firefox , I think I did that to install qeany , firefox , qbitorrent , vlc and retroarch but it only geany and retroarch that don't seem to work right
<quinn>
lovesegfault: you should check the source code, but you should be able to specify cflags in an override (manual mentions makeFlags/Array) you could also try setting NIX_CFLAGS_COMPILE
<lovesegfault>
quinn: maybe, hmm
justanotheruser has joined #nixos
<cole-h>
Man, I can't wait to install NixOS on my SSD lol
develCuy_ has quit [Quit: No Ping reply in 180 seconds.]
<tarelerulz>
so why can't you use Retroarch itself?
develCuy has joined #nixos
<tarelerulz>
normally I tell the cores to save to my home directory and I'm good
<simpson>
I probably could, if I put in effort. But I'm not really interested in picking up new tools today; I'm just trying to figure out what's broken for you.
<simpson>
tarelerulz: Sorry, that was a little glib. As quinn says, it seems like there's a wrapper which loads the cores automatically. I'm trying to figure out how it's used.
<tarelerulz>
I love the link to the file but I have no idea what to do with that file
user_0x58 has quit [Quit: Leaving]
<quinn>
tarelerulz: you know what i like emulation, give me like 15 minutes to set it up for myself (on my todo list anyways) and i'll give you a summary
codygman has quit [Ping timeout: 272 seconds]
<simpson>
tarelerulz, quinn: It looks like configuration has to go through the nixpkgs global configuration, i.e. through ~/.nixpkgs/config.nix.
<quinn>
simpson: you can do that with nixpkgs.foo in configuration.nix too right?
<simpson>
That said, I was able to add `retroarch.enableDOSBox = true;` to that global configuration, and then to build `retroarch`. The resulting package has the dosbox core bundled.
<simpson>
quinn: Yes, I believe so. This is just what I tested.
<simpson>
> retroarch.meta.description # quirky! if any cores are enabled, they'll be listed here
<{^_^}>
"Multi-platform emulator frontend for libretro cores (with cores: )"
klntsky has quit [Remote host closed the connection]
klntsky has joined #nixos
codygman has joined #nixos
Chiliparrot has joined #nixos
<Ashy>
is it possible to fire up a nix-shell with a multilib enabled gfortran?
<Ashy>
i'm on a 64bit nixos machine and want to build a 32bit fortran binary
<quinn>
simpson: and then add retroArchCores to environment.systemPackages right?
orivej has quit [Ping timeout: 265 seconds]
orivej has joined #nixos
<simpson>
quinn: I think that you'd add the `retroarch` package name directly. It seems that that package is built up from the configured cores.
<quinn>
simpson: oh yes i see. as the comment remarks, 'quirky!'
hmpffff has joined #nixos
<simpson>
Ashy: I don't have the patience to see it through, but pkgsCross.gnu32 has a suitable GCC? You can directly grab pkgsCross.gnu32.gfortran. At least here, though, it needs to build an i686 binutils first, and I don't know if I want to stay up that late.
<simpson>
I've been thinking lately about the r13y of deployments which are managed from multiple hosts. I hate the Bastion Pattern; I don't think it's appropriate, so I've been wondering about ways to de-bastionize.
<lovesegfault>
so like I will build something on my server, nix copy to my laptop, then morph deploy and nix starts rebuilding stuff
<lovesegfault>
even though I just built it
<simpson>
lovesegfault: Aha. That does seem irritating, but not like a showstopper. It just means that a machine has to either be managed or unmanaged, and not both.
<lovesegfault>
it drives me nuts
<manveru>
that sounds like someone is using `<nixpkgs>` :P
<lovesegfault>
Yes
<lovesegfault>
that's my theory
<lovesegfault>
so they are breaking my pinning
<quinn>
simpson: to be clear, what you think should be working is adding retroarch to environment.systemPackages and setting nixpkgs.config.retroarch.enableCitra to true?
<srk>
lovesegfault: tried the pinning morph supports?
<lovesegfault>
srk: how?
* srk
looking
hmpffff has quit [Quit: nchrrrr…]
<quinn>
simpson: because that is not working unfortunately
<{^_^}>
DBCDK/morph#67 (by Shados, 38 weeks ago, merged): Merge per-machine nixpkgs arguments on top of network-wide ones
<tarelerulz>
simpson , normally with retroarch , you can just download the core , it install and you have the core on the next time you start the program. That is what should happen. It says downloaded core but you don't have the core . could it be permissions ?
mallox has joined #nixos
<lovesegfault>
I hadn't tried that, but I'm halfway through converting to nixus now :P
<manveru>
hehe
<simpson>
quinn: That sounds reasonable. Here's something I just tried: https://bpa.st/JGQQ
hmpffff has joined #nixos
hmpffff has quit [Client Quit]
thc202 has joined #nixos
<simpson>
tarelerulz: You will have to give up the old ways of doing things. In particular, the only way to get executable packages should be through Nix, and that includes programs which come in multiple pieces. In this situation, RetroArch's various cores seem to be packaged, and although the configuration is arcane and undocumented, it's not broken, just different.
<{^_^}>
[nixpkgs] @vbgl pushed to master « ocamlPackages.async_kernel: remove at 112.24.00 »: https://git.io/JfrtE
<tarelerulz>
ok, learn the nixos way I guess haha
<srhb>
lovesegfault: If you're having reproducibility issues with morph, it would be helpful to hear about the drv diffs you're seeing. We're not aware of any serious issues currently, but obviously it'll be nice to know. :)
<srhb>
lovesegfault: I think the main cause is overlays, which, granted, can be quite confusing.
hmpffff has joined #nixos
ckauhaus has joined #nixos
<quinn>
simpson: what the hell. it works if i put it in nixpkgs/config.nix but not in configuration.nix. looks like i have to go bug hunting :v
thc202 has quit [Ping timeout: 260 seconds]
<simpson>
Good luck.
<{^_^}>
[nixpkgs] @vbgl opened pull request #89006 → ocamlPackages.core: remove at 112.24.01 → https://git.io/JfrtH
<{^_^}>
[nixpkgs] @vbgl pushed commit from @CohenCyril to master « coqPackages.mathcomp-extra: refactor »: https://git.io/Jfrqk
tobeportable has joined #nixos
<quinn>
tarelerulz: alright, it looks like the bugs i have to deal with are with my config rather than the package. follow these instructions: http://ix.io/2nsP
andymandias has quit [Ping timeout: 246 seconds]
zupo_ has joined #nixos
andymandias has joined #nixos
<quinn>
simpson: looks like my error came from putting nixpkgs.config.retroarch behind a mkIf \shrug
orivej has joined #nixos
orivej_ has quit [Ping timeout: 272 seconds]
<pie_>
lornokto: i was trying to do it with a store path first and obviously that didnt work and then i didnt simplify
<pie_>
lornokto: thanks
<tarelerulz>
quinin, thanks man
<quinn>
sure dude, enjoy
<tarelerulz>
seems like I was fighting the system .
