2016-12-05

<clever> and thats what a pastebin is for
<clever> gist -p can upload files, screen lets you copy/paste the link without a mouse, and irssi gets you irc
<clever> run gist -p and irssi under screen
<clever> oh, another option
<clever> try plugging the other laptop in via ethernet?
<clever> every single time i try to upgrade to the N band, the hardware says no :P
<clever> my ISP provided router also lacks an option to turn that off
<clever> you can still try "systemctl stop firewall"
<clever> its to stop a guy on the street from haxing your desktop, but all it does is get in the way of everything
<clever> oh yeah, and some wifi have an extrmely anoying setting, the wifi users can NEVER talk to the wired users
<clever> and its the correct ip?, check ifconfig again
<clever> thats weird
<clever> what error is ssh giving?
<clever> you can systemctl start sshd, and then ssh into it from another pc
<clever> can you pastebin the files i asked for?
<clever> yeah
<clever> marantz: can you pastebin the configuration.nix and hardware-config from /mnt/etc/nixos/ ?
<clever> marantz: and the wl from kernelModules
<clever> marantz: i think you just need to remove broadcom_sta from the hardware-config.nix file in /mnt/etc/nixos/
<clever> marantz: and the version currently in nixpkgs is 6.30.223.271, but your omited the version from the url you pasted
<clever> marantz: the description for the package your unable to download is "Kernel module driver for some Broadcom's wireless cards";
<clever> marantz: do you know if you have a broadcom wifi card?
<clever> marantz: you can try doing nix-channel --update, and hopefully somebody has already fixed the reference
<clever> which i didnt know of at the time
<clever> nix-store isnt supposed to work inside a nix build, and there are existing tools to do this
<clever> heh, so thats where i broke the rules, lol: https://github.com/cleverca22/fusenar/blob/master/datafiles.nix#L9-L10
<clever> which allows fusenar to depend on termcolor, which isnt in nixpkgs
<clever> this creates a new callPackage instance, that will search self first
<clever> newScope on line 3 is another neat feature
<clever> when doing things like git log or git blame
<clever> yeah, but you need an extra argument to follow history thru renames
<clever> i try to avoid renaming things, it messes with git history, but then i learned from this mistake, and did future projects better
<clever> yeah, with more recent projects, i make default.nix, and then fusenar would be in fusenar.nix
<clever> thats an older one
<clever> and the container script runs fusenar in a systemd container
<clever> or nix-build root.nix -A guest, to build a qemu guest that contains the container script
<clever> to build fusenar
<clever> in this case, i would run nix-build root.nix -A fusenar
<clever> Rotaerk: root.nix loads default.nix on line 6
<clever> c74d: oh, and it has an example for what your doing too: https://github.com/cleverca22/fusenar/blob/master/root.nix#L23-L32
<clever> root.nix in that project also has other neat expressions
<clever> then both nix-shell and nix-build will work on it
<clever> i would just name it default.nix, and use src = ./.; and stdenv.mkDerivation
<clever> and since you already have the buildInputs right there, your half way to having a working nix package for the project
<clever> yep
<clever> and the name shell.nix doesnt have any real magic to it, thats just the default file for nix-shell
<clever> thats a git repo where i just stick all kinds of usefull things, so i renamed it to prevent collisions
<clever> yeah
<clever> if i run nix-shell on this, i get an environment that can cross-compile an ARM linux kernel
<clever> Rotaerk: here is something i did recently: https://github.com/cleverca22/nix-tests/blob/master/cross-compiled-kernel.nix
<clever> and you shouldnt use nix-env with projects, you should use a shell.nix file
<clever> Rotaerk: hmmm, let me check something
<clever> in the above example, we provide a value for configuation, so it wont use the default
<clever> which loads configuration.nix from $NIX_PATH
<clever> the default value for configuration is <nixos-config>
<clever> yeah, that will be all the 'guest' config
<clever> the config argument will be the result of the config returned by that function (with that hostname), merged with the config from all nixos modules
<clever> c74d: default config?
