<moet>
if i do `fetchFromGitHub`, how can i exclude specific subdirectories from it?
<cole-h>
`postPatch = "rm -rf dir1 dir2 dir3";`
detran has joined #nixos
<cole-h>
Why do you need to exclude them, though?
<moet>
cole-h: i think that cabal is overzealous in building sub packages in there and it was causing a problem maybe... i might've been wrong.. i'm still new to nix
<nDuff>
superbaloo, ...not an answer to your question (I have a vague recollection of chasing down the logic behind those restrictions in the past, but have forgotten them since), but you might find the way NixOS builds its stage1 initramfs interesting. Don't know how small you're trying to target, but using its logic I have both kernel+initramfs combo in a single binary that's below 20mb -- and that's pulling in a native-Go executable, cryptsetup w/
<nDuff>
its dependency chain, and some other not-particularly-lightweight bits on top of the usual busybox &c.
<sleepydog>
I upgraded my nixos recently and now gnome-session exits every time i log in with "oh no! something went wrong". anyone else getting this?
cosimone has joined #nixos
<sleepydog>
it looks like there were some schema changes, because .gsd-wacom-wrap crashes with "Settings schema 'org.gnome.desktop.peripherals.touchscreen' does not contain a key named 'display'"
<sleepydog>
using pantheon desktop with gdm 3.34.1
slack1256 has quit [Remote host closed the connection]
<sleepydog>
i don't seem to have a generation with an older version so I can't go back to a working state :\.
kalbasit has quit [Read error: Connection reset by peer]
kalbasit has joined #nixos
camsbury has quit [Remote host closed the connection]
sleepydog has joined #nixos
cosimone has quit [Quit: Quit.]
fatjedi has joined #nixos
<sleepydog>
jackdk: thanks. it looks like gdm hasn't been updated in awhile so I don't think I'm looking at the right package
<jackdk>
Frustrating. I'm not a desktop-env-guy, so I can't offer much more help =/
<sleepydog>
to make things more interesting, it intermittently works :). I was just able to login now. only thing i've been changing is toggling debug on and off
<{^_^}>
#50105 (by Infinisil, 1 year ago, open): New nixpkgs committers requests
<freezeboy>
thank you Mic92
sangoma has quit [Read error: Connection reset by peer]
sangoma has joined #nixos
CMCDragonkai1 has joined #nixos
<l-as>
colemickens: do you build chromium for wayland for aarch64 for the cache?
werner291 has quit [Ping timeout: 240 seconds]
chrmb has joined #nixos
arkaebee has joined #nixos
kleisli has joined #nixos
<midchildan>
I'm trying to build a customized version of nixpkgs.siege that uses a version of OpenSSL that unfortunately lives outside the nix store. When I try to nix-build this thing, it doesn't seem to be able to find the OpenSSL header files, despite having specified "--option sandbox false". Is there anything that I'm missing here?
<midchildan>
It built just fine when I did a "genericBuild" using the nix-shell, so I was assuming it had something to do with the sandbox.
<edcragg>
hi, i'm getting "libX11.so.6: cannot open shared object file: No such file or directory" when trying to run something, what might i need to include in a shell to get X11?
<{^_^}>
[nixpkgs] @danieldk opened pull request #93052 → amd-blis: init at 2.2 → https://git.io/JJODN
neysofu has joined #nixos
mounty has quit [Ping timeout: 244 seconds]
<edcragg>
xorg.xorgserver doesn't seem to do the trick, is this more complicated, requires specific drivers or anything?
<symphorien>
On what executable do you get this ?
<edcragg>
it's a rust binary built with cargo... on gnome/wayland
<{^_^}>
[nixpkgs] @lheckemann pushed 0 commits to darwin-full-purity: https://git.io/JJO7G
chrmb has joined #nixos
<{^_^}>
[nixpkgs] @lheckemann pushed 0 commits to darwin-callpackage: https://git.io/JJO7Z
<{^_^}>
[nixpkgs] @lheckemann pushed 0 commits to fake-xcode: https://git.io/JJO7c
<chrmb>
hi all! ;))
<chrmb>
this is nixos developer channel?
hlavaty has left #nixos ["ERC (IRC client for Emacs 26.3)"]
<eyJhb>
chrmb: depends on your question
<eyJhb>
This is all Nix
<chrmb>
it is possible administer/maintain nix os server trought git?
<eyJhb>
Should be, setup a service that pulls every X and rebuilds
<edcragg>
you could put configuration.nix in a git repo, symlinked to /etc/nixos/configuration.nix, with an push git hook on the repo to `nixos-rebuild --switch` on push could work?
<chrmb>
it could look like one config/managment file on git maintainers work on with sync service with that file on server
FRidh has joined #nixos
ChrisOboe[m] has joined #nixos
<edcragg>
it's certainly possible, however you wanted to architect it. generally a nixos system has one configuration file defining it
<chrmb>
yes @edcragg siomething like that
<chrmb>
sorry something
<LnL>
I use a git hook to rebuild
<edcragg>
i imagine you'd get the output of the rebuild echoed by git, too, which could be nice
<edcragg>
s/nice/super flashy/
karantan has joined #nixos
<chrmb>
hof fast that nixos-rebuild --switch actually is?
