<matthewcroughan>
yeah, that's the exact post I've read.
<matthewcroughan>
And that function is not very useful for making conditional statements for docs
<matthewcroughan>
try writing arm64.rst, riscv.rst and x86.rst, and a generic-template.template.
<energizer>
what will happen when i do?
<matthewcroughan>
Now, in generic-template.template, write some stuff that works everywhere which has an argument you want to be variable and just put |ARCH| as a placeholder, however you do that in jinja.
<matthewcroughan>
and make a jinja {% if pagename == arm64 %} then do some stuff
<matthewcroughan>
you'll get something like undefined function pathto()
<veleiro>
orgmode needs no addins for its markup
<matthewcroughan>
just basically try and find a way to fill out generic-template.template, I haven't been able to figure this out for weeks. Meanwhile mkdocs is engineered to support this.
<matthewcroughan>
arm64.rst just contains arm specifics that are not variable. generic-template.template contains details that are the same on all machines.
<matthewcroughan>
sometimes I think I should just use nix to write docs and insert strings into files like a pre-processor
<energizer>
org mode has overly verbose syntax and very little tooling for technical documentation and it relies on an obscure IDE
jkachmar has joined #nixos
nhs has quit [Ping timeout: 276 seconds]
<energizer>
there's a nix thing for that matthewcroughan
<matthewcroughan>
Please use this command on ${pkgs.myvariable}
<energizer>
forget what it's called tho..
<veleiro>
orgmode's syntax for markup is simple and what can be done with it powerful, but i'm an "obscure" emacs user
<energizer>
#+BEGIN_SRC nix #+END_SRC yeah no thanks
<gchristensen>
please, we don't need to get in to favorite markups
<matthewcroughan>
I don't give a hell what it is as long as it's simple and easy to use.
<matthewcroughan>
And the most important thing is that it should allow the insertion of data from external sources, because without that you're so screwed.
<veleiro>
well i prefer text syntax in place of 15 programs to do docs/notes/blogs/GTD etc and its nice to be able to do everything within one format
<matthewcroughan>
HTML/JS exist to solve this problem, and markups/frameworks come in to reinvent this issue, if you can't conditionally insert some text depending on the page name, it's just so screwed.
<energizer>
matthewcroughan: i'm not sure what's happened there. it shouldnt' be hard in sphinx, maybe there's a bug or whatever. the main problem with rst is that it's maintained on sourceforge by a handful of people not interested in progressing it
<matthewcroughan>
energizer: yeah, and mkdocs just solves it.
<matthewcroughan>
I tried, very hard. I'm in #sphinx-docs, I was begging for someone for weeks to just respond :D
<energizer>
yeah that channel's dead
<energizer>
the sphinx mailing list is the place to go
<matthewcroughan>
One guy responded and told me to go to their mailing list on google groups, and that's dead too. It's like 10 posts away from 2016.
nhs has joined #nixos
<energizer>
did you ask a question on it?
<matthewcroughan>
No, but I searched for my problem.
marusich has quit [Ping timeout: 240 seconds]
<matthewcroughan>
And I found lots of people saying "Just use rst_epilog"
<matthewcroughan>
they do not understand this issue
<matthewcroughan>
then I went to #yocto, and they understood it. And they wrote a pre-processor in python to solve this.
thelounge52 has joined #nixos
<matthewcroughan>
Except it doesn't allow you to do what I just proposed. It just allows you to insert vars into .. include and .. code-block, lmfao
<matthewcroughan>
because the build in rst substitutions won't work in directives like that (of course).
<energizer>
anyway i'm glad to hear it's a solved problem now
<matthewcroughan>
OH! energizer if you simply put `{% extends "!layout.html" %}` in any rst file with the example from the blog post from the Read The Docs founder you just sent me, you'll find the same error of "pathto() is undefined".
<energizer>
matthewcroughan: i haven't seen that issue. sounds like you've got it figured out but if you want help with it you can ask on the mailing list
thelounge52 has quit [Ping timeout: 256 seconds]
<veleiro>
ug, handlebars remind me of the web
<veleiro>
suffered through most of my career in that world
<jkachmar>
bqv: i read through their work on the IOHK codebase 'cause it was all open source and i was mining GitHub for examples of "industrial" Haskell code
<jkachmar>
it was all terrible
<bqv>
Oh wow
<jkachmar>
i mean idk, i'm a biased individual and i'm sure they do good work in many capacities etc. etc.
<energizer>
jkachmar: are you coming from a background of haskell expertise?
<gchristensen>
that is maybe not really on topic for #nixos, serokell devs are part of our community too and it'd be best to remain respectful and constructive(ly critical when necessary)
<bqv>
I was about to ping one...
<jkachmar>
ya, noted; so i mean more constructively: i'm curious in general about why nixops wouldn't necessarily be the suggested tool
<energizer>
nixops 2 isnt released yet afaik
<jkachmar>
more surprising that when i asked about nixops explicitly the first responses all recommended completely different things
tgamblin-llnl has quit [Ping timeout: 258 seconds]
nhs has quit [Ping timeout: 240 seconds]
<jkachmar>
energizer: i mean released to the main dev branch, i can pull those expressions down and just build it right?
