<pinpox>
please tell me if there is a bette way. I'm trying to use flakes as "pluggable" parts I can re-use in multiple machines and have krops deploy them all
<colemickens>
pinpox: there's a function in the way, but my toplevel flake exposes nixosConfigurations for all of my machines from one flake.nix
<colemickens>
pinpox: my repo is complex, but maybe worth looking at
<pinpox>
oh, ok. That's actually nice
<pinpox>
and how do you deploy it?
<eacameron>
vk3wtf: Thank you!
<colemickens>
pinpox: I have lots of re-usable pieces that are in "mixins" and "profiles" that are re-used across all of my machines
<colemickens>
pinpox: I have a script that copies the closure and activates. It's 3 lines of bash. I am not really a fan of all of these deployment tools. :\
gxt has joined #nixos
<colemickens>
I actually tend to push everything to a binary cache nowadays, and then realize from the cache on the deployment target, then activate.
<pinpox>
I see. Thank you I'll read through it, krops was working quite well though, maybe I can keep using it
<pinpox>
colemickens: And your bash script uses the cached results then?
<colemickens>
pinpox: with flakes, it's trivial to know I'm always going to get the same build result. So I build `.#toplevels.{machinename}` on a high-powered server, then push that to a cache.
<colemickens>
pinpox: then I can do `nix build `.#toplevels.{machinename}' -j0` to "build it" (without any build cores) so it will pull it from the cache.
<pinpox>
cool
<colemickens>
pinpox: and then once you have the toplevel pulled into your nix store, it's just a matter of setting it as a system profile and then activating it.
<colemickens>
(which is what nixos-rebuild is doing under the covers)
<colemickens>
(and krops, etc :) )
CMCDragonkai1 has joined #nixos
<pinpox>
I think I'll leave the caching aside for now. I'm quite overwhelmend already. When I get it working, I will get back to that
EnchanterTim is now known as Hash
chang has joined #nixos
<pinpox>
colemickens: THe whole procedure should be possible without cache too right?
<colemickens>
pinpox: yeah, I assume that krops is building it locally, then copying the closure directly to the target, then setting/activating on the target.
<hexagoxel>
any idea why CXXFLAGS in Makefile.config ends in `-I/usr/include` when building the NixOS/nix repository ? is this likely to be something below my .bashrc/profile?
<colemickens>
pinpox: same exact process, except instead of pushing to/ pulling from the cache, its doing it with rsync or `nix-copy-closure` or something like that
<pinpox>
colemickens: it really just runs nixos-rebuild switch after copying the sources
<colemickens>
aha, well same difference
<colemickens>
pinpox: oh, it copies sources and builds remotely?
chang has quit [Client Quit]
<colemickens>
I guess that works too
<pinpox>
colemickens: I thik soo yes
<pinpox>
*think
<colemickens>
I'll be curious to see what krops+flakes looks like since it looks like krops tries to manage the nixpkgs used.
<pinpox>
colemickens: yes, it pulls them to /var/src/nixpkgs e.g.
<pinpox>
I'll continue tomorrow since it at least works for now. Thanks for your help!
<pinpox>
colemickens: btw. If it doesn't bother you, I'm sure I'll run into more questions tomorrow ;)
<colemickens>
pinpox: no problem, I'll tell you if I'm too busy or ignore it :) ask away, others can/may chime in too
<pinpox>
nice
<{^_^}>
[nixpkgs] @orivej-nixos pushed commit from @orivej to master « linux-rt_latest: 5.9.1-rt20 -> 5.10-rt17 »: https://git.io/JLtr1
chloekek has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @erictapen pushed to master « scribusUnstable: build with libsForQt5 »: https://git.io/JLt1s
SomeoneSerge has quit [Ping timeout: 256 seconds]
philr has quit [Ping timeout: 240 seconds]
ris has quit [Ping timeout: 260 seconds]
chang has joined #nixos
KarlJoad has joined #nixos
chang has quit [Client Quit]
chang has joined #nixos
johnny101 has joined #nixos
chang has quit [Client Quit]
jlotoski-znc has quit [Ping timeout: 260 seconds]
robogoat has quit [Ping timeout: 272 seconds]
orivej has quit [Quit: No Ping reply in 180 seconds.]
orivej has joined #nixos
sigmundv__ has quit [Read error: Connection reset by peer]
<bqv>
pkgs.python is still python2
<bqv>
..slightly shameful
johnw has joined #nixos
LnL has quit [Ping timeout: 258 seconds]
LnL has joined #nixos
LnL has joined #nixos
<KarlJoad>
I'm having issues importing sympy 1.6.2 into python3 on NixOS, in a nix-shell. From the python REPL, it says the module was not found. Any suggestions?
<tpw_rules>
so i'm interested in submitting a PR to update python-lz4 from 2.1.10 to 3.1.1 but 3.0.0 drops python 2 support. should that version be a new package?
<energizer>
KarlJoad: er scratch that, shouldve been -E
<energizer>
KarlJoad: nix-shell -p python3Packages.sympy does work tho
erictapen has joined #nixos
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/JLt5d
<infinisil>
tpw_rules: Nah, it's pretty normal now for packages to drop v2 support. Just indicate that with `disabled = !isPy3k`
<KarlJoad>
energizer: This is what I'm doing right now. `nix-shell --pure -p python38 python38Packages.sympy python27Packages.mpmath octaveFull texinfo`
<KarlJoad>
But, I can't import sympy to python.
<energizer>
KarlJoad: how are you running python?
<KarlJoad>
I drop into that nix-shell, and run `python` to drop into the REPL.
<tpw_rules>
why are you using both python3 and python2?
<KarlJoad>
tpw_rules: Right now, debugging. I'm working on getting Octave's symbolic package working. I can run almost all the tests using python2 and its packages. I'm changing one thing at a time to narrow problems down.
<tpw_rules>
are you sure python isn't starting python2 then?
<gchristensen>
I think `python` ->2 if 2 is present
<energizer>
i guess it could be removed instead, idk which is better
<energizer>
"exactly one way to do it" is generally good
KarlJoad` has quit [Ping timeout: 256 seconds]
<adisbladis>
Hm, ranting about this I think I just came up with a concrete suggestion
georges has joined #nixos
georges has quit [Remote host closed the connection]
Alirra has joined #nixos
<Alirra>
Hi! I girl 22 y.o looking for fun. Write me www.sexdate24.ru My hot pics are also there.
<Alirra>
Hi! I girl 22 y.o looking for fun. Write me www.sexdate24.ru My hot pics are also there....
<Alirra>
Hi! I girl 22 y.o looking for fun. Write me www.sexdate24.ru My hot pics are also there..
Alirra has quit [Remote host closed the connection]
<pumpy>
gchristensen found you a date ^
pushqrdx has quit [Remote host closed the connection]
georges has joined #nixos
o1lo01ol1o has joined #nixos
KarlJoad has joined #nixos
<KarlJoad>
Is there a way to compare an environment created for `nix build` vs. an environment you're dropped into with `nix-shell --pure` on the same default.nix file?
<KarlJoad>
I ask because I get 2 different results for a `make test` in each situation, and can't for the life of me figure out why.
o1lo01ol1o has quit [Ping timeout: 240 seconds]
dsg has quit [Ping timeout: 240 seconds]
dsg has joined #nixos
<KarlJoad>
Also, is there a way to let a `nix build` continue even if `make test` fails in checkPhase?
<halfbit>
is #!/bin/sh ok for a path to bash in nixos?
<halfbit>
or is there another way to get a path to bash without relying on the exact derivation?
