2019-03-13

<clever> noonien: 2 is a build of 1, from the latest nixos-unstable
<clever> or not set it at all, and let nixos-container provide a default
<clever> pie___: you should set it without mkDefault
<clever> pie___: so they are colliding!
<clever> pie___: oh, both files are setting the same option, at mkDefault level
<clever> noonien: yep
<clever> what does it say?
<clever> pie___: and then eval `system`
<clever> pie___: nix repl -I nixos-config=/var/lib/containers/test/etc/nixos/configuration.nix '<nixpkgs/nixos>'
<clever> pie___: and this is built outside the container, so that path should be fine
<clever> pie___: cat /var/lib/containers/test/etc/nixos/configuration.nix
<clever> pie___: it is updating the given profile (-p), with the given configuration.nix (cat it, is it your file?), and building the -A system attr
<clever> [pid 1859] execve("/run/current-system/sw/bin/nix-env", ["nix-env", "-p", "/nix/var/nix/profiles/per-container/test/system", "-I", "nixos-config=/var/lib/containers/test/etc/nixos/configuration.nix", "-f", "<nixpkgs/nixos>", "--set", "-A", "system"], 0x1dda970 /* 23 vars */) = 0
<clever> pie_: what does this output? `strace -f -e execve -s 3000 nixos-container ...`
<clever> pie_: did you create it with nixos-container ?
<clever> ihar: nothing has that hash
<clever> ihar: thats why you usually start with the all 0000's hash that {^_^} gave
<clever> ihar: did you reuse the turses sha256?
<clever> alj[m]: sure
<clever> ihar: what about just changing the src url, and not patching?
<clever> alj[m]: probably
<clever> alj[m]: not currently
<clever> alj[m]: yeah
<clever> ihar: just use fetchurl, rather then fetchpatch
<clever> ihar: try using just fetchurl directly?
<clever> ihar: oh, patchelf is used by the stdenv, so patchelf gets a different fetchurl, and i think fetchpatch is passing meta to fetchurl
<clever> terlar: yeah, the os is pretty much broken, because the root disk is missing, and its relying purely on what happens to be in the read cache
<clever> ihar: nix has been patched to not allow that anymore
<clever> ,tofu ihar
<clever> ihar: there was a bug in nix, where an empty hash would allow network access, but never validate the output
<clever> terlar: write the iso to the usb again
<clever> ihar: you must provide a valid sha256 to fetchpatch
<clever> terlar: not really, you have to be running from something else to image the usb
<clever> terlar: it could also be that you just happened to bump into the stick and unplug it while the machine was running
<clever> noonien: the VM shouldnt need root
<clever> terlar: how did you write the nixos iso to the usb?
<clever> noonien: build-vm will overwrite the rootfs config, and then use 9plan to mount the host /nix/store to the guest
<clever> noonien: correct, and build-vm disables most of that
<clever> noonien: boots just fine
<clever> noonien: if you run nix-collect-garbage with no args, then no garbage will remain, but there can be things that random result links hold onto, that is technically "not garbage"
<clever> all 3 can be built using nix
<clever> https://github.com/cleverca22/thermostat_firmware is the firmware for my thermostat system, it has under 20kb of ram, definitely not linux capable :P
<clever> both are linux based, so you still need a fairly beefy cpu, relative to embeded stuff
<clever> betawaffle: at runtime, no other files exist, anywhere
<clever> betawaffle: https://github.com/cleverca22/nix-tests/tree/master/haskell-init is an entire "linux distro" in 2 files, the ONLY thing it runs is a single haskell binary
<clever> betawaffle: https://github.com/cleverca22/not-os is based on nixos, but it strips out all the garbage like systemd, the entire rootfs is 47mb
<clever> betawaffle: not-os, haskell-init
<clever> betawaffle: the nix expressions have already turned the config into a full system, which is living in /nix/store/
<clever> betawaffle: the switch-to-configuration script deals with updating symlinks in /etc/ and restarting systemd services, and updating the main /run/current-system symlink
<clever> betawaffle: basically, nixos-rebuild is just `nix-build '<nixos/nixos>' -A system && ./result/bin/switch-to-configuration switch`
<clever> and you would likely want -I nixos-config=something.nix, or it will wind up being a clone of the local machine
<clever> using the local cfg