<energizer>
iirc the people working on nixops 2 didn't get funded to finish it? (someone can correct me otherwise)
<jkachmar>
oof, well that's a good reason
<gchristensen>
adis\bladis is continuing the work now
<energizer>
actually i'll go ahead and ask explicitly. is that what happened?
<energizer>
ok
<jkachmar>
gchristensen: nice! good to hear
<matthewcroughan>
gchristensen: what do you do for machine provisioning?
<gchristensen>
I don't work there anymore, don't have too much free time to work on Nix things in my personal time and have had to be much more picky about how I spend it ... and also the clients I've had haven't wanted to have me work on it, so I haven't
<matthewcroughan>
I just saw disko on nix-community and thought it's pretty cool, but any recommendations for declaring such things?
<gchristensen>
my opinion is you should have a thing that provisions the machine and partitions as a totally separate step outside of your nixos config
nwm_ has quit [Read error: Connection reset by peer]
nwm__ has joined #nixos
<gchristensen>
and the first thing passes it off to a thing to install nixos
<matthewcroughan>
sure, I just wanna declare everything.
<gchristensen>
yeah, I'd use a tool other than Nix to declare partitions
<matthewcroughan>
some things can't be, but I think if I build some hardware to be in a certain state, I should be able to define and write it down
thelounge52 has joined #nixos
<matthewcroughan>
like I have 3 pcs with 2 disks each that I want zfs mirrored, I think that ought to be doable
<gchristensen>
imho you shouldn't write anything in nix unless you're comfortable completely losing the stuff that used to be there
<gchristensen>
because if you define a 2-disk-mirror and then change it to be 2-disk-stripe in Nix, after the Nix config is applied it should be that way -- probably erased
Supersonic112 has joined #nixos
Supersonic has quit [Ping timeout: 272 seconds]
Supersonic112 is now known as Supersonic
LilleCarl has quit [Ping timeout: 246 seconds]
<matthewcroughan>
gchristensen: so you think chasing automatic installs is a mistake on my part?
simba1 has quit [Ping timeout: 258 seconds]
<gchristensen>
no
<gchristensen>
I just don't think it should be built in to NixOS
<matthewcroughan>
what do you think it should be then? Just a bash script?
<gchristensen>
a separate component that hands off to nixos
<matthewcroughan>
like Flox? :D
ericsagnes has quit [Ping timeout: 260 seconds]
<gchristensen>
mmm probably not flox :P but maybe! for example you could use ipxe, and use a nixos-built ipxe image to do the provisining and hand off to nixos
<gchristensen>
and that nixos-built ipxe image could contain flox I suppose
<matthewcroughan>
I was thinking that each machine in your flake hardware config would define everything
<matthewcroughan>
so each machine would have to have a hardware config like what disks it has, and the UUID of those disks to guarantee that it's specific enough not to make mistakes
<gchristensen>
the problem is that hard disk geometry and mirrors are not declarative, they are inherently imperative and stateful
<matthewcroughan>
ipxe and network stuff is a different game
<gchristensen>
so what happens if you accidentally deploy one machine to another? if you're doing it truly declaratively, you've ruined the disks that used to be there.
<jkachmar>
gchristensen: hm, yea that's a good way to frame it
<matthewcroughan>
that's a problem in the real world with kubernetes that remains unsolved gchristensen
<energizer>
you can't roll back
<gchristensen>
yes, state is hard
<samueldr>
everything hardware is more of an ambient impurity than a state
<gchristensen>
so that is why I say it should be a provisining component that passes on to nixos
<matthewcroughan>
yes, keep the nuking to another component
<jkachmar>
yea, maybe the good axiom is that declaratively provisioning your "substrate" is an anti-pattern
<matthewcroughan>
I just want to know what that other component is so I can start using it :P
<samueldr>
and impurities are things we can't exactly manage
<gchristensen>
jkachmar: yeah!
<gchristensen>
your substrate should be a fact of the target that you work with, not define
<gchristensen>
*writes that down*
thelounge52 has quit [Ping timeout: 276 seconds]
<gchristensen>
I mean, the other thing though is it is fine to declaratively provision
<gchristensen>
but it should be its own phase
<energizer>
always seemed to me that hardware-configuration.nix should import configuration.nix rather than the other way
<gchristensen>
where a machine only goes through it as part of its lifecycle, NOT as part of a normal process
<matthewcroughan>
energizer: always seemed to me that networking.<hardware_networking_device>.useDHCP should go in hardware-configuration.nix :P
<energizer>
it should just be networking.useDHCP
<matthewcroughan>
I think all these things will be reordered in due time, but it doesn't matter since the closure is the same
nhs has joined #nixos
<energizer>
it shouldnt be deprecated, it should jsut work
<jkachmar>
gchristensen: yea, perhaps a better way of framing it is that much of your configuration can be declared statelessly but your computing substrate is not necessarily one of those things
<gchristensen>
right
<matthewcroughan>
jkachmar: gchristensen: it's really hard to come to terms with the idea that the substrate isn't declarative
<gchristensen>
thank you for helping with this language, jkachmar! that is a really great way to put it
<matthewcroughan>
because when you use nixos, you want to make everything this way
<gchristensen>
yeah, abathu\r calls that the "ice-nine" effect
<jkachmar>
ooo that's _very_ good language for this lol
<matthewcroughan>
I've been recommended to read that book by a few people now hah
<gchristensen>
I am very annoyed by NixOS options which aren't actually declarative
mkaito has quit [Quit: WeeChat 3.0]
<jkachmar>
yea that's something that I'm hitting a bit of friction with on the `impermanence` module
<matthewcroughan>
Are there other patterns in nature that follow this? That are obvious? Where the substrate isn't declarative but whatever is above is?
