2019-01-25

<clever> ddellacosta: you also have to reload spl, and the other zfs related modules
<clever> easily*
<clever> nefix: this gives you access to the init= that nixos wanted, while letting you edit that ipxe code more asily
<clever> nefix: you can just edit line 15-18 to be a fragment of ipxe instead, and it will basically do the same thing as what you where using before
<clever> nefix: when you nix-build that, you get a directory with the kernel, initrd, and a fragment of grub config
<clever> nefix: a few months ago, somebody in here was making a usb stick, with every distro on it, and had trouble getting the nixos iso to work there
<clever> nefix: oh, that reminds me...
<clever> ingenieroariel: https://github.com/cleverca22/nixos-configs/blob/master/rtmp.nix#L3-L6 would have helped then
<clever> ingenieroariel: ah, that would do it
<clever> nixos-rebuild cant reload kernel drivers on its own
<clever> ddellacosta: ah, then you need to manually unload and reload the zfs drivers, with rmmod and modprobe
<clever> nefix: https://github.com/siraben/zkeme80 is the last one i got added to
<clever> nefix: go ahead, i'm already in a few readme's, lol
<clever> ddellacosta: have you rebooted after turning on zfs unstable?
<clever> i cant see why they would make the erase blocks so small
<clever> nvme, not sata
<clever> Baughn: HDIO_DRIVE_CMD(identify) failed: Inappropriate ioctl for device
<clever> I/O size (minimum/optimal): 512 bytes / 512 bytes
<clever> Sector size (logical/physical): 512 bytes / 512 bytes
<clever> Namespace 1 Formatted LBA Size: 512
<clever> Baughn: every single disk ive checked (even nvme) claim 512 byte sectors
<clever> ingenieroariel: and if you read the nginx.conf in the error, what block is it in?
<clever> ingenieroariel: what area of the config should that directive be in, according to the docs?
<clever> ddellacosta: it is using them correctly, what is the exact cmd you ran?
<clever> ddellacosta: one is for pool level params like ashift, the other is dataset level params, for the root dataset of the pool
<clever> ddellacosta: there is both -o and -O
<clever> ingenieroariel: what error does it give?
<clever> `import <nixpkgs>` is a function, that takes the nixpkgs cfg
<clever> nefix: line 1, you want import <nixpkgs> {}
<clever> nefix: wait, i see the problem
<clever> nefix: what does --show-trace give, and can you put both the nix file and backtrace into a gist ?
<clever> but, you can also add it to the imports of a non-netboot machine, for testing
<clever> also of use, if you put the frontend stuff into a dedicated file like i did, you can do imports = [ ./frontend.nix ];
<clever> or just throw all sanity out the window, and run your frontend as root!
<clever> without a pw
<clever> but you could also mess with sudoers to allow `sudo shutdown -h now`
<clever> if you are non-root, i believe dbus to logind is the simplest way
<clever> yep
<clever> i opted to disable that in mine, because its running on my NAS
<clever> nefix: and this is how plexmediafrontend was implementing its ability to shutdown/reboot/suspend the host: https://github.com/plexinc/plex-media-player/blob/master/src/power/PowerComponentDBus.cpp#L7-L12
<clever> of note, if the main gui exits for any reason, X will shutdown, then slim restarts, auto-logs again, and it re-runs the sessionCommands
<clever> yep
<clever> nefix: combined with the autoLogin flag for slim, it will then run sessionCommands on bootup of X
<clever> instead, only running plexmediaplayer
<clever> nefix: because i put an exec on line 22 of media-center.nix, that script dies mid way thru, and never launches one
<clever> nefix: the session commands are inserted into a bash script that is responsible for starting the chosen desktop env (kde, gnome, xfce)
<clever> nefix: i initially managed the router with normal nixos-rebuild, but later migrated it to nixops
<clever> my dhcp server is also nixops managed, so i have to do a nixops deploy to change the cfg
<clever> nefix: get the dhcp wrong, and the whole network dies
<clever> nefix: yeah, i can see how i would now, but it opens up the option of swapping it for a DB, and its safer to edit a php script then dhcp config
<clever> nefix: in my case, it was just a dumb switch-case on the mac, to give a different fixed boot option
<clever> nefix: ah, i was going a different route, with server-side scripting to change what the script was entirely
<clever> it has a password login (though the pw is in plaintext in the script) which locks shell access
<clever> nefix: the most complex ipxe ive done is in https://github.com/cleverca22/not-os/blob/master/ipxe.nix
<clever> nefix: ah, nice
<clever> nefix: media-center.nix may also interest you, as an example of how to run a gui app on bootup
<clever> other then loosing the login creds, i could just jam that into a netboot image, and have entirely disk-less plex frontends
<clever> media-center.nix runs the plex frontend on bootup
<clever> nefix: 20-27 is your nixos config, so you would put services.xserver.enable = true; inside there
<clever> nefix: you can just delete the justdoit lines
<clever> Baughn: minor problem, its in this dir of 1208 screenshots, lol
<clever> Baughn: still looking...
