2020-08-12

<clever> 80 def get_ssh_flags(self, *args, **kwargs):
<clever> moet: yeah, that all looks correct
<clever> i suspect your misreading the state db
<clever> moet: yeah, looks like nixops doesnt believe there is a priv key tied to the machine
<clever> moet: can you pastebin the records from ResourceAttrs that tie a priv key to the machine? (and obviously censor the key)
<clever> lunik1: windd, windiskimager, and others
<clever> the iso already works on usb
<clever> lunik1: unetbootin breaks the nixos iso, just dd it directly to the usb
<clever> check `ps aux | grep ssh` while its asking for a pw?
<clever> moet: which backend is the machine managed by?
<clever> moet: does it say what args ssh got ran with?
<clever> if the nixops state doesnt have a key assigned to that machine, it wont do that
<clever> normally, nixops will use `-i` to change the path to the private key, to one in /tmp/
<clever> ah
<clever> that would explain things better then
<clever> moet: the ssh agent will leak in when using nixops
<clever> moet: nixops doesnt try to escape any args, so if you `nixops ssh host -v`, it will wind up passing that -v to ssh, and ssh will spew its logs

2020-08-11

<clever> bqv: not sure then
<clever> bqv: is the nix-store and nix-daemon on the remote end, the same version?
<clever> write(6, "\33[31;1merror:\33[0m\33[34;1m --- Error --- nix-store\33[0m\n\33[31;1merror:\33[0m\33[34;1m --- Error --- nix-daemon\33[0m\ninvalid operation \33[33;1m1408\33[0m\n", 141) = 141
<clever> bqv: and this error is happening near the end, but got truncated, `strace -s 200 -ff -o logfiles ...` will not truncate it
<clever> write(6, "\33[31;1merror:\33[0m\33[34;1m --- Err"..., 141) = 141
<clever> and yep, as expected, that ran `ssh host -x -a 'nix-store --serve --write'`
<clever> its not loading at all
<clever> bqv: and now ipfs is acting up
<clever> bqv: its the write side of a pair (4 is read) and the child proc 1540671 should be reading it, so we need 1540671's log
<clever> vfork() = 1540671
<clever> pipe2([4, 5], O_CLOEXEC) = 0
<clever> bqv: it sent data to fd 5, but the pipe was dead, so we need to go backwards, where was 5 made...
<clever> write(5, "\t\0\0\0\0\0\0\0C\0\0\0\0\0\0\0/nix/store/dyfl9"..., 10160) = -1 EPIPE (Broken pipe)
<clever> bbigras: iputils looks like the one nixos uses mainly
<clever> ,locate bin ping
<clever> bqv: try doing `strace -ff -o logfiles nix-copy-closure --to user@host` and then pastebin the main log
<clever> not sure whats wrong then
<clever> and it didnt print anything else?
<clever> bqv: if you `ssh user@remote nix-store --version`, what exactly does it return?
<clever> bqv: can you reproduce it with normal nix-copy-closure?
<clever> bqv: anything funky with the .bashrc on the remote end?
<clever> bqv: what are you even running, how was it built?
<clever> bqv: nope
<clever> Raito_Bezarius: go ahead
<clever> flythief: you can use `--option` to override any nix.conf entry temporarily
<clever> so prestart ran as root, and sudo can drop privs without being setuid root
<clever> yeah, that too
<clever> are you running as root or another user?
<clever> buffet: what User= is systemd running things as?
<clever> buffet: only the sudo in /run/wrappers can work for elevating perms,

