2019-11-23

<clever> mananamenos_: but `cachix --nixos` would be better, to make it just work as root
<clever> mananamenos_: then it will already be in /nix/store, so switch as root wont have to build anything
<clever> mananamenos_: build will obey the non-root config that cachix had generated, and use the cache
<clever> mananamenos_: i said build, not switch
<clever> mananamenos_: permission denied to what?
<clever> mananamenos_: long-term, you want to get the url and pubkey for the cachix server, and add them to your configuration.nix file
<clever> mananamenos_: try `nixos-rebuild build`, without root
<clever> roberth: you answered a question from before you joined the channel, lol
<clever> dema: yeah, just change $out first
<clever> leotaku: ^
<clever> > lib.elemAt [ "a" "b" "c" "d" ] 2
<clever> > lib.elemAt 2 [ "a" "b" "c" "d" ]
<clever> ,unstable aria
<clever> dema: ^
<clever> > '' ''${foo} ''
<clever> mojjo: you would need to put the overlays into somewhere under ~/.config/nix i think
<clever> zeta_0: yeah, it gets harder if you dont have network setup yet
<clever> zeta_0: the pi
<clever> zeta_0: services.sshd.enable = true;
<clever> zeta_0: i generally just turn ssh on, and use another machine
<clever> zeta_0: maybe try `nixos-rebuild test` first
<clever> zeta_0: not sure, i havent done it in a while
<clever> lovesegfault: or a dontCheck
<clever> lovesegfault: and if you run `nix show-derivation` on that drv, does it have a `doCheck` in it?
<clever> lovesegfault: which derivation did nix say failed?
<clever> lovesegfault: how did it fail?
<clever> zeta_0: try starting with no configuration.nix file, and run nixos-generate-config
<clever> lovesegfault: try it and see what happens!
<clever> zeta_0: as long as you set a pw on root, you can get root again to fix things
<clever> pistache: the pinout i have printed, says the 5v is on the complete oposite end from that photo
<clever> zeta_0: you should be using configuration.nix to add users
<clever> zeta_0: it will also depend on what pins 2 and 14 are
<clever> zeta_0: id say its safe to just unplug the fan and forget about it
<clever> zeta_0: which case from there did you get?
<clever> can you link those instructions?
<clever> zeta_0: which 2 pins?
<clever> zeta_0: fan?
<clever> yeah
<clever> zeta_0: normally, sudo will ask for a password, so you may want to set one now, it sounds like that image was changed from the default
<clever> zeta_0: what happens if you `sudo -i` ?
<clever> that accurately describes the pi (what mounts where, and how it boots)
<clever> and it must be a valid nixos config
<clever> zeta_0: should be that simple
<clever> zeta_0: ah, yeah, youll need to create one, and it should include the proper bootloader config
<clever> zeta_0: you should be able to freely use configuration.nix and nix-env as normal
<clever> zeta_0: manually for pi?
<clever> zeta_0: should be pretty similar from then on
<clever> nh2: i mentioned how to fix that in an issue...
<clever> and when things do go wrong, your screwed :P
<clever> nh2: somehow, it can boot, but all directory listing operations fail, so its nearly imposible to debug how it works
<clever> nh2: for non-encrypted zfs, i have had limited success with grub reading zfs
<clever> nh2: yeah, so you need to make another partition for /boot/ and then you just moved the problem elsewhere
<clever> nh2: only the main efi binary will be on the esp, and it basically never grows
<clever> nh2: i think the only real value, is if / is ext4, then /boot can just be a directory on / itself, and you have no size limits
<clever> nh2: you must set boot.loader.efi.efiSysMountPoint to where you mounted the ESP
<clever> Ashy: services.udev.extraRules
<clever> i tried building a hello-world with the nixpkgs cross-compilers, but it didnt boot under qemu
<clever> yep, just a matter of how to interface with them from userland, and what to ask
<clever> and give bypass options, like using a sata disk to bootstrap
<clever> i'm interested in how, so nixos could tell you its not going to work
<clever> edef: i also dont know how, but the windows installer can detect if the bios has nvme support, and will refuse to even install to an nvme disk
<clever> but for my laptop, it boots directly from nvme
<clever> for my desktop, my entire /boot must be non-nvme, i cant chainload from a stage1.5->nvme/boot
<clever> it relies on the efi firmware to provide nvme support
<clever> related, grub does NOT have nvme drivers!!
