2020-05-27

<clever> Henson: also, have you seen justdoit?
<clever> Henson: you could use the 1st one, to confirm your additions can phone-home on bootup
<clever> Henson: the 2nd script, will then run qemu against the same disk, but without forcing the kernel/initrd, to confirm the bootloader works right
<clever> Henson: the 1st one, runs the same kernel/initrd as kexec, but directly in qemu, for testing purposes (mainly to test justdoit)
<clever> Henson: if you `nix-build simple-test.nix -A legacy_sata`, you will get a directory with 2 shell scripts
<clever> Henson: oh, also...
<clever> bqv: and `systemctl stop autoreboot.timer` will stop it from trying at all
<clever> bqv: `shutdown -c` will cancel it
<clever> bqv: it does a 5 minute delay, with a message to every tty to warn you
<clever> so it shouldnt hang upon any failure
<clever> it will also panic if anything goes wrong in the initrd, and all panics will result in a reboot after a 30 second delay
<clever> thats mainly to save you when you get the IP config wrong, for cases that need a manual static ip
<clever> assuming you havent formatted the disk by then
<clever> Henson: at the end of the hour, it will automatically reboot, restoring control back to debian
<clever> Henson: its already got safety features!
<clever> but kexec is a lot more flexible, since you can repartition
<clever> then somebody else added NIXOS_LUSTRATE to nixos, to automate that repair step
<clever> then i repaired all the stuff old gentoo files where breaking
<clever> basically, i just built nixos with nix-build, then forcibly updated the bootloader, so it would boot nixos from the gentoo rootfs
<clever> that part, is based on how i manually installed nixos over a gentoo system
<clever> and some people have even taken my tales of how i installed nixos, and baked them into nixpkgs, lol
<clever> and several ways to install it
<clever> ive made at least half a dozen ways to boot nixos
<clever> the entire rootfs is already in the initrd
<clever> just unpack the tar to /, no need to even have nix on the target
<clever> Henson: this will create a tarball, that includes a bzImage, initrd, and the kexec tools, and a shell script to switch over
<clever> Henson: yep
<clever> for example
<clever> so, you can do: nix-build '<nixpkgs/nixos/release.nix>' --arg configuration ./configuration.nix -A iso_minimal.x86_64-linux
<clever> 146 iso_minimal = forAllSystems (system: makeIso {
<clever> 48 modules = makeModules module {
<clever> 41 makeIso =
<clever> 39 makeModules = module: rest: [ configuration versionModule module rest ];
<clever> $ vi ~/apps/nixpkgs/nixos/release.nix
<clever> 6 , configuration ? {}
<clever> lovesegfault: you just need a simple `DIRT = builtins.currentTime`
<clever> lovesegfault: what happens if you build -A llvm ?
<clever> it should be causing infinite recursion
<clever> should be
<clever> that would also count the build-time of llvm as well
<clever> lovesegfault: the cut-off point between stuff you would expect to be in the cache (the host stdenv and gcc) and the stuff your trying to profile
<clever> now it will differ every single time!
<clever> > builtins.currentTime
<clever> lovesegfault: use builtins.currentTime in the overlay
<clever> lovesegfault: simplest is to just do a useless override at some point (using an overlay) so it has to rebuild that thing, and everything that depended on it
<clever> lovesegfault: define "full", do you want to start at gcc?