<colemickens>
KarlJoad: you can do `--keep-failed` to keep the build dir around, or `doCheck=false` in the derivation to skip the tests entirely
<halfbit>
fixing this annoying issue with musl depending on an exact bash version depending on glibc
<colemickens>
halfbit: the tradition is "#!/usr/bin/env bash"
<halfbit>
even in nix? roger
<colemickens>
depends on what you're doing. If you're writing a derivation you could use pkgs.writeShellScript or use `#!${pkgs.bash}/bin/bash` etc
<colemickens>
but when I write scripts that I expect to run in a nixos env with bash available that's what I write (/usr/bin/env bash)
<halfbit>
I get /nix/store/b6c7n85s4g8f72alflnf1vfx8q6dpxbc-musl-1.2.0-dev/bin/musl-clang: interpreter directive changed from "/usr/bin/env bash" to "/nix/store/k8p54jg8ipvnfz435mayf5bnqhw4qqap-bash-4.4-p23/bin/bash"
<halfbit>
which leads to musl depending on bash depending on glibc...
<KarlJoad`>
colemickens: Your suggestion helped me narrow the problem down. In `nix build` there doesn't seem to be a graphics toolkit, but there is in a `nix-shell --pure`. Any ideas?
<colemickens>
not really, sorry.
<KarlJoad`>
Darn. This is a weird problem, because I'm using the exact same default.nix for both cases.
aswanson1 has joined #nixos
orivej_ has quit [Ping timeout: 260 seconds]
aswanson has quit [Ping timeout: 256 seconds]
aswanson1 is now known as aswanson
<halfbit>
so removing the shell script based wrappers of course solves it
<KarlJoad`>
How important is it for a package to have a checkPhase defined for nixpkgs?
<simpson>
For leaf packages, not important at all, and `dontCheck = true;` is fine. For packages that people depend upon, the checkPhase should run upstream tests and pass, and that includes commenting out tests which do networking or filesystem stuff.
<KarlJoad`>
simpson: So, something like Symbolic, which is an add-on library for GNU Octave is fine, from what I understand?
spudly1 has joined #nixos
h0m1 has quit [Ping timeout: 258 seconds]
<simpson>
KarlJoad`: Sure. Up to you as maintainer, really. Like, eventually you'd want to define a checkPhase, right?
<{^_^}>
[nixpkgs] @bfrog opened pull request #106940 → Remove wrapper scripts from musl causing a glibc dependency → https://git.io/JLqqU
<KarlJoad`>
simpson: I already have the checkPhase defined. I'm solving the last 2 issues with having it defined.
<KarlJoad`>
If I want to get this package done today, then it makes more sense to leave the checkPhase to later. But the checkPhase for symbolic _should_ pass with what I've defined so far.
o1lo01ol1o has joined #nixos
Jackneill has quit [Ping timeout: 264 seconds]
fresheyeball has joined #nixos
<halfbit>
but yeah, I guess I'd rather remove the direct reference to an exact bash version there if possible
<halfbit>
I'm somewhat surprised that the exact bash derivation is a dependency rather than an aliased /bin/sh or such
<halfbit>
it makes sense, but also sort of links things directly that were otherwise linked pretty loosely, are there really quirks in bash versions that can cause such issues? is there a way to allow for such impure scripts to be packaged still?
o1lo01ol1o has quit [Ping timeout: 265 seconds]
<KarlJoad`>
Beyond the interactivity, does bash-interactive offer anything over bash in Nix? Because that's the only different program between a `nix-shell` and a `nix build` where my tests differ.
<energizer>
environment variables?
<KarlJoad`>
energizer: That can't be. I've `diff`ed all the env-vars and that's the only different one.
<KarlJoad`>
Well, only meaningful one.
<stalactite[m]>
you could always run `exec bash-interactive` once inside a nix shell to test
thelounge52 has joined #nixos
pjt_tmp has joined #nixos
<KarlJoad`>
stalactite[m]: The thing is the `nix-shell` gives me the "right" `test` output. But, `nix build` causes 6 more tests to fail, due to "no graphics toolkits are available".
<energizer>
KarlJoad`: can you find out what caused "no graphics toolkits are available" by looking at the source?
<stalactite[m]>
Do you have these "graphic toolkits" listed as dependencies?
Jackneill has joined #nixos
<KarlJoad`>
energizer: I know the exact tests that cause them, yes.
<energizer>
KarlJoad`: i mean the source of whatever raises that error
<KarlJoad`>
stalactite[m]: The shell and build use the exact same default.nix, and the shell is `--pure`, so there is no difference.
<energizer>
like octave
coyotechords has joined #nixos
<coyotechords>
hello, sorry to be annoying, is discord working yet?
<KarlJoad`>
energizer: Shouldn't those be dependencies of octave already? I can plot on my Octave, which is from nixpkgs.
<KarlJoad`>
energizer: It's not a propagatedBuildInput, which might be why.
<energizer>
KarlJoad`: i mean octave probably has some `if <condition>: raise("no grpahics toolkits are available")` and you could look at what <condition> is
<KarlJoad`>
energizer: I'll start digging through that now.
<aeioj4>
Maybe to do with not being connected to a TTY?
<aeioj4>
In particular, look for a "[ -t 0 ]" somewhere in a bash script
<KarlJoad`>
aeioj4: It's coming from a C++ file, about the core interpreter.
bukkitgerman8608 has quit [Quit: Du Mongo]
bukkitgerman8608 has joined #nixos
<KarlJoad`>
energizer: You were right. The condition is dtk.empty (), which is if there is no default toolkit.
thelounge52 has quit [Ping timeout: 246 seconds]
bukkitgerman8608 has quit [Client Quit]
philr has joined #nixos
VanillaIceCream has joined #nixos
bukkitgerman8608 has joined #nixos
elsanchez has quit [Quit: Ping timeout (120 seconds)]
elsanchez has joined #nixos
philr_ has quit [Ping timeout: 272 seconds]
<VanillaIceCream>
Hello all! I'm trying to get a package of mine building with Nix, and I'm running into issues. I have a NodeJS process which exposes a JS-only library as a JSON HTTP API (very basic), and another client process that makes calls to the server to do stuff. However, it appears as though my client is getting 'connection refused', despite the ports
<VanillaIceCream>
matching up and only using 'localhost'. Does Nix's build isolation apply even to "in-build" networking? Or is there something I'm missing?
<KarlJoad`>
energizer: Found it! I needed gnuplot!
<energizer>
KarlJoad`: nice
_habnabit has quit [Excess Flood]
_habnabit has joined #nixos
spacefrogg_ has quit [Quit: Gone.]
aw_ has quit [Quit: Quitting.]
<KarlJoad`>
Now to diagnose why sympy 1.5.1 has an issue that was resolved quite some time ago...