<clever> nefix: what if the menu just leaves the extra kernel params in a certain variable, and then the different selection of premade netboot.ipxe's all append that to the kernel params?
<clever> nefix: though if you want anything more, you may want to just make a custom netboot.ipxe, copying the code from nixpkgs
<clever> nefix: each arch should have its own netboot.ipxe, at a different URL
<clever> nefix: and why cant the menu just run `chain http://url/to/netboot/netboot.ipxe` ?
<clever> nefix: line 46 is an example
<clever> nefix: you can tell ipxe to chainload the netboot.ipxe script
<clever> nefix: the netbootIpxeScript on line 18 deals with that for you
<clever> nefix: i think it is
<clever> Baughn: let me find that screenshot...
<clever> Baughn: the inodes get cross-wired, and a directory contains another directories files
<clever> Baughn: oh, the 9plan stuff in qemu for mounting the host fs to the guest, sometimes messed up with zfs
<clever> nefix: line 11 pulls in the netboot profile, line 12 is optional, line 13 refers to the module on 20, and 20-27 is just the contents of a configuration.nix file
<clever> Baughn: is the fs mounted with noexec?
<clever> nefix: then your interested in just lines 7-27
<clever> i originally designed this for use on a laptop, where wan is my wifi, and lan is the ethernet
<clever> it is acceptable for wan to be facing another router
<clever> nefix: wan is the side of the machine facing the internet, lan is the side facing the machines you want to netboot
<clever> nefix: if you have a machine with 2 network cards, you can just add /path/to/nixos-configs/netboot_server.nix to your imports field, and then set netboot_server.network = { wan = "eth0"; lan = "eth1"; };
<clever> and it hosts the netboot files on nginx
<clever> it sets up dhcpd for netbooting, it sets up bind for dns relaying, it sets up NAT so your netboot-slaves have internet, yet are still isolated from the LAN you dont control fully, and it creates the netboot image, with justdoit configured
<clever> nefix: this is a nixos module, that does everything you want and more
<clever> nefix: you would want to make some custom nix for that
<clever> and --system changes the arch of the "host" not what its trying to build
<clever> nefix: you want -A netboot.x86_64-linux
<clever> nefix: netboot is an attribute set, containing every arch
<clever> ingenieroariel: callPackage will import automatically if the 1st arg is a path
<clever> ingenieroariel: i'm thinking one of the extraConfig blocks, depending on where the config goes in the file
<clever> ,tofu
<clever> and a new copy is made for every generation, so you now have history even without commits being made
<clever> phizzz: this causes a copy of whatever dir core.nix was in, to wind up at /run/current-system/nixcfg/
<clever> sounds like you want to use inotify to watch the file then
<clever> ivan: what does `ls -lh ~/.config/zsh/history` return?
<clever> ivan: what user owns ~/.zsh_history ?

2019-01-24

<clever> mikky: you need a rubber duck
<clever> colemickens: oh, is it failing to find unlink, or is unlink() failing to find the thing it was told to unlink?
<clever> colemickens: does your script set PATH at all?
<clever> colemickens: when is curl running?
<clever> aleph-: wrong nick
<clever> colemickens: oops, coreutils has unlink
<clever> ,locate bin unlink
<clever> aleph-: probably coreutils
<clever> ,locate unlink
<clever> its also murder on battery life
<clever> https://play.google.com/store/apps/details?id=com.screencast for example runs an http server with an mjpeg stream, but that obviously lacks audio, and it randomly stops when android decides it needs more ram
<clever> sphalerite: and yet there are ad riddled apps that do the same thing without audio
<clever> so it finds everything about the other direction, pc->phone or pc->tv
<clever> aleph-: its near imposible to google for, because the google search doesnt know which direction you want to stream
<clever> aleph-: related, can you stream (chromecast style) from the "chromecast app" in a phone to a pc?