<clever> c74d: so that vm only has a hostname set, and nothing else
<clever> c74d: it will entirely ignore the host config
<clever> mrrtump: when compiled, this makes a shell script, and if you run that shell script as root, you get nixos running from a ramdisk, with zero changes to the hdd
<clever> mrrtump: part of it is just the power that comes from nix expressions
<clever> mrrtump: too many things to list, heh
<clever> mrrtump: its pretty easy, just partition the drive, format it, mount it, and then nixos-generate-config --root /mnt, edit some config, and nixos-install
<clever> brh: since you have the with statement, you can do all = with pkgs; hiPrio ( buildEnv{...});
<clever> brh: ah, i often forget about the order of operations, try all = pkgs.hiPrio (buildEnv { .... });
<clever> c74d: correct
<clever> brh: i think you can just do all = pkgs.hiPrio buildEnv { ....
<clever> brh: there is a lib.hiPrio function that i think sets the default under nix-env
<clever> brh: ah, didnt read what you said fully
<clever> brh: now i can just nix-env -iA nixos.mystuff and i'm done
<clever> brh: using a buildEnv is simpler i find, http://pastebin.com/zJrfM4Dj
<clever> Fare: yes
<clever> its re-downloading everything, since the ocaml version is different
<clever> nix-shell -p ocamlPackages_4_02.ocaml ocamlPackages_4_02.utop ocamlPackages_4_02.core
<clever> sebastian: so we need to use ocamlPackages_4_02 or newer for everything
<clever> sebastian: and minimumSupportedOcamlVersion is set to 4.02 on core
<clever> sebastian: this is the assertion that is failing
<clever> assert minimumSupportedOcamlVersion != null -> 17 stdenv.lib.versionOlder minimumSupportedOcamlVersion ocaml.version;
<clever> sebastian: ocamlPackages.utop is the attribute for utop, so nix-shell -p ocamlPackages.utop would get that, there is something else missing though

2016-12-04

<clever> all cameras should start with video
<clever> crw-rw----+ 1 root video 81, 0 Dec 2 18:35 /dev/video0
<clever> $ ls -lh /dev/video*
<clever> savanni: which channel does "sudo nix-channel --list" give?
<clever> savanni: when chrome is using the webcam, there is a webcam icon in the address bar, you can change the camera in there
<clever> savanni: what kind of problems is it giving?
<clever> and now the desktop has 2 keys
<clever> i ran ssh-add on my laptop, under an ssh -A (forwarding desktop agent to the laptop) once
<clever> the agent inside gpg doesnt, it saves (in encrypted form) all keys, and will pop up a gui to ask for the pw as-needed
<clever> the ssh-agent in openssh looses all keys upon restart
<clever> maybe it got restarted at some point without you noticing
<clever> you need to add a key to the agent with ssh-add
<clever> that would explain things
<clever> digitalmentat: and what does "ssh-add -l" say?
<clever> grep use-sandbox /etc/nix/nix.conf
<clever> digitalmentat: are sandboxes enabled?
<clever> digitalmentat: and what does "ls -lh /tmp/hax" say?
<clever> digitalmentat: what nix-build command did you run?
<clever> digitalmentat: and is socat still running?
<clever> digitalmentat: can you gist what you have in the console?
<clever> yep
<clever> foo = (import <nixpkgs/nixos> { configuration = { pkgs, lib, ... }: { networking.hostname = "vm1"; }; }).vm
<clever> you can make it a function directly
<clever> yep
<clever> that should exactly replicate build-vm
<clever> foo = (import <nixpkgs/nixos> { configuration = ./vm1.nix; }).vm;
<clever> and vm1.nix will need imports = [ wait, easyer way
<clever> yep
<clever> c74d: and then put foo somewhere like systemPackages, if you set a hostname in vm1.nix, the start commands should be unique
<clever> c74d: foo = (import <nixpkgs/nixos> { configuration = ./vm1.nix; }).config.system.build.vm;
<clever> c74d: what exactly are you trying to do?
