2017-05-25

<clever> is it modifying metadata on the ext4 image?
<clever> arian_: no, all builds must be done without root
<clever> trikl: --print-rpath i believe
<clever> rvolosatovs: i just left xorg all on defaults, and the login page is a bit messed up, but xfce does all the multi-monitor setup after login
<clever> trikl: either somebody did something impure and installed libcurl globally, or they didnt test things well enough when making the latest update
<clever> it just compiles a single c file directly to $out/bin/nix-repl
<clever> xificurC: here is an example that does almost exactly what you want: https://github.com/edolstra/nix-repl/blob/master/default.nix
<clever> xificurC: and -static doesnt work out of the box, because nix disables a lot of things needed for static linking
<clever> xificurC: also, your cd'ing into $src (which is read-only) and then doing gcc -o as-table, which writes to the current dir
<clever> trikl: and since your referencing ${curl.out} directly, it doesnt have to be in the buildInputs at all
<clever> trikl: ah, for libcurl, you want to patchelf it to include ${curl.out}/lib/ in the rpath
<clever> trikl: or modify things to put ${curl.out}/bin into PATH
<clever> trikl: something in the build process has to embed the result of $(which curl) into the output
<clever> trikl: buildInputs only controls what $PATH (and a few others) are at build-time, it has no direct effect on what is available at runtime
<clever> dash: for example, if the editor knows that something is an attrset, can it select the entire attrset and cut/paste without ever causing a syntax error?
<clever> dash: id also be interested in AST aware editing features
<clever> if the editor had an ffi
<clever> and if it was annotated with line/column positions, you can then highlight away
<clever> then you could reuse the code inside libnixexpr to get an ast
<clever> to make it into a string->ast->thunk process
<clever> https://github.com/groxxda/nixexpr i think this project was working on splitting the string->ast apart from the string->thunk logic
<clever> gchristensen: but it all seems to highlight right
<clever> gchristensen: one of the more complex areas ive seen is this: https://github.com/NixOS/nixpkgs/blob/master/lib/modules.nix#L19
<clever> ah, but there is a lang subdir
<clever> a lot are just on how nix-store behaves
<clever> but not all of those are going to be around nix syntax
<clever> gchristensen: next best thing i can think of are the nix testcases,https://github.com/NixOS/nix/tree/master/tests
<clever> gchristensen: its not in nixpkgs, but i do have https://github.com/cleverca22/not-os/blob/master/release.nix#L18
<clever> LnL: what was the nix-env flag to search by attribute path?
<clever> xificurC: nix-env can be weird at times, its often simpler to just assume it has an obvious name, nix-env -iA nixpkgs.shellcheck
<clever> "ShellCheck-0.4.6"
<clever> nix-repl> shellcheck.name
<clever> ah, yeah, that alias does exist
<clever> pkgs/top-level/all-packages.nix: shellcheck = haskell.lib.justStaticExecutables haskellPackages.ShellCheck;
<clever> case sensitive, and hidden in an attrset
<clever> i see it at haskellPackages.ShellCheck
<clever> but you could copy the whole file to your project, then change it, if you want to avoid modifying nixpkgs
<clever> simpler to just change the file directly
<clever> and while you could in theory use .overrideDerivation to change the installPhase on frameworks, you would have to copy/pasta the entire installPhase string, and change every ${sdk} in it
<clever> the only thing .override can affect, are the arguments passed in on line 1
<clever> it would have to be rewritten some to allow such an override to work
<clever> you have to directly modify that file
<clever> because frameworks and sdk are in the same let block, its imposible to override sdk
<clever> ah
<clever> luigy: what part of it do you want to override?
