2019-04-10

<clever> infinisil: previously, i put lvm on my luks, to share a single passphrase between swap and zfs
<clever> action: Enable all features using 'zpool upgrade'. Once this is done,
<clever> ahh yeah
<clever> and its already active
<clever> embedded_data looks like a handy feature for dealing with a lot of small files
<clever> encryption is not in my man page
<clever> send|recv could likely shuffle the data around within the pool, and de-feature it
<clever> the last one implies you can disable the feature if you simply destroy the datasets in question
<clever> This feature is active while there are any filesystems, volumes, or snapshots which were created after enabling this feature.
<clever> Existing pools where this feature is active can be imported.
<clever> Once the feature is active, it will remain in that state until the pool is destroyed.
<clever> `man zpool-features`
<clever> i believe the zpool man page says which ones
<clever> for some features, you can turn them off if you delete all data using them
<clever> though i dont see it in services.xserver.displayManager
<clever> would also result in lower resource usage when not logged in
<clever> AFTER you login, start X!
<clever> brick, ncurses, in tty7!
<clever> i have since come up with an idea on how to cheat, hard :P
<clever> gchristensen: related, the biggest problem i ran into with hsdm, was the gui for the login screen
<clever> a display manager written in haskell
<clever> infinisil: ive been thinking about reviving hsdm as well, have you seen that project?
<clever> __monty__: it still works great for me
<clever> services.xserver = { enable = true; displayManager.slim.enable = true; desktopManager.xfce.enable = true; };
<clever> _Geeko_: slim
<clever> i prefer xfce
<clever> (the nixpkgs steam package)
<clever> alexozer: thats basically what steam does
<clever> aswanson: and then i just configure it in xfce, plain drag&drop of the monitors to lay them out right
<clever> aswanson: at bootup, the login screen is somewhat mirrored, then when i do login, xfce takes over and fixes the config
<clever> aswanson: i just didnt configure the monitors in configuration.nix
<clever> and once you find commands that work, paste those into the nixos config
<clever> and it will complete as you would expect tab-completion to work
<clever> of note, you can just tab-complete the kernel and initrd commands in the grub shell

2019-04-09

<clever> _Geeko_: its basically the same as booting windows, just add the right grub config to extraEntries: https://gist.github.com/cleverca22/d378ea064720f059e742730d2296b2da
<clever> enteee: what about nixos-rebuild build-vm --fast ?
<clever> enteee: does the build still finish?
<clever> enteee: how exactly does it fail?
<clever> enteee: just add them to configuration.nix, like any other option

2019-04-08

<clever> bbl
<clever> i think its to play nice with [ -z
<clever> that same weirdness happens if you set an attribute of a derivation to a bool
<clever> > toString false
<clever> > toString true
<clever> but when nix turns bools into strings for a derivation, it gets weird
<clever> that is how nixos figures out what to run after `nixos-rebuild boot`
<clever> Myrl-saki: the bootloader you enable, will set `system,build.installBootLoader` and only one module can set it
<clever> Myrl-saki: one min
<clever> dhess: i believe the closure will still be in your bucket, due to the rule "Nix considers it an invariant that a binary cache has the complete closure for anything it contains..."
<clever> and its building all of nixpkgs, for 3-4 arches
<clever> dhess: the build slaves cached the fact that hydra.iohk.io has X, and then it didnt have X
<clever> dhess: half the reason we moved to S3, is because GC on hydra constantly broke builds
<clever> dhess: yeah, no GC planned currently
<clever> also, the full closure must be present
<clever> dhess: the .narinfo files can share a .nar.xz, so a recent .narinfo may refer to an old .nar.xz, which your lifecycle rule deleted
<clever> mabel: one sec
<clever> nix-env -i ruby is the weird one
<clever> glenndavy: nix-shell -p ruby, is identical to nix-env -iA nixpkgs.ruby
<clever> ,-A