<clever> c74d: but you will also need to load the system.build.vm attribute somehow
<clever> c74d: you could just add <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix> to the imports section
<clever> c74d: all it does, is add the file you linked to the list of modules, and reference an attribute on line 37
<clever> c74d: nixos-rebuild build-vm
<clever> c74d: i havent seen any, but i know how it works if you have questions
<clever> Dezgeg: its looking more firmware/dt related now, 20160921 is also bad
<clever> oh, and now that i can compile faster, i can shove a printk into the failing code
<clever> so that might be related
<clever> Dezgeg: i'm using some firmware from the next branch (beta testing the network boot stuff)
<clever> Dezgeg: raspberrypi-kernel_1.20161020-1 is a bad revision
<clever> Dezgeg: i checked out the revision in nixpkgs, and cross-compiled, the problem is back
<clever> Dezgeg: progress!!
<clever> clearly not using multi_v7_defconfig if this function can appear
<clever> [<804937ac>] (brcmvirt_gpio_get) from [<8048ebec>] (_gpiod_get_raw_value+0x38/0xf0)
<clever> Dezgeg: yes, when i used bcm2709_defconfig it partialy booted, then it had an oops while dealing with bcm gpio pins
<clever> Dezgeg: so either the revision in nixpkgs is bad, or the nix expression is bad
<clever> Dezgeg: i cross compiled the rpi kernel with https://gist.github.com/cleverca22/ce6013cd57512bdedcb671136cf86913 and it just worked on the 1st try
<clever> Dezgeg: have you heard the lastest update on my kernel issues?
<clever> joko: so your x86 machine gives the build an arm pkg-config, and then the build falls over
<clever> joko: cross-compiling is tricky, there is support for it in nixpkgs, but not all packages make it easy, many claim they want the pkg-config for the target arch by mistake
<clever> joko: and it will just compile everything thats missing, nix build slaves can also help to spread the workload to nearby arm's
<clever> joko: this explains how to get nixos-install outside of nixos, which allows you to install against some external storage (another sd card for ex)
<clever> joko: then you would need to follow the linode guide, https://nixos.org/wiki/Install_NixOS_on_Linode
<clever> joko: yep
<clever> joko: if you manualy run the steps in that shell script against the tar, you should get a working nix install on any distro on armv7
<clever> joko: and this is a tarball for that script, targeting armv7 http://hydra.earthtools.ca/build/40515
<clever> joko: this is the script that allows you to just curl|bash to install nix on any x86 distro: https://github.com/NixOS/nixos-homepage/blob/master/nix/install.in#L32
<clever> joko: let me grab 2 links
<clever> joko: but the rest of the OS was natively compiled, i just installed nix on a raspbian rpi2
<clever> joko: and the cross compiled worked instantly
<clever> joko: the native compiled kernel in nixpkgs is broken, and after putting up with 2 hour rebuilds for minor changes, i tried testing a cross-compiled kernel
<clever> viric_: ive been working against master with my current tests
<clever> viric_: ssh or arm question?
<clever> but it needs root to set the group
<clever> in this gist, socat is acting as a proxy, and can either run as your user or root
<clever> they overdid the security
<clever> digitalmentat: the issue, is that if any user other then you or root tries to use the socket, ssh-agent hangs up instantly
<clever> digitalmentat: the socat command in the gist along with the -I's in the nix-build should solve everything
<clever> digitalmentat: ssh-agent knows when a different uid is trying to use the socket, so you need to cheat some
<clever> viric_: Dezgeg just updated the nixpkgs kernel
<clever> your only assigning a single entry
<clever> yeah
<clever> not connected to the foo=a entry
<clever> yeah, : is the seperator, b is a second thing to search in
<clever> when you load the nixos expressions via nixos-rebuild, it will try to import <nixos-config> to find your configuration.nix
<clever> -I nixpkgs=/home/clever/random-checkout/
<clever> but you can also rename top-level things its looking for, so your nixpkgs dir doesnt have to be called nixpkgs