2020-08-10

<clever> energizer: yeah
<clever> not sure whats breaking it now, try a garbage collect, to just blow away most things?
<clever> thats a different musl
<clever> energizer: anything funny about musl in /etc/nix/nix.conf or `nix show-config` ?
<clever> energizer: something is wrong with your $PATH
<clever> energizer: it should be pointing to the one in ~/.nix-profile
<clever> energizer: what about `which nix-channel` ?
<clever> for similar reasons to using `nix-env -r` earlier
<clever> energizer: you may need to wipe the channels profile also, `rm /nix/var/nix/profiles/per-user/clever/channels*`
<clever> you can re-install everything else you had in nix-env as normal, probably starting with reinstalling home-manager
<clever> now the nix binary is a valid thing in the store, and its less likely to brick itself
<clever> energizer: try `nix-env -r -i /nix/store/5rpv7k2a9w4ipgvwsramblhvkfp385sb-nix-2.3.7`
<clever> energizer: try doing nix-env -i /nix/store/5rpv7k2a9w4ipgvwsramblhvkfp385sb-nix-2.3.7
<clever> > "${nix}"
<clever> what does `which nix-env` return?
<clever> youll want to run nix-env -i, on the path to a nix binary, that doesnt match your current nix binary
<clever> ahh, that makes it a bit simpler to recover
<clever> energizer: is this nixos or another distro?
<clever> energizer: and the only way to recover from that is to run nixos-install from an install media
<clever> energizer: if you try to download that nix binary, it will delete itself first, and cause major problems
<clever> energizer: yep, but now nix will consider every single path in /nix/store to be invalid, including the nix binary itself
<clever> energizer: re-creating the deps would be difficult, and recreating the hash can cause problems if something is corrupted
<clever> energizer: db.sqlite contains a list of every entity in /nix/store/ and the hash of that entity, and what the deps of each one are
<clever> energizer: not easily
<clever> energizer: with that file gone, your entire /nix/ is basically toast, re-run nixos-install to build it from config again
<clever> nbathum: nixos-install is just a shell script to run `nixos-rebuild build` under a chroot
<clever> nbathum: oops, typo!
<clever> nbathum: nixos-rebuild is just a shell script to run `nixos-rebuild build` under a chroot
<clever> aveltras: that one
<clever> ,locate bin gsettings
<clever> ,tofu nature
<clever> also,
<clever> nature: and use nix-prefetch-url --unpack
<clever> nature: yeah, that wont work right, you want https://github.com/LukeSmithxyz/archive/de6fd85eeb544548ed5ad23a639eedd6af510036.tar.gz i believe
<clever> nature: what URL did you run it against?
<clever> nature: depends on what URL you point it to
<clever> nature: read the output, is it html or a tar?
<clever> pikajude: that would also work
<clever> pikajude: it will only re-upload (and fix the missing files) if a mass rebuild causes it to rebuild things
<clever> pikajude: hydra uploads to cache.nixos.org as builds finish
<clever> take the hash from $out, and stick it in the url you gave before
<clever> pikajude: grab an older nixpkgs rev, and eval a random package
<clever> see if the headers differ for older store paths
<clever> yeah, that does seem weird
<clever> its a relatively new compressing algo
<clever> pikajude: bingo, its brotli compressed json
<clever> {"version":1,"root":{"type":"regular","size":579972,"narOffset":96}}
<clever> [nix-shell:~]$ brotli -d < 7rvaglzhlx2q2dlnqi71nhj9z6n2jnay.ls
<clever> pikajude: the cache has been using this for compression of some stuff
<clever> > brotli
<clever> pikajude: which url?
<clever> the only other place i use it, is `with pkgs; [ a b c ];`
<clever> > let a = 1; b = {a=2;}; in with b; a
<clever> makefu: i think raw postgres access would be "best"
<clever> makefu: hydra can return json in the body
<clever> maralorn: i have a PR to nix, to log all IFD drv files to stderr, and plans to make it more usable in an automated manner
<clever> lunik1: `nix-store --verify --check-contents`
<clever> { column = 3; file = "/nix/store/6q0j9q6pkl6fxll32dr988jnbnvb6ji2-nixos-20.09pre237606.b50ef9afa11/nixos/pkgs/build-support/docker/default.nix"; line = 439; }
<clever> nix-repl> builtins.unsafeGetAttrPos "buildLayeredImage" dockerTools
<clever> potong: its in there

2020-08-07

<clever> jlv: nix cant download the tar, it instead tells you to open a url in your browser and dl, and you must accept the license to DL
<clever> jlv: oraclejdk and pkgs.requireFile
<clever> bqv: you can only see that detail leak out, if you builtins.trace in the right area, and look at the order of the traces
<clever> bqv: but behind the scenes, the keys are sorted by the order a key was first seen, globally
<clever> bqv: all pure functions return the keys sorted by the string
<clever> sounds like you need to redo things to be pure!
<clever> generate the script at build time, using bash?
<clever> can it not accept relative paths?
<clever> you want to modify your script to just use $NIX_BUILD_TOP instead of hard-coding the dir
<clever> exactly
<clever> simonpe^^: the env var only exists at build time, so builtins.getEnv cant read it
<clever> simonpe^^: $NIX_BUILD_TOP will be the build dir
<clever> typetetris: what does `date` return?