2019-04-07

<clever> drakonis: the issues listed in that ticket will need to be solved
<clever> tilpner: nix-env -iA foo.hello will now use that dir
<clever> import /home/clever/apps/nixpkgs
<clever> $ cat ~/.nix-defexpr/test/foo/default.nix
<clever> lovesegfault: every attribute on a derivation becomes an env var
<clever> lovesegfault: thats one way
<clever> lovesegfault: youll need to add it to LD_LIBRARY_PATH
<clever> lovesegfault: maybe
<clever> ,locate libstdc++.so.6
<clever> just set options= and config=
<clever> mabel: you could define custom options, thats in the nixos manual
<clever> mabel: yep
<clever> mabel: home-manager is a module, so you can use the imports key to load more similar modules
<clever> you can always move back to 18.09 if you have trouble
<clever> then nix-channel --update and nixos-rebuild
<clever> monokrome: sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos
<clever> monokrome: what channel are you on?

2019-04-06

<clever> Myrl-saki: ah
<clever> jakov, MichaelRaskin: this allows dumpcap to run as root, but not wireshark itself, and thats enough to run wireshark as non-root and still capture packets
<clever> jakov: one min
<clever> Myrl-saki: yeah
<clever> Myrl-saki: that fake backup includes the full closure of a given path, but lacks the hashes
<clever> Myrl-saki: when qemu vm's have a writable store, they automatically import a fake backup of db.sqlite
<clever> ashkitten: i would be fine with that, just leave a comment near the version= reminding people to update it
<clever> yeah :(
<clever> samueldr: thats basically what the above PR did
<clever> yeah
<clever> ashkitten: i made this back in nov of last year, and the description says it includes netplay
<clever> ashkitten: ahhhh, i packaged faster melee, a fork of dolphin!
<clever> ashkitten: dang
<clever> and keeping .git causes an impurity that will randomly break fetching
<clever> ashkitten: but fetchFromGitHub is downloading a .tar.gz, which is much faster then `git clone`
<clever> ashkitten: i think you can set vars like DOLPHIN_WC_REVISION via the cmakeFlags
<clever> nope, wasnt me
<clever> i could swear i packaged dolphin-emu, where did i leave it...
<clever> ashkitten: i think i patched dolphin...
<clever> ashkitten: but its better to patch it to not need that
<clever> ashkitten: leaveDotGit