<clever> while grub is basically an entire os, and can supply its own drivers
<clever> edef: my understanding, is that systemd-boot is more limited, and must use the FS drivers the firmware provides
<clever> edef: i'm not sure what systemd-boot will do if /boot isnt the ESP
<clever> nh2: and that just adds one more partition&fs into the mix
<clever> nh2: yeah, you can shove the ESP at /boot/ESP, but grub still doesnt support the zfs crypto, so /boot must be non-zfs
<clever> but most only do vfat
<clever> yeah, its up to the firmware vendor to add other FS's
<clever> and efi requires /boot to be vfat
<clever> nh2: also, i dont think grub supports zfs crypto, so the kernel+initrd must be on a non-zfs /boot/
<clever> aleph-: i also prefer enabling https like this: https://github.com/cleverca22/nixos-configs/blob/master/earthtools.ca.nix#L67-L69
<clever> aleph-: did you tell the nixos firewall to open both 80 and 443?
<clever> daspork: https://github.com/cleverca22/cachecache is the source
<clever> daspork: so roughly half of the things i get from the binary cache, are just direct gigabit from another hdd in the house
<clever> daspork: ive got a caching mirror for cache.nixos.org on my lan, and it gets about 50% hit ratio (by byte) over the long term
<clever> nh2: efi requires a plaintext /boot for the efi binaries
<clever> nh2: i use grub on everything, and my encrypted systems are all plaintext /boot with luks+zfs
<clever> aleph-: nginx wont do anything until you nginx.enable = true;

2019-11-22

<clever> rnhmjoj: maybe
<clever> rnhmjoj: telling the guest to run a plain `cp` against its `xchg` dir feels faster
<clever> sondr3: and this makes an /etc/screenrc, so no dot file either, https://github.com/cleverca22/nixos-configs/blob/master/core.nix#L34-L40
<clever> sondr3: if you do it this way, vim works without any .vimrc
<clever> i just configure things without dot files!
<clever> rnhmjoj: copyFileFromHost is rather ugly, it just jams the entire file into an echo command!
<clever> rnhmjoj: i believe each vm has a stateDir function on it, that returns the dir that xchg would be under
<clever> rnhmjoj: and if you `touch /tmp/xchg/foo` in one guest, then `ls /tmp/xchg/` from another, does foo show up?
<clever> rnhmjoj: are there several xchg's mounted?
<clever> rnhmjoj: if you write a nixos test, that runs `mount`, what FS's do you see mounted, like xchg?
<clever> rnhmjoj: ah, xchg-shared
<clever> although....
<clever> then back from host->guest
<clever> rnhmjoj: you would have to copy it from guest to host using xchg, then move it from one xchg to the other xchg
<clever> rnhmjoj: each host has its own xchg dir, under some statedir
<clever> rnhmjoj: there is a dedicated xchg mount point for just that, check the other nixos tests for an example
<clever> mananamenos: if you are using an ssh agent, it will inherit those vars and keys
<clever> mananamenos: or just `sudo -i` to get a root shell
<clever> mananamenos: then its not actually set to not be broken
<clever> mananamenos: how does your default.nix load nixpkgs?
<clever> mananamenos: -I nixpkgs=/path/to/nixpkgs
<clever> dminuoso: and your less likely to run into a 500 mile email problem, due to the distro downgrading components on you
<clever> jollyjester: last week, slim was finally removed (its been unmaintained since ~2014)
<clever> jollyjester: do you know functional programming?
<clever> that way of finding things, also applies to other distros sometimes
<clever> jollyjester: for example, instead of assuming the config is in /etc/nginx/nginx.conf, you `ps aux | grep nginx` and look at whatever `--config` is telling it to look at
<clever> jollyjester: one trick, is to just forget everything you know about where files normally are, and learn how to find where a tool is told to look
<clever> thats more in the FHS scope
<clever> and then having to manually tell each package where to find all of its deps
<clever> you could think of it like just building every package with its own custom --prefix=
<clever> yeah, that adds a bit of a learning curve
<clever> jollyjester: my brain is just wonky, ive memorized a decent chunk of the source for nix, nixops, and nixpkgs
<clever> ,callPackage jollyjester
<clever> jollyjester: are you using callPackage?
