<clever>
which also allowed sharing the state with other people
<clever>
none that i know of, somebody that i talked to a few months ago kept the nixops state in git (with some gpg crypto over it)
<clever>
( and ) can force it, but antiquoting it inside a string also works
<clever>
so you cant do the obvious ./. + "/" + project + ".nix"
<clever>
so ./. + "/" == ./. (the trailing slash is dropped)
<clever>
but after each append, nix will normalize the path
<clever>
paths can have strings appended to them
<clever>
Rotaerk: ./. + "/${project}.nix" i think
<clever>
simpson: i have also previously ran a linuxfromscratch router before, and manualy turned my laptop into a router a few times with entirely manual iptables and ip commands
<clever>
eacameron: i have written wireshark decoding plugins, heh
<clever>
having done the same thing in my nixos router, it was simple to do again
<clever>
and 10 forwards things to the container
<clever>
18&19 need to be unique within that new subnet
<clever>
simpson: line 8 has to be the external ip of the host, on the LAN, and line 12 has to differ from the lan subnet
<clever>
only scary thing, is that you need to be real carefull where you aim the thing
<clever>
gchristensen: with a few more changes, my kexec thing could nixos-ify any host in one go, and leave it without a configuration.nix file, then you can target it with the none env in nixops
<clever>
gchristensen: the kexec idea also opens up routes that arent currently available, like partition table control
<clever>
gchristensen: in theory, it will work on any hoster that obeys the MBR loader
<clever>
gchristensen: in theory, you just need to ssh into the root account, inspect some state (ip addr mainly), build the kernel+initrd, scp, execute, and wait for ssh to come back, then it behaves like it booted from the install ISO
<clever>
gchristensen: i have thought about how to integrate my kexec idea with nixops
<clever>
ive done that, it deleted the active nixos generated, lol
<clever>
only thing i can think of is that you did some naughty things in your early nixos days and manualy deleted things
<clever>
not sure then, i would expect GC to do it
<clever>
avn: what does this output: ls -lh /nix/store/003x4zwb9794iydhbclxl0h4cixq1vq0-cmake-2.8.12.2.drv.bz2
<clever>
can you paste the path for one of the larger/older files?
<clever>
avn: my router goes a lot of builds, and also GC'd regularly, that dir is 55mb
<clever>
looks like you just want -K
<clever>
if you stop it before it reaches the install phase, then it never made $out
<clever>
nhooyr: can you gist all of the output of nix-build?
<clever>
i am currently on git revision a24728f of nixpkgs
<clever>
gchristensen: do you know if hetzner uses dhcp or staticly configured IP's on each box?
<clever>
so i could hear the cpu load changing in real time
<clever>
this reminds me of an issue on one of my older laptops, the capacitors near the cpu would make an audible noise, that is synced to the cpu usage
<clever>
and part of that is the logger saving dmesg, which creates more messages
<clever>
normal stuff for a nixos machine
<clever>
or just not set a timer to disable it
<clever>
you can leave it on for longer
2016-12-08
<clever>
are you sure its the hdd?, it could be the cpu fan
<clever>
c74d: nothing at all?, you should see idle activity from other things
<clever>
so it always goes to 10gig free at midnight
<clever>
i recently put that hydra thing into my desktop as well
<clever>
lol
<clever>
this is mainly to recover the data from the drive
<clever>
gchristensen: its best to also give it a path to a log file that will survive a reboot, so you can resume the copy
<clever>
gchristensen: it will skip over the bad sectors, and read as much data as it can, then return to the bad sectors when its done, and re-read them repeatedly
<clever>
gchristensen: one thing of use, if you have the room, is ddrescue
<clever>
[610567.403299] chromium(27280): dirtied inode 26243778 (?) on tmpfs
<clever>
[610567.494423] skype(16707): READ block 175141152 on sdd2 (168 sectors)
<clever>
and with this, you get a 5 second data sample
<clever>
then it just uses the version you put in the string, exactly as its built
<clever>
you can also replace derivations in systemPackages and similar, with raw strings pointing into the store
<clever>
comment it out temporarily?
