2020-02-27

<clever> JonReed: check the args to qemu (via ps aux), and the output of `mount` inside the guest, to see where xchg is
<clever> JonReed: but nixos will also setup a 9plan mount of an xchg dir, so you can get files in/out
<clever> JonReed: nixos will override the definition of / when using a vm, and ignore whatever you specify
<clever> enamax: what is modinfo saying exactly?
<clever> yeah, the hash is right
<clever> enamax: try changing one of the digits to a 0, then build, does the error say to undo it, or give a totally diff hash?
<clever> enamax: is the sha256 correct?
<clever> JonReed: it will create a qcow2 file in the working directory, matching the hostname of the machine, as set by networking.hostName within configuration.nix
<clever> JonReed: nixos will automatically setup the config for the rootfs
<clever> evanjs: yeah, i'm not sure whats up with input
<clever> enamax: you could confirm that with `nix-store --query --binding src /nix/store/012a7crf13dcyl8r873vahbhni76dfxb-ena-2.1.2-5.4.22.drv`
<clever> so it would be the new version, but claim to be old
<clever> enamax: often, the name = "foo-${version}"; pattern is used, which will ignore further overrides to version
<clever> enamax: you may need to override the name= also
<clever> tilpner: yep, i traced this down a few months ago when somebody else had the same issue
<clever> evanjs: not using an initrd i guess?
<clever> so that error is silently ignored
<clever> and as a result of it ignoring the ena=, it lazily never tried to eval fetchFromGitHub
<clever> enamax: you must use pkgs.linuxPackages_latest.extend (self: super: { ena = ...}) or it just gets undone
<clever> enamax: nixos will call boot.kernelPackages.extend to change some kernel flags, which undoes your // { ena = ...; }
<clever> enamax: now that i look at your gist, i instantly know the problem
<clever> enamax: and $NIX_PATH points nixos-config to that file
<clever> evanjs: <nixpkgs/nixos> loads <nixos-config> by default
<clever> Cadey: you want to add the file to this list
<clever> A list of files containing trusted root certificates in PEM format. These are concatenated to form /etc/ssl/certs/ca-certificates.crt, which is used by many programs that use OpenSSL, such as
<clever> security.pki.certificateFiles
<clever> evanjs: how is that failing?
<clever> yeah
<clever> .override can only alter the foo in that
<clever> coderobe: the bios boot partition must be big enough to hold core.img plus any grub modules needed to mount whatever /boot is
<clever> coderobe: ah, i would just switch over to GPT, and make a bios boot partition, no fs, not formatted, not mounted
<clever> coderobe: are you using MBR or GPT?
<clever> energizer`: so if your file begins with { stdenv }: then it gets a copy of pkgs.stdenv
<clever> energizer`: callPackage will inspect the arguments the file wants, and pull the answers from pkgs automatically
<clever> mjrosenb: the only real solution is to re-run cabal2nix again, with --ghcjs, and callPackage it in as part of an overlay
<clever> mjrosenb: yep, but they ran it in the non-ghcjs mode
<clever> mjrosenb: you have to run cabal2nix --ghcjs, to tell it to assume its a ghcjs build
<clever> mjrosenb: thats a limitation of cabal2nix, it cant process the if statements in the cabal file fully
<clever> fresheyeball: you must call it with something like {}
<clever> fresheyeball: release.nix contains a function, so `import /path/to/release.nix` is of type function
<clever> lovesegfault: yeah
<clever> fresheyeball: other direction, the actual error message, not "while evaluating ..."
<clever> fresheyeball: what is the actual error, one line away from what you pasted?
<clever> lovesegfault: look into things like programs.screen, that is a module that will pre-create things (like a config file) and install the package
<clever> lovesegfault: that would fail if not ran as root
<clever> lovesegfault: there is no way for the installing of a thing, to make stuff outside of /nix/store
<clever> fresheyeball: how did it not work when you set nix.package?
<clever> fresheyeball: why not just set nix.package in a module?
<clever> lovesegfault: preStart on the systemd service
<clever> evanjs: usb keyboard, drivers present?