<clever> but the one in nixpkgs is still perl based, and is technicaly out of date
<clever> the buildEnv in nix is now c++ based
<clever> oh, its not even perl based anymore
<clever> and that buildEnv can be out of sync with the buildEnv in nixpkgs
<clever> gchristensen: for example, nix-env uses a copy of buildEnv, running on its own perl (the one nix was built against, not the one in the current nixpkgs)
<clever> gchristensen: in here are the paths to some core dependencies, that nix-channel and nix-env rely on
<clever> [clever@amd-nixos:~/apps/nixpkgs]$ nix-build '<nixpkgs>' -A nix
<clever> [clever@amd-nixos:~/apps/nixpkgs]$ cat result/share/nix/corepkgs/config.nix
<clever> when nix gets compiled, the output is hard-coded to use a certain shell for unpack-channel.nix
<clever> unpack-channel.nix is a bare derivation, that can build without nixpkgs providing things
<clever> gchristensen: yeah
<clever> -r--r--r-- 19 root root 23 Dec 31 1969 nixos
<clever> [clever@amd-nixos:~]$ ls .nix-defexpr/channels_root/binary-caches/ -lh
<clever> which fills in the binary-caches dir of the channels build
<clever> and uses nix-env to "install" the set of channels
<clever> it then passes the list of attrsets to unpack-channel.nix
<clever> all that does is add binaryCacheURL to the attribute set describing the channel
<clever> LnL: yeah, i feel that a well written package will use absolute paths for everything, and should run with ./result/bin/foo with nothing above the base-system installed
<clever> when i setup my own channel for the rpi
<clever> i'm going off info i got back in 2015
<clever> yeah, if you lack root, then nix will probably either ignore the extra binary cache, or complain about its signature
<clever> MichaelRaskin: a channel is just an http dir with 2 files, binary-cache-url and nixexprs.tar.xz
<clever> MichaelRaskin: channels can specify a binary cache
<clever> that defeats the entire point of nix
<clever> LnL: i tried to run the latest kdenlive in a nix-shell one day, and tracked the problems down to an older kdenlive already being in nix-env
<clever> LnL: it relies on propagatedUserEnv stuff, and also conflicts with older kde stuff from another version of itself
<clever> LnL: that reminds me, kdenlive refuses to run via ./result/bin/kdenlive
<clever> i currently have 7 glibc's in my ~/.nix-profile/
<clever> nix-env is the only tool that directly understands channels
<clever> there is also the weird part about how nix-env will obey $NIX_PATH, but never actualy try to use it by default
<clever> which just spams the profile and leaves 100's of GC roots behind
<clever> i also see people using nix-env to test new packages
<clever> danbst: yeah, thats why i always embed such things in config.nix
<clever> in the case of unzip, it will magicaly give the default unpackPhase zip support
<clever> in the case of cmake, it will replace the configurePhase with a cmakeConfigurePhase
<clever> it can then modify bash variables, and add new bash functions
<clever> gchristensen: as the stdenv goes over everything in buildInputs, it will check for a $foo/nix-support/setup-hook, and if found, it will source it into tbe bash doing the build
<clever> which can apply mutations to the stdenv
<clever> MichaelRaskin: yeah, no mention that putting your package into buildInputs makes the hook get sourced
<clever> it would be better to make them easy to find, and explain how they work, then to try and document the side-effects each one does
<clever> and a quick search says there are 64 setup-hook.sh's in nixpkgs
<clever> MichaelRaskin: cmake and unzip are missing, and it doesnt really say how setup hooks work
<clever> and some things, like setup-hook.sh, i havent seen mentioned anywhere in the documentation
<clever> i have made an example of what can be done with just nix alone, if you somehow provide it pre-compiled binaries (i cheated and used nixpkgs)
<clever> yeah, and there are 3 fairly seperate chunks, nix, nixpkgs, nixos
<clever> somebody else recently was confused as to why pkgs.writeTextFile couldnt write to his home directory
<clever> nixy: part of it is just convincing people that you cant just install gcc and openssl.dev, and expect it to work
<clever> then the linux nvme driver lives in the initrd on /boot, and grub wont care
<clever> if the EFI doesnt support it, you must put /boot on a different media
<clever> but if you slap an NVME->PCIE adapter into an older desktop, your out of luck
<clever> danbst: the EFI must support nvme then, for it to boot
<clever> and #grub confirmed, grub has no real nvme support, it expects the EFI to provide nvme drivers
<clever> just recently, i saw a blog post claiming grub master supported nvme, but a quick grep of the grub source showed no trace of nvme support
<clever> yeah, i often feel that docs can be out of date or just wrong, and the source cant lie
<clever> which just helps keep the plague alive :P
<clever> ah, this is where the extra <para> comes from
<clever> so you have to end the para you cant see, then start a 2nd one
<clever> the doc generator wraps every description as "<para>${description}</para>", and there must never be nested paragraphs
<clever> turns out, it must be like that
<clever> it looked like "foo</para><para>bar"
<clever> i once tried to correct some invalid xml in a documentation string
<clever> and last i looked, the example in the docs says to use builder, which disables 80% of the helper scripts in nixpkgs
<clever> step 1, dont make documentation require javascript to read
<clever> i only use xfce
<clever> https://nixos.org/nixos/options.html#systemd.services.<name>.path
<clever> or if its a systemd unit, add virtualbox to the .path attribute
<clever> use ${pkgs.virtualbox}/bin/ in the scripts, or use wrapProgram to add it to $PATH
<clever> vaibhavsagar: at runtime or buildtime?