<jkachmar>
it's not _quite_ declarative because it depends on aspects of the file system being present/not-present
<gchristensen>
any option with the name "ensure" in it, for example, should not exist
<matthewcroughan>
python -m ensure_pip
<energizer>
i tried making a vm recently and it told me fileSystems.btrfs.autoScrub can only be true if i have some btrfs filesystems...
<gchristensen>
I ran from chef to nixos and we went and made my declarative os chef again
<jkachmar>
i have said this before and i will say it again: my ideal computer is running smartOS with the Nix package manager and it uses chef/salt/ansible to provision everything else
nhs has quit [Ping timeout: 240 seconds]
<matthewcroughan>
jkachmar: your ideal os is money and a workforce
<matthewcroughan>
a workforce of yaml programmers who are very upset
<jkachmar>
anyway idk if there's precisely good language for it, but for i think NixOS configurations are only declarative with respect to certain invariants that we can define at certain points in the systems lifecycle
<energizer>
gchristensen: since ensureDatabases does declare these databases exist, it sounds like you have a more precise definition of declarative in mind?
ahmed_elgabri has joined #nixos
nwm__ has quit [Read error: Connection reset by peer]
nwm_ has quit [Read error: Connection reset by peer]
<gchristensen>
it is not declaring anything, it is an instruction!
<gchristensen>
it is imperatively saying "these users should exist please!"
nwm_ has joined #nixos
<energizer>
do you just mean it shouldnt be called ensure*?
<jkachmar>
yea, it's an instruction to check if the state machine is in state B, and if it is in state A to transition from that to state B
<gchristensen>
on
<matthewcroughan>
It is not making it true, it's asking to make it true.
<gchristensen>
you delete that code, those users still exist. it has missed the declarative part of being declarative
<gustavderdrache>
^ yeah, that
<gustavderdrache>
the problem with ensureFoo is that deleting it doesn't delete the foo it created
<gchristensen>
if you go from A to B to A, you should be back at A, not A-weird
ericsagnes has joined #nixos
<energizer>
ah, you can't roll back
<energizer>
as aboce
<energizer>
above
<matthewcroughan>
gchristensen: Isn't this called idempotency?
<gchristensen>
s/f/p/ig
<gchristensen>
no, though that is related
<jkachmar>
eh, no ensure* operations should be idempotent right?
<gchristensen>
right
<jkachmar>
it's just that it makes no guarantees that there is an `unEnsure` hook that runs afterwards
<gchristensen>
gustavderdrache: that regex was for your example :P
hyper_ch2 has joined #nixos
<matthewcroughan>
I want a function that insures.
<jkachmar>
actuaryOS
<gchristensen>
the reason people like NixOS (whether they know it or not) is because the configuration you're presented with is very reliably what you actually get in the end
<gchristensen>
and you simply cannot have that with an ensure* option
<veleiro>
jkachmar: have you looked at nixus? i looked at nixops temporarily but came to the same conclusion
<gchristensen>
here is another example, configure your database and some ensureUsers and your web app , then delete your ensureUsers code and your web app still works! but you deploy it to another server and it is broken! what gives?
<gchristensen>
gustavderdrache: (the problem with ensurePoo is that deleting it doesn't delete the poo it created)
<jkachmar>
hmm, it's not usual that i regret being flippant so quickly
<gustavderdrache>
lol
<matthewcroughan>
gchristensen: I'm going to use that everywhere I go now. Thanks.
<gchristensen>
:)
<matthewcroughan>
Poobar
<jkachmar>
gchristensen: uuuhhh, just make NixOS also keep an index of lifecycle state for all components that may have an associated state machine to ensure that `nixos-rebuild switch` only admits valid state transitions
<jkachmar>
ez
<matthewcroughan>
gchristensen: can you validate that a system matches a configuration.nix in a pure way?
<matthewcroughan>
for remote attestation purposes?
<gchristensen>
jkachmar: haha yes, "what's the problem?"
<jkachmar>
this makes me want to try and flake-ify my config again
<jkachmar>
last time it ended in tears though
<betaboon>
i realy have to clear some time to look into flakes :D
nwm__ has joined #nixos
<jkachmar>
i keep making my life harder by trying to use macOS like it's NixOS...
