<slabity>
maier: Do you see the `menuentry` for those generations in `/boot/grub/grub.cfg` (near the bottom)
<slabity>
I think it's a bit difficult to paste something to a website from your bootloader :P
<slabity>
LnL: Stateless root setup?
<slabity>
tpw_rules: Could you have the libraries act as inputs to your derivation? That was it can be decided at build-time what libraries to pass in and which to keep default?
<slabity>
As in find the location of a binary?
<slabity>
Dadou: What do you mean by 'get a link on a file from nixpkgs?'
<slabity>
Can't blame em. GBM was perfectly fine and I don't see any benefit to egl-streams
<slabity>
But since everyone else only provides GBM support, then yea... Not many wayland options
<slabity>
notgne2: I believe you can use GNOME's wayland implemention on Nvidia. They provide egl-streams support
<slabity>
<insert linus flipping off nvidia>
<slabity>
If you want performance or proper power management you will need Nvidia's proprietary drivers. You'd just need to live with the issues caused
<slabity>
Nouvuea's not much better... Nvidia doesn't like to provide documentation, which makes performance really poor
<slabity>
zanc: What do you mean 'translate into nix'? What do you want the nix code to do?
<slabity>
`man configuration.nix` should give you a full list of settings. Then you can search for that `services.xserver.videoDrivers`
<slabity>
That might fix your issues. I doubt `nouveau` has multi-GPU support
<slabity>
You might want to try setting `services.xserver.videoDrivers = [ "nvidia" ]` to get the proprietary drivers.
<slabity>
Use `pciutils`
<slabity>
,locate lspci
<slabity>
`kvm-intel` is used for VMs if you are running an intel processor.
<slabity>
Can you try `lspci -vv` and see what it says for "Kernel driver in use" for your GPU?
<slabity>
Maybe try switching the 0 and 1
<slabity>
Honestly, if you're using Nvidia's proprietary drivers anything could happen with random xrandr commands
<slabity>
Absolutely no idea why that would make a difference, whether it was motherboard specific or whatever.
<slabity>
Also, apprently there can also be some strange behavior with multiple GPUs if you enable CSM in your BIOS. Not sure why, but my motherboard would not let me use both GPUs at the same time when I had CSM enabled. Had to switch to pure UEFI
<slabity>
KarlJoad: When I first login to my session, `xrandr` only shows the displays from one GPU at first. After I perform the above command, `xrandr` displays both GPU's displays and I can freely configure it rom there
<KarlJoad>
slabity: When you use just `xrandr`, do you have 2 screens or just 1?
<slabity>
Although I use 2 AMD gpus, so I'm not sure if Nvidia will work the same way :\
<slabity>
Might need to play with the options
<slabity>
For me, I use `xrandr --setprovideroutputsource 1 0` to get my second GPU working with a monitor
<slabity>
KarlJoad: Try using xrandr's `--setprovideroutputsource` option
<slabity>
Unfortunately I do not see anything in the NixOps manual about this
<slabity>
Can you use NixOps to setup and deploy nixos containers? If so, what do I need for `deployment.targetEnv`?
2019-11-13
<slabity>
`nix-store -q -- deriver /nix/store/...' just gives me '/home/slabity/deriver: No such file or directory'
<slabity>
So /run/current-system is a directory linked to a system-profile in the /nix/store. But it does not specify which .drv it came from. The command you just gave me does not seem to work.
<infinisil>
slabity: But if not, you can find out the .drv file for a non-.drv file with `nix-store -q --deriver /nix/store/..`
<infinisil>
slabity: Do the /nix/store files directly not work?
<slabity>
I do not see anything that indicates which .drv is linked to a specific profile
<slabity>
How do I find out which drv files are linked?
<slabity>
What do I give as arguments?
<slabity>
This is the first time I've heard of `nix-diff`. Let me see
<infinisil>
slabity: Can you `nix-diff` the system from nixos-rebuild and nixops?
<slabity>
Let me see if the LD_LIBRARY_PATHs contents match after each one...
<slabity>
infinisil: Yes. I even explicitly set my NIX_PATH on both commands
<slabity>
Specifically, applications fail with "Cannot parse arguments: Cannot open display:"
<infinisil>
slabity: Same nixpkgs version?