2020-08-06

<clever> dminuoso: is that the file you wanted?
<clever> [root@amd-nixos:~]# ls -ltrh result-dev/lib/modules/5.4.46/source/include/uapi/linux/ethtool.h
<clever> [root@amd-nixos:~]# nix-build '<nixpkgs>' -A linux.dev
<clever> run nix-build on the attr, and look with ls
<clever> dminuoso: but linuxHeaders has it in include, under <linux/ethtool.h>
<clever> dminuoso: the .dev of linux itself, has it in source, not include, so the stdenv wont find it automatically
<clever> linux.dev 68,911 x /nix/store/rrn7f5zmxv16wj5vbi9696f1apfj96lp-linux-4.9.23-dev/lib/modules/4.9.23/source/include/uapi/linux/ethtool.h
<clever> linuxHeaders.out 54,478 r /nix/store/ffr9zi9sdh1gw5gzmg5rnkkv9bkyz0nm-linux-headers-4.4.10/include/linux/ethtool.h
<clever> ,locate include/uapi/linux/ethtool.h
<clever> dminuoso: which header file do you need?
<clever> julianobs: patchPhase might work, to just sed the cabal file directly
<clever> julianobs: you need to pick a ghc that has the right base by default, or override the src to change the cabal file
<clever> julianobs: base is one of the boot packages, its version cant be changed easily
<clever> julianobs: doJailBreak cant recurse into if statements
<clever> julianobs: yep, i see the problem, the base version constraints are inside an if statement
<clever> julianobs: oops, ^
<clever> dminuoso: can you also add the microlens.cabal file? youll find it in /nix/store/ff8calfbfzm5i2pinviwhgfrwx9svd7m-microlens-0.4.10.tar.gz
<clever> dminuoso: ah
<clever> julianobs: can you also add the full error message to the gist?
<clever> dminuoso: linuxPackages.kernel.dev maybe, but what is haskell going to then do with the headers?
<clever> dminuoso: what do you need the headers for?
<clever> weird
<clever> asheshambasta: try to always use hself for callCabal2nix, does that help?
<clever> asheshambasta: can you pastebin the overlay?
<clever> bqv: if nix cant write to something under /nix/, it will try to use the unix socket
<clever> bqv: /nix/var/nix/daemon-socket/socket