<clever> i think --target-host builds it locally, then copies it to the target host
<clever> you still need to get that cfg right, when using --target-host
<clever> so you have to get fileSystems."/" and boot.loader all set right
<clever> therealwaphire[m: the biggest issue, is that the cfg you deploy with nixops, must know how to make the machine boot
<clever> therealwaphire[m: yep, both my nas and router started as normal nixos
<clever> therealwaphire[m: on my local network, i use nixops to manage both the router and nas, and it lets me update both with just `nixops deploy`, rather then having to ssh into each, git pull the cfg, and nixos-rebuild
<clever> therealwaphire[m: yeah, it depends a lot on what your actually doing with the servers
<clever> i dont autoUpgrade anything
<clever> therealwaphire[m: when you need to spin up 100 identical servers, and they all need to know eachothers IP's
<clever> he means the difference between using nixops, or using autoUpgrade
<clever> therealwaphire[m: and you can have the IP's of other machines in the nixops file, baked into eachothers config files
<clever> therealwaphire[m: it only happens when you want to upgrade
<clever> therealwaphire[m: updates are done by just re-running `nixops deploy`
<clever> and optionally, it lets the remote end use the nixos cache
<clever> nixops just uses `nix copy` to push a locally built copy to the remote machine
<clever> and it almost replaces `nixos-install`
<clever> therealwaphire[m: thats basically 80% of `nixops deploy`, but with a remote chroot
<clever> therealwaphire[m: this will copy a given storepath, from the local machine, to /mnt/nix/store on a remote machine
<clever> Raw
<clever> nix copy --to ssh://root@target?remote-store=local?root=/mnt /nix/store/hash-nixos
<clever> let me find another util...
<clever> i have plans to automate it and bake it into nixops
<clever> heh
<clever> this generates a tarball that contains the entire nixos closure in the initrd
<clever> therealwaphire[m: nope, but i have done it with packet.net, and i have helped others use my kexec tools on hetzner
<clever> i just use plain old irssi
<clever> :D
<clever> therealwaphire[m: chmod 777 /dev/hidraw0, lol
<clever> therealwaphire[m: and it successfully opend hidraw0
<clever> [pid 29517] openat(AT_FDCWD, "/dev/hidraw0", O_RDWR|O_SYNC|O_CLOEXEC) = 16
<clever> therealwaphire[m: might be lspci
<clever> therealwaphire[m: i can see it poking around in /sys
<clever> therealwaphire[m: much better
<clever> infinisil: doJailbreak has issues with constaints nested inside conditions
<clever> infinisil: what if we just patch cabal to ignore all version constraints? lol
<clever> infinisil: probably
<clever> Android: haskell.packages.ghc822.adb does build fully
<clever> infinisil: build fails when jailbroken
<clever> therealwaphire[m: strace -f -e openat solaar
<clever> therealwaphire[m: maybe -e openat?
<clever> Android: (haskell.lib.doJailbreak haskellPackages.adb) will just ignore all version constraints
<clever> therealwaphire[m: its forking out a lot of children, so -f has to be added to strace
<clever> Android: ghc 8.4.4 has base 4.11.1.0, and adb requires a base <4.11!
<clever> samueldr: policykit?
<clever> therealwaphire[m: the rules dont matter as much as the actual permissions under /dev/
<clever> Android: ah dang, 844 doesnt work, it just took longer to fail!
<clever> therealwaphire[m: what about `strace -e open solaar` on arch? what devices does it open?
<clever> therealwaphire[m: yeah, not setuid root, what about /dev/hidraw0 ?
<clever> Android: haskell.packages.ghc844.adb works
<clever> so just blindly +s'ing something that isnt meant to be, wont actually give it full root
<clever> therealwaphire[m: it might be that solaar doesnt like being setuid root, setuid binaries are a bit weird, and have 2 uid's attached to them, and the app has to select which one to use at any given moment
<clever> Android: checking the haskell one...
<clever> Android: androidenv.androidPkgs_9_0.platform-tools has the CLI adb tool
<clever> Android: do you want the CLI adb tool, or the haskell library called adb?
<clever> Android: but not the CLI adb tool
<clever> Android: ah, thats a haskell library, for speaking adb
<clever> Android: thats not the android adb
<clever> therealwaphire[m: what happens when you run `/run/wrappers/bin/solaar` ?
