<clever>
then you have one of movit, mlt, or kdenlive, in your systemPackages
<clever>
and those explain why its being built
<clever>
Acou_Bass: it will also list what dependended on movit and kdenlive
<clever>
Acou_Bass: does kdenlive fail?
<clever>
v0|d: In addition, nixos-rebuild accepts various Nix-related flags, including --max-jobs / -j, --show-trace, --keep-failed, --keep-going and --verbose / -v. See the Nix manual for details.
<clever>
v0|d: that is likely to break its ability to find <nixos-config>, -I nixpkgs=./my-nixpkgs would be better
<clever>
bbarker: yeah
<clever>
but that will likely bleed thru into the domains you can authorize
<clever>
the only solution i can see is to chain NS records for subdomains and grant a dynamic ip control over some things
<clever>
but no way to change TXT records
<clever>
some of my dns hosters only have an api to change the addr behind A and AAAA
<clever>
gchristensen: that sounds like a pain
<clever>
so you need to give every machine an automated way to update dns records about its own domain
<clever>
gchristensen: do any records involved in dns-01 have to be updated at regular intervals?
<clever>
the zip setup hook already handles stuff like that for you
<clever>
ah
<clever>
i heard it took 12 hours to copy it from the build slave, to hydra, and back to another slave
<clever>
also, at one time, chromium had a seperate derivation to unpack
<clever>
and a lot of automation breaks
<clever>
so if you force everybody to unpack, you loose the hashes upstream provides
<clever>
and things like the hackage db and yarn, store hashes of .tar.gz files
<clever>
infinisil: note, that fetchurl takes the hash of the .tar.gz, but fetchzip and fetchFromGitHub take the hash of the nar
2018-11-23
<clever>
sphalerite: i would have done the same with all software, prior to discovering nix :P
<clever>
its mostly in response to infinisil
<clever>
dramforever: ah, that does sound like a much better fix
<clever>
but if you define the outputHash, nix understands that the output is mostly unrelated to the input, and can reuse the product
<clever>
dramforever: if its not fixed, nixos will rebuild it for every update, and potentially leave you with 5 copies, each 2.2gig in size
<clever>
dramforever: that would at least stop it from rebuilding every time nixpkgs updates, and let arches share the product
<clever>
one can build, but can use
<clever>
dramforever: that has the benefit, that darwin and linux can share the output from the binary cache
<clever>
dramforever: one font, is just an unzip'ing derivation, but its been flagged as fixed-output
<clever>
dramforever: even if you just split it in half, and buildEnv the 2 halves back together, it would have no functional difference, but hydra would be tricked into accepting its size
<clever>
booglewoogle: its in-use by 3 programs that are currently running, and the boot generation, you will need to reboot to remove those roots
<clever>
booglewoogle: now `nix-store --query --roots /nix/store/foo`
<clever>
dramforever: then you can get a subset of the sarasa-gothic fonts, and not pay the whole 2.2gig
<clever>
booglewoogle: first, try just `nix-store --delete /nix/store/foo` and see what it says
<clever>
booglewoogle: it would be better to find out why force is needed, ive broken a machine with --force before
<clever>
or if that whole 2.2gig is just from a zip, modify the unzip'ing derivation to filter
<clever>
dramforever: maybe groupings, or a special derivation that filters it to a subset, so it only needs the 2.2gig at compile time, and then you can GC it
<clever>
CMCDragonkai: and also giving the nixbld group access to it
<clever>
not all build machines have gpu devices
<clever>
CMCDragonkai: disable testing
<clever>
CMCDragonkai: if you set checkPhase, then you loose the pre/post hooks
<clever>
timclassic: if you grab that example, and switch it to screen 1, what happens?
<clever>
timclassic: i dont know how you would remap fb0 to a different interface, but i noticed in the example app i linked, that you open screen 0 to get a handle to the hdmi/composite
<clever>
timclassic: so when you write to /dev/fb0 on linux, its writing to an image resource, that dispmanx then stretches and renders out the hdmi
<clever>
timclassic: and the rpi firmware will statically allocate a 2d "image" that is on the hdmi output, and pass the phys address of that "image" to linux, claiming its a framebuffer
<clever>
timclassic: the rpi uses dispmanx as the 2d compositor for all video outputs
<clever>
CMCDragonkai: not really, you would need to make an override that sets doCheck = false;
<clever>
anoyingly, darwin doesnt have realpath, but the nixpkgs coreutils does build on darwin
<clever>
CMCDragonkai: what path is the script your running at?