2020-08-05

<clever> moet: use / to search, then scroll up and follow the line
<clever> moet: and there is also `nix why-depends`
<clever> moet: you can also run it on any output, or a result symlink
<clever> moet: point it at a .drv file
<clever> moet: nix-store -q --tree
<clever> matthewcroughan: https://imgur.com/a/QNy3uql
<clever> X11 just works, without any special config at all
<clever> thats what i'm using on my laptop
<clever> 00:02.0 VGA compatible controller: Intel Corporation HD Graphics 630 (rev 04)
<clever> matthewcroughan: any time kernel stuff is changing, you need to reboot for it to take effect
<clever> matthewcroughan: its in pciutils
<clever> ,locate bin lspci
<clever> matthewcroughan: single or dual-gpu?
<clever> matthewcroughan: try another card?
<clever> cole-h: an override to enable a certain driver for a weird gpu
<clever> depends on if the dependencies have changed or not
<clever> so it will always build that part
<clever> i think you also have an override against the mesa version, to force it to use certain drivers
<clever> matthewcroughan: looks like normal ./configure output
<clever> and i could only fix the 2d accel, by turning 3d accel off! lol
<clever> matthewcroughan: my amd card had horid 2d accel for months (like, i could watch `ls -l` redraw in realtime)
<clever> matthewcroughan: it depends on which card your using, and other factors
<clever> jasom: guess it needs some setuid then, or setcap
<clever> matthewcroughan: and if you try a version newer then that? (lower in the list)
<clever> matthewcroughan: 2019, still too old
<clever> you went too far back :P
<clever> you can also `git show` the hash
<clever> matthewcroughan: yes
<clever> matthewcroughan: `git log` will tell you
<clever> matthewcroughan: run `git show` on a revision, and youll see the commit date
<clever> matthewcroughan: unix epoch, seconds since jan 1st 1970
<clever> matthewcroughan: if you use overrides to mix versions together, it will silently not use cachix, because cachix doesnt have what you requested
<clever> matthewcroughan: if you pick a revision from the history file in https://channels.nix.gsc.io/nixos-unstable/ then you will have a good match for cache.nixos.org, and not have to rebuild anything
<clever> matthewcroughan: you can change mesa with an override, but damn near everything depends on mesa, so you would have to rebuild 80% of your software
<clever> matthewcroughan: the same way you used -I nixpkgs=/path/to/clone, but checkout an older revision
<clever> you have special access, because you can touch the drive
<clever> so you dont even need cdrom
<clever> yeah
<clever> jasom: it might be the fact that i signed in from a physical terminal (display-manager), so it knows i have physical access to the tray
<clever> jasom: there is something special on it, giving me rw, despite the owner/group saying i shouldnt
<clever> user:clever:rw-
<clever> [root@amd-nixos:~]# getfacl /dev/sr0
<clever> jasom: i can see the same + on my dvd drive
<clever> matthewcroughan: probably
<clever> brw-rw----+ 1 root cdrom 11, 0 Aug 5 06:32 /dev/sr0
<clever> jasom: lsattr?
<clever> what did that + mean, what does `stat /dev/sr0` say about it?
<clever> yep, the reboot did the trick there
<clever> jasom: if you run `id`, what groups are you in?
<clever> nix-repl> toString ~/.
<clever> "/home/clever"
<clever> but if you treat it as a string, such as "${./.}" or pass it to a derivation, it will copy
<clever> for extra fun, `toString ./.` wont copy, it will return an absolute path
<clever> but only when cast into a string, its still a path, so you could + "/../bar" to change your mind about which dir you want
<clever> ./. + "/foo" will copy only the foo subdir, rather then all of .
<clever> once cast into a string, yeah
<clever> "${./.}" will also force a copy
<clever> string + path will cast the path into a string (triggering the copy), and then append the path of the copy
<clever> path + string returns a new path, not yet copied to the store
<clever> it copied ./. into the nix store
<clever> numkem: it prefixed the path with foo, and now the path is invalid
<clever> "foo/nix/store/2l8rw29aqs2j1pzgcrapg0992phz0vx9-Documents"
<clever> nix-repl> "foo" + ./.
<clever> try that in `nix repl`
<clever> > "foo" + ./.
<clever> numkem: path + string always returns a path, but string + path will just turn into a mess
<clever> numkem: which is almost never what you want
<clever> numkem: `let var = "foo"; in ./prefix + "${var}"` turns inti `./prefixfoo`
<clever> numkem: ./prefix + "/${var}/suffix.txt"
<clever> its in the nix source, but gets ran by something in nixpkgs/nixos]
<clever> simonpe^^: thats basically how ~/.nix-defexpr/channels_root gets there
<clever> simonpe^^: use something in the global bashrc to mess with ~/.nix-defexpr/
<clever> github always generates a dir like that, named after the repo
<clever> ah
<clever> simonpe^^: it should just unpack the tar to a dir, but it may require that the tar contain a subdir, like foo/everythingelse
<clever> then you need to figure out what went wrong there
<clever> simonpe^^: and if you `cat /nix/store/lp0ivjq6spxys79a3dp727vpyma11n8m-source/default.nix`, its the expected content?