2019-04-05

<clever> the cmake setup hook is even doing that, based on other env vars you can set
<clever> ashkitten: you can use a chunk of bash in preConfigure to mutate the cmakeFlags env var however you want
<clever> ashkitten: preConfigure = ''cmakeFlags="$cmakeFlags $(echo whatever)"'';
<clever> so you can just use normal bash scripting in the phases
<clever> ashkitten: nearly all derivations are just chunks of bash script to be ran
<clever> ,escape"
<clever> gchristensen: more the lib.range then the zip i think
<clever> gchristensen: ahh, off by one!
<clever> although, tests already contain logs with timestamps...
<clever> gchristensen: i can also see why my pcap trick wouldnt be accepted as a blanket change to nixos tests, https://r13y.com/
<clever> maybe a weird net split?
<clever> hmmm, that wasnt us getting matrixed
<clever> and stage-2 cant find systemd
<clever> so if any fragment of the activation script fails, the entire activation script stops, and then /run/current-system isnt created
<clever> immae: and near the top, it sets a trap for errors
<clever> immae: `cat /run/current-system/activate`, near the end, it updates /run/current-system
<clever> immae: one min
<clever> gchristensen: and its also trying to auto-assign IP's to them for you
<clever> *looks*
<clever> gchristensen: oh, virtualisation.vlans is more extreme then normal vlans, that will isolate things even further
<clever> gchristensen: vlans arent needed, they just help isolate things so you cant hear the other nets packets
<clever> gchristensen: so the pcap files are available for download on hydra in the event of failure!
<clever> gchristensen: and lines 102-112, created a hydra-build-products file
<clever> gchristensen: this causes qemu to create pcap files for all traffic
<clever> immae: yeah, nixops also calls that perl script
<clever> gchristensen: ah, let me grab something that can help
<clever> gchristensen: hmmm, external has a prefix of 24 and is using a pair of 1.1.1.x IP's, will external only ever talk to other external machines?
<clever> gchristensen: if the prefix you configured doesnt match, then it will want to ARP the gateway instead, and route the packets via that, but you havent configured one
<clever> gchristensen: and then it will just fire out an ARP for any ip
<clever> gchristensen: if you just set a prefix length of 0, i think it will consider EVERYTHING as being on the "local" network
<clever> and because he rarely reboot, it worked fine for months, and he GC'd the working versions
<clever> i discovered that when helping somebody that tried to do network in his activation script
<clever> immae: then systemd isnt put into PATH, and stage-2 fails to find systemd!!
<clever> immae: the activation script is sourced, under `set -e` so if anything returns non-zero status, the parent script aborts
<clever> gchristensen: on the same subnet, or with a router?, the bittorrent.nix test uses a router
<clever> ah
<clever> then nix is the real primary, and bind just thinks its in control!
<clever> immae: you could also just not have secondary servers, make everything primary, and deploy them all with nixops
<clever> immae: activation scripts are overkill for this, and can brick the machine if you mess up
<clever> immae: just use a prestart on the bind service
<clever> immae: write a bash script that will diff the nix version of the file, against the "current" one, and if they differ, increment and sed it
<clever> immae: the only other option, is to handle that kind of thing at runtime
<clever> immae: you could also just make it an input, and manually increment it when you change the declarative part
<clever> simpson: if you enable pure eval, the attr wont even exist
<clever> and it will constantly re-sync the zone file, even if nothing has changed
<clever> immae: you could use this, but then it will never be the same build twice, and every nixos-rebuild/nixops deploy, will have something changed, and will have to restart bind after copying things
<clever> > builtins.currentTime
<clever> immae: never planned for secondary servers when i wrote it
<clever> immae: https://github.com/cleverca22/nix-tests/tree/master/ip-magic is some code i started writting to handle that
<clever> hyper_ch: i have 32gig of ram, and can easily GC the files in question
<clever> gchristensen: how else would you solve it? lol
<clever> gchristensen: i'm testing a derivation, that involves copying ~30gig to $out
<clever> gchristensen: and now a good reason to turn on dedup!
<clever> obadz: builtins.filterSource, and lib.cleanSource is a wrapper around it
<clever> obadz: one sec
<clever> iceypoi: ah, that must be new