2020-02-26

<clever> Boarders: figure out why its marked as broken (check git history on nixpkgs) and then fix that
<clever> cinimod`: which is why i linked the fold and extend example, so you can apply several haskell overlays at once
<clever> cinimod`: line 20 is a haskell overlay, so you must apply it to haskellPackages, not nixpkgs
<clever> pkgs.extend and pkgs.linuxPackages.extend also exist
<clever> cinimod`: the example i linked shows how to apply many at once
<clever> blackriversoftwa: cardaniPkgsBase in this context, can just be replaced with pkgs.haskellPackages
<clever> cinimod`: multiple overlays can stack in a sane manner, and other examples exist in the same dir
<clever> which every haskell package uses
<clever> you can use a haskell overlay to mutate the mkDerivation function
<clever> kini: all nix commands accept `--option`, which can just override things in nix.conf
<clever> only a trusted user can do that however
<clever> kini: nix copy doesnt disable sig checking automatically, so you must use `--option require-sigs false` to turn it off
<clever> kini: when the destination has either root or a trusted user, nix-copy-closure disables signature checks automatically

2020-02-25

<clever> evanjs: `nix copy` can copy signatures, and `nix sign` can sign things
<clever> mkg20001: i think it was this
<clever> [root@amd-nixos:~]# nix-store -q --graph /run/current-system | dot -Tpng > test.png
<clever> abathur: so now you have to duplicate all of the infra, to support macos, and nixops wont work on a mac either
<clever> abathur: that lack of mixing, means hydra.nixos.org can never touch mac stuff again, and cache.nixos.org would be useless for mac's
<clever> abathur: nix can be compiled to use /opt/nix/store instead, but you cant mix things, so you can never have a /opt/nix/store path on a /nix/store machine
<clever> gchristensen: yeah, nixops shows up
<clever> [root@amd-nixos:~]# nix why-depends /run/current-system /nix/store/rkaahaydalrwfylf8cllpshb84316pg7-python2.7-jmespath-0.9.4
<clever> fgaz: note that your counting every lib and bin dir within each python2
<clever> [clever@amd-nixos:~]$ ls /nix/store/*python2* | wc -l
<clever> 5098
<clever> [clever@amd-nixos:~]$ ls -ld /nix/store/*python2* | wc -l
<clever> 3108