<clever> parsnip: if you use nixops, it will pick the right one automatically
<clever> mikky: systemd has a flag, to make the prestart and start run as different users, and then you can put the chmod/chown in prestart
<clever> i tend to do things like /var/lib/toxvpn, so only one dir has to be made
<clever> ahh
<clever> i tend to just make a user for the service, set home and createHome, and then the permission bits dont matter much
<clever> kai_w: for optional stuff,you should use dlopen() and dlsym() to lookup symbols if it was found
<clever> kai_w: any symbols that are used normally, must be supplied before any code in the binary can run
<clever> -lnvrtc has to be passed when linking this library, to fix it
<clever> LD_PRELOAD can be used to force it to load, for testing
<clever> then its simply not trying to load libnvrtc.so
<clever> kai_w: but is ibnvrtc.so in the DT_NEEDED field?
<clever> tilpner: this is also pretty scary, https://www.youtube.com/watch?v=LLCF7vPanrY
<clever> yes, lol
<clever> then its either something else, or a un-discovered firmware bug!
<clever> tilpner: in my case the firmware version matches the pdf
<clever> Firmware Version: 608ABBF0
<clever> Device Model: KINGSTON SV300S37A240G
<clever> [root@amd-nixos:~]$ smartctl -a /dev/sdb | less
<clever> tilpner: since ditching those 2 SSD's (the util to update firmware just fails), ive switched to just a single nvme disk, and its been stable
<clever> yeah
<clever> and it continued to randomly fail :P
<clever> and i just assumed it was random, and kept retrying till it fully synced
<clever> tilpner: when i was replacing the spinning rust with the sdd, the zfs sync failed a few times due to IO write errors
<clever> tilpner: there was also warning signs early on, that i ignored
<clever> tilpner: turns out linux and btrfs/zfs dont take a hung SSD very well, and the zfs mirror doesnt help at all to gracefully fall back to the other disk
<clever> tilpner: going back to #zfs on and off for several years, and eventually somebody asked the firmware rev and linked that pdf to me
<clever> a firmware bug in my SSD (it was last a zfs mirror, between identical drives, with identical bugs) that causes the SSD to just randomly hang
<clever> tilpner: for several years, i had some nasty stability problems on my primary desktop, spanning multiple FS's
<clever> johnw: and it instead needs a -f for files
<clever> johnw: nix eval doesnt accept a -A, it instead defaults to the main argument beng an attrpath
<clever> johnw: there is a nix eval, but ive not played with it too much yet
<clever> ToxicFrog: you can also do legacy on GPT, so there is no real reason to ever use MBR
<clever> ive seen a ESP type code in MBR, but not played with it enough
<clever> that does also make things simpler, because you dont have to read every single fs and its uuid, and support all the fs's
<clever> and it looks like the efivars operate on the partuuid from gpt, not the fs uuid
<clever> /dev/nvme0n1p1: UUID="7DBC-2698" TYPE="vfat" PARTUUID="27c99b08-455d-4dfe-a44f-6150cbc09ef8"
<clever> ToxicFrog: yeah, it may need a double-efi then
<clever> ToxicFrog: in the case of my laptop (which has a vfat /boot/) the path is in the efi var
<clever> Boot0004* UEFI OS HD(1,GPT,27c99b08-455d-4dfe-a44f-6150cbc09ef8,0x800,0x100000)/File(\EFI\BOOT\BOOTX64.EFI)..BO
<clever> ToxicFrog: if you are setting the efivars, then the fallback shouldnt come into play
<clever> i think when you do it on nixos, its still /boot/EFI/ without another EFI inside it
<clever> only the /boot/EFI subdir has to exist on a fat32 fs
<clever> of note, /boot/ doesnt need to be fat32
<clever> ah
<clever> zfs checksums every block...
<clever> because grub's FS write support is rather dumb, and it just writes to the data blocks of a file, without any support to allocate new blocks to the file
<clever> ToxicFrog: my grubenv file, is exactly 1024 bytes, nearly all #######'s
<clever> ToxicFrog: oh, but grubenv likely wont like being on zfs
<clever> there is probably a save_env as well, the grub manual will help there
<clever> and from my grub.cfg, it will search for a grubenv file, and then load it on startup
<clever> 5 load_env
<clever> 4 if [ -s $prefix/grubenv ]; then
<clever> then you just need a systemd unit, to un-change the default, every time you boot, to say "it worked"
<clever> and because grub changed the default before booting nixos, it now runs something else
<clever> so, now failure to mount anything, reboots the machine
<clever> panic=10, will then tell linux to reboot 10 seconds after a panic
<clever> that will cause failure to mount anything, a panic
<clever> boot.panic_on_fail or stage1panic=1 in the kernel params
<clever> then ...
