2018-04-21

<clever> so you generally want to use self, except when it causes recursion
<clever> super is the result of all overlays up to but not including the current, so you can modify foo without infinite recursion
<clever> Akii: self in the last file, is the result of applying every overlay in the list of overlays, but also, foo = self.foo; causes infinite recursion
<clever> packages go into nixpkgs.overlays
<clever> imports is only for nixos modules
<clever> yeah
<clever> try rerunning the command with --show-trace and post the backtrace
<clever> where did you put the reference to this file?
<clever> yeah, that should work
<clever> you tried to put something into nixos imports that didnt fit
<clever> Akii: i believe you want to store the fetchGit path in a variable, then callPackage "${thatvar}/utleague.nix" {}

2018-04-20

<clever> and what arguments are given to it
<clever> grep all-packages.nix to see where its loaded
<clever> its probably making use of similar features
<clever> Judson: and that function is ran on each kernel version, to generate a package set that compiles the same module against several kernels
<clever> Judson: kernel packages have to be loaded by a special function in all-packages.nix
<clever> tokudan[m]: page wont load, postgresql error, likely due to low disk space, lol
<clever> check the cmakelists.txt source to see how its finding openmp
<clever> and you searched all of /nix/store/?, maybe the cmake test for it is faulty
<clever> and it wont be visible as installed from outside the build
<clever> hodapp: nix will autoamtically fetch openmp and provide it to the build
<clever> hodapp: nix doesnt care about what is "installed" currently
<clever> infinisil: do ssh -v localhost
<clever> bachp: id consider that a waste of resources, aws may also not wait for the machine to configure itself before trying to have it serve traffic
<clever> bachp: line 34 is the key, it will need to be modified to embed your software and config into the image
<clever> bachp: dont see how to get the disk image though
<clever> bachp: this imports 2 other amazon related files...
<clever> bachp: something like this
<clever> bachp: ive not used it yet, but my general theory is to use nix-build to create an AMI that has your software fully configured, and upload it to aws, then configure auto-scaling to spin up that AMI
<clever> Myrl-saki: i saw what you reported earlier, and it should be fairly simple to implement, i can look into it in a bit
<clever> ShalokShalom: attribute names
<clever> nicl_l: and youve set networking.firewall.enable = false; ?
<clever> cant think of why tracking would be enabled then
<clever> nicl_l: is the firewall enabled?

2018-04-19

<clever> t
<clever> tilpner: nix-build creates such roots by defaul
<clever> try stracing that next?
<clever> that sounds entirely normal
<clever> its opening it in read-only mode, so it wont be created
<clever> that error also makes sense if the pid file doesnt exist yet
<clever> Aleksejs: the 2nd argument should be a filename, and strace should have translated it to a string
<clever> Aleksejs: re-run it under strace and see what the error is

2018-04-18

<clever> and set the name to nixos, nixos-rebuild prefers that channel name
<clever> Akii: also see http://howoldis.herokuapp.com/
<clever> unstable follows the latest master to pass testing
<clever> Akii: that channel follows the latest version of the release-18.03 branch that passed testing
<clever> Akii: also, what does nix-channel --list say?
<clever> Akii: each user has his own set of channels, you may need to nix-channel --update as root
<clever> andrewrk: mesa also implements hardware rendering for some cards
<clever> kini: and then its down to the order of elements in $PATH
<clever> kini: yeah
<clever> kini: they will silently collide, and nix-env has a higher priority
<clever> pirateking: nixos-rebuild uses the channel called nixos
<clever> daveo: run nix-collect-garbage to clean it up
<clever> bkchr[m]: i havent worked with the new cross-compile stuff that Sonarpulse has put in
<clever> betaboon: you want to run the command against the top-level storepath that nixops printed at the very end of a build
<clever> betaboon: that is what ruby-json depends on, not what depends on it
<clever> betaboon: you can still run that on the storepaths that nixops printed
<clever> betaboon: nix-store -q --tree

