2018-05-26
03:18
<
clever >
ldlework: and if you try wireshark on that port?
03:13
<
clever >
ldlework: is it giving an error?
03:01
<
clever >
ldlework: you just pick networkboot from f12, and type justdoit
03:01
<
clever >
ldlework: with things like my justdoit script, you can automate it further
03:00
<
clever >
ldlework: ive done exactly that with 2 netbooks and a router
02:59
<
clever >
ldlework: once you do install to the laptop, you can just set the targetenv to none, and give nixops an IP
02:49
<
clever >
i cant find a simple example
02:49
<
clever >
ldlework: it can be configured from nixops, check the nixops manual
02:48
<
clever >
ldlework: the aws firewall
02:46
<
clever >
ldlework: i would just skip docker entirely
02:40
<
clever >
ldlework: that can happen if you didnt allow port 22 in the firewall
02:28
<
clever >
ldlework: its colliding with the ec2 host
02:28
<
clever >
ldlework: change the name of your key
02:27
<
clever >
let me look over it closer
02:26
<
clever >
everything looks normal to me
02:25
<
clever >
ldlework: what is the error?
01:38
<
clever >
ldlework: none involves managing systems that already run nixos, and nixops doesnt care where the machine exists
01:38
<
clever >
ldlework: ive only used nixops with the none and aws backends
00:54
<
clever >
and if its a tar file, nix cant know the dir within the tar
00:54
<
clever >
it cant be, because it depends on whatever directory the unpackPhase created
00:54
<
clever >
and exactly that is all over the source stack2nix generates
00:54
<
clever >
8077 postUnpack = "sourceRoot+=/cborg; echo source root reset to $sourceRoot";
00:53
<
clever >
so you can postUnpack = ''sourceRoot="$sourceRoot/foo"'';
00:53
<
clever >
the unpackPhase sets the sourceRoot to the source/ i'm guessing
00:52
<
clever >
ah, then you want to append to sourceRoot, one min
00:52
<
clever >
just src = builtins.fetchGit /media/projects/foo is enough to set the sourceRoot
00:52
<
clever >
jtojnar: the stdenv will auto-detect the sourceRoot for you
00:51
<
clever >
jtojnar: why are you trying to access its .name?, it doesnt have one
00:49
<
clever >
{ outPath = "/nix/store/0s7gcniafv8i90p1ph26h7jqh1ycs4ll-source"; rev = "2982847b329505b41d3a038e1ff626a8b874920e"; revCount = 14130; shortRev = "2982847"; }
00:49
<
clever >
it already has a working outPath on it
00:49
<
clever >
"/nix/store/0s7gcniafv8i90p1ph26h7jqh1ycs4ll-source"
00:49
<
clever >
nix-repl> "${builtins.fetchGit ./iohk/cardano-develop}"
00:48
<
clever >
gchristensen: i dont think it can, and the name is already source
00:47
<
clever >
jtojnar: can you gist the whole nix expression?
00:46
<
clever >
jtojnar: what about just src = builtins.fetchGit /media/projects/foo;
00:36
<
clever >
which manages instances of AccelClass*
00:35
<
clever >
and kvm is configured within kvm_accel_class_init
00:34
<
clever >
gchristensen: it looks like qemu can only ever get kvm support via opening /dev/kvm
00:30
<
clever >
now i want to read the qemu source, lol
00:29
<
clever >
gchristensen: ah
00:28
<
clever >
id have to check the qemu source to confirm things
00:28
<
clever >
angerman: i think gchristensen mentioned yesterday that qemu uses hyperkit when you tell it to use kvm
00:25
<
clever >
das_j: did you also set enableParallelBuilding?
00:23
<
clever >
das_j: you also have to set enableParallelBuilding = true; on the derivation
00:13
<
clever >
eacameron: but darwin nixpkgs has clang by default
00:13
<
clever >
eacameron: the linux kernel expressions in nixpkgs try to run gcc
00:11
<
clever >
eacameron: linux cant cross-compile from mac, it uses gcc, but darwin has clang
00:07
<
clever >
scription?
00:01
<
clever >
eacameron: the above expression is cross-compiling libc and gcc...
2018-05-25
23:55
<
clever >
eacameron: i think this is cross-compiling hello-world from darwin->linux
23:55
<
clever >
nix-repl> :b (import <nixpkgs> { crossSystem = { arch = "x86_64"; config = "x86_64-unknown-linux-gnu"; }; }).hello
23:53
<
clever >
eacameron: yep
23:52
<
clever >
eacameron: then you can now also set it up as a build slave using the right priv key
23:50
<
clever >
> xorg.libX11
23:49
<
clever >
eacameron: haskell might be harder, thats in angerman's territory
23:48
<
clever >
eacameron: oh, hmmm
23:47
<
clever >
eacameron: that should be equaly simple, once this works
23:47
<
clever >
eacameron: all of not-os, cross-built from x86 to arm
23:46
<
clever >
eacameron: its currently building...
