2018-09-11

<clever> magnetop`: one of the things it does, is remove x11 support from dbus
<clever> magnetop`: https://nixos.org/nixos/options.html#nox may be of interest to you
<clever> magnetop`: yeah, dbus-launch depends on libX11
<clever> it allows getting a callPackage like you said, and also inserting overlays
<clever> infinisil: this is an example of using makeScope + newScope + overrideScope
<clever> aminechikhaoui: it has to first download everything to the local machine, then have the remote machine download the same things from cache.nixos.org
<clever> aminechikhaoui: but it will still want the entire closure on the nixops machine first
<clever> sphalerite: but i have seen it soft-fail, one of the nodes has 65535 hardlinks, and cant accept anymore
<clever> sphalerite: i believe its using the link syscall to overwrite the files, and i think thats atomic
<clever> but if you unquote, then nix will copy it for you, and just work from any dir
<clever> and it must be manually copied if your using nixops
<clever> if its quoted, then it must work relative to whatever directory the script happens to run in (/ ?)
<clever> thats the example
<clever> { name = "foodatabase"; schema = ./foodatabase.sql; }
<clever> xok: next time you boot
<clever> and was the service stopped when you did rm?
<clever> ah
<clever> you ran rm on the wrong dir i believe
<clever> and the dataDir is either /var/lib/mysql or /var/mysql, depending on your stateVersion
<clever> xok: the prestart scripts will import the initialDatabases if ${dataDir}/mysql doesnt exist
<clever> sphalerite: dang
<clever> for nixops, each value in the main.nix file is a function, that you would have normally put in configuration.nix
<clever> xok: machine = { config, pkgs, ... }: { ...
<clever> sphalerite: you might be able to compile a kexec_file.ko and load it
<clever> sphalerite: is insmod enabled?
<clever> and this defines the syscall your missing
<clever> CONFIG_KEXEC_FILE enables building kexec_file.c
<clever> sphalerite: what does this report for you?
<clever> CONFIG_KEXEC_FILE=y
<clever> [root@nas:~]# cat /proc/config.gz | gunzip | grep KEXEC
<clever> lol
<clever> Myrl-saki: ah, yeah, nix is out of the story once you have .drv files
<clever> Myrl-saki: nix-store --query --binding out /nix/store/foo.drv
<clever> Henson: your welcome
<clever> ,runtimeDeps Henson
<clever> i got mine with only nvme on it, so there are no sensitive moving parts to deal with
<clever> jasongrossman: the kudu has room for a single sata drive, and a single nvme drive
<clever> jasongrossman: i recently switched to https://system76.com/laptops/kudu and havent had any real issues
<clever> lol
<clever> Taneb: i woke up at 5am, and while debugging hydra issues, got an email about declarative jobsets in hydra, and responded within minutes
<clever> Taneb: Tue Sep 11 11:01:13 ADT 2018
<clever> i sometimes have to force myself to not answer questions
<clever> joehh: i think part of my problem is that i am too eager to help people, even if it means loosing sleep or starving, lol
<clever> joehh: by pure chance, somebody emailed me about hydra problems, while i was debugging a hydra problem, very similar to his, lol
<clever> joehh: after booting it up, they asked for the root password, so they could fix the network config, then they noticed it was already working
<clever> joehh: so, i just gave up on doing a remote install, did a local qemu install, and then converted it to a virtualbox disk image, and gave them the URL
<clever> joehh: the 2nd machine turned out to be a virtualbox vm inside a windows host, lol
<clever> joehh: i then used that first machine as an example for the 2nd machine, which happened to have different network config, just because the datacenter likes to make every machine its own special little butterfly :P
