2019-09-18
09:32
<
clever >
but that might leak into swap, depending on system conditions
09:32
<
clever >
Ariakenom: only in ram, in the scrollback history of your terminal emulator, which is usually gone once you close the terminal
06:08
<
clever >
(if nothing else happens to also be needing it)
06:07
<
clever >
and once `meacs.root` is deleted, you can GC emacs
06:07
<
clever >
`nix-build '<nixpkgs>' -A emacs -o emacs.root` will create an `emacs.root` symlink
06:07
<
clever >
use nix-build instead, to just build things
06:07
<
clever >
if you dont want something rooted jsut yet, dont give it to nix-env
06:07
<
clever >
and nix is keeping things around incase you choose that action
06:06
<
clever >
ctp: because you may choose to roll forwards instead, to redo those actions
05:58
<
clever >
but your better off just doing your install in an atomic manner, so it either happens, or doesnt
05:57
<
clever >
`nix-collect-garbage -d` is the nuclear option, to just get rid of all ability to undo actions
05:57
<
clever >
and you still have the option to rollback to that generation
05:57
<
clever >
that path cant be deleted, because an older generation refers to it
05:56
<
clever >
ctp: and nix is holding on to the old emacs, incase you choose to `nix-env --rollback` to undo the last action
05:56
<
clever >
ctp: that is exactly what generations and rollbacks are for
05:46
<
clever >
ctp: why do you want to entirely delete the package? it shouldnt be harming anything
04:54
<
clever >
lrwxrwxrwx 1 clever users 16 Aug 6 19:57 /nix/var/nix/profiles/per-user/clever/profile -> profile-453-link
04:53
<
clever >
thats the whole point of this room
04:52
<
clever >
Guest66: mkForce can do that, but then you loose a lot of the merging logic between your own files
04:50
<
clever >
Guest66: it already does that out of the box, just set it without trying to merge
2019-09-17
22:32
<
clever >
tyrion-mx: you can use the above 2 things as examples of dealing with the few native deps you run into
22:32
<
clever >
flow-bin ships a pre-compiled ELF that has to be patchelf'd
22:32
<
clever >
notgne2: node-sass compiles some c++ against nodejs
22:31
<
clever >
notgne2: i have an example of yarn2nix, which involves some c++ code
21:54
<
clever >
tyrion-mx: nix creates a tmpdir for you, and your already cd'd into it when your buildCommand starts
21:54
<
clever >
tyrion-mx: the current dir
21:52
<
clever >
tyrion-mx: whatever the nodejs stuff is in
21:52
<
clever >
tyrion-mx: yarn2nix also accepts a yarnLock argument, so you can pass that without having to fork the repo
21:51
<
clever >
then use that one
21:51
<
clever >
tyrion-mx: you can probably just run `yarn install` to generate a `yarn.lock` file
21:50
<
clever >
tyrion-mx: yarn2nix uses yarn.lock instead
21:49
<
clever >
turtlerabbit: libredirect is an LD_PRELOAD library, that can remap all filesystem access, without a chroot or container
21:49
<
clever >
turtlerabbit: then you want libredirect, look at the teamcpeak client
21:48
<
clever >
lrwxrwxrwx 1 clever users 60 Aug 6 19:57 /nix/var/nix/profiles/per-user/clever/profile-453-link -> /nix/store/69khyarmij2n9xwwsq00apghnpwfsyvx-user-environment
21:48
<
clever >
v0|d: yeah
21:46
<
clever >
turtlerabbit: thats in a few packages, like skype i think
21:46
<
clever >
turtlerabbit: that would also work
21:46
<
clever >
v0|d: nix copy --from local?root=/mnt /nix/store/hash-name
21:45
<
clever >
v0|d: ah, if its only mounted, nix copy is better
21:45
<
clever >
turtlerabbit: you can also use pkgsi686Linux.crossover maybe
21:43
<
clever >
turtlerabbit: you need to add `--argstr system i686-linux` to tell nixpkgs to be 32bit
21:43
<
clever >
v0|d: you likely want to read what .nix-profile is pointing to, then use nix-copy-closure to copy that storepath over, then nix-env --set /nix/store/foo to set your profile to point to that
21:42
<
clever >
turtlerabbit: how did you drop into the nix-shell?