2020-05-26

<clever> > {a=42;} == {}
<clever> hexagoxel: you need --read-write-mode to make the changes persist
<clever> hexagoxel: nix-instantiate is read-only when you --eval
<clever> ritchan: can you pastebin the entire dmesg output?
<clever> ritchan: what does `dmesg` say?
<clever> ritchan: local means nix will just open files in /nix/store directly
<clever> jbox: no, nix-channel --update
<clever> jbox: also, --add only takes effect when you --update
<clever> jbox: you can reasonably assume that the names are the same between every channel
<clever> jbox: it just uses the names from `nix-channel --list`
<clever> jbox: nix-env -iA unstable.hello
<clever> srid: as long as it has a kernel you control, it should work
<clever> and you can start directly from the rescue shell, no need to install debian first
<clever> once you are in, you just format and install like you would locally
<clever> restoring the original OS
<clever> if you get it wrong, you wont be able to ssh in, and it will reboot itself at the end of the hour
<clever> youll want to edit the configuration.nix in there, to include the static ip config
<clever> yeah
<clever> srid: it will likely be much simpler, and you could skip step 1 entirely, if you use kexec
<clever> srid: so you would have to use the kexec stuff i wrote
<clever> srid: you need to wipe the disk to setup FDE, and that requires / to not be mounted
<clever> ldlework: youll want to use a shell.nix that pins nixpkgs
<clever> no need for any docker
<clever> yeah, just nix-shell --pure and youll get the same tooling everywhere
<clever> srid: yeah
<clever> srid: the changes wont take effect until after you reboot manually
<clever> srid: boot will just write to /boot and do nothing else
<clever> srid: and things must be mounted in the right place before you `nixos-rebuild boot`
<clever> its wrong because you moved things and didnt regen the file
<clever> srid: mount them back to the correct place, and re-run nixos-generate-config to fix it
<clever> srid: your hardware-configuration.nix is wrong, and it mounted the wrong things on bootup
<clever> srid: you likely have the wrong device at /boot
<clever> srid: double check what is mounted where
<clever> srid: also, make sure you fix your hardware-configuration.nix first, with nixos-generate-config
<clever> srid: you wanted `nixos-rebuild boot && reboot`
<clever> srid: then youll want to reboot, for the if renaming to take effect
<clever> betawaffle: this is something i did a while back, that runs a few nixos services in docker
<clever> srid: thats normally handled by the nixos-install script, but you bypassed it
<clever> srid: thats because you never ran nix-channel --add with a name of nixos
<clever> so you can just ignore it
<clever> sounds like one card isnt even plugged in
<clever> does `ip link` say both are up?
<clever> depends on how ovh wired it
<clever> srid: either make it permanent, or fix the config to use enp1s0f0 and enp1s0f1
<clever> yep
<clever> and add in `net.ifnames=0`
<clever> yep
<clever> find a file in /boot that has init=, it should look like kernel params
<clever> srid: are you using grub or systemd-boot?
<clever> you can then either make it permanent in configuration.nix, or fix the cfg
<clever> srid: add that to the kernel cmdline (just edit the cfg in /boot) and it should then leave eth0 as eth0
<clever> You pass the net.ifnames=0 on the kernel command line
<clever> one sec
<clever> which is why the guides all recommend installing nixos from nixos
<clever> thats because the rescue env has a different systemd config
<clever> if your config is wrong, you cant access the kexec instance
<clever> srid: this is another area the kexec helps with, it lets you test out network config, before you install
<clever> May 26 16:25:54 godzilla kernel: ixgbe 0000:01:00.1 enp1s0f1: renamed from eth1
<clever> May 26 16:25:54 godzilla kernel: ixgbe 0000:01:00.0 enp1s0f0: renamed from eth0
<clever> srid: is it still called eth0 when nixos is running?
<clever> -- Subject: A start job for unit sys-subsystem-net-devices-eth0.device has failed
<clever> srid: and did you configure it in configuration.nix?
<clever> srid: does OVH use static ip's or dhcp?
<clever> srid: journalctl --root=/mnt/
<clever> srid: you can get that without chroot as well
<clever> srid: add /nix/var/nix/profiles/system/sw/bin to PATH
<clever> adisbladis: oh, neat
<clever> adisbladis: i mean full baremetal, without any api's involved
<clever> srid: currently it cant, you have to install yourself, then use the none backend to deploy to it