<tobiasBora>
Hello, I'm installing the virtualbox extension pack using "virtualisation.virtualbox.host.enableExtensionPack = true;", but I see *lot's* of build, like "kBuild: Compiling rdesktop-vrdp - /build/VirtualBox-6.1.6/src/VBox/RDP/client-1.8.4/channels.c". Is it normal?
wip_ has quit [Remote host closed the connection]
<edcragg>
chrmb: depends on how much it has to do/how many packages it needs to fetch. could sometimes take a while
<eyJhb>
Sometimes 5 secs, sometimes a day
TethysSvensson has joined #nixos
<eyJhb>
When you recompile the world
<chrmb>
actually the idea is to create server that is locally locked down and accessible/maintainable only trough config file hosted on git
meh` has quit [Ping timeout: 256 seconds]
<TethysSvensson>
After making a PR to nixpkgs, what is the procedure to get someone to take a look at it?
proofofkeags has joined #nixos
<chrmb>
edcragg: not alot basically maintenance/improvement/updates/
knupfer has joined #nixos
sigmundv has quit [Read error: Connection reset by peer]
sigmundv has joined #nixos
proofofkeags has quit [Ping timeout: 240 seconds]
<eyJhb>
I have no clue why ` nativeBuildInputs = [ pkgconfig wrapGAppsHook lsb-release ];` will not include lsb_release in the configure part of building?
<eyJhb>
Since, it sholud be ... building during that
<eyJhb>
(also added to buildInputs)
werner291 has joined #nixos
<tobiasBora>
Oh, since virtualboxExtpack is not free, it means that it's not build by Hydra?
<eyJhb>
Yes, as far as I remember
<{^_^}>
[nixpkgs] @marsam opened pull request #93060 → SDL2: fix build on darwin → https://git.io/JJO5Y
<infinisil>
But as clever indicated, using ./foo works relative to the current Nix file, and you can readFile that because it turns it into an absolute path
zebrag has joined #nixos
<ixxie>
clever, infinisil - as expected, which means whatever goes wrong is something else.
<{^_^}>
[nixpkgs] @Luflosi opened pull request #93068 → batinfo: limit build to Linux → https://git.io/JJOFW
<gchristensen>
where does NetworkManager write VPN configurations? I have a VPN config that I'm using, but it doesn't appear in /etc/NetworkManager/system-connections, and I can't even find a file with a similar name: find / -iname '*namefragment*'
<clever>
ixxie: and its relative to the path that ./foo exists within, not the file doing readFile
<adisbladis>
gchristensen: Somewhere in /var/lib/NetworkManager iirc
<TethysSvensson>
matthewbauer: You've merged a few PRs for busybox previously. Could you take a look at https://github.com/NixOS/nixpkgs/pull/92581 (or alternatively point me at someone else to ping)
<{^_^}>
#92581 (by TethysSvensson, 5 days ago, open): busybox: Add a default udhcpc dispatcher script
<emmanuel`>
So I'm trying to get a particular build working in the nix-shell. I couldn't get it to work (I thought the error message was cryptic), so I figured, let me see what happens when I try this in my normal shell.
gustavderdrache has joined #nixos
<emmanuel`>
Fortunately, it worked. But this makes it painfully obvious that there is something missing in what I'm doing in the nix-shell.
<emmanuel`>
My exact (and simple) steps were this in both shells.
<emmanuel`>
My question: Has anyone here tried to do a build (of somethning ocaml related) with at least these steps involved.
<patagonicus>
Is there a ready made thing like builtins.filterSource that filters out .git and similar files? Easy enough to build myself, but I prefer code reuse so I don't have to maintain it. :)
<afreak>
you need to sudo install a binary file, that i think starts a daemon that runs at startup
fresheyeball has quit [Ping timeout: 265 seconds]
jbox has joined #nixos
fresheyeball has joined #nixos
pamplemousse has quit [Remote host closed the connection]
knupfer has joined #nixos
gustavderdrache has quit [Read error: Connection reset by peer]
cmacrae has quit [Quit: ERC (IRC client for Emacs 27.0.90)]
karetsu has quit [Quit: WeeChat 2.8]
proofofkeags has joined #nixos
<{^_^}>
[nixos-homepage] @github-actions[bot] pushed commit from GitHub Actions to master « Update flake.lock and blogs.xml [ci skip] »: https://git.io/JJON7
dermetfan has quit [Ping timeout: 256 seconds]
Doraemon has quit [Ping timeout: 272 seconds]
dermetfan has joined #nixos
<nDuff>
afreak, ...as a commercial product, I'd typically try to make their support people do the work. Their software being written in Go, though -- if they aren't using CGo you shouldn't have many library dependencies, so that part should be fairly straightforward. Setting up a service to run on-boot, by contrast, is fairly well-documented, by defining a new service under systemd.services.*
Fare has joined #nixos
pamplemo1sse has quit [Ping timeout: 240 seconds]
pamplemousse has joined #nixos
TethysSvensson has quit [Ping timeout: 245 seconds]
Fare has quit [Ping timeout: 260 seconds]
<atemu12[m]>
Can you temporarily override the tmpdir for a nix build somehow? I tried `TMPDIR=` but it still used /tmp.
maier has quit [Ping timeout: 265 seconds]
FRidh has quit [Ping timeout: 240 seconds]
FRidh has joined #nixos
pamplemousse has quit [Ping timeout: 240 seconds]
<srhb>
atemu12[m]: The easiest way to defeat the sandbox is to not use it, you can run the build from a shell and set TMPDIR as you like.
<atemu12[m]>
srhb: I don't want to defeat the Sandbox, I just want it to use a tmpdir that isn't on tmpfs
<atemu12[m]>
nix itself that is
<Fare>
In a default.nix, how do I exclude some temporary/build files / subdirectories from what is included in the src? Ideally, the src would be only the files in git, plus optionally a generated version file from git describe --tags --always. I can do the generation as a patch, too, though I'm not sure how to pass around the git description, if possible, except for automatically modifying the default.nix or generating a version.nix.