21:42
<
clever >
v0|d: are you moving it to another machine?
21:41
<
clever >
turtlerabbit: how exactly is it not working?
21:41
<
clever >
> "${pkgs.pkgsi686Linux.hello}"
21:40
<
clever >
tyrion-mx: you may also want to look into yarn2nix
21:40
<
clever >
tyrion-mx: if pkgconfig is in the buildInputs, it will fix PKG_CONFIG_PATH and add -L flags for you
21:39
<
clever >
v0|d: this symlink in the home dir is part of it
21:39
<
clever >
[clever@amd-nixos:~]$ ls -l .nix-profile
21:39
<
clever >
lrwxrwxrwx 1 clever users 45 Oct 11 2015 .nix-profile -> /nix/var/nix/profiles/per-user/clever/profile
19:29
<
clever >
laerling: i use `dig` to resolve things
08:00
<
clever >
boogiewoogie: what does `file` say about that path? how big is the file?
07:06
<
clever >
sb0: ive also had a different problem, where my router has lately just been refusing to route v6 packets, even with all the right flags set
07:05
<
clever >
sb0: i'll need to try that out later
06:29
<
clever >
so you can use the expr in nixpkgs, but the local src
06:28
<
clever >
that will load nixpkgs, grab the hello attr, then change the src to the current dir
06:28
<
clever >
with import <nixpkgs> {}; hello.overrideAttrs (old: { src = ./.; })
06:28
<
clever >
you could also do
06:27
<
clever >
then use `with import <nixpkgs> {};` and `src = ./.;`
06:26
<
clever >
which will use the callPackage in pkgs/top-level/all-packages.nix
06:26
<
clever >
you want to run `nix-build -A foo` in the root of the checkout
06:22
<
clever >
thats why the example i gave started as `with import <nixpkgs> {};` instead, so it doesnt need callPackage
06:22
<
clever >
,callPackage iqubic
06:03
<
clever >
iqubic: yes
05:59
<
clever >
iqubic: the buildInputs are present for every phase
05:54
<
clever >
iqubic: installPhase or postInstall
05:50
<
clever >
eclipse itself is written in java, so there must be a makeWrapper call handling that
05:49
<
clever >
if configure doesnt exist, add nativeBuildInputs = [ autoreconfHook ];
05:49
<
clever >
if configure exists, then you dont need ac
05:49
<
clever >
gcc is always provided
05:48
<
clever >
2019-09-17 02:16:45 < clever> iqubic: you just want `buildPhase = "./Make.sh";` and the default configurePhase will deal with configure
05:39
<
clever >
iqubic: only the default configurePhase does --prefix for you, if you manually ./configure, that wont happen
05:33
<
clever >
notgne2: probably
05:29
<
clever >
and yeah.... its perl
05:29
<
clever >
it doesnt escape " right, so any " in the ExecStart breaks things
05:28
<
clever >
that is meant for testing systemd things
05:28
<
clever >
the main issue (oh perl), is that i'm using the systemd.services.whatever.runner attr, which is a dynamically generated perl script
05:28
<
clever >
that (mostly) seamlessly lets existing nixos modules work in docker
05:27
<
clever >
notgne2: i could also add a thing to map over users.users, and auto-gen users
05:27
<
clever >
notgne2: the gist i linked above, is a docker-specific case, where i translate all systemd.services entries, over to runit services, then tell docker to run runit
05:24
<
clever >
notgne2: de-perl'ing and de-systemd'ing is what i started not-os for
05:23
<
clever >
notgne2: you could eval system.activationScripts.users, but that is the very thing that depends on perl
05:22
<
clever >
notgne2: what parts of the setup are you relying in?
05:21
<
clever >
if you want to run systemd
05:20
<
clever >
notgne2: init is responsible for running systemd, so it needs to be present at all times
05:17
<
clever >
notgne2: what are you generating in runAsRoot?