<clever>
why is it unable to rebuild?
<clever>
that only works if you review the git history your signing, somebody could have yeah
<clever>
yeah, thats another issue
<clever>
with commit signing, that commit wouldnt be signed, and it would set off more alarms
<clever>
gchristensen: and then waited until he pushed it up
<clever>
gchristensen: and they added an extra commit under his name, that introduced a privledge escalation exploit
<clever>
gchristensen: one reason to still sign things even with github, ive heard of an incident where somebody got into the dev box of a linux maintainer
<clever>
spacekitteh: then bash will show you every single command it runs, after variable substitution
<clever>
spacekitteh: another massively helpfull thing, do "set -x" in the build hook, before the stuff your having trouble with
<clever>
and since its a raw text file, it wont go thru the nix parser
<clever>
you would basicaly define a package as makeSetupHook {} ./emake.sh; and then it will source that shell script if you add it to buildInputs
<clever>
savanni: in vlc, i just went to capture device, punched in /dev/video0, and now i can see myself
<clever>
savanni: try testing the camera in a simpler program, like vlc
<clever>
savanni: sounds like maybe the browser lacks pulseaudio support?
<clever>
savanni: and when hangouts is active, which mic is it set to on the recording tab
<clever>
savanni: what do you see in pavucontrol ?
<clever>
savanni: what happens if you try to use hangouts?
<clever>
if somebody sends you a file, you get a link to skype.com
<clever>
file transfers arent even p2p or built into the linux client anymore!!
<clever>
and its a closed source mess that M$ has been steadily ruining
<clever>
.... skype is the only thing i can think of right now
<clever>
and i never got it working in the end
<clever>
simpson: i tried updating it a couple months ago, they radicaly changed the dynamic libraries it used, sp the patchelf stuff had to be redone from scratch
<clever>
d
<clever>
then any attempt to use the /boot on root, will fail har
<clever>
one way to prevent this, chmod 0 /boot when /boot isnt mounted
<clever>
one person had 2 /boot partitions, and the wrong one got mounted
<clever>
/boot wasnt updating, so it basicaly rolled back on every reboot
<clever>
the last guy with this problem, hadnt GC'd yet, and couldnt figure out why some boot related options where not working
<clever>
so it just stops booting
<clever>
and after they nix-collect-garbage -d, the generation /boot wants to load no longer exists
<clever>
related, i have seen people break the config and /boot stopped mounting
<clever>
andrewrk: your welcome
<clever>
you should see a major difference in ls -lShr /boot/EFI/nixos
<clever>
and then nixos-rebuild switch again, to re-generate /boot
<clever>
with root, it can also get rid of old system profiles
<clever>
without root, it can only delete old versions of the nix-env profiles
<clever>
so you still have 36 versions of system left laying around
<clever>
looks like you havent ran nix-collect-garbage -d as root
<clever>
next step, ls -ltrh /nix/var/nix/profiles/system*
<clever>
but we can see you have room for 14 generations, and the bulk of it is the initrd
<clever>
not yet, we dont know which one is the one you need to boot
<clever>
andrewrk: and then ls -lShr /boot/EFI/nixos
<clever>
andrewrk: to start with, lets confirm where its all going, can you pastebin the output of "du -h /boot | sort -h" ?
<clever>
so your only option is to GC them entirely, and then run rebuild to trigger line 117
<clever>
and at this point, i have a kernel+initrd, that just boots into a ramdisk with nixos-install
<clever>
as if it had a cd in the tray
<clever>
and now every machine that netboots lands in a nixos install image
<clever>
and because i already have ipxe configured in my LAN, it was just a matter of adding chain http://c2d.localnet/netboot/netboot.ipxe to a default clause