ahmed_elgabri has quit [Ping timeout: 260 seconds]
MatthieuCoudron[ has joined #nixos
ddellaco_ has quit [Ping timeout: 240 seconds]
vidbina has quit [Ping timeout: 265 seconds]
<MatthieuCoudron[>
I am writing a nixos test and there is sthg fishy going on. I've been trying to use the driver `copy_from_vm` function to export the fishy file (to analyze on the host) but it doesn't seem to be created ? I've tried to run other tests that use copy_from_vm but can't find anything relevant in /tmp . I wonder if it's because I am missing 9p virtfs/modules ? `lsmod|grep 9p` is empty
<ahituna_>
What is the proper way to change from bash to zsh in nixos using home manager? Do I set programs.zsh.enable = true; and users.users.<username>.shell = pkgs.zsh; in /etc/nixos/configuration.nix .... and/or do I set programs.enable.zsh = true; in ~/.local/nixpkgs/home.nix?
<ahituna_>
and I'm assuming there is no chsh involved, am I right?
growpotk- has joined #nixos
nDuff has quit [Ping timeout: 240 seconds]
NeoCron has quit [Remote host closed the connection]
<cole-h>
You'd need to set the user's shell in NixOS. If you want to use home-manager, you'd need to chsh.
<cole-h>
(rather, if you're not on NixOS, you need to chsh)
<cwpubDJ[m]>
<ahituna_ "What is the proper way to change"> I've never succeeded in getting (oh-my)zsh to work in nixos. If you figure it out let me know.
<ahituna_>
So, basically, I set programs.zsh.enable = true; and users.users.<username>.shell = pkgs.zsh; in /etc/nixos/configuration.nix, but can I then use programs.zsh.* in home manager to manage my zsh dotfiles?
<ahituna_>
and do I need to set programs.zsh.enable = true; in my home.nix as well as the aforementioned system config as well? Just one or both?
<ahituna_>
cwpubDJ[m]: I will do. I had zsh working with the prompt I've wanted in a past configuration and I've also had prezto working but it had some dealbreaking caveats... basically I'm trying to understand the right way to do it and start with plain zsh which so far I'm getting some fairly strange behavior (two prompts at the same time, etc.)
<cwpubDJ[m]>
I still leave it that way for some reason
<cwpubDJ[m]>
two prompts is pretty funny, I've never heard of that
venue has quit [Quit: venue]
<ahituna_>
yea, I'm pretty stumped about that it is the walther theme or whatever is the default zsh theme with the green cwd in the right side of the screen, but then plus the theme I'm switching too
<ahituna_>
like its trying to use both at the same time?
<ahituna_>
cwpubDJ[m]: you mention in the text file you get nothing from those lines. Do you mean you get a bash prompt still, or?
<cwpubDJ[m]>
OH FOR FUCKS SAKE
<cwpubDJ[m]>
yes I get a bash prompt
<cwpubDJ[m]>
I also apparently have my user specified in another file. and didn't include my users.nix file
<cwpubDJ[m]>
I've been beating my head with this for weeks
<cwpubDJ[m]>
* I also apparently have my user specified in another file. and didn't include my users.nix file that has the zsh config
<cwpubDJ[m]>
* I also apparently have my user specified in another file. and forgot to include my users.nix file that has the zsh config
aw has quit [Quit: Quitting.]
spacefrogg has quit [Quit: Gone.]
aw has joined #nixos
<ahituna_>
nixos is awesome but I definitely can relate there man, there is some very basic things I just cannot do (yet) like chsh and install npm global packages, etc. I'm definitely in technical debt for the time being but feel like this will eventually pay off lol
spacefrogg has joined #nixos
<cwpubDJ[m]>
This was 100% me. I literally just forgot to include the file.
<ahituna_>
ah ok haha
<ahituna_>
cwpubDJ[m]: are you using nixos + home manager or without home manager?
<cwpubDJ[m]>
no home manager.
<cwpubDJ[m]>
<ahituna_ "nixos is awesome but I definitel"> 100% this. Some of the simple stuff is just wooooo
<ahituna_>
hmm ok any particular reason why to not use home manager?
<cwpubDJ[m]>
+1 for technical debt
<cwpubDJ[m]>
So much broken shit right now, no need to keep piling it on
<ahituna_>
yea ok I can relate
<cwpubDJ[m]>
once I canreliably lock, suspend, or hibernate the pc then I'll be happy
<cwpubDJ[m]>
I torched my battery draining it every time I left the computer without shutting it down
<ahituna_>
I'm tempted to just keep bash tbh, but I really like the prompt I've been using for last few years (pure-prompt)
<cwpubDJ[m]>
okay that did nothing, still bash
patagonicus0 has quit [Ping timeout: 246 seconds]
<cwpubDJ[m]>
maybe I need a reboot
<ahituna_>
and hashing directories I like too
<ahituna_>
but things tend to work a lot more smoothly for me with nixos+bash, when I've zsh configured decently I get some but not all completions for example, but bash works all the time
<ahituna_>
cwpubDJ[m]: what window manager are you using?