<clever> linarcx: nobody has bothered ot make it work
<clever> linarcx: startx isnt supported on nixos
<clever> linarcx: not sure how that would be done on nixos
<clever> linarcx: how would you normally specify that in the config file?
<clever> samrose: or it may be a 32bit version
<clever> samrose: it may be an older version, due to upgrading things
<clever> capisce: that will basically be the same as nixos-rebuild (switch|boot), but rather then building, it directly uses an old version
<clever> capisce: /nix/var/nix/profiles/system-42-link/bin/switch-to-configuration (switch|boot)
<clever> capisce: double-check your partitions, do you happen to have 2 /boot's?
<clever> linarcx: it should already be in nixos-unstable, and it will be in 19.03 when that comes out
<clever> capisce: read the config files in /boot/, do they contain the generations you expect?
<clever> so it also will be missing from 18.09
<clever> wait, the pr was opened in march 7th, but not merged until november
<clever> linarcx: options.html may be from 18.03?, which was forked at the start of march
<clever> linarcx: it was added on march 7th of 2018
<clever> capisce: is /boot/ correctly mounted when you run nixos-rebuild switch?
<clever> linarcx: for for that are on lines 37-46 of the same file
<clever> linarcx: i think you want to set i18n.extraLocaleSettings
<clever> capisce: or ctrl+alt+f1 to get a normal text login
<clever> capisce: if graphical is up, you must use ctrl+alt+f8
<clever> srhb: your right, 7 is xorg
<clever> capisce: tty8 is the graphical interface
<clever> capisce: most linux machines only have tty1 thru tty7 started normally
<clever> samrose: you want to use nix to get the path to openssl, nix-build '<nixpkgs>' -A openssl is one way
<clever> too many sam*'s lol
<clever> samueldr: it is normal to see duplicates of packages, thats how nix works
<clever> mikky: dont quote the path
<clever> samueldr: but the above file isnt that bit
<clever> -rw-r--r-- 1 cachecache nogroup 120M Nov 13 21:01 /var/lib/cachecache/cachedir/0aw447l5f2zwf9lx23mq0vcaxmwscjah1l1hg277s6avmnjqqpln.nar.xz
<clever> samueldr: nas.localnet had a bug at one point, that would hang up clients after 60 seconds, if they failed to download the entire body within that time perior
<clever> and if you dont get enough bytes, it should properly register as a failure
<clever> usually a code 200 includes the expected size of the body
<clever> wpcarro: you can also add that expression to your file.nix, and then just nix-build it without any args
<clever> wpcarro: nix-build -E 'with import <nixpkgs> {}; callPackage <nixpkgs/nixos/lib/make-system-tarball.nix> { storeContents = [ { object = callPackage ./file.nix {}; symlink = "/thing"; } ]; }'
<clever> yep
<clever> make-system-tarball.nix will create the tar for you, and include a symlink pointing to a storepath so you dont have to guess what needs to be ran
<clever> wpcarro: the tarball doesnt need static linking, nor -qR
<clever> wpcarro: one sec
<clever> mojjo: you must also logout and login again for changes to groups to take effect
<clever> i did skip several lines to avoid spam, but yeah, i could have also reduced that to 1 line even
<clever> 88 extraGroups = [ "wheel" "wireshark" "vboxusers" "docker" ];
<clever> 85 clever = {
<clever> 84 users.extraUsers = {
<clever> mojjo: add yourself to the docker group
<clever> $ id
<clever> uid=1000(clever) gid=100(users) groups=100(users),1(wheel),72(vboxusers),131(docker),500(wireshark)
<clever> glenndavy: lines 6-12 looks like the arguments to pkgs.fetchgit, so whatever this gets passed to, must be modified to use builtins.fetchGit instead
<clever> glenndavy: can you pastebin the gemset.nix?
<clever> glenndavy: nix-prefetch-git isnt used directly by nix-build
<clever> glenndavy: what function is being used to fetch?
<clever> glenndavy: which file does the name of your private repo appear in?
<clever> glenndavy: you want to edit the nix files to use builtins.fetchGit instead of pkgs.fetchgit
<clever> glenndavy: builtins.fetchGit
<clever> tuelz: but it may be simpler to just run your own mysqld directly, with a non-standard path for its unix socket
<clever> tuelz: the difficult part there, is actually starting mysqld.service
<clever> though some users may be upset if you do things like `sudo rm -rf /` :P
<clever> your free to just run whatever you want there
<clever> tuelz: not directly, but the shellHook string is evaled in bash when you open nix-shell
<clever> mekeor: only of a few things, but i dont know anything about R
<clever> mekeor: yeah
<clever> mekeor: i suspect this is a design issue with the R language, and will plague every single R package