23:45
<
clever >
eacameron: cross-compiling would also allow that
23:44
<
clever >
eacameron: yep, just nix-copy-closure it about
23:43
<
clever >
eacameron: then any key that works for the local machine, also wors for the vm
23:43
<
clever >
eacameron: you can also --arg sshKeyFile ~/.ssh/authorized_keys
23:41
<
clever >
eacameron: ?
23:41
<
clever >
eacameron: try adding -vvvv to the ssh
23:38
<
clever >
eacameron: check the bash history to see what cmd you used
23:36
<
clever >
eacameron: did you give it a pub or priv key with --arg?, it needs to be the pub one
23:35
<
clever >
eacameron: you can now `ssh root@localhost -p 2222`
23:17
<
clever >
eacameron: testing the cross-compile stuff now...
23:11
<
clever >
eacameron: i suspect i can improve that with Sonarpulse's cross-compile stuff
23:11
<
clever >
eacameron: yeah
23:10
<
clever >
eacameron: yeah, thats a limitation it has right now, you need a linux slave to bootstrap it
23:09
<
clever >
__monty__: i tend to keep things pretty secure, so havent had any issues like that
23:07
<
clever >
__monty__: i tend to have one pair per machine
23:00
<
clever >
eacameron: but i could improve it to do what you thought
22:59
<
clever >
eacameron: some things in nixpkgs changed recently that break not-os easily
22:59
<
clever >
eacameron: its to lock in the nixpkgs rev
22:59
<
clever >
eacameron: it has to be ran in a checkout of not-os
22:55
<
clever >
eacameron: look at line 2 of the file
22:54
<
clever >
eacameron: keeping the readfile there allows you to just --arg sshKeyFile ~/.ssh/id_rsa.pub and it works
22:54
<
clever >
eacameron: the "${ could go, it was orignally inserted with other keys, that then got deleted
22:40
<
clever >
sqzlh: you need to run stack2nix in the root of your project, and it will generate a default.nix file
22:29
<
clever >
look into cabal2nix
22:29
<
clever >
sqzlh: id recomend just using cabal, and not stack, when on nix
22:19
<
clever >
eacameron: it now works fully
22:19
<
clever >
eacameron: it was lacking a `set -e`, so it kept going
22:18
<
clever >
eacameron: but it is now working
22:18
<
clever >
on mac, it fails
22:18
<
clever >
on linux, it just makes a sparse file that occupies zero space
22:17
<
clever >
eacameron: the `truncate -s 50g` command to make a dummy file for the rootfs
22:13
<
clever >
eacameron: boooo, support sparse files already!!!, booo
22:13
<
clever >
eacameron: truncate: failed to truncate 'rootdisk.img' at 53687091200 bytes: No space left on device
22:11
<
clever >
eacameron: hmmm, and darwin doesnt even have the truncate binary!
22:09
<
clever >
sqzlh: list based things should append most of the time
22:09
<
clever >
sqzlh: nix.nixPath = [ ... ];
22:03
<
clever >
eacameron: next big thing, is to try to cross-compile from mac to linux, an entire os
22:02
<
clever >
eacameron: i recently played with a few random platforms using things like (import <nixpkgs> { crossSystem = (import <nixpkgs/lib>).systems.examples.muslpi; }).hello
22:00
<
clever >
ooo, tests!
21:59
<
clever >
eacameron: then you wont need a linux slave to bootstrap
21:59
<
clever >
eacameron: next fun thing id want to look into is getting it to cross-compile the whole thing from darwin
21:57
<
clever >
eacameron: fix pushed
21:52
<
clever >
i'll patch it to run at bootup
21:52
<
clever >
error: Package ‘e2fsprogs-1.44.1’ in /nix/store/7y6iyld88gq3c9xlyqn6wisy2i6im6nz-c29d2fde74d.tar.gz/pkgs/tools/filesystems/e2fsprogs/default.nix:37 is not supported on ‘x86_64-apple-darwin’, refusing to evaluate.
21:51
<
clever >
eacameron: oh, dang, its using mkfs.ext4, which doesnt work on darwin!