<clever> therealwaphire[m: and are you in the plugdev group? (run `id`)
<clever> therealwaphire[m: what does ls say about solaar?
<clever> therealwaphire[m: does solaar exist in `ls -lh /run/wrappers/bin/` ?
<clever> therealwaphire[m: you might need to uninstall the solaar in home-manager
<clever> the ? is a glob character, and nullglob causes foo? to vanish
<clever> samueldr: and of note, the stdenv enables nullglob, which can cause weird bugs if somebody just does "echo do you want to install foo?"
<clever> samueldr: the globbing is handled by bash, so it turns into cp a b dest/
<clever> samueldr: added another comment
<clever> Android: android-ndk failed to build, because 1 dep (likely htmlunit-driver-standalone) failed to build
<clever> cannot build derivation '/nix/store/xjfakgdssdws7w16yl2dc81343hx5dls-android-ndk-r17c.drv': 1 dependencies couldn't be built
<clever> samueldr: dropped a review comment on the PR
<clever> Android: ah, that would make sense
<clever> Android: can you pastebin the entire error?
<clever> Android: that should be visible in the errors nix prints after X fails to download
<clever> therealwaphire[m: shouldnt be
<clever> therealwaphire[m: that then enables wireshark to capture packets, without being ran as root
<clever> therealwaphire[m: this allows dumpcap to be ran setuid root, but only by users in the wireshark group
<clever> therealwaphire[m: one min
<clever> therealwaphire[m: so `services.udev.packages = [ pkgs.solaar ];` wont do anything useful
<clever> therealwaphire[m: i checked, and pkgs.solaar lacks udev rules
<clever> therealwaphire[m: one for nixos (just the udev rules are used) and one for home-manager
<clever> therealwaphire[m: this will result in 2 copies of solaar being around
<clever> therealwaphire[m: when you refer to pkgs.solaar, nix will automatically download it when building nixos
<clever> therealwaphire[m: nope
<clever> therealwaphire[m: so it may be as simple as services.udev.packages = [ pkgs.solaar]; ah, and samueldr said that above
<clever> ilya-fedin: you want qt5.qtbase
<clever> ilya-fedin: qt5 is a set of many packages
<clever> Android: that is the derivation behind that storepath
<clever> Android: grep -r --color htmlunit-driver-standalone ~/.nix-defexpr/channels_root/nixos
<clever> therealwaphire[m: you either need to make the solaar binary setuid root, or put the hidraw0 device into a special group
<clever> Android: mkdir ~/.config/nixpkgs ; $EDITOR ~/.config/nixpkgs/config.nix
<clever> then you havent created it yet
<clever> Android: ~/.config/nixpkgs/config.nix
<clever> Android: that list is only free packages
<clever> Android: once non-free packages are enabled in config.nix, nix search can find them
<clever> slabity: nix repl '<nixpkgs/nixos>' then eval config.services
<clever> ilya-fedin: pkgconfig only works inside nix-shell or nix-build
<clever> musicmatze: yeah, a safety was added to check that the contents of meta are valid, and assert if they arent
<clever> musicmatze: ah, ive seen that in the stdenv, but never looked at who added it
<clever> linda: its not nix-build that is creating the cache, its a binary based on go
<clever> linda: either pass it a config flag to put the cache elsewhere, or point $HOME to $TMPDIR
<clever> linda: one of your go binaries it trying to mess around with $HOME/.cache/go-build at build-time, but nix doesnt allow $HOME during builds
<clever> adamt: this would show the differences between the current-system, and configuration.nix
<clever> nix-diff $(nix-store --query --deriver /run/current-system) $(nix-instantiate '<nixos/nixos>' -A system)
<clever> Value:
<clever> true
<clever> [root@amd-nixos:~]$ nixos-option hardware.opengl.enable
<clever> hyper_ch2: i ran into http://media.kingston.com/support/downloads/60AABBF0_V3_RN_052816.pdf on my mirror, so i have zero redundancy now
<clever> hyper_ch2: nice
<clever> octe: then just keep editing configuration.nix to make them differ less, and re-run nix-diff
<clever> octe: this will then diff them, and tell you how they differ
<clever> [root@amd-nixos:~]$ nix-diff $(nix-store --query --deriver /run/current-system) $(nix-instantiate '<nixos/nixos>' -A system)
<clever> octe: and this will give the .drv for the current configuration.nix
<clever> nix-instantiate '<nixos/nixos>' -A system
<clever> octe: that will give you the .drv for the full nixos build
<clever> octe: nix-store --query --deriver /run/current-system
<clever> octe: is nixos still running a usable config from the msising configuration.nix?
