2018-05-24
20:57
<
clever >
infinisil: though thats the only config i cared about at the time
20:57
<
clever >
infinisil: line 26
19:09
<
clever >
NIX_PATH does support url's
19:06
<
clever >
krey: nix-prefetch-url is probably faster then -git
18:07
<
clever >
2 finger swipe does "mouse wheel" scrolling
18:07
<
clever >
tilpner: absolutely nothing happens on my laptop when i swipe with 3 fingers in any direction, any number of times
17:43
<
clever >
> haskell.lib.overrideCabal
17:43
<
clever >
fresheyeball: i think it was: overrideCabal (callCabal2nix "name" ./. {}) (drv: { .... })
17:42
<
clever >
fresheyeball: run overrideCabal on the derivation
17:41
<
clever >
fresheyeball: the derivation it makes will build the project
17:39
<
clever >
ah, srv is whats failing, not /var/lib/jupyter
17:39
<
clever >
oh, the PR already has that
17:39
<
clever >
ixxie: a second option, set home="/var/jupyter"; createHome = true; on the user in question
17:38
<
clever >
ixxie: this causes the User= to only affect ExecStart, so preStart gets ran as root
17:38
<
clever >
ixxie: serviceConfig.PermissionsStartOnly = true;
17:36
<
clever >
ixxie: one min
17:30
<
clever >
ixxie: in that same preStart string, run `id` and `ls -ld /var/`
17:04
<
clever >
ixxie: systemd.services.jupyter.preStart = ''mkdir /foo/bar'';
16:58
<
clever >
thats less the job of nix, and more the job of systemd/bash, which are configured by nix
16:58
<
clever >
ixxie: at runtime, in places like the pre-start script of a service
16:51
<
clever >
ixxie: where and when should the path be created?
16:42
<
clever >
tazjin: you want the function
16:42
<
clever >
tazjin: there is both a $patchPhase, and a patchPhase function
16:39
<
clever >
oops, patchPhase, yeah
16:39
<
clever >
tazjin: you need to manually run unpackPhase somewhere inside buildCommand
16:39
<
clever >
tazjin: buildCommand stops all phases from being ran
16:36
<
clever >
tazjin: can you gist the original expression and your override?
03:27
<
clever >
--add wont do anything until you --update
03:27
<
clever >
and you did nix-channel --update?
03:26
<
clever >
ldlework: which user did you add that channel to?
2018-05-23
14:43
<
clever >
drakonis: if you add to the imports of the system, then nixos-rebuild will run the module, as long as it doesnt conflict with existing ones
14:42
<
clever >
the above config, tells it to use the same one as nix (which came from nix.buildMachines), and a second one that is inlined right there
14:42
<
clever >
ocharles: hydra supports a list of files, that have the /etc/nix/machines format
14:42
<
clever >
ocharles: yeah
14:39
<
clever >
drakonis: relative paths are evaled relative to the file that contains the path
14:38
<
clever >
drakonis: it can also be relative
14:38
<
clever >
ocharles: this may help, and also fix the missing /, and remove localhost from the main machines file (via its config)
14:38
<
clever >
ocharles: services.hydra.buildMachinesFiles = [ "etc/nix/machines" (builtins.toFile "machines2" "ocalhost x86_64-linux - 2 1") ];
14:37
<
clever >
ocharles: one min
14:37
<
clever >
drakonis: add its path to the imports list on your configuration.nix
14:36
<
clever >
just use a non-local 64bit build slave
14:36
<
clever >
it may be that hydra treats localhost specially, but nix does not
14:36
<
clever >
using localhost as a slave also causes many problems with IFD
14:36
<
clever >
unable to open SSH connection to 'localhost': don't know how to open Nix store 'localhost'; trying other available machines...