<Fare>
I tried "just" using src = . but then I get error: file '/.../run/ethereum/.ethereum/geth.ipc' has an unsupported type
<afreak>
aha thanks nDuff yeah, i think i can make it work, it seems when the binary file "installs" it creates a systemd service and runs the same binary
<srhb>
atemu12[m]: If you're running daemonized, you can feed the nix-daemon TMPDIR to control it, iirc.
<emmanuel`>
Is it possible to pull sandbox-exec into the nix store?
werner291 has quit [Quit: werner291]
<nDuff>
Fare, that "unsupported type" error is... unusual and surprising... but Nix does give you plenty of ways to filter a source tree; see builtins.filterSource, and the more extensive implementation nixpkgs puts on top of it in https://github.com/NixOS/nixpkgs/blob/master/lib/sources.nix
<atemu12[m]>
srhb: I don't want that to affect every Nix build, I just want this one to use a different TMPDIR
<srhb>
atemu12[m]: Then no, I don't think you can.
<clever>
Fare: there is builtins.match, but its not full regex
<patagonicus>
I'm currently looking at https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/cd-dvd/sd-image.nix and I'm a bit confused: it uses mkDerivation for system.build.sdImage, but doesn't set src. If I try mkDerivation without src I get an error message about it . (And it's also not setting phases or somethling like that. So, why is there
<patagonicus>
no error because of src being unset?
<veleiro>
Can't open and lock privilege tables: 'mysql.user' is not of type 'TABLE'" i
<veleiro>
think its because i changed my username on my system. tried to remove
<veleiro>
anyone receive this error before with service.mysql? "[ERROR] Fatal error:
<veleiro>
service.mysql and garbage collect and start from scratch but im still seeing it
<veleiro>
when service.mysql exists on system rebuild
<patagonicus>
Oh, I guess my mistake was using buildPhase instead of buildCommand.
<clever>
patagonicus: if you set buildCommand, it skips all phases, and its unpackPhase that complains about $src
<patagonicus>
clever++ Aah. Thanks!
<{^_^}>
clever's karma got increased to 474
<clever>
patagonicus: there is also `pkgs.runCommand "name" { buildInputs = []; } "script goes here"`
<{^_^}>
[nixpkgs] @flokli pushed to master « gerrit: add myself to maintainers »: https://git.io/JJOx1
<clever>
patagonicus: thats just a helper, that sets buildCommand for you
proofofkeags has quit [Remote host closed the connection]
proofofkeags has joined #nixos
Thra11 has quit [Quit: WeeChat 2.8]
<Fare>
clever, how do I read some data file's contents, though?
<{^_^}>
[nixos-homepage] @github-actions[bot] pushed commit from GitHub Actions to master « Update flake.lock and blogs.xml [ci skip] »: https://git.io/JJOh2
fresheyeball has joined #nixos
turlando has joined #nixos
chloekek has joined #nixos
<afreak>
can a nixos package set up a systemd service automatically? or do you need to install the package, and then add the service manually in nixos config?
<infinisil>
afreak: You can write a NixOS module which when enabled sets up a systemd service
<chloekek>
Does the NixOS minimal install image come with drivers that have to be loaded manually before they can be used during installation?
<afreak>
ah, so module is something different than a package? like NUR repository does not have any modules, only packages infinisil ?
<afreak>
modules is something you have to import, while package u can install
dermetfan has quit [Ping timeout: 272 seconds]
<Taneb>
afreak: you kind of want it the other way around. Set up the module for the service, and that'll get everything it needs installed
<Taneb>
"module" is possibly a misleading bit of terminology
<infinisil>
afreak: NUR can actually also have modules, but yes, these are different
<afreak>
oh, do you have an example ? id like to make a module that depend on a package then Øp
<afreak>
and then be able to reuse it easily between my machines, in a repo
<{^_^}>
[nixpkgs] @dasJ opened pull request #93073 → nixos/systemd: Implement a packages option → https://git.io/JJOhS
<infinisil>
afreak: However, there is an alternative: You can put systemd service files in $out/lib/systemd/system/<name>.service . Then NixOS users can add this to `systemd.packages = [ <the package> ]` for the service to be installed
<infinisil>
But generally it's nicer UX to have a NixOS module
<infinisil>
Because you can then just do e.g. `services.foo.enable = true`, and configure things about it easily
<afreak>
yeah, the app i want to wrap wont work without dhe daemon running
kalbasit has joined #nixos
BellRooks has quit [Ping timeout: 264 seconds]
<infinisil>
nixpkgs has many examples of NixOS modules for services
<{^_^}>
#93073 (by dasJ, 10 minutes ago, open): nixos/systemd: Implement a packages option for tmpfiles
<chloekek>
I’m confused about https://nixos.wiki/wiki/Creating_a_NixOS_live_CD. Will this file and command create an ISO that mirrors the machine it was created on? Is it possible to instead create an ISO that is just like the minimal installer, but with some extra packages added to it?
<infinisil>
flokli: Looks like it uses the default output
<flokli>
I wonder if it should stay this way, as written in the linked PRs
<infinisil>
Ah right
<infinisil>
Hm so I think multiple outputs are a bit clumsy right now
<infinisil>
You don't always know which file should go in/come from which output
meh` has joined #nixos
<infinisil>
I think ideally we'd have a clearly defined $out layout, which describes where everything needs to go
<emmanuel`>
I know the answer to this question may be no, but is it possible to change the permissions of a file in the nix store in NixOS (I know that goes against the spirit of what the store is for)?
