<clever>
ixxie: i just tab-complete haskellPackages in nix-repl
<clever>
zarel: :D
<clever>
hask_bee_3: that will then just lock the versions of everything
<clever>
hask_bee_3: you could also just take the nixpkgs revision your using, and put that into the shell.nix
<clever>
zarel: yeah
<clever>
zarel: users.extraUsers.clever.uid = 1000; for example, pins the uid on the nixos side
<clever>
zarel: youll want to ensure they match up between all users in /home
<clever>
zarel: if you mount the nixos /nix/store within arch, and configure nix-daemon to run, you could share your entire nix-env profile between both with little issues
<clever>
hask_bee_3: build it in the nix sandbox, so things you forget are just not there, then look at the errors
<clever>
hask_bee_3: you could also look into stack2nix, which will build the entire project using nix
<clever>
hask_bee_3: you can only clearly define the versions if you provide a shell.nix file
<clever>
buovjaga: vesa is the simplest driver i believe
<clever>
buovjaga: for the above error, i believe you need to set services.xserver.videoDrivers
<clever>
it should give line numbers telling you where the issue is
<clever>
so youll want to copy that .nix file out of nixpkgs, modify the copy (and fix the relative paths), then use the copy
<clever>
but imports entries like that cant be overriden
<clever>
you are now free to add any nixos option you want to the image
<clever>
buovjaga: then switch to nixos-config=./configuration.nix
<clever>
buovjaga: create a configuration.nix file, and add the original nixos-config= path to the imports list
<clever>
sphalerite_: not sure then
<clever>
so it doesnt get into the cache
<clever>
sphalerite_: its also possible that the hydra platforms is allowing hydra to build it, but hydra just fails
<clever>
sphalerite_: halma doesnt define itself as having executables
<clever>
libraries are of no use on their own
<clever>
maybe its only those that declare themselves to have an executable
<clever>
sphalerite_: ah, i see, in hackage-packages.nix, some have no hydra platforms, some dont
<clever>
sphalerite_: so anything that is indirectly referenced, via something in the pkgs. set has to pull it in
<clever>
sphalerite_: i think all of the haskell packages default to an empty hydra platforms, too much to build
<clever>
buovjaga: and the nix patch in the same file, will add a build-extra-platforms field to /etc/nix/nix.conf, so you can convince nix-daemon to run binaries that shouldnt work
<clever>
without having to boot an arm kernel under qemu
<clever>
if you run the ./result/bin/register within it, then the linux host magically gains the ability to just run aarch64 ELF files
<clever>
buovjaga: the qemu-arm64 attribute in here builds a variant of qemu-user that supports aarch64
<clever>
buovjaga: there is also qemu-user that may be of interest to you
<clever>
The Large Physical Address Extension (LPAE), which extends the physical address size from 32 bits to 40 bits, was added to the ARMv7-A architecture in 2011.[104]
<clever>
sphalerite_: only thing i can think of then is to nix-store --query --hash each storepath after building, and diff them
<clever>
sphalerite_: which will build it several times, then tell you if it differed
<clever>
sphalerite_: there is an --option build-repeat 2
<clever>
LPAE is an optional feature that supports a 40 bit address bus, while operating in 32bit mode
<clever>
and depending on how much ram you have, the entire 3-4 range may be valid
<clever>
in kernel mode under linux, the 0-3gig range is mapped to the current process, and 3-4gig kernel land
<clever>
yeah
<clever>
if the opcode is even valid
<clever>
as for just running random garbage, chances are, its going to try to address something outside the mappings and cause a page fault
<clever>
sphalerite_: if that fuzzer hasnt broken the chip, then the cpu likely cant be damaged
<clever>
sphalerite_: do you mean damage to the cpu, or damage via executing a syscall that does harm?
<clever>
buovjaga: you need to give it the path to the nixos directory inside the nixpkgs folder
<clever>
sphalerite_: i'm doing some cleanup on my machine, and i'm finding result links everywhere, just found a /etc/nix/result left-over from nixos-rebuild build
<clever>
sure
<clever>
without that, it adds more to the list every time you run the command
<clever>
an empty -option will wipe the entire options list
<clever>
now you can try other things from that file
<clever>
yep
<clever>
try it with numbers also
<clever>
without that, it will prepend every time you run it
<clever>
then the rest add things back in
<clever>
the -option without any value, clears all of the options
<clever>
it seems to ignore invalid options silently
<clever>
try shift lock above, to verify that they work at all
<clever>
i-am-the-slime: and this file lists every option, and tells you what it does in english!