<{^_^}>
#106332 (by petersjt014, 6 days ago, open): tlsh does not build properly
<pjt_tmp>
srhb and I looked at it awhile ago and supposedly it's an easy fix
<pjt_tmp>
I don't know enough about cmake to get it building properly though
<hexa->
pjt_tmp: toPythonApplication is what you are looking for
Izorkin has joined #nixos
halfbit has quit [Quit: WeeChat 2.9]
<pjt_tmp>
hexa-: that is what was suggested to me, yeah. I just don't know how to use it here. I've been looking for another python application+library to hint at how to use it but have found nothing similar enough so far.
bitmapper has quit [Quit: Connection closed for inactivity]
<hexa->
pjt_tmp: look in pkgs/top-level/all-packages.nix
<hexa->
gn
<pjt_tmp>
ok, nite
<pjt_tmp>
hexa-: what am I looking for in here?
enteee has quit [Ping timeout: 256 seconds]
<pjt_tmp>
oh
<pjt_tmp>
an example topythonapplication I guess
sss2 has quit [Quit: Leaving]
aswanson has quit [Ping timeout: 256 seconds]
aeioj4 has joined #nixos
aeioj4 has quit [Client Quit]
chang has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<VanillaIceCream>
Weird, I'm still getting connection refused errors to localhost, but it worked _once_. In the middle of a build. If it was a policy thing, it should never work... I tried with different ports, and I even tried adding my API ports to the firewall settings in `configuration.nix`. Still nada
peelz has quit [Remote host closed the connection]
<VanillaIceCream>
hahahah! I am an idiot. This has nothing to do with NixOS. I was not waiting for the NodeJS process to spin up before making requests to it!
<VanillaIceCream>
Sorry for cluttering the chat, everyone.
<pjt_tmp>
I got a thing I'm trying to add to all-packages.nix and am not sure where to stick it
<pjt_tmp>
it's a python aplication+library so maybe the development section
<pjt_tmp>
but I see no python subsection
<pjt_tmp>
and I'm not sure if it's more of a application or a library, and how that matters if it does
abathur has quit [Quit: abathur]
fooker has quit [Ping timeout: 272 seconds]
<pjt_tmp>
since youtube-dl is the same, I was considering putting mine in the same section it is in, but ytdl is clearly more application-based
<pjt_tmp>
judging by how I see it used, use it myself, and by the contents of the man page
fooker has joined #nixos
<pjt_tmp>
should I...just maybe count the instances of "application/tool" vs "library" in the documentation or something stupid like that?
dycan has joined #nixos
globin has quit [Ping timeout: 260 seconds]
globin has joined #nixos
<pjt_tmp>
hm. It being a libary is mention 1st on the repo, and mentions of 'library' outnumber 'executable' 7:2.
<pjt_tmp>
library it is then
<stalactite[m]>
there's pythonxxPackages
<stalactite[m]>
where xx is your major version name without a dot
<pjt_tmp>
stalactite[m]: I'm not sure what version it uses
<stalactite[m]>
test it, you'll find out the min and max pretty easily
<stalactite[m]>
if you're unsure just put it in the latest
sangoma has joined #nixos
<pjt_tmp>
stalactite[m]: added it...no change :\
Rusty1 has quit [Quit: WeeChat 2.3]
<stalactite[m]>
pjt_tmp things can take time to update, I'd just wait a bit. Your package might also need to be accepted (I'm not sure on the exact process) or it'll remain on the unstable channel until further reviewal
<stalactite[m]>
have you tried forcing a cache update (nix-env -u)
<pjt_tmp>
stalactite[m]: I'm in a local copy of nixpkgs
<pjt_tmp>
*Very* much not ready for any kind of merge yet
johnw has quit [Ping timeout: 260 seconds]
<stalactite[m]>
well, then I can't help you there
<pjt_tmp>
hm
orivej has joined #nixos
<pjt_tmp>
any other python packaging subtlelties you know of that might be at play here?
waleee-cl has quit [Quit: Connection closed for inactivity]
<pjt_tmp>
I'd ask the maintainer but there is none, which is concerning
<{^_^}>
#106332 (by petersjt014, 6 days ago, open): tlsh does not build properly
<stalactite[m]>
I'd say just test it via local .nix files, use poetry for python stuff, and simply try to remove anything that would cause discrepancies. Switch to a secondary nix profile for testing, and / or use nix-shell
<{^_^}>
nix#2855 (by edolstra, 1 year ago, closed): Add support for flakes in subdirectories
<colemickens>
I feel like I can only think of one use-case to justify it though, and it's my specific case. :/
<typetetris>
For non deterministic builds I get sha mismatch errors when one of my machines try to substitute the store path. I have trouble understanding this.
<typetetris>
The sha is calculated from the sources and all inputs, but not from the contents of the store path, I thought? How can there be a sha mismatch?
<typetetris>
Even if the building machine calculated some sha from the contents of the store path, the substituting machine can only check that given sha against the given contents, how can there be a mismatch?
palo1 has joined #nixos
<colemickens>
typetetris: what does "sha mismatch error" mean?
<colemickens>
ah, I think the narinfo's have hashes of the NAR in them, maybe the hash in narinfo doesn't match the SHA of the NAR that nix actually downloaded
palo has quit [Ping timeout: 260 seconds]
palo1 is now known as palo
<colemickens>
you could check... I think the URL would be: http://gitlab-runner-03.<redacted>:5000/sgkrvnaw2wp2m0zbb964n70bh021zl5j.narinfo
<typetetris>
Okay, but how can that happen?
<typetetris>
And why does it seem to systematically happen with non deterministic builds?
<colemickens>
typetetris: ^
<typetetris>
I don't understand. The building machine builds that once, so it calculates the hash from the one result it has. For the other hash value to be calculated the second nar would have to be present somewhere?
<colemickens>
The error you sent is from Nix trying to realize the copy from the gitlab cached.
<colemickens>
When it does that, it queries the cache for a narinfo file that contains a link to the NAR and a hash of the NAR. Then it goes and downloads the NAR and checks its signature.
<colemickens>
My suggestion is that maybe there was a single-fluke-in-time that caused the NAR file to be corrupt.
<colemickens>
the second line there should say "then it goes and downloads the NAR and checks its hashsum". The signature is verified slightly differently.
<typetetris>
Okay ... I observed that multiple times now and even made some known to be non deterministic derivations `allowSubstitutes = false`. So the infrastructure I have to use is flawed ...
<colemickens>
typetetris: that or I'm mis-interpretting what is going on!
<pjt_tmp>
If I have an existing python library that comes with a c++ executable which currently doesn't build, can I just add a buildPhase with "./make.sh -notest" in it?
<pjt_tmp>
it seems to be ignoring my nixpkgs checkout completely
<colemickens>
oh look, it's our favorite game
<colemickens>
pjt_tmp: you'll want to make sure NIX_PATH is set to point at your checkout too.
<colemickens>
some of those examples rely on <nixpkgs> (NIX_PATH) and some point directly at the checkout to build.
<pjt_tmp>
something like `NIXPKGS=. NIX_PATH=. nix-shell -A tlsh` ?
marusich has quit [Ping timeout: 260 seconds]
marusich has joined #nixos
cfricke has quit [Quit: WeeChat 3.0]
cfricke has joined #nixos
marusich has quit [Ping timeout: 260 seconds]
<pjt_tmp>
colemickens: or is the syntax different? I have an `echo MMMMMMMM` in my build phase which isn't showing up in the build output so I'm guessing not
cosimone has quit [Quit: cosimone]
marusich has joined #nixos
zakame has joined #nixos
ATuin has joined #nixos
mathyouguy has joined #nixos
SomeoneSerge has joined #nixos
werner291 has joined #nixos
ece has quit [Ping timeout: 256 seconds]
ece has joined #nixos
<{^_^}>
[nixpkgs] @rnhmjoj pushed to release-20.09 « nixos/wireless: fix failure with no interfaces »: https://git.io/JLmWb
cross has quit [Quit: Lost terminal]
lopsided98 has quit [Ping timeout: 260 seconds]
lopsided98_ has joined #nixos
<{^_^}>
[nixpkgs] @vcunat pushed 7 commits to release-20.09: https://git.io/JLml1
<{^_^}>
[nixpkgs] @r-burns opened pull request #106954 → stdenv: trim random seed to avoid reference cycles → https://git.io/JLm8I
SomeoneSerge has quit [Ping timeout: 260 seconds]
<steveeJ>
is there a trick to make the command `nix-shell $URL` look at the `$URL/shell.nix` instead of `$URL/default.nix`?