<clever> ToxicFrog: basically, you need to mess with some grub commands, to change the default menu entry, as you boot the real nixos
<clever> ToxicFrog: i have thought of that, but havent written the right code yet
<clever> so if you ever brick the main nixos, you can boot the backup one
<clever> ToxicFrog: this puts an entire nixos install into your /boot/, using a squashfs inside the initrd
<clever> ToxicFrog: oh, something else you may like
<clever> that could work
<clever> also, activate runs every time you `nixos-rebuild switch`, so that could get messy
<clever> after activate has created homes
<clever> ToxicFrog: that gets inserted at line 152 of stage-2-init.sh
<clever> ToxicFrog: this is the first line of code ran after pivot-root, https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/system/boot/stage-2-init.sh#L3
<clever> ToxicFrog: after pivot-root would be stage-2 or activate
<clever> gchristensen: but it means boot cant benefit from the l2arc
<clever> gchristensen: it makes the tracking simpler, since you dont have to write to disk what is on the cache
<clever> another problem ive discovered with l2arc, is that it doesnt persist thru reboots
<clever> i would have just use an L2arc to make the hdd's faster
<clever> rest are either mirror or single-device
<clever> biggest single setup is the nas, with 3 drives in raidz1
<clever> nothing ive done so far has been large enough to run into that issue
<clever> ah
<clever> ToxicFrog: why do you have many pools?
<clever> its likely already imported as well by this point
<clever> yeah
<clever> and its /mnt-root/ not /mnt/, oops
<clever> ToxicFrog: you must set an altroot
<clever> just manually mount it yourself at the right time, and ignore all errors
<clever> ToxicFrog: oh, i have a nasty idea, boot.postMountCommands = "mount pool/set /mnt/foo || true";
<clever> ToxicFrog: upon failure, it will run the fail function
<clever> ToxicFrog: the mountFS function on line 318 does the actual mounting
<clever> stage-1.nix will grab everything that is neededForBoot, and put it into @fsInfo@
<clever> ToxicFrog: it will ask the user what to do on the console
<clever> Mic92: systemd-analyze plot
<clever> mounting /home from the initrd seems simplest
<clever> that flag forces nixos to mount them from the initrd, before activate is ran
<clever> ToxicFrog: sounds like you just need to add the $HOME related FS's to fileSystems. and also set neededForBoot = true;
<clever> Mic92: problem is, i think update-users-groups, runs before systemd has started
<clever> Mic92: i dont remember setting up anything in nixos for /home/gits/
<clever> home-gits.mount loaded active mounted /home/gits
<clever> [root@nas:~]# systemctl | grep mount
<clever> naspool/gits /home/gits
<clever> [root@nas:~]# zfs list -t filesystem -o name,mountpoint
<clever> i think its runtime
<clever> s
<clever> Mic92: i think i saw some recent changes to zfs/nixos, that auto-generate mount units for zfs dataset
<clever> i use ext4 for /, luks for the rootfs, which is zfs
<clever> ah
<clever> obadz: i think your simplest solution is to add a non-encrypted /boot/ partition, mount it to /mnt/boot/, add it to the configuration.nix, and then `nixos-rebuild boot` again
<clever> obadz: i think your simplest solution is to add a non-encrypted /boot/ partition, mount it to /mnt/boot/, add it to the configuration.nix, and then `nixos-rebuild boot` again
<clever> no results at all
<clever> obadz: and is that enabled in nixos's build?
<clever> obadz: enough to understand that its e4crypt, and to know what is and isnt encrypted
<clever> obadz: also, grub may need partial e4crypt support, to even know what is and isnt encrypted, otherwise, it may just refuse to open the entire fs
<clever> obadz: is boot.loader.grub.enableCryptodisk enabled?
<clever> obadz: is there only 1 partition on sda?
<clever> obadz: what does `fdisk -l /dev/sdX` say, when ran on the right device?
<clever> phizzz: i'm guessing the lxc config you started from, has xserver enabled still
<clever> phizzz: `nix copy --to local?root=/var/lib/containers/foo/ /nix/store/foo` will coyp /nix/store/foo from /nix/store to /var/lib/containers/foo/nix/store/
<clever> phizzz: nix-build '<nixpkgs/nixos>' -A system -I nixos-config=./configuration.nix, will generate the entire closure in the current /nix/store/
<clever> phizzz: you also dont need to copy any special images
<clever> that gets rid of most of the need for qemu
<clever> nice
<clever> samueldr: is it using its own private postgres instance?