<clever>
sphalerite_: aha, and this actually has the full option string, and a description!
<clever>
[clever@amd-nixos:~]$ grep eurosign /nix/store/cj8sj64sbbj950hd00wz9q4ccq3ssdfj-setxkbmap-1.3.1/share/X11/xkb/rules/base.lst eurosign:e Euro on E
<clever>
oh, i also see a man directory in this storepath
<clever>
without the wipe flag, it always prepends
<clever>
so this wipes the list, then restores the original value
<clever>
(as saved in root window properties). If you want to replace all previously specified options, use the -option flag with an empty argument first.
<clever>
and it accepts invalid options silently
<clever>
ok, so -option prepends things, and i have no way to undo...
<clever>
bhipple[m]: it would need to be something like squid, that can proxy requests and cache the responses
<clever>
ottidmes: oh, and also, your signing key is in the store now, so nix-serve is sharing it with the world
<clever>
bhipple[m]: oh, and nix has a cache for the cache, and will not request again after a cache miss
<clever>
bhipple[m]: and it always re-signs everything with the keys you configured it for
<clever>
bhipple[m]: nix-serve doesnt really act as a mirror, all it can do is serve what you have in /nix/store/
<clever>
bhipple[m]: nix will reject unsigned things
<clever>
bhipple[m]: does that metadata also include a signature?
<clever>
bhipple[m]: and does the narinfo also include a signature?
<clever>
bhipple[m]: to start with, try doing an http query against nix-serve, take the hash from /nix/store/HASH-name and query http://example.com/hash.narinfo
<clever>
ottidmes: and what does the expression do with that string?
<clever>
ottidmes: which nixos option did you set?
<clever>
ottidmes: that sounds like its trying to read it at nix build time, which it shouldnt be doing
<clever>
yeah, that should work
<clever>
if you use a quoted absolute path, it will probably work better
<clever>
ottidmes: so your secrets are no longer secret
<clever>
ottidmes: i suspect that if you use an unquoted path, it gets copied into the nix store
<clever>
thats also a common way to repair a nixos install
<clever>
thoughtpolice: i think nixos and nixpkgs primarily use the right number of ./../'s
<clever>
thoughtpolice: the bulk of the expression on the wiki i linked, is to deal with it working on 1.11 as well
<clever>
thoughtpolice: yeah, fetchTarball is best
<clever>
thoughtpolice: then anything you miss, just fails hard
<clever>
thoughtpolice: that then lets you juset `unset NIX_PATH`
<clever>
thoughtpolice: oh, about dealing with import <nixpkgs>, there is an expression that can bootstrap a fixed nixpkgs, without relying on <nixpkgs>
<clever>
srk: and netboot-base is netboot + all-hardware + base + installation device + no password
<clever>
srk: netboot-minimal is just netboot-base + the minimal profile
<clever>
srk: i think using netboot.nix directly, and skipping the netboot-base will also skip the installation device config
<clever>
Dezgeg: if you tell nixos that a tmpfs is mounted at /nix/store, it should add the /mnt-root on its own
<clever>
that would leverage nixos creating the directories for you
<clever>
also, workdir= could point to another tmpfs defined in fileSystems, which eliminates the bash entirely
<clever>
and your using an existing tmpfs
<clever>
srk: i think upper, is what you would point upperdir= at
<clever>
srk: your creating an upper directory, but its not used
<clever>
srk: it needs the mkdir to work?
<clever>
bhipple[m]: also, i think nix-daemon will need root, since it will try to setuid the worker children, which must be members of the nixbld group
<clever>
the daemon just has to be started as the right user, by the system service manager
<clever>
that would probably make the security worse
<clever>
so if the store is locked down and you use nix-daemon to gain access, you have to run it as the user with +w
<clever>
technically, it just has to be ran as the user that has +w to /nix/store/
<clever>
--option can override most things in nix.conf, but some require root to have an effect
<clever>
bhipple[m]: only root can do that, via --option binary-caches foo
<clever>
it may need a delete --force?
<clever>
ambro718: id also make a backup of the sqlite before you do that
<clever>
ambro718: if you export the json to a file, you can edit the problem IP, then re-import it
<clever>
the -r flag for jq does that for you
<clever>
it should be split into multiple lines, at the \n's
<clever>
ambro718: this will dump the entire state as json, then use jq to index into the deployment uuid, resources, hostname, and then the private key for the none backend