respawn_ has joined #nixos
thibm has joined #nixos
o1lo01ol1o has joined #nixos
zupo has joined #nixos
zupo has quit [Client Quit]
o1lo01ol1o has quit [Ping timeout: 240 seconds]
Hash is now known as THC
vidbina has joined #nixos
<Theuni>
i'm currently working on improving the way kernel options are merged from different ends of the configuration system. one thing i'm looking for is to create a check that a) nothing gets lost and b) there are no conflicting definitions. due to the multiple levels of structured/unstructured config I'm starting by implementing a test that can validate (parts) of the configuration. to write that test i need to be able to
<Theuni>
reference an option of the VM's config as part of the test script, like this: expectedConfig = "${nodes.machine.config.foo.bar.kernelOptions}" however, I'm ending up with `value is a string while a set was expected` so I guess nix is trying to use that ${} to create a derivation and not just embed this into the script string ... not sure how to avoid that, though
iH8c0ff33 has quit [Ping timeout: 246 seconds]
<{^_^}>
[nix] @regnat opened pull request #4361 → Fix `addTextToStore` for binary caches → https://git.io/JLmud
thc202 has joined #nixos
<Theuni>
ah, i might be pulling at the wrong end. looks like my option definition is screwed up.
<Theuni>
yeah, me bad. sorry.
civodul has joined #nixos
dbg[m] has quit [Quit: Idle for 30+ days]
dbirks[m] has quit [Quit: Idle for 30+ days]
gh0la[m] has quit [Quit: Idle for 30+ days]
znello[m] has quit [Quit: Idle for 30+ days]
dxu has quit [Quit: Idle for 30+ days]
SomeoneSerge has joined #nixos
zupo has joined #nixos
<nf>
what's the difference between the nixos-* and release-* branches?
<clever>
nf: nixos is the last commit of release to pass a set of tests
<nf>
right
johnw has joined #nixos
ebbertd[m] has left #nixos ["User left"]
iH8c0ff33 has joined #nixos
dycan has quit [Ping timeout: 260 seconds]
faffolter has joined #nixos
iH8c0ff33 has quit [Ping timeout: 256 seconds]
THC is now known as High
m0rphism has joined #nixos
hnOsmium0001 has quit [Quit: Connection closed for inactivity]
marusich has quit [Quit: Leaving]
respawn_ has quit [Quit: Leaving]
shibboleth has joined #nixos
iH8c0ff33 has joined #nixos
zupo_ has joined #nixos
sadmin has quit [Ping timeout: 240 seconds]
zupo has quit [Ping timeout: 272 seconds]
<viric>
gchristensen: builtins.fetchGit is superslow compared to a usual fixed-output fetchgit {}; we run the evaluation often.
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<Ke>
henri: I would assume that sha1 will remain in use for a while for compatibility?
shibboleth has quit [Quit: shibboleth]
<Ke>
wonder if there is a summary, where we are at now
<Ke>
this document looks like it's written before computers even existed
<betaboon>
for my production systems: should i build against release-20.09 or against nixos-20.09 ?
<esotericn>
does anyone know how to override a haskell package to add a dependency?
<henri>
betaboon: Always nixos-20.09
o1lo01ol1o has joined #nixos
__monty__ has joined #nixos
<henri>
betaboon: Because the HEAD of nixos-20.09 always points to the latest successful Hydra build.
<betaboon>
henri: that's what i thought. whats the purpose of release-20.09 then ?
<henri>
betaboon: release-20.09 is the branch that Hydra uses as input
<betaboon>
henri: ah ok. thank you :)
iH8c0ff33 has quit [Ping timeout: 272 seconds]
<henri>
betaboon: Basically Hydra checks out release-20.09 and if it builds successfully it's pushed to nixos-20.09
fendor has joined #nixos
o1lo01ol1o has quit [Ping timeout: 256 seconds]
<clever>
henri: looks like it will seamlessly translate all objects (recursively) between sha1 ans sh256 formats
<clever>
henri: so it can turn your history back into a sha1 format for pushing to older servers
<clever>
henri: but i dont see how commit signatures will work, because that mutates the commit contents
<henri>
clever: I think signatures and commit hashes are independent. The hash verifies the history whereas the signature only verifies autheticity of a single commit.
<clever>
henri: but the new commit hash is a sha256 over the commit content
<clever>
and the commit content has the sha256 of a tree object
<clever>
and that tree object has the sha256 hashes of further trees and objects
<clever>
so a commit has 2 radically different contents, depending on how you hashed it
<henri>
clever: Does the signature include the hash?
<clever>
henri: `git cat-file commit HEAD` will pretty-print the latest commit
<clever>
the signature is over the serialized form of that
<clever>
i believe the signature covers the tree, parent, author/commiter(with timestamps) and the commit msg
<clever>
the tree and parent will differ, both because your changing the hash algo used to name them, and because the contents your hashing differs
<clever>
> It is similar to the existing "gpgsig" field. Its signed payload is the sha256-content of the commit object with any "gpgsig" and "gpgsig-sha256" fields removed.
<{^_^}>
error: syntax error, unexpected WITH, expecting ')', at (string):451:109
<{^_^}>
[nixpkgs] @peti pushed 507 commits to haskell-updates: https://git.io/JLmHp
<clever>
henri: aha, they just sign it twice now, over both the sha1 and sha256 encodings
<clever>
and shove both signatures into the final commit object
<{^_^}>
[nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/JLmQk
<clever>
a sha1 only git will only see/care-about the old sha1 signature
<clever>
and a sha256 capable git can re-hash it with sha256, and validate that signature too
SanchayanMaity has quit [Read error: Connection reset by peer]
SanchayanMaity has joined #nixos
iH8c0ff33 has quit [Ping timeout: 272 seconds]
orivej has joined #nixos
cole-h has quit [Ping timeout: 264 seconds]
<{^_^}>
[nixpkgs] @raboof opened pull request #106957 → platformio: don't use multiPkgs in chrootenv → https://git.io/JLmdZ
<esotericn>
does anyone know how I can override haskell derivations and add a dependency? I can 'hack it' and just specify everything again but that seems janky?
<esotericn>
basically I need to do something like foo = pkgs.haskell.lib.overrideCabal super.foo { libraryHaskellDepends = super.foo.libraryHaskellDepends ++ [ some_other_depend]; }
<fgaz>
is there a way to get the current system configuration in nix repl?
<adisbladis>
fgaz: import <nixpkgs/nixos> {}
<fgaz>
adisbladis: Doesn't that return the configuration specified in configuration.nix?
SanchayanMaity has quit [Remote host closed the connection]
<adisbladis>
Yes
<thibm>
fgaz: there is no way (afaik) to get the "real current" config
<adisbladis>
No, there is no way to go from a running system to the expression that produced it
<esotericn>
aha, overrideCabal takes an argument
<thibm>
fgaz: but you can (try to) enforce that yourself by saving configuration.nix (and others?) somewhere when building a configuration (Guix does that by default now IIRC)
<clever>
pinpox: if you build it on one machine (with flake support), then you can nix-copy-closure it to the other machine, and it wont care how you built it
<thibm>
fgaz: I had "store = /some/real/path" with an installation not on /nix/store
<thibm>
(although the store option does not point to the… store)
<fgaz>
wait what
<pinpox>
clever: How do I do that? I'm using krops for deployment
<fgaz>
thibm: could you check `nix eval --raw '(builtins.storeDir)'`?