<tarelerulz>
emulators have a enough problems , haha
orivej has quit [Ping timeout: 260 seconds]
orivej_ has joined #nixos
<quinn>
i'm a melee player, so i know the struggle. so many man hours sunk into low latency play, what an incredible PITA
<tarelerulz>
I use retroarch because it covers so many system too. if there was any easyer one I would but never found it with Linux. not good mulisystem emulators / front ends
vidbina has joined #nixos
<quinn>
imo if you spend too much time with them it's worth setting up the non-retroarch alternatives. you get more recent builds and the native configuration settings rather than whatever retroarch decides to feed you
<quinn>
anyways i gotta sleep, have a nice day dude
copy has quit [Ping timeout: 256 seconds]
orivej_ has quit [Ping timeout: 272 seconds]
rauno has joined #nixos
rauno has quit [Remote host closed the connection]
<{^_^}>
[nix] @edolstra pushed 2 commits to 2.3-maintenance: https://git.io/JfrZG
c0c0 has joined #nixos
cantstanya has quit [Ping timeout: 240 seconds]
opticnerve has joined #nixos
cantstanya has joined #nixos
trufas[m] has joined #nixos
cosimone has joined #nixos
vidbina has quit [Read error: Connection reset by peer]
iyzsong has joined #nixos
vidbina has joined #nixos
lornokto has quit [Quit: Leaving]
orivej has joined #nixos
fendor has quit [Remote host closed the connection]
fendor has joined #nixos
<cmk_zzz>
why can't I install utop (an ocaml tool) for a nix-shell? I.e `nix-shell -p ocaml utop` gives "undefined variable 'utop'"
<cmk_zzz>
I can find the package in nixpkgs under ./pkgs/development/tools/ocaml/utop/default.nix
<evils>
cmk_zzz: nix-shell -p ocamlPackages.utop
gagbo has joined #nixos
<cmk_zzz>
evils: thanks, that works. Is there a way to find these paths out from the command line? I tried finding in the nixpkgs repo and nix-env -qa doesn't mention ocamlPackages. I see though that the nixos.org search gives that as an attributeName
<manveru>
cmk_zzz: `nix search`
<Cadey>
is there anything i can do to help the nixos on aarch64 story forward?
<evils>
nixos.org/nixos/packages.html shows `ocamlPackages.utop` so does `nix search`, i found it by `grep -sr "utop" in nixpkgs, and the second to last result was in pkgs/top-level/ocaml-packages.nix
fusion809 has quit [Remote host closed the connection]
<evils>
Cadey: using it and reporting bugs is always great
<Cadey>
:+1:
<evils>
Cadey: if you want to get more involved than that, try #nixos-aarch64
<cmk_zzz>
thanks "nix search" does the trick
asymptotically has quit [Ping timeout: 240 seconds]
asymptotically has joined #nixos
<betaboon>
anyone knows if it is possible to use initrd from an nfsroot ?
<DigitalKiwi>
cmk_zzz: for stuff that doesn't show up in nix search (not all attribute sets will...like haskellPackages is too big...) you can tab complete with nix-env
<{^_^}>
[nixpkgs] @FRidh pushed to master « python3Packages.h5netcdf: init at 0.8.0 »: https://git.io/JfrWH
<jbox>
can someone do my a huge favor?
<jbox>
I've installed terraria-server-1.4.0.3 from unstable, but running TerrariaServer just exits with 0 and no output. Does this work on anyone else's machine?
fendor has joined #nixos
<jbox>
I got the same behavior from terraria-server-1.3.5.3 from nixos-20.03
nixbitcoin has quit [Remote host closed the connection]
nixbitcoin has joined #nixos
<manveru>
jbox: are you using the terraria nixos module?
hmpffff has quit [Quit: Bye…]
<bqv>
evils: setuptoolsHook
<bqv>
Or whatever its called
jco has joined #nixos
jco has quit [Client Quit]
<jbox>
manveru: I don't know what you mean by terraria nixos module. I installed 1.4.0.3 via configuration.nix and 1.3.5.3 via nix-env (just to test)
<{^_^}>
"If enabled, starts a Terraria server. The server can be connected to via <literal>tmux -S /var/lib/terraria/terraria.sock attach</literal>\nfor administration by users who are a part of the <literal>...
<bqv>
evils: are you putting it in the right place?
<evils>
i'm passing it in in nativeBuildInputs
<jbox>
oh, *wow*! Thank you!
<jbox>
manveru++
<{^_^}>
manveru's karma got increased to 40
infinisi1 is now known as infinisil
<jbox>
manveru: this is running 1.3.5.3. How can I run the 1.4.0.3 (or 1.4.0.4) version from unstable?
<manveru>
looks like you'll need an overlay for that
<manveru>
,overlays
<{^_^}>
manveru: Did you mean overlay?
<{^_^}>
Overlays look like `self: super: { foo = ...; }`. Use the self argument to get dependencies, super for overriding things and library functions (including callPackage). More info: https://nixos.org/nixpkgs/manual/#sec-overlays-install
<manveru>
,botsnack
<{^_^}>
Oh thanks, have a cookie yourself
<jbox>
lol
<evils>
bqv: i assume you meant setuptoolsBuildHook, i tried everything setuptools*, setuptools is available, setuptools-build-hook is sourced and setuptoolsShellHook runs as part of buildPythonPackage without any of them though
<bqv>
Yeah, dunno then
<evils>
thanks anyway
drakonis_ has joined #nixos
<manveru>
jbox: seems like the module is broken though
<manveru>
maybe it's the version on unstable broken then...
drakonis has quit [Ping timeout: 272 seconds]
<manveru>
hm, no, same version
drakonis_ has joined #nixos
<manveru>
this one can't do journey worlds i guess :|
<jbox>
How would I go about making an overlay to change it to 1.4.0.3/4? I've never made an overlay and I can't even find where the module grabs the terraria binary (I assume that's what I would change to point to the unstable derivation)
nixbitcoin has quit [Remote host closed the connection]
noudle has quit []
<{^_^}>
[nixpkgs] @SeTSeR opened pull request #89019 → nixos/pam: add service generation for swaylock → https://git.io/Jfr4Y
gustavderdrache has joined #nixos
johnny5 has joined #nixos
zupo has joined #nixos
johnnyfive has quit [Ping timeout: 240 seconds]
dan224 has joined #nixos
<jbox>
YES! I got it working
<jbox>
That felt so good
<meh`>
what's the right way to enable optional functionality? I'm trying to enable ceph support for libvirt/qemu and I can't seem to figure out the right nixpkgs.config attrs
<jbox>
manveru: thank you so much! I would have never figured it out without you.
<manveru>
jbox: might be worth adding a `services.terraria.package` option, so using a newer version is a bit easier
kai_w has joined #nixos
<NickHu>
cole-h: Thanks for your review on the libayatana-appindicator stuff, I've request a review from you for a couple other related things if you wouldn't mind looking at them
<evanjs>
jbox: could also open a PR to change that. seems like something that might be useful enough to others
<evanjs>
..... suddenly tempted to open one as it doesn't sound that bad....
quinn has quit [Ping timeout: 246 seconds]
<jbox>
I don't know if /var/lib/terraria is the preferred place, though, since the data inside changes enough to justify being in /var
<jbox>
for those people who have /var in a high-speed drive or something
<{^_^}>
[nix] @edolstra pushed 0 commits to refs/tags/2.3.5: https://git.io/Jfr2Q
Izorkin has joined #nixos
<evanjs>
jbox: services.minecraft-server.dataDir - going to assume the addition of this option should be fine, anyhow, as minecraft has a similar option
<evanjs>
and it defaults to /var/lib/minecraft, so I'll probably leave that as the default for now
<{^_^}>
[nixos-homepage] @edolstra pushed to master « Nix 2.3.5 released »: https://git.io/Jfr2F
c0c0 has joined #nixos
<evanjs>
ah good thing I tested it.