<emmanuel`>
The situation is that I've downloaded some binaries and I would like to make them executable
<infinisil>
Then we can also have a standard set of output and output assigners, which split $out into a set of derivation-decided outputs (that's what happens already)
<srhb>
emmanuel`: That's not a problem in itself. What are you actually trying to achieve?
<srhb>
emmanuel`: (As in, it's perfectly normal for a build to chmod +x some files)
<infinisil>
flokli: But then I think we should also have a convenience function like `lib.getFile <derivation> <subpath>` which first looks up in which output the subpath should be, then gets the file from that output
<flokli>
infinisil: umm, not sure.
<emmanuel`>
shrb: I am fetching a set of binaries with "builtins.fetchTarball" for a particular build.
<flokli>
we currently apply getBin / getLib on the packages passed to the udev option
<evanjs>
Alright, so, seeing an error like "error: creating symlink from '/home/demo/overlay/pkgs/simple-help-remote/result.tmp-14263-1251280719' to '/nix/store/pfhq0fxrkmbspjs1is39xx9m9wr5yc7b-simple-help-remote-support': Operation not permitted"
<infinisil>
So e.g. you'd have a standard output mapping like `lib.outputMapping = { bin = [ "bin/*" ]; lib = [ "lib/*" ]; }` or so. And you could use `lib.getFile pkgs.hello "bin/hello"` which translates to `pkgs.hello.bin + "/bin/hello"`
<evanjs>
Anybody have an idea of where to start with that?
<emmanuel`>
Then I want to ensure those binaries are executable, because they need to be for the application
<evanjs>
The build seems to near completion and then die like that
<evanjs>
works on _my_ machines, though :P
<emmanuel`>
I'm rerunning the nix-build right now.
<evanjs>
I think this is in a NixOS VM on Catalina, if that matters
<flokli>
infinisil: I'm mostly concerned about being consistent here. If it's always either in that output or in another if that output doesn't exist, it won't be too complicated
<emmanuel`>
I want to make sure that the build fails again when it gets to that step.
<infinisil>
flokli: It gets complicated for backwards compat at least
<srhb>
emmanuel`: If you're trying to change the permissions on some _input_ to your build, that will (and should) fail
<srhb>
emmanuel`: Those paths are indeed immutable
<infinisil>
flokli: Because without a function like lib.getFile, you have to guess which output a file belongs to
<infinisil>
And if this ever changes, it breaks everybody that assumed the default output before
<infinisil>
But anyways, this is probably better for an RFC
<flokli>
lib.getFile also can't poke into random outputs to look if it's there
<emmanuel`>
So the only way around this is to actually build the binary instead of downloading it from elsewhere^
<flokli>
it's only another indirection about how to describe in which output thing X is, without explicitly writing it
<infinisil>
flokli: Can't do that because then it would have to evaluate all outputs just to find the correct one (which kind of defeats the point of multiple outputs)
<flokli>
yes
<flokli>
I mean, I'd rather have this consistent across all packages
<flokli>
Maybe warn if you try to add a package that doesn't expose any of the files it expects
<infinisil>
That sounds like a good idea
<flokli>
as in, if you assing something to services.udev.packages that doesn't expose udev rules, don't build it
<srhb>
emmanuel`: No, you can copy it in place and modify it however you like in $out, say
alexherbo2 has joined #nixos
<emmanuel`>
srhb: I was just thinking that.
<srhb>
emmanuel`: It has nothing to do with built vs source. (Whether the binary you're grabbing is useful as-is is another question)
<infinisil>
flokli: And how would you check that without building it?
<{^_^}>
[nixpkgs] @raboof opened pull request #93075 → sweethome3d: improve performance by enabling OpenGL for java2d → https://git.io/JJ3ev
<AmandaC>
Build is just a verb. It doesn't matter what the input/outputs are. Your "build" step can be to take th einput (some binaries) and create an output (Those same binaries but with chmod +x )
<AmandaC>
it's all the same to Nix weather you're doing that, or compiling stuff from C/C++ source code
chrmb has quit [Remote host closed the connection]
<emmanuel`>
If I were to add "cp" command here, is it possible to modify the permissions during the copying?
captn3m0 has joined #nixos
captn3m0- has quit [Ping timeout: 258 seconds]
chrmb has joined #nixos
alexherbo2 has quit [Ping timeout: 264 seconds]
<nDuff>
emmanuel`, ...as an aside, pastebin.com has ads (for those that don't block 'em), and a long history, during parts of which they took very little care as to whose ads they showed (and permitted javascript/animated/etc ones). It's worth considering alternatives -- gist.github.com, ix.io, &c.
<srhb>
emmanuel`: The key takeaway is that you can't modify anything in ${binaries}
waleee-cl has joined #nixos
<flokli>
infinisil: you build it. Main goal here is it'll complain when you try to build that system, instead of silently dropping systemd units or udev rules
<nDuff>
...now, actually looking at that code...
<srhb>
emmanuel`: Once you copy them to $out, you can do whatever to them.
<flokli>
and for everything that has a nixos test, we'll notice :-)
<srhb>
emmanuel`: Imagine if the converse were true; any build could modify any existing package willy nilly.