2020-02-24

<clever> deni: yeah, that is a set, which containd dnscrypt-config, so you must do .dnscrypt-config
<clever> one min
<clever> deni: what is the definition of that_drv?
<clever> deni: "${that_drv}"
<clever> yeah, writeTextFile is what you want then
<clever> deni: do you want a file or a script?
<clever> deni: note that it takes 2 params, a name and the script
<clever> deni: its a derivation that builds to a shell script
<clever> deni: it would be best to make it into a normal nixos option
<clever> deni: that is a list containing a path and a set, not the result of applying the set to a function
<clever> evanjs: which then uses some custom bash to clone each submodule, i can see how that wouldnt be recursive
<clever> evanjs: which just passes `--fetch-submodules` to the `nix-prefetch-git` script
<clever> evanjs: behind the scenes, it will switch over to pkgs.fetchgit if you set fetchSubmodules=true
<clever> if the cache didnt have it 5 minutes ago, it likely wont have it now
<clever> arianvp: its a performance thing, to save you from doing potentially 100's of http requests every time you run nix-build
<clever> you can run nix-daemon as a non-root user, but not much point
<clever> for single-user installs, you can skip the daemon entirely, and then it will be in that users home
<clever> on nearly all multi-user installs, that is root
<clever> nix-daemon must run as the user that can write to /nix/store
<clever> arianvp: if nix-daemon is the one doing the query, it will be in the home of the user that ran nix-daemon
<clever> yeah
<clever> arianvp: `rm ~/.cache/nix/binary-cache-v6.sqlite*` as root, will make it forget, and re-check every cache
<clever> arianvp: if something isnt found in the binary cache, nix wont check again for an hour
<clever> narinfo-cache-negative-ttl = 3600
<clever> $ nix show-config | grep narinfo-cache-negative-ttl
<clever> arianvp: thats your problem
<clever> arianvp: the one that isnt downloaidng it
<clever> arianvp: did you try building it on this machine, cancel, then uploaded it to the cache from a 2nd one, and tried again?
<clever> arianvp: what about `nix show-config | grep sub` ?
<clever> arianvp: nix-store --query --binding out /nix/store/1lga351dfcx4qsndfywy75z1pvmaxp90-libzauth-3.0.0.drv
<clever> arianvp: what is the full store path for it?
<clever> arianvp: what path is it building, that you expect to be in the cache?
<clever> arianvp: how is it not being picked up? what isnt using it?
<clever> __monty__: i think ~/.nix-profile/bin should be first in the path
<clever> tmplt: ive been using pkgs.pkgsCross.arm-embedded.stdenv for some stuff on the rpi
<clever> tmplt: have you tried pkgsCross?
<clever> Taneb: if your using something like hydra, the fixed-output things wind up in the binary cache, and then it never runs the derivation again, just copies the existing product
<clever> Taneb: correct
<clever> jluttine: if you have both a default and a non-default setting, it will ignore the default one entirely
<clever> CMCDragonkai1: but you cant know what config.services is, because genList might be setting services
<clever> CMCDragonkai1: lib.genList is a barrier, that stops it from knowing what your setting, until you already know what config.services is
<clever> CMCDragonkai1: and it must know that, before it can compute what config.services is (to satisfy the let on 5)
<clever> CMCDragonkai1: so it turns config = mkMerge [ {} {} {} ]; into `config = { a = mkMerge []; b = mkMerge []; c = mkMerge[]; }`
<clever> CMCDragonkai1: the problem, is that nix must know every attribute being set on line 119 (top-level, like config.foo), so it can recursively push things down until later
<clever> CMCDragonkai1: mkIf enable { systemd = mkMerge worker-cpus; }
<clever> CMCDragonkai1: you need to mkMerge it again i think
<clever> CMCDragonkai1: remove the systemd. from line 9, and add it back at line 119, { systemd = mkIf enable worker-cpus; }