<clever> joehh: the first machine had the raid array go south for some weird reason, and i had to debug it via ipmi, which required running 2 versions of windows in 2 types of vm's to deal with activex, lol
<clever> my original goal for kexec, was to use it on remote baremetal machines, which has no undo :P
<clever> but thats still recoverable with the ISO on a USB
<clever> and then after finishing the entire install with legacy boot, he mentioned he was on an apple machine, which can only boot uefi
<clever> a recent user in here had formatted the host hdd, before noticing that he lacked zfs unstable support in kexec
<clever> but once you are in, you still need to be very careful
<clever> joehh: so you can kexec that image on ubuntu for ex, and if you fail to get into it within an hour, it reboots, and nothing has been installed, so ubuntu just boots back up
<clever> joehh: yeah
<clever> joehh: i had made the above autoreboot.nix to handle kexec'ing into a nixos that lacks the proper network config
<clever> then any kind of hard failure that triggers a reboot just rollbacks
<clever> ah, i was thinking use test, so the boot config isnt updated
<clever> joehh: using the test target, instead of switch?
<clever> magnetop`: is it building it within the hydra jobs, or during nixos-rebuild?
<clever> magnetop`: hydra does depend on graphviz
<clever> joehh: for some services like dhcpd, the daemon is able to talk to another instance of itself, and co-operate with it to share the network
<clever> joko: if you nuke ~/.cache/nix/tarballs/ then it will loose that cache
<clever> it may be the ttl on the cache
<clever> joko: how long since you last updated the channels?
<clever> joko: what happens if you `nix-channel --update -vvv` ?
<clever> joko: is the host nginx pointing to a storepath?
<clever> joko: how is the channel hosted?
<clever> tobiasBora: you can also just `man configuration.nix`
<clever> when i started with nixos, i went thru every single page of https://nixos.org/nixos/options.html
<clever> just need to read the docs
<clever> tobiasBora: if autoNumlock is set to true, nix will insert Numlock=on into the generated sddm.conf file
<clever> services.xserver.displayManager.sddm.autoNumlock
<clever> tobiasBora: services.xserver.displayManager.sddm.extraConfig
<clever> Taneb: `nix copy` does give better progress
<clever> steveeJ: i filed a bug for it, then the problem went away after a nix-channel --update, so i closed it
<clever> sphalerite: i think i saw a recent pr that makes adding a device silently fail
<clever> bbsl: i think you need to generate a php.ini that tells it to load the zmq plugin from the correct path
<clever> sphalerite: not entirely sure
<clever> in some modes, it defers the namespace change until a fork
<clever> sphalerite: if you run bash inside nsenter, does anything change?
<clever> nsenter can choose to omit certain namespaces, you have to tell it to also enter the pid one
<clever> sphalerite: the builder is pid 1, and the `ps aux` command was pid 2
<clever> sphalerite: the nix sandbox is using pid namespaces
<clever> it can accept a pid to enter the namespace of
<clever> sphalerite: unshare might be able to do that
<clever> :D
<clever> but it does seem like a fairly simple change
<clever> you would need kernel changes to be able to freely change the parent pid
<clever> only pid 1 can adopt orphans
<clever> :D
<clever> sphalerite: impure!!!
<clever> etu: ive tried that before, but it somehow breaks pulseaudio
<clever> tobiasBora: only if the new shell is launched by something root (sshd, login shells)
<clever> tobiasBora: you have to logout and log back in