__monty__ has joined #nixos
<emmanuel`>
Ok, this makes sense to me. Thank you for help
<nDuff>
note that $(ls $binaries) is considered an antipattern by bash folks -- see https://mywiki.wooledge.org/ParsingLs. Better to refer to "$binaries"/* -- you can get from the fully-qualified path that expands to one with the filename only via ''${bin##*/} (the two double quotes being to prevent nix from treating the dollar-curly as an escape into nix code, vs a bash expression.
<infinisil>
flokli: Ah I see, you were talking about building the system, not the package
<nDuff>
(though there are _lots_ of things that are antipatterns in the bash world done habitually by nix folk; that's a... significant fight to try to have)
alexherbo2 has joined #nixos
<emmanuel`>
Change I just change the permissions on the symlink I've created instead of actually copying the binaries?
<simpson>
nDuff++ for bringing the solution and not just the problem
<{^_^}>
nDuff's karma got increased to 1
<colemickens>
shellcheck all the shell embedded in nix
<simpson>
bash is not an easy language when it comes to style. It'd be nice if we could check it.
<infinisil>
We can check it with shellcheck!
<srhb>
emmanuel`: Because I've copied it, I'm free to chmod it.
<flokli>
infinisil: having some logic in the multi-output code moving around files into the appropriate locations if you don't explicitly specify it could nicely complement things indeed
<emmanuel`>
Ok this helps! Thank you so much.
<srhb>
(Or rather, because I'm not trying to modify an existing path)
<flokli>
But I assume this will cause mass rebuilds as well…
chloekek has left #nixos ["WeeChat 2.7.1"]
asymptotically has joined #nixos
<nDuff>
(note that I'd suggest cp --reflink=auto to _try_ to avoid using extra storage via that cp when the nix store is on btrfs, xfs with the relevant flags enabled, or another reflink-capable filesystem).
<nDuff>
...one could also use a hardlink to be able to change permissions without extra storage.
<infinisil>
This is how standard outputs like doc/dev/lib get populated
<srhb>
nDuff: Hmm, that doesn't sound normal to me.
<nDuff>
srhb, granted, it's not a common practice. I do it myself because I have derivations that work with multi-gb files.
<srhb>
nDuff: Maybe that's btrfs specific? Does Nix permit that? Because I feel like it should fail since it wouldn't work on normal fs'es where permissions are the same on all hardlinks
freezeboy has joined #nixos
<nDuff>
Oh -- the hardlink side, not the reflink side. I'm probably just wrong about hardlinks (since what I'm actually using are reflinks).
<srhb>
Ah ok. :)
<nDuff>
makes more sense for it to be the inode with the permissions now that I step back and think about it.
<srhb>
Yeah, exactly.
<cole-h>
Anybody know if it's possible (or even how) to apply a patch to one of niv's `sources.<source>`?
sarahzrf has joined #nixos
<sarahzrf>
ummm, what's the difference between ~/.nixpkgs/config.nix and ~/.config/nixpkgs/config.nix
<srhb>
sarahzrf: The first is older and obsolete.
<sarahzrf>
is that documented somewhere >.<
<srhb>
pkgs/top-level/impure.nix
<sarahzrf>
(i believe you, just wondering where i was supposed ot be able to find out)
<srhb>
Not easily. :-)
<sarahzrf>
oy gevalt
<srhb>
Or, maybe... I don't know.
<srhb>
sarahzrf: Ideally it'd be in the nixpkgs manual, or in a nixpkgs changelog, but really there's no such thing.
<sarahzrf>
:\
<srhb>
(ideallier it didn't exist at all, but ...)
<srhb>
sarahzrf: fwiw flakes sort of try to do away with all the spooky action at a distance config of nixpkgs (and anything else, really)
<srhb>
We'll see how that pans out. :)
<{^_^}>
[nixos-homepage] @github-actions[bot] pushed commit from GitHub Actions to master « Update flake.lock and blogs.xml [ci skip] »: https://git.io/JJ3ex
<superbaloo>
I have a static build of clevis, which builds against libcurl, libjansson and others. Some of those dependencies should creep out as referenceds in the output, some should be included (because used binaries from those builds), some others should not (because static build). I'm trying to save space here, is there a standard way to filter references?
<srhb>
sarahzrf: A proposed mechanism for (among other things) purifying nix evaluation
<srhb>
There's an RFC, but I believe the docs are a bit out of date with the implementation at this point; https://github.com/nixos/rfcs/pull/49 -- anyway, I just meant that perhaps there's light at the end of the tunnel wrt. config file from all over behaving in a hard-to-predict manner (lack of docs notwithstanding)
<cole-h>
(not to dismiss that problem, just curious)
<zeta_0>
immae: ok, one second, i'm going to delete the repo and re-clone it again
<{^_^}>
[nixpkgs] @adisbladis merged pull request #86278 → nixos.users-groups: Set up subuid/subgid mappings for all normal users → https://git.io/Jfm58
<sajo>
Any way to purge broken store paths? I'm getting "...is not in the Nix store" when trying to install a package. I'm guessing there is some broken link in the cache.
<pylsan>
sajo: nix optimise-store ?
<sajo>
Just tried. Still got the same error when installing something :(
<timokau[m]>
sajo: nix-store --verify --repair
<timokau[m]>
Maybe --check-contents (check the docs)
<sajo>
Will give it a try. Ah I just found the part of the manual about this.