14:35
<
clever >
so hydra isnt capable of doing any 64bit builds
14:35
<
clever >
ocharles: the 64bit slave in /etc/nix/machines is invalid
14:31
<
clever >
ocharles: can you add both those spec.json.drv files to the gist, along with your /etc/nix/machines ?
14:02
<
clever >
the key, is to look at what the first thing it builds is, and then figure out why hydra wont build that
14:01
<
clever >
ocharles: find the .drv file that is listed on the build in the queue (in the UI) then run `nix-store -r` on it on the hydra machine, what is the very first thing it builds (you can also ctrl+c once it starts)
13:40
<
clever >
cocreature: currently, it only works on runtime stuff, youll need to manually search `nix-store --query --tree /nix/store/foo.drv`
13:25
<
clever >
that wont un-stick your queue, that will just add more to the queue!
13:25
<
clever >
ocharles: it needed a --add-fixed at EVAL time, so it wont show in latest-steps failures
13:25
<
clever >
ocharles: oh, import from derivation
13:23
<
clever >
ocharles: those would show under status->latest steps, as derivations that keep failing
13:21
<
clever >
ocharles: is the hydra publicly visible?
12:52
<
clever >
johanot: yeah
12:48
<
clever >
johanot: nix-daemon will pick a semi-random user of the nixbld group, then `kill -9` every process in the user, and start a build under it
12:47
<
clever >
johanot: never add yourself to the nixbld group
12:34
<
clever >
and limiting its usage to only the users that should have access limits the attack surface area
12:31
<
clever >
by launching the right type of vm, and changing stack segment registers during an irq, you can gain ring0
12:31
<
clever >
sphalerite: maybe something to do with this
12:30
<
clever >
so the nixbld group must own /dev/kvm, or you give it the other bits
12:30
<
clever >
johanot: it sounds like nix-daemon isnt obeying the groups you added the user to
12:28
<
clever >
qemu never gets root, so -runas wont matter
12:28
<
clever >
johanot: what user/groups does this output?
12:27
<
clever >
johanot: nix-build -E 'with import <nixpkgs> {}; runCommand "test" {} "id"'
12:24
<
clever >
johanot: on my nixos machine, its crw-rw-rw- 1 root root 10, 232 May 22 21:42 /dev/kvm
00:24
<
clever >
acowley: stdenv.cc.cc
2018-05-22
23:37
<
clever >
you want to run hself.callCabal2nix "streamly" streamly {};
23:36
<
clever >
fresheyeball: so the nix-shell gives you a shell that is suitable for downloading the src
23:35
<
clever >
fresheyeball: the override puts the source in the streamly attr
23:34
<
clever >
fresheyeball: what nix-build args are you using to test that?
22:48
<
clever >
time to document it!
22:25
<
clever >
bobvanderlinden: try switching to import <nix/fetchurl.nix>, i think that one obeys netrc securely, and can be done in parallel
22:23
<
clever >
bobvanderlinden: this is import <nix/fetchurl.nix>, the 3rd fetchurl
22:23
<
clever >
it ultimately calls this, and blocks the eval until it has finished
22:22
<
clever >
Path res = getDownloader()->downloadCached(state.store, url, unpack, name, expectedHash);
22:21
<
clever >
bobvanderlinden: there is a 3rd fetchurl, let me find it
22:20
<
clever >
bobvanderlinden: but pkgs.fetchurl can be
22:20
<
clever >
bobvanderlinden: ah yeah, builtins.fetchurl cant be done in parallel
22:06
<
clever >
bobvanderlinden: everything i work with is open on github, so its less of an issue here
22:00
<
clever >
bobvanderlinden: ah, id just use builtins.fetchurl for the select places where you need secrets, and pkgs.fetchurl for others
21:59
<
clever >
bobvanderlinden: what do you need secrets for with https?