<clever> its similar to how #include <stdio.h> looks in /usr/include because of -I/usr/include
<clever> and since bar lacks a nixpkgs=, it looked in bar/nixpkgs
<clever> it did find a nixpkgs (via nixpkgs=foo), but that lacked a z, so it tried the next entry in the search path, bar
<clever> or bar/nixpkgs/z
<clever> and you can also specify which file under nixpkgs you want, the above only works if foo/z exists
<clever> error: file ‘nixpkgs/z’ was not found in the Nix search path (add it using $NIX_PATH or -I)
<clever> [clever@amd-nixos:/tmp]$ NIX_PATH=nixpkgs=foo:bar:baz nix-instantiate --find-file nixpkgs/z
<clever> and in this exact case, there is nothing left, so it uses /foo directly
<clever> yeah, when you fo nixpkgs=/foo, it will strip the nixpkgs off, and then look in /foo
<clever> and return the first one it can find
<clever> in all <other> cases, it will look for bar/other, and bim/other
<clever> and if you try to resolve <somethingelse> it will use baz
<clever> so if you try to resolve <nixpkgs> it will use foo
<clever> heh, second word in the paragraph
<clever> A colon-separated list of directories used to look up Nix
<clever> NIX_PATH
<clever> the separator is just :
<clever> so its a bit confusing as to what that would do in such an example
<clever> that tells it to find <nixpkgs> in foo, and to also search for things in bar, the & will either get parsed by your shell, or, its part of the directory "baz&someting" but thats before an = token
<clever> so it doesnt make sense to have 2 nixpkgs= entries within $NIX_PATH
<clever> i think duplicate nixpkgs= entries override eachother
<clever> i rarely touch NIX_PATH directly
<clever> this is something i was doing recently, where i wanted to force which nixpkgs to use
<clever> [root@router:/tftproot/try2]# nix-build netboot_rpi3.nix -o result --show-trace -I nixpkgs=/tftproot/try2/nixpkgs/ -Q
<clever> and you can use -I on the commandline to append things
<clever> its :
<clever> Rotaerk: try evaluation <nixpkgs> inside nix-repl
<clever> jasom: and sudo nix-channel --update
<clever> sudo nix-channel --remove nixos-16.09
<clever> sudo nix-channel --add https://nixos.org/channels/nixos-16.09 nixos
<clever> the channel name needs to be nixos
<clever> and theres the problem
<clever> what about sudo nix-channel --list ?
<clever> jasom: what does "ls /nix/var/nix/profiles/per-user/root/channels/nixos" say?
<clever> ah that is the current path, i thought it had a nixpkgs entry
<clever> nixos?
<clever> jasom: what does echo $NIX_PATH say?
<clever> Rotaerk: the plugin options in chrome/firefox work the same way, because compiling chrome takes forever
<clever> and then install it with nix-env
<clever> you can extract part of it and put it into ~/.nixpkgs/config.nix
<clever> that configures some bash aliases to map vi -> vim, and to install vim system wide
<clever> so i add it to the imports list of configuration.nix
<clever> the one i pasted earlier is a nixos module
<clever> so each user, gets their own 2 line bash script, and their own vimrc, but they all share the actual vim build
<clever> its a 2 line bash script, exec /nix/store/33kvljzvmq0h9gw3x5ysa7qycb9kgvlp-vim_configurable-8.0.0005/bin/vim -u /nix/store/frha47l567ral1a7v5xc9c75x3g9wk8g-vimrc "$@"
<clever> and thats the filesystem rounding up
<clever> Rotaerk: that build of vim is 5kb in size
<clever> but this does
<clever> [nix-shell:~]$ qemu-system-arm
<clever> [clever@amd-nixos:~]$ nix-shell -p qemu
<clever> yeah
<clever> but you need an arm cpu or qemu to run the kernel
<clever> this expression configures it to target arm
<clever> gccCrossStageStatic is the derivation for a cross-compiler
<clever> there is a package for it in nixpkgs, but it must have something wrong with it
<clever> Dezgeg: something must be wrong with the kernel in nixpkgs
<clever> viric, Dezgeg: sucesses!, i manualy cross-compiles a kernel under nix-shell, and it boots just fine
<clever> eacameron: nice
<clever> eqyiel[m]: that lib is the final one, after all overrides
<clever> eqyiel[m]: i would always use the lib passed into the module, simpler
<clever> made some bad choices, lol
<clever> i need to configure things better
