<clever>
oh, its under systemd, let me type a fuller example
<clever>
config.services.nginx.runner
<clever>
.runner may be simpler
<clever>
mokasin: ah yeah, that path is always troublesome, you just need to undo it with chattr
<clever>
mokasin: what errors happen when you try to delete it?
<clever>
mokasin: is the container still running?
<clever>
lists turn into a space seperated string when used in a derivation
<clever>
wrapProgram/makeWrapper, it should be in the nixpkgs manual
<clever>
exarkun1: `Patch source OR ((if it uses PATH -> wrap with new $PATH)`
<clever>
didnt know it had that
<clever>
lol
<clever>
then it shouldnt need to modprobe that module
<clever>
[clever@system76:~]$ mount | grep efi
<clever>
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
<clever>
drakonis: is the efivars mountpoint currently mounted?
<clever>
:D
<clever>
last week, i started messing with the haskell framework in nixpkgs again, and after building 2 copies of ghc, i had to rebuild the whole haskell ecosystem twice as well, which several hours of churching away
<clever>
tnks: i would just start on nixpkgs-unstable, and run, and if you do run into any problems, you can try an older one
<clever>
tnks: its more that we started before 18.09 came out, and havent switched over yet
<clever>
tnks: ah, i'm mainly using 8.2.2 from the 18.03 channel, but i believe all of them should work mostly the same
<clever>
tnks: i think the haskell cross-compile stuff in nixpkgs just works automatically now, based on the same flags as the rest of the cross-compile
<clever>
drakonis: i recently discovered that grub has a full acpi implementation, and that stuff aint simple
<clever>
ive memorized too many codebases, and i cant even remember the names of what ive memorized
<clever>
and grub, and qemu
<clever>
within my head is chunks of linux kernel source, nix, nixpkgs, nixops, and the ghc internals, just to name a few things ive devoured, lol
<clever>
ive memorized far too much code for my own good, lol
<clever>
nix-build '<nixpkgs/nixos>' -A system -I nixos-config=/etc/nixos/configuration.nix
<clever>
then `touch /etc/NIXOS_LUSTRATE /etc/NIXOS`, nix-build nixos, and `./result/bin/switch-to-configuration boot` will update the efi vars and /boot
<clever>
ensure that your hardware-configuration.nix knows to mount both, that efibootmgr -v lists the right paths for nixos, and that boot.loader.efi.efiSysMountPoint = "/boot/efi";
<clever>
as long as you configure that correctly in nixos, it should work
<clever>
so the /boot files on the fat32 ESP will survive
<clever>
drakonis: the lustrate stuff fires when / is mounted, before /boot is mounted
<clever>
drakonis: nixos also needs full control of /boot, so you cant just move the old config back
<clever>
drakonis: that includes the old /etc with the trigger file
<clever>
if /etc/NIXOS_LUSTRATE exists, it will move everything in / to /old-root/
<clever>
drakonis: lustrate only works on partitions that linux supports, and the automated stuff will preserve all data
<clever>
drakonis: and the story of how i did that, was then automated into a script inside the nixos initrd
<clever>
drakonis: i manually forced nixos to update the bootloader on a gentoo machine, then debugged all the problems gentoo files in /etc cause, and eventually did an rm -rf / to "fix" it and only leave /boot and /nix behind
<clever>
Church-: none
<clever>
ive manually done lustrate on 2 machines, prior to it being automated in nixpkgs
<clever>
lustrate can basically upgrade a single-user nix install into full nixos
<clever>
yeah, that one likely has the best chances of working, at the cost of having to obey the current partition layout
<clever>
ive used kexec to install nixos, remotely, with zero console access, and yeah, its an all or nothing, with no chance to fix mistakes
<clever>
drakonis: kexec can sometimes break the gpu card state, the machine will appear to be locked up, but will respond over ssh
2018-10-15
<clever>
drakonis: ive done that a few times
<clever>
dhess: you would need to run haskellSrc2nix against an x86 nixpkgs
<clever>
dhess: internally, it runs haskellSrc2nix then imports the result
<clever>
manveru: network-manager is the first to fail due to lacking a dep
<clever>
if you pastebin then i can decode it
<clever>
manveru: the failing derivations form a path
<clever>
manveru: strange, none of the hashes in that file match the error
<clever>
manveru: sometimes it could have html in there, from a 404 error
<clever>
manveru: double-check the contents within /nix/store/bmh2s8hlc3jmllajarl1f9f3y38mvc9x-0a3755c1799d3a4dc1875d4c59c7c568a64c8456.patch
<clever>
manveru: is that from fetchurl or fetchpatch?
<clever>
dhess: nix-store --verify --check-contents will scan for corruption
<clever>
oldandwise: you want `nix-shell -p ncurses` i believe
<clever>
,library oldandwise
2018-10-13
<clever>
and can help debug if you are messing with NIX_PATH
<clever>
it also finds it the nixpkgs when not using channels, if you change NIX_PATH
<clever>
yep
<clever>
wpcarro: you can also just `nix-instantiate --find-file nixpkgs` to see what <nixpkgs> maps to with the current NIX_PATH
<clever>
wpcarro: so you dont need to clone nixpkgs to know what is available to the current machine
<clever>
wpcarro: also note that nix-channel leaves a copy of nixpkgs in ~/.nix-defexpr/
<clever>
life?