<evanjs>
since the homepath is hardcoded, I need to modify the sock path and etc to use the variable now :P
<emily>
aaron: I would strongly suggest fdk_aac over any other AAC encoder
LambdaDuck has quit [Quit: Lost terminal]
<emily>
aaron: all the other free software ones have major known deficiencies
<evanjs>
keithy[m]: I see config provisioning at least
<emily>
unfortunately the ffmpeg package doesn't support it either
<emily>
it's on my todo list >_<
<keithy[m]>
wow its actually there!
<evanjs>
yup. the position makes sense to me. I can see e.g. nixops under deploy and etc but I do wonder if nix would fit anywhere else, as they put NixOS there.... but might be referring to both of them. Idk lol
<keithy[m]>
eagle eyes!
cole-h has joined #nixos
<emily>
aaron: oh, FAAC is one of the proprietary ones
<emily>
it might actually be okay then
<evanjs>
keithy[m]: the more I look at this list, the more confused I get. I see HALO under monitoring. Uh... wot? lol
codygman has quit [Ping timeout: 256 seconds]
<evanjs>
*monitor/BI
jbox- has joined #nixos
<emily>
an fdk_aac option would be really good though because we could enable it by default and kill off the terrible ffmpeg aac encoder
<morgrimm>
Anyone know why `acme.certs.<name>.user/group might not take effect?
<acowley>
I feel like I'm not getting the way I'm supposed to use node2nix. I ran it, and I can do `nix-shell default.nix -A shell` to get a shell, but it runs an unpacking, adding metadata, etc. process for several seconds every time I enter the shell. I also don't know how I can add things to the shell.
<acowley>
Is there another development environment setup for nodejs that people like?
o1lo01ol1o has quit [Remote host closed the connection]
<emily>
cole-h: hmmm. perhaps we should also include /run/{wrappers,booted-system}/bin? I wonder how to make the whole safepath concept apply well to NixOS though... I can imagine generating rules with full /nix/store binary paths in them and then that would break I guess?
<emily>
or is this just things it'll look for if you don't specify an exact PATH?
<cole-h>
Yeah, that's my question at the bottom.. :P
o1lo01ol1o has joined #nixos
<cole-h>
emily: AFAICT, it's when you can't keepenv and someting uses the path
<emily>
ah, yeah
<emily>
I think it makes sense for consistency to include it
<emily>
my root's $PATH is /run/wrappers/bin /root/bin /root/.nix-profile/bin /etc/profiles/per-user/root/bin /nix/var/nix/profiles/default/bin /run/current-system/sw/bin
<emily>
arguably some of those should be included too but I don't know if there's a way to do that without it being a mess
<emily>
hopefully nobody is actually using imperative package management as root
<{^_^}>
[nixpkgs] @aanderse opened pull request #89028 → libav_all: use callPackages instead of callPackage → https://git.io/JfrVk
orivej_ has quit [Ping timeout: 260 seconds]
<cole-h>
lol
orivej has joined #nixos
<emily>
cole-h: some people like doing "sudo su", and it's in /run/wrappers/bin
<emily>
not that it's a great pattern
<emily>
oh, ping is in there
<emily>
should probably include it
<cole-h>
Yeah, good point.
<immae>
morgrimm: how does it "not take effect"? Note that it seems like having multiple users is buggy yet because /var/lib/acme/acme-challenges is chown’ed to every user (in tmpfiles), which cannot work well...
pamplemousse has joined #nixos
<cole-h>
emily: AFAICT, booted-system/bin isn't really used? Is it possible for current-system and booted-system to diverge? When using `nixos-rebuild boot` or `test`?
<morgrimm>
Well, I'm trying to solve an issue with the nginx service accessing certs - I've put both nginx and an acme user under the acme group, and set the group and user of my cert to `acme`
<simpson>
emily: It's not exactly a tragedy, but this removal of "core" or "standard" tools has definitely been a palpable trend over the decades. One moment that sticks in my mind is when Debian didn't have sudo in its minimal image; that was a learning experience for me and my peers.
<emily>
cole-h: when using nixos-rebuild switch. But it shouldn't actually be included if it's a $PATH-alike, I thought it was a whitelist of allowed binary paths
<morgrimm>
Despite the cert permissions and ownership being acme, and nginx being a part of the group with r perms, it's denied loading the certs
<emily>
you need /run/booted-system for things that care about the kernel/module versions
<emily>
e.g. zfs tools
<emily>
but it's only used explicitly, not added to $PATH
<immae>
morgrimm: then you might need SupplementaryGroups in the nginx service
<{^_^}>
[docker] @prusnak opened pull request #19 → update nix to 2.3.5 → https://git.io/JfrVm
<morgrimm>
When I disable/re-enable nginx/acme, it regenerates the acme folder with the certs with the right permission, but the lego folder still under root
<emily>
simpson: it's more like sudo was the new-fangled thing that people didn't like for quite a while, honestly
<emily>
simpson: back in 2006 you'd find people arguing that Ubuntu's sudo setup was horribly insecure and you should use su and set up a separate root password etc.
<morgrimm>
When lego *should* be run under the acme user
<cole-h>
emily: Then I'm hearing: add /run/wrappers and leave the rest as-is? Sound good to you?
o1lo01ol1o has quit [Ping timeout: 260 seconds]
<emily>
it took a while for the norms to change and in some places they still haven't (BSDs, to an extent)
<emily>
cole-h: yep
rauno has joined #nixos
<cole-h>
Cool, thanks.
<emily>
we could probably drop the FHS paths too
<emily>
since they're not in our $PATH
<cole-h>
Will they not show up in `buildFHSEnv` or whatever that abomination is?
<emily>
I guess people might want to use nixpkgs doas on non-NixOS, but you couldn't use the module or anything
<immae>
morgrimm: so the .lego folder belongs to root, but the cert themselves belong to the right user?
teto has joined #nixos
<emily>
can you doas from a buildFHSEnv? I have no idea
<morgrimm>
Looks like it - but nginx is still has the wrong permissions, which doesn't make sense
<immae>
morgrimm: you need SupplementaryGroups in the nginx systemd service config
<morgrimm>
Well, I should say - nginx *should* have the right perms, it's part of the acme group which has r perms to the cert
<simpson>
emily: Hm, that's an interesting take. AIUI sudo dates back to the 80s. Along with doas, I *do* remember some other sort of sudo competitor (pseudo-competitor?) in the 2000s, but I can't recall its name.
<immae>
morgrimm: groups are not given by default in systemd services, you need to explicit them
<cole-h>
emily: I have no idea either lol. I figure I'll just keep them because it doesn't really hurt... And like you said some whacko might want to use it on non-NixOS
<emily>
simpson: sure, it's an old program, but it wasn't what [average distro installer] set up for you
<morgrimm>
Even if the user its running under explicitly has them? I've given the nginx user the extra group
<emily>
for the longest time you had to specifically opt-in to sudo in the debian installer, but not just the debian installer
<immae>
yes
<emily>
ubuntu was the first thing to turn it on by default AFAIK
<emily>
immae: huh?