05:17
<
clever >
also, read Make.sh, and see what its doing, it may be something you want to bypass
05:16
<
clever >
iqubic: you just want `buildPhase = "./Make.sh";` and the default configurePhase will deal with configure
05:16
<
clever >
iqubic: that is the
*default* prefix, --prefix=$out will fix that, which nixpkgs does automatically
05:14
<
clever >
notgne2: but i believe nix is generating a new layer when doing that qemu stuff, so GC wont help
05:13
<
clever >
notgne2: i dont think chroot can be used in the nix sandbox, runAsRoot gets around that by booting qemu with the docker image mounted
05:04
<
clever >
4 if you count nixops
05:04
<
clever >
anything involving pkgs, lib, or the stdenv, is part of nixpkgs
05:04
<
clever >
nix is just builtins.whatever, the basic syntax, and the shell commands
05:03
<
clever >
iqubic: makeWrapper and phases are part of nixpkgs, so they will be in the nixpkgs manual, not the nix manual
05:00
<
clever >
iqubic: are you sure you checked the manual?
05:00
<
clever >
notgne2: runAsRoot also generates a new layer, so anything you delete wont be deleted, as it will persist in previously layers
04:59
<
clever >
notgne2: runAsRoot is typically costly, and will harm performance, its best to not use it
04:58
<
clever >
notgne2: so nothing will be garbage
04:58
<
clever >
notgne2: and a GC wouldnt help, nix only copies the things you depend on into the image
04:56
<
clever >
iqubic: that should all be in the nixpkgs manual
04:56
<
clever >
notgne2: let me check my gists...
04:53
<
clever >
and maybe add src = ./.;
04:53
<
clever >
iqubic: i usually start with: with import <nixpkgs> {}; stdenv.mkDerivation { name = "name"; buildInputs = [ openjdk ]; }
04:44
<
clever >
iqubic: services.xserver.displayManager.sessionCommands = "export _JAVA_AWT_WM_NONREPARENTING=1";
04:41
<
clever >
`true` behaves a bit oddly in nix
04:41
<
clever >
_JAVA_AWT_WM_NONREPARENTING = true; in the nix should do that
04:38
<
clever >
id say thats a bug in the syntax highlighter then
04:37
<
clever >
i dont think they are
04:36
<
clever >
iqubic: _foo = "bar";
04:33
<
clever >
iqubic: every attribute you pass to mkDerivation becomes an env var
03:17
<
clever >
gyroninja: yeah, not really clear whats missing
03:10
<
clever >
gyroninja: does it say which jdk tools its looking for?
03:06
<
clever >
though thats identical to just plain `nix-shell -p openjdk`
03:06
<
clever >
iqubic: with import <nixpkgs> {}; stdenv.mkDerivation { name = "name"; buildInputs = [ openjdk ]; }
02:46
<
clever >
iqubic: buildInputs = [ openjdk ];
2019-09-16
22:14
<
clever >
tv: unicode might like to speak with you
03:27
<
clever >
dansho: with the current partition layout, you cant EFI boot, and must do legacy boot, which the configuration.nix is already setup for, you just need to make sure the firwmare is going to legacy boot, not efi boot
03:23
<
clever >
freeman42x: the iso is already a bootable usb image, just dd it directly to the root device of the usb stick
03:23
<
clever >
freeman42x: yes
03:22
<
clever >
freeman42x: that breaks everything, use plain dd
03:22
<
clever >
freeman42x: how did you write the iso to the usb stick?
03:17
<
clever >
so /boot is optional, and sda4 is an extended partition, you cant mount sda4
03:17
<
clever >
dos partition types cant UEFI boot
03:16
<
clever >
dansho: disk label type, not partition type
03:16
<
clever >
dansho: when you do `fdisk -l /dev/sda`, what is the disk label type?
03:14
<
clever >
dansho: what exact args did you use with mount?
03:13
<
clever >
dansho: if you mount sda4 to the nixos boot folder (/boot if your still inside enter, /mnt/boot if your outside), what files are inside that dir?
03:11
<
clever >
dansho: can you pastebin the output of `fdisk -l /dev/sda` ?
03:11
<
clever >
dansho: the uefi /boot will be fat32, so run `blkid /dev/sda*` and look for a fat32 fs
03:06
<
clever >
dansho: for uefi, you definitely have to mount /boot/
03:06
<
clever >
dansho: if you have a /boot partition, you must also mount that, at /mnt/boot/
03:04
<
clever >
dansho: did you mount /boot correctly before doing nixos-enter?