<clever> GalzuFromQ: nixos is basically taking the "compile everything" ideas from things like gentoo and maybe arch, but making things better and solving a lot of issues that gentoo style OS's can have
<clever> GalzuFromQ: aarch64 is in the /topic
<clever> mekeor: this is reminding me of reverse engineering malware that doesnt want to be debugged, lol
<clever> so how is the lib even containing that string, to do the lookup!?
<clever> yet it appears in all translation files, so the english string is a key used for lookups
<clever> mekeor: ok, this is even more puzzling, the error messages dont appear in any library or executable, only the translation files
<clever> Binary file result/lib/R/library/translations/pl/LC_MESSAGES/R-base.mo matches
<clever> [clever@amd-nixos:~]$ grep -r --color 'was not found on this platform' result/
<clever> mekeor: what exactly is the <- syntax doing here?
<clever> which <- "/nix/store/ckd1dy6llxr1s17f9x27p9jwzdanl5yx-which-2.21/bin/which"
<clever> mekeor: where was the pastebin with the generated file, after @WHICH@ was sapped?
<clever> mekeor: that just stops the compiler from looking under /usr/local/include/
<clever> mekeor: you can do that, just by doing `echo ${which} > $out/nix-support/ugly-hack` in the postInstall hook
<clever> now to compare it against the src you linked...
<clever> `system` does appear here
<clever> [nix-shell:~]$ objdump -d result/lib/R/lib/libR.so | less
<clever> `system` doesnt appear in that file
<clever> [nix-shell:~]$ objdump -d result/lib/R/bin/exec/R
<clever> mekeor: so which isnt a runtime dep, and nix wont install which for you
<clever> mekeor: the problem, is that the path IS currect, but nix doesnt see the string in the binary
<clever> [clever@amd-nixos:~]$ nix-shell -p
<clever> strace agrees with that
<clever> and then leave args splitting up to sh
<clever> its using system(), that is a glibc function to run "sh" "-c" "...."
<clever> ans <- suppressWarnings(system(paste(which, shQuote(names[i])),
<clever> yet R is somehow coming up with that path, to run execve
<clever> mekeor: nope, i also cant find it
<clever> mekeor: nix-build '<nixpkgs>' -A R
<clever> mekeor: and even some 32bit little-endian ones!!
<clever> January
<clever> %a %b %e %H:%M:%S %Y
<clever> [clever@amd-nixos:~]$ nix-store --dump /nix/store/qkvh3q7076dk3bhb69s9cp6ksl78mf41-R-3.5.2 | strings -e L
<clever> mekeor: and some 16bit little-endian ones
<clever> Rlogo
<clever> Proof Setup
<clever> [clever@amd-nixos:~]$ nix-store --dump /nix/store/qkvh3q7076dk3bhb69s9cp6ksl78mf41-R-3.5.2 | strings -e l
<clever> mekeor: i can see a few 16bit big-endian strings
<clever> Officejet Pro 8500 A909g
<clever> Camera RGB Profile
<clever> [clever@amd-nixos:~]$ nix-store --dump /nix/store/qkvh3q7076dk3bhb69s9cp6ksl78mf41-R-3.5.2 | strings -e b
<clever> mekeor: oh, this may help, to check every file at once
<clever> [clever@amd-nixos:~]$ nix-store --dump /nix/store/qkvh3q7076dk3bhb69s9cp6ksl78mf41-R-3.5.2 | hexdump -C | less
<clever> mekeor: ````which` does not appear in annnny of those files
<clever> [clever@amd-nixos:~]$ ls -lh result/bin/R result/lib/R/bin/exec/R result/lib/R/library/base/R/base*
<clever> same store path*
<clever> mekeor: thats in the same directory as the R binary, so the grep i did would have checked it
<clever> lrwxrwxrwx 1 clever users 51 Apr 4 21:14 result -> /nix/store/qkvh3q7076dk3bhb69s9cp6ksl78mf41-R-3.5.2
<clever> mekeor: what path is that base library at?
<clever> no results are found anywhere
<clever> mekeor: that will search every path that R depends on, and every file in those paths
<clever> [clever@amd-nixos:~]$ grep -r --color "gzr90dn7yygxa40i90wn" $(nix-store -qR result)
<clever> [clever@amd-nixos:~]$ nix-build '<nixpkgs>' -A R
<clever> mekeor: its not in any library the R binary depends on either
<clever> mekeor: that could be it, we will need to research that
<clever> mekeor: that string doesnt appear anywhere in the binary
<clever> mekeor: cant see how its finding that string
<clever> mekeor: the result of running strace without any filter
<clever> [pid 21208] execve("/nix/store/gzr90dn7yygxa40i90wnh7r9g06pfd43-which-2.21/bin/which", ["/nix/store/gzr90dn7yygxa40i90wnh"..., "sh"], 0x2329008 /* 93 vars */) = 0
<clever> [pid 21207] execve("/bin/sh", ["sh", "-c", "/nix/store/gzr90dn7yygxa40i90wnh"...], 0x21d8ab0 /* 92 vars */ <unfinished ...>
<clever> mekeor: i see some mentions of which, but not the storepath that is giving trouble
<clever> [clever@amd-nixos:~]$ strings result/lib/R/lib/libR.so | grep which --color
<clever> result/lib/R/lib/libR.so
<clever> libR.so => not found