<cwpubDJ[m]>
Pure looks nice
<cwpubDJ[m]>
I3.
<cwpubDJ[m]>
I messed up the config moving it over from arch. Pretty sure thats on me.
<cwpubDJ[m]>
What completions are you missing? Iirc theres some.nixos completion stuff that you can throw in zsh
<ahituna_>
yea it was the nixos completions that mainly come to mind that was missing
growpotk- has quit [Ping timeout: 268 seconds]
<cwpubDJ[m]>
and of course nothing changes
<cwpubDJ[m]>
this is why I never get my hopes up
<ahituna_>
lol yea I feel you
<ahituna_>
but still I got enough of a taste of nixos that intrigues me to keep going, an immutable and reproducible machine sounds very appealing to me
rajivr has joined #nixos
<ahituna_>
I was able to get docker running so I can continue work in this vanilla gnome and bash experience not what I'm used to for sure, but it works for the time being now I've got lots and lots of fine tuning
ahmed_elgabri has quit [Ping timeout: 258 seconds]
<CMCDragonkai2>
Is there a proper way of acquiring the store derivation hash so I can put it into the final app build, so that the app can show what build hash it was done from? Or is that chicken/egg problem?
<cwpubDJ[m]>
I don't see how. Adding a hash should change the hash. You may be able to do that with the new content-addressable stuff, but I haven't played with that yet
<cwpubDJ[m]>
* I don't see how. Adding a hash should change the hash. You may be able to do that with the new content-addressable stuff (that's the whole goal of it, really), but I haven't played with that yet
AlpineLlama has joined #nixos
<cwpubDJ[m]>
there's a make-content-addressable command
<ahituna_>
cwpubDJ[m]: alright figured out the two prompt thing...
<cwpubDJ[m]>
YOOO my zsh just loaded too
<cwpubDJ[m]>
lmao
<ahituna_>
take a look at programs.zsh.promptInit does this "autoload -U promptinit && promptinit && prompt walters && setopt prompt_sp" by default
<ahituna_>
it suggests you NOT change this but instead run prompt off sometime before you set your PS1
<ahituna_>
so I just set that default followed by prompt off just to be safe and now it does load "two prompts" but only one and prezto works too
<ahituna_>
does *not* load "two prompts"
<cwpubDJ[m]>
weird
<cwpubDJ[m]>
sounds like it loads it then turns it off?
<ahituna_>
if you're happy with ohmyzsh that is cool, but you might want to check out prezto too. Its a bit leaner and it has pure prompt by default. Anyway I may just switch to without any framework as long as I get pure-prompt and zsh-syntax-highlighting those are the main ones for me plus its easy to set vi mode
<ahituna_>
cwpubDJ[m]: yes it does indeed the comments state " # Note that to manually override this in ~/.zshrc you should run `prompt off`
<ahituna_>
# before setting your PS1 and etc. Otherwise this will likely to interact with
<ahituna_>
# your ~/.zshrc configuration in unexpected ways as the default prompt sets
<ahituna_>
# a lot of different prompt variables."
<cwpubDJ[m]>
I'll definitely check it out. I haven't enabled oh-my-zsh yet to see if it works
<procrastinatus>
I'm new to nix and was evaluating it as a package manager on ubuntu (to try to make a portable reproducible dev environment there and elsewhere). Anyone out there do this? I can't seem to get the multi-user install to work (the daemon started by systemd tries to chmod something and permission is denied and kills the client process)
<procrastinatus>
I'm new here, so whatever the norm is would be great - appreciate the help! I'm seeing the below error after a clean install using the nix install script on a clean ubuntu 20.04 server. I was surprised that I didn't see this specific issue come up from some googling so was also wondering if it was uncommon to run nix in this scenario.
<procrastinatus>
tomberek: haha - it turns out that the issue was that it was not a clean install. Install works on a clean ubuntu system; and it now works as a re-install so long when I remove /etc/systemd/system/nix-daemon* (in addition to everything else) before the reinstall
<procrastinatus>
btw, there are a lot of files in many different places to remember to remove when uninstalling:
<cwpubDJ[m]>
What is the difference between `nix-env -i` and `nix-env -iA`?