03:03
<
clever >
dansho: and is sda still your root device?
03:01
<
clever >
dansho: what was boot.loader.grub.device set to in configuration.nix?
02:59
<
clever >
dansho: try /nix/var/nix/profiles/system/bin/switch-to-configuration boot --install-bootloader
02:58
<
clever >
dansho: are you sure you used boot?
00:52
<
clever >
notgne2: can you pastebin the nix expr?
00:48
<
clever >
notgne2: that would imply its not adding anything new, which you have claimed it was
00:43
<
clever >
notgne2: if you build the toplevel twice, with and without that overlay, how do the paths differ?
00:41
<
clever >
notgne2: if you build the top-level drv, with nix-build, can you then compare the size of 2 of them with nix-store -qR ?
2019-09-15
23:33
<
clever >
Henson: buildFHSUserEnv
22:14
<
clever >
it should know the rev
22:14
<
clever >
nix-prefetch would have to be modified, to use the same name
22:13
<
clever >
then it will work with current nix
22:12
<
clever >
alexarice[m]: i would just put those things into the name of the drv
22:09
<
clever >
if it exists, then it makes no attempt to build it
22:09
<
clever >
then check if that already exists in /nix/store/
22:09
<
clever >
it will compute what $out should be, based on name and sha256
22:08
<
clever >
alexarice[m]: a fixed-output drv ignores all attrs other then name and sha256
22:07
<
clever >
infinisil: it should be able to generate the same name attr
22:06
<
clever >
but somebody changed the name to "source"
22:06
<
clever >
infinisil: the $out is based on the name and sha256, so changing the rev changes the name, and the $out, causing it to properly re-check
22:05
<
clever >
infinisil: originally, fetchFromGitHub would put the rev into the name
22:04
<
clever >
alexarice[m]: so nix doesnt rebuild the world when the version of git or curl changes
22:04
<
clever >
alexarice[m]: thats the point of a fixed-output drv
21:35
<
clever >
rotaerk: LD_LIBRARY_PATH needs to point into /run/opengl-driver/lib/ for opengl stuff to work
21:31
<
clever >
notgne2: and then why-depends on that path, outside of docker
21:30
<
clever >
notgne2: use nix-build outside of docker, against the toplevel expr you pass to buildImage
21:28
<
clever >
notgne2: why-depends can also help with perl
21:26
<
clever >
notgne2: use nix why-depends to track those down
21:26
<
clever >
notgne2: how big is your image, that 25mb is worth the trouble?
21:25
<
clever >
notgne2: if you use an overlay to modify glibc, then nix must rebuild EVERYTHING
21:24
<
clever >
notgne2: why do you want to use static linking in the docker image? it feels like it would increase the size
20:27
<
clever >
emily: look this up in the nixos options
20:27
<
clever >
systemd.services.<name>.environment
20:26
<
clever >
emily: yeah
19:55
<
clever >
and update the symlink on login
19:54
<
clever >
you could also have a static symlink, that points to the dynamic path
19:54
<
clever >
emily: i think if you set SSH_AUTH_SOCK before you run gpg-agent, it will obey that
19:51
<
clever >
then root can still use the yubikey
19:51
<
clever >
you could set the SSH_AUTH_SOCK env var, for nix-daemon, to point to your gpg-agent
19:50
<
clever >
why not just fix root to be able to use the build slave?
19:49
<
clever >
if it has +w to something in /nix, it wont contact the daemon, when in auto mode
19:49
<
clever >
if you run nix-build as root, it will behave in a single-user type mode
19:21
<
clever >
ah, ive not looked into how its being done
19:20
<
clever >
the rules still exist
19:20
<
clever >
and a udev thing is ran in stage-1
19:20
<
clever >
tilpner: i think its still "udev" (which got eaten by systemd)
19:19
<
clever >
tilpner: systemd is only ran late in stage 2
18:01
<
clever >
eyJhb: mkdir $out ; cd $out ; ln -sv ${hello} hello
17:59
<
clever >
eyJhb: the script in the ''string'' is responsible for creating $out, and whatever path is in $out will wind up in something
02:26
<
clever >
ah, its ignore-liveness
02:26
<
clever >
nix-store --delete [--ignore-liveness] paths...