21:47
<
clever >
eacameron: and pushed
21:46
<
clever >
eacameron: done
21:27
<
clever >
MichaelRaskin: but yours went up
21:26
<
clever >
infinisil: was that a bug? lol
21:25
<
clever >
eacameron: the bot doesnt even care if the "user" exists
21:25
<
clever >
eacameron: adjusting the script...
21:20
<
clever >
eacameron: or format it from the host side, before booting qemu
21:20
<
clever >
eacameron: line 150 will need to mount something else, and handle formatting it if its blank, then add a new drive to the qemu args
21:20
<
clever >
eacameron: line 150 mounts a tmpfs that will eventually become / and 160 creates a /nix/.overlay-store/rw that the overlay fs will use for writing to
21:16
<
clever >
oh, and by default, the root disk is a tmpfs, so it can only store half of that in the nix store
21:16
<
clever >
maybe also add memory ? 512 to the args
21:16
<
clever >
eacameron: yep
21:13
<
clever >
eacameron: id do { sshKeyFile }:
21:10
<
clever >
eacameron: easily
21:08
<
clever >
eacameron: i just went with the defaults that ssh-keygen had created ages ago
21:08
<
clever >
judson: the hash at the end is a chrome extension id
21:07
<
clever >
eacameron: yeah
21:05
<
clever >
srhb: ive also found ones in there for apps that i installed in chrome
20:58
<
clever >
eacameron: dont have access to a native mac where vm extensions would work properly
20:57
<
clever >
eacameron: it took 22 seconds to boot on a virtualized mac, vs 11 seconds to boot on a native linux host
20:57
<
clever >
doesnt require docker to be installed
20:57
<
clever >
eacameron: you can also use nix remote builders with the qemu script i linked above
20:55
<
clever >
i just never switched my network over to them
20:55
<
clever >
judson: i did :P
20:55
<
clever >
judson: yes
20:54
<
clever >
eacameron: if you run nix-build on this, you get a bash script that runs qemu, start that, and you have an ssh server on 127.0.0.1:2222 that gives you a linux build slave
20:54
<
clever >
eacameron: yesterday, i threw together a derivation that allows building linux things on darwin
20:53
<
clever >
eacameron: lol
20:51
<
clever >
and the lan.reverse below allows me to do reverse dns on 192.168.2.*
20:50
<
clever >
judson: that creates my own private TLD, .localnet, which is resolvable within my house
20:50
<
clever >
judson: one min
20:47
<
clever >
and it doesnt even tell you, it just silently never runs the job
20:47
<
clever >
gchristensen: the same problem also exists within hydra
20:44
<
clever >
and if it needs no features, that string is empty
20:43
<
clever >
gchristensen: beyond that, you could have a string that contains a fragment of the error, and insert it into a second one
20:42
<
clever >
gchristensen: i think concatStringsSep can be used in the 1 feature case as well
20:41
<
clever >
so you cant get the kvm feature on any aws machine
20:41
<
clever >
samueldr: most hosting providers like aws dont enable it on the host
20:41
<
clever >
eacameron: you can just lie about your slave supporting kvm, thats simpler
20:39
<
clever >
gchristensen: ah yeah, thats a simple change
20:39
<
clever >
eacameron: nested visualization doesnt work, but qemu will sanely fall back to software emulation (which is also a lot slower)
20:37
<
clever >
gchristensen: why wont it merge?
20:37
<
clever >
gchristensen: ?
20:37
<
clever >
builder@system76.localnet armv6l-linux,armv7l-linux,x86_64-linux,i686-linux /etc/nixos/keys/distro 4 1 big-parallel,nixos-test,kvm
20:37
<
clever >
eacameron: you need to tell nix what build slave has kvm support
20:36
<
clever >
gchristensen: the error nix gives should show that feature too
20:36
<
clever >
eacameron: `nix show-derivation /nix/store/qd29ichvjw3sfp9ygvv8sxk8kfqh8l3h-nixos-boot-disk.drv` what is listed under the required system features?