<cwpubDJ[m]>
As far as I can tell they act the same
<clever>
cwpubDJ[m]: -i will search the .name attribute of every package, and install the "best match", while -iA gives an attrpath saying exactly which one to use
<cwpubDJ[m]>
How can I specify 'unstable' channel I added to nix-channel? `channel:nixos-unstable` seems to work but doesn't seem like the right way to do it
<cwpubDJ[m]>
* How can I specify 'unstable' channel I added to nix-channel? `channel:nixos-unstable` seems to work but that's not referring to my local channel (named "unstable") and doesn't seem like the right way to do it
<Reventlov>
tl;dr: don't use plugins for "1.35 (latest stable mediawiki)" on a 1.35 installation, but use the pre-packaged one included in the nixos installation
ml| has joined #nixos
n-osborn_ has quit [Remote host closed the connection]
ml| has quit [Ping timeout: 246 seconds]
n-osborne has joined #nixos
srk has joined #nixos
aaabbbbbbbbbb has joined #nixos
avaq has joined #nixos
<DigitalKiwi>
w.t.b. nix fetcher that uses selenium (or some other automater) does that exist/is it een possible?
<Izorkin>
Need help. let databaseActuallyCreateLocally = cfg.database.createLocally && cfg.database.host == "/run/postgresql"; in { With database.host = "127.0.0.1" error - cannot coerce null to a string
littlebenlittle[ has quit [Quit: Idle for 30+ days]
<supersandro2000>
we still don't know what the MBR tests want to tell us
__monty__ has joined #nixos
ml| has quit [Ping timeout: 260 seconds]
<lukegb>
usually "not much"
<jdelStrother>
I've been trying to get mysql80 (and others) compiling on aarch64-darwin. One of the stumbling blocks is rpcsvc-proto (https://gist.github.com/jdelStrother/fff35a29e05f4df49d43a89961ea91a7), but it's not obvious that rpcsvc-proto is even desirable if we're compiling with clang. (At least to me, a novice)
<jdelStrother>
The mysql package is fixable with, eg, `nativeBuildInputs = [ bison cmake pkg-config ] ++ lib.optionals stdenv.cc.isGNU [ rpcsvc-proto ];`. But would it be better to create some sort of meta-package that just stubs out rpcsvc-proto if we're not using gcc, rather than having to add that fix to every package that uses rpcsvc-proto ?
domogled has quit [Ping timeout: 260 seconds]
awmv has quit [Quit: Connection closed for inactivity]
stree has joined #nixos
<lukegb>
Hmm, rpcsvc-proto builds with clang on Linux; I think possibly you just want to detect Linux instead of detecting if it's a GNU compiler
<lukegb>
Is... whatever's relying on Sun RPC in MySQL... supposed to work on macOS anyway?
<sterni>
lukegb: no way
zupo_ has joined #nixos
ml| has joined #nixos
zupo has quit [Ping timeout: 268 seconds]
philr has quit [Ping timeout: 260 seconds]
ml| has quit [Ping timeout: 268 seconds]
<supersandro2000>
jdelStrother: you mean mariadb or real mysql?
<supersandro2000>
jdelStrother: probably not. We would still need to validate it for most packages if there is no universal rule we can apply
fendor has joined #nixos
<jdelStrother>
supersandro2000: real mysql (mysql80)
meh` has joined #nixos
<supersandro2000>
I am asking because mysql is an alias to mariadb which got moved a yesterday IIRC
bahamas has quit [Ping timeout: 268 seconds]
<jdelStrother>
Yeah, this might be the impetus I need to finally switch to maria...
zupo_ has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<exarkun>
is it true that an option set to `mkDefault x` in two different places results in an unresolveable conflict, even the option is set to an override with a different (higher) priority in a third place?
<infinisil>
exarkun: Nope
Dotz0cat has joined #nixos
<infinisil>
Higher priority overrides all definitions with lower priority
<infinisil>
Only if there's a conflict on the highest priorities, there will be an error
<{^_^}>
DBCDK/morph#146 (by exarkun, 4 days ago, open): morph can't build a configuration using <nixpkgs/nixos/modules/virtualisation/amazon-image.nix>
nicoo has quit [Remote host closed the connection]
<CMCDragonkai>
Is there avahi-discover in nixpkgs?
mkDoku has joined #nixos
<exarkun>
CMCDragonkai: I think there's a ... systemd ... command that's equivalent. That I can never remember how to spell.