02:23
<
clever >
j-em: if `--query --roots` only shows lsof, then try `--delete --force`
02:21
<
clever >
j-em: nix-env --delete-generations 9 11 ; nix-store --delete /nix/store/ihz9qxg66s0wpx9dlq9p4s54xi8bnq9y-vscode-1.38.0
02:18
<
clever >
j-em: nix-env -e 'vscode.*' then repeat the last 2 commands
02:17
<
clever >
j-em: ls -l /nix/var/nix/profiles/per-user/jeremyallard/profile
02:14
<
clever >
j-em: what about `nix-store --query --roots /nix/store/ihz9qxg66s0wpx9dlq9p4s54xi8bnq9y-vscode-1.38.0` ?
02:07
<
clever >
j-em: then you need to fix the ownership on /nix, so you own every file (sudo chown -R USER /nix/), and then re-do repair-path without root
02:05
<
clever >
j-em: single-user or multi-user? is nix-daemon running?
02:05
<
clever >
j-em: is this on nixos or another os?
02:04
<
clever >
j-em: sounds like your ssl ca files arent visible to nix for some reason
02:04
<
clever >
j-em: what does `date` return?
02:02
<
clever >
j-em: try running it as root?
02:01
<
clever >
j-em: yeah
02:00
<
clever >
dansho: yeah
01:59
<
clever >
dansho: and configure mint to not touch the MBR
01:59
<
clever >
dansho: you need to chroot into nixos, and run `nixos-rebuild boot --install-bootloader` to fix the bootloader back to grub
01:58
<
clever >
j-em: nix-store --repair /nix/store/ihz9qxg66s0wpx9dlq9p4s54xi8bnq9y-vscode-1.38.0
01:57
<
clever >
j-em: what does --verify report?
01:55
<
clever >
but dont use --force if it fails
2019-09-14
23:29
<
clever >
cant think of what else to check then
23:28
<
clever >
incognito9999: what do you see if you run pavucontrol?
23:28
<
clever >
incognito9999: is pulseaudio enabled?
23:15
<
clever >
and just reuses the old result
23:15
<
clever >
your telling it the hash of the result, and if you claim the hash hasnt changed, then it assumes the result hasnt changed
23:14
<
clever >
Melkor333: yes
23:04
<
clever >
maralorn: nice
22:42
<
clever >
maralorn: its generated in the same set of conditions that copy the headers
22:39
<
clever >
not sure, those might be able to use pkgconfig, if luv generated one
22:38
<
clever >
switching over would let you drop the submodules
22:38
<
clever >
which is why you needed fetchSubmodules
22:37
<
clever >
if you dont set that, it will build its own copy of libuv, making the build slower
22:36
<
clever >
maralorn: it will only do that if you -DWITH_SHARED_LIBUV
22:35
<
clever >
maralorn: this tells cmake to use pkgconfig to file a library
22:35
<
clever >
find_package(Libuv REQUIRED)
22:34
<
clever >
maralorn: i think you want something like: cmakeFlags = [ "-DLUA=Off" "-DBUILD_MODULE=Off" ];
22:33
<
clever >
maralorn: it will only install headers if both lua and build_module are false
22:32
<
clever >
maralorn: build_module defaults to on, lua will be printed early in the build
22:31
<
clever >
option(BUILD_MODULE "Build as module" ON)
22:31
<
clever >
MESSAGE(STATUS "LUA: " ${LUA})
22:31
<
clever >
maralorn: do you know what the lua and build_module flags are set to?
22:29
<
clever >
maralorn: can you link or pastebin the cmake file?
22:28
<
clever >
maralorn: you may just need to edit the cmake file then to do that
22:27
<
clever >
maralorn: is the cmake file setup to actually copy headers?
