Re: [Nix-dev] NixCon thanks
On 17 November 2015 at 10:36, stewart mackenziewrote: > Great putting faces to names, currently working my way through the talks > online. > > Very enjoyable indeed. I completely agree. (I watched most talks online yesterday.) Best regards, Bjørn Forsman ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Set up a Sufficiently Powerful Build Farm
Hi Eelco, >>> Just to be clear: you mean it compresses *to* 8%, or *by* 8%? >> >> By 8%. > > Hm, that's surprisingly low. it turns out that nix-push compressed to ~8%, actually. I did not read nix-push's out output correctly. I repeated the experiment a moment ago, and a closure of all active builds in 'haskellPackages' comes out weighing 2,212 MiByte (instead of the uncompressed 31 GiByte) on x86_64-linux. I suppose this means the build products from *all* Haskell package sets for *all* platforms would take up approximately 100 GiByte in compressed form. Best regards, Peter ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Should we update Haskell packages in release-15.09?
Hi James, > How often are we seeing security vulnerabilities in Haskell packages? it's hard to say. I am not aware of anyone tracking vulnerabilities specifically for Haskell packages. I know that the 'tls' family of packages has had security relevant updates in the past, but I don't know how often these things happen. > If it's rare enough, and we have enough time and energy, it would be > nice to resolve each case neatly (e.g. either extract just the > necessary security patch, or fix the updated package so it's no longer > incompatible with the versions we've frozen in 15.09). I agree that this would be the best solution. Personally, however, I cannot do this. > But if it's not rare, or nobody has the time and energy, then I vote > for merging your pull request and keeping the Haskell packages > current. OK, that is what I've done for the time being. :-) Thanks for the feedback. Best regards, Peter ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] Oliver Charles Talk
Hi Oliver, I'd greatly appreciate it if you could share your cleaned up deployment nix scripts for fynder. You're doing some really cool stuff there which is currently what I'm building out here: github.com/fractalide/nixos-infrastructure btw I've got a boot-nix which is a boot-clj.com task which enumerates clojure/script dependencies then downloads them, hopefully others might be interested in that. https://github.com/fractalide/boot-nix Thanks for giving that talk! /sjm ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] Hydra.nixos.org problems
Hi, We're getting lots of Hydra errors saying: Aborted: cannot connect to ‘root@kenny’: Connection closed by 131.180.119.71 It seems to be killing lots of builds randomly. Incidentally, it might be nice if the fact that one build slave is unreachable wouldn't lead to the jobs being aborted. They could be retried, perhaps getting lucky to be assigned to a working machine. Vladimir smime.p7s Description: S/MIME Cryptographic Signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Should we update Haskell packages in release-15.09?
On 11/10/2015 04:41 PM, Peter Simons wrote: > The problem I see is that the normal approach of "update packages only > if it's relevant for security" is really hard to pull off in practice, I believe it's announced somewhere that it's fine to (optionally) push bugfix/maintenance -only updates as well into the stable branches. However, I'm not sure how many Hackage packages even make such a distinction in their releases. Vladimir smime.p7s Description: S/MIME Cryptographic Signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] Please help me with getting the Taskserver service running
Hi! I'm currently working on the taskserver service for taskwarrior synchronization[0]. I have serious problems a) understanding how to do things b) finding out how tests for services are written (where is the documentation on this? Lethalman on IRC told me there is none? We should create one!) The problems I'm facing is mainly the fact that the taskserver wants to create certificates and keys[1]. A follow-up problem will be the creating of users on the taskserver. I'm not even sure how to approach this problem: Should the certificates be generated on service startup (only once, of course, in the service definition)? Or should the user generate them? Either way: How to do this properly? The keys must be exported, so the user can put them into his dotfiles, as taskwarrior wants the key files for synchronization. I'm working on it in my nixpkgs clone[2], which differs from the pull request I opened[3] on this because I rebase this branch on my unstable channel commit, so I do not have to rebuild all the time. Patches will be ported to the PR ASAP I get things working. Would be nice if someone could help me here. [0]: http://taskwarrior.org/docs/taskserver/setup.html [1]: http://taskwarrior.org/docs/taskserver/configure.html [2]: https://github.com/matthiasbeyer/nixpkgs/commits/try-taskserver [3]: https://github.com/NixOS/nixpkgs/pull/7771 -- Mit freundlichen Grüßen, Kind regards, Matthias Beyer Proudly sent with mutt. Happily signed with gnupg. signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Pass arguments to 'required' configs
