2018-02-25

<clever> list based options concat between files
<clever> fileSystems."/".options = [ "iwantcompression=yes"; ]; for example
<clever> mfiano: you can also set just one option in configuration.nix, and nixos will merge them
<clever> mfiano: i prefer zfs, and compression is a setting on the sub-volume, that persists between reboots, so you cant forget it so easily
<clever> it has to query the subvolume, and persist that option correctly, it it wont even mount the right one
<clever> mfiano: 401 has btrfs handling
<clever> mfiano: near line 338
<clever> samueldr: nice
<clever> but without /boot, grub cant find normal.mod, so its stuck in rescue mode
<clever> i didnt copy enough of it
<clever> just typing fs0: and bootx64 into the shell runs bootx64.efi
<clever> it boots
<clever> waiting for the 60 second hang
<clever> samueldr: ive yoinked the grub efi file from my laptop, and stuck it into the qemu image, to confirm if i'm even using the efi shell right
<clever> it might only be the basic vesa driver that had trouble
<clever> mfiano: oh, and the nvidia drivers may not have trouble with efi
<clever> mfiano: it will fail to download because its closed source, and the error explains what you have to add to configuration.nix, to enable unfree software
<clever> mfiano: you can use the keywords from this list to activte it
<clever> mfiano: services.xserver.videoDrivers
<clever> abbe: if you run `nix-build -A hello` in the root directory of the fork, it will build a test of the hello world package
<clever> abbe: fork nixpkgs, clone your fork, and then edit the files in that fork
<clever> abbe: thats normally done with package overrides
<clever> jophish_: i should start spreading that to all of my machines then
<clever> its the daemon trying to wrap up the stdout of curl, and ship it over the nix protocol
<clever> jophish_: ahh, that explains things more
<clever> jophish_: nix is adding a \n at the end of each fragment of output
<clever> jophish_: curl has a callback to give some of its output to the host process, which should print it to the console
<clever> mfiano: nixos-generate-config doesnt touch the main file
<clever> mfiano: make sure you mount /boot, and add it to your hardware-configuration.nix
<clever> mfiano: so every time you reboot, it does a rollback to the initial install, ignoring every config change
<clever> mfiano: you dont have /boot mounted
<clever> mfiano: is current-system pointing to the latest system symlink?
<clever> mfiano: after you reboot, can you compare ls -l /run/current-system to ls -l /nix/var/nix/profiles/
<clever> and that entirely broke nixos's ability to auto-create users
<clever> BlessJah: the /var/lib/nixos/uid-map file inside of nixos-something.qcow2 got corrupted by an improper shutdown of the VM
<clever> BlessJah: nixos-rebuild build-vm generates a bash script that launches nixos inside a vm, with nixos-something.qcow2 as the root hdd
<clever> BlessJah: and it shares the /nix from the host
<clever> BlessJah: deleting the .qcow2 file is the simplest way to fix it
<clever> BlessJah: line 11 says its the uid-map file
<clever> 11 my $uidMap = -e $uidMapFile ? decode_json(read_file($uidMapFile)) : {};
<clever> 10 my $uidMapFile = "/var/lib/nixos/uid-map";
<clever> BlessJah: inside the broken guest
<clever> BlessJah: you can also just delete the entire nixos-something.qcow2 in the directory you launched qemu from, to wipe the virtual hdd
<clever> BlessJah: /var/lib/nixos/uid-map and /var/lib/nixos/gid-map
<clever> BlessJah: one min
<clever> BlessJah: you have invalid json in one of the state files, and that breaks the perl script managing users
<clever> samueldr: yet the efi shell looks nearly identical
<clever> samueldr: if i boot my custom efi program in virtualbox, it says invalid parameter, but in qemu, it says command error status: not found
<clever> mfiano: and you may need to `systemctl restart display-manager` also
<clever> mfiano: nixos-rebuild switch as root
<clever> mfiano: set xterm to false and it should use i3 instead
<clever> mfiano: this option defaults to on, and with the auto-login, your not being asked which DM to use
<clever> mfiano: services.xserver.desktopManager.xterm.enable
<clever> mfiano: yep, thought so
<clever> mfiano: camera again?