<clever> mikky: what about `echo -n foo` ?
<clever> mikky: strange!
<clever> mikky: what if you `echo "dGVzdHRleHQ=" | strae -f base64 -d`
<clever> so its either a corrupt binary, or a config file
<clever> mikky: the exact build you have (when fetched from the cache) works on this end
<clever> testtext
<clever> $ echo "dGVzdHRleHQ=" | /nix/store/rkc8gp18wk1n115b3grj0sag2xr7lh93-toybox-0.8.0/bin/base64 -d
<clever> mikky: what does `realpath $(which base64)` return?
<clever> adamt: ack!
<clever> adamt: if hydra is building it, the users wont notice build-time, only download size
<clever> the efi files are part of everything
<clever> adamt: what happens when you `make everything` instead?
<clever> adamt: the := means its a variable assignment, not a target
<clever> adamt: ah, blib.a is part of the variable ALL
<clever> adamt: where does blib.a appear in the makefile?
<clever> Android: run `nix-build '<nixpkgs>' -A androidsdk` and it will show an error explaining it
<clever> buffet: you can run that over most packages to get debug variants
<clever> Android: nix search cant see unfree packages until you enable unfree
<clever> > pkgs.enableDebugging pkgs.zlib
<clever> Android: do you have unfree packages enabled?
<clever> ,library buffet
<clever> ah
<clever> adamt: nix search only searches names/descriptions, nix-locate searches filenames within the pkg
<clever> Android: you need to first install nix-index
<clever> adamt: and the buildPhase calls make $makeFlags, so you just need to add "all" and "bin-x86_64-efi/ipxe.efi" to makeFlags
<clever> adamt: yep
<clever> adamt: you can just name the default target, which is the first target in the makefile
<clever> slabity: then my haskell-init, with only 2 files, is technically a distro, lol
<clever> adamt: and then in the installPhase, copy those to $out
<clever> adamt: i think you want to add the names of the files to the makeFlags (the paths i was passing to make)
<clever> does that even count as a distro?
<clever> 100% of the os, is a single haskell file (and the linux kernel)
<clever> this will boot a haskell file, as /init, inside the initrd
<clever> and then on the more extreme end of things
<clever> not-os is basically a distro, based on nix, but its not nixos!
<clever> adamt: yep
<clever> then it will break for everybody, and is more likely to be noticed/fixed
<clever> adamt: something you could add to the PR, is to have the efi binaries enabled within nixpkgs
<clever> adamt: ahh, then the ipxe version will need to be updated, add src=fetchurl{...}; to the override
<clever> for example, its building my nixops deployment for the nas/router, and i can see if its broken or not, before i try to update
<clever> alj[m]: it automatically builds things against the latest nixpkgs every time it changes
<clever> and the above hydra build isnt testing efi, so thats why i havent noticed it
<clever> adamt: if you dont need efi binaries, you can remove that override
<clever> adamt: ah, i'm not checking 19.03
<clever> adamt: looks like nothing has broken on my hydra stuff
<clever> Myrl-saki: either home-manager, or user units that are global to the system
<clever> adamt: i'm not actively using ipxe, but my hydra is still building some ipxe based things
<clever> but runs one instance per user, and only those that are signed in
<clever> it has a lot of the same options
<clever> Myrl-saki: it drops units into /etc/systemd/user/
<clever> iqubic: nix-env -f . -iA discord
<clever> iqubic: what Myhlamaeus said
<clever> iqubic: depends on how you built it
<clever> iqubic: i just edit .git/config
<clever> iqubic: git@github.com:IQubic/nixpkgs
<clever> oops
<clever> iqubic: git@github.com/IQubic/nixpkgs
<clever> iqubic: git@github.com:org/repo
<clever> iqubic: i prefer using ssh, rather then https
<clever> DigitalKiwi: i find git gui helps a lot
<clever> iqubic: {^_^} said its merged
<clever> thomashoneyman: you will need to make a full backup, and then re-format it with a smaller fs
<clever> thomashoneyman: ZFS cant be shrunk, ever
<clever> thomashoneyman: what FS are you trying to shrink?