<Minijackson>
global imports, as you said (`<nixpkgs>`, and other things in the NIX_PATH), are replaced by per-project inputs, and IIRC it also prevents you from importing files outside of the git repository of your project
<Minijackson>
it also runs in a stricter mode, which prevents you from calling `fetchurl`, `fetchgit`, etc. without a sha256
<yaymukund>
interesting. i am on board for projects that need to be independently isolated, but it is less clear to me how this would affect nixos. is the whole os considered a 'project'?
stree has joined #nixos
<yaymukund>
i did not know nur existed lol
<Minijackson>
yes (by project, I meant "flake)
<Minijackson>
"
<Minijackson>
your whole configuration would be a single flake, which could import other flakes, like home-manager, nur, or other
<Minijackson>
well, technically, it would be one output of your flake
<Minijackson>
you can have multiple nixos configurations in a flake
<supersandro2000>
flakes also introduces some pain points like you need to add anything to git before it recognizes it, changed way to many commands to be incompatible and adds yet another lock file to update
ScottHDev has joined #nixos
<supersandro2000>
bash completions do not support the new commands
<supersandro2000>
and you could just use niv or point your nix channel do a directory to achieve an identically result without all the hassle
sangoma has quit [Ping timeout: 240 seconds]
<supersandro2000>
tbh right now just using niv is much easier and doesn't break everything but you need to be careful to work pure
<yaymukund>
that's good to know. i am aware flakes still have rough edges (& are fairly new?)
<yaymukund>
keep seeing stuff like "support for flakes is experimental and subject to change"
<sheijk>
supersandro2000: thanks. but pip install --user seems to be broken for me and others. I get "ERROR: Can not perform a '--user' install. User site-packages are not visible in this virtualenv.", and I see #66366 which _might_ be related, but I'm not sure
<q3k[m]>
i have some mild ceph knowledge, but not on nixos
orivej has quit [Ping timeout: 260 seconds]
_d0t has joined #nixos
<devhell>
I'm having trouble understanding how to bootstrap a cluster the NixOS way, obviously we have the services.ceph.* stuff, but that doesn't automatically provision the actual cluster. However, when I try to provision the cluster as it is stated in the official Ceph manual then I get issues. For example, when bootstrapping OSDs ceph-volume fails to enable and start the OSD because you obviously can't just
<_d0t>
ohai! I'm trying to build haskell language server on NixOS using cabal and I get this error: `can't load .so/.DLL for: libz.so`. I have zlib and zlib.dev in my systemPackages. How do I fix this?
<devhell>
create systemd-units on NixOS.
bahamas has joined #nixos
fuiltilt has quit [Quit: WeeChat 2.9]
<{^_^}>
[patchelf] @evenbrenden closed pull request #183 → Add --silent option for successful exit when doing --print-rpath on statically linked files → https://github.com/NixOS/patchelf/pull/183
andreas303 has quit [Remote host closed the connection]
andreas303 has joined #nixos
<infinisil>
sss2: No idea tbh, and I'm out of time for now
<lukegb>
I have some hacks to bring the cluster up since I'm using ceph-volume as well
<lukegb>
Basically, the official ceph documentation won't work, you probably want to either do exactly what the nixos tests do to provision the OSDs, or do something similar to my approach
<lukegb>
But there's a --no-systemd flag to ceph-volume that should get you most of the way through bootstrap
<devhell>
lukegb: yeah, I had a look at the tests, and while they're beautiful and the information in there is useful indeed, it doesn't scale well. My cluster has 4 machines and each has nearly a dozen disks, just for ceph, which makes the "long way" of provisioning them kind of problematic. Thanks for the --no-systemd flag hint, I'll try that! Are your configuration files available somewhere?
<lukegb>
devhell: my configs may not be the most useful for you in that case; I've got all the OSD IDs manually specified in my config, for instance :p
<devhell>
lukegb: Ah, thank you. I've not encountered that issue thankfully. :) I'll test what you've suggested and see how it goes.
qyliss has quit [Quit: bye]
<_d0t>
Where do I get pkg-config files for zlib? Zlib and zlib.dev don't seem to include zlib.pc
typetetris has joined #nixos
<typetetris>
Is there a way to look at the effective Xorg configuration? In `/etc/X11` there seem to be only parts of it. (NixOS of course.)
gustavderdrache has joined #nixos
<lukegb>
_d0t: Hmm, zlib.dev produces lib/pkgconfig/zlib.pc for me
<_d0t>
lukegb: oh interesting. Somehow then `pkg-config --libs zlib` gives me an error >_<
tomberek has quit [Quit: Connection closed]
qyliss has joined #nixos
<lukegb>
How are you testing it?
