2018-11-12

<clever> that would do it
<clever> mog: i'm guessing thats a broken build of vbox
<clever> mog: what does `ls -lh /nix/store/zp0xizchw3i15xynwyx51phv18idk9l7-virtualbox-5.2.14/libexec/virtualbox/VirtualBox` report?
<clever> mog: virtualisation.virtualbox.host.enable = true; is the only thing you need in your config, nothing has to be installed
<clever> as in my example above, you can also use " in the middle of a '' by throwing some ${ in first
<clever> > '' you can also ${"mix ''"} and " up if your feeling fancy''
<clever> ,escape"
<clever> ,escape''
<clever> locallycompact: stack itself also has a nix mode you can probably enable
<clever> locallycompact: nix-shell -p pkgconfig
<clever> Mic92: if left alone, i would be more likely to turn all of WRT into a single nix expression that builds the entire thing purely :P
<clever> betaboon: should be
<clever> NickHu: oh, and look at something like the old skype package, its 32bit as well
<clever> pkgsi686Linux.callPackage would give you 32bit for all of your inputs as well
<clever> and then you dont have to deal with multi-lib at all, its just a pure 32bit env
<clever> NickHu: if you use pkgsi686Linux.stdenv.mkDerivation, then $NIX_CC will point to the 32bit gcc/glibc
<clever> nix wipes all timestamps, then make gets confused and thinks the .o is up to date, and doesnt build anything
<clever> cleanSource also gets rid of things like .o files, which can break builds
<clever> jschievink: src = lib.cleanSource ./.; will clean that up
<clever> jschievink: if your using src = ./.; then you just added a result symlink to the source, and now the source is different
<clever> NickHu: pkgsi686Linux contains all of nixpkgs, but in 32bit
<clever> NickHu: run nix-store --query --roots on that path
<clever> NickHu: that might be nvidia to blame, i saw a recent PR where they dropped 32bit support
<clever> NickHu: hardware.opengl.driSupport32Bit = true; and it will put it into the LD_LIBRRARY_PATH for you
<clever> steveeJ: next step then is to read the nixos-install script to see what its trying to run
<clever> haslersn: i think you want `AddKeysToAgent` from `man ssh_config`

2018-11-11

<clever> ottidmes: you first want to figure out exactly how the data is getting there, check `/proc/<pid>/fd/` for foo, and see what it has open, and check it with strace to see how the logs get out
<clever> ottidmes: if the exec didnt work, then the program is likely connecting directly to journald
<clever> steveeJ: what did the --debug show prior to nix-env?
<clever> steveeJ: usually, it will nix-build a given thing, then pass that to --set
<clever> steveeJ: oh, that nix-env command is definitely wrong, it should be passing a storepath
<clever> steveeJ: nixos-install doesnt forward --show-trace to all nix commands it runs, thats a bug ive seen before in a few places
<clever> romildo: there is also $NIX_BUILD_TOP which i believe will be what you want
<clever> oh, but if your entirely disabling nix-env, it doesnt really matter
<clever> once it finds such a file, it stops recursing down that path
<clever> nix-env will recursively search ~/.nix-defexpr/ for any nix files, foo.nix turns into a channel called foo, foo/default.nix turns into a channel called foo
<clever> this creates a "channel" called foo, so you can nix-env -iA foo.hello
<clever> import /home/clever/apps/nixpkgs
<clever> [clever@amd-nixos:~]$ cat .nix-defexpr/test/foo/default.nix
<clever> ottidmes: you may want to know how .nix-defexpr works then
<clever> ottidmes: i also prefer `nix run` when i only want to run a binary
<clever> ottidmes: nix-channel internally uses nix-env to manage things
<clever> ottidmes: :D
<clever> bit hard to read, but the $value is quoted and spaces are contained, and there is no ugly \" on every single json "
<clever> echo '{"field":"'"$value"'"}'
<clever> i do it when i'm trying to template some json
<clever> no need to escape doubles
<clever> which allows you to have `echo "a"'"b"'"c"'d'` -> `a"b"cd`
<clever> samueldr: you can even mix single and double, echo "a"'b'"c"'d'
<clever> oh, but i'm dealing with system services, not user services
<clever> ottidmes: i almost always use multi-user.target