<thibm>
fgaz: this gives the actual store
iH8c0ff33 has quit [Ping timeout: 264 seconds]
<thibm>
(/X/nix/store, while the store option's value is /X)
<clever>
pinpox: i'm guessing only krops has to support flakes then, and the remote machine wouldnt need to
<pinpox>
clever: it does, I have two machines, one that builds perfectly, the other one gives me an error:
<pinpox>
error: unrecognised flag '--experimental-features'
<clever>
pinpox: i recently had that, it was solved with `nix.package = pkgs.nixUnstable;` in configuration.nix
<hyperfekt>
Can anyone quickly confirm sandboxed builds working for them on kernels >= 5.9? They fail on the 20.09 installer.
<pinpox>
exit
* pinpox
whoopsie wrong window
<henri>
hyperfekt: works for me on 5.9.14 (i.e. linuxPackages_latest)
<fgaz>
thibm: so if I understand correctly, you set the store option to PREFIX, nix show config prints PREFIX, and builtins.storeDir prints PREFIX/nix/store, right?
<thibm>
yes
<pinpox>
clever: I have nix.package = pkgs.nixFlakes, should I swap that out for nixUnstable?
<clever>
pinpox: either should work, what does `which nix` say?
<fgaz>
thibm: does that affect where /nix/var is too?
<hyperfekt>
henri: curious. not sure what the exact issue is then, but it works with 5.8
<pinpox>
clever: /run/current-system/sw/bin/nix
<pinpox>
(on both the working and the failing computer)
<clever>
pinpox: and `nix --version` ?
<hyperfekt>
henri: are you on 20.09 or on unstable?
<thibm>
fgaz: my /nix/var is also in PREFIX/nix/var. But there's no option in nix.conf (because the option is actually the prefix, not the store dir).
<thibm>
fgaz: I suffered enough with non-standard store path to sympathize with you ;)
<fgaz>
thibm: by the way what do you need non-standard paths for, if I may ask?
<pinpox>
Hm, that didn't help. How can I update nix so it includes --experimental-features?
<{^_^}>
[nixpkgs] @ttuegel merged pull request #106923 → kdeApplications: split derivation name into pname and version attributes → https://git.io/JLL9l
<thibm>
hm, it's on an old CentOS 7 where I'm not root with no user namespaces (usually used to get /nix just for your user). I tried several ways to get /nix (like proot) and some of them worked IIRC
<thibm>
but I had to proot each shell to get /nix and that was cumbersome
<thibm>
Eventually it was simpler to use a custom store pat
<thibm>
path*. I do not run a lot of different build types there so it just takes some time one the first installation/update but not that much
<fgaz>
thibm: I was in a similar situation once but I just gave up :-P
<thibm>
I would have given up and just used a server I control if this machine did not had proprietary software installed with expensive licenses I need to use
o1lo01ol1o has joined #nixos
<fgaz>
thibm: ow
respawn_ has joined #nixos
NeoCron has joined #nixos
<pinpox>
Nevermind, fixed it by manually deploying a configuration.nix to /etc/nixos and rebuilding once to get flakes enabled. Now I can just use krops+flakes normally
<El_Troglodita>
nixos 20.09, gnome3: every time i put a .desktop file into ~/.config/autostart it gets deleted after reboot, any ideas why?
simonpe^^ has joined #nixos
sss2 has joined #nixos
<simonpe^^>
hey! I'm running ${nixos.clang-tools}/bin/clang-tidy on some C project but I'm getting "error: 'gnu/stubs-32.h' file not found", it works fine with gcc. Thing is the compile-commands.json comes from an aarch64 build, maybe that's the issue?
<srhb>
pinpox: Hydra is a bit of an investment to learn, so I second "are you sure" -- if all you need is basically a cron job that builds some NixOS machines for you, that's a great way to start (and you can always add more complex ci later)
eoli3n_ has joined #nixos
El_Troglodita has quit [Ping timeout: 245 seconds]
<esotericn>
does anyone know how to fix build errors in haskell packages that are related to the lack of presence of `iana-etc` e.g. 'no such protocol: tcp' errors?
<esotericn>
I think I just have to override something and ensure that pkgs.iana-etc is a build dependency but I'm not sure how
hugolgst has joined #nixos
<hugolgst>
hello guys, do you know if I can enable network manager in lightdm ?
maljub01 has joined #nixos
henri has joined #nixos
<esotericn>
heh, just used overrideCabal to add `doCheck = false;` since I know the other tests work. hacky but works. :?
SomeoneSerge has joined #nixos
<{^_^}>
[nixpkgs] @NeQuissimus pushed to master « lsd: Fix test »: https://git.io/JLYNg
gustavderdrache has joined #nixos
henri has quit [Ping timeout: 265 seconds]
<srk>
esotericn: you could try adding the lib to testSystemDepends
<srk>
there's also haskell.lib.dontCheck which is basically what you did - dontCheck = drv: overrideCabal drv (drv: { doCheck = false; });
<esotericn>
ah excellent, I'll do the former once this has finished building
chang has joined #nixos
hugolgst has quit [Remote host closed the connection]
<{^_^}>
#100655 (by nyanloutre, 8 weeks ago, open): steam: Proton 5.13 does not launch because of steam runtime
riksteri has joined #nixos
m4ts has quit [Ping timeout: 260 seconds]
spudly1 has quit [Ping timeout: 246 seconds]
Edward- has joined #nixos
o1lo01ol1o has quit [Read error: Connection reset by peer]
o1lo01ol1o has joined #nixos
Darkmatter66 has joined #nixos
hugolgst has joined #nixos
<Edward->
why im i getting `[conference.js] <te._onConferenceFailed>: CONFERENCE FAILED: conference.videobridgeNotAvailable` error for jitsi ? i enabled the firewall for jitsi-videobridge and added nat config but still...
<hugolgst>
do you know a display manager where I can connect to wifi?
zupo has quit [Ping timeout: 264 seconds]
<henri>
hugolgst: Probably gdm.
<hugolgst>
in gdm the network button is disabled
<hugolgst>
like i don't have the permission to edit the connections, only view them
<henri>
hugolgst: Do you have NetworkManager installed and running?
<hugolgst>
yes
<Edward->
when two clients join the conference is getting crashed...
zupo has joined #nixos
<Taneb>
hugolgst: is your user in the "wheel" group?
<hugolgst>
mine or the gdm one?
<adisbladis>
You shouldn't have to add anyone to the wheel group
<adisbladis>
But maybe try adding gdm to the networkmanager group?
<NKJe>
Well, this irc client sucks, but I'm trying to use a remote builder, but I keep getting that error. From what I understand, the build machine has the required features, nix still erros.
erasmas has joined #nixos
<gchristensen>
it looks like your remote builder doesn't have the features benchmark, big-parallel, kvm, nixos-test listed in your local machine's /etc/nix/machines file
ixxie has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @jD91mZM2 opened pull request #106970 → Ranger vim → https://git.io/JLODn
Edward- has quit [Remote host closed the connection]
iH8c0ff33 has joined #nixos
ixxie has joined #nixos
orivej has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @veprbl merged pull request #106798 → hstr: add darwin support → https://git.io/JIPBY
<{^_^}>
[nixpkgs] @veprbl pushed commit from @sev3ryn to master « hstr: add darwin support (#106798) »: https://git.io/JLO9B
iH8c0ff33 has quit [Ping timeout: 240 seconds]
<tpw_rules>
is there any way to preview the review nixpkgs-review would post?