<_d0t>
I added zlib and zlib.dev to systemPackages, then I ran pkg-config
ScottHDev has quit [Ping timeout: 240 seconds]
<lukegb>
Ahhhh
<lukegb>
Yeah, that probably won't work
<_d0t>
nix-shell -p zlib.dev also doesn't help
<lukegb>
Hrm, how about `nix-shell -p zlib.dev -p pkg-config --run "pkg-config --list-all"`
<_d0t>
yep, zlib is there
<_d0t>
oh wow.. this way it works
<_d0t>
But not with pkg-config I have installed in systemPackages
<lukegb>
I think pkg-config might have to be in the same invocation, it *might* register a hook to set the PKGCONFIG_PATH or whatever the environment variable is
<_d0t>
this is some weird magic
ddellaco_ has joined #nixos
domogled has joined #nixos
<gustavderdrache>
development tools in nix aren't meant to be installed directly - they depend on a system of hooks and inputs in order to support builds in isolation
<_d0t>
I know. I kinda expected things to work at least on some level.
<_d0t>
That nix-shell thing still doesn't fix my problem with hls build :(
<gustavderdrache>
you'd need to specify all of the inputs for the thing you're building in the shell
<_d0t>
<command line>: can't load .so/.DLL for: libz.so (libz.so: cannot open shared object file: No such file or directory)
<gustavderdrache>
ahh
<lukegb>
Right, now you're missing actual zlib :p
<gustavderdrache>
zlib.dev is only the headers
<_d0t>
0_o b-b-b-but dependencies
<lukegb>
If you're trying to set up a specific development environment, then writing a small shell.nix can help make sure everything is consistent and all the hooks get applied
<lukegb>
Using mkShell from nixpkgs, etc
<_d0t>
Adding -p zlib didn't help
<lukegb>
Right, because now you're missing the magic that would set LD_LIBRARY_PATH or the rpath on binaries, etc.
<_d0t>
on nixos, stack ignores --system-ghc flag and instead tries to pull some predefined build of ghc. And if that's absent, it just gives you an error.
<_d0t>
so if you have the required version of ghc in your system but it has a different nix hash, stack will just ignore it.
<_d0t>
you can of course disable nix support in stack altogether with --no-nix, but this isn't ideal when you want nix for other packages
<_d0t>
maybe someone needs to fix this and then convince snoyman to accept the patch. And I don't know which part is harder >_<
m4tsa_ has quit [Ping timeout: 260 seconds]
<nbathum>
dang xD
<_d0t>
yeah.. some people have very strong opinions about nix
<_d0t>
or I could just fork stack and use my own version >_< as I do with some other packages
<nbathum>
do the patches just go into haskell-language-server? or other things also need patching?
<_d0t>
nbathum: I dunno. I just started. There's a bug I'm trying to dig into and I don't know whether it's HLS or some dependency like lsp.
<_d0t>
or are you talking about stack and nix here?
<nbathum>
the HLS code itself, you want to apply some patches and/or build a certain git rev?
stree has joined #nixos
<_d0t>
nbathum: yes. But new hls pulls new dependencies.
<nbathum>
ahh then even if you build new HLS you play whack-a-mole with all of its deps
bahamas has joined #nixos
ddellaco_ has quit [Remote host closed the connection]
<nbathum>
not sure I can help you in a reasonable amount of time. have used any of the other nixos comms? discord has a haskell channel. the discourse site has a lot of traffic
<sterni>
_d0t: overriding can be done by using haskellPackages.override { overrides = self: super: … ; } which returns a new haskellPackages set with the overrides applied
<sterni>
the self: super: fucntion works like nixpkgs overlays in principle
<sterni>
nixpkgs.haskell.lib has some addiotinally useful functions for this also
bahamas has quit [Ping timeout: 240 seconds]
mkDoku has joined #nixos
<fgaz>
is there a way to get the nix build root? $NIX_BUILD_ROOT isn't working for me
<fgaz>
the variable is empty
ddellaco_ has joined #nixos
ddellaco_ has quit [Remote host closed the connection]
<_d0t>
sterni: ouch... yeah, this seems like too much work
<sterni>
idk, depends on how much you have to override
<sterni>
but if you need a lot of stuff from git probably using cabal projects is more convenient
Tv` has joined #nixos
ddellaco_ has joined #nixos
nDuff has joined #nixos
<oxalica>
Hello. I'm writing a derivation of a compiler, it requires a gcc and link some target libraries at it's runtime. Is this correct to write `propagatedBuildInputs = [ stdenv.cc ]; depsTargetTargetPropagated = [ targetPackages.some-lib ];`?
bahamas has joined #nixos
dev_mohe has joined #nixos
n-osborne has joined #nixos
korrr[m] has joined #nixos
dev_mohe has quit [Client Quit]
acarrico has joined #nixos
dev_mohe has joined #nixos
<fgaz>
aha, $NIX_BUILD_TOP is defined
sangoma has joined #nixos
<fgaz>
some packages in nixpkgs are using NIX_BUILD_ROOT though. weird
ddellaco_ has quit [Remote host closed the connection]
<devhell>
lukegb: the ceph manual mentions that it is advisable to create a user that has root ssh access to all nodes in the ceph cluster, did you do that?