2018-11-10

<clever> i'm thinking a programs.wireshark.enable = true; which both installs wireshark, and creates the group and wrappers
<clever> and wireshark still works with root, so it isnt 100% required
<clever> i never thought to add it as a proper module, i should probably do that soon
<clever> and line 4 puts me into the group
<clever> schmittlauch[m]: line 5 creates the group, lines 6-11 makes the group actually do something useful
<clever> sippeangelo: one sec
<clever> sippeangelo: nix-store --delete /nix/store/foo, and dont use force
<clever> kingemp: it needs to be in $out/bin/ of a package that is in systemPackages
<clever> kingemp: do you want it in /run/current-system itself, or /run/current-system/sw/ ?

2018-11-09

<clever> catern: fetchzip unpacks after fetching
<clever> exarkun22: /etc/nix/machines i believe
<clever> exarkun22: `systemctl enable` doesnt work on nixos
<clever> d
<clever> magic_ninja: https://gist.github.com/cleverca22/010456d1d1895f760bd8244fd62ffd9f line 36 generates a bootable disk image, in this case with xen installed in it, but thats optional
<clever> yl[m]: rest looks good
<clever> yl[m]: config = {}; overlays = [];
<clever> yl[m]: line 11 can potentially open the users config.nix file, and then have unpredictable results
<clever> yeah
<clever> yl[m]: you should be able to combine that with an assert to get what you want
<clever> > builtins.functionArgs ({ a, b?"default" }: a)
<clever> its backwards
<clever> oh, and the assertion i gave, only passes if super contains a bar.foo
<clever> so it only asserts when referencing foo, and can lazily defer it until later, avoiding the recursion
<clever> yl[m]: { foo = assert super.bar ? foo; your definition; }
<clever> yl[m]: i'm also thinking you want to move the assert some
<clever> yl[m]: ah, the confusion is that one of the other overlay style things is the other way around
<clever> i think so
<clever> line 1*
<clever> i believe you also have self and super backwards on line 3
<clever> yl[m]: and you want assert super.gitAndTools ? git-appraise;
<clever> yl[m]: self is the result after applying the overlay, so you want to assert on super containing the package

2018-11-08

<clever> yep, that works
<clever> fooinabar: ah, then you want something like (llvm.override { enableSharedLibraries = false; }) in your buildInputs
<clever> fooinabar: also, installing things like llvm will generally not make them work
<clever> goibhniu: ah
<clever> i think
<clever> fooinabar: for example, nix-env -E 'x: with import <nixpkgs> {}; llvm.override { enableSharedLibraries = false; }' -i
<clever> fooinabar: --arg doesnt work with overriding package options, you need .override
<clever> even css can do that kind of thing, its just a matter of getting the timing to match to obs
<clever> but if it was just a simple animation in an open window
<clever> thats likely due to the video compression
<clever> you just need to alpha-key that window
<clever> then you could edit it in realtime
<clever> but that also gives me another idea, it could also be done as a normal window capture, with some transparency
<clever> ah
<clever> lol, was it just an avi being played and overlaid in obs?
<clever> goibhniu: how did you do those animated intro things for nixcon?
<clever> jsgrant: the qt libs conflict in ~/.nix-profile/lib/
<clever> goibhniu: environment.systemPackages
<clever> PolarIntersect: xorg will generate it in ram as it loads drivers
<clever> PolarIntersect: that config doesnt get saved to disk
<clever> PolarIntersect: if no screens are defined, it will auto-generate some based on the drivers it has loaded
<clever> PolarIntersect: not sure then
<clever> PolarIntersect: and if you reboot?
<clever> and then rebuild switch
<clever> PolarIntersect: try setting services.xserver.videoDrivers = [ "vesa" ];
<clever> to copy the file from the remote machine to the local one
<clever> scp remotehost:out.log .
<clever> PolarIntersect: and does it have working internet?
<clever> PolarIntersect: which part?
<clever> PolarIntersect: nix-env -iA nixos.gist ; gist --login ; gist -p file1.txt file2.txt
<clever> PolarIntersect: can you pastebin both the logs and the configuration.nix?
<clever> PolarIntersect: any errors in `journalctl -u display-manager` ?
<clever> PolarIntersect: can you pastebin your configuration.nix ?
<clever> PolarIntersect: have you done anything odd with the X config?
<clever> nixos normally make the store read-only to prevent such things
<clever> ah
<clever> thats where all systemd units live
<clever> yep
<clever> nix-store --repair-path /nix/store/foo
<clever> just do clean shutdowns and youll be fine
<clever> hyper_ch2: ext4 has a nasty habbit of not saving data even after a sync() happens
<clever> PolarIntersect: improper shutdowns can corrupt some files, but `nix-store --verify --check-contents` will detect that
<clever> PolarIntersect: nix is pure and will rebuild things if config changes
<clever> yeah
<clever> Lisanna: paths to modules, or raw modules
<clever> PolarIntersect: journalctl -u display-manager
<clever> thomasjm: dont remember anything special that had to be setup
<clever> thomasjm: Unode has been using /share/nix/store for his stuff, and may have fixed that already
<clever> yes