<bqv>
Uh, anyway, why I'm here, is anyone aware of *any* use of nix-processmgmt? I'm trying to fiddle with it but it is arcane and I have zero precedent rn
nwm__ has quit [Read error: Connection reset by peer]
nwm_ has quit [Read error: Connection reset by peer]
nwm__ has joined #nixos
nhs has joined #nixos
<bqv>
Well, any use outside all sander's disnix repos, which are equally arcane
<adisbladis>
crdb: I think the person most qualified to answer this is not on irc. Could you report an issue and cc the podman team? (just reference @NixOS/podman in the issue)
cfricke has quit [Quit: WeeChat 3.0]
cfricke has joined #nixos
simba1 has quit [Ping timeout: 260 seconds]
sangoma has quit [Ping timeout: 265 seconds]
nhs has quit [Ping timeout: 240 seconds]
malook has joined #nixos
<crdb>
I sure could
<crdb>
I should report in nix project right ?
thelounge52 has joined #nixos
<maier>
Where can I find out what `nix-build --check` does? I cannot see it in man nixÃ-build, but maybe itä's something that's mentioned elsewhere.
ATuin has joined #nixos
thelounge52 has quit [Ping timeout: 246 seconds]
nhs has joined #nixos
andreas303 has quit [Remote host closed the connection]
<eyJhb>
Is there any reason why a command like this - ` mount -t cgroup -o memory,$F cgroup $CGRP/memory` should fail with `mount: /jailed_cgroups/memory: permission denied.` in NixOS? Running in Docker container, and it works fine on e.g. Debian etc.
<eyJhb>
[W][2021-02-05T09:00:58+0000][21] bool cgroup::createCgroup(const string&, pid_t)():43 mkdir('/sys/fs/cgroup/memory/NSJAIL/NSJAIL.22', 0700) failed: No such file or directory
<eyJhb>
[E][2021-02-05T09:00:58+0000][21] bool subproc::initParent(nsjconf_t*, pid_t, int)():397 Couldn't initialize cgroup user namespace for pid=22
<steveeJ>
supersandro2000: thank you. do you by chance understand if nixpkgs-updater works outside of nixpkgs? it seems to be able to update rust packages as well
thelounge52 has quit [Ping timeout: 240 seconds]
nhs has joined #nixos
malook has joined #nixos
sorki has joined #nixos
srk has quit [Remote host closed the connection]
<colemickens>
nix-update claims to support rust packages. The update script that drives nixpkgs-wayland is also used to drive updates for other repos that are laid out the same way and it can also handle go/rust packages and their extra sha updates.
<steveeJ>
colemickens: cool, thanks! "laid out the same way" probably menas it won't work out of the box for the repo I have in mind
nhs has quit [Ping timeout: 276 seconds]
sorki is now known as srk
malook has quit [Quit: malook]
davidv7 has quit [Remote host closed the connection]
<{^_^}>
[rfc39-record] @grahamc pushed commit from rfc39 to main « Automated team sync results. »: https://git.io/Jtg6r
nhs has joined #nixos
crdb has quit [Quit: Ping timeout (120 seconds)]
domogled has joined #nixos
Izorkin has quit [Ping timeout: 240 seconds]
<{^_^}>
[nixpkgs] @SuperSandro2000 opened pull request #112011 → duf: 0.5.0 -> 0.6.0, other cleanups, add me as maintainer to some packages → https://github.com/NixOS/nixpkgs/pull/112011
<carbolymer>
I've started getting ssl errors today using `nix-env -iA` - how can I ignore those errors?
<__monty__>
adisbladis: Maybe you were thinking of `makeWrapper`? Though I always assumed that still execs the wrapped program.
<adisbladis>
__monty__: wrapProgram is makeWrapper
<jamie23>
if you wrapProgram jim, jim gets moved to .jim-wrapped and a new file is created called jim wrapping .jim-wrapped
<adisbladis>
or the other way around
<adisbladis>
I can't remember
<__monty__>
It's a convenience wrapper around makeWrapper.
<s1341>
ok. i understand how it's supposed to work...
<__monty__>
s1341: Also, the path will be in the exec line of the wrapper.
<s1341>
but if I look at /nix/store/6iq8bv6mcfi4l0pd2bg4nc2zqh4v72qc-ndk-bundle-22.0.7026061/libexec/android-sdk/ndk-bundle/build/tools/make_standalone_toolchain.py, it's not a wrapper...
<s1341>
(builtins.compareVersions (lib.getVersion package) "21" > 0) <- does this mean DO for versions greater than 21, or do only for versions less than or equal to 21?
<jamie23>
with nix flakes I can do nix build .#my-package-name of one of my packages, but how do I build all the packages I have in packages = { ... } ?
<s1341>
uh. i see... so no wrapper ;)
<afreak>
im trying to downgrade a gomod package using overlay, but getting `run 'go mod vendor' to sync, or use -mod=mod or -mod=readonly to ignore the vendor directory` errors, i think its because i have wrong `vendorSha256 = super.lib.fakeSha256;`, but it doesnt tell me what value it wants there , anyone know how to solve that issue?
zebrag has quit [Read error: Connection reset by peer]
ahmedelgabri has joined #nixos
zebrag has joined #nixos
Izorkin has joined #nixos
superherointj has joined #nixos
<__monty__>
infinisil: Thanks, I was thinking what a horrible name "compareVersions" is, so ambiguous, especially because the return value then needs to be compared *again*.