<clever> (or channel)
<clever> jollyjester: which nixpkgs rev are you on?
<clever> jollyjester: for simple 2-4 line scripts, something like https://github.com/cleverca22/nixos-configs/blob/master/util.nix would do
<clever> jollyjester: that will generate a package, that copies something.sh, and replaces @firefox@ with self.firefox
<clever> jollyjester: you would write a package overlay, that does something = self.substituteAll { src = ./something.sh; firefox = self.firefox; }; i believe
<clever> jollyjester: grep the nixpkgs source for substituteAll, youll find an example near nixos-install and nixos-rebuild
<clever> jollyjester: thats a function that pkgs.substituteAll uses
<clever> jollyjester: and then nix-env -iA nixos.something
<clever> jollyjester: you would write a package overlay, that does something = self.substituteAll { src = ./something.sh; firefox = self.firefox; }; i believe
<clever> jollyjester: check nixpkgs for examples of how substituteAll is used
<clever> jollyjester: you usually want to build that bash script with nix, so you would use something like pkgs.substituteAll to replace @firefox@ with pkgs.firefox
<clever> evils: you can use callPackage in all-packages.nix to load the file and pop it into pkgs
<clever> jollyjester: then its not a string in a nix file
<clever> jollyjester: if your bash is a string in a nix file, ${pkgs.firefox}/bin/firefox
<clever> evils: you can either do `symbols = something;` right in the kicad derivation (but kicad will depend on, and force symbols to build first), or you can do `passthru.symbols = something;` then kicad wont depend on the symbols
<clever> yeah, simpler to use a fetchgit then
<clever> might get away with just `kicad-libraries = fetchgit`
<clever> yorick: ah, in that case, it would be better to just make 2 seperate derivations
<clever> evils: the kicad package would `mkdir $libraries` and copy things to there, while doing its normal build
<clever> evils: you could add `outputs = [ "out" "libraries" ];` to the derivation, then reference `${kicad.libraries}` to get the files that got installed to $libraries
<clever> ij: thats what the default NIX_PATH should look like
<clever> /home/clever/.nix-defexpr/channels:nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
<clever> ij: `nix-env -f '<nixpkgs>' -iA cri-o` would make nix-env obey the same NIX_PATH that nix-build obeyed
<clever> changed*
<clever> ij: something changes NIX_PATH, so its ignoring the channels on root
<clever> ij: echo $NIX_PATH
<clever> ij: what does it output?
<clever> ij: and: nix-instantiate --find-file nixpkgs ?
<clever> ij: not sure what could be the issue then, what happens with `nix-build '<nixpkgs>' -A cri-o` ?
<clever> evils: and at compile time, you can bake $static/foo into the binaries if you need to
<clever> evils: and then install files to both $out and $static
<clever> evils: just set the outputs attr of the derivation, outputs = [ "out" "static" ];
<clever> ij: that should work, what does `nix-channel --list` say?
<clever> evils: so when you switch to static linking of the haskell components, it wont depend on ghc at runtime
<clever> evils: haskell packages do that, so the assets dont depend on the dynamic lib, and then ghc itself
<clever> ij: are you on nixos or other?
<clever> ij: what error does it fail with?
<clever> yeah
<clever> the name is also part of the <s>, so ./foo and ./bar have different hashes, even with identical files
<clever> viric: that explains all the dirty details of the internals
<clever> viric: yeah, one minute
<clever> viric: so whatever is receiving the string, must depend on hello
<clever> viric: if you pass "${hello}" to another derivation, it uses that context to know that the string depends on hello
<clever> viric: every string has some context attached to it, saying which derivations the string depends on
<clever> jjakob: nix is using split outputs, to let you install one part or the other
<clever> jjakob: the dnsutils are in the bind source, and compiled when building bind
<clever> jjakob: dnsutils is part of the bind package
<clever> 14050 dnsutils = bind.dnsutils;
<clever> thats why it didnt sound right!
<clever> viric: that doesnt sound right
<clever> viric: run `nix-store -qR` on the drv, to confirm your looking at the right patch path
<clever> viric: oh, nix-instantiate must always copy the patch file
<clever> viric: remove the root to the thing depending on the patch, and nix-store --delete it
<clever> viric: they should both say unknown-deriver i believe
<clever> what does `nix-store --query --deriver` say on each?