<clever> mfiano: can you screenshot what comes up when you initially login?
<clever> mfiano: there is an xterm desktop manager that may be enabled by default
<clever> and auto-login skips that
<clever> mfiano: if your using the slim display manager, i think it was f1 or f3 to cycle between the options, and its white on light blue, so its hard to read
<clever> samueldr: only 4 leads in this cable
<clever> samueldr: ah
<clever> stock*
<clever> samueldr: oh, and the stick firmware on this motherboard can take bitmap screenshots of itself, and save them to usb
<clever> its the same port that handles reflashing itself
<clever> samueldr: you have to hit a special button on the motherboard, to switch it into device mode on that port
<clever> samueldr: ive been told that its violating the standards to make such a cable
<clever> samueldr: even if the motherboard is "off"
<clever> samueldr: then using USB HID packets, it can change the bios settings, simulate the power/reset buttons, and monitor the temps and fan speeds
<clever> samueldr: this motherboard also has a non-standard double-male usb cable, that connects a special usb port on the mobo, to another pc running special software
<clever> samueldr: product: CROSSHAIR V FORMULA-Z
<clever> samueldr: yeah...
<clever> samueldr: what level does it work at?
<clever> samueldr: but, would coreboot break the re-flash thing i mentioned?
<clever> mfiano: the problem, is how do you load the backup, when it doesnt boot
<clever> samueldr: my desktop motherboard can re-flash itself if you give it a usb stick with the firmware, and hold a special button
<clever> samueldr: either a clip-on programmer, or leave the recovery mechanism intact
<clever> samueldr: i want a sure-fire way to unbrick it before i start
<clever> mfiano: yeah, thats why i havent tried it on any hardware yet
<clever> samueldr: yep, after a ~1 minute timeout, i get an efi shell
<clever> opensource bios/firmware
<clever> mfiano: https://www.coreboot.org/
<clever> mfiano: would you like to join the church of coreboot? lol
<clever> mfiano: everything? :D
<clever> mfiano: i think the EFI is blocking the video drivers
<clever> Feb 24 22:57:32 basilisk display-manager[1052]: (EE) Screen(s) found, but none have a usable configuration.
<clever> Feb 24 22:57:32 basilisk display-manager[1052]: (EE) VESA(0): V_BIOS address 0x0 out of range
<clever> samueldr: i'm attempting to build my own efi application, as an experiment
<clever> then i clicked the X
<clever> samueldr: lol, right as i tried to close it, it sprang to life
<clever> mfiano: journalctl -u display-manager | gist -p -
<clever> samueldr: got a tianocore logo, and a single . but no efi shell
<clever> [clever@amd-nixos:~/apps/uefi]$ ./qemu/bin/qemu-system-x86_64 -bios $(realpath OVMF-fd/FV/OVMF.fd)
<clever> mfiano: anything else, further up?, maybe add -n30 or -n300
<clever> [clever@amd-nixos:~/apps/uefi]$ nix-build '<nixpkgs>' -A qemu_kvm -o qemu
<clever> [clever@amd-nixos:~/apps/uefi]$ nix-build '<nixpkgs>' -A OVMF.fd -o OVMF
<clever> mfiano: journalctl -f -u display-manager, any errors?