<clever> evanjs: but if its a vm, you may want one of the virtio drivers
<clever> evanjs: lspci, anything block-device-y present?
<clever> evanjs: then you didnt include the drivers for the block device in the initrd
<clever> evanjs: does the block device exist in /dev/ ? or /proc/partitions?
<clever> evanjs: if its using grub, you can add that without a regen
<clever> srid: you can set the pw if you chroot in, or just edit $root/etc/shadow by hand
<clever> evanjs: you may need to add boot.shell_on_fail i think it was to the kernel cmdline
<clever> evanjs: what does blkid report?
<clever> aveltras: it will depend on if your using stdenv.mkDerivation or cabal2nix, how you would add it
<clever> aveltras: any attribute you add to the derivation becomes an env var
<clever> aveltras: your using TH then? can you just read an env var at TH time and decide beteen $FOO or default to ../static ?
<clever> aveltras: ah, was mixing file-embed up with another similar util
<clever> aveltras: or a cmdline flag?
<clever> aveltras: and why cant it be an env var you read at runtime?
<clever> aveltras: which path are you trying to embed?
<clever> ramses_: you can skip right to `nix-build '<nixpkgs/nixos>' -A system` to just build nixos and skip everything else
<clever> ramses_: weird, i would try maybe `bash -v $(which nixos-rebuild) build` i think?
<clever> ramses_: ah, not sure then...., what about nixos-rebuild build --fast ?
<clever> ramses_: run $thatpath/bin/switch-to-configuration switch, how slow is it?
<clever> ramses_: then its not network issues, now run `nix-build` normally on the drv, and it should product another storepath
<clever> eyJhb: --list and --update use ~/.nix-channels but everything else uses ~/.nix-defexpr/
<clever> eyJhb: yeah
<clever> ramses_: what if you run `nix-build --dry-run` on the drv from instantiate?
<clever> eyJhb: which channels you use are in ~/.nix-channels, but the actual data created by `nix-channel --update` is in /nix/var/nix/profiles/per-user/clever/channels/
<clever> ramses_: is nix-instantiate slow to eval?
<clever> ramses_: it will mainly tell you what function is being ran a lot
<clever> ,profiling ramses_
<clever> srid: try the rescue system first, and then mount the rootfs, does it have logs?
<clever> bqv: ovh lets you force reboot and switch to a rescue env
<clever> you need to re-run nixos-generate-config every time you change what is mounted where
<clever> srid: did you re-run nixos-generate-config when changing the mountpoint of things?
<clever> srid: what did you tell nixos to mount as / ?
<clever> srid: boot current, is in refernece to what is currently running, not the default
<clever> srid: nixos is already first in the boot order
<clever> srid: yeah, you want to adjust the order
<clever> check the efibootmgr manpage, and you should see how to change the default
<clever> before the cmd
<clever> srid: ah, no, its NIXOS_INSTALL_BOOTLOADER=1
<clever> srid: you have to add --install-bootloader to the previous cmd i think
<clever> srid: also, you didnt clear the ESP before runnning boot
<clever> srid: does `efibootmgr -v` also show things as configured?
<clever> srid: my nas has a 64mb usb stick for /boot, lol
<clever> srid: nixos wont create its own ESP, you have to make it yourself
<clever> but its simpler to ditch the ext4 and put ESP right at /boot
<clever> boot.loader.efi.efiSysMountPoint = "/boot/efi"; would let you keep /boot and ESP seperate
<clever> srid: p2 was your old ext4 /boot, and p1 was the ESP at /boot/efi
<clever> srid: and that ESP you mount to /boot should also be empty
<clever> emily: you only delete the contents, you leave it as an ESP partition and fs
<clever> morgrimm: or just --add-flag foo=bar ?
<clever> srid: when using lustrate, the "switch-to-configuration boot" step should regenerate /boot/
<clever> morgrimm: you could just --add-flag --foo --add-flag value
<clever> morgrimm: check the source for wrapProgram, it should be there
<clever> its able to cross compile brick, some lens stuff, and basic haskell code
<clever> and #haskell.nix on freenode
<clever> ive had some success with cross-compiling to arm32
<clever> the ticket has a milestone of 8.10.1, so maybe thats the version its fixed in?
<clever> i ran into it several months back
<clever> it also happens on arm32 as well
<clever> la-s: and llvm randomly segfaults if you use more then 1 core with ghc
<clever> la-s: ghc lacks native-codegen for arm, so it has to use the llvm backend