20:33
<
clever >
yeah, it should only be used when testing, when you want to force rebuilds
20:31
<
clever >
eacameron: it just means you get a different .drv every time, so it never hits a binary cache
20:31
<
clever >
eacameron: its an eval-time thing, so its not really impure
20:26
<
clever >
ah, my build slave is turned off
20:26
<
clever >
error: a 'x86_64-darwin' is required to build '/nix/store/rgx06v6ix9h93rxla9r92gfc6v2cp27v-foo.drv', but I am a 'x86_64-linux'
20:26
<
clever >
it will now use the darwin build of bash to write the file
20:26
<
clever >
[clever@amd-nixos:~]$ nix-build -E 'with import <nixpkgs> { system = "x86_64-darwin"; }; writeText "foo" builtins.currentTime'
20:25
<
clever >
eacameron: oops, just writeText
20:25
<
clever >
eacameron: nix-build -E 'with import <nixpkgs> { system = "x86_64-darwin"; }; writeTextFile "foo" builtins.currentTime'
20:24
<
clever >
symphorien: set `preferLocalBuild = true;` in your derivation
20:24
<
clever >
symphorien: one min
20:23
<
clever >
eacameron: or the override LnL just gave
20:22
<
clever >
eacameron: nix-build -E 'with import <nixpkgs> { system = "x86_64-darwin"; }; enableDebugging hello'
20:21
<
clever >
eacameron: nix-build '<nixpkgs>' -A hello --argstr system x86_64-darwin
17:56
<
clever >
sqzlh: any time nix is downloading something, it has to keep the entire thing in ram, until the dl is done
17:53
<
clever >
sqzlh: what command did you run?
01:41
<
clever >
ldlework: it will then boot into nixos on a ramdisk, ssh back in, run justdoit
01:41
<
clever >
ldlework: in that example, you build a special tar, upload it to literally any linux machine, then untar and run /kexec_nixos
01:38
<
clever >
look at the session.md in the same dir
01:37
<
clever >
the use-case in that git repo is doing kexec
01:34
<
clever >
snapshot support
01:34
<
clever >
compression
01:34
<
clever >
all data is immutable once on disk
01:34
<
clever >
it hashes all data stored so any corruption can be idenfied
01:33
<
clever >
the filesystem
01:33
<
clever >
so you can just boot the iso, login as root, and run justdoit
01:33
<
clever >
so if you include that module in your installer ISO, then its pre-installed on the ISO
01:33
<
clever >
that nixos module puts the compiled copy of the script into systemPackages
01:29
<
clever >
ldlework: justdoit
01:29
<
clever >
ldlework: you may also want to look at my justdoit.nix
01:28
<
clever >
ldlework: i always set uid = 1000; on myself in the config, for nfs reasons
01:14
<
clever >
ldlework: looks like a start
01:09
<
clever >
why does it have to be a nix-shell on the remote server?
01:08
<
clever >
and you cant run the nix-shell locally or eval the nix expressions remotely?
01:07
<
clever >
what exactly are you trying to do?
01:06
<
clever >
and you cant use the nix expressions normally?
01:06
<
clever >
Myrl-saki: why do you need to copy them?
01:05
<
clever >
Myrl-saki: what do you need to copy?
00:45
<
clever >
ldlework: configuration.nix and everything in the imports list, is treated as normal nixos modules
00:43
<
clever >
ldlework: you can also still make another file, that sets common groups of options
00:43
<
clever >
ldlework: yep
00:40
<
clever >
ldlework: thats how every single nixos service works
00:39
<
clever >
ldlework: its better to use options then to try and pass params to the module yourself
00:39
<
clever >
ldlework: look at the vim.nix in my nixos-configs repo
00:39
<
clever >
ldlework: create custom options
00:37
<
clever >
and one of those starting files is in the imports of configuration.nix, which is purely whats needed to boot and nothing else
00:37
<
clever >
ldlework: i just keep everything in a single repo, and have several starting files, like amd-nixos.nix and laptop.nix
00:27
<
clever >
it uses the same version of nixpkgs as pkgs, rather then the one in NIX_PATH
00:27
<
clever >
Myrl-saki: pkgs.path + "/pkgs/development/haskell-modules/configuration-ghcjs.nix
00:27
<
clever >
ldlework: only my router is on there in full, under deployments
00:24
<
clever >
Myrl-saki: // can be used with package sets, after you supply the self argument
00:23
<
clever >
yeah, that looks like fixpoint stuff
00:02
<
clever >
Myrl-saki: combine that, with the attrs in a derivation with the same name, basically
00:01
<
clever >
Myrl-saki: oh, also: nix show-derivation /nix/store/5bk1ddvdzxhixj3lhlaps2yvzhhgzg4h-blaze-builder-0.4.0.2-r1.cabal.drv
00:00
<
clever >
Myrl-saki: was going to mostly make educated guesses based on the contents
2018-05-24
23:59
<
clever >
bemeurer: yeah, you need nonfreeLicensing = true; as well
23:57
<
clever >
Myrl-saki: and its contents?