<clever> CMCDragonkai1: can you rename the file in the gist to end in .nix ?
<clever> tomberek: that might break everything, if the db.sqlite is swapped out
<clever> CMCDragonkai1: instead of line 4 returning { systemd.services = ... }; you want line 4 to return { services = ... ; } and then line 1 would do config.systemd = mkMerge ....
<clever> tomberek: 2 nix-daemons should do the same
<clever> tomberek: its probably fine, any time you run nix commands as root, they bypass the daemon entirely, and deal with file-locks in /nix/store to manage things
<clever> CMCDragonkai1: you must do config.systemd = mkMerge ....;
<clever> CMCDragonkai1: and it cant know what config.something is, until it has figured out that genList only touches config.systemd
<clever> CMCDragonkai1: yeah, i see the problem, it cant know what genList returns, until it knows what config.something.worker-cpu is
<clever> tomberek: you can just override the systemd service to set the vars there
<clever> does genList set anything in that region? like cfg.foo?
<clever> can you list every key of cfg.*, without evaluating genList?
<clever> what other keys exist within cfg?
<clever> but, what about cfg.worker-cpu itself?
<clever> and the outer mkMerge appears to do nothing, it could be deleted
<clever> can you read cfg.worker-cpu, without knowing what the return value of genList is?
<clever> mkMerge does similar
<clever> CMCDragonkai1: that allows it to read config.c, and bypass evaluating bool until later
<clever> CMCDragonkai1: config = mkIf bool { a=1; b=2; } will be translated into config = { a=mkIf bool 1; b = mkIf bool 2; }
<clever> CMCDragonkai1: mkMerge and mkIf both use some trickery to avoid the inf recursion
<clever> > :p lib.genList (i: "num ${toString i}") 10
<clever> CMCDragonkai1: ^
<clever> > lib.genList (i: "num ${toString i}") 10
<clever> noonien: you are claiming that this derivation will produce the same output, always, but if you run it on darwin, it will create dylib's instead of .so files, and the python version also matters
<clever> noonien: you must do the fetch and pre-compile in seperate derivations
<clever> noonien: https://gist.github.com/2a5783b96499293ae4b6f3b0468d97ee is my version of the expr
<clever> noonien: that is the result of `grep -r $out $out`
<clever> Binary file /nix/store/9cwxpw6391xfy334b4aivril1qrxgs1l-spanky-deps/lib/python3.5/site-packages/pathtools/__pycache__/path.cpython-35.pyc matches
<clever> v0|d: i could see it maybe causing problems with Xorg getting graphics, and just having access to all of your normal files/tools, depending on what namespace you wind up in
<clever> v0|d: ive not tried it
<clever> noonien: yeah, i would call this a bug in nix
<clever> and your sha256, depends on your sha256
<clever> noonien: i think $out appears within $out itself, which counts as a dependency
<clever> noonien: oh, fixed-output things must have zero dependencies
<clever> found reference to '9cwxpw6391xfy334b4aivril1qrxgs1l' at offset '75'
<clever> and nix nukes all user/date stuff before testing it
<clever> noonien: it works if i replace python with `mkdir $out`
<clever> same on this end, looking into why
<clever> ah
<clever> 8 src = builtins.toFile "requirements.txt" ''
<clever> but the bash function fixupPhase still exists, and can be ran manually
<clever> noonien: runCommand and buildCommand both skip all phases
<clever> i would use runCommand and toFile
<clever> noonien: are you setting all 3 output fields?
<clever> noonien: what is the error?
<clever> noonien: a deck of cards
<clever> noonien: you can also `52i0<escape>` in vim
<clever> yeah
<clever> then "${./foo}"
<clever> ahh, the module is likely doing toString for you
<clever> (the systemd modules in nixos)
<clever> immae: assuming systemd isnt messing things up by calling its own toString on things
<clever> immae: `systemd.services.some-service.serviceConfig.WorkingDirectory = toString ./foo` would set it to just /path/to/foo, without copying anything