<clever> and something like md5sum agrees they are identical?
<clever> and the other storepath with ./foo?
<clever> not sure then
<clever> viric: is the name the same?
<clever> yeah
<clever> so it will work fine in this case
<clever> but only works for files with pure text content
<clever> `builtins.toFile (builtins.readFile ..)` could force it to never be executable
<clever> label it as user error when the wrong tool is chosen
<clever> just make sure its always cloned with the right tool
<clever> i dont think theres much you can do about that
<clever> ah
<clever> why does the file sometimes have the execute bit?
<clever> viric: it will get whatever the execute state is for the original my.patch
<clever> laas: lib.recursiveUpdate
<clever> but you usually also loose all disk contents on reboot when in such a setup
<clever> kaliumxyz: most FS's will also keep a read cache, so recently used files stay in ram, but you could force that if you use something like the installer media, where it unionfs's a read-only store with a tmpfs
<clever> kaliumxyz: thats basically what you get if you enable fstrim on an ssd, it will pre-erase blocks, so it writes faster
<clever> notgne2: changing /nix/store also means you cant use nixops to deploy linux
<clever> notgne2: and recompiling to put /nix/store elsewhere means recompiling EVERYTHING
<clever> notgne2: local?store=/mnt/ only works if you can chroot, and darwin doesnt have chroot support
<clever> ,libraries Nazral

2019-11-21

<clever> possibly
<clever> yeah
<clever> and nix always gives base32 in its messages
<clever> you can tell from the length and letters
<clever> i have had confusion before, where it treated X and Y as valid hashes, yet X != Y, because X was base16, and Y was base32 of the same hash
<clever> once both are base32, i can confirm, it still is a different hash
<clever> 1www3x2r6r7pck43ismlwy82x0j6xj2qiwvfs2pn687gsmhlh4ad
<clever> [root@amd-nixos:~]# nix-hash --to-base32 4d114861d5ef2063afd06ef38885ec46822e90e7b4ea38c864f76493451f9cf3 --type sha256
<clever> dema: one is base16, the other is base32
<clever> qyliss: once it is the hash of something, its time to abandon that hash algo :P
<clever> even if its source for something entirely different
<clever> and if that $out already exists, it just uses it
<clever> a fixed-output derivation uses the name and hash to compute what $out will be
<clever> dema: i always set my editor to replace mode, and zero out a few digits
<clever> dema: if the hash is valid for something else, then nix may continue to use that something else, and ignore the url
<clever> you will want to either fix any-nix-shell, or just remove the plugin that is making things worse
<clever> `command nix-shell` is how you tell bash to bypass things, without doing anything special
<clever> `strace nix-shell` bypasses all aliases and shell functions, and runs the nix-shell in $PATH
<clever> that would do it!
<clever> dema: what does `type nix-shell` say?
<clever> dema: ah, that could be broken
<clever> dema: yep, definitely bash
<clever> dema: what is any-nix-shell?
<clever> dema: yeah, and if you do `ps` inside that shell, it says your in bash?
<clever> dema: can you pastebin the output of `strace -f -e execve nix-shell -p` ?
<clever> which makes it imposible to do anything in the game
<clever> they changed the version of the unity engine, and it conflicts with proton, so the mouse pointer moves violently, every time i click
<clever> and the last windows game i had working has been unplayable after the last update
<clever> notgne2: ah, i dont think ive tried using it
<clever> notgne2: what did vulkan do again?
<clever> on this card
<clever> 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Bonaire XTX [Radeon R7 260X/360]
<clever> asheshambasta: i'm using videoDrivers = [ "amdgpu" ];
<clever> ubuntu has serious trouble changing gpu drivers back and forth that easily
<clever> thats one nice thing with nixos, if you remember to clean that option out, all traces of that gpu driver are gone
<clever> asheshambasta: the even more modern gpu drivers (kms, kernel mode switching) are suppose to resolve that issue, but your driver has to support it
<clever> asheshambasta: linux has a kernel panic instead of a bsod, but modern gui layers prevent the panic from being visible
<clever> asheshambasta: so i just retired the SSD, and moved my zfs pool purely to nvme
<clever> asheshambasta: the windows only (ugh) utility to update the firmware just fails with "unknown error" (double ugh)
<clever> asheshambasta: i had similar, it turned out to be a firmware bug in my ssd
<clever> asheshambasta: anything obvious in dmesg?