<clever> samueldr: i was also planning to run on the local machine, but just via a qemu guest that is ran from a bash script
<clever> samueldr: i havent looked at yours yet, but i was wanting to spin up the iohk hydra in qemu, to confirm the module configures things right, and allow testing changes to hydra itself
<clever> samueldr: hey, i was going to do that! lol
<clever> samueldr: and weird fs's like zfs or luks or lvm
<clever> that should work just fine without a /boot/ fs
<clever> grub supports ext4
<clever> what rootfs did you pick for / ?
<clever> so its just personal choice at that point
<clever> infinii: if grub supports the / fs, you can just make /boot/ a dir on /
<clever> the `t` command in fdisk can set the types
<clever> infinii: i would just use fdisk to create a gpt table, with the bios boot partition, optional /boot/, optional /swap/, and the / partition
<clever> basically no reason to ever use MBR
<clever> infinii: if you want bios on gpt, you just need to add a 1mb bios boot partition, no fs, not mounted, not formatted, then continue the same way you would have with MBR
<clever> infinii: you can still do bios on gpt as well
<clever> hl: i can reproduce the issue on this end, looking....
<clever> nix-shell? nix-build? nix-env?
<clever> hl: how are you using it?
<clever> hl: then use clangStdenv.mkDerivation
<clever> why do you want clang?
<clever> hl: that should make clang work
<clever> hl: are you using clangStdenv?
<clever> bgamari: stack2nix was doing .override and passing it a initialPackages function
<clever> so you can start from pkgs.haskellPackages, and do things in the right order
<clever> in that case, your likely not wanting to use somebody elses package set?
<clever> using extend removes override, so override complexities are gone
<clever> but extend, removes override, forcing them to do it the right way
<clever> elvishjerricco: also, anybody that doesnt know of it, will use .override the wrong way and nuke all your changes
<clever> elvishjerricco: that override and compose thing just feels messy, when extend does the same thing more simply
<clever> bgamari: only ever use override for changing the stuff extend cant change, and do override first
<clever> just stick to extend, it will remove the problematic override
<clever> you just need to use them in the right order
<clever> elvishjerricco: its the same as overrideCabal vs overrideAtrs vs overrideDerivation
<clever> elvishjerricco: to quote nh2, "It's getting ever more confusing/
<clever> yep, very first paragraph mirrors what i said
<clever> but extend is within that default.nix, and it isnt aware of the .override attr
<clever> and callPackage will just re-import and re-run the default.nix with new args
<clever> the reason, is that override is added by callPackage
<clever> extend might even delete .override, so you cant go the wrong way
<clever> bgamari: i believe .override will undo all extends, but extend will stack ontop of override
<clever> bgamari: this is code i wrote, to take a list of haskell overlays, and apply all of them to a set: https://github.com/input-output-hk/cardano-sl/blob/develop/nix/haskell-packages.nix#L29-L38
<clever> bgamari: but .extend will insert another overlay into the list, and mutate it further
<clever> bgamari: .override with the same keys, will overwrite previous .override calls, so you can only set the overrides (haskell specific) key once

2019-01-23

<clever> ar1a: until you send `rm -rf /` as a txt, and the phone bricks itself
<clever> ar1a: which reminds me, one of the really old "smart" phones before modern ones, there was a root shell on tty1 that got all keyboard input, but the gui was controlling the display, so you never noticed
<clever> Sophos[m]: another fun one, when sharing a screen via 'screen', "can you see this?" -> "yes" -> yyyyyyyyyyyyyyyyyyyyyyyyyyyyy.....
<clever> Sophos[m]: the problem, is when you tell somebody to "type foo" and the literally type in "foo"
<clever> Sophos[m]: yeah, i just use type for everything now
<clever> some shells even alias which to something like 'alias | which --some-flag' to get type-like support, but at that point, just use type!
<clever> Sophos[m]: there is also which
<clever> timor: you can see if it is, by comparing the versions they are claiming to install, but thats not 100%
<clever> timor: yeah
<clever> timor: also, libreoffice is broken on unstable, there is a chance you have a 2nd channel, and its just grabbing an older (still working) version
<clever> timor: use nix-diff on the 2 .drv files to see how they differ
<clever> samrose: the point where release.nix somehow imports ../.. i think
<clever> they just never turned on the sandbox, so they dont even notice the build being naughty
<clever> leotaku: some people file PR's that do network during the build
<clever> leotaku: mostly that it builds in the sandbox and still works when ran