<clever> each one can be a file, directory, or symlink
<clever> out may be required
<clever> infinisil: write files to $html, $images1, $images2, and $whatever

2019-03-12

<clever> fendor: ah, that would do it
<clever> scaroo: then you want to try nix-channel --rollback
<clever> scientist: but which broke it, changes to nixpkgs, or changes to your configuration.nix
<clever> scientist: depends on if the problem was in nixpkgs or configuration.nix
<clever> fendor: touch /run/media/baldr/seagate/foo
<clever> fendor: -o rw -v, what does it say?
<clever> fendor: -o rw
<clever> scientist: depending on your gpu drivers, just scrolling thru journalctl can max out the cpu
<clever> guest874329: overays are meant to let you change things, without having to swap out all of nixpkgs
<clever> back
<clever> bbl, lunch
<clever> mconstant: dmesg or journalctl, and also just run commands like iwconfig to see what is and isnt working
<clever> mconstant: depends on what actually broke
<clever> slabity: /etc/wpa_supplicant.conf is unmanaged, and i just copy it over from another laptop
<clever> slabity: i simply dont have nixos manage the wifi config
<clever> elvishjerricco: fileSystems.<name?>.neededForBoot
<clever> tilpner: you may need a custom apply function in mkOption
<clever> tilpner: what about default= inside the mkOption?
<clever> scientist: a few minor things are kept, but most of it will be rolled backwards
<clever> eyjhb: you are reading a variable called allowUnfree (which doesnt exist) and getting the .betterlockscreen attribute of it
<clever> betterlockscreen = allowUnfree.betterlockscreen;
<clever> eyjhb: where did you try to reference it?
<clever> eyjhb: the entry in configuration.nix only affects nixos-rebuild
<clever> eyjhb: the entry in config.nix affects all channels by default
<clever> srhb: nix-shell fetches a bash and gcc, which you dont need to run discord
<clever> srid: i prefer nix run over nix-shell, when not developing
<clever> eyjhb: correct
<clever> eyjhb: and the nixpkgs channel includes nixos (but without as much testing)
<clever> eyjhb: the nixos channel includes nixpkgs
<clever> ,untable ar1a
<clever> srid: () are used to convince nix-eval that its an expression to eval
<clever> srid: <nixpkgs> is a search path, that tells nix to search NIX_PATH (and -I prepends to NIX_PATH)
<clever> ar1a: yeah
<clever> noonien: nix-store --query --deriver
<clever> "19.09pre171786.34aa254f9eb"
<clever> $ nix eval nixpkgs.lib.version
<clever> siers: what does the `file` program say about both?
<clever> siers: line endings?
<clever> jackdk: you can also just use nixos-18.09, as the main channel (name it nixpkgs) on non-nixos machines
<clever> jackdk: just minor differences between nix on other distros, and nixos
<clever> `-I channel:nixos-18.09` is a special thing to just download the current version of the channel, and bypass nix-channel
<clever> channels are only in NIX_PATH if ~/.nix-defexpr/channels is in NIX_PATH
<clever> yeah
<clever> or other related files under there
<clever> jackdk: i think you just want `nix-build ~/.nix-defexpr/channels/nixos-18.09/nixos -A system -I nixos-config=/path/to/configuration.nix`
<clever> jackdk: and `ls -l ~/.nix-defexpr/channels/` ?
<clever> jackdk: what is the current value of NIX_PATH?
<clever> jackdk: did you nix-channel --update after adding the channel?
<clever> cabal revisions i think it was called
<clever> jackdk: hackage also has an ugly "feature" where they can just supply a new cabal file for any package, to deal with such issues
<clever> jackdk: yeah
<clever> jackdk: yep, the pandoc requirement is hidden behind a use flag
<clever> jackdk: there is a bug in jailbreak-cabal, where it cant jailbreak constaints inside cabal if statements

2019-03-11

<clever> to see if the args are right, before you build gcc