<clever> sheenobu: try adding gcc to the list of packages
<clever> sheenobu: can you gist your nix expression?
<clever> google probably knows
<clever> there should be a path in $HOME that allows themes, just not sure where
<clever> Nobabs27: the stuff in ~/.config/ should also work
<clever> Nobabs27: i think themes can just go in environment.systemPackages

2017-05-24

<clever> Nobabs27: create a nix package that describes the fonts, and put it in fonts.fonts
<clever> Nobabs27: all i'm seeing so far is timezone info for monaco europe
<clever> let me check my system
<clever> dont know
<clever> Nobabs27: do you know if its part of a larger set of fonts?
<clever> there is an example on the page i linked
<clever> any package containing a font
<clever> Nobabs27: fonts have to be added to https://nixos.org/nixos/options.html#fonts.fonts
<clever> cryptoto1: its a nix expression, containing a single nix function, that returns an attribute set
<clever> i havent looked into how customize works yet
<clever> strange
<clever> nekroze: oh, and you can probably just use vimNox.customize
<clever> (vim_configurable.override { source = "vim-nox"; }).customize ...
<clever> nekroze: i think you want to use (vim_configurable.override { source = "vim-nox"; }) where you originaly used vim_configurable
<clever> nekroze: those lines appear to already be in all-packages.nix
<clever> you may need to unset NIX_REMOTE, there can be a difference between "" and null
<clever> digitalmentat: yeah, it should use the hook in that situation
<clever> but source is prefered, because some people mix up ". /foo" and "./foo"
<clever> . is an alias for source
<clever> yeah
<clever> the install script should have also said thats needed
<clever> but it may not be compatible with zsh?
<clever> normaly sourcing ~/.nix-profile/etc/profile.d/nix.sh handles it
<clever> Accord: ~/.nix-profile/bin/ has to be added to PATH
<clever> yeah, like that
<clever> meant to be on one line, oops
<clever> "
<clever> pmade: patchelf --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)
<clever> pie___: which will generate a bash script you can run on any linux machine, and it forcibly boots a nixos install env
<clever> pie___: and ive also written this: https://github.com/cleverca22/nix-tests/tree/master/kexec
<clever> pie___: there is also a "systemctl kexec" that reboots via kexec
<clever> pie___: nixos does have a kexec crashdump handler, but it just reboots nixos with less ram, and you need to manualy run kdump within that if you want to use it
<clever> ambro718: hardeningDisable = [ "format" ];
<clever> Infinisil: a digitalocean module can also be added similarly
<clever> digitalmentat: and nix enforces that by making you set the env variables for nix-daemon, not nix-build
<clever> digitalmentat: so the admin has to trust the build hook and the build machines
<clever> digitalmentat: the build hook provides the raw contents that land in $out, and an attacker could just run nix-build with a fake hook, and provide a fake build of sudo to insert into /nix/store
<clever> digitalmentat: have you set nix.buildMachines and nix.distributedBuilds?