<djm>
Hi, I've been running nix on Ubuntu for a while, but since yesterday, everytime I run nix-env -u, it says pgrading 'nix-2.3.10' to 'nix-2.3.10-x86_64-unknown-linux-musl', and then any time I try to use nix-env -i/-u, it says error: attribute 'unsafeDiscardStringContext' missing, at /nix/store/cyn8j71rxcxk9i1si6wr06y6xm2gnpc7-nixpkgs-21.05pre280420.bc0144e5c9b/nixpkgs/lib/strings.nix:429:13 until I rollback
<feathers>
heya. could it be that nixos containers (have tested declarative, not imperative though) are missing a BindsTo=dbus.service? without that shutting down the system hangs at container stop because machinectl stop needs dbus to function
Qwerky has joined #nixos
<lukegb>
devhell: well, I have root access to all the nodes in the cluster already, but don't have a dedicated admin node
<andi->
feathers: might be the case. Those containers aren't really in a great state right now. Feel free to file a PR and maybe write a VM test that tests rebooting?
<feathers>
oh, that's a bit discouraging to hear. was planning on using them to isolate services from another :(
orivej has joined #nixos
<devhell>
lukegb: so ceph doesn't go away and try to execute commands on a different host once in a while?
<feathers>
(though to be fair they're probably in a better state than the archlinux hackery we're using right now)
<simpson>
feathers: Linux containers are not a complete isolation solution on their own; it depends on your threat model. Like andi- says, a VM test is probably a great intermediate step, since it'll allow you to be certain that your change is a fix.
<devhell>
lukegb: ah, excellent, thank you! :)
ManiacOfMadness has quit [Ping timeout: 260 seconds]
<devhell>
lukegb: sorry, just one more question, so when you set up the other machines in your cluster, were they able to reach the RADOS backend to get the map and stuff?
<sterni>
djm: nix-env -u and -i without -A try to infer the package you want from the package names which can break, seems like it is installing pkgsStatic.nix instead of nix
<feathers>
simpson: yup. we mainly want to isolate the parts of the filesystem services can see, they should be fine for that
<sterni>
djm: nix-env -u -A nix should at least upgrade nix like you'd want
<sterni>
the missing unsafeDiscardStringContext error could be about an outdated nix-daemon possibly
<sterni>
not sure
<feathers>
already verified in a local vm that binding dbus suffices, don't have an automated test though.
<feathers>
(also bound systemd-machined for good measure, that seems to be missing too)
<simpson>
feathers: Yes, but the venerable chroot() and traditional privsep can suffice if that's all that you want. Maybe easier than configuring containers; definitely simpler.
<djm>
sterni: thank you; I've been called away from my pc, but will try it when I get back
glguy has left #nixos [#nixos]
<typetetris>
Somebody here got a hp zbook to work with the thunderbolt docking station from hp under nixos and could give me some tips?
VideoGameEnjoyer has quit [Ping timeout: 240 seconds]
<fgaz>
Is there a SRI hash that's guaranteed to fail? I guess I could use she256-00000... but if there's a proper solution I'd like to use it
VideoGameEnjoyer has joined #nixos
bahamas has joined #nixos
<feathers>
simpson: it's not *just* that. would also like to set stuff like no-new-privs, though i guess we could just as well hack that into each service as a serviceConfig
<simpson>
feathers: Sure. I wish that Linux had pledge() or Capsicum or CloudABI or etc. in a way that didn't require going literally into the packet-filtering subsystem~
fendor_ has joined #nixos
<feathers>
that would be nice
<dutchie>
fgaz: have you looked at lib.fakeHash
<_d0t>
How do I switch the default version of GHC in NixOS? The one what is set as /run/current-system/sw/bin/ghc, I mean.
stree has joined #nixos
fendor has quit [Ping timeout: 240 seconds]
<fgaz>
dutchie: definitely better than a string! why is it in deprecated.nix though?
<feathers>
hm. does nixos not generate drop-ins for units at all? that would be a bit of a problem.