Hi Sergey, If you are not using the proxy_port and proxy_host values for selecting the modules, I suggest you use the module system instead. This means that your previous example would become something like the example below. This solution is a bit more verbose, but you might be able to introspect these options with nixos-option command line tool and NixUI. // configuration.nix { require = [ /etc/nixos/configuration.nix ./include/global_bash_aliases.nix ]; custom.go.proxy.port = 4343; custom.go.proxy.host = "myproxy.local"; … } // ./include/global_bash_aliases.nix { config, pkgs, lib, ... } : with lib; { options = { custom.go.proxy.port = mkOption { default = 4242; example = 4343; type = types.uniq types.int; description = '' port number used by the goproxy shell alias command. ''; }; custom.go.proxy.host = mkOption { example = "example.com"; type = types.uniq types.str; description = '' host name used by the goproxy shell alias command. ''; }; }; config = { environment = { extraInit = with config.custom.go.proxy '' alias goproxy "nc ${port} ${host} ''; }; }; } On Tue, Nov 17, 2015 at 2:17 PM, Sergey Mironovwrote: > Hi. This is a follow-up to my previous letter about Private NixOS modules. > > Another thing I am missing is the ability to pass arguments to > 'required' configuration modules. Below is the illustration of the > idea. Could you please give me some advice on this? > > Regards, > Sergey > > > // configuration.nix > > {config, pkgs, ...}: > let > proxy_port = "4343"; > proxy_host = "myproxy.local"; > in > { > require = [ > /etc/nixos/hardware-configuration.nix > .. > (withArguments ./include/global_bash_aliases.nix { inherit > proxy_port proxy_host; }) > .. > ]; > ... > > } > > > //./include/global_bash_aliases.nix > > { proxy_port, proxy_host} : > { config, pkgs, ... } : > { > environment = rec { > > extraInit = '' >alias goproxy "nc ${proxy_port} ${proxy_host} > ''; > }; > > } > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev -- Nicolas Pierron http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/ ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] [nix-dev] private NixOS modules
Hi Sergey, I think you can set the NIXOS_EXTRA_MODULE_PATH [1] environment variable to achieve that. Otherwise, you can change your configuration.nix file to always include your new module list, and to include your own real-config.nix [1] https://github.com/NixOS/nixpkgs/blob/master/nixos/lib/eval-config.nix#L30 On Tue, Nov 17, 2015 at 2:04 PM, Sergey Mironovwrote: > Hi. I'd like to write a couple of NixOS modules which probably don't > look meaningful for large audience. Normally, we keep modules in > nixpkgs/nixos/modules directory and list them in module-list.nix file. > In my case, I'd like to put module in a private place (which is my git > repo which keeps nixpkgs as a Git submodule). Is it possible to > 'include' them in the public list to make them accessible from > per-system.nix files? > > As a result, I'd like to be able to write in configuration.nix > something like the following: > > services.my-custom-service = { > enable = true; > ... > } > > without including expression for my-custom-service in the public tree. > > Regards, > Sergey > ___ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev -- Nicolas Pierron http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/ ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] [nix-dev] private NixOS modules
Hi. I'd like to write a couple of NixOS modules which probably don't look meaningful for large audience. Normally, we keep modules in nixpkgs/nixos/modules directory and list them in module-list.nix file. In my case, I'd like to put module in a private place (which is my git repo which keeps nixpkgs as a Git submodule). Is it possible to 'include' them in the public list to make them accessible from per-system.nix files? As a result, I'd like to be able to write in configuration.nix something like the following: services.my-custom-service = { enable = true; ... } without including expression for my-custom-service in the public tree. Regards, Sergey ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] Pass arguments to 'required' configs
Hi. This is a follow-up to my previous letter about Private NixOS modules. Another thing I am missing is the ability to pass arguments to 'required' configuration modules. Below is the illustration of the idea. Could you please give me some advice on this? Regards, Sergey // configuration.nix {config, pkgs, ...}: let proxy_port = "4343"; proxy_host = "myproxy.local"; in { require = [ /etc/nixos/hardware-configuration.nix .. (withArguments ./include/global_bash_aliases.nix { inherit proxy_port proxy_host; }) .. ]; ... } //./include/global_bash_aliases.nix { proxy_port, proxy_host} : { config, pkgs, ... } : { environment = rec { extraInit = '' alias goproxy "nc ${proxy_port} ${proxy_host} ''; }; } ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Please help me with getting the Taskserver service running
> The problems I'm facing is mainly the fact that the taskserver wants > to create certificates and keys[1]. A follow-up problem will be the > creating of users on the taskserver. What about describing which kind of user(s) you mean? /etc/passwd ones? See MySQL service for instance and ids.nix. Certificates: Apache and similar have settings to tell it which certificates to use. You want to look at similar services like ssh/dovecot/... how it is done. I'm unsure. There are two choices: Either use a pre startup script to create them (eg mysqlinit or such gets used this way) - or allow user to set paths. Usually its nice if things "just work" which means generating certificates. Eg mysql does not populate time zone info (mysql_tzinfo_to_sql /etc/zoneinfo/ | mysql) should it be done? the MYSQL_TZ function requires it (otherwise it returns null) If nobody has a strong opnion just be the maintainer and make a choice ? Testing services see nixos/tests