21:58
<
clever >
bobvanderlinden: for example: builtins.fetchGit { url = "git@github.com:cleverca22/nixos-configs"; }
21:57
<
clever >
bobvanderlinden: fetchGit supports using your ssh-agent, and the secrets wont be sent to the remote machine
21:56
<
clever >
bobvanderlinden: then it will just run `git clone` outside of the sandbox
21:55
<
clever >
bobvanderlinden: i would use builtins.fetchGit for that, with an ssh based url
21:55
<
clever >
desttinghim[m]: nix-env -iA nixos.haxe uses the nixos entry in ~/.nix-defexpr/
21:55
<
clever >
bobvanderlinden: is the source on some git server?
21:54
<
clever >
bobvanderlinden: what are you trying to do?
21:52
<
clever >
bobvanderlinden: but it has to be set in the context of nix-daemon
21:52
<
clever >
bobvanderlinden: NIX_CURL_FLAGS should still work with pkgs.fetchurl
21:51
<
clever >
bobvanderlinden: that function doesnt exist
21:51
<
clever >
> lib.fetchurl
21:48
<
clever >
bobvanderlinden: when sandboxing is enabled, nix can block the network access for non-fixedoutput derivations
21:48
<
clever >
bobvanderlinden: pkgs.fetchurl runs curl inside a nix derivation, and only by declaring the hash of the output, will nix allow network access
21:46
<
clever >
pkgs.fetchurl supports a list of mirrors, and downloading the first url from a list that works
19:48
<
clever >
and if ~/.config/nixpkgs/config.nix exists, it will silently ignore ~/.nixpkgs/config.nix
19:48
<
clever >
and if the file at $NIXPKGS_CONFIG exists, it will cause nixpkgs to silently ignore ~/.config/nixpkgs/config.nix
19:48
<
clever >
but the configuration argument to <nixpkgs/nixos> has the highest priority
19:47
<
clever >
for example, $NIXOS_CONFIG has priority over <nixos-config>
19:47
<
clever >
if you know what to set
19:46
<
clever >
there are a couple env vars that nixos checks, that cause some slight impurities
19:43
<
clever >
i get obessed with finding out how things work, so ive read all of the eval-config.nix source, and the related modules
19:42
<
clever >
and if you reboot, the changes are reverted
19:41
<
clever >
that will load both the normal configuration.nix, and custom.nix, then activate
19:41
<
clever >
NIXOS_EXTRA_MODULE_PATH=/path/to/custom.nix nixos-rebuild test
19:40
<
clever >
oh, one min
19:40
<
clever >
it will activate it, but not make it permanent, check the nixos-rebuild page under test
19:39
<
clever >
that will do the exact same thing
19:39
<
clever >
nixos-rebuild test -I nixos-config=/path/to/custom.nix
19:39
<
clever >
also, you dont even need nix-build
19:39
<
clever >
if you reboot, all changes are gone
19:39
<
clever >
this will build, and activate it, but not touch any profiles, and not touch any bootloader config
19:39
<
clever >
nix-build '<nixpkgs/nixos>' --arg configuration '{...}: { imports = [ /etc/nixos/configuration.nix ]; options = {}; config = {}; }' -A system --show-trace && ./result/bin/switch-to-configuration test
19:38
<
clever >
if you only want to test, dont use nix-env, and dont use switch
19:38
<
clever >
if its not under profiles, then garbage-collection may eat it
19:38
<
clever >
it can be any path under profiles
19:37
<
clever >
nix-env -p /nix/var/nix/profiles/system --set /nix/store/foo && /nix/store/foo/bin/switch-to-configuration switch
19:35
<
clever >
that is why a system-profiles has come out of nowhere
19:35
<
clever >
that is what nixos-rebuild does with the name you give it
19:35
<
clever >
mkdir -p -m 0755 "$(dirname "$profile")"
19:35
<
clever >
profile="/nix/var/nix/profiles/system-profiles/$1"
19:35
<
clever >
giving -p a storepath just breaks everything
19:35
<
clever >
-p takes the path to a profile, and will build <nixos-config> and place it into that profile
19:34
<
clever >
-p doesnt work like that
19:33
<
clever >
that doesnt look like nixos-rebuild
19:33
<
clever >
what is even calling nix-env there?