2018-11-07

<clever> infinisil: this next part of the steam debug is going to get spammy, so i'll move to #nixos-chat
<clever> nope
<clever> and if your downloading things, add a src = fetch*; and put unpackPhase ; cd $sourceRoot; before the patch
<clever> illegalprime: stdenv.mkDerivation { buildCommand = "patchShebangs . ; mkdir -p $out/bin/; cp foo bar baz $out/bin/" name = "scripts"; }
<clever> illegalprime: you almost never want to use builder, that just makes things harder
<clever> illegalprime: stdenv.mkDerivation { buildCommand = "patchShebangs . ; make install"; name = "foo"; }
<clever> :S
<clever> ,locate libGLX_indirect.so
<clever> infinisil: i think steam was trying to load libGLX_indirect.so
<clever> nDuff: similar for preferLocalBuild=true;, why copy 5gigs of deps to a build slave, when your just writing a string to a file?
<clever> nDuff: allowSubstitutes=false; is mainly to just speed things up, such as when your just going to echo a string to a file
<clever> the name is part of what is hashed as well
<clever> and if there is a cache-hit, the name will be in the narinfo
<clever> nDuff: /nix/store/k95jhvx43xsl287s07dd75r6pn6cjly1-mesa-noglu-18.2.1-drivers results in a request to cache.nixos.org/k95jhvx43xsl287s07dd75r6pn6cjly1.narinfo
<clever> nDuff: name is never sent to the cache
<clever> nDuff: also, the only thing it leaks via a cache miss, is the hash of the derivation
<clever> nDuff: --option substituters ''
<clever> infinisil: glXChooseVisual is mentioned in 3 issues on the steam-for-linux github
<clever> mdash: strace generated 900mb of log files!
<clever> infinisil: giving strace a spin...
<clever> /nix/store/k95jhvx43xsl287s07dd75r6pn6cjly1-mesa-noglu-18.2.1-drivers is where my gl stuff comes from
<clever> ive also checked nix-channel a few times, but nixos-unstable hasnt gotten a fix yet
<clever> videoDrivers = [ "amdgpu" ];
<clever> infinisil: amd gpu
<clever> infinisil: thats pretty much all it does, the UI doesnt even load fully
<clever> infinisil: Main.cpp (326) : Assertion Failed: Fatal Error: glXChooseVisual failed
<clever> infinisil: oh, ive been having a problem with steam lately
<clever> infinisil: i believe uinput allows steam to fake input devices, and that could be used to trick evtest into thinking you have an xbox controller
<clever> jgt: that happens if you run add as the wrong user, you usually only want channels on root
<clever> samueldr: and it lists every single axis and button correctly
<clever> Input device ID: bus 0x3 vendor 0x45e product 0x2a1 version 0x100
<clever> /dev/input/event14: Xbox 360 Wireless Receiver
<clever> infinisil: so it was just a matter of "unplugging" and "replugging" the device
<clever> samueldr: i dont have any /dev/js*, so i dont think jstest can be used
<clever> its not loaded on my machine, thats why it was a bit harder to locate
<clever> infinisil: rmmod uinput ; modprobe uinput
<clever> /run/current-system/kernel-modules/lib/modules/4.14.74/kernel/drivers/input/misc/uinput.ko.xz
<clever> ./drivers/input/misc/uinput.c
<clever> *looks*
<clever> samueldr: rmmod
<clever> yep
<clever> yeah
<clever> infinisil: but oddly enough, steam claims i lack a controller, despite the ui responding to the controller!
<clever> infinisil: i'm using an xbox one usb<->wireless receiver, and it shows up as a normal input device (evtest can use it), xorg also seems to treat it as an input, and it mostly follows focus in the window manager and just works