<clever>
CMCDragonkai: its got nothing to do with the checkPhase, its entirely to do with #!'s that point to things that dont exist
<clever>
slack1256: i think the contents of the file are standard across all linux distros, ive also found that haskell programs dont even know what tcp is, if the file is missing
<clever>
are you just putting raw bash into the checkPhase, or are you running a script that has #!/usr/bin/env at the top?
<clever>
checkPhase would likely work fine
<clever>
any time before the script is ran
<clever>
CMCDragonkai: /usr/bin/env isnt present in the nix sandboxes, you need to run patchShebangs on the script first
<clever>
and if it cant be patched, libredirect
<clever>
WhittlesJr: ah, i would just patch whatever is expecting those paths to look elsewhere
<clever>
WhittlesJr: what service is it?, what is the path?
<clever>
but you can use things like libredirect to remap it
<clever>
nothing automated
<clever>
there are also pre-existing tmpfs's you can use
<clever>
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=8208660k,mode=755)
<clever>
and remade every time the service is started
<clever>
then they are lost at shutdown
<clever>
WhittlesJr: you could modify it to put the symlinks onto a tmpfs
<clever>
asymmetric: do you have any overrides in config.nix?
<clever>
romildo: sounds like a normal fetchurl call
<clever>
nikivi: it looks like pyside might be broken, but you wanted autoped, not pyside
<clever>
nikivi: try adding the bin dir for that to PATH, at the start, when running vscode
<clever>
you can also just `nix-build -E '(import <nixpkgs> { config = {}; }).python.withPackages (p: [p.pyside p.pysideTools p.twisted])'`, but then your more likely to loose the magic incantation
<clever>
and i just run nix-build to build it
<clever>
the above came from a `default.nix` file i have in a random dir
<clever>
yes
<clever>
yes
<clever>
and what if another package wants a conflicting version of autoped?
<clever>
the PYTHONPATH may not include wherever you happened to install it
<clever>
the above creates a custom python, that can use pyside, pysideTools, and twisted
<clever>
yeah
<clever>
its a function, that takes a list of python packages, and returns a python that can use those packages
<clever>
for example, (import <nixpkgs> { config = {}; }).python.withPackages (p: [p.pyside p.pysideTools p.twisted])
<clever>
yes
<clever>
nikivi: you likely need to use python.withPackages
<clever>
but on nixos, it uses the TMPDIR of the nix-daemon proc, which is /tmp/
<clever>
and TMPDIR defaults to that
<clever>
then its not /run/user to blame
<clever>
chrisaw: nixos or other?
<clever>
haslersn: grub.device is only ever used for legacy booting, if your on efi, then you want grub.device = "nodev";
<clever>
jhillyerd: i would use $out/etc/X11/myprog
<clever>
delroth: it would be able to run crypto commands, as your user, before returning a path back to nix
<clever>
let foo = runCommand "name" {} "sha256 ${./input} > $out"; in builtins.readFile foo
<clever>
delroth: 2 options, plan a: import from derivation
<clever>
delroth: one min
<clever>
> builtins.hashString "sha512" "foo"
<clever>
exarkun22: there is a recent kernel flag to stop /dev/mem from having free reign over all ram, you would need to build the kernel without it
<clever>
Unode: check dmesg?
<clever>
Unode: does a file with the name unprivileged_userns_clone exist in /proc?, is the contents "1" ?
<clever>
Unode: one sec
<clever>
Unode: --no-check-sigs do not require that paths are signed by trusted keys
<clever>
so its trying to mount ./-u to /nix, lol
<clever>
the original assumes the 1st arg is the location of the store
<clever>
Unode: and are you using the version i linked above, from nix-bundle? i changed its arg parsing a good deal
<clever>
Unode: try -n rather then -u
<clever>
Unode: what is the exact command you ran?
<clever>
Unode: what error did it give?
<clever>
Unode: haskell programs assume /etc/protocols defines what tcp and udp are, and fail hard if the file is missing
<clever>
Unode: `-m /home:/home -m /etc:/host-etc -m etc:/etc` and then pre-populate a ./etc dir, and your inner script can deal with merging the 2 etc's
<clever>
and some haskell programs wont even know what tcp is, if /etc/protocols is missing
<clever>
but if the host is nixos, then then host /etc/protocols is a symlink into the wrong store, and doesnt exist
<clever>
you need the host /etc/resolv.conf to have working dns
<clever>
the only problems that remain afterwards, are conflicts in /etc
<clever>
its all relative to the working dir, not /
<clever>
Unode: thats what the patchelf i just linked is solving
<clever>
so you can run a dynamic elf with the "wrong" root, as long as you cd to the root dir first
<clever>
so it will look in ./nix/store/foo-glibc/lib/ and so on
<clever>
Unode: that override prefixes the interpreter and rpath with a .