19:32
<
clever >
why do you have a system-profiles link?
19:31
<
clever >
what state changes?
19:31
<
clever >
how exactly is it breaking the system?
19:31
<
clever >
depending on if its the root module, or in imports of the root module
19:31
<
clever >
which makes your configuration.nix come either before or after most of nixos
19:30
<
clever >
the problem, is the order of all modules, as it recursively traverses your imports statements
19:30
<
clever >
the whitespace in /etc/hosts moved, but not the value itself
19:30
<
clever >
oh wait, i think i see what the differences are now
19:29
<
clever >
and which method did the .drv in red come from?
19:28
<
clever >
Myrl-saki: what file is that .2.101 entry in /etc/hosts defined in?
19:26
<
clever >
can you screenshot the first page of output from nix-diff? the colors are missing
19:24
<
clever >
minus the (
19:24
<
clever >
Myrl-saki: try also: nix-instantiate '<nixpkgs/nixos>' --arg configuration '(/etc/nixos/configuration.nix' -A system --show-trace
19:22
<
clever >
Myrl-saki: what is the exact 2 commands you ran to produce those .drv files?
19:22
<
clever >
Myrl-saki: ok, so your hosts file differs, your fonts differ, your xsession differs
19:18
<
clever >
it calls nix-instantiate
19:18
<
clever >
Myrl-saki: dry-run doesnt build
19:14
<
clever >
Myrl-saki: try nixos-rebuild dry-run on each, then use nix-diff
19:13
<
clever >
Myrl-saki: how exactly are you measuring a difference?
13:38
<
clever >
fetchTarball unpacks, and hashes the NAR of the output, but nix-prefetch-url hashes the .tar.gz
13:37
<
clever >
k0001: you need to hash it with `nix-prefetch-url --unpack`
13:22
<
clever >
nix2 also has `nix edit nixpkgs.hello`
13:21
<
clever >
> pkgs.hello.meta.position
13:18
<
clever >
> eval.config.system.build.example
13:18
<
clever >
> eval = import <nixpkgs/nixos> { configuration = { imports = []; system.build.example = "foobar"; }; }
13:15
<
clever >
boothead: one min
02:06
<
clever >
andreabedini: the first loads the nixpkgs entry from $NIX_PATH, the 2nd loads the nixpkgs entry from ~/.nix-defexpr/
00:42
<
clever >
some firmware lets you manually pick a .efi file from the drive
00:42
<
clever >
Ralith: the UUID is part of the filesystem and partition table
00:39
<
clever >
Ralith: i would just move the drive, boot it, and see what happens
2018-05-21
23:55
<
clever >
then give it a dir that has xkb config files
23:55
<
clever >
iqubic: i think you need to use the xkbDir option
23:54
<
clever >
i made my capslock affect numbers as well
23:53
<
clever >
xkbOptions = "caps:shiftlock";
21:21
<
clever >
close that nix repl
21:21
<
clever >
that would be your problem
21:20
<
clever >
symphorien: and what is pid 31174 ?