<clever>
wpcarro: did you use pkgs.linuxPackages_4_17 ?
<clever>
paths*
<clever>
boomshroom: :D
<clever>
yeah
<clever>
Drakonis: and the site is just not giving you a .zip option, because idiots cant unpack a zip
<clever>
Drakonis: the pack management utils are are moving towards windows only
<clever>
boomshroom: ah, how did you download it? all the links are windows-only
<clever>
boomshroom: is it visible in pavucontrol?
<clever>
hodapp: sounds like a job for a nixos module
<clever>
sgillespie: its all in the nixpkgs manual
<clever>
sgillespie: all binaries must be patchelf'd before they can work on nixos, and its recomended to just let nix-build download and compile/patch them
<clever>
sgillespie: if it downloads pre-compiled anything, it will fail
2018-10-12
<clever>
Church-: install firefox-bin instead of firefox
<clever>
but thats likely just due to the sheer number of github tabs i have open
<clever>
gchristensen: lately, ive found that github is using ~3-4gig of ram in chrome, and that renderer process often stalls and causes only github tabs to hang for ~5 seconds
<clever>
firefox-bin is just a patchelf'd copy of the upstream release
<clever>
firefox is nix's custom build, which might have some compile flags set wrong
<clever>
> pkgs.firefox-bin
<clever>
try again with the firefox-bin attr?
<clever>
firefox or firefox-bin?
<clever>
Church-: is that with the exact same set of tabs and the same general version?
<clever>
ekleog: behind the scenes, nix has a `Map String Int` for every string ever used as a key, and then the attr sets are actually `Map Int Value`, not `Map String Value`
<clever>
ekleog: note, that this order is the ints behind the keys
<clever>
ekleog: when // is merging 2 sets, it will alternate between the 2 iterators, to keep them at the same relative point, to ensure the output is sorted
<clever>
infinisil: but + is special, because of string vs int
<clever>
infinisil: you can even overwrite that function and change the behaviour of -
<clever>
infinisil: behind the scenes, - is just a function call
<clever>
infinisil: using zipAttrsWithNames to handle merging .config trees
<clever>
infinisil: you up for a rewrite? lol
<clever>
gchristensen: but checking the source, i dont think modules actually use this method exactly
<clever>
gchristensen: and whenever you hit a set, recursively call itself, with the subtree of sets to merge
<clever>
gchristensen: you could then use this to merge the .config every nixos module returns, and use the name to lookup the merge rules in .options
<clever>
{ a = "a 11"; b = "b 101"; }
<clever>
gchristensen: and making use of the name
<clever>
nix-repl> lib.attrsets.zipAttrsWithNames [ "a" "b" ] (name: vals: "${name} ${toString (builtins.foldl' (a: b: a + b) 0 vals)}") [ { a = 1; b = 1; c = 1; } { a = 10; } { b = 100; } { c = 1000; } ]
<clever>
the c attr is filtered out, and the foldl sums up all the a's and b's seperately
<clever>
names is a list of keys to filter the sets on, f takes a single name and a list of values to merge, and then you give it a list of sets
<clever>
{ a = 11; b = 101; }
<clever>
> lib.attrsets.zipAttrsWithNames [ "a" "b" ] (name: vals: builtins.foldl' (a: b: a + b) 0 vals) [ { a = 1; b = 1; c = 1; } { a = 10; } { b = 100; } { c = 1000; } ]
<clever>
gchristensen: trying an example in repl...
<clever>
gchristensen: thats much closer, but the `sets` is a [AttrSet] i believe
<clever>
gchristensen: names is a list of keys to keep, and f is ran on a list of values, for a given key (oh, type is off more), to merge them
<clever>
oops, missed the `sets` arg
<clever>
gchristensen: i think its [String] -> ([ a ] -> a) -> Map String a, for the entire function
<clever>
catAttrs returns a list of values, and filters
<clever>
gchristensen: line 335 runs f on the list of names, and the result of catAttrs...
<clever>
*looks*
<clever>
schmittlauch[m]: yeah, nix-shell makes all headers and libs available in gcc's search path
<clever>
schmittlauch[m]: nix-shell helps greatly with development of things, but qt-creator is one of the few things that dont really work nicely still
<clever>
systemPackages and nix-env dont install headers
<clever>
you can only ever compile things inside nix-shell or nix-build
<clever>
and you need the stdenv to setup env vars to even make gcc work
<clever>
yeah
<clever>
nope
<clever>
nix ignores headers when installing things
<clever>
libraries dont work if you install them with nix-env
<clever>
but maybe things have improved, its been about a year since ive done anything QT in nix
<clever>
so i just use `qmake ; make` in nix-shell, and edit with vim
<clever>
but qt itself does work under nix-shell, if you dont care about creator being able to compile on the fly
<clever>
and once you exit the nix-shell, it breaks, and you have to re-configure creator all over
<clever>
schmittlauch[m]: nix-shell auto-generates a qmake bash script that has the right deps, you must then dig it out of /tmp, and feed it to qt-creator in the settings ui
<clever>
schmittlauch[m]: qt-creator is a pain in the ass to get working
<clever>
hodapp: i recently did -j 300, on a single-user machine, where max-jobs "doesnt work" lol
<clever>
unfreeRedistributableFirmware lacks the free=false; which means hydra can build it
<clever>
Zajcev_: yeah, i would define it for all nixos evals, including containers
<clever>
yeah, the api for fetchTarball needs work
<clever>
that is also the hash from nix-prefetch-url --unpack
<clever>
mightybyte: copy/pasted from irc into nix repl
<clever>
mightybyte: that works when i run it locally
<clever>
mightybyte: what is the exact expression you used?