<infinisil>
Yea
<__monty__>
Why are none of these in nixpkgs/lib/versions.nix though?
hiro98 has quit [Ping timeout: 246 seconds]
ahmedelgabri has quit [Ping timeout: 272 seconds]
<bqv>
I find versionOlder still a bad name. I always have to check it's polarity in the repl first
<jamie23>
afreak: tried a couple things, no idea. The src is deffo 1.7.9 go.mod and go.sum match in src and cloned copy, doing go mod vendor in my shell with a cloned version of v1.7.9 works fine, `deleteVendor = true;` didn't do anything, hanging the vendor sha to another sha didnt do anything either ...
<__monty__>
Yeah, I agree encoding the argument order would be nice. versionBeforeAfter maybe?
<oxalica>
Hello. Seems `lib.hiPrio` not work in `buildInputs` of `mkShell`? I have some tries but the former drv outputs alwasy override latter ones if they have some path collision.
<jamie23>
with nix flakes I can do nix build .#my-package-name of one of my packages, but how do I build all the packages I have in packages = { ... } ?
<simonpe^^>
what is the recommended way to build a derivation and its dependencies with debug symbols?
<patagonicus>
`man nix-shell` says that NIX_BUILD_SHELL defaults to "bash found in PATH", but the code in https://github.com/NixOS/nix/blob/master/src/nix-build/nix-build.cc#L350-L352 actually uses NIX_BUILD_SHELL, falls back to bashInteractive from nixpkgs if unset and only if that also fails it will use bash from PATH. Is this just a case of the documentation
<patagonicus>
being out of date or am I missing something?
<simonpe^^>
my toplevel expression has a debug arg that I can set, and if that is set I will add some cmakeFlags and separateDebugInfo in my app derivations, but I really don't want to do that in all of my libs and apps
<dutchie>
simonpe^^: you can use `pkgs.enableDebugging pkgs.foo`
<simonpe^^>
dutchie: btw, will that also work for building dependencies with debug symbols?
<dutchie>
it overrides stdenv so should do, i think
<simonpe^^>
perfect, thx
<dutchie>
i haven't actually had need to use it myself
jakobrs has joined #nixos
ahmedelgabri has joined #nixos
<jakobrs>
Is there something like `pkgs.writeTextFile` but for writing multiple files?
meh` has joined #nixos
fendor_ has joined #nixos
fendor has quit [Remote host closed the connection]
<maralorn>
jakobrs: You mean in one derivation?
<jakobrs>
Yes
<maralorn>
Or rather, one output-path …
<maralorn>
I don‘t know of anything exactly for that purpose. I generally use pkgs.runCommand if I have a need for stuff like this.
<jakobrs>
I know I can use buildEnv to combine them together into one path but I'd rather just use a builtin *if it exists*
<jakobrs>
but yes, I'll probably just use runCommand
nhs has joined #nixos
jamie23 has quit [Quit: Connection closed]
<maralorn>
I generally think that a helper function that maps a (nested for directories) attset of filenames -> content into one derivation would be quite sweet.
<ldlework>
DigitalKiwi: I'm just getting into it. Wanna come to #nixos-chat?
<patagonicus>
map writeTextFile over a list of (name + content) then use name + (output of writeTextFile) for linkFarm. Although I've never used linkFarm myself.
<kaba0>
Hi, is it a known bug that using experimental nix with flakes, `nix shell nixpkgs#anUnfreePackage` fails to read my .config/nixpkgs/config.nix file (fails to evaluate because allowUnfree)? Is it deliberate and the new version reads some other file, only the output references the other one or is it a bug? Should I look into it more?
malook has quit [Client Quit]
nhs has joined #nixos
kaba0 has quit [Client Quit]
<gchristensen>
that is not a bug, flakes are totally pure and don't read configuration files like that
kaba0 has joined #nixos
<kaba0>
gchristensen: Thanks! But in this case how can one "install" an unFree package (I tried it with vscode)?
<gchristensen>
I don't know, I haven't actually used flakes very much -- sorry
<kaba0>
Thank you, for the time being I just installed it with regular nix-shell, was asking only because if it is a bug than I would have created an issue.
zupo has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<ornxka_>
how do i extend patchPhase... i have a package that has both patches to apply, and a postPatch script... i want to run some code after it applies its patches but before postPatch
<supersandro2000>
ornxka_: put it in the beginning of postPatch
<supersandro2000>
or maybe move postPatch to preConfigure or something
<henri`>
ornxka_: Is this about overlays or are can you edit the original derivation?
thelounge52 has quit [Ping timeout: 276 seconds]
<ornxka_>
i can edit the original derivation but the postPatch stuff is wrapped up in a big common nix expression a bunch of other packages use, and my patch only applies to one of them
<ornxka_>
can i just call patchPhase in patchPhase...?
<henri`>
ornxka_: Not sure I understand but it sounds like you could just do postPatch = myStuff + originalStuff;
ahmedelgabri has quit [Ping timeout: 264 seconds]
Qwerky has quit [Remote host closed the connection]
<henri`>
Does nixpkgs or NixOS currently require IFD anyhere? I'd like to globally set allow-import-from-dervation to false, but I also don't want to end up with an unbuildable system.
mkaito has joined #nixos
mkaito has quit [Changing host]
mkaito has joined #nixos
<Taneb>
Nothing built by Hydra requires IFD
neiluj has joined #nixos
neiluj has quit [Changing host]
neiluj has joined #nixos
<henri`>
Taneb: Thanks! That's good, so I might just go for it.