21:19
<
clever >
symphorien: what does `ps aux` say about that pid, the full line
21:18
<
clever >
symphorien: i think pid 31182 is using that path
20:51
<
clever >
muzzy: ive even done network in the initrd, several times
20:51
<
clever >
muzzy: and i know enough CLI wizardry that i can force the network to come online without using the proper services
20:50
<
clever >
muzzy: you still have rollback options in the grub menu of the router
20:49
<
clever >
you have to practically strip the OS naked to even deploy a 2nd version
20:49
<
clever >
but the drive in those is also soo small you can barely fit 2 generations of nixos
20:49
<
clever >
there is an example deployment with 2 netbooks in the same repo, they have a similar problem
20:48
<
clever >
muzzy: but i plan to move more things to nixops when i have time
20:48
<
clever >
muzzy: currently, it only configures the router (because it was too slow to build itself), and everything else is nixos-rebuild
20:39
<
clever >
bennofs[m]: there is no real state in such a system
20:38
<
clever >
bennofs[m]: if every host is using the "none" targetEnv, you can technically just `nixops create` the same deployment on several machines, and deploy from any
20:35
<
clever >
muzzy: you edit the config on the machine thats running nixops
16:31
<
clever >
worldofpeace: pkgsi686Linux or pkgs.callPackage_i686 may be of use
16:04
<
clever >
cant think of anything that would do that
16:03
<
clever >
the path given to --query --root
16:03
<
clever >
what was $path?
16:02
<
clever >
doesnt mean anything really
16:02
<
clever >
srhb: i think its an index into an array in nix's ram
15:57
<
clever >
your welcome :)
15:54
<
clever >
we forgot to fully test it before mergint eh RP
15:54
<
clever >
ocharles: one sec
15:52
<
clever >
ocharles: yep
15:50
<
clever >
ocharles: this PR includes a patch for hydra to fix it
15:50
<
clever >
ocharles: nix-prefetch-git was already fixed in nixpkgs, but hydra has its own copy of the fix
15:49
<
clever >
ocharles: are there git submodules at play?
13:17
<
clever >
it will show in both
12:39
<
clever >
id just unconditionally remove it, maybe add a withSSE2 ? false override
12:37
<
clever >
sphalerite: there is also the issue of building on an sse2 cpu, then nix-copy-closuring to a non-sse2 cpu
12:03
<
clever >
nschoe: correct
12:02
<
clever >
it must be in the buildInputs to be able to find other buildInputs
12:01
<
clever >
nschoe: pkgconfig breaks if you manually install it
12:00
<
clever >
nschoe: try adding pkgconfig to the buildInputs
01:39
<
clever >
you probably want pkgs.haskell.lib.overrideCabal
01:39
<
clever >
the postInstall has to go inside the derivation, not after it
01:39
<
clever >
woodson: you created pkgs.postInstall
2018-05-20
21:20
<
clever >
its not documented, but if .enable is set to true, it adds `postgresqlAndPlugins cfg.package` to systemPackages (see also, line 25)
20:45
<
clever >
nixosnewbie: but since the service has a .package setting, you can skip that if you want to
20:45
<
clever >
nixosnewbie: the only thing special that an overlay gives you, is letting you inject your new versions into the main pkgs set
20:44
<
clever >
nixosnewbie: you can set .package to point to the postgress from unstable, and also use the unstable versions in the plugin list
20:42
<
clever >
yeah, thats it
20:42
<
clever >
which one was it, lol
20:42
<
clever >
ah, that one wont really help
20:42
<
clever >
,pinning nixosnewbie
20:38
<
clever >
nixosnewbie: you can also try turning plugins on one by one
20:33
<
clever >
nixosnewbie: i'm guessing they have to go into plugins, and the service will install the combined set
20:32
<
clever >
and the .enable installs the version you put in package
20:32
<
clever >
nixosnewbie: its the .enable that actually installs it
20:31
<
clever >
nixosnewbie: and your only going to break things if you try to manually delete files
20:31
<
clever >
nixosnewbie: line 34 installs one version, and line 62 installs a second version
20:30
<
clever >
nixosnewbie: dont add postgress to the systemPackages
20:19
<
clever >
nixosnewbie: can you pastebin your config?
20:18
<
clever >
nixosnewbie: your installing 2 versions of postgres, remove one of them from your config
20:17
<
clever >
nikivi: you added the channel nixpkgs twice
20:14
<
clever >
nikivi: as root, do nix-channel --update
20:13
<
clever >
nikivi: and when did you last do an update (or install) ?