<tpw_rules>
or result rather? with post-result
meh` has joined #nixos
<tpw_rules>
oh it's in report.md in the shell
meh` has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @nicknovitski opened pull request #106971 → Update asciidoctor version and add bibtex extension → https://git.io/JLOQh
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
El_Troglodita has quit [Remote host closed the connection]
zupo has joined #nixos
pushqrdx has joined #nixos
<pushqrdx>
are user overlays picked up by nixos-rebuild ?
iH8c0ff33 has joined #nixos
mallox has quit [Quit: WeeChat 3.0]
mallox has joined #nixos
<viric>
niksnut: I'm still debugging the cygwin thing...
<viric>
DerivationGoal::outputsSubstituted() this is called while SubstitutionGoal still runs
<colemickens>
nixpathpain++
<viric>
I'm so lost in that statemachine
<colemickens>
(can I use the bot to track "karma" for a non-user... hm, maybe not, I'll have to make my own)
<colemickens>
pushqrdx: it depends
turlando has joined #nixos
<colemickens>
I can't explain NIX_PATH again today, someone else is going to have to take a turn
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<pushqrdx>
colemickens nvm the answer is enough ;)
<pushqrdx>
colemickens it's just that i am trying awesomewm and the version in the packages is missing gdk so i created an overlay with gtk3support
<pushqrdx>
however something weird is happening, either the overlay is not picked up even with nix-env or i am confusing something yet again
fuzzypixelz has quit [Quit: fuzzypixelz]
FRidh has quit [Ping timeout: 240 seconds]
NKJe has quit [Remote host closed the connection]
<pushqrdx>
awesome = super.awesome.override {
<pushqrdx>
gtk3Support = true;
<pushqrdx>
<pushqrdx>
};
<pushqrdx>
the overlay is simple, using nix-env -i awesome seems to still install the one from nixpkgs though
FRidh has joined #nixos
<ixxie>
never seen such a super awesome overlay
<gchristensen>
lol
<pushqrdx>
hhh
<pushqrdx>
i didn't notice it till you said it lmao
<ixxie>
I had to double check that this wasn't a dummy example xD
zupo has joined #nixos
<pushqrdx>
everyone keeps saying awesomewm is awesome, even the overlay
pushqrdx has quit [Remote host closed the connection]
cole-h has joined #nixos
gustavderdrache has quit [Disconnected by services]
vidbina has quit [Ping timeout: 246 seconds]
shabius has joined #nixos
vidbina has joined #nixos
aranea has quit [Ping timeout: 240 seconds]
mkaito has quit [Quit: WeeChat 2.9]
aranea has joined #nixos
mkaito has joined #nixos
mkaito has joined #nixos
mkaito has quit [Changing host]
megfault_ has joined #nixos
megfault has quit [Ping timeout: 240 seconds]
jb55 has joined #nixos
<lordcirth>
Does someone have an example of a system flake.nix that pulls in specific packages from a newer nixpkgs? I think it has to be an overlay, as the ipfs service module doesn't have an argument to swap out the package.
<{^_^}>
[nixpkgs] @steveeJ opened pull request #106976 → wezterm: add licenses and update to a revision of 12th Dec 2020 → https://git.io/JL3mv
iH8c0ff33 has quit [Ping timeout: 240 seconds]
<nature>
Trying to switch my legacy nixos configuration for flakes, and I am faced with an error, it says that "<nixpkgs/nixos/modules/installer/scan/not-detected.nix>" cannot be evaluated in pure mode, is this import even useful ?
<Yaniel>
"legacy" heh
<nature>
:)
<nature>
"standard", I actually don't know how to name it ^^
<Yaniel>
"channels"?
<Yaniel>
idk, legacy isn't exactly wrong I guess :D
<nature>
Right!
<Yaniel>
but a bit weird considering flakes require an unstable nix and even their design isn't finalized yet
<nature>
it's not legacy yet, you're totally right, I just read the term somewhere and reused it
<cransom>
weird not having any bit between legacy and experimental.
fuzzypixelz has joined #nixos
<nature>
Thanks DavHau[m] was just reading this, I guess I could just copy the single line in that file over my hardware-configuration.nix and remove the import
<DavHau[m]>
or you use "${modulesPath}/installer/scan/not-detected.nix"
<nature>
ok thanks, also how would I pass an argument to an imported file ? `import ./my-file.nix {arg}` ?
<nhs>
nature: that's right, the first line of my-file.nix would then read `{ arg }:`
<nhs>
Can someone help me with overlays? I'm trying to pick cudatoolkit_11 in my overlay, so I have: `cuda11overlay = self: super: { cudatoolkit = super.cudatoolkit_11; };` which seems to work for everything except for things inside of python38Packages, and I'm not sure why
<nhs>
So I've appended my overlay with extra attr: `python38Packages.pytorch = super.python38Packages.pytorch.override { cudatoolkit = super.cudatoolkit_11; }`, but nix isn't happy. It seems this overrides the entire set of python38Packages to *only* contain pytorch
<nhs>
Any ideas how I can override pytorch to accept cudatoolkit_11?
<{^_^}>
[nix] @regnat opened pull request #4366 → Use the fs accessor for readInvalidDerivation → https://git.io/JL3Z4
<{^_^}>
[nix] @regnat pushed to readInvalidDerivation-on-remote-caches « Use the fs accessor for readInvalidDerivation »: https://git.io/JL3ZB
Fuzen has joined #nixos
<nhs>
nature: sorry your function call should actually read: `import ./my-file.nix { arg=arg; }` or `import ./my-file.nix { inherit arg; }` or `import ./my-file.nix arg` where the latter would require my-file.nix's first line to be just `arg:`
iH8c0ff33 has joined #nixos
<nature>
Thanks nhs! And yeah I can't help with your problem, I am not knowledgable enough yet
ixxie has quit [Remote host closed the connection]
<nhs>
DavHau[m]: thank you, for some reason it's still not picking up, the build is dumping the CMAKE_INCLUDE_PATH which contains `/nix/store/dy3c4z1i7151nwhcjaq2ag1f2whlfng3-cudatoolkit-10.2.89`
<ronthecookie>
ok it seems its still happening since i didn't really understand my problem: it appears something in nixpkgs places services.xserver.inputClassSections before services.xserver.config. this means that i cant override the natrualscrolling option for only certain inputs
<ronthecookie>
not sure how to get around this without blowing things up or writing a hacky solution
<nhs>
Maybe pytorch is doing something weird in the build, though it's non-obvious looking through their derivation
thibm has joined #nixos
ris has joined #nixos
<nhs>
pytorch even has `assert !cudaSupport || magma.cudatoolkit == cudatoolkit;` which isn't being triggered, but I know that magma built with cudatoolkit_11
cgfuh has joined #nixos
<{^_^}>
[nixpkgs] @symphorien merged pull request #82584 → dnscrypt-proxy2: base settings on example config → https://git.io/Jvi8F
<V42>
Hello! I am trying to install a ruby gem in my nix shell (with ruby_2_5 package available). For some reason when running gem install, it ends up running within my mac env rather than within nix.