<neiluj>
hello :)
<neiluj>
anyone got a working znc configuration to share?
<neiluj>
last time i tried to set it up i got a connection reset by peer error, didn't had much time to troubleshoot the issue fruther
mariatsji has joined #nixos
red[evilred] has joined #nixos
<red[evilred]>
Working configuration for what?
SomeoneSerge has quit [Ping timeout: 240 seconds]
<neiluj>
ZNC, an irc bouncer
<mariatsji>
hello, is it possible to make `nix-build docker.nix --arg artifact 'import ./default.nix {}'` go faster since I allready have the derivation from default.nix built and installed in my /nix/store?
<shapr>
supersandro2000: whether there's a more sensible way to limit binary scope
sigmundv has quit [Read error: Connection reset by peer]
neiluj has quit [Quit: leaving]
sigmundv has joined #nixos
<eyJhb>
Is it possible to delete everything EXCEPT the things thas are refferenced in current profile + needed to build a specific Nix file? Ie. I want to delet everything except my currenty profile + what my Nixus setup requires, to remove previous genererations of my servers, etc. from my laptop
nhs has quit [Ping timeout: 264 seconds]
rj has joined #nixos
mariatsji has quit [Quit: Connection closed]
sangoma has joined #nixos
malook has quit [Quit: malook]
<lordcirth__>
eyJhb, nix-collect-garbage -d
<lordcirth__>
will remove all past gens, then GC
neiluj has joined #nixos
neiluj has joined #nixos
neiluj has quit [Changing host]
<eyJhb>
lordcirth__: Yes, but that does not take into account a specific build I would also like to keep :)
<lordcirth__>
eyJhb, if the build is a GC root, then it won't get GC'd.
<lordcirth__>
So if you have a "result" file created by nix-build, that is a root
<j2t>
hi, in debian linux people would edit a file /usr/share/pulseaudio/alsa-mixer/paths/analog-output-headphones.conf with lines `[Element Front] switch = off volume = off`. How can say the same in configuration.nix? There is hardware.pulseaudio.configFile that is a path on a config file, im not sure where to start.
<matthewcroughan>
gchristensen: After provisioning 3 machines, I don't know if I agree with what you said about provisioning.
<gchristensen>
okay
<matthewcroughan>
the hardware-configuration and disk uuids change per machine, They are statically defined.
<matthewcroughan>
Why not have these things defined in nix?
Guest2599 has quit [Quit: leaving]
<gchristensen>
exactly! they are not defined *BY* nix though
<matthewcroughan>
if a disk fails, I have to replace it and its uuid changes.
vidbina has quit [Ping timeout: 264 seconds]
thelounge52 has quit [Ping timeout: 240 seconds]
<gchristensen>
I can't get in to it a lot right now, but I'd be happy to talk more. I have certainly provisioned more than 3 to have pretty specific opinions about it
<matthewcroughan>
therefore my hardware-configuration now has to refer to boot.loader.grub.mirroredBoots = [ { devices = { "/dev/disk/by-uuid/<ID>}]};
<gchristensen>
and have*
<matthewcroughan>
gchristensen: oh I didn't mean to say I have expertise :D
<matthewcroughan>
just that it feels logical to me at this point to declare the machines absolutely in a config file, rather than have 3 install.sh's for each machine
<matthewcroughan>
so I'm still wondering what it is that makes you feel different, because I thought I'd see what you see after trying this
<gchristensen>
that doesn't change my opinion and is the reason I have my opinions in fact :P
<matthewcroughan>
I'd love to read more.
<matthewcroughan>
but imagine nixos-install --flake -L #.machine1
<matthewcroughan>
if the hardware changes, it's not machine1 anymore, so it'd fail
<matthewcroughan>
but my shell script install.sh behaves weird depending on disk space, so I see how this is more "ensure"ing things than it is declaring things.
<rmcgibbo[m]>
Dilema: If a python package doesn't bundle the tests in pypi but has tests on github, but the github repo contains no tags or version numbers, so you'd just have to pull a totally random commit, would it be better to pull src from github or pypi? Both have a disadvantage.
saschagrunert has quit [Remote host closed the connection]
<{^_^}>
[nixpkgs] @peti pushed 2 commits to haskell-updates: https://git.io/Jt2OV
mmmattyx has quit [Quit: Connection closed for inactivity]
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage-packages.nix: automatic Haskell package set update »: https://git.io/Jt2OQ
<chisui>
rmcgibbo[m]: can you find out commit the pypi versions are based of?
<chisui>
*find out which
<eyJhb>
Is there anything I need to keep in mind, when replacing my SSD with a new one, and copying over my ZFS pool?
mallox has quit [Quit: WeeChat 3.0]
<rmcgibbo[m]>
I looked in git blame for when the "version" string was changed on github, and can line that up with the pypi release, so yes.
<rmcgibbo[m]>
But it's kind of hacky & manual.
<henri`>
rmcgibbo[m]: Sometimes it's better for these issues to be fixed upstream. It should be worthwhile to open an issue and ask for git tags.
<matthewcroughan>
anyone got any idea why I can't discover some machines by avahi despite them having identical avahi configuration?