22:20
<
clever >
it works like this
22:20
<
clever >
87 #extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
22:20
<
clever >
89 #kernelPackages = pkgs.linuxPackages_latest;
22:20
<
clever >
kernelPackages is a set of all packages, not a list
22:20
<
clever >
oh wait, backwards
22:20
<
clever >
rndd: you need to give it a single package, not a set of all linux packages
22:19
<
clever >
2019-09-14 19:09:22 < rndd> kernelPackages = [pkgs.linuxPackages_latest pkgs.rtlwifi_new];
06:15
<
clever >
li_matrix: sounds like your from #osdev
06:14
<
clever >
li_matrix: i think it would be much simpler if you just use nix copy, then to re-invent the signatures
06:12
<
clever >
li_matrix: and users can choose to either fetch the URL: field, or the ipfs field
06:12
<
clever >
li_matrix: then you host a modified copy of the .narinfo, on a central http server
06:11
<
clever >
li_matrix: my idea on what needs to be done for ipfs, is to just add one more field, the ipfs hash of the nar.xz
06:10
<
clever >
just a series of "key: value" pairs
06:10
<
clever >
fairly simple
06:10
<
clever >
li_matrix: a custom format
06:09
<
clever >
the signature is over the string: "1;/nix/store/n9z80xrc7bidx5hcap2wvb5l9r2vk6y0-hello-2.10;1b80qjckhfhpfmjd8gr8zrkicvika8523hpids707fpj8wf4rw3c;205720;n9z80xrc7bidx5hcap2wvb5l9r2vk6y0-hello-2.10 xqs95fqkjb1kd102yjv5h5q57gcsafb3-glibc-2.27"
06:08
<
clever >
li_matrix: run this
06:07
<
clever >
li_matrix: have you looked at a narinfo file yet?
06:07
<
clever >
Batzy: sounds like the package is broken, and youll need to wait for somebody to fix it, maybe file an issue on nixpkgs
06:07
<
clever >
li_matrix: and the signing happens in c++, using libsodium
06:06
<
clever >
this will return a string in the form of "1;/nix/store/hash-foo;<narhash>;<narsize>;<dependencylist>"
06:05
<
clever >
thats how nix-serve is generating the signatures
06:05
<
clever >
$res .= "Sig: $sig\n";
06:05
<
clever >
my $sig = signString($secretKey, $fingerprint);
06:05
<
clever >
my $fingerprint = fingerprintPath($storePath, $narHash, $narSize, $refs);
06:04
<
clever >
you need to have the full nar file to generate either hash
06:04
<
clever >
the hash cant really be converted
06:03
<
clever >
and needing a lookup table, between store-path hash, and ipfs hash
06:03
<
clever >
there is still minor issues, like how ipfs uses a merkle hash, and nix uses a single hash
06:02
<
clever >
and its then just the hash over that whole thing
06:02
<
clever >
li_matrix: the nar is basically a tar, containing every file in the directory
06:01
<
clever >
li_matrix: what part of that isnt secure?
05:54
<
clever >
discord in the config, but then run Discord to actually start it
05:53
<
clever >
you may already have it installed, and have just been running the wrong command
05:53
<
clever >
they like to make the guessing games hard
05:53
<
clever >
Batzy: also, the binary is called Discord
05:52
<
clever >
and then nixos-rebuild switch to apply it
05:52
<
clever >
if discord is in configuration.nix, then you want nixpkgs.config.allowUnfree = true;
05:52
<
clever >
Batzy: if you use sudo, then it uses the config.nix in /root/ instead
05:51
<
clever >
Batzy: what about nix-env -iA nixos.discord?
05:49
<
clever >
Batzy: what does `nix eval nixpkgs.config` return?
05:49
<
clever >
Batzy: what path is config.nix at?
05:34
<
clever >
li_matrix: which is just the hash of `nix-store --dump /nix/store/foo`
05:34
<
clever >
li_matrix: the signature is over the narhash
05:13
<
clever >
so you need some kind of index, to map the hashes
05:13
<
clever >
oh right, bot is down
05:13
<
clever >
> "${hello}"
05:13
<
clever >
but the nix binary cache isnt using the hash of the product, its using the hash of the build directions
05:12
<
clever >
ipfs needs to know the hash of the product
05:12
<
clever >
that has other problems
05:12
<
clever >
li_matrix: or re-write it in a better language
05:11
<
clever >
the other option is to fix nix-serve, to have support for the new signature stuff