<dutchie>
fgaz: not entirely sure. i'm also somewhat confused that it imports `deprecated.nix` as `misc`
<fgaz>
by looking at the commit messages it does not look like deprecated stuff at all... weird
<Dr8128>
How can I give ncursesw as a dependency to a package? I want to give it as argument to my package fucntion but it does not work, probably because it is in rubyPackages.
veegee has quit [Read error: Connection reset by peer]
veegee has joined #nixos
MidAutumnHotaru has quit [Quit: Quit 啾]
zakame has quit [Ping timeout: 252 seconds]
MidAutumnHotaru has joined #nixos
zakame has joined #nixos
MidAutumnHotaru has quit [Client Quit]
MidAutumnHotaru has joined #nixos
mkDoku has quit [Ping timeout: 240 seconds]
domogled has joined #nixos
veegee has quit [Quit: veegee]
davidv7_ has joined #nixos
domogled has quit [Client Quit]
VideoGameEnjoyer has quit [Ping timeout: 268 seconds]
fliegendewurst[m has joined #nixos
domogled has joined #nixos
xourt has quit [Quit: Connection closed]
growpotkin has joined #nixos
ahmed_elgabri has joined #nixos
<feathers>
what's currently the recommended way of adding secret keys to the system configuration (that doesn't involve them being added verbatim to the store)? nixops looks alright in general, but we can't use that yet sadly.
<feathers>
(the thing we're using now uses age to encrypt secrets, add them to a global (unversioned) store, and this nixos config pulls them from there and decrypts them all at but into a /run directory. work, but seems rather clunky. does sort the dependency problem of reloading services when keys change though)
<hexa->
reference them by path if possible
ericsagn1 has quit [Ping timeout: 260 seconds]
ahmed_elgabri has quit [Ping timeout: 246 seconds]
<feathers>
i'd like them included in rollbacks if possible
<{^_^}>
#102397 (by davidak, 22 weeks ago, open): Can Systemd 247 "credentials" logic solve secret management for us?
<mindavi>
But not sure about the implementation details, unfortunately. So you'll have to look into that
mupf has quit [Quit: WeeChat 3.0]
mupf has joined #nixos
n-osborne has joined #nixos
nschoe has quit [Ping timeout: 268 seconds]
cosimone has joined #nixos
ericsagn1 has joined #nixos
<feathers>
hm, seems pretty in-flux and unfinished so far :< also systemd alone wouldn't solve the encryption needed to add keys to the store without leaking them. ah well, not too important anyway
mkDoku has joined #nixos
n-osborne has quit [Remote host closed the connection]
<mindavi>
Mm yeah, when I just looked at them there didn't seem much discussion about it, so seems like nobody has really picked this up (yet)
<mindavi>
And I guess it really depends on what you want to do if this is really a solution
n-osborne has joined #nixos
<colemickens>
yaymukund: the impurities of NIX_PATH make reproducing a nix build on another machine unnecessarily difficult. Flakes decreases the leaks around the hermetic seal. :)
<feathers>
i want to have keys as part of the nixos build, and to propagate changes in those keys to service restarts. keeping encrypted secrets in a repo and pulling them from there should do the first thing, decrypting them to a location that includes a hash (and exposing that hash in the nix config) should do the second. (i mean. we've built on a blog post
respawn_ has quit [Read error: Connection reset by peer]
ToxicFrog has joined #nixos
orivej has joined #nixos
zupo has joined #nixos
dev_mohe has joined #nixos
Henson has joined #nixos
<Henson>
I'm trying to resize the root filesystem of a NixOS virtual computer after expanding the underlying drive space. With a Debian system I would just boot into single user mode and remount the root filesystems as read-only, but that doens't appear to be working in NixOS, it complains about the filesystem being busy, presumably because of the /nix/store partition, which I also can't unmount....
<Henson>
does anybody have any suggestions as to how I might do this?
dev_mohe has quit [Client Quit]
<Henson>
I can't boot from a live CD or anything like that. I was hoping to be able to do this all from single-user mode.
<gchristensen>
Henson: what is the drive layout and filesystem?
<Henson>
gchristensen: a single partition with everything on it using ext4
<Henson>
gchristensen: normally I just use resize2fs, but the device's filesystem has to be unmounted (not possible) or mounted read-only (which is what I've done in the past with Debian and Ubuntu expansions)
<gchristensen>
I assume you can reboot?
<Henson>
gchristensen: yes
<gchristensen>
I think you want to set fileSystems.<name>.autoResize ` true
dev_mohe has joined #nixos
<gchristensen>
nixos-rebuild boot, then reboot
domogled has joined #nixos
tomberek has joined #nixos
<Henson>
gchristensen: is it safe to do this non-manually? Normally I do an fsck before to make sure everything's okay.
n-osborne has quit [Remote host closed the connection]
feathers has quit [Quit: Connection closed]
n-osborne has joined #nixos
<Henson>
gchristensen: just looking through the stage1 source code, it looks like it does an fsck beforehand.
domogled has quit [Remote host closed the connection]
Qwerky has quit [Remote host closed the connection]
turlando has quit [Ping timeout: 246 seconds]
avaq has quit [Ping timeout: 240 seconds]
<bbigras>
oh materialize. nice. it's like a ksqldb but in rust. for kafka.