2020-05-25

<clever> shift+insert?
<clever> are you using middleclick or ctrl+v?
<clever> what is the full error msg?
<clever> mac10688: where does it say its broken?
<clever> the .nix files in nixpkgs are the absolute truth
<clever> mac10688: the search is likely trying to hide what it thinks are duplicates
<clever> > ping
<clever> > pkgs.taffybar
<clever> freeman42x[m]1: either escape them, use use double instead
<clever> freeman42x[m]1: nix-shell --run 'cmd1 ; cmd2 ; cmd3'
<clever> yep
<clever> `man nix-channel` -> nix-channel {--add url [name] | --remove name | --list | --update [names...] | --rollback [generation] }
<clever> sort of like sources.list in apt
<clever> joebobjoe: the channel is just where to get nixpkgs from when updating
<clever> joebobjoe: yeah
<clever> joebobjoe: if you want to update things, you need to add a channel by the name of nixpkgs as root
<clever> joebobjoe: then your nixpkgs was setup by root, but the channels are now missing, so you cant update it
<clever> joebobjoe: what about `nix-instantiate --find-file nixpkgs` ?
<clever> joebobjoe: what about plain `nix-channel --list` without root?
<clever> joebobjoe: try `sudo -i` then `nix-channel --list` as 2 commands
<clever> you want to copy that one
<clever> yeah, that is the result of building the drv
<clever> check the hash closely
<clever> is it the same path?
<clever> njha: what about without --dry-run?
<clever> njha: run it on the remote machine
<clever> njha: did you run it on the remote or local machine?
<clever> njha: run `nix-build --dry-run` on the drv file
<clever> njha: run nix-build on that drv, on the remote machine, then copy-closure the result of it
<clever> njha: you want to copy the result of building the drv, not the drv itself
<clever> __monty__: that shouldnt change it
<clever> > lib.generators.toPretty {} { foo = 42; }
<clever> > lib.generators.toPretty { foo = 42; }
<clever> > lib.toPretty { foo = 42; }
<clever> > toPretty { foo = 42; }
<clever> __monty__: what changed?
<clever> __monty__: home-manager uses nixpkgs.overlays i believe
<clever> ldlework: i usually trace toJSON in that case
<clever> __monty__: shouldnt need a fold when using overlays, enless your doing stuff with haskellPackages
<clever> __monty__: in configuration.nix its just nixpkgs.overlays = listofoverlays;
<clever> __monty__: also, any time you try to treat a path as a string, it will copy the path to /nix/store and turn into a storepath, automatically
<clever> __monty__: readFile can take a path
<clever> > ~/foo
<clever> __monty__: ~/foo
<clever> __monty__: ~ works as normal in nix
<clever> bbigras: when using nix, $CC is almost always the right answer
<clever> bbigras: maybe
<clever> Thra11: and with a 32bit system, your hard limited to 3gig in one process, swap wont fix that
<clever> Thra11: i remember when i couldnt build firefox on 32bit gentoo anymore, because just the linker alone needed >3gig of ram
<clever> yep
<clever> Thra11: while tab completion uses the attribute names
<clever> Thra11: the cost, is that `nix search -u` has to parse every single default.nix, to get the .name
<clever> Thra11: what about just tab completion in `nix repl '<nixpkgs>'` ?
<clever> veleiro: build with `-j 1` to build less at once? add swap?
<clever> veleiro: you can still cheat with either qemu-aarch64-user, or an aarch64 vm
<clever> veleiro: --build-host only works if you have another aarch64 machine
<clever> veleiro: which one is which?
<clever> veleiro: what arches are involved?
<clever> veleiro: is the remote and local machine the same cpu arch?
<clever> simpson: ive only ever generated the json with grafana
<clever> simpson: https://nixos.org/nixos/options.html#grafana.provision.dash