2020-02-23

<clever> kini: the most you can do is to either patch the software, or use a shell wrapper, to copy the files to $HOME and fix the timestamps
<clever> kini: nix always sets all timestamps to 1 second after epoch, when the build is finished
<clever> syd: then its just a normal thing in nix-env, you can `nix-env -iA nixpkgs.nix` to install the new version
<clever> syd: ls -l /run/current-system
<clever> syd: darwin?
<clever> syd: what does `type nix` return?
<clever> nix (Nix) 2.3.1
<clever> yep
<clever> syd: your nix version is probably too old to support that, and you need to update nix
<clever> time*
<clever> syd: ah, thats a new syntax, to specify the hash type and hash at the same thing
<clever> syd: did you modify anything in that area?
<clever> syd: what does `nix-build all.nix --show-trace` say?
<clever> how exactly are you calling it?
<clever> syd: what are the exact args you gave it?

2020-02-21

<clever> evanjs: yeah
<clever> zeta_0: unknown, i dont use xmonad or codium
<clever> evanjs: line 205 and onward, gets ran in the vm, as root
<clever> evanjs: nixpkgs/nixos/lib/make-disk-image.nix is an example usage
<clever> preVM and postVM can be used to attach an extra .img file to the vm and process it further
<clever> evanjs: vmTools.runInLinuxVm, will basically just run a buildCommand in qemu, as root
<clever> its part of this clause in the man page
<clever> In addition, nixos-rebuild accepts various Nix-related flags, including --max-jobs / -j, --show-trace, --keep-failed, --keep-going and --verbose / -v. See the Nix manual for details.
<clever> yeah
<clever> CMCDragonkai1: both of them just pass the --option's on to nix-build

2020-02-20

<clever> kiloreux: then add mkPins and pass it the things, (refresh the gist)
<clever> kiloreux: first, move them into a let block: https://gist.github.com/cleverca22/6983c3c7a20b382dc2dc699a45e78645
<clever> kiloreux: the mkPins function i linked to can generate that output, just pass it the path to both nixpkgs
<clever> kiloreux: lines 2 and 7 are IFD, if you want things cached better, you must move the result of both fetchTarball calls into a let block, and then reference them in the output of something
<clever> kiloreux: simplest option is to avoid IFD at all costs, then you know exactly what your reading
<clever> peelz: the simplest option is to just call pkgs.fetchurl with the name and sha256 again, and look at the path it produced
<clever> peelz: the hash in /nix/store/hash-name, is a truncated hash of both the sha256 and the name, and some other strings
<clever> peelz: nix needs both a name and a sha256, to compute the $out path
<clever> jared-w: the api is somewhat similar to the initrd and system-tarball stuff, so maybe something more like those would be suited for nixpkgs/lib
<clever> and as long as that result symlink exists, and your using sha256's, nix can reuse the products
<clever> kiloreux: this lets me `nix-build release.nix -A ifd-pins` to make a single drv that depends on all of those sources
<clever> kiloreux: nix isnt aware of things it depends on at IFD time, you have to make a derivation that downloads the url, and nix-build it
<clever> asbachb: and if you try to `ip link set IF up`, what happens?
<clever> asbachb: do you see the card in `ip link` ?
<clever> asbachb: if you boot nixos on the machine with that wifi card, what does dmesg say?
<clever> asbachb: what exact file is it trying to load? it should say that in dmesg
<clever> asbachb: how did you search for it?
<clever> fresheyeball: does its pid appear in the args of any other process?
<clever> fresheyeball: does that nix-store have any child proccesses? `ps -eH x`
<clever> evanjs: probably
<clever> iqubic: 2020-02-18 00:32:56< clever> justan0theruser: you must put (dunst.override { dunstify = true; }) into your shell instead
<clever> habbah: you have to either `sudo -u postgres psql` or configure postgres to allow your user to authenticate using unix sockets
<clever> newuser99: you likely want myOrgEnv = self.callPackage ../modules/org {};
<clever> newuser99: you dont need the import, callPackage imports for you
<clever> newuser99: if you eval `myOrgEnv` in `nix repl '<nixpkgs>'` what is the type?
<clever> newuser99: what does the default.nix return?
<clever> but the settings only take effect after login, so the login screen is a little wonky
<clever> some_nick: for me, it just works in xfce4-display-settings