<clever> samueldr: i tried something like that earlier and it just hung, i'll need ot try it again
<clever> samueldr: in theory, efi.akeo.ie would allow efi to boot from ext4 or zfs
<clever> samueldr: it then returns a standard "i cant boot" failure, causing the firmware to just try to the next entry in the config
<clever> samueldr: this is an efi binary, that contains every FS driver in grub2, and hooks them into the efi system
<clever> samueldr: and i recently found http://efi.akeo.ie/
<clever> samueldr: i need to poke around some more and get efi working under qemu
<clever> mfiano: then you can edit the config and nixos-rebuild switch followed by systemctl restart display-manager
<clever> mfiano: ctrl+alt+f1 to get a text console
<clever> samueldr: ah, maybe
<clever> samueldr: id say just copy it everywhere until it starts working, lol
<clever> samueldr: as in, i can edit the efibootmgr type stuff, from the firmware
<clever> samueldr: ive messed with the EFI within virtualbox, and it has a usable UI for editing the boot entries!!
<clever> samueldr: i have to either unplug the efi drive or disable efi support
<clever> samueldr: mine entirely ignores the boot order and the legacy options if the EFI drive can be found at all
<clever> the removable option setup bootx64.efi
<clever> mfiano: the above copy can be done without nixos-install, just mount it and copy the file, then umount
<clever> mfiano: you will probably also want to change the \'s to /'s
<clever> mfiano: try copying the grub.efi file to EFI\Microsoft\Boot\bootmgfw.efi within the efi partition
<clever> samueldr: yeah, lol
<clever> mfiano: it was just hard-coded to the path windows uses
<clever> mfiano: i heard somebody mention in here a week ago, about a bios that could only boot windows
<clever> mfiano: that reminds me
<clever> BlessJah: i run it on my router, and we have #nixos-on-your-router
<clever> ah, ldap, thats what i was trying to think of
<clever> Guanin: i was thinking more about things like not even having users in /etc/passwd, and looking them up over the network
<clever> Guanin: ah, yeah, thats a bit different
<clever> Guanin: ignoring the normal centralized user stuff in pam, and just using git to sync the nixos config that generates users
<clever> Guanin: have you considered just having normal pam setup everywhere, but using a nixos config file in git to keep them in sync?
<clever> and if pam gets interrupted with any signal,returning an error code that says to try again, pam instead treats it as a hard failure
<clever> haskell uses a timer signal to implement lightweight threads
<clever> other then pam not handling stray signals well
<clever> yeah, that program didnt have any pam problems
<clever> Guanin: oh, correction to what i said above, hsdm is running as root when it does these calls, and will drop root to the chosen user once it confirms things
<clever> Guanin: i think this file is also involved somehow
<clever> [root@amd-nixos:~]# cat /etc/pam.d/sudo | uniq
<clever> Guanin: ah, and i think you provide a username to pam, then pam runs a callback to ask for more details
<clever> something in the pam library then deals with gaining root, and confirming the name/pw
<clever> Guanin: and this part calls functions in pam from the unpriveledged user: https://github.com/taktoa/hsdm/blob/master/haskell/src/System/HSDM/PAM/Internals.chs#L55-L72
<clever> Guanin: this part configures pam to allow it access: https://github.com/taktoa/hsdm/blob/master/hsdm-module.nix#L32-L35
<clever> Guanin: here is a custom pam client i had worked on a few years ago
<clever> but typically, the bios can only boot an efi image configured in the efi vars
<clever> instead, it loads the efi system partition, and boots the .efi file from that
<clever> efi just ignores the bios boot partition
<clever> so you just make a proper partition to hold that data
<clever> and they are against ugly hacks of using "unused" space
<clever> mfiano: but gpt uses more then the 1st sector
<clever> mfiano: and then it puts core.img between sector 0 and partition 1, in 'unused' space
<clever> mfiano: with legacy on MBR, grub puts a 512 byte stub into sector 0
<clever> mfiano: the bios boot partition is only used for legacy booting
<clever> mfiano: and run nixos-generate-config --root /mnt, so it knows about that fat32
<clever> mfiano: if your not booted under efi, you have to set the install as removable flag i mentioned earlier
<clever> mfiano: i think thats a result of the uuid type code that was set when creating
<clever> mfiano: ive also seen a friend try to repartition with both fdisk and gparted open at once, and they where overwriting eachothers tables
<clever> mfiano: then formating things
<clever> mfiano: id recomend fully closing gparted once your done, then re-opening it to confirm things stuck, and closing again
<clever> mfiano: also, check to see what blkid says about the btrfs
<clever> mfiano: try setting them?