<cole-h>
(They were talking to morgrimm)
<emily>
If the User= setting is used the supplementary group list is initialized from the specified user's default group list, as defined in the system's user and group database. Additional groups may be configured through the SupplementaryGroups= setting (see below).
<emily>
In any way, this option does not override, but extends the list of supplementary groups configured in the system group database for the user. This does not affect commands prefixed with "+".
<cole-h>
You were "huh"-ing because they were not completely correct
<cole-h>
x)
<emily>
(I don't know what's wrong here, sorry, but I doubt it's that)
<morgrimm>
I've extended the nginx user manually with `acme` under extraGroups, so I expected it to inherit that
<immae>
emily: if you specify a Group = smoething then the systemd user will only have that one
<immae>
that’s what I noticed for quite a long time
<emily>
oh hm
<emily>
I guess specifying Group is actually an antipattern then
<immae>
(might be a bug I don’t know)
<emily>
I never thought about that
<emily>
no, it makes sense now that I think about it :)
<emily>
since otherwise you'd just inherit the groups from the user
<immae>
yes
<emily>
but it makes me wonder if we should really be setting it on our services in that case
<emily>
since it's presumably expected that a group you add nginx to will be present for the nginx proecss
<morgrimm>
Which would explain why it's not respecting the user's groups
<emily>
the docs are really ambiguous about this :/
<immae>
Yes nginx service has a Group = so you need the supplementary with it, if it would be absent then it would work fine
<emily>
"If no group is set, the default group of the user is used. ... If the User= setting is used the supplementary group list is initialized from the specified user's default group list" is the closest it gets to implying that Group= disables the default supplementary rgoups
waleee-cl has joined #nixos
<morgrimm>
Looks like there's a `services.nginx.group` option which should let me specify the group easily, otherwise I guess I'd have to append directly to the service config
<morgrimm>
But I still want it to run under nginx as well
<emily>
you can just systemd.services.nginx.serviceConfig.SupplementaryGroups
<immae>
anyway, this should fix your permission issue morgrimm . As for .lego belonging to root it might be worrying and could be fixed but will have no consequence for usability by nginx :)
<emily>
but maybe there should be an issue about these Group= settings
<emily>
.lego being owned as root makes me think that maybe we're running lego as root unconditionally right now :|
<immae>
we partly do
<immae>
I proposed a change in the related issue a few days ago emily
<emily>
yeah I saw
<immae>
if you have some opinion about the changes :p
<emily>
was planning to get around to replying, sorry I haven't yet
<immae>
no problem
<emily>
tl;dr I think most of the changes are good but I do want to figure out if we can reduce the amount of shell a bit (and have some ideas/WIP refactors for that)
<emily>
there was also some talk about this in #nixos-acme a while back, unfortunately nothing written up more concretely yet >_<
<immae>
yes, I didn’t find a way to reduce the quantity of shellies, but that’s because of lego being immature yet
<immae>
it should improve as lego improves
<Izorkin>
How to fix this error in master branch - The option value `networking.hostName' in `/etc/nixos/configuration.nix' is not of type `string matching the pattern ^[[:alpha:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$'.
<{^_^}>
[nixpkgs] @matthewbauer merged pull request #88984 → openmpi: use pkgsHostTarget for gfortran → https://git.io/JfwN2
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to master: https://git.io/JfrVA
<immae>
(I may have missed some features of lego too of course, but I "think" I searched in deep)
<emily>
immae: I think using the config hashes in paths can be made to work with proper renewals / reusing keys / etc. and avoid some of the explicit logic, but I haven't written up a full account of that yet
<morgrimm>
immae: I have to wait on ye old LE rate limiting, but if that's the case, this will likely solve the issue - thanks so much!
<{^_^}>
[nixpkgs] @matthewbauer pushed 2 commits to master: https://git.io/JfrVj
<immae>
Ah... yes many symlinks :p
<immae>
also some parts of the path cannot be guessed easily :(
<immae>
(under "accounts")
c0c0 has quit [Ping timeout: 265 seconds]
<immae>
(and extra care to make sure we don’t break the reusing key feature)
Chiliparrot has joined #nixos
LevelChart8 has quit [Quit: LevelChart8]
kim0 has joined #nixos
<bqv>
tom
never_released_ has joined #nixos
never_released has quit [Ping timeout: 264 seconds]
erasmas has joined #nixos
<cole-h>
:( I've gotten too used to readline bindings that I accidentally close FF tabs when typing, now.
<jbox>
I would like to make a change to a module and contribute the change after it works on my machine. This (<https://nixos.org/nixpkgs/manual/#idm140737317252256>) page only describes how to add a package, and I'm looking to modify a module. How can I "install" a changed module from the cloned nixpkgs repository onto my system?
c0c0 has joined #nixos
<srk>
you can either import it directly or use your modified nixpkgs via NIX_PATH
<cransom>
jbox: `disabledModules` takes a list of strings that point to a module to remove, like `nxios/modules/virtualisation/something/blah.nix`. then you can import your own modified one
<{^_^}>
[nixos-weekly] @domenkozar pushed 8 commits to production: https://git.io/JfroP
<{^_^}>
[nixos-weekly] @domenkozar pushed to master « Call for Content: 2020/06 »: https://git.io/Jfro1
<{^_^}>
[nixos-weekly] @domenkozar opened pull request #120 → Call for Content: 2020/06 → https://git.io/JfroM
casaca has quit [Quit: leaving]
gilligan has joined #nixos
<aanderse>
ok... so does anyone know how i can convert a video to a format optimized for ipad/iphone with ffmpeg on nixos? i'm having a hard time with this one...
<infinisil>
cransom: Note that it should be just "virtualisation/something/blah.nix", the "nixos/modules" part shouldn't be included with disabledModules
<evanjs>
gah. think I found the issue: malformed JSON string, neither array, object, number, string or atom, at character offset 0 (before "\x{0}\x{0}\x{0}\x{0}...") at /nix/store/w5s7s1nnzsmzdqh06abysffrj2m0nrwf-update-users-groups.pl line 11.
vidbina has quit [Ping timeout: 256 seconds]
<evanjs>
this is the line: my $uidMap = -e $uidMapFile ? decode_json(read_file($uidMapFile)) : {};
<evanjs>
which ends up being /var/lib/nixos/uid-map -- hrm
<evanjs>
So obviously I did something wrong in replacing the instances of /var/lib/terarria
<evanjs>
as so of those paths relate to the terraria user
<adisbladis>
aanderse: I seem to recall the h264 profiles being somewhat limited on apple devices
<adisbladis>
But I think you should be going with 4.2 on more recent ios/devices? (more recent being >=iphone5)
<evanjs>
hrm so how might I debug /var? Haven't dealt with debugging it before; trying to poke around with `nix-store -q` and see if I can locate it/where it gets invoked or how it's initialized, etc
<evanjs>
infinisil: does this go for PR titles as well? i.e. virtualisation/vmware-image.nix and not nixos/modules/virtualisation/vmware-image.nix?
mthst has joined #nixos
<infinisil>
There's no rules for the PR title, but I think "nixos/vmware: <change>" is the way to go
<cole-h>
+1
<evanjs>
infinisil: alright. I've seen things like pythonPackages.ntfy and etc recommended, so I wasn't sure what/how that applies to modules
<adisbladis>
aanderse: I dug this out from my shell history `ffmpeg -i input.webm -c:v libx264 -profile:v high -level 4.2 -c:a aac -b:a 192k output.mkv`
<gchristensen>
following that pattern is a confidence boost that I'm going to like the PR
<adisbladis>
I think that was for an iDevice
<evanjs>
gchristensen: mostly what I was going for XP
<gchristensen>
:)
<adisbladis>
gchristensen: I know!! It puts me at ease for the rest of the review ;)
<nbathum>
abathur: script in what context? is an existing package failing? are you working on a new package or local development?