<clever> gchristensen: i dont use gpg much, and its a bit of an anoyance, because the main passphrase is managed by lastpass, and lastpass is only configured in chrome, and chrome takes an hour to load
<clever> there are some people working on that kind of thing
<clever> it just works, from the moment you installed nixos
<clever> you dont have to remember to install a ~/.vimrc when setting up a new machine
<clever> i suspect you can, havent tried though
<clever> so it works without a .vimrc file
<clever> Rotaerk: this doesnt directly manage ~/.vimrc, is instead creates a build of vim with some defaults built into it
<clever> Rotaerk: thats how i configure vim on nixos
<clever> shachaf: one sec
<clever> as if it had the iso
<clever> i currently have network booting enabled for nixos, so every virtualbox i turn on drops into a nixos shell
<clever> i have recetly been messing with virtualbox
<clever> so if soembody obtains your laptop, and extracts the passphrase from you, they can now extract a lot of data from the swap
<clever> the random crypto on swap is more of a forward secrecy thing
<clever> possibly
<clever> Fare: the issue, is that the random crypto has a new key when you come out of hibernation, and now it cant read swap
<clever> Fare: you can use normal (non-random) crypto on the swap (as in, you have a passphrase for swap)
<clever> Fare: i havent tried luks yet, so i dont have any solid answers
<clever> not sure
<clever> Fare: i know random crypto on swap doesnt work with hibernate
<clever> shachaf: you need to wait until the hackage nix file gets regenerated, or manualy use something like cabal2nix
<clever> so it knows when something affecting the build has changed, and can rebuild it
<clever> yeah
<clever> you can probably use that and just output to $out/bin/foo
<clever> ah
<clever> the gcc in nix will avoid using /usr whenever possible
<clever> caching purposes
<clever> mostly the absolute paths, and to share things between users
<clever> it will keep everybody playing by the rules and manage writes to the store
<clever> and run nix-daemon as root
<clever> root will need to own all of /nix, and you need to export NIX_REMOTE=daemon
<clever> yes
<clever> and for clang, you have clang_33 clang_34 clang_35 clang_36 clang_37
<clever> nix-shell -p gcc44 vs nix-shell -p gcc5 as an example
<clever> yep
<clever> yep
<clever> shachaf: like nix-shell -p gcc or nix-shell -p clang
<clever> shachaf: you usualy dont install compilers on nixos, you load up a shell that has it available
<clever> but it will still set everything else up normaly
<clever> this will tell it to search the wrong file for propagated inputs, so it wont find them
<clever> so in theory, you could do preConfigure = "findInputs ${A} nativePkgs not-propagated-native-build-inputs";
<clever> mguentner: and line 286 is what does the recursing
<clever> mguentner: the findInputs function will add something to $PATH, $NIX_CFLAGS, and also recursively check the propagated inputs
<clever> simplest thing i can think of, dont add A to buildInputs, put it on some other variable (and then somehow tell configure where to find it)
<clever> and you can add arguments by just setting security.pam.services.passwd.foo = "bar";
<clever> looks like it
<clever> i just did a grep for "passwd" in all nixos modules
<clever> with newlines inserted
<clever> the tricky part, is that it can also be services = { passwd = {
<clever> there must be something else setting security.pam.services.passwd
<clever> in this case, its hidden under a function, that generates entries for environment.etc
<clever> nixos/modules/security/pam.nix: target = "pam.d/${pamService.name}";

2016-12-03

<clever> back
<clever> brb
<clever> ah
<clever> 150% cpu usage to firefox, and 297% usage to obs
<clever> i currently have firefox playing 2 camera feeds over webrtc, and obs recording the whole thing
<clever> ah
<clever> there was a bug in nixpkgs chromium a few months ago, causing the tab process to insta-die upon trying to use webrtc
<clever> viric: i'm using it right now
<clever> kier: it is also surprisingly easy to use the nixos module framework outside of nixos, if you need it
<clever> recursiveUpdate just overwrites upon a collision, so order IS important