<clever> infinisil: oh, but uinput may be more of a security thing
<clever> infinisil: i dont really bother with acl's, just change the group permission bits
<clever> infinisil: is this for the steam controller?
<clever> jgt: oops, ^^
<clever> johnw: that looks like it should work
<clever> if you find the right one, you can then just nix-build that for testing
<clever> infinisil: because udev.nix is putting a list of things into environment.etc, it will show up as one of the unnamed ones
<clever> "pam.d/chsh"
<clever> nix-repl> config.environment.etc."unnamed-25.03" .target
<clever> [root@amd-nixos:~]# nix repl '<nixpkgs/nixos>'
<clever> thats where the nix puts it all
<clever> infinisil: did you check /etc/udev/rules.d/ ?
<clever> infinisil: its never added to systemPackages, so it will never appear in /run/current-system/sw/
<clever> checking the 2nd part
<clever> looks like that part worked
<clever> /nix/store/j53f7d51pqn71n8nxv6asdh0mz5391si-test//lib/udev/rules.d/60-test.rules
<clever> nix-repl> :b (pkgs.runCommand "test" {} '' mkdir -p $out/lib/udev/rules.d ; echo 'KERNEL=="uinput", SUBSYSTEM=="misc", MODE="0666"' > $out/lib/udev/rules.d/60-test.rules '')
<clever> infinisil: is it in the runCommand output
<clever> you may need to modify ccache to output a clang "binary"
<clever> johnw: and $HOME is /homeless-shelter, so it will fail to write to $HOME/.ccache/
<clever> johnw: if your on a multi-user nix install, then it will be running as a different user every time, and wont play nicely with a shared cache
<clever> johnw: ccache likely wont help you any even if you can get it into the path, because it wont have access to any persistant cache dir
<clever> catern: lib.cleanSource
<clever> illegalprime: in postPatch phase, you can run that, to patch it every time nix runs on it
<clever> illegalprime: patchShebangs will replace #!/usr/bin/env foo, with the path of foo from $PATH
<clever> aminechikhaoui: a common problem i run into, is that i have a custom binary cache, but on the first deploy, nix.conf doesnt contain it yet
<clever> Myrl-saki: ah
<clever> Myrl-saki: you want to ssh into the remote machine, and then use a similar command, with local
<clever> Myrl-saki: it takes a store URI
<clever> hyper_ch: mailserver.localDnsResolver = false; i think
<clever> hyper_ch: turning off localDnsResolver would stop it
<clever> hyper_ch: that is hijacking your dns config
<clever> hyper_ch: what is /mail-server/kresd.nix doing with nameservers??
<clever> hyper_ch: run `nixos-option networking.nameservers`, what does it output?
<clever> hyper_ch: do you have bind or dnsmasq enabled?
<clever> hyper_ch: oh, you turned on something that overrides the nameservers
<clever> hyper_ch: what if you also set useDHCP = false; ?
<clever> hyper_ch: it shouldnt when you do that
<clever> hyper_ch: networking.nameservers
<clever> Unode: arx is used to generate an installer to install it all
<clever> Unode: you also need the profile dir that the arx sets up
<clever> maybe
<clever> yeah
<clever> i think
<clever> Unode: :b (callPackage ./nix-installer.nix {}).installerBundle
<clever> i think its a set
<clever> what does it eval to then?
<clever> it should give a path
<clever> ah, then when you :b it
<clever> nix-build should create a result when it finishes
<clever> Unode: the result symlink should be pointing to a ~40mb "bash script", can you confirm that?
<clever> Unode: yep