<nbathum>
generally I think the idea is to patch things like that out, or depending on circumstances, add a dependency for that thing which isn't available
ilios has joined #nixos
fresheyeball has quit [Ping timeout: 265 seconds]
<abathur>
answer to the first questions is complicated
Thra11 has joined #nixos
mthst has quit [Ping timeout: 265 seconds]
<abathur>
the break is my own stuff, but it's a demo from my CI run that uses shunit2 to run some tests
<abathur>
and it's been running fine on macOS and in CI, but I pulled it down to my NixOS system and noticed it breaking
gxt__ has joined #nixos
<{^_^}>
[nixpkgs] @veehaitch opened pull request #89034 → sslyze: init at 3.0.4 → https://git.io/Jfr65
<abathur>
just seemed odd, made me wonder if it should be addressed at the package level for findutils
<abathur>
the xargs manpage says pretty clearly that its default "command" is /bin/echo if none is provided
knupfer has quit [Quit: knupfer]
knupfer1 has joined #nixos
butcher has quit [Ping timeout: 256 seconds]
<nbathum>
oh interesting. didn't know that about xargs
<abathur>
I didn't either :]
knupfer1 is now known as knupfer
<abathur>
I was pretty flummoxed at the error for a bit
<evanjs>
nbathum: yah that's the idea behind the snippet i sent you the other week
<energizer>
i have zoom-us installed in nixos. my webcam turns on but the video is just black, and nothing comes out of the speakers or into the mic. how to debug?
<evanjs>
I can't imagine xargs tries /bin/echo on a NixOS system, though...
<nbathum>
well how does xargs implements that, an exec call?
quinn_ has quit [Read error: Connection reset by peer]
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « helmsman: 3.3.0 -> 3.4.1 »: https://git.io/JfriE
<evanjs>
so maybe it could be referenced explicitly like ${pkgs}/coreutils/bin/echo... but that doesn't answer the behavior that we're seeing right here
<goibhniu>
energizer: FWIW I had the same problem but it works with a different webcam.
<abathur>
it's a builtin in bash as well, but I doubt xargs is calling the builtin?
<energizer>
goibhniu: your audio started playing when you plug a different webcam?
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « remmina: 1.4.3 -> 1.4.4 »: https://git.io/Jfrig
<goibhniu>
ah sorry, I meant that the webcam only showed black. In case you're not familiar with zoom, you have to click an extra button to enable the audio after joining the conference (AFAIK)
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « python27Packages.sqlalchemy-utils: 0.36.3 -> 0.36.5 »: https://git.io/JfriV
<energizer>
goibhniu: just got the audio working, apparently there was a select audio device button that was the same color as the background so i couldn't see it
<chloekek_>
clever: Thanks, I will check that out.
fendor_ has joined #nixos
magnetophon has quit [Read error: Connection reset by peer]
<chloekek_>
bqv: IME a workflow that consists of “make sure you don’t forget to run cabal2nix, or else you will spend an hour trying to figure out why your change did not apply” is a worse sin.
<iclanzan>
bqv: I am trying to think of how I can avoid compiling MongoDB for each of my team mates cause the official nixos cache does not cache MongoDB binaries anymore.
<cole-h>
Start your own cache? ;)
<clever>
iclanzan: run your own cache? or use cachix?
fendor has quit [Ping timeout: 240 seconds]
<iclanzan>
seems complicated. like how do I compile on the cache server for all the different platforms?
<clever>
iclanzan: you compile on each platform, then push to the cache server
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « python27Packages.helpdev: 0.6.10 -> 0.7.1 »: https://git.io/Jfr17
<bqv>
iclanzan: cachix seems the most eminently sensible option imo
magnetophon has quit [Read error: Connection reset by peer]
<chloekek_>
bqv: The nice thing about software is that if anything turns out to be a problem, you can just throw it away and make something new. :) Changing stuff is so much cheaper than in e.g. hardware design or architecture.
<iclanzan>
clever: yeah, that’s a lot of work. I would have to put together VMs for Linux (Non NixOS) and macOS. It also makes it harder on my team cause they won’t be able to simply run `nix-shell`.
knupfer has quit [Quit: knupfer]
knupfer has joined #nixos
<chloekek_>
bqv: So I will just use IFD, because it’s convenient. And if it ever turns out to be problematic, I will delete it and make a new workflow.
<clever>
iclanzan: there is no difference between linux and nixos builds
magnetophon has joined #nixos
<bqv>
chloekek_: preaching to the choir... i love IFD, i was making a joke about how nixpkgs hates it
<clever>
iclanzan: and they can still just run nix-shell
<clever>
iclanzan: if the cache is configured, it pulls a pre-built copy, if the cache isnt configured, nix builds whats missing
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « python27Packages.deprecated: 1.2.9 -> 1.2.10 »: https://git.io/JfrM3
<evanjs>
so if I'm importing a virtualisation/*-image.nix module, what's the best way to configure the image module? Not quite sure how to approach this
<evanjs>
either with nix(-)build, nixos-generators, or whatever
kai_w has quit [Quit: Konversation terminated!]
magnetophon has joined #nixos
<bqv>
that's very weird, the error is caused by `LimitNPROC=64` in traefik.service
<evils>
jbox: i'm not sure it's possible to merge a PR without pushing a commit, but that may not be to master; and it being from a PR means it was most likely reviewed and/or checked by the bot
<jbox>
evils: ah, ok. That makess sense
szicari has joined #nixos
<hyper_ch>
1h to go till Space X Launch - if not aborted
orivej_ has quit [Ping timeout: 256 seconds]
orivej has joined #nixos
<evils>
anyone know if nix(os) is being used in aerospace?
<colemickens>
I love nixos-install taking --root and --system. <3
<evils>
hyper_ch: that's what we tell ourselves as we package something that uses python2...
<iclanzan>
clever: is it safe to expose my private machine as a binary cache using nix-serve considering there is private data in my /nix/store that I wouldn’t want to share with anyone?
magnetophon has joined #nixos
<clever>
iclanzan: its only a risk if you tell others what the path to one of the secrets is, or something depending on the secret
alp has joined #nixos
magnetophon has quit [Read error: Connection reset by peer]
<clever>
iclanzan: nix-serve doesnt allow you to list things, so the attacker would need to know the hash of a storepath to download it
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « duplicity: 0.8.12.1612 -> 0.8.13 »: https://git.io/Jfryd
<balsoft>
iclanzan: if you have a sufficiently high-latency connection, it's not an issue
<balsoft>
clever: there's a timing attack on nix-serve that allows you to find valid hashes quite quickly if the connection to the server is sufficiently low-latency
<clever>
balsoft: ah, hadnt looked at that attack angel
AndersonTorres has quit [Ping timeout: 272 seconds]
veleiro` has joined #nixos
ilios has quit [Quit: WeeChat 2.8]
<simpson>
Nice. Chop-chop based on non-constant-time string comparison?