Qwerky has joined #nixos
Qwerky has quit [Remote host closed the connection]
Qwerky has joined #nixos
Lord_of_Life_ has joined #nixos
<Henson>
gchristensen: it's a cloud VM whose virtual disks I expanded
Lord_of_Life has quit [Ping timeout: 260 seconds]
<gchristensen>
gotcha :)
Qwerky has quit [Ping timeout: 240 seconds]
Lord_of_Life_ is now known as Lord_of_Life
<Henson>
gchristensen: here's another issue. I need to resize the underlying partition before I can resize the filesystem. Doing it on a mounted filesystems caused parted to complain (perhaps it's safe to do so). Booting with boot.debug1mounts doesn't have parted, but does have fdisk which doesn't understand GPT partitions. I'm trying to find a way I can add parted and e2fsprogs into the initrd....
<Henson>
gchristensen: I see the stage-1.nix file has an option to copy the e2fsprogs files in when autoResize is enabled, but I'm trying to get parted in as well to make this resize as safe as possible. Ideally I would be able to do it manually.
<colemickens>
Is there actually a version of `fdisk` that doesn't support GPT still?
<colemickens>
I definitely use the command `fdisk` to edit GPT tables, idk what package I've installed though.
<colemickens>
but I also tend to do that (delete part, recreate part with full size) process on-line anyway.
* Henson
tries looking deeper
<colemickens>
Henson: aha, I have "gptfdisk" in my nixcfg, so its probably that package providing an enhanced fdisk.
<colemickens>
ymmv for whatever fdisk is available in that stage, it might just be busybox
<colemickens>
there are nixos options though that should automate this process, if that's something you're interested in
<azazel>
i use sfdisk when I have to do partition stuff from scripts
<Henson>
colemickens: gchristensen already pointed me in the direction of filesystem.<name>.autoResize, which gets me the second half of the way, but the first half of the way is resizing the underlying partition.
<sss2>
how to properly install nix on foreign host for multiuser usage ?
<colemickens>
`boot.growPartition` and `fileSystems.<fs>.autoResize`
<colemickens>
Henson: ;) ^
<colemickens>
indeed growPartion does use sfdisk
Tv` has left #nixos [#nixos]
cosimone has joined #nixos
erasmas has quit [Quit: leaving]
evils has joined #nixos
sangoma has quit [Ping timeout: 246 seconds]
jmeredith has joined #nixos
thblt has left #nixos ["ERC (IRC client for Emacs 28.0.50)"]
Qwerky has joined #nixos
proofofkeags has joined #nixos
jjakob has quit [Ping timeout: 260 seconds]
jjakob has joined #nixos
cosimone has quit [Quit: ERC (IRC client for Emacs 28.0.50)]
<Henson>
just completed the testing on the VM. I can run fsck.ext4 on an unmounted partition with the "boot.debug1devices" kernel boot option. Using parted to resize the partition while it's mounted doesn't seem to cause any problems (based on past experience I wouldn't expect it to, either). Then using "filesystem.<name>.autoResize = true" resizes the partition for me. Hooray!
<Henson>
now to try it out in production.............
* Henson
wishes he had a ZFS machine backing his production disk image like he does with his test virtual computer.
cosimone has quit [Quit: ERC (IRC client for Emacs 28.0.50)]
konobi has quit [Quit: konobi]
konobi has joined #nixos
aswanson has joined #nixos
Izorkin has quit [Ping timeout: 258 seconds]
Izorkin has joined #nixos
_d0t has quit [Quit: Konversation terminated!]
oxalica has quit [Quit: oxalica]
oxalica has joined #nixos
<benley>
hey is there any precedent for renaming existing package attributes in nixpkgs, with a deprecation warning like we do for nixos option renames?
Yaniel has joined #nixos
<aswanson>
do you folks have a rule of thumb on implementing a service that isn't in nixpkgs that seems to lean hard on docker? I have zero experience with docker but my impression is that nix and docker are two divergent attempts to solve the same dependency problem, but I have also seen that there are dockerTools in nixpkgs.
n-osborne has joined #nixos
<benley>
Some things are a pain in the ass to maintain in nix, and for those I tend to just use docker (e.g. home-assistant)
cinimod` has joined #nixos
<benley>
in fact home-assistant was the motivation behind writing the oci-containers module in the first place :-P
<lukegb>
iirc nix-shell -p ignores what you specify; it'll always use <nixpkgs>
<lukegb>
and nix-shell -A will effectively drop you into an environment in which you can build the attribute (but not one in which the built thing is available
stree has joined #nixos
CMCDragonkai2 has joined #nixos
<lukegb>
Unode: you can do something like `nix-shell -E 'with import <nixpkgs-unstable> {}; runCommand "shell" { buildInputs = [ obs-studio ]; } ""'` but, urgh