<slabity>
Same exact config
<slabity>
Strange issue: If I deploy with NixOps, I am unable to open up any Xorg windows after it finishes. However, if I use `nixos-rebuild` it goes back to working just fine...
<slabity>
So another question I had, is it possible to deploy single logical machines in a network instead of the entire network? Like pick-and-choose?
<slabity>
clever++
<slabity>
Ah, that seems to have fixed it. Thanks
<clever>
slabity: nixops can only access the ssh agent if the $SSH_AUTH_SOCK var is set right
<slabity>
No
<clever>
slabity: are you running nixops in the same terminal?
<slabity>
So I believe it took effect
<slabity>
clever: Did not seem to work. I can ssh root@localhost without a password now though
<slabity>
Oh, I generated a new one. Nevermind I'll try adding it
<clever>
slabity: does the key you added actually exist in /root/.ssh/authorized_keys ?
<slabity>
clever: It did not seem to work. The key was added just fine, but I still get the same error
<clever>
slabity: as the user that runs nixops, start ssh-agent, and do an ssh-add
<slabity>
clever: That did not seem to work... You mean login as root, start ssh-agent, and then add my user's id_rsa? Or something else?
<clever>
slabity: launch an ssh agent, and ssh-add your ~/.ssh/id_rsa
<slabity>
Oh, that makes sense. What would I need to do then?
<clever>
slabity: but if an ssh agent is running, those keys will leak into nixops and give it more power then it "should have"
<slabity>
Tried deleting root's .ssh directory, but no luck
<clever>
slabity: so it never loads ~/.ssh/id_rsa directly
<clever>
slabity: nixops will override the default private key location, to use its own keys
<slabity>
So NixOps is unable to ssh to localhost for me, even though I can ssh manually. Any ideas?
<slabity>
betaboon: Yes. Unless you can download an offline version of nixpkgs
2019-11-12
<slabity>
Oh nice. I did not know that project existed
<clever>
slabity: i'm just running full-blown nixos on a router, with 2 cpu sockets, and 8gig of ecc ram
<__monty__>
slabity: Yep, there's also some work on nixWRT.
<slabity>
Nixos on your router?
<slabity>
I need to refamiliarizemyself with nixops
<slabity>
Oh wait, nevermind. I was trying to destroy `mysystem` in the `mynetwork` deployment. Not the other way around
<clever>
slabity: can you pastebin the output of both commands and the commands themelves?
<slabity>
Yes
<clever>
slabity: does `nixops list` list `mysystem` ?
<aminechikhaoui>
slabity check nixops list, looks like you're passing the wrong deployment name
<slabity>
I can't stop or destroy the VM at all.
<slabity>
What exactly would cause this error for `nixops info -d mysystem`: "Exception: could not find specified deployment in state file ‘/home/slabity/.nixops/deployments.nixops’"
2019-11-11
<{^_^}>
slabity's karma got increased to 6
<evanjs>
slabity++
<slabity>
I'm just switching to use NixOps everywhere as that can access my user's password-store
<slabity>
evanjs: I just spent a few hours trying to figure that out. No luck
<slabity>
I wonder if I can write a PAM module to allow `nixos-rebuild` to access my `pass` store
<slabity>
Oh. Didn't think of that
<adisbladis>
slabity: Right, using PAM?
<slabity>
If you can think of a way to not use passwords, then by all means let me know :P
<slabity>
My use case is being able to verify authenticity of a person using nothing but a keyboard attached to the computer
<adisbladis>
slabity: I've mostly managed to avoid it for quite some time, everything that can be authenticated with keys are for example
<slabity>
Oh no, not my job. This is personal stuff
<gchristensen>
it sounds like we've gotten to meta for slabity and they're just tring to do their job or whatever
<slabity>
Okay, I get in an ideal world passwords are bad. But the world isn't ideal and I need to use passwords
<slabity>
And thus the circular issue of how to manage my passwords
<adisbladis>
slabity: What passwords though
<slabity>
I can't just put my passwords in my NixOS configuration though...