23:57
<
clever >
bemeurer: testing things on my end, it looks like it needs ffmpeg-full.override { nvenc = true; nonfreeLicensing = true; }
23:57
<
clever >
Myrl-saki: paste the full path of the drv file
23:56
<
clever >
bemeurer: i dont see an error in that gist
23:53
<
clever >
bemeurer: and it doesnt need cuda to be installed, it will automatically download it
23:53
<
clever >
bemeurer: nix-build -E 'with import <nixpkgs> {}; ffmpeg-full.override { nvenc = true; }'
23:51
<
clever >
bemeurer: you will need to write an override for ffmpeg that adds cuda support
23:50
<
clever >
bemeurer: it will never pick up libraries you have installed when rebuilding
23:50
<
clever >
bemeurer: nix doesnt work like that
23:49
<
clever >
bemeurer: nix-build '<nixpkgs>' -A ffmpeg-full
23:23
<
clever >
oh, didnt that break in nix 2.0?
23:23
<
clever >
bemeurer: nix-env should clearly say that
23:19
<
clever >
bemeurer: thats strange
23:18
<
clever >
bemeurer: and nix-env -q shows?
23:16
<
clever >
bemeurer: try adding -v
23:14
<
clever >
bemeurer: i think you want nix-env -iA nixos.cudatoolkit
23:14
<
clever >
infinisil: it may need to render errors better
23:13
<
clever >
> throw "custom error"
23:12
<
clever >
Myrl-saki: thats one way
23:09
<
clever >
Myrl-saki: pong
22:32
<
clever >
Myrl-saki: it both makes it easyer to read, and also harder to parse wrong
22:31
<
clever >
foo = with pkgs; [ a b c ]; rather then with pkgs; { foo = [ a b c ];
22:31
<
clever >
other then `with lib;` i keep my with statements as narrow as possible
22:30
<
clever >
infinisil: let has higher scope, so `with pkgs;` doesnt overwrite things on you
22:28
<
clever >
be careful when writing identity :P
22:27
<
clever >
Myrl-saki: can you guess why what i just did happened?
22:21
<
clever >
`let foo = bar; in` == `with rec{ foo = bar; };` essentially
22:21
<
clever >
i think let is the only place it works
22:14
<
clever >
Myrl-saki: yeah, thats my guess too
22:13
<
clever >
Myrl-saki: grep nixpkgs to see how hackage-packages.nix is meant to be loaded
22:12
<
clever >
Myrl-saki: and what arguments does nixpkgs/pkgs/development/haskell-modules/hackage-packages.nix expect?
22:11
<
clever >
Myrl-saki: what is the type of ((import <nixpkgs> {}).callPackage ./pkgs/ghcjs {})
22:09
<
clever >
infinisil: but scopedImport cant
22:09
<
clever >
infinisil: behind the scenes, import can cache the value that results from importing a file
22:08
<
clever >
infinisil: i believe scopedImport breaks caching in nix
21:53
<
clever >
Myrl-saki: it wont need to inspect the types of both params to know which append to use
21:51
<
clever >
Myrl-saki: you want overrideCabal
21:50
<
clever >
Myrl-saki: can you gist the file?
21:42
<
clever >
Peaker: if it dies for any other reason, nix will delete all output it had created
21:42
<
clever >
Peaker: only if a build exits with code 0 will nix keep its results
21:41
<
clever >
Peaker: the network namespace also stops you from doing network access
21:41
<
clever >
Peaker: its using mount, user, and network namespaces, which act mostly like containers
21:40
<
clever >
Peaker: with the sandbox on, you cant even search /nix/store/*/include/
21:40
<
clever >
Peaker: reading things like /usr/include (if it exists) and /etc are still an issue, but the nix sandbox can do that (it uses namespacing)
21:39
<
clever >
Peaker: and the builds are ran under a dedicated user like nixbld1, that has limited write access
21:39
<
clever >
Peaker: only if your very naughty and search /nix/store/*/include/ will you ever find something you didnt ask for
21:39
<
clever >
Peaker: the paths are hashes under /nix/store/, and if you dont ask for something, you dont get its hash
21:38
<
clever >
elvishjerricco: inherit (pkgs) foo bar baz; doesnt work on a list
21:38
<
clever >
elvishjerricco: how would you do: with pkgs; [ foo bar baz ]; then?
21:33
<
clever >
__monty__: ive had issues in the past, where i had to compile a whole haskell program, just to read 1 field in a dhall file, lol
21:31
<
clever >
__monty__: that looks useful
21:30
<
clever >
__monty__: link?
21:12
<
clever >
ldlework: yeah
21:12
<
clever >
ldlework: it starts with an empty home
21:11
<
clever >
ldlework: i just have nixos configure most things properly, system wide
21:11
<
clever >
ldlework: i dont use home-manager
21:11
<
clever >
ldlework: yeah