2018-11-06

<clever> thats just to fetch a newer nix, because of sandbox problems nix had
<clever> Unode: instead of <nixpkgs> you just /home/clever/nixpkgs
<clever> Unode: should be able to
<clever> Unode: :(
<clever> Unode: it has evolved a bit since its creation, and started to fuse with daedalus
<clever> Unode: it has to be loaded with callPackage
<clever> maybe, i havent been keeping up to date with darwin
<clever> multiuser wont break like that
<clever> jgt: thats under /nix/var/nix/profiles/per-user/clever/channels-1-link/ and friends
<clever> Unode: its simply a bash script to make the sandbox more usable, after chrooting in
<clever> jgt: you should be able to just `nix-channel --rollback` to undo the last upgrade
<clever> not sure then
<clever> jgt: what about `nix-build '<nixpkgs>' -A hello` ?
<clever> once it sets up the sandbox, you can have full haskell and electron binaries running wild
<clever> just the bootstrap util with the ./ hack
<clever> this will generate an ARX binary, that when ran, installs nix into ~/nix-install/nix/store/
<clever> and one more thing
<clever> but its enough to give you a c++ util that sets up the sandbox
<clever> it only works for very simple binaries
<clever> allowing it to work even if the store is at the entirely wrong location
<clever> so rather then looking in /nix/store at startup, it looks in ./nix/store at startup
<clever> Unode: this nix file, will patchelf the nix-user-chroot binary, to prefix the interpreter and rpath with ./
<clever> Unode: that uses ~/.daedalus/nix/store/ and will map /home /etc and etc into the sandbox
<clever> exec ./nix/store/w36b7cy1w0ijx618pzn8kbpv487lpqxm-nix-user-chroot-2c52b5f/bin/nix-user-chroot -n ./nix -c -e -m /home:/home -m /etc:/host-etc -m etc:/etc -p DISPLAY -p HOME -p XAUTHORITY -- /nix/var/nix/profiles/profile-mainnet/bin/enter-phase2 bash
<clever> cd ~/.daedalus/
<clever> Unode: you choose where
<clever> nix-user-chroot from above automates it all
<clever> Unode: and if you request both a user and mount namespace at once, you can do it without root, and then have the ability to mount --bind, and chroot
<clever> Unode: the unshare (or clone) syscall is used to create a new set of namespaces, isolated from the parent ones
<clever> Unode: it sounds like its working
<clever> should be near the end
<clever> Unode: where it runs the unshare() syscall
<clever> Unode: ns-exec-tools shouldnt need root
<clever> Unode: strace unshare
<clever> Unode: strace?
<clever> Unode: strace it?
<clever> Unode: and what happens if you try to run it?
<clever> Unode: does the unshare binary exist?
<clever> not sure, what does uname say you are?
<clever> but user namespacing is a kernel feature, to allow nonroot users to chroot
<clever> proot is just an LD_PRELOAD i believe
<clever> user namespacing has better performance
<clever> Unode: what about user namespacing?
<clever> wasnt sure if that was a local?root=/share/ or not
<clever> Unode: thats not in the binary cache!
<clever> ah, then it should have all gc roots
<clever> are you sharing a single store but have multiple /nix/var/nix/profiles/ ?
<clever> ah
<clever> and if it does break something, you where using things the wrong way
<clever> Unode: nix should never delete anything that is in use
<clever> and anything depending on them will trigger a new build
<clever> if you try to build it again, it will be deleted before the build starts
<clever> the folders are just $out's from failed builds, so you can debug it, also invalid
<clever> Unode: the lock files are technically invalid, and nix-collect-garbage will clean them up first
<clever> octe: use fetchFromGitHub, copy it to the expected path, and disable the automatic download somehow
<clever> octe: yes
<clever> it will run a gc any time it goes under min-free, and aim to hit max-free free
<clever> which does have hysteresis, based on the difference
<clever> but there is also a new min-free and max-free
<clever> so if you use even 1 byte over the limit, it will delete an entire storepath at the set time, and always cause some deletions
<clever> but it lacks hysteresis
<clever> Taneb: it will aim to keep 64gig free in this case, and it runs daily
<clever> Taneb: this is how to configure an existing nixos module for auto-gc: https://github.com/input-output-hk/iohk-ops/blob/master/modules/auto-gc.nix
<clever> exarkun22: yeah, so that confirms the override is working
<clever> Taneb: nix already has 2 forms of automatic gc