<pushqrdx>
oh,, now i see etu you was helping me doing it not trying to find it lol
<nhs>
DavHau[m]: I found another package I need to override `cudnn = super.cudnn_cudatoolkit_11;`, giving that a spin, thank you for your help. I'll post back here if that fixes it or not
<V42>
Running "which gem" prints this: nix/store/prfhpjys4pnw3wv0dqhv39ilfi6zi1pp-ruby-2.5.8/bin/gem. But when running gem install, it picks up gems from /Users/v42/.rvm/rubies/ruby-2.6.3/lib/ruby/gems
ransom_ has quit [Client Quit]
<V42>
Any idea what's causing this?
riksteri has quit [Quit: riksteri]
shabius_ has quit [Read error: Connection reset by peer]
<ronthecookie>
ok I think i figured my problem out
<ronthecookie>
<3 clever - lib.mkafter did work in the end!
<pushqrdx>
if anyone is running awesomewm on nixos i'd appreciate some help because i have been struggling for a while :D
<clever>
ronthecookie: i had the same basic problem in iptables, because i wanted to append things to a non-standard chain, but nixos was creating it later
<{^_^}>
[nixpkgs] @symphorien pushed 2 commits to release-20.09: https://git.io/JL304
<lordcirth>
nh2[m], interesting, it didn't do that for me... But I just rolled back to 20.03 (Yay NixOS!) because I was having freezes that *might* have been nvidia-related.
hleb[m] has quit [Ping timeout: 268 seconds]
pinage404[m] has quit [Ping timeout: 268 seconds]
omasanori[m] has quit [Ping timeout: 268 seconds]
leons has quit [Ping timeout: 268 seconds]
hleb[m] has joined #nixos
leons has joined #nixos
pinage404[m] has joined #nixos
omasanori[m] has joined #nixos
<{^_^}>
[nix] @piegamesde opened pull request #4368 → Backport json unicode escaping to 2.3 → https://git.io/JL30H
fendor has quit [Remote host closed the connection]
<energizer>
why does /etc exist in nixos? can't everything be pointed into the store?
pushqrdx has quit [Remote host closed the connection]
eoli3n has joined #nixos
<Yaniel>
on nixos /etc *points* to things in the store
<energizer>
yeah why tho?
<Yaniel>
and it doesn't even have to be on a physical disk (you can put it on a tmpfs i.e. in RAM)
<energizer>
having /etc lends itself to program reading arbitrary configuration files instead of reading only their own configuration files
stites[m]1 has quit [Ping timeout: 268 seconds]
Valodim[m] has quit [Ping timeout: 268 seconds]
<energizer>
s/program/programs/
stites[m]1 has joined #nixos
respawn_ has quit [Quit: Leaving]
Valodim[m] has joined #nixos
<V>
hysterical raisins, probably
High is now known as PsillyCybin
justanotheruser has quit [Ping timeout: 272 seconds]
<V>
there's a bunch of stuff that would probably be designed differently with hindsight
terlar has joined #nixos
<Yaniel>
^ that pretty much sums it up
orivej has quit [Ping timeout: 240 seconds]
<lordcirth>
energizer, presumably repackaging every program to read from a hardcoded nix path did not happen overnight, and for compatibility /etc/ was kept
<notgne2[m]>
I imagine there's lots of software that won't read config files from configurable places
<notgne2[m]>
though you could probably solve that using a chroot of some kind
<Yaniel>
you *could* just go around and patch every single package in nixpkgs
<Yaniel>
and do it again every time they update
<Yaniel>
including probably the kernel
<energizer>
iiuc V's story that basically this is a mistake is different from lordcirth's story that it's for compatibility with unpatched programs
<V>
I consider both to be valid
<Yaniel>
well the "mistake" is the way those unpatched programs were designed in the first place
<V>
the latter can be fixed with namespaces, which weren't a thing when NixOS came into existence
<V>
actually that's a lie
<V>
but this wasn't part of the design back then
<V>
this entire project *is* someone's thesis that turned into a linux distro
<energizer>
we do patch tons of packages to change their paths, just we say /etc is special and should be shared
<sphalerite>
energizer: the /etc approach does make reloading changed config easier.
<sphalerite>
That's quite important for systemd, for instance
rprije has quit [Remote host closed the connection]
rprije has joined #nixos
<sphalerite>
I'll agree that it's not optimal, but I wouldn't want nixos to ship systemd patches that add a big piece of functionality like "load a new config from a new path" as opposed to "load a new config from the existing path" which is already available upstream.
<terlar>
I am writing some unit tests for a function using `pkgs.lib.cleanSourceWith` and therefore also `builtins.path`. To setup my tests for convenience I use derivations to generate the file structure that I am testing. I ran into the "/drv/out/path cannot refer to other paths" due to this. I managed to work around that by removing the string context via `builtins.unsafeDiscardStringContext`, but then I have to pre-build the derivation that
<terlar>
is used in the tests. Is there a way around this?
<energizer>
sphalerite: iow, if i change a config file that's used by my.service and tell systemd to restart my.service then the new process would have to load config from a new location different from the first process's location, and that's hard?
<V>
sphalerite: counterpoint: the directory doesn't need to be shared for this, only static
kolaente_ has joined #nixos
<V>
energizer: not so easy for hotreload
<sphalerite>
energizer: no, but if you change the definition of my.service you need systemd to know the new path.
<sphalerite>
V: true.
<V>
energizer: programs that have to remain running need support for setting the new config path for reload, and not everything has support for that. Caddy does, and I've written a module that allows hotreload w/ in-store paths, but sway doesn't
<V>
so it really depends in that case
<qyliss>
A lot of /etc is stuff that should be shared, as well
<qyliss>
/etc/passwd, for example
<V>
hot take: /etc/passwd shouldn't exist
<energizer>
sphalerite: i think that's just a matter of naming the service tho: instead of NetworkManager.service it's NetworkManager-001.service
<V>
qyliss: also: programs that look up that stuff w/ NSS don't need /etc/passwd
<V>
/etc/machine-id should *not* be world-readable
<clever>
-r--r--r-- 1 root root 33 Oct 11 2015 /etc/machine-id
<V>
"This ID uniquely identifies the host. It should be considered "confidential", and must not be exposed in untrusted environments, in particular on the network. If a stable unique identifier that is tied to the machine is needed for some application, the machine ID or any part of it must not be used directly."
<qyliss>
oh yes my mistake
<sphalerite>
huh. TIL.
proofofkeags has joined #nixos
<clever>
world-readable on my end
<V>
sphalerite: consider the privacy aspects
<qyliss>
/etc/hostname, /etc/hosts
<sphalerite>
clever: sure, but that means nixos is doing it wrong ^^
<V>
clever: "should be" and "is" are not the same :p
<bqv>
how do i fetch a drv from the cache?