<clever> simonpe^^: in the `nix repl`, do `let url = "http://rco-sto-utv01:7990/rest/api/latest/projects/~SIMONP/repos/tools/archive?format=tar.gz"; in builtins.fetchTarball url`, what is the output?
<clever> try callPackages instead of callPackage?
<clever> simonpe^^: https://pastebin.com/WWFWGFm2 is in the root directory of the tar file returned by the url?
<clever> are you censoring the files?
<clever> somethings not right then
<clever> simonpe^^: if you eval `x` again, is it the same output?
<clever> simonpe^^: then your default.nix is returning one package, not a set
<clever> simonpe^^: `x = import ~/.nix-defexpr/unmanaged/rco` then `x` ?
<clever> simonpe^^: i would expect that to all work, if you do `nix repl ~/.nix-defexpr/unmanaged/rco` and then try to eval `uuu`, what do you get?
<clever> simonpe^^: can you pastebin that default.nix?
<clever> simonpe^^: why are you using callPackage? does the tar default.nix return a set or a package?
<clever> simonpe^^: what are the contents for rco/default.nix?
<clever> idontgetoutmuch[: you want just `nix-build -I nixpkgs=~/nixpkgs`
<clever> -p is only valid on nix-shell
<clever> idontgetoutmuch[: nix-build and -p arent valid together
<clever> simonpe^^: and then it will just fetch it dynamically, every time it evals
<clever> simonpe^^: you could just do: import (builtins.fetchTarball "https://...../archive?format=tar.gz")
<clever> idontgetoutmuch[: does your derivation name name = "shell"; ?
<clever> ly
<clever> but if you edit ~/.nix-defexpr/ yourself, it takes effect immediate
<clever> and `nix-channel --update` is what modifies ~/.nix-defexpr/channels_root/nixpkgs
<clever> nix-env just reads ~/.nix-defexpr/ every time you run it
<clever> nope
<clever> the `test` part of the dir is basically ignored, but lets you namespace things some, root manages channels_root, you manage channels, test is ignored by nix-channel (unmanaged)
<clever> simonpe^^: but as in my example, the foo/default.nix doesnt have to actually be nixpkgs/default.nix, it can be an expr, that imports it, via any means you have
<clever> simonpe^^: nix-env will recursively search ~/.nix-defexpr/ until it either finds a foo.nix or a foo/default.nix, then create a foo in a special set, nix-env -iA foo.hello then refers to that set
<clever> [clever@amd-nixos:~]$ cat ~/.nix-defexpr/test/foo/default.nix
<clever> import /home/clever/apps/nixpkgs
<clever> simonpe^^: one sec
<clever> not much you can do, other then host a nixexprs.tar.gz on plain http(s) elsewhere
<clever> simonpe^^: &dummyField=anything.tar.gz
<clever> matthewcroughan: the path to a git clone of nixpkgs
<clever> matthewcroughan: nixos-rebuild switch -I nixpkgs=/path/to/nixpkgs/repo/on/master/branch
<clever> idontgetoutmuch[: you probably just want `installPhase = ''.....`
<clever> last i heard, wayland can only do window capture, not monitor capture
<clever> and monitor capture in chromium
<clever> i also rely on too many X11 only apps, like obs-studio
<clever> ive not tried wayland out yet, and ive heard that its still heavily experimental
<clever> why do you want to use wayland?
<clever> unlikely
<clever> but if you dont want hw decode, dont do anything
<clever> to extraPackages
<clever> matthewcroughan: if you want hw accelerated video decode, add something extra
<clever> ive built chromium before, it takes 12 hours
<clever> 2020-08-05 03:20:03 < clever> the ; only occurs when you have a key = value; pair
<clever> the entire file boils down to { config, pkgs, ... }: { key=value; pairs=value; }
<clever> and thats just a value, so it doesnt have a ;
<clever> if you fix the indenting, its much more obvious that 6 and 67 are a pair
<clever> the intending is also wrong, making it more confusing to read
<clever> and there was another } that was there to begin with, that should have been left alone
<clever> thats the }; you should have removed
<clever> 2020-08-05 03:12:17 < clever> the }; that is at the same indent level
<clever> the }; is part of the config = {
<clever> but 7-67 is just a value
<clever> the ; only occurs when you have a key = value; pair
<clever> 67's } matches up to 7's { and that {} pair shouldnt have a ;
<clever> matthewcroughan: line 67 should just be a }
<clever> matthewcroughan: and also edit the name, so it ends in .nix, then github will syntax highlight
<clever> line 67 is missing from the gist, cant say whats wrong
<clever> matthewcroughan: yeah, that looks right
<clever> and its indented by one level
<clever> the config = { is in the chromium example
<clever> as the config = {
<clever> you dont have a config = { so you dont have to remove it
<clever> the }; that is at the same indent level
<clever> matthewcroughan: remove the config={ and matching };
<clever> matthewcroughan: if both options and config are missing, it will automatically wrap your entire module with config = { ... }; for you
<clever> matthewcroughan: all nixos modules have 3 top level keys, options, config, and imports
<clever> hardware-configuration.nix usually shouldnt be edited
<clever> oops, gist normally shows those
<clever> matthewcroughan: also, what i typed, is already in the example: https://github.com/colemickens/nixpkgs-chromium#usage-1
<clever> it has to deal with authentication, gist doesnt allow anon uploads