<matthewcroughan>
I can discover some but not others
<matthewcroughan>
how do you guys all run virtual machines in nixos?
thelounge52 has joined #nixos
<henri`>
matthewcroughan: What kind of VMs?
<matthewcroughan>
well I wanna run nixos VMs (or containers)
<matthewcroughan>
the use case is that I want to have a cluster without anyone being able to screw with the host
<henri`>
matthewcroughan: For NixOS VMs I'm using nixos-shell, but I only run VMs interactively.
<matthewcroughan>
I wanna hand out access, but I want ultimate declarative control over the host
<matthewcroughan>
henri`: I want it to be declared so that people could edit that too, if I merge a PR on github/lab
<matthewcroughan>
hosts/machine1 hosts/machine2 hosts/machine3, are VMs/containers running on hosts/hypervisor
<matthewcroughan>
ideally
<henri`>
matthewcroughan: Well, nixos-shell is actually only an extremely thin wrapper (maybe 200 lines or so) around <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
<henri`>
matthewcroughan: You could use that to declare VMs in your nixos-config
<{^_^}>
#109695 (by mrobbetts, 2 weeks ago, open): "A stop job is running for container" on host shut down
<matthewcroughan>
would be so cool if that just worked :p
vrinek has quit [Ping timeout: 272 seconds]
sigmundv has quit [Read error: Connection reset by peer]
<henri`>
matthewcroughan: I remember this came up several times and was also fixed several times but always had to be reverted for one reason or another.
sigmundv has joined #nixos
<henri`>
matthewcroughan: The fundamental problem is that nixos-containers should acutally use systemd .nspawn files, but that is not possible because of the way NixOS handles systemd units.
<matthewcroughan>
how would you set the hostname inside a container
cfricke has quit [Quit: WeeChat 3.0.1]
<matthewcroughan>
just put it in config = ?
<henri`>
matthewcroughan: Just like in NixOS, I guess. That is networking.hostname = "machine"
<matthewcroughan>
this results in error: 'functionArgs' requires a function, at /nix/var/nix/profiles/per-user/root/channels/nixos/lib/trivial.nix:328:42
lordcirth has quit [Remote host closed the connection]
lordcirth has joined #nixos
chisui has quit [Quit: Connection closed]
chisui has joined #nixos
<matthewcroughan>
henri`: it works without the imports = line
<matthewcroughan>
guess it's just broken
<matthewcroughan>
damnit
<henri`>
matthewcroughan: Has to be a file
<henri`>
imports = [ ./avahi.nix ];
<matthewcroughan>
oh I'm an idiot lol
<matthewcroughan>
weird error message though ;D
<henri`>
matthewcroughan: Welcome to Nix
chisui has quit [Client Quit]
cole-h has quit [Ping timeout: 240 seconds]
<matthewcroughan>
henri`: nah the new error messages in nixos-unstable are absolutely perfect
ManiacOfMadness has joined #nixos
chisui has joined #nixos
<henri`>
matthewcroughan: I just tried out this and it works: http://dpaste.com/BDQDQWXXZ (expires in 10 days)
chisui has quit [Client Quit]
chisui has joined #nixos
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
<matthewcroughan>
now it disagrees with you and says there was an unexpected {, i.e the { config, pkgs, ... }: underneath config =
<matthewcroughan>
no you're definitely wrong, because going back to normal and commenting out the import still results in the syntax error, I'm just missing a ; but I can't see it
<eyJhb>
Just observing, saying "now it disagrees with you" and "you're definitely wrong" is a nice way to not get help :) Brings quite some negativity into the space
<matthewcroughan>
eyJhb: thanks for calling me out, I'm not in the best of moods and I definitely don't intend for it to come off that way
<matthewcroughan>
frustration at the keyboard :)
<henri`>
matthewcroughan: That's from the extra braces.
<matthewcroughan>
nc for this is so convenient, it'll work on old systems and you only have to remember one thing
<henri`>
and then cat whatever | dpaste
<henri`>
matthewcroughan: I have yet to encounter a machine without curl.
<matthewcroughan>
dpaste is more advanced and lets you specify syntax though so that's cool, will use on my systems
<matthewcroughan>
henri`: yeah but having to remember that is a pain, I couldn't remember that if I ssh'd into a random machine, or was on someone else's laptop, whereas nc termbin.com 9999 is easy to remember and requires no alias
<henri`>
matthewcroughan: Whenever I log into a new machine, first thing is I clone my dotfiles.
<henri`>
matthewcroughan: Then I have all aliases
rb2k has joined #nixos
domogled has joined #nixos
erh^ has joined #nixos
<matthewcroughan>
henri`: I could figure that out, but friends wouldn't feel comfortable with me installing dotfiles on their user
<matthewcroughan>
but catting something to netcat in an easy to understand cmd that doesn't even require an alias is quite cool
<matthewcroughan>
henri`: looks like avahi isn't going to work like this of course, because avahi on the host takes precedence
<matthewcroughan>
hmm..
<matthewcroughan>
I wonder if we could get the host's avahi to start advertising the networking.hostName of the host
<matthewcroughan>
of the container*
<henri`>
matthewcroughan: Hm, I guess you need some special routing setup. Maybe have a look at the extraVeths and hostBridge options. Unfortunately, I'm a total networking n00b, so don't ask me.