<balsoft>
Although on the other hand, I'm still serving my cache to the world because my connection is so garbage it's not exploitable practically
opthomasprime has joined #nixos
<balsoft>
simpson: yes, but full credit to Yegor on that, I haven't done anything to discover this
opthomasprime has left #nixos [#nixos]
<iclanzan>
balsoft: what do you think a safe minimum latency would be?
veleiro has quit [Ping timeout: 260 seconds]
opthomasprime has joined #nixos
opthomasprime has left #nixos [#nixos]
rogue_koder has joined #nixos
opthomasprime has joined #nixos
opthomasprime has left #nixos [#nixos]
<cole-h>
colemickens: What does --system do?
<cole-h>
(Not on NixOS at the moment, so I can't check the manpage lol)
<jbox>
I want to test out my changes to a nixos module in my own fork. I'm doing `nixpkgs-atlas = import /home/atlas/nixos {};` in my let block, but I don't know how to use it. I assume I'd change services.whatever to nixpkgs-atlas.services.whatever, but I'm not sure, since I don't know where the regular "services" comes from in my existing config
<colemickens>
cole-h: tells it not to look for /etc/nixos/configuration.nix and lets you specify the path to system.build.toplevel output to install
<colemickens>
cole-h: I assume your client is sending gibberish messages to explain the last message I got from you :P
<balsoft>
iclanzan: I think anything with latency variations of >5ms should be fine, but definitely don't quote me on that; so, from practical experience, >50ms should be good enough
<balsoft>
But I'm definitely not an expert here!
<balsoft>
So please, please, please do your own research.
<balsoft>
And definitely don't put your binary cache in a public data-center.
magnetophon has quit [Read error: Connection reset by peer]
<cole-h>
colemickens: That's pretty nice. How is it used? Do you first nix-build your system.build.toplevel and then `--system ./result` ?
<balsoft>
cole-h: yes. That was my installation method before flakes
<jbox>
I guess I should ask one question at a time. When I write `services.openssh.enable = true;` in my configuration.nix, where does `services` come from?
<balsoft>
You may also want to write a simple configuration to test your changes, so NIX_PATH=nixpkgs=/path/to/nixpkgs:nixos-config=/path/to/simple/configuration.nix nixos-rebuild build
<balsoft>
You can also nixos-rebuild build-vm instead, and test your changes in the VM
<balsoft>
Oh, if you want to use the rest of the services from your default nixpkgs and only the openssh from your fork, it may get a bit tricky
<balsoft>
Actually, I forgot how to do it, shame on me... I think there's a way to tell nixos to not use a module from default nixpkgs and then import that module from your fork, but I don't remember how
<jbox>
I've never heard of nixos-rebuild build-vm
<jbox>
That last thing is what I want to do. It's not openssh, but terraria. I used openssh because it's common
<jbox>
I just want to use my working terraria module in my current configuration.nix
AndersonTorres has joined #nixos
<balsoft>
Sorry to not help directly, but what's the nature of your changes?
<balsoft>
May it be that said changes can be expressed without forking nixpkgs?
orivej has quit [Ping timeout: 260 seconds]
<colemickens>
cole-h: the exact scenario is: nixcfg is on xeep (my laptop). raspberry is my installed nixos rpi4. I'm transitioning it from SD install to USB install. The partition labels are different. So I altered my configuration for the new partitionlabels/zfs-mounts, nix-build'ed it, mounted /mnt/..., nixos-install --system --root, rsynced a couple /var/lib dirs and had my install migrated.
orivej has joined #nixos
<euank>
jbox: You can probably use the combination of..
<{^_^}>
[nixpkgs] @jonringer pushed commit from @r-ryantm to master « plex-mpv-shim: 1.7.16 -> 1.8.0 »: https://git.io/JfrS5
<jbox>
balsoft: thank you for the help balsoft++
<{^_^}>
balsoft's karma got increased to 7
<balsoft>
jbox: both of these changes sound like they can be easily expressed without using a fork
fendor has joined #nixos
<gchristensen>
simpson: you've turned me in to a zealot
<Avaq>
Hi folks! I hope someone can help me with the following. I am trying to install Obsidian (https://obsidian.md/) on my NixOS machine. It is proprietary software offered as an AppImage or Snap package.
<Avaq>
And since I've used appimageTools.wrapType2 to call my package, I don't know how to apply the solutions mentioned in the article above. As you can see from my gist, I've tried simply adding wrapGAppsHook to the extraPkgs to no avail, and I've tried setting programs.dconf.enable to true.
<samueldr>
is it me, or is merging config values in nixos submodules not working?
<samueldr>
oof, I see it
<simpson>
gchristensen: Nothing wrong with enthusiasm for monitoring and metrics. Or something else?
<jbox>
Obsidian seems really cool
<gchristensen>
simpson: authority
<samueldr>
I had lib.mkDefault a.b = {} instead of a = { b = lib.mkdefault = {} } so it didn't end up merging the one with the lower priority closer to the root
<gchristensen>
simpson: https://twitter.com/grhmc/status/1265735768812724225 I saw a video about doing something with google sheets + some other app, and the capability model was "allow FooService to access all your sheets yes-read-write/yes-read/no" and I'm like, NONE of those are what I want!
<jbox>
balsoft: it just says "lib." lol
<Avaq>
jbox: Yeah, it came by on Hacker News, and I wanted to give it a spin.
<simpson>
gchristensen: Yeah, it's terrible. Folks think in terms of B2B relationships, and not in terms of the actual permissions of each underlying object.
<Avaq>
First I got it to work ad-hoc with appimage-run, then I coded it into a .nix file using appimageTools.wrapType2. Both solutions get the appimage to run, but the first thing the app wants you to do is select a directory, upon which it immediately crashes with "No GSettings schemas are installed on the system".
<balsoft>
Ah, I've seen that error before
bukkitgerman8608 has quit [Quit: Ping timeout (120 seconds)]
<jbox>
balsoft: how would I go about referencing the terraria user's home directory in L139? Would I use config.users.users.terraria.home?
<Avaq>
After some research into this error message, I found that a solution might be to "Temporarily add a random package containing schemas like gsettings-desktop-schemas to buildInputs. glib" (https://nixos.org/nixpkgs/manual/#ssec-gnome-common-issues). But I can't do so, as I have no access to buildInputs, because I'm using a layer on top, namely the appimageTools.wrapType2 utility.
<jbox>
s/config/options
bukkitgerman8608 has joined #nixos
drakonis has joined #nixos
<Avaq>
At this point I decided to throw it here in chat. Maybe someone else already went through this.
<balsoft>
jbox: that would work, yes
<jbox>
would I need to make the options attribute set recursive?
<hyper_ch>
no space x launch today :(
<balsoft>
Avaq: I think it might have something to do with an env variable the name of which I do not remember
drakonis_ has quit [Read error: Connection reset by peer]
<balsoft>
jbox: Hmm, wait, no, s/options/config/ back :)
<balsoft>
jbox: no, why would you? The config attribute comes from function argument pattern match, not from an attribute of the set
cosimone has quit [Quit: Quit.]
drakonis2 has joined #nixos
alp has joined #nixos
drakonis has quit [Ping timeout: 252 seconds]
magnetophon has joined #nixos
cosimone has joined #nixos
user_0x58 has quit [Remote host closed the connection]
gustavderdrache1 has quit [Quit: Leaving.]
alexherbo2 has joined #nixos
user_0x58 has joined #nixos
kaliumxyz has quit [Remote host closed the connection]
<clever>
balsoft: the user is within the config file, so i expect the service to do its own root-drop
<jbox>
balsoft: where does config even come from? I don't know what it is. It gets passed to our module; that's all I know. Why would I want to reference an argument (something that comes from outside my module), when I want to reference something inside this module?