<slabity>
I want my stateful systems to be stateless though. It's not fair
<slabity>
Sounds like "stateless" password management in Nix is a bit messy...
<adisbladis>
slabity: It's equally messy as anything else
<elvishjerricco>
slabity: Not any moreso than any other distro
<slabity>
Sounds like password management in Nix is a bit messy...
<elvishjerricco>
slabity: It'd have the added benefit of addressing gchristensen's concern about rotating keys without rebuilding
<elvishjerricco>
slabity: I'm suggesting not doing that, but getting the secrets at runtime
<slabity>
evlishjerricco: Would that actually solve the issue? My problem is getting the password secrets at build-time
<adisbladis>
slabity: My solution so far in a few instances have been to use git-crypt and have a secrets.nix file with all secrets inside
<elvishjerricco>
slabity: You could set up a systemd service that runs pass and puts keys in places. You'd need to familiarize yourself with systemd-ask-password though, and GPG doesn't really like to take passwords from automated sources, so this would be rough
<slabity>
I'm looking for a more general solution for nixos, homemanager, etc
<slabity>
Regardless, it still only works with NixOps
<slabity>
tilpner: That's what I'm going, but it doesn't seem to work with anything except NixOps
<slabity>
Including Unix passwords
<slabity>
adisbladis: Everything that has a config option for a password? They're all over the place
<adisbladis>
slabity: Passwords for what?
<slabity>
And I'd prefer not going back to generating a dozen password files and pointing configs to them
<slabity>
How do other people manage their passwords for their nixos configurations? I've been trying to get `nixos-rebuild` to use `pass`, but it has not been going well
<elvishjerricco>
slabity: Careful. It works with NixOps because the secret files don't get put in the nix store. Nixos-rebuild doesn't have any equivalent functionality, so any secrets will probably be world-readable in the nix store.
<slabity>
Does anyone have `pass` integrated with their NixOS system?
<slabity>
Unfortunately I've run into an issue. If I run `sudo nixos-rebuild` it can't access my `pass` store. But if I run `nixos-rebuild` it fails to symlink the profile due to permissions.
<infinisil>
slabity: Gotta needa whole lot more details than just that to help
<slabity>
I'm having trouble getting a derivation to build correctly. It keeps failing to find a library, but one of the `buildInputs` is a package that includes that library. Is there something else that needs to be added?
2019-10-03
<clever>
slabity: what does `sudo id` report?
<slabity>
Nevermind. Looks like `root` isn't a trusted user for some reason... It was because of sudo
<slabity>
Any idea why it says I'm not a trusted user? Is it because of sudo?
<slabity>
warning: ignoring the user-specified setting 'extra-builtins-file', because it is a restricted setting and you are not a trusted user
<slabity>
In my `/etc/nix/nix.conf` I see the line "trusted-users = @wheel" and I can confirm my user is in the wheel group. However, when I try to `nixos-rebuild switch`, I get a bunch of warnings of the following:
2019-09-26
<emily>
slabity: I do both: mkpasswd -m sha-512 --rounds=500000 and put that in /etc/emily.shadow, then passwordFile = "/etc/emily.shadow" (quotes important or it gets put in the world-readable nix store)
<MichaelEden[m]>
slabity: yes either store it hashed or store a path to a file with the password
<slabity>
I have a Nix expression that evaluates to a plain-text secret password. How can I safely use that without it being exposed in the Nix store? Do I need to somehow run it through `mkpasswd` and use the `passwordFile` options instead?
2019-09-25
<slabity>
Thanks. I'll see if this works
<clever>
slabity: `nix show-config` also shows the result of parsing the config
<clever>
slabity: --option just lets you override any nix.conf entry
<slabity>
Oh... That makes a lot of sense...
<sphalerite>
slabity: if you add your extra-builtins-file setting to nix.extraOptions it should work
<slabity>
I have `nix.extraOptions == "plugin-files = ${nix-plugins}/lib/nix/plugins/libnix-extra-builtins.so"` and that works fine. But it only works if I pass `--option extra-builtins-file` when running it.