<clever>
mightybyte: did you use --unpack?
<clever>
nDuff: if you have any error in the activation script (like trying to do network), it can break stage-2.sh, causing systemd to not even be in PATH, and lead to confusing boot errors
<clever>
nDuff: activation scripts run before systemd starts, and on every nixos-rebuild switch/test
<clever>
mightybyte: nix-prefetch-url --unpack
<clever>
thibm: buildInputs are not runtime inputs, so it may still need the package being fixed
<clever>
then the dunst package needs to be fixed
<clever>
jabranham: for dunst, yeah, but libnotify shouldnt really be installed like that
<clever>
jabranham: installing things like that shouldnt fix things, lol
<clever>
,library
<clever>
and it was expecting 5 to just end a statement
<clever>
its confused about line 6, because the missing ; caused 5&6 to merge into a single statement
<clever>
stops systemd from running that service
<clever>
boomshroom: reverse to what you would expect, 300 fps means the gpu drivers are not working
<clever>
boomshroom: thats vsync, which means the gpu drivers are generally working
<clever>
boomshroom: sounds like everything works
<clever>
boomshroom: it prints fps to stdout at regular intervals
<clever>
boomshroom: does glxgears work? what fps does it get?
<clever>
boomshroom: the problem might be your xorg opengl stuff then, what is the failure?
<clever>
boomshroom: just nix-env -iA'd steam from the rev i previously stated, and it still works
<clever>
i only have nixos-unstable on root
<clever>
so the steam is potentially older
<clever>
it uses the same channel, but it doesnt update every time i nix-channel --update
<clever>
so it doesnt have any relation to the above rev
<clever>
oh wait, steam is in nix-env!
<clever>
it is working on the above rev
<clever>
boomshroom: you could maybe try a bisect on nixpkgs, to find out when it broke
<clever>
18.09pre150708.083220867c7 (Jellyfish)
<clever>
[clever@amd-nixos:~]$ nixos-version
<clever>
boomshroom: yeah, but i havent updated my channel in a bit
<clever>
o1lo01ol1o: generally, you have a release.nix, that contains a set of derivations, without any shell hooks, such that you can nix-build release.nix -A thing
<clever>
ah
<clever>
o1lo01ol1o: nice
<clever>
Shados: nix-instantiate file.nix -A attr, then nix-store --query --binding out /nix/store/foo.drv gets you the $out of something
<clever>
Shados: nix-instantiate -E 'with import <nixpkgs> {}; "${hello}"' just gives you the path of a drv, without building it
<clever>
Shados: if you use `nix-instantiate` locally, you can get the final output path in a few ways
<clever>
Shados: you may need to use ssh-ng:// rather then ssh://
<clever>
acowley: can you somehow modify bazel to run in offline mode, and to just point it to a dir of pre-fetched things?
<clever>
acowley: why exactly do you need network access?
<clever>
when outputHashMode = "flat"; then it just uses the raw sha256 of the file at $out
<clever>
acowley: when outputHashMode = "recursive";, nix uses a nix-store --dump, which generates a NAR over the dir
<clever>
acowley: and you can also just put a purposely wrong hash, let it fail, and nix will tell you the current hash
<clever>
acowley: nix will basically `nix-store --dump $out | sha256`, the `nix-hash` util can also do the hashing
<clever>
acowley: (and your build will fail if your output doesnt have the defined hash)
<clever>
acowley: if you have those 3 attributes, then you will get full network access
<clever>
outputHashMode = "recursive";
<clever>
acowley: add the following to your derivation, outputHashAlgo = "sha256"; outputHash = "d20f20e45d519f54fae5c61d55eadcf53e6d7cdbde9870eeec80d499f9805165";
<clever>
acowley: one sec
<clever>
Shados: and if you did hold the lock, your running more risks, for when the remote machine goes away, and you loose half of what you had built, because you didnt keep a local copy
<clever>
and thats when the remote box could nuke your things
<clever>
Shados: when nix is doing remote builds, it usually disconncts from the slave (and releases all locks) between each derivation
<clever>
Shados: and also, what if the remote machine GC's something you where just about to use, but didnt save locally?
<clever>
Shados: nix doesnt know if its runtime or buildtime until after the build is done
<clever>
Shados: and also nix requires that all runtime deps of a package exist, before the given package can exist
<clever>
Shados: nix-build --store ssh-ng://remote may also work, but ive not played with it enough yet