<clever> asheshambasta: thats weird, what exactly is crashing if you use the default kernel?
<clever> asheshambasta: try `hardware.parallels.package = pkgs.hello;` then
<clever> chloekek: if you give fetchTarball the hash it wants, then it will be in the nix store, and then you can diff to figure things out
<clever> chloekek: pkgs.fetchzip unpacks for you
<clever> asheshambasta: try `hardware.parallels.package = pkgs.hello;` to make it shut up?
<clever> asheshambasta: and there is no trace of hardware.parallels in hardware-configuration.nix?
<clever> chloekek: run `diff -r` on the 2 store paths
<clever> asheshambasta: can you pastebin your whole configuration.nix file?
<clever> 162 description = "Parallels Tools for Linux guests";
<clever> asheshambasta: are you using prl-tools somewhere?
<clever> 9 assert kernel != null -> stdenv.lib.versionOlder kernel.version "4.15";
<clever> asheshambasta: what did you set kernelPackages to?
<clever> --add doesnt take effect until --update
<clever> unstable also has a linuxPackages_latest, which is either 5.1 or 5.2, not sure
<clever> ,unstable
<clever> asheshambasta: 5.1 was removed from 19.09, because it was due to be deprecated within the life of 19.09
<clever> Atrak: `nix repl` isnt recursive by default
<clever> Atrak: try :p
<clever> Atrak: now use `builtins.readFile ./foo.json` in nix, to get the whole json as a string
<clever> Atrak: to start with, have you ran yaml2json on the file?
<clever> Atrak: builtins.fromJSON turns a json object into a nix set
<clever> lovesegfault: thats a stdenv meant for use with clang, and it should provide a fully working clang
<clever> lovesegfault: clangStdenv.mkDerivation
<clever> Atrak: nix-build -E 'with import <nixpkgs> {}; pkgs.haskell.lib.disableCabalFlag pkgs.haskellPackages.yaml "no-exe"'
<clever> lovesegfault: and if you want to use clang, then you should use clangStdenv
<clever> lovesegfault: every attribute you pass to mkShell should become an env var
<clever> Atrak: once you convert your yaml to json, nix can parse it with normal builtins.readFile and builtins.fromJSON
<clever> Atrak: this expression will compile to a package with yaml2json and json2yaml binaries
<clever> > pkgs.haskell.lib.disableCabalFlag pkgs.haskellPackages.yaml "no-exe"
<clever> Atrak: one min
<clever> reactormonk: lib.recursiveUpdate
<clever> or just check what is within it
<clever> > stdenv.cc.cc
<clever> yep
<clever> > (42 == 52)
<clever> so it then tries to eval `= stdenv`
<clever> it see's an = and tries to assign a var
<clever> i think its the bot
<clever> o1lo01ol1o: and a fixed-output drv only runs once for a given outputHash
<clever> o1lo01ol1o: for any build-time fetch, you must use a fixed-output derivation
<clever> o1lo01ol1o: allowed-uris is only for eval time things, builtins.fetchTarball
<clever> Guest84: yes
<clever> fresheyeball: the $src must always be in /nix/store/
<clever> CMCDragonkai: try doing `strace -o logfiles -ff nvidia-smi` and then gist all of the logfiles
<clever> and ive not tried getting xserver to work at the same time as compute, since its in the cloud and i had no console access
<clever> yeah, ive only had success with nvidia in the cloud, and i dont have any nvidia cards locally to play with
<clever> i would say strace `nvidia-smi` to see what its doing
<clever> i cant do any kind of compute jobs on this card
<clever> 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Bonaire XTX [Radeon R7 260X/360]
<clever> but i have done it a bit in packet.net and aws
<clever> ive not gotten gpu compute to work on any hardware i have physical access to
<clever> every bios vendor decides to name it differently
<clever> CMCDragonkai: there is sometimes an option to choose between the internal and pcie gpu, as primary
<clever> CMCDragonkai: are you able to access the bios?

2019-11-20

<clever> Nyanloutre[m]: the -c flag tells it to look in a different etc folder