<patagonicus>
So, I'm trying to build a custom system image and for that I'm using `config = import <nixpkgs/nixos> { configuration = ./configuration.nix }`. Getting the store paths for the root fs is not a problem, but now I'm trying to figure out how to get at boot.loader.generic-extlinux-compatible.populateCmd. Using config.config.boot.*.populateCmd doesn't
<patagonicus>
work, because it doesn't exist. Can someone point me in the right direction? Also not sure if that's even the right way to get config, but config.system works as an input for make-ext4-fs …
<hpfr[m]>
The first line is mentioned in the spice-gtk derivation in a comment, and I had to figure the system package part out myself. Should really be a NixOS module
<sajo>
Thanks patagonicus. I tried that and it looks like the output was a store folder of nix iteslf. So I'm guessing I put that store folder along with the store folders of its dependencies, and recreate the structure of the installer?
<nDuff>
...a real bootstrap-from-nothing effort would be interesting -- something like the Mes project that GUIX is doing. A lot of work, though -- actually, insofar as GUIX can build Nix derivations, I could see using Mes as a means to bootstrap Nix.
<patagonicus>
Sajo: Hmm. From what I can tell the installer has a store directory in it which contains nix + its runtime dependency. Not exactly sure how you figure out which ones that are, but nix-copy-closure might be a good start. I don't know how to build the installer scripts - they might be built with something other than nix.
<gchristensen>
here is a list of things I that might be broken, let's see if any of them build now -- but don't bother trying if it is already in the cache
<CrunchyChewie>
NobbZ[m]: is that file(overrides.nix) in .config/nixpkgs ?
<NobbZ[m]>
yes
<bqv>
CrunchyChewie: actually, it is, if you ctrl-f nixpkgs.overlays
<NobbZ[m]>
Though as bqv
<NobbZ[m]>
* Though as bqv already has mentioned, you can use multiple ways to specify your overlays, depending on the scope you need them in.
<bqv>
yeah
<{^_^}>
[nixos-homepage] @github-actions[bot] pushed commit from GitHub Actions to master « Update flake.lock and blogs.xml [ci skip] »: https://git.io/JJ3O7
<NobbZ[m]>
I like my overlays to be available in the full user environment, others prefer to have them only available for the environment they do actually build
<CrunchyChewie>
`nixpkgs.config` is not in that doc
<NobbZ[m]>
I'm aware of the fact that many of my `shell.nix` will just break.
<bqv>
CrunchyChewie: yeah, i misspoke, i corrected that (twice :p)
moet has joined #nixos
<gchristensen>
bqv: if you don't know what that tool does, you probably don't want it :P
<gchristensen>
(and it isn't working around an issue in Nix)
dansho has joined #nixos
<CrunchyChewie>
bqv: fair enough
<CrunchyChewie>
sorry I read it wrong
* colemickens
hates this exact conversation
<bqv>
gchristensen: yeah, that's fine, i was just curious
inf has quit [Ping timeout: 258 seconds]
<bqv>
CrunchyChewie: it's cool
<CrunchyChewie>
so there's an overrides.nix, an overlays.nix, as well as an overlays directory where you can put named .nix overlays?
<bqv>
as well as nixpkgs.overlays
<gchristensen>
bqv: the tool is for this scenario: today, you notice that foo, bar, baz don't build. in 6 months you wonder if foo, bar, baz build. that tool will check to see if foo, bar, baz build but will first to see if each package was built by upstream before attempting to build it -- and if it was, not even bother downloading it.
<colemickens>
NIX_PATH, ~/.config/nixpkgs/config, nixpkgs.overlays, implications for nix-shell, implications for nixos-rebuild. It's easy to forget and make mistakes even when you know about the details.
<moet>
hello, i'm trying to run some haskell tests as part of a nix-build .. i'd like to have a standard ghc-environment-file output into the build directory prior to running the test executable.. this file is usually output by cabal, but cabal isn't used by the haskell generic-builder.nix.. is there a way within the haskell infra to output a ghc-environment file?
<NobbZ[m]>
Either use `overlays.nix` *or* the folder, not both
o1lo01ol1o has joined #nixos
<colemickens>
nix-build-uncached is useful for nixpkgs-wayland (though I had to back it out due to my bug)
<CrunchyChewie>
it would seem like, over time, the more scalable option is the directory with named files
<colemickens>
without it, builds.sr.ht will download every overlay package from the binary cache due to `nix-build`.
<colemickens>
With it, it will realize that 90% of the time all of the builds are cached and it can just no-op and exit without downloading hundreds of megabytes.
<bqv>
gchristensen: ah, that makes sense. so the situation where you care only about whether the build is successful, and not on the result
<moet>
alternatively, i've tried to run cabal to output the ghc-environment file in the `preCheck` hook, but have been having some troubl ewith that also.
Max27 has joined #nixos
<qyliss>
colemickens: do you mean builds are cached by your own binary cache?
<bqv>
CrunchyChewie: as that wiki page says, you can actually use all those solutions at once :D
<bqv>
for example, i insert my overlays via nixpkgs.overlays, but i actually do have a directory of files
<bqv>
which are each an overlay .nix file
<bqv>
this isn't necessarily the simplest of architectures
<bqv>
but at least it's very pure..
<CrunchyChewie>
bqv: going back to the emacs example, what does that individual overlay file look like
<CrunchyChewie>
the `self: super:` syntax?
<colemickens>
qyliss: I think so, if I parsed the question right. The CI job pushes my cachix at the end, and it's specified as an extra binary mirror on the calls to `nix-build-uncached`.
<CrunchyChewie>
that's already defined in the default.nix file in that repo
<bqv>
CrunchyChewie: you don't have to do self: super: in that case, because you've already got the overlay function prebuilt from emacs-overlay
<bqv>
exactly
<CrunchyChewie>
ah
<qyliss>
colemickens: cool, that answers my question. thanks for clarifying.