2018-09-10

<clever> adamantium: switch is just boot+test, boot only updates the bootloader, and test only activates it
<clever> kalbasit[m]: libredirect could be added to that expression fairly easily
<clever> kalbasit[m]: it would have to be done with either libredirect or nix.conf
<clever> i suspect that overwrites the settings, after loading nix.conf
<clever> sphalerite: hmmm, nix-build will copy it, from its own settings object...
<clever> and nix-build probably ignores the config, and goes entirely on the presense (or lack) of the flag
<clever> sphalerite: when nix-daemon is parsing the protocol to read from nix-build, it will overwrite the setting with what nix-build passed
<clever> fetchurl just disables cert checking when downloading
<clever> that sounds like the network is working, but ssl isnt, due to a lack of /etc/
<clever> and can you pastebin the full console output when the build fails?
<clever> nix2 now rejects that
<clever> kalbasit[m]: is the hash on line 53 valid?, there was a bug that allowed an empty string, and some people have abused that
<clever> outputHashMode = "recursive"; allows $out to be a file, directory, or even symlink, and the hash is over the NAR of the output (nix-store --dump)
<clever> outputHashMode = "flat"; means that $out is just a bare file, and the hash is over the file itself
<clever> if the hash doesnt match, the build is considered to have failed
<clever> kalbasit[m]: and nix will enforce that the hash of $out matches the declared outputHash
<clever> kalbasit[m]: only a derivation that has all 3 of: outputHashMode, outputHashAlgo, and outputHash, can get network access during a build
<clever> elvishjerricco: i have my hydra building the config for some of my machines
<clever> the list of all emacs packages
<clever> sphalerite: you beat me that time! :D
<clever> but nix is not aware of the libs being in use, due to lack of gc roots
<clever> nix-shell will provide all of the libs listed in the given shell.nix file
<clever> then you want nix-shell
<clever> write a nix file that will compile the files you want, and then use nix-build to run it
<clever> (or nix-shell)
<clever> semilattice: simple answer, use nix-build
<clever> __monty__: would be simpler to just run a squid proxy on the remote end, and use the tox IP to connect to squid
<clever> __monty__: that could be tricky, because you would need to change the default route, but not have toxvpn itself obey that
<clever> but that example is missing the cabal file
<clever> which has to also have cabal2nix and nix-build ran on it
<clever> jonreeve: example-site-exe is in a sub-project, https://github.com/ChrisPenner/Slick/tree/master/example-site
<clever> jonreeve: ah, the cabal file doesnt define any executables, https://github.com/ChrisPenner/Slick/blob/master/slick.cabal
<clever> jonreeve: can you pastebin the file cabal2nix generated?
<clever> jonreeve: after nix-build, there will be a binary in result/bin/
<clever> and maybe also look into how to disable whatever it is
<clever> xenog: at the end of the build, do `find $HOME` and look at what it has made
<clever> or your fork
<clever> just make sure to pick the rev from the tip of the right channel
<clever> then it always uses a specific rev of nixpkgs
<clever> you can also do -I nixpkgs=https://github.com/nixos/nixpkgs/archive/GITREV.tar.gz
<clever> magnetop`: i just keep it as a comment in my deployment file, but you may want to use a bash script instead to manage it
<clever> magnetop`: you want `nixops modify -I nixpkgs=/home/bart/source/nixradio/nixpkgs your-deployment-file.nix`
<clever> magnetop`: that config only takes effect at runtime, on the machine it was deployed to