<clever> mfiano: so what you said sounds right for the bios boot partition
<clever> mfiano: gparted shows /dev/sdb1 as being a grub2 core.img on my end, with flags bios_grub and legacy_boot
<clever> mfiano: oh, just noticed this within my EFI system partition
<clever> 00000050 20 20 46 41 54 33 32 20 20 20 0e 1f be 77 7c ac | FAT32 ...w|.|
<clever> mfiano: it sounds like gparted just looked inside sda1, and found the core.img within
<clever> mfiano: its possible that your bios is doing funky things like messing with the partition table to "fix" it for you
<clever> gorre: but if your on nixos, its as simple as services.docker.enable = true; and your done
<clever> gorre: if you want docker to work outside of nixos, you have to manually run the daemon as root, and do all the normal config stuff
<clever> gorre: that command only installs the docker programs, it doesnt configure any docker services
<clever> mfiano: thats what my EFI system partition looks like when inspected
<clever> 00000000 eb 58 90 6d 6b 66 73 2e 66 61 74 00 02 08 20 00 |.X.mkfs.fat... .|
<clever> [root@system76:~]# hexdump -C /dev/nvme0n1p1 | head
<clever> /dev/nvme0n1p1: UUID="7DBC-2698" TYPE="vfat" PARTUUID="27c99b08-455d-4dfe-a44f-6150cbc09ef8"
<clever> [root@system76:~]# blkid /dev/nvme0n1p1
<clever> MP2E: try you try it again from nixpkgs f607771d0f5 ?
<clever> MP2E: one min
<clever> MP2E: yeah, 32bit support is on, are you using the steam chroot stuff from nixpkgs?
<clever> MP2E: what does this output? cat /proc/config.gz | gunzip | grep IA32
<clever> MP2E: and if you run file on it?
<clever> mfiano: for my laptop, its using 62gig, and my desktop, 46gig
<clever> MP2E: if you run ls -lh ~/.local/share/Steam/ubuntu12_32/steam, what does it say?
<clever> MP2E: if you override boot.kernelPackages, it will set the kernel automatically
<clever> MP2E: are you using the hardened linux kernel
<clever> spectre-meltdown-checker is also in nixpkgs, so you can test your boxes
<clever> MichaelRaskin: i think there might have also been something about KPTI ruins performance, but the microcode can fix it faster
<clever> MichaelRaskin: and spectre
<clever> MichaelRaskin: and what is guix going to do with microcode blobs and meltdown?
<clever> mfiano: one of the major strenghts of nixos, is that once you know a rev of nixpkgs that works good, you can always go back to that, no mater how bad things get, at the cost of downgrading to the versions within that rev
<clever> simpson: my only guess, is that xfs looked up the mappings, then bypassed lvm, and got confused when lvm began shifting blocks around
<clever> mfiano: ive got zfs with redundancy configured, and snapshots
<clever> simpson: i once tried to resize an lvm volume, while an xfs one was mounted, something borked, and it overwrite a decent chunk of an ext3 volume in lvm
<clever> mfiano: nix-env -iA nixos.gparted
<clever> mfiano: yeah, and another optional thing you could try, is leave some empty space after that for windows
<clever> mfiano: so you can upgrade to efi later on
<clever> mfiano: we could just do legacy on gpt then, a 2mb bios boot partition, and the rest for btrfs and it should work
<clever> mfiano: which might fix your EFI issues
<clever> mfiano: boot.loader.grub.efiInstallAsRemovable lets you do an EFI install when not booted from EFI
<clever> depends on if you want MBR or GPT, and if you want legacy or EFI
<clever> and most bios should then boot it automatically without the special efi vars config
<clever> mfiano: that tells grub to configure the sata drive as-if it was a removable disk
<clever> mfiano: if you install nixos with boot.loader.grub.efiInstallAsRemovable = true; and the vfat mounted to /boot, it should become bootable
<clever> mfiano: one sec
<clever> mfiano: its very puzzling how just shrinking the bios boot partition breaks booting, because re-running nixos-install should fix it, and make it only boot nixos
<clever> mfiano: my primary desktop is a 2 drive raid for nixos, and a 3rd drive for windows
<clever> mfiano: that should work
<clever> mfiano: dual-booting can be restored, once nixos is working, with the right nixos config for grub
<clever> mfiano: also, is the CSM enabled in the bios?, your configured for legacy booting, not efi
<clever> mfiano: the bios boot partition on sda1 only needs to be about 2mb, and it must never be mounted or formated with an FS
<clever> mfiano: what does `mount` say?