<clever> digitalmentat: and there is a nixos option to do it all for you
<clever> digitalmentat: when nix-daemon is in use, you must set those env variables for the daemon, not the nix-build process
<clever> Infinisil: pushed a change to the kexec code, it will make it simpler to turn autoreboot off
<clever> digitalmentat: are you on nixos or another distro?
<clever> digitalmentat: i think it will default to remote building if any remote slaves are configured
<clever> trikl: open nix-repl '<nixpkgs>' and then eval "${curl.dev}" in the repl
<clever> that should also work, though it may need the ) moved a bit
<clever> imports = [ ((import <nixpkgs> {config={};}).fetchFromGitHub { ... }.outPath) ];
<clever> ah
<clever> nixos is probably detecting that as an attrset, and not trying to import it
<clever> it may need a 2nd import
<clever> and if you dont set config={}; it will import the ~/.config/nixpkgs/config.nix
<clever> so you need to use a 2nd nixpkgs, let pkgs2 = import <nixpkgs>{config={}});
<clever> nixos has to scan all imports recursively, to find the overrides passed to pkgs
<clever> Infinisil: once i get some food in the oven, i can try making a new justdoit
<clever> Infinisil: probably
<clever> edef: wiping the disk with fdisk and reinstalling everything
<clever> and having the vm unset that at install
<clever> i was thinking of making an extra safety to a script that auto-formats, you have to set a certain bit of userdata to allow it
<clever> ah
<clever> edef: do you know if a droplet can edit any of its own metadata?, like a additional tag
<clever> Infinisil: it will query http://169.254.169.254
<clever> Infinisil: so just downloading that and adding module.nix to the imports list will ensure the ip is always set right
<clever> it queries something over http at a 169.x.y.z ip, to find the right address
<clever> systemd-digitalocean will auto-configure it on bootup every time
<clever> and if the ip ever changes, it breaks
<clever> but if you clone the machine, it breaks
<clever> nixos-infect will parse /etc/networking/interfaces once, and setup nixos
<clever> ah, wasnt expecting a different name
<clever> edef: ah, that helps, was trying to find a copy
<clever> edef: hello
<clever> Infinisil: this used a DO API to query the correct ip, gateway, and netmask, so its always right
<clever> Infinisil: main thing missing is nathan7's DO configuration module
<clever> Infinisil: nixos-generate-config handles the corecount, sfdisk eats the entire drive if you omit size, and if you just set a rule that the droplet must only have 1 drive, its always vda?
<clever> Infinisil: in theory, that could be added to the kexec configuration.nix
<clever> and it pre-installs it into the nixos thats being built
<clever> Infinisil: this creates a bash script called justdoit, that does a full nixos install (ext4 based in this case)
<clever> Infinisil: something else that could be done, let me find it
<clever> Infinisil: yep, that looks like it covers everything
<clever> correct, only if its raid or mirror
<clever> detect, yes
<clever> yeah, that can also happen
<clever> MichaelRaskin: yeah, ive read the horror story about bad ram causing the zfs self-check to fail, and shred the entire disk
<clever> yeah, for a laptop, the best you can get is zfs send or a normal file based copy
<clever> or a regular old mirror
<clever> if there are more drives in the machine, zfs could be switched to a raidz1, and survive the loss of 1 disk
<clever> bkchr: i think you need to install both the unwrapped and the auto-start'd versions
<clever> pkgs/top-level/python-packages.nix
<clever> tomjaguarpaw: yeah, i think its python-packages.nix
<clever> bkchr: may need a tryEval then
<clever> near the top do let local_pkgs = import /home/clever/nixpkgs { config={}; };

2017-05-23

<clever> and delete the nixos.qcow2 in the dir you ran it
<clever> BlessJah: users.users.root.initialPassword = "hunter2";
<clever> BlessJah: nixos-rebuild build-vm -I nixpkgs=/home/clever/apps/nixpkgs -I nixos-config=./configuration.nix
<clever> yeah, if it depends on unfree stuff to do anything, just enable it in your own config