2020-05-24

<clever> ,tofu asbachb
<clever> bbigras: thats a native aarch64 build, so it should already have that gcc
<clever> bbigras: can you link the logs from the bot?
<clever> asbachb: lrwxrwxrwx 1 root root 74 Dec 31 1969 /run/current-system/sw/bin/nix-prefetch-url -> /nix/store/994h5zvp7vcyf60m89r2vygf27rwbw9v-nix-2.3.1/bin/nix-prefetch-url
<clever> bbigras: maybe
<clever> bbigras: thats the gcc that it would have used
<clever> > pkgsCross.aarch64-multiplatform.stdenv.cc
<clever> bbigras: you want to use pkgsCross.aarch64-multiplatform.stdenv.mkDerivation
<clever> bbigras: cross compiling to aarch64 linux?
<clever> asbachb: nix-prefetch-url ftp://ftp.cs.uu.nl/mirror/postfix/postfix-release/official/postfix-3.4.10.tar.gz
<clever> cole-h: no idea
<clever> cole-h: then your download failed successfully, and it gave you the hash of an empty file
<clever> ,locate
<clever> cole-h: just run ls -lh on the path, what does it say?
<clever> version? bytes?
<clever> if you look at the storepath it produced, what is the size?
<clever> asbachb: when i run nix-prefetch-url on the above url, i get the exact same hash as in the nix file you linked
<clever> cole-h: but pkgs.fetchurl wants the packed hash, so --unpack will give the wrong hash
<clever> asbachb: what did you change to get the error?
<clever> asbachb: did you give it the correct sha256?
<clever> ldlework: the nix code you gave should work
<clever> das_j: though, id also like to see some nix derivations to bake a bootconf.txt into an img, that could be useful
<clever> das_j: toss me a link after you make it, i might be able to use it too
<clever> das_j: nope
<clever> numkem: ah, that would explain things
<clever> bqv: its there so if you get the network config wrong and lock yourself out, it restores control to the previous OS
<clever> bqv: and entirely block it with `systemctl stop autoreboot.timer`
<clever> bqv: you can cancel with `shutdown -c`
<clever> bqv: its configured to reboot every hour at the end of the hour
<clever> bqv: my kexec stuff is probably the simplest now
<clever> both the version it starts with, and forcing ssl2 support on
<clever> when callPackage loads the file, the ssl is changed in 2 ways
<clever> /home/clever/apps/nixpkgs/pkgs/top-level/all-packages.nix- openssl = openssl_1_0_2.override { enableSSL2 = true; };
<clever> /home/clever/apps/nixpkgs/pkgs/top-level/all-packages.nix: sslscan = callPackage ../tools/security/sslscan {
<clever> > :p nixos-20_03.sslscan.buildInputs

2020-05-23

<clever> lol
<clever> cole-h: what about using virtual hosts, so you effectively have 2 different / dirs
<clever> cole-h: patch the software to properly use a relative path
<clever> mac10688: .xprofile lets you inject extra things, and .xsession lets you overirde that, and stop it from running the chosen desktop manager
<clever> mac10688: that default script is ran by all display managers, and the tail end is where it launches the chosen desktop manager
<clever> cole-h: you will need to setup another entry in locations, to proxyPass /Content to /Content
<clever> cole-h: then it expects /Content to be in the root of your http server
<clever> cole-h: if you check the html source for the page, how did it reference the stylesheet?
<clever> cole-h: and what URL is it trying to load the stylesheet from?
<clever> cole-h: and if you check the network console in chrome, what is failing?
<clever> cole-h: tcpdump -i lo port 8989 -A would probably help more
<clever> cole-h: tcpdump -i lo port 8989
<clever> cole-h: you want to run tcpdump on the server, to sniff the traffic on the lo interface, beteen nginx and 127.0.0.1:8989
<clever> cole-h: and if you tcpdump port 8989, what did it do to the url?
<clever> cole-h: you will want to tcpdump port 8989 and confirm what exactly nginx did to your url
<clever> cole-h: depending on if the proxyPass ends with a / or not, it will either direct you to /sonaar/ or / directly, i think
<clever> numkem: not entirely sure how the per-user nix.conf plays a role when using nix-daemon, things get a bit complex there