<{^_^}>
[nixpkgs] @maralorn pushed to haskell-updates « haskell.ghc865.mmorph: Fix build for real »: https://git.io/Jt2cR
rj has quit [Quit: rj]
zupo has quit [Ping timeout: 256 seconds]
fendor has quit [Ping timeout: 264 seconds]
rj has joined #nixos
vrinek has quit [Ping timeout: 272 seconds]
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hackage2nix: add older version of ghc-lib to extra-packages for haskell-language-server »: https://git.io/Jt2cE
<{^_^}>
[nixpkgs] @7c6f434c merged pull request #98962 → Snapcast: v0.20.0 → v0.23.0, including various fixes to nixos/snapserver → https://github.com/NixOS/nixpkgs/pull/98962
<veleiro>
does anyone have any nixos services for sourcehut?
<{^_^}>
[nixpkgs] @peti pushed to haskell-updates « hls-hlint-plugin: add new ghc-lib dependency when building with older compilers »: https://git.io/Jt2c5
hyper_ch2 has quit [Read error: Connection reset by peer]
hyper_ch2 has joined #nixos
<{^_^}>
[nixpkgs] @SuperSandro2000 merged pull request #112011 → duf: 0.5.0 -> 0.6.0, other cleanups, add me as maintainer to some packages → https://github.com/NixOS/nixpkgs/pull/112011
<jgart[m]>
are there any cloud companies that provide a one-click install html5 interface of cloud services like minecraft, nextcloud, syncthing, mumble, matrix, etc... deployed by nixos?
<colemickens>
I've been dreaming about (someone) making one, but not that I know of.
<colemickens>
that, or nixos-powered kube clusters running nix-orchestrated payloads of softwares like that
<jgart[m]>
colemickens: Do you happen to know of any projects that provide the html5 interface for setting up a one click install?
<jgart[m]>
* colemickens: Do you happen to know of any open source projects that provide the html5 interface for setting up a one click install?
d3od has quit [Ping timeout: 240 seconds]
<colemickens>
Hm, no. I would assume that would mostly wind up being a small app that just called to a backend that wound up doing the actual deploying.
<jgart[m]>
Or I imagine I would just have to DIY
<colemickens>
I guess the clouds have JS SDKs, maybe you could just do it all from a frontend, yeah.
<colemickens>
I think the frontend piece would be "easy". It's not hard to make a call to deploy a pre-canned gold image. But then how does the on-the-fly config happen? Or are all of the images pre-canned? etc?
<colemickens>
JS SDKs to just make REST calls. For example, I deploy NixOS images in Azure and actual deployment of the VM winds up being a single POST, and that could be driven from JS
<colemickens>
ah, that's something different, in my view, but I've also pondered that and think it would be exceptionally neat.
<colemickens>
like, really, really cool to get someone 80% of the way to their final nixos config from a point-and-click interface.
<colemickens>
Just having that GUI there would draw and hook some folks, I'm sure.
<jgart[m]>
so you pick your services, packages from an html gui and then deploy and you credit card gets charged
<jgart[m]>
* so you pick your services, packages from an html gui and then deploy and your credit card gets charged
rb2k has quit [Ping timeout: 260 seconds]
<colemickens>
jgart: that has more moving pieces, IMO, like I mentioned above. You still need to get that config "live" somehow. I feel like there have been a few disjointed convos about this lately
<colemickens>
Like, grahamc 's Nix packet images do some on-the-fly config application, I would assume the Amazon AMIs do, NixOps overlaps this some too.
<colemickens>
I wonder if someone has tried making a standalone tool for this specific task.
<{^_^}>
[nixpkgs] @peti pushed 14 commits to haskell-updates: https://git.io/Jt2WD
<jgart[m]>
Yes, the nix bootstrap config idea has more parts but I think the one-click "pre-canned gold image" might be gold someday
<jgart[m]>
A vps provider dedicated to running NixOS in the cloud via one-click installs
<jgart[m]>
* A vps provider/saas dedicated to running NixOS in the cloud via one-click installs
<jgart[m]>
* A vps provider or saas dedicated to running NixOS in the cloud via one-click installs
<jgart[m]>
* colemickens: Yes, the nix bootstrap config idea has more parts but I think the one-click "pre-canned gold image" might be gold someday
<colemickens>
I'm sort of interested in this problem, if another few people wanted to brainstorm, write some Rust or something.
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
meh` has quit [Ping timeout: 256 seconds]
<colemickens>
I really want to have a nice end UX for nixos-azure and something like this is necessary, whether I copy some existing pattern from packet/aws images or make a separate service for it.
__monty__ has quit [Quit: leaving]
<colemickens>
(separate service = separate systemd service to manage the system profile)
<colemickens>
like gitops but for nixos or something almost
<bbigras>
Anyone has a working example code for `Warning: TODO: there is an alternative version where the defaultPackage is a pkgs.buildEnv that contains all the dependencies. And then nix shell is used to open the environment.` ?
<steve-chavez>
Hey guys. I'm trying to use NixOps from within Hydra. I was wondering if someone knows how to pass a path to a jobset.. that way I think I can pass the nixops sqlite db.