<clever> mfiano: also, what does `mount` say?
<clever> mfiano: sda1 is way too big
<clever> mfiano: and fdisk -l /dev/sda ?
<clever> disasm: ah
<clever> mfiano: then just ssh into it from a more capable machine
<clever> mfiano: oh, also, systemctl start sshd, and passwd
<clever> Ankhers: probably
<clever> Ankhers: i'm not sure why its still in nixUnstable after being "released"
<clever> mfiano: what does fdisk -l /dev/sda say?
<clever> mfiano: and nix-env -iA nixos.gist lets you pastebin files with `gist -p file.txt`
<clever> Ankhers: sudo -i then nix-env -iA nixpkgs.nixUnstable
<clever> you could alos use tmux instead
<clever> ctrl+a ] to paste
<clever> mfiano: copy is ctrl+a [, arrows to move the cursor, enter once to start a selection, enter again to end&copy
<clever> mfiano: lets switch over to screen so its easyer to manage things, nix-env -iA nixos.screen, then run screen
<clever> mfiano: camera?
<clever> mfiano: can you get a screenshot of it and link the image on irc?
<clever> MichaelRaskin: thats a bug in nixos-install, it always builds on the host, then copies to /mnt
<clever> mfiano: if / and /boot are mounted to the right spots (/mnt and /mnt/boot), you can just run nixos-install without any args
<clever> mfiano: interested in what else it printed, the details
<clever> you should be able to re-mount your FS's, and delete /mnt/boot/grub/state, and re-run nixos-install
<clever> meant to say that one
<clever> what did nixos-unstable print when installing grub?
<clever> should just work
<clever> spinning rust? ssd?
<clever> mfiano: what type of drive is the rootfs?, sata?, nvme?
<clever> pie__: try nix-env -iA nixos.ratpoison && ratpoison
<clever> pie__: in theory, you can run any window manager, and it should just take over and give you window switching
<clever> mfiano: the subvolumes could be making it more complex
<clever> my only guess is that grub cant make sense of your btrfs, and you need an ext4 /boot partition
<clever> and the problem is before grub even found its own config
<clever> mfiano: nixos auto-detects the .fstype of the filesystem configured for / and /nix
<clever> mfiano: this line isnt required
<clever> boot.initrd.supportedFilesystems = [ "btrfs" ];
<clever> mfiano: nix-env -iA nixos.gist ; gist -p /path/to/file1 /path/to/file2 ...
<clever> mfiano: and hardware-configuration.nix
<clever> mfiano: can you gist your configuration.nix file?