20:13
<
clever >
nikivi: and again as root, under "sudo -i"
20:12
<
clever >
nikivi: what does nix-channel --list report?
20:12
<
clever >
nikivi: that sets up channels automatically
20:11
<
clever >
nixosnewbie: what name does nix-channel --list say the channel is?
19:55
<
clever >
nixosnewbie: next thing id try is turning off some of the postgres plugins
19:52
<
clever >
nixosnewbie: yeah, it would be useful to see if thats the only issue
19:51
<
clever >
nixosnewbie: do you need postgres enabled?
19:50
<
clever >
nixosnewbie: pastebin more of the output around the error
19:49
<
clever >
nixosnewbie: need more context around the error
19:47
<
clever >
nixosnewbie: its not a previous package that its trying to remove
19:45
<
clever >
adamt: i once had trouble linking firefox on gentoo, ld alone needed > 3gig of ram, and it was a 32bit machine
19:33
<
clever >
and you should see its a set containing every arch
19:33
<
clever >
adamt: what helps to figure this out, run "nix repl release.nix" then eval netboot
18:29
<
clever >
i think that was the args
18:29
<
clever >
2018-04-21 18:26:40< clever> sanboot --no-describe --drive 0x80
18:29
<
clever >
but you can skip step 1
18:29
<
clever >
adamt: internally, it will use sanhook to re-route the local hdd api, then just boot the "local" hdd
18:28
<
clever >
adamt: if you omit the args on what san disk to boot, it winds up booting a local disk
18:28
<
clever >
adamt: you just need the right args to the sanboot command
18:26
<
clever >
adamt: hadnt thought to try tht, lol
18:25
<
clever >
adamt: ipxe can also boot a local legacy hdd
18:25
<
clever >
adamt: of note, you can replace boot.php with any server-side scripting of your choice, lookup the mac addr in a database, then decide if it should boot the local hdd or boot nixos netboot
18:09
<
clever >
adamt: you literally run "justdoit" as root, and your done
18:09
<
clever >
adamt: justdoit is a script i wrote for helping with installs, and with a slight tweak, can be an unattended installer
18:08
<
clever >
adamt: my netboot_server is probably the best example then, since it also shows how to configure it under nixos, and includes justdoit
18:07
<
clever >
Unode: yeah
18:05
<
clever >
or -I nixpkgs=https://github.com/nixos/nixpkgs/archive/8bce347f02f6bd606ec1822f0ba9b94d7f139071.tar.gz
18:04
<
clever >
Unode: but i couldnt get chrome to run in that situation
18:04
<
clever >
Unode: its only set when you drop root to your user, so you need to either logout and back in, or "exec sudo -i" then "exec sudo -u clever -i" which re-applies what your user should have
18:03
<
clever >
Unode: yeah, cache-miss combined with async loading of fonts, causing it to load the same font 2000 times
18:02
<
clever >
adamt: rescue_boot just sticks the "netboot" kernel+initrd into /boot and gives them a menu option
18:00
<
clever >
Unode: and a certain page i was loading was basically a fd-bomb, and it needed over 4000 open descriptors
18:00
<
clever >
Unode: in my case, chrome calls socketpair() when trying to load a font
18:00
<
clever >
adamt: the netboot attributes of release.nix contain the ipxe script, and all the files it needs, in a single dir
17:59
<
clever >
adamt: oh, and also...
17:58
<
clever >
rauno: every attribute you pass to mkDerivation becomes an env var during building
17:57
<
clever >
Unode: this is a chunk of my configuration.nix, i had to bump the open-file limits to fix chrome
17:57
<
clever >
Unode: on sec
17:56
<
clever >
adamt: thats a complete server, with nat, dhcp, and bind, that can netboot nixos
17:56
<
clever >
adamt: if you build this attribute, you will get an ipxe script that refers to the kernel and initrd for you
17:45
<
clever >
phry: after nixos-install it should update