2020-02-19

<clever> evanjs: --arg just takes a raw nix expression, --argstr will quote it for you, so you dont have to --arg foo '"bar"' (extra quotes to stop bash from eating the quotes)
<clever> evanjs: stop quoting paths! (use --arg not --argstr)
<clever> mikky: its also broken up into ~4 pieces, nix, nixpkgs, nixos, nixops
<clever> the nixpkgs manual
<clever> mikky: it should be in nixpkgs
<clever> mikky: recursiveUpdate
<clever> srk: a custom filter is faster
<clever> #9 0x5581fc320ecc operator new[]()
<clever> #8 0x5581fc2b18a2 base::(anonymous namespace)::OnNoMemory()
<clever> srk: so you need only filterSource, with a custom filter
<clever> srk: fetchGit always adds to the store, before filterSource can activate
<clever> [6388:6388:0219/124927.072848:FATAL:memory_linux.cc(37)] Out of memory.
<clever> srk: what does it actally put into the new store dir? how big is it?
<clever> to a temp dir, which nix then imports as normal
<clever> srk: it uses archive to copy the entire thing
<clever> 170 runProgram("tar", true, { "x", "-C", tmpDir }, tar);
<clever> 165 auto tar = runProgram("git", true, { "-C", cacheDir, "archive", gitInfo.rev });
<clever> srk: builtins.fetchGit calls git archie
<clever> infinisil: ive lead another to the dark side...
<clever> srk: it can freely steal your ssh and gpg keys :P
<clever> srk: yes, it just runs it as whatever user is doing the eval
<clever> emily: even with the sandbox off, env vars are still cleared
<clever> ,exec
<clever> your only option, is the dreaded exec.....
<clever> emily: that will be sandboxed and lack env vars
<clever> step 3, wait infinite time
<clever> abbec: step 1, generate a list of strings, containing every possible env var, step 2, call builtins.getEnv in a loop
<clever> noonien: it returns a string in the store directly, rather then a derivation that can produce such a string
<clever> noonien: its an eval-time fetch, which forces nix to not be parallel
<clever> disasm: [3092856.987274] amdgpu_gem_object_close+0x140/0x1a0 [amdgpu]
<clever> disasm: [3092856.987011] INFO: task chromium:shlo0:6068 blocked for more than 120 seconds.
<clever> peelz: ah, perfect!

2020-02-18

<clever> grp: i also use that flag with nix-build and `nix build` when iterating on development, because its checking for what i just changed, on every cache, that cant possibly have it yet
<clever> grp: how does it fail?
<clever> grp: if you just `nixos-rebuild switch --option substituters ''` it should build without issues
<clever> grp: looks normal, only the config files have to rebuild
<clever> grp: can you somehow pastebin the output of `nixos-rebuild dry-run --option substituters ''` ?
<clever> emily: yeah, if you turn off the cache, and have everything, it should just build
<clever> grp: that pre-builds things on a different machine, so you dont have as much of an issue
<clever> grp: have you looked into nixops yet?
<clever> grp: but in cases like this, i would just use `ip addr` and editing `/etc/resolve.conf` to bring the link up by hand, since its not meant to be air-gapped
<clever> grp: you can use nix copy and a usb stick to smuggle things in over an airgap
<clever> grp: if it doesnt have a compiler, and the cache is off, it will want to build the compiler from source
<clever> grp: --option substituters ''
<clever> mikky: the nixos manual says how, disabledModules i think it was
<clever> evanjs: runCommand that just symlinks $out to ${foo}/initrd ?
<clever> evanjs: its basically just nix-build inside a build
<clever> thats why my kernel is impurely built under nix-shell
<clever> thought i saw an initrd version
<clever> ARM_APPENDED_DTB maybe i'm thinking of this
<clever> there is also...
<clever> yeah
<clever> evanjs: the main reason i dont use this option in nix, is because you need to re-compile the entire kernel every time the initrd changes
<clever> i was reusing the nixos expression
<clever> yeah
<clever> yes
<clever> if the extension is wrong, linux will pack it into a cpio for you
<clever> if the extension is right, linux will use it as a raw cpio
<clever> evanjs: i remember now, i was doing `nix-build -A initrd && cat initrd/initrd | gunzip > initrd.cpio`
<clever> -rw-r--r-- 1 clever users 25M Jan 18 13:35 initrd.cpio
<clever> space-separated list of directories and files for building the
<clever> This can be either a single cpio archive with a .cpio suffix or a
<clever> evanjs: because i was definitely giving it a cpio file
<clever> evanjs: let me double-check what i was doing
<clever> mikky: i dont think there is
<clever> mikky: i think thats the best option, you can probably also do `mycontainer.config = ./container.nix`