2018-02-24

<clever> or i'm getting to and from backwards
<clever> and also, doRename is purely for setting, not reading
<clever> MichaelRaskin: but these versions, are read-only
<clever> MichaelRaskin: doRename tries to set the new option, to match the old option
<clever> MichaelRaskin: i think i see more of the problem now
<clever> zimbatm: yep
<clever> zimbatm: i was at that talk, in person
<clever> garbas: `nix copy --to local?root=/mnt` sorta
<clever> garbas: simplest solution i can give is to flip the direction, do --from, and specify a dir on the local machine
<clever> garbas: ive done it with a local directory, but i dont know how to do it via ssh with --to
<clever> MichaelRaskin: yep, i have a config.config.system option, due to the botched rename
<clever> MichaelRaskin: the "config" in here doesnt belong
<clever> MichaelRaskin: i found the problem
<clever> MichaelRaskin: oh
<clever> eacameron: ah
<clever> MichaelRaskin: this line of nixops
<clever> 284 nixosRelease = v.config.system.nixosRelease or (removeSuffix v.config.system.nixosVersionSuffix v.config.system.nixosVersion);
<clever> eacameron: all fixed?
<clever> 193 (mkRenamedOptionModule [ "config" "system" "nixosVersion" ] [ "config" "system" "nixos" "version" ])
<clever> latest nixpkgs, and the nixops within it
<clever> trying to build nixos-unstable from today is what failed
<clever> 16.03 worked fine with this nixops
<clever> yeah, and there is a rename module in place that should fix it...
<clever> hmmm
<clever> error: attribute 'nixosVersion' missing, at /nix/store/aky8l2zmfv6gibif85fbr1qrj9i4mj05-python2.7-nixops-1.5.2pre0_abcdef/share/nix/nixops/eval-machine-info.nix:284:107
<clever> and its defined over there
<clever> "/nix/store/pqs6qsjwfrjf0g3gf58drk16q1izby9i-nixos-18.03pre129076.831ef4756e3/nixos/pkgs/data/fonts/dejavu-fonts/default.nix:7"
<clever> nix-repl> dejavu_fonts.meta.position
<clever> mfiano: the attribute is pkgs.dejavu_fonts
<clever> and now its been rolled back, lol
<clever> [root@router:/nix/var/nix/profiles]# ./system-377-link/bin/switch-to-configuration test
<clever> gchristensen: and it refused to build the fix
<clever> gchristensen: which then broke the nix on every machine in the house
<clever> gchristensen: i removed an "un-needed" nfs mount, which broke an old binary cache http server from nix-push
<clever> gchristensen: and ive borked the router, lol
<clever> MichaelRaskin: this is how ive solved the issues
<clever> the conditions are a bit vague, but i think the trigger is if the mount namespace doesnt match its parent
<clever> MichaelRaskin: you cant nest namespaces if you lack root
<clever> when nix-bundle can just namespace the problem away
<clever> but i would need root on your machine to import my store paths into your store
<clever> MichaelRaskin: if you are running software that has been packaged to be ultra-portable, and self-updating
<clever> MichaelRaskin: then nix-bundle will not be able to read a single /etc file
<clever> MichaelRaskin: now nobody knows what udp is, and half my network applications just die
<clever> MichaelRaskin: nix-bundle mounts a new dir over /nix
<clever> MichaelRaskin: /etc/protocols is a symlink into /etc/static, and /etc/static points into the store
<clever> MichaelRaskin: i also recently found a major problem between nixos and nix-bundle
<clever> ahhh, atomic writes
<clever> MichaelRaskin: for 20 seconds at a time
<clever> MichaelRaskin: the oddity in my bug, is that the downstream was 100% working, with no latency, but the upstream had 100% packet loss, not high latency
<clever> timokau: possibly, depends on if you want to make it fully read-only or not
<clever> MichaelRaskin: windows would mass-disconnect everything, linux didnt even care
<clever> MichaelRaskin: with my old dsl modem, i had a bug in the pppoe driver, causing only the upload path to 100% die, for upwards of 20 seconds
<clever> timokau: others have to be writable like /etc/nixos/configuration.nix
<clever> timokau: some files in /etc need to be "private" and not world-readable