<clever> so every developer gets the same results
<clever> it helps to isolate the project from whatever the user has been doing
<clever> i usualy ignore the user config entirely
<clever> config wasnt meant to be merged, so you have to write your own code to handle it
<clever> yeah
<clever> the above will do allowUnfree=defaultConfig.allowUnfree; allowBroken=defaultConfig.allowBroken;
<clever> bigs: you want import (defaultConfig) allowUnfree allowBroken;
<clever> bigs: that still does defaultConfig=defaultConfig; which isnt what you want
<clever> then you can copy attributes like allowUnfree over with inherit
<clever> bigs: so (import <nixpkgs>{}).config returns the users default config
<clever> bigs: one interesting thing, is that pkgs.config contains the config set that nixpkgs loaded
<clever> bigs: line 3 sets config = config;
<clever> overlays is designed to take an array of things
<clever> and overlays may also be of use
<clever> bigs: this is the logic nixpkgs uses to load it
<clever> but if its not found, it will fail
<clever> bigs: config = (import ~/.config/nixpkgs/config.nix) // {...} is one option
<clever> bigs: ah
<clever> bigs: another option is to ignore config.nix entirely, and embed your own, import <nixpkgs>{config={allowUnfree=true;};}
<clever> when you import <nixpkgs>{};, it will automaticaly load config.nix from the default locations
<clever> tomjaguarpaw: basicaly, the nix expression placeholder "out" will return a magic string, that turns into $out at a later time
<clever> tomjaguarpaw: there is also a feature in nix master, that will solve this better in the future
<clever> tomjaguarpaw: this gives nix a chunk of bash to run before cmake, so the vars now get handled
<clever> tomjaguarpaw: preConfigure = ''cmakeFlags="${cmakeFlags} ...$out..." '';
<clever> tomjaguarpaw: and you dont need a custom configurePhase
<clever> tomjaguarpaw: cmakeFlags in the derivation
<clever> schoppenhauer: yes
<clever> schoppenhauer: services.xserver.desktopManager.xfce.enable = true;
<clever> line 6 is a malformed haskell override, that currently overrides nothing
<clever> comment out lines 6-10 and it should work again
<clever> "error: value is a function while a set was expected, at"
<clever> but line 6 changed haskellPackages into a function that takes 2 arguments
<clever> cement: cabal2nix references haskellPackages.cabal2nix
<clever> 706 cabal2nix = haskell.lib.overrideCabal haskellPackages.cabal2nix (drv: {
<clever> cement: yep, line 6 is to blame
<clever> so 100 would be cutting it very close
<clever> i'm using 94mb on my /boot
<clever> and potentialy any tools that are only needed at compile-time
<clever> chrishill: and installing it wont fix the compile problems
<clever> i'm trying to stay up past 2pm
<clever> uhhh, lol
<clever> after*
<clever> the digital ocean droplet only has 500mb of ram, and the initrd is 200mb before compression
<clever> gchristensen: ah, 500mb of ram isnt enough to kexec
<clever> can you pm me the user/host/pw?
<clever> Infinisil: and does the script output anything else when ran?
<clever> Infinisil: can you gist the contents of /kexec_nixos ?
<clever> Infinisil: what didnt work with my kexec trick?
<clever> nix will tell you if its somewhere it doesnt belong
<clever> yeah, in that one
<clever> the main { } that spans multiple lines
<clever> the one right after that
<clever> its mainly to help remove duplicates, so if your setting 20 different things under services. you can just put them all inside a service = { ... }; instead
<clever> and also foo = { bar = { baz = true; }; };
<clever> foo.bar.baz = true; is identical to foo = { bar.baz = true; };
<clever> so it has to go within the top most {} set
<clever> hardware is the top-level part
<clever> yes, and no
<clever> nope
<clever> tanonym: ive also worked on something similiar, https://www.youtube.com/watch?v=rIdPKzYTN-w
<clever> patchelf --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)"
<clever> or installed with nix
<clever> the ld.so path isnt right, they need to be patchelf'd
<clever> may*
<clever> but then it ma also depend on itself
<clever> ah