2018-09-09

<clever> __monty__: in the root dir of nixpkgs, `nix-build -A packagename`
<clever> https://github.com/NixOS/nixpkgs/blob/master/.github/PULL_REQUEST_TEMPLATE.md for example is pre-entered into the description of every PR
<clever> i believe github expects certail files in .github and treats them specially
<clever> __monty__: yeah
<clever> rsynnest: then nix-diff the 2 of them, edit configuration.nix to solve the difference, and repeat until it has no diff
<clever> rsynnest: and `nix-instantiate '<nixpkgs/nixos>' -A system` gets you the drv for the current configuration.nix
<clever> rsynnest: that gets the .drv for the current-system
<clever> [clever@system76:~]$ nix-store --query --deriver /run/current-system
<clever> /nix/store/ksycvnlvwg8zmfir6zff6l8zlyxgf67x-nixos-system-system76-18.09pre150708.083220867c7.drv
<clever> nt
<clever> then you need to recreate configuration.nix to make it not differe
<clever> it can tell you the differences between 2 derivations
<clever> rsynnest: nix-diff is the closes thing to what you want
<clever> yeah
<clever> now the entire directory core.nix is in will be copied to /run/current-system/nixcfg/
<clever> etu: but you can customize what it does like so: https://github.com/cleverca22/nixos-configs/blob/master/core.nix#L127-L129
<clever> etu: that doesnt really work as soon as you have a 2nd module loaded via imports
<clever> oh, i see, yeah, unmerged
<clever> Myrl-saki: __impure = true; has the same effect
<clever> i cant remember the name of it though
<clever> Myrl-saki: oh, nix also has a dedicated option for this
<clever> :D
<clever> and i had to lookup the exact flag in the man pages!
<clever> lol
<clever> you can also `nix-store --dump | sha256sum`
<clever> nix-prefetch-url --unpack can also do it
<clever> nix-hash without --flat can do that
<clever> for recursive hashing, you need the hash of the NAR encoding of the directory
<clever> `nix-hash --type sha256 --to-base32 <hash>` can be used to convert 16 to 32
<clever> when using flat hashing, then its just the raw hash of the file, so you can use sha256sum
<clever> yep
<clever> joepie91: nix accepts both base16 and base32
<clever> flat*
<clever> joepie91: oh, but if its flag, you can also just use sha256sum i believe
<clever> --flat i think
<clever> joepie91: nix-hash
<clever> nixos-generate-config also doesnt understand the ramdisks it uses
<clever> and if it doesnt fit in real ram, it then has bigger problems
<clever> which involves 30mins of decompressing ram, lol
<clever> sphalerite: only problem ive had with zram, is that `nixos-rebuild switch` sometimes wants to turn the zram off and back on, to reload it
<clever> das_j: the OOM issues when copying closures have been improved in 2.1
<clever> yep
<clever> which is what the NAR format solves
<clever> and other differences can occur within the zip structure when the zip library is updated
<clever> nix ignores timestamps when hashing an unpacked directory
<clever> and then the hash of the zip differs
<clever> infinisil: some tools for generating a zip from a git rev wind up timestamping the files in the zip with the current date/time
<clever> yeah
<clever> yeah
<clever> fetchurl is just nix-prefetch-url
<clever> fetchzip/fetchFromGitHub match to `nix-prefetch-url --unpack`
<clever> infinisil: and fetchzip uses the hash of the contents, not the hash of the zip itself
<clever> infinisil: fetchFromGitHub uses fetchzip, which is a variant of fetchurl
<clever> i would just use the builtins version directly
<clever> siers: all functions from builtins are also in lib
<clever> rfold: it manages starting X, displaying a login screen, and then launching your desktop manager after you login
<clever> disasm: i still use slim on my desktop
<clever> Xyliton: try fully quiting and then starting the browser
<clever> Xyliton: does pavucontrol list the capture device under input devices?
<clever> pie_: probably ffmpeg
<clever> srhb: callPackage/override args, not mkDerivation args
<clever> it will then expect a name.cabal in the dir, and load it as normal
<clever> callCabal2nix "name" ./. {}; i think was the syntax
<clever> and will then store all nix values in that 9gig
<clever> copumpkin: every eval on hydra uses 9gig of ram upfront, to even start
<clever> copumpkin: i suspect its an entry in hydra.conf that makes the initial heap larger
<clever> copumpkin: 9gig!! :O
<clever> sphalerite: `ssh localhost` would probably be simpler, lol
<clever> but then i lost all audio in chrome
<clever> i was trying to go beyond the hard ulimits
<clever> but, ive found that the above breaks pulseaudio
<clever> sphalerite: you need to `exec sudo -i` then `exec sudo -i -u clever`
<clever> sphalerite: sudo is smart enough to know no changes take place, and do nothing
<clever> which then sets the right groups as it drops root
<clever> it must be spawned by something root, like sshd, or the login screen
<clever> and the new shell is just your window manager, which already has the "wrong" groups
<clever> it inherits the groups from the parent process
<clever> wajsel: you have to logout and login again for any group changes to take effect on linux
<clever> sphalerite: both to avoid bugs it makes, and to force me to fix all renames
<clever> sphalerite: i also just had an idea, what about a global option to just turn mkRenamedOptionModule into a no-op?
<clever> that also explains why startOnBoot didnt fail
<clever> sphalerite: ahhh
<clever> averell: cp -v ${pkgs.writeFile "name" "contents"} /var/db/dest
<clever> wajsel: nix-store --verify --check-contents
<clever> wajsel: the option is called enableOnBoot in that version, and it defaults to true
<clever> averell: i would just have a cp or ln command in the prestart, or find a config flag to tell it where to look
<clever> wajsel: which revision of nixpkgs are you on?
<clever> i dont see the startOnBoot you mentioned earlier
<clever> ,pastebin
<clever> wajsel: can you pastebin the entire configuration.nix file?
<clever> and what does `sudo systemctl status docker.service` say?
<clever> which revision of nixpkgs are you on? and why did yoy need to clone it?
<clever> it should complain
<clever> startOnBoot isnt a valid option
<clever> did you nixos-rebuild switch
<clever> wajsel: oops, its virtualisation.docker.enable
<clever> wajsel: services.docker.enable = true; and its done
<clever> jbo2: also, use `nixos-rebuild boot`, not switch when in a chroot
<clever> oh, from an ubuntu livecd
<clever> jbo2: nixos-enter is a bash script to chroot into nixos for you
<clever> oh, it failed on one, then didnt get to the 2nd
<clever> unstable?
<clever> Myrl-saki: nix-prefetch-url --unpack
<clever> rrr: manually stop the docker daemons, move the files, and then maybe try a symlink or `mount --bind`