<__red__>
balsoft: it's in the ExecStart: ExecStart = "${pkgs.bacula}/sbin/bacula-dir -f -u bacula -g bacula -c ${dir_conf}";
<balsoft>
__red__: systemd will chown the StateDirectory to User:Group on unit startup
magnetophon has joined #nixos
<balsoft>
And AFAIU the User will be root
<clever>
balsoft: ahh
<__red__>
balsoft: do you know where StateDirectory is relative to?
magnetophon has quit [Read error: Connection reset by peer]
nicksloan has left #nixos [#nixos]
<balsoft>
__red__: in no way am I a systemd specialist, for me it's always relative to /var/lib
<balsoft>
I think it's configurable somehow
<balsoft>
jbox: because you want merging
<__red__>
okay - I guessthat means I need to look up the systemd unit file to see what's written
<ldlework>
I am reviewing Styx's configuration logic, and I've come across the following code: https://gist.github.com/dustinlacewell/3a81911360df0f0f71424811423499b4 It does some strange things I don't understand. Styx defines it's own core option declarations. Themes can also define their own option declarations. Theme options get merged together. The result is then stored/merged under the 'theme' key of the
<ldlework>
core declarations. What what's super wierd is that Styx actually merges the user configuration definitions into the core options before running the code above. It also only type checks the theme options against... themselves....?
<balsoft>
jbox: in other words, you want other modules to be able to overwrite stuff in the module you're currently in
<__red__>
how would I go about locating the actual systemd unit file for that?
<__red__>
Okay - I'll raise it and see what I need to do
<__red__>
I have a number of issues that are stopping me using it
magnetophon has quit [Read error: Connection reset by peer]
<__red__>
so I kinda want to know what is different about my setup compared to theirs
jbox- has joined #nixos
<__red__>
things like: bacula-dir-pre-start[8434]: /nix/store/h741mvx5n116286ym6w11mqvsxkxl16f-bacula-9.6.3/etc/update_bacula_tables: line 50: su: command not found
<__red__>
the startupi script doesn't have su in its path
<{^_^}>
[nixpkgs] @kidd opened pull request #89051 → datasette: add setuptools to propagatedBuildInputs → https://git.io/JfrQ4
<__red__>
why is it that way on mine, but not on theirs?
<balsoft>
__red__: it's very much possible that the module is broken, there's no particular guarantee of stability in nixpkgs, especially master/unstable
fusion809 has joined #nixos
<__red__>
maybe - but it's had this specific issue for years (I tried years ago and gave up)
magnetophon has joined #nixos
<__red__>
and they've continued adding features
<__red__>
on the bright side - it exposed a bug in a package I maintain so I should fix that
<__red__>
apparently my package has a runtime dependancy on awk
<__red__>
and the systemd unit won't support tape access unless I add my mtx package to systemd.services.*.path
magnetophon has quit [Read error: Connection reset by peer]
<__red__>
(even though it's defined in my configuration.nix as being global)
<__red__>
like - I would assume, su and awk?
<lovesegfault>
What's the speedFactor in a remote builder?
<__red__>
I guess I didn't expect to have to add pkgs.su and pkgs.gawk to systemd.services.bacula-dir.path
<__red__>
?
<jared-w>
@lovesegfault does speedFactor add racing stripes for extra horsepower?
<{^_^}>
[nixpkgs] @jonringer pushed commit from @kidd to master « datasette: add setuptools to propagatedBuildInputs »: https://git.io/Jfr7w
knupfer has quit [Ping timeout: 260 seconds]
__monty__ has quit [Quit: leaving]
<__red__>
GUess I'll strace pid 1 to find out wth is doing it
magnetophon has quit [Ping timeout: 258 seconds]
<evanjs>
Does anybody know how the OVA created by virtualisation/virtualbox-image.nix differs from a standard OVA? Or does it really even have any VBox-specific bits?
<evanjs>
I was able to import an OVA created by nixos-generators into VMWare workstation, though it did initially warn me, and I had to "retry with loosened restrictions" in order to import the appliance
<evanjs>
Wasn't sure if this might have any implications on importing this into e.g. ESXi
nixrebuildsallth has quit [Remote host closed the connection]
fendor has quit [Read error: Connection reset by peer]
bqv has quit [Quit: WeeChat 2.8]
mmchen has joined #nixos
bqv has joined #nixos
<mmchen>
How does NixOS work with C/C++ header files? I am trying to configure LSP with clangd but it has been frustrating. This is fairly weird but I am trying to `#include <bits/stdc++.h>` but clangd can't find that file and throws me an error. Meanwhile, it can find it on my Arch install.
bqv has quit [Client Quit]
<mmchen>
It does show imports from the standard library however, but I guess not from GCC.
bqv has joined #nixos
<__red__>
clever: I've confirmed that it's systemd that is doing to chown. I have no idea why.
<mmchen>
I am just trying to get LSP to work, but it clangd doesn't detect <bits/stdc++.h>
<balsoft>
mmchen: in that case you can just use nix-shell
<balsoft>
mmchen: installing libraries globally is a pretty bad practice, because it pollutes your environment and makes your development less reproducible
<balsoft>
You don't have to package your software _all the way_ with nix (so that it actually builds), usually specifying the dependencies will allow you to get into the shell
<__red__>
balsoft: is it possible for me to just override that systemd.service.services.bacula-dir.serviceConfig.StateDirectory in my configuration.nix?
<__red__>
can I just set it and it will override what's in the package?
matthewcroughan has quit [Quit: Connection closed]
<mmchen>
balsoft: Yes I understand all of that. It's just when I have gcc and the lsp server, it doesn't detect all my headers. I even have tried it in a nix-shell.
<balsoft>
__red__: yes
<balsoft>
You can just override it
<__red__>
that
<__red__>
's probably a decent workaround until they fix it
<balsoft>
mmchen: Now that's more interesting. What exactly have you tried and how it failed?
<__red__>
unless of course there's an option to set the user who owns the StateDirectory
<__red__>
...
zupo has joined #nixos
<mmchen>
balsoft: I am just writing a simple c++ file to test out the clang lsp. I don't care about project structure or environment right now. I am using gcc as my compiler. The cpp file only has `#include<bits/stdc++.h>`. However, my lsp server complains that it cannot be found.
gentauro has quit [Read error: Connection reset by peer]
<balsoft>
OK, will try to repro
<mmchen>
This works on my other non nixOS install and it seems to be work, so I am assuming it is nixOS issue.
gentauro has joined #nixos
Jackneill has joined #nixos
<mmchen>
I like to say that it does detect some header files, but just not bits/stdc++ (maybe more)
<balsoft>
But it's obviously awful and needs fixing
<mmchen>
I will try it as a nix-shell. Thanks!
opticnerve has quit [Quit: bye]
<balsoft>
Oh, it won't work in nix-shell :P
<balsoft>
Wait a sec please
<mmchen>
oh wait lol
elher has joined #nixos
o1lo01ol1o has quit [Remote host closed the connection]
<mmchen>
it just builds
<mmchen>
sorry I didn't read
<__red__>
balsoft: I managed to get the error: The option `systemd.services.bacula-dir.serviceConfig.StateDirectory' has conflicting definitions, in `/nix/var/nix/profiles/per-user/root/channels/nixos/nixos/modules/services/backup/bacula.nix' and `/etc/nixos/bacula.nix'.