<slabity>
Hey guys, I' trying to get nix-plugins working on my system. Does anyone have experience with that? I'm not quite sure what needs to be added to my nix configuration.
2019-09-20
<slabity>
Oh. Windows can only be installed on a USB stick through their tool I believe. I don't think their ISO can be dd'd over
<slabity>
exfat is typically used for removable drives that don't need special extended attributes
<Taneb>
slabity: it puts a partial view of a directory into the nix store
<slabity>
Taneb: Using 'builtins.readFile' and 'builtins.toFile' won't work? I'm not familiar with the filterSource function
<Taneb>
slabity: I'm aware, but I have "builtins.filterSource filter ./." which none of the helper functions I can see help with
<slabity>
Taneb: There are helper functions that let you create derivations from the contents of a file or remote data
<slabity>
srhb: Yes, but I remember there was some LD environment variable that pointed to that... Now I don't have that variable for some reason...
<srhb>
slabity: Under NixOS I expect they're only in /run/opengl-driver/lib ?
<slabity>
Actually wait... Where is the environment variable? Wasn't there one that pointed to the opengl drivers?
<slabity>
But it should be in my LIBGL path, right?
<srhb>
slabity: I don't think that should cause it to be included in your profile.
<slabity>
I still have `videoDrivers = [ "nvidia" ];`, and I don't think I made any other configuration changes that would affect it... Why isn't it installed?
<slabity>
What I'm confused about is why that file no longer exists in my profile after updating...
<srhb>
slabity: Nix itself has no idea what files are in which package before building it.
<slabity>
Does it? I am not familiar with the internals of it...
<srhb>
slabity: As in, it checks Hydra builds to find the files in each attribute
<srhb>
slabity: Doesn't nix-locate rely on hydra information?
<slabity>
That's strange... I have `allowUnfree = true;` in my config but nix-locate can't find it
<slabity>
In general `systemctl` should be in your path. You can use `/usr/bin/env systemctl`
<Guest66>
slabity: I'm trying to find an Elvish article that may help you.
<slabity>
Guest66: Call it in a Nix expression? Or just in general?
<slabity>
How does everyone else manage their passwordFiles in a way that Nix can reach?
<slabity>
Would it be wise to put possibly variable files (specifically passwordFiles) in /nix/var?
<slabity>
Is there a proper way to install wine+mono? On the wiki I only see how to install wine
2019-09-16
<slabity>
averell: I did not know you could do that. That might be a better solution
<slabity>
__monty__: Yea, but they need to fix it locally before it can be pushed.
<__monty__>
slabity: Just lock down the remote branch. No need to do that locally?
<slabity>
qyliss: Stop my coworkers from accidentally commiting to master branch instead of a develop branch. It takes some time to fix and would be nice to be proactive in that regard
<slabity>
I would love to be able to set up a repo that denies local commits to the master branch
<qyliss>
slabity: no, you can do whatever you want with your own git repo
<slabity>
Removing the ability to commit to master - Does that happen even locally? Can you set up a git repo to require a new branch even if it won't get pushed?
<__monty__>
slabity: AUR maintainers aren't equivalent to nixpkgs committers.
<slabity>
Depends if you consider an AUR contributor an 'Arch maintainer'?
<slabity>
The more profiles you have, the more space will be used
<slabity>
Soo_Slow: The reason for this is because Nix will not delete packages being used by any profile. Even profiles that are not in use
<slabity>
I would very much like to move my modules/overlays to be flakes
<slabity>
niksnut: Is there any other information on them? The last update I saw on the proposal was a few months ago
<niksnut>
slabity: yes it's possible to use them
<slabity>
Are Nix flakes anything more than a concept right now? Or is it possible to make/use them now?
2019-08-28
<spinus>
slabity: if passwords are on one VM, I usually have script that generates passwords in files and giving access to processes that can read that file. If I need to setup some 3rd-party keys, for some use cases I have separate file in the repo with creds and using git-crypt
<slabity>
Anyone have a good method of managing password files and other non-public, possibly impure imports?
2019-08-26
<pie_>
slabity: yeah i cant tell whats going on, none of my code seems to directly cause that
<slabity>
Not sure what `fetchurl` expects to take in as an argument though.