2018-04-17

<clever> sourceRoot = ".";
<clever> kisik21: set sourceRoot to the root of the source, relative to the root of the tar
<clever> nh2[m]: i also have plans to add in nix-bundle, then it will be as simple as: nix-build && cat result | ssh root@foo
<clever> nh2[m]: basically, run nix-build, upload the resulting tar, unpack to / on the remote machine, run /kexec_nixos
<clever> mightybyte: can you gist the nix expression?
<clever> kisik21: there is a fetchSubModules = true; flag
<clever> mightybyte: that error can happen if the src dir you give to cabal2nix has 0 or 2 cabal files
<clever> nh2[m]: have you looked at my kexec stuff yet?
<clever> :D
<clever> WilliamHamilton: default.nix is then just some glue, to let these 3 files depend on eachother easily
<clever> nico202: but nixos-rebuild first tries to build nix without qemu-vm.nix, and causes a false error
<clever> nico202: when you do nixos-rebuild build-vm, qemu-vm.nix is added to the module list, and then it does exist
<clever> WilliamHamilton: then i just symlink the path in, so the rest of the build uses it without having any network access
<clever> which is why i had to split it in 2
<clever> line 19-28 then uses patchelf to fix the binary, and the path to zlib can vary, so this step has an unpredictable hash
<clever> and because of that, nix will allow network access, so `make fetch` has permission to use the network
<clever> if the output does not have that hash, the build will fail
<clever> WilliamHamilton: lines 4-18 make a fixed-output derivation, which promises to nix that the output will always have the hash listed on line 8
<clever> WilliamHamilton: fixed
<clever> oh, and the hash in cl may be off, let me fix that
<clever> WilliamHamilton: https://github.com/cleverca22/nix-misc/tree/master/shen grab these 4 files and then run `nix-build -A shen`
<clever> WilliamHamilton: any idea what causes this?
<clever> fatal error encountered in SBCL pid 482(tid 140737354088960):
<clever> can't find core file at /usr//lib/sbcl//sbcl.core
<clever> WilliamHamilton: ok, the patchelf phase is done, now on to the main phase...
<clever> ah, one min then
<clever> WilliamHamilton: make fetch?
<clever> WilliamHamilton: where does shen-cl/shen come from?
<clever> WilliamHamilton: one minute
<clever> WilliamHamilton: and you want nix-locate (part of the nix-index package)
<clever> WilliamHamilton: that has to go into the nix file
<clever> WilliamHamilton: you may also need --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)"
<clever> WilliamHamilton: patchelf --set-rpath ${lib.makeLibraryPath [ zlib ]} bootstrap
<clever> WilliamHamilton: ahhh, yeah, you will need to patchelf the bootstrap program
<clever> WilliamHamilton: its also likely to go a lot better if you use nix-build instead of nix-shell
<clever> Akii_Work: yep
<clever> Akii_Work: thats a recent bug i heard sphalerite mention an hour ago, it no longer shows the error
<clever> WilliamHamilton: if you build it inside nix-shell, it should just find zlib when linking
<clever> Akii_Work: `nix-env -iA nixos.slack` forces it to use the slack package in the nixos channel, and it will fail with an error explaining how to enable unfree packages
<clever> Akii_Work: `nix-env -i slack` will search the .name of every package you can currently install, and unfree packages are hidden by default
<clever> WilliamHamilton: what program is failing to find it?
<clever> WilliamHamilton: the shell wont add it to the search path at runtime, only at build-time
<clever> WilliamHamilton: nix-shell -p zlib
<clever> Akii_Work: then make it
<clever> Akii_Work: ~/.config/nixpkgs/config.nix affects nix-env
<clever> Akii_Work: configuration.nix only affects configuration.nix and nothing else
<clever> Akii_Work: you need to enable unfree packages in config.nix
<clever> Akii_Work: ah, sphalerite mentioned that bug about an hour ago
<clever> Akii_Work: and also throw another thumbs-up at https://github.com/NixOS/nixpkgs/issues/17126
<clever> Akii_Work: nix-env -iA nixos.slack
<clever> nico202: it should also work with that, ignore the error it gives early-on
<clever> i tracked that down when trying to purge feh from my system
<clever> pls-help: the "none" desktop manager is always enabled, so there is always at least 1 DM that lacks root-window support
<clever> pls-help: oh, there is also a bug in the desktop manager code
<clever> nico202: its a normal nixos parameter
<clever> which normally results in the root window being whateverr the login manager left
<clever> pls-help: and "none" is an empty string, which does not declare itself as supporting the root window
<clever> pls-help: and also, xmonad isnt a desktop manager, so something else is being selected for that