<__red__>
can you tell me how to tell my configuration.nix that I actually mean to override it?
<balsoft>
__red__: lib.mkForce
<__red__>
Okay - never heard of that before - I'll have a google for that - thanks
<HedgeMage>
Hey, all. I recently did a fresh-ish install (with some config and data ported forward) of NixOS 20.03 onto a Thinkpad T460 which previously ran NixOS 19.09 flawlessly. I have no sound. I'm afraid I'm struggling to debug because I am inexperienced with pulseaudio, having run alsa-only sound for many years. My configuration.nix is at https://ghostbin.co/paste/qordt Any help would be appreciated!
<jtojnar>
ugh, and of course `sudo nixos-rebuild` does not see my user aliases so it falls back to flake registry
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos
<Ashy>
simpson: ah damn, pkgsCross.gnu32.gfortran fails to build for me
<HedgeMage>
lspci correctly IDs my audio chipset as: 00:1f.3 Audio device: Intel Corporation Sunrise Point-LP HD Audio (rev 21)
<wrl>
HedgeMage: does anything in alsamixer need to get unmuted?
<wrl>
make sure you're looking at the mixer device of the card and not pulseaudio
cole-h_ has joined #nixos
cole-h has quit [Ping timeout: 256 seconds]
* HedgeMage
facepalms
<HedgeMage>
wrl: Thank you... it works now... I didn't even realize that was a thing on pulseaudio systems, I thought installing pulseaudio made those controls irrelevant.
proofofk_ has joined #nixos
MasseR has quit [Ping timeout: 240 seconds]
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
<HedgeMage>
wrl++
<{^_^}>
wrl's karma got increased to 2
<wrl>
HedgeMage: pulseaudio... *mostly* works.
Ralith_ has quit [Remote host closed the connection]
orivej has quit [Ping timeout: 265 seconds]
orivej_ has joined #nixos
<HedgeMage>
wrl: Yeah, I have to say I'm not a fan, but I now have a bluetooth audio device I need to use for work, so I'm stuck with it.
<HedgeMage>
well, "need"... is incredibly convenient and I'll only give that headset up if I must :P
proofofk_ has quit [Read error: Connection reset by peer]
MasseR has joined #nixos
proofofk_ has joined #nixos
Ralith_ has joined #nixos
proofofkeags has quit [Ping timeout: 258 seconds]
<wrl>
HedgeMage: i'm holding out hope that pipewire will be able to unify both the consumer and professional use-cases
<{^_^}>
[nixpkgs] @MetaDark opened pull request #89062 → cmake-language-server: init at 0.1.1 → https://git.io/JfrbT
<jtojnar>
balsoft++ thanks, that is exactly what I was looking for
<{^_^}>
balsoft's karma got increased to 8
<balsoft>
glad to be of help :)
mmchen has joined #nixos
<jtojnar>
(needed --no-write-lock-file)
<jtojnar>
(needed --no-write-lock-file)
<mmchen>
:balsoft do you know the right person to ask about this toolchaining thing?
charego has joined #nixos
m0rphism has joined #nixos
mbrgm_ has joined #nixos
<charego>
would install questions about the new MacOS fix be better asked here or on discourse?
<cole-h>
Why does my `mount /dev/mapper/backup /mnt` produce a read-only filesystem?
<clever>
cole-h: what does `lvdisplay -C` report?
orivej_ has quit [Ping timeout: 265 seconds]
<cole-h>
I'm on ZFS, so nothing.
orivej has joined #nixos
mbrgm has quit [Ping timeout: 258 seconds]
mbrgm_ is now known as mbrgm
<clever>
cole-h: where did `backup` come from?
<balsoft>
mmchen: probably just try again tomorrow, the people who implement such things are usually pretty busy, I don't really think pinging them is a good idea
<cole-h>
clever: It's a veracrypt'd external disk that I `cryptsetup open`.
<cole-h>
It's NTFS-formatted (when unencrypted) -- does that matter?
<balsoft>
Although I guess you could ask clever, he seems to know literally everything
o1lo01ol1o has joined #nixos
<clever>
cole-h: you might be using the read-only ntfs implementation
ericsagnes has quit [Quit: WeeChat 2.7.1]
<infinisil>
charego: Maybe ask here or in #nix-darwin first and discourse if nobody replies within one IRC scroll
<cole-h>
clever: How would I change to the read-write NTFS implementation?
<clever>
cole-h: i think it was `mount -t ntfs3g` maybe?
<clever>
cole-h: you may need to add it to boot.supportedFilesystems first
<jtojnar>
now I just need to figure out why adding nixpkgs.nixosModules.notDetected to imports causes infinite recursion and I will be able to switch to flakes
<clever>
jtojnar: imports cant depend on the pkgs passed into a module
ericsagnes has joined #nixos
<wchresta>
I have a derivation (A) that takes quite a long time to build. Now I want to add other derivations (D) that use the binary of it and change some env (using wrapProgram). I don't want the derivations D to recompile whatever A built, so I think using parameters in A is not the right way to go. Is there a helper function that lets me create a wrapper binary? Anything else than just using mkDerivation with some empty source?
<jtojnar>
clever: how does one use modules imported from a flake then?
<clever>
jtojnar: not sure, usually you just <nixpkgs/nixos/something>
rogue_koder has joined #nixos
<energizer>
is it good practice to make my overlays apply to nix-shell etc?
<charego>
thanks I'll try #nix-darwin first
<jtojnar>
clever: well, that would go through NIX_PATH which is not an option with flakes
<clever>
wchresta: pkgs.runCommand with makeWrapper should do
<clever>
wchresta: makeWrapper takes a thing to run, and a thing to output to, while wrapProgram takes a single param, renames it, then runs makeWrapper on the renamed + original
o1lo01ol1o has quit [Ping timeout: 265 seconds]
<clever>
wchresta: so basically, `wrapProgram foo` will rename foo -> .foo-wrapped, then runs `makeWrapper .foo-wrapped foo`
<clever>
wchresta: but you could also just `makeWrapper ${a}/bin/foo $out/bin/foo`
<energizer>
more precisely: is it bad practice to do that?
matthewcroughan has quit [Quit: Connection closed]
matthewcroughan has joined #nixos
<cole-h>
clever: I'm imagining I'll need to reboot for the supported filesystems to take effect?
<wchresta>
sweet, thanks clever
<clever>
cole-h: nope
<bqv>
can i get at $out from passthru?
<clever>
bqv: runCommand has its own $out
<bqv>
?
<simpson>
Ashy: Hm. Not sure what to try next, sorry.
<clever>
bqv: why are you trying to get $out from passthru?
<{^_^}>
[nixpkgs] @abathur opened pull request #89063 → findutils: fix undeclared xargs dep on echo → https://git.io/Jfrbr