<colemickens>
fun fact, nix-build-uncached runs a dry-run and string parses the output.
<CrunchyChewie>
so in this case, specifically, I just need to make the fetchGit call in the overlays array in my config
<bqv>
if you really wanted a file, you can just have that file be "import (fetchFromGithub whatever)"
* CrunchyChewie
nods
<bqv>
but that seems extraneously pointless to me
<CrunchyChewie>
agreed
<CrunchyChewie>
lemme give this a shot, ty for the assistance
<bqv>
np
karetsu has joined #nixos
<Max27>
Hi all, I'm running into an issue where secret-tool stopped working after switching from GDM to lightdm. I think it might be related to dbus
<Mic92>
bqv: yes
<Mic92>
In fact I need to extend my tool for flakes as well.
<CrunchyChewie>
bqv: after adding that block to configuration.nix and doing a rebuild, the overlay version of emacs is still not being installed
<yurb>
a noob question... if I do a `nixpkgs-review pr 93014` on https://github.com/NixOS/nixpkgs/pull/93014 and I'm running nixos-20.03 will it build everything from the master of nixpkgs down to glibc?
<yurb>
infinisil: thanks, rebuilding ardour is okay for me, I was a little scared about my laptop melting under rebuilding all of its dependencies:)
<clever>
dansho: then why are you getting an error from /home/dansho/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/bin/rustc ?
<dansho>
no idea
<clever>
dansho: it feels like the rustc you ran ldd on, is working perfectly fine, but it then decides to run a totally different rustc, check `strace rustc --version` ?
<colemickens>
cargo and rustc can come from different places and call different things
<colemickens>
I've been bit by that before.
<CrunchyChewie>
bqv: ah, I'll give that a shot, thank you
<adisbladis>
yurb: Nix will tell you what it will build before it does so, so you can bail out if it seems too heavy
o1lo01ol1o has quit [Ping timeout: 272 seconds]
<yurb>
good to know
proofofkeags has quit [Remote host closed the connection]
<clever>
dansho: its reading that same config file, and running the "wrong" rustc
proofofkeags has quit [Ping timeout: 256 seconds]
karetsu has quit [Quit: WeeChat 2.8]
<clever>
dansho: only the rustc in the nix store will work, and its being dumb and re-running the broken rustc's from ~/.rustup/ to "help you" with changing versions (which cant work on nix)
<clever>
bbl
<{^_^}>
[nixpkgs] @risicle opened pull request #93083 → cpython: add separateDebugInfo, allow use of gdb libpython → https://git.io/JJ3sn
asymptotically has quit [Quit: Leaving]
<dansho>
well I can get rid of that old version, I did `rustup default nightly` but I still get the same error
<moet>
is there any way to get nix to produce a ghc-environment file?
<moet>
(during build)
jb55 has quit [Remote host closed the connection]
jb55 has joined #nixos
seku has quit [Quit: Connection closed]
rardiol has quit [Ping timeout: 246 seconds]
civodul has quit [Quit: ERC (IRC client for Emacs 26.3)]
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
nixbitcoin has quit [Remote host closed the connection]
sangoma has quit [Quit: WeeChat 2.8]
nixbitcoin has joined #nixos
<moet>
i did some hack to get cabal to run in preCheck to produce the ghc-environment file, but cabal complains about nix's use of GHC_PACKAGE_PATH .. i'm getting the sense that this seemingly intentional hamstringing of cabal is something i shouldn't fight
<CrunchyChewie>
bqv: appears to have worked, thanks again (NobbZ[m] too)
justanotheruser has quit [Ping timeout: 246 seconds]
<adisbladis>
CrunchyChewie: I'd really appreciate a PR to emacs-overlay with better instructions. You are not the first person to struggle with this. I'm just not sure how to restructure things.
<CrunchyChewie>
sure thing... I guess the fuzziness comes from the multiple ways to address package modification that NixOS offers
<CrunchyChewie>
adisbladis: maybe a section that communicates its an opinionated, bare minimum, "do this to get it working" quick-launch?
<CrunchyChewie>
and then caveat: "please read further at A, B, C to understand overlays etc..."
<slack1256>
Nice. I am using fish enabled from configuration.nix programs.fish.enable = true; . Every fish session I launch has `nano` as a global exported variable for EDITOR. I already set a universal exported variable for EDITOR as emacsclient. When I do `set --show EDITOR` it shows both. But some programs such as `pass` use the nano editor instead of emacsclient. How do I stop fish from setting the global EDITOR variable?
__monty__ has quit [Quit: leaving]
jbox has quit [Quit: WeeChat 2.8]
<hpfr[m]>
Fish user here, what does universal exported variable mean? Variables are shell-dependent
sarahzrf has left #nixos ["WeeChat 2.8"]
<bkv>
it might be that those apps require a different variable
<immae>
probably pam environment?
<slack1256>
hpfr[m]: As per fishdocs, universal variables are variable that persist between reboots.
<bkv>
oh
<bkv>
that's not what you need
<bkv>
(is it the same as an environment variable?)
<bkv>
if you try `export EDITOR emacsclient` and then run pass again, does it work better?
<adisbladis>
You most likely want `environment.sessionVariables`
<bkv>
or whatever the fish syntax is
<adisbladis>
(which does default to nano btw, so that's likely where it's coming from)
<slack1256>
adisbladis: I think you're right. I will try.