<gchristensen>
good thing I erase mine on every boot
<bqv>
old or new nix
<qyliss>
gchristensen: :D
<clever>
bqv: run `nix-store -r` on the path
<sphalerite>
qyliss: hostname comes from the uname syscall, hosts comes from nss :p
<V>
gchristensen: I'd do that except I don't want my journal to be unusable
<gchristensen>
oh I erase my journal on boot too
<V>
eesh
<bqv>
clever: indeed, thanks :D
<sphalerite>
gchristensen: do you send it to a log server, or just not care about the past? :D
<gchristensen>
who needs logs, yesterday is gone tomorrow is the future (or something like that)
<sphalerite>
I see
<V>
people who are trying to track down bugs
<V>
logs are useless in a bug-free system
<gchristensen>
(this is just my laptop, and not in any way a serious position for me to be taking)
iH8c0ff33 has quit [Ping timeout: 246 seconds]
<gchristensen>
for servers I absolutely do keep logs and forward them
<gchristensen>
and I wish I didn't erase my logs on boot ;)
ransom_ has joined #nixos
<energizer>
i send my laptop/desktop/server logs to a shared machine, so i wouldnt mind erasing the journal afterwards
ransom_ has quit [Client Quit]
<energizer>
(as long as i can guarantee that it doesn't get erased before they're sent)
<clever>
that reminds me
<V>
That's a big if for a laptop
<clever>
i rigged syslog up to do that on some of my pre-nixos machines ages ago
<clever>
and then i spent 2 hours trying to figure out why somebody cant ssh into my machine
<clever>
the logs turned up in /var/log/ssh, yet the error says the acct doesnt exist, and it does
<clever>
then i realized, the hostname in the log msg, syslog was merging both systems into one file
<clever>
the router forwarded 22 to the wrong box
<clever>
and syslog then forwarded the logs to the right box, lol
<nature>
Nix flakes question: How can you change the shell in which you end up when running `nix develop` to zsh ? (instead of bash)
iH8c0ff33 has joined #nixos
ddellacosta has joined #nixos
<energizer>
maybe there should be a zix command that does everything with zsh
<nature>
`nix-shell` correctly uses zsh, but not `nix develop`
<notgne2[m]>
fix for fish?
<notgne2[m]>
nature: you can do `nix develop -c zsh` iirc
<nature>
oh thank you!! works like a charm
<notgne2[m]>
I believe the reason for not using $SHELL is some shells will not execute the rc files used to make `shellHook` commands work
<nature>
any known way to enable this behavior by default ?
iH8c0ff33 has quit [Ping timeout: 260 seconds]
<energizer>
is anything gonna break if i chmod -r /persist/etc/machine-id ?
<notgne2[m]>
nature: I don't think so, besides an alias
<nature>
thanks anyway, finally I used something like `eval "$(nix print-dev-env)"` in my .envrc file and it actually keeps my default shell
iH8c0ff33 has joined #nixos
<energizer>
can there only be one instance of a service running at once? if yes, is that only because they'd have the same name? if also yes, should that be changed, so each instance of a service gets tagged with an instance identifier?
<{^_^}>
[nixpkgs] @maralorn pushed 2 commits to haskell-updates: https://git.io/JL3Pg
Jackneill has quit [Ping timeout: 256 seconds]
<energizer>
<<clever> energizer: /etc is mainly for programs that cant be told to look elsewhere, or for programs that you want to reload and not restart o reload and not restart <clever> energizer: or for things like alsa, where you cant feasible wrap every binary thats reading it>
<energizer>
clever: ll /etc | wc -l -> 77 that's a lot
<energizer>
/etc/nanorc doesnt seem to fall into that category
<clever>
energizer: for that, i would say its so `nix-env -iA nixos.nano` will respect configuration.nix, without having to know its path
<clever>
but with vim, my config is baked right into a shell script that claims to be vim
<yaymukund>
colemickens: /join #python
<energizer>
clever: do programs using /etc/* files usually do so directly by opening them?
<yaymukund>
oops
<yaymukund>
sorry for the ping
<clever>
energizer: yeah
* colemickens
joins #python
<yaymukund>
xD
<energizer>
clever: sphalerite and V gave some examples above machine-id (shouldnt even be readable) hostname comes from uname, hosts comes from nss
<clever>
energizer: but the path to /etc/nsswitch.conf cant be in an env var or wrapper, because it should use the new config after you rebuild-switch
<clever>
and an env var wouldnt take effect until you restart nearly everything
ziguana[m] has joined #nixos
<clever>
so you need a symlink at some predictable location, which you can swap out later on
mallox has quit [Quit: WeeChat 3.0]
<energizer>
clever: just taking a few at random, do pulse, kbd, iwd, lightdm really need to be there
<clever>
pulse, same reason, the config can change when you rebuild, and all apps should respect the new config
<clever>
but they have no other way of knowing WHERE the new config is
Jackneill has joined #nixos
<qyliss>
clever++
<{^_^}>
clever's karma got increased to 549
<V>
didn't this already get stated above
<clever>
kdb, lightdm, those feel like things that cant reload at runtime, so you could just pass it on the cli args, if the app allows it
<qyliss>
I also like being able to easily find configuration files on my system
<qyliss>
And since the NixOS architecture doesn't allow for multiple instances of the same service anyway, might as well use /etc.
<V>
arguably that's a problem with tooling
<sphalerite>
... which I believe qyliss is working on solving ^^
<V>
in Android/etc everything has its own private dir, but the tooling allows simple management of state in a centralised location
<qyliss>
sure
<energizer>
only allowing one of a service seems like a bad thing
<qyliss>
Indeed it is!
<qyliss>
But it's what we have
<energizer>
like couldn't they could just be renamed to uuids or something instead
<qyliss>
(well, it's a bad thing for most services. For a small number of services it wouldn't make sense to allow more than one.)
<terlar>
In case anyone else runs into my issue, I solved it like this: builtins.seq (builtins.readDir drv) (builtins.unsafeDiscardStringContext (toString drv));
<terlar>
turns out I had to use something like readDir to make it evaluate the derivation via seq, it was not just enought to refer to the stringified derivation
<clever>
terlar: unsafeDiscardStringContext gets rid of the data needed to let nix know it wants to build it
<clever>
terlar: and readDir forces it to build it much earlier, at eval time, which can harm performance
<terlar>
Yes, this was a hack I used in my unit tests for a function using builtins.path. Not something I would normally recommend
<energizer>
qyliss: my naive sense is that "one instance of a service" like a thing that can be changed in a few days of messing with nixlang nixos code, not a fundamental architectural issue. or am i wrong?
<energizer>
s/like/is/
<terlar>
clever: If you have any other ideas how to achieve the same thing I am all ears. I am using a derivation to generate an arbritrary directory structure used by tests, then I have a test that is using that derivation to test the source filter.
<clever>
terlar: why do you need unsafeDiscardStringContext?
<qyliss>
energizer: every NixOS service assumes it's the only instance of itself
<qyliss>
they use global paths, not just in /etc but in e.g. /var/lib
sangoma has quit [Quit: WeeChat 2.9]
<qyliss>
so you would have to update every service
sad_flake_user has joined #nixos
<qyliss>
But also, what would the API for enabling a service look like?
<qyliss>
it couldn't just be services.foo.enable any more
<qyliss>
so that would all have to change
<neonfuz2>
Hello
<qyliss>
and what you'd eventually be left with wouldn't really even be NixOS any more, since _everything_ would be different from a user PoV
<sad_flake_user>
is there a bug for extremely slow cache.nixos.org access during rebuild switch --flake?
<terlar>
clever: Because my function is using cleanSourceWith which don't allow using nix store paths as src
<neonfuz2>
so I use signal-desktop on dwm, and it works fine
<qyliss>
(not that that's a reason not to explore this!)
<neonfuz2>
but after enabling kde (plasma 5) and rebuilding, signal freezes randomly all the time
<neonfuz2>
while using it through dwm still
<clever>
terlar: why are you running cleanSource on a derivation? why not just not include the files in $out ?
<neonfuz2>
anyone have any idea why?
<energizer>
<<qyliss> But also, what would the API for enabling a service look like?> that's an interesting question
<neonfuz2>
the whole app freezes, when I open the file upload dialog it can freeze on that too
<terlar>
clever: I am writing a unit test for my function using cleanSource function under the hood. The derivation is there because I am using it to setup the directory structure that I am testing the function against.
<energizer>
i suppose the enabler could give all the instances names like `services.emacs.instances = ["primary" "other"]` or just a count `services.emacs.instances = 2`