2018-09-08

<clever> yeah
<clever> ah
<clever> ah, but you have some notifications appearing outside the terminal, asciinema cant catch those
<clever> its already packaged on nixos
<clever> this program can record terminals as "video" but it remains text and you can still copy/paste from the playback
<clever> ldlework: https://asciinema.org/
<clever> if you have a backup of the old /boot, you can restore it
<clever> nixos likely wont boot, because the bootloader failed to install
<clever> debian just ignores those files entirely, so you can just leave them
<clever> yeah
<clever> magnetop`: id say its best to just have a single block device at xvda, and then you can install a bootloader normally
<clever> and nixos changes it more often then other distros, which can be a pain to deal with
<clever> but you need to copy the kernel out of the guest any time it updates
<clever> magnetop`: basically, you have the kernel and initrd on the host filesystem, and then you just point the VM at those
<clever> magnetop`: ah, those are difficult to deal with with nixos
<clever> magnetop`: what about lshw?
<clever> magnetop`: can you pastebin the output of dmidecode ?
<clever> magnetop`: what type of VM is this?
<clever> so xvda, not xvda2
<clever> magnetop`: boot.loader.grub.device must be set to the root of a disk, not a partition
<clever> magnetop`: and can you pastebin your configuration.nix file?
<clever> magnetop`: what command did you run when it gave that error?
<clever> magnetop`: what is the error it gives?
<clever> magnetop`: and ar they xvda1 and xvda2?
<clever> magnetop`: what does lsblk report?

2018-09-07

<clever> Henson: use buildPhase instead, and src = ./.; to get a copy of the current dir
<clever> iclanzan: ive never used systemd-boot
<clever> iclanzan: how old was it?
<clever> iclanzan: definitely sounds like a /boot problem
<clever> iclanzan: can you paste the result of `ls -l /run/current-system`, then reboot and paste the result of `ls -l /run/current-system` again, without a nixos-rebuild
<clever> line 6 from efibootmgr matches the uuid on line 14 for sda1, so the correct boot partition is on /boot
<clever> iclanzan: and the 3 cmds above?
<clever> iclanzan: can you pastebin the output of `nix run nixpkgs.efibootmgr -c efibootmgr -v` and `blkid /dev/sda*` and `fdisk -l /dev/sda` ?
<clever> iclanzan: ok, thats a bit odd, is this booting with uefi or legacy?
<clever> iclanzan: check the output of `df -h` and confirm if it is mounted
<clever> iclanzan: if you mis-configured it during install, then it wont mount automatically