<CrunchyChewie>
adisbladis: something else I'd be interested in clarification on, what is the correct way to enable the daemon for, say, emacsUnstable?
<adisbladis>
CrunchyChewie: Are you talking about services.emacs ?
o1lo01ol_ has quit [Remote host closed the connection]
<adisbladis>
If so you can use services.emacs.package
o1lo01ol1o has joined #nixos
fendor has quit [Read error: Connection reset by peer]
<bkv>
adisbladis: i think that actually is how it works, in home-manager
<{^_^}>
[nixpkgs] @jtojnar pushed commit from @Atemu to master « gammy: init at 0.9.58 »: https://git.io/JJ3nL
<bkv>
that's what confused me
<bkv>
it's definitely different between nixos and HM
<adisbladis>
I think that the NixOS modules were just scratching someones personal itch without thinking about how they affect each other
ixxie has joined #nixos
<bkv>
the exwm module is certainly a mess, i didn't even try and get it working well
<CrunchyChewie>
this journey into services has also let me know my pam/user env is a little screwt
<bkv>
let the yak shaving begin
<CrunchyChewie>
pretty much
<CrunchyChewie>
still seems like after ^^ config it's still running the daemon for 26.3
<bkv>
it's a user service, right?
<bkv>
try systemctl --user daemon-reload
<bkv>
then restart it
work_ has joined #nixos
<bkv>
neither nixos nor home-manager properly reload user sessions
sleepydog has joined #nixos
Rusty1 has joined #nixos
<CrunchyChewie>
ok, fixed that
<CrunchyChewie>
but now there are 2 daemons running lol
<bkv>
well that's not good..
<adisbladis>
Of course that's good
<adisbladis>
That's twice as much emacs
<CrunchyChewie>
right?
<bkv>
a little is good, more must be better!
zeta_0 has joined #nixos
zeta_0 has left #nixos [#nixos]
<rycee>
For the Emacs service Home Manager avoids restarting it on switch.
<rycee>
It used to do so but for whatever reason people complained about shutting down their Emacs with a million buffers loaded 🤷
<bkv>
rycee: i was talking about reloads, not restarts
<bkv>
(daemon-reload)
<Graypup_>
I'm nixifying software that needs to symlink one of its dependencies into its source directory in order to build. I would also like to have it able to be built in a nix-shell environment, which implies that that symlinking would need to be done to start the shell. Do it in preConfigure and also in the shellHook? or is there a less evil idea?
<Graypup_>
actually, it gets worse, since I might need to modify the cabal packages that needs to have its build output symlinked *while* in the shell :O wondering if i should just write a makefile for dev time and use nix for this stuff during actual builds
<{^_^}>
[nixos-homepage] @github-actions[bot] pushed commit from GitHub Actions to master « Update flake.lock and blogs.xml [ci skip] »: https://git.io/JJ3cv
<CrunchyChewie>
alright well time to shut down tinkering and go feed myself, thanks again for the help everyone.. adisbladis - I'll get a PR over for the docs in the next 24 hrs or so
<Graypup_>
(there is a ghcjs part that -ideally- I'd be able to modify along with the ghc part while working on it with the same development shell)
<cole-h>
Do it in preConfigure and then run $configurePhase as part of your build process :)
<Graypup_>
cole-h, but what about in nix-shell? just put preConfigure in the shellHook? evil but it could work lol
<cole-h>
I'm saying to use $configurePhase in your shell yourself.
<Graypup_>
hm I guess I could do that, but then I'm basically resigned to writing a makefile since I'd have to do that on every build and I don't want builds to take two commands
<rycee>
bkv: Ah, right. In general HM should do a systemd daemon reload during activation. Do you know in which case it doesn't?
erasmas has quit [Quit: leaving]
<bkv>
rycee: if for the user daemon, i'm not sure. i feel like i have had instances where issues have been fixed by a manual reload, but there's a fair chance i was doing something else wrong or i'm just remembering nixos's setup
<bkv>
(sorry that's not so helpful)
<Graypup_>
what if I actually used cabal and Setup.hs to solve my problems :hmm:
<rycee>
bkv: HM did for a long time bail out if the systemd session was in a degraded state but for some time it simply resets the failure state and happily continues on to do the reload :-)
<bkv>
ahh, okay
<rycee>
But of course there might still be cases were it doesn't manage so it would be good to know about those if you run into it again.
sigmundv has quit [Ping timeout: 240 seconds]
<bkv>
i'll keep an eye out and let you know if i find a case
m0rphism has quit [Ping timeout: 240 seconds]
<rycee>
bkv: I *think* nixos does a very basic switch for user services defined in the nixos configuration, though.
alexherbo2 has quit [Ping timeout: 265 seconds]
<bkv>
as far as i understand it, it only replaces the service file, because naturally it's not aware of which user sessions are using it
<bkv>
so it will daemon-reload the system manager but not the user service manager
<bkv>
and they get out of sync
<bkv>
well, i think there was one way to enable a user service for all users, that one probably is supported, but as before HM i was trying to use user services for one user only, that wouldn't work or i'd end up with a root emacs daemon too
<rycee>
bkv: Not sure. It doesn't seem to do a reset-failed for the user systemd sessions, though. So perhaps if the session is in a degraded state it will not do the reexec fully?
<PrinceMachiavell>
I started using NixOS for a prometheus & alertmanager deployment. It seems that the alertmanager service has the DynamicUser=yes set which breaks the storage of persistant data (so silenced alerts will be triggered every time the server restarts). Is there any easy way to configure an override.conf for the service to undo that?