<clever> pls-help: lines 12 and 80 of the default.nix manveru linked earlier
<clever> pls-help: if ~/.background-image doesnt exist, nixos will instead just set the background to solid black
<clever> chisui_w: a hydra server is the best way to manage that, but then you need at least 2 machines running nixos
<clever> pls-help: i believe it turns off automatically if you use a desktop env that can manage the root window automatically
<clever> and if it has no output, you can `nix-store --delete` it to regain that space
<clever> nick_l: this command will tell you why its ondisk still
<clever> nick_l: nix-store -q --roots /nix/store/hb3my57q3ai9iwxcsfv381z368xvn1qi-gnome-backgrounds-3.24.0
<clever> nick_l: when does gnome-backgrounds come into play, is nixos-rebuild downloading it?, is it already on-disk?
<clever> kisik21: nix already sets a bash flag to hard-fail the whole thing if any step fails
<clever> kisik21: you can also use ; or even multi-line strings, no need for &&
<clever> kisik21: 2 different packages both had a share/xfce4/panel-plugins in their output, so it only used one of them
<clever> nick_l: find the top-level .drv file that `nixos-rebuild dry-run` prints out, then do `nix-store -q --tree` on that, and trace the path to gnome-backgrounds
<clever> tokudan[m]: its linked against nix 1.11, you need to either use `nix repl` or `NIX_REMOTE=daemon nix-repl`
<clever> nick_l: there are configuration.nix flags to disable a lot of that
<clever> kisik21: yeah, once you wrap it with ( and )
<clever> nick_l: id start with a GC, and check for old profiles of nixos you can delete
<clever> kisik21: and the whole runCommand function returns that string within nix, for use elsewhere
<clever> kisik21: runCommand will have its own $out, that you can just use in the quotes
<clever> nick_l: nix may have deleted a partially downloaded file, after running out of space
<clever> kisik21: pkgs.runCommand "name" {} "ln -sv ...."
<clever> kisik21: pkgs.runCommand may be more suited to your needs then mkDerivation
<clever> Myrl-saki: all code in the process has to be in the same arch
<clever> Myrl-saki: we need 2 types of import, for the host, and target, and limit TH to using host imports
<clever> Myrl-saki: because the TH is importing libraries that have already been compiled for the target and the source for those is long lost
<clever> then you wind up with x86 libraries in your arm initrd
<clever> Myrl-saki: those magic env vars cause the dynamic qemu-user to spit out its own host deps!!
<clever> Myrl-saki: ldd sets some magic env vars, that cause ld.so to spit out the dyn libs, rather then run things
<clever> was too much of a mess to get a backtrace out of it
<clever> and getting the right gdb to play nicely...
<clever> Myrl-saki: and the coredump was mangled by the mix of arches
<clever> Myrl-saki: i also once tried qemu-user-x86-64 to run teamspeak on an rpi, but it threw an assertion within pulseaudio
<clever> Myrl-saki: :D
<clever> angerman: qemu-user basically works the same as wine, but for different arches of linux
<clever> angerman: it should be trivial to take a linux-arm TH runner, and throw it under qemu-user-arm
<clever> Myrl-saki: yeah, its mostly a purity thing, you cant tell nix that compiler x and compiler y are identical and can be swapped out
<clever> Myrl-saki: its mostly a limitation of nix
<clever> Myrl-saki: and if you ever try to switch to native, nix will rebuild the world
<clever> Myrl-saki: if you configure nixpkgs to cross-compile with a linux-x86 host, then nix-env will forever rely on you having a linux-x86 host to do your building
<clever> Myrl-saki: one sticky area with nix, is that you cant really mix native and cross easily
<clever> Myrl-saki: i think angerman already mentioned ghc can target ARM easily enough and generate a self-contained dynamic library that android can dlopen()
<clever> Myrl-saki: there is also a language called c-- in the mix now i believe
<clever> Myrl-saki: i'm guessing they started with a compiler written in c++
<clever> Myrl-saki: what i want to see, is a nix derivation that spits out a binary ghc, that can be patchelf'd to work on any future nixpkgs
<clever> Myrl-saki: but that pre-compiled one is from debian
<clever> Myrl-saki: nixpkgs has a binary ghc package, that just patchelf's a pre-compiled one
<clever> mt_caret_: this is where the list of valid choices exist: https://github.com/NixOS/nixpkgs/blob/master/lib/licenses.nix
<clever> mt_caret_: license = licenses.proprietary
<clever> kisik21: then it should have given more output, can you try: nix-env -iA nixos.xfce.xfce4-notes-plugin -vvvv
<clever> kisik21: what does `sudo nix-channel --list` say?
<clever> kisik21: are you on nixos?
<clever> kisik21: nix-env -iA nixos.xfce.xfce4-notes-plugin

2018-04-16

<clever> it wont even start with that value
<clever> zybell: setupterm() failed for TERM=foobar: 0
<clever> zybell: irssi was not restarted during that testing, but i can check that
<clever> zybell: xfce-term also printed this to every single open tab
<clever> zybell: *** VTE ***: Failed to load terminal capabilities from '/etc/termcap'
<clever> and it failed to find foobar, so it lost the ability to handle with the irssi+screen output
<clever> zybell: i'm guessing xfce-term dynamicaly loads the terminfo, and tries to emulate whatever terminal emulator it was set to emulate!
<clever> zybell: i had temporarily changed the emulation setting in xfce-term to foobar, to try and change what bash thinks $TERM is
<clever> zybell: https://imgur.com/a/v7fWb
<clever> zybell: dear god, what it did in irssi!!
<clever> i cant even hit enter to echo $TERM
<clever> zybell: changing it to foobar seriously breaks the terminal, lol
<clever> zybell: in the compatability config for xfce-term, the emulation setting is set to xterm
<clever> havent seen :bd before
<clever> also happens without tmux in the loop, so its xfce-term not supporting the control code, and tmux just blindly repeating it
<clever> still happens without screen in the loop
<clever> also, xfce-term claims TERM=xterm!?
<clever> sphalerite: every minute or so, tmux seems to try to change the cursor, and the \e[ prints garbage, followed by the 6 q
<clever> sphalerite: oh, its screen + xfceterm, after some delay, it prints some garbage to the screen
<clever> sphalerite: hmmm, i did the cursor change thing in tmux on xfce-term, and its doing weird things
<clever> ryantrinkle: justdoit also has a range of config flags, to support virtio, sata, or nvme, with or without luks, and legacy or uefi
<clever> ryantrinkle: but justdoit uses grub in removable efi mode, so the bios thinks the fresh install is on removable media, and boots it without efivars being configured
<clever> ryantrinkle: only thing i havent gotten to work yet, is efi based pxe
<clever> ryantrinkle: originally, i had used the netboot_server to spread nixos from my old laptop to my new laptop
<clever> ryantrinkle: 42 makes an http dir with the kernel and initrd
<clever> ryantrinkle: 36 makes a tftp root directory containing the bootloaders
<clever> ryantrinkle: line 11 loads the netboot installer profile, which generates an initrd that contains the entire rootfs
<clever> ryantrinkle: it also includes the justdoit script in the netboot image, so you literally type "justdoit" at the root shell, and it installs nixos
<clever> ryantrinkle: this nixos module configures a complete router to act as an ipxe server
<clever> the next 2 runs didnt, and the cursor hasnt changed
<clever> sphalerite: in xfce terminal, the first run of that printf printed garbage
<clever> though i just keep better track of the state, most of the time
<clever> ah, i can see that being handy
<clever> sphalerite: tmux also restores the original cursor on shutdown, so the terminal isnt "damaged"
<clever> sphalerite: the line cursor just feels wrong in xterm lol
<clever> Aleksejs: generally, you should have a central machine that you run nixops on, where the state file is kept, just left in the default directoryu
<clever> you will have to patch hydra to change it
<clever> srhb: its hard-coded to true, bypassing all config
<clever> jtojnar: read my comment in https://github.com/NixOS/nixpkgs/issues/10165
<clever> jtojnar: 2 or 3 people tried to make PR's for that, and they where rejected
<clever> Dezgeg: those are either config files built locally, stuff --fallback built, or infested paths
<clever> Dezgeg: which is why ive thought of an extra util to audit the store, double-check signatures against cache.nixos.org, and then just anything that was not signed by nixos
<clever> Myrl-saki: in theory, malware that is aware of nix can just fudge the hashes in db.sqlite, to claim the backdoor'd binaries are not corrupt
<clever> Myrl-saki: for the verify operation, nix keeps the "correct" hash in db.sqlite
<clever> and the malware just worked, lol
<clever> and popped the usb stick into his ubuntu machine
<clever> the local IT guy wanted to help the pentester, not knowing he was an attacker :P
<clever> Myrl-saki: i think i saw that during a pentesting defcon talk
<clever> zybell: then its an issue with the nixpkgs rev?
<clever> i mostly use it to force "fullscreen only" games to play in a window
<clever> virtual desktop mode
<clever> sphalerite: wine has a mode where it doesnt need a window manager
<clever> at play*
<clever> sphalerite: memory footprint is also at plat, a minimal nixos squashfs is about 300mb, but not-os is 40mb
<clever> Myrl-saki: i think so
<clever> Myrl-saki: an entire display manager, written in haskell
<clever> sphalerite: need to set one of the search path flags, cant remember the right name
<clever> and that is responsible for running X
<clever> typically, the display manager is ran
<clever> Myrl-saki: that could probably be done, just need to get X working under not-os
<clever> Myrl-saki: you can either use not-os to get a heavily stripped down linux os, or you could just rewrite nixpkgs from scratch if your feeling insane :P
<clever> zybell: collect2: error: ld returned 1 exit status
<clever> oh, and steam is open, its pixelmem is about 300k
<clever> normally i have 40+ windows open, lol
<clever> as-in, they actually all fit on the task bars today!
<clever> and i have relatively few windows open, compared to what i normally do
<clever> thats twice what you have
<clever> the pixel mem for my window manager alone is 196,435K
<clever> Myrl-saki: xrestop
<clever> yeah
<clever> zybell: then nix will just delete the entire directory when the nix-build fails
<clever> zybell: make itself will delete any partially made outputs if a given step fails
<clever> zybell: eek, 500mb free on / right now
<clever> dmesg says OOM hasnt happened
<clever> zybell: its just normal nixpkgs with defaults right now
<clever> Myrl-saki: not sure why that one had failed
<clever> zybell: yeah
<clever> Myrl-saki: 142 is the actual raspberry pi
<clever> TweyII: yeah
<clever> with a tmpfs to make it writable
<clever> zybell: 40mb squashfs loaded over tftp at bootup
<clever> TweyII: can you guess how its even booting?, theres not even an OS on it!
<clever> the entire drive is /boot and swap!
<clever> also, i dont have a / or /nix partition!
<clever> id need to resize /boot to get more swap
<clever> and the SD card is only 2gig total
<clever> zybell: thats also how much ram it has :P
<clever> Myrl-saki: added 1gig after it failed
<clever> pacmeister: yep
<clever> qemu-user fails with an unknown issue, and native fails due to the OOM killer
<clever> Myrl-saki: its also not clear why it hasnt been able to progress past binutils
<clever> sort of, its not often up to date, so its of little use
<clever> Myrl-saki: i mostly ignore it, lol
<clever> Myrl-saki: probably
<clever> Myrl-saki: yes
<clever> Myrl-saki: hence, why it takes days to build anything
<clever> Myrl-saki: i am the binary cache :P
<clever> pacmeister: its possible that the setuid root wrappers are breaking the $HOME detection
<clever> Myrl-saki: my hydra automatically follows one of the nixos channels
<clever> Myrl-saki: ow!
<clever> and try copying it to roots home
<clever> does ~/.ecryptfs/${alias}.sig exist?, check on both your user and root
<clever> pacmeister: and what does google say about ecryptfs and that error?
<clever> pacmeister: what is the exact error msg?
<clever> so if you just configure an FS with the right type, it will be fully automatic
<clever> boot.supportedFilesystems is also automated on the fsType of everything in fileSystems."/foo".fsType
<clever> correct
<clever> pacmeister: if you simply set boot.supportedFilesystems = [ "ecryptfs" ];, then this module will activate, and configure the wrapper for you
<clever> the fact that the package is trying to run that path, implies that its already been fixed
<clever> oh, and also
<clever> pacmeister: some old examples i made: https://gist.github.com/cleverca22/5711322b5a12311571d8e828f40f0603
<clever> yeah
<clever> pacmeister: your not supposed to copy into that directory, but instead configure security.wrappers
<clever> thats probably also where i saw that trick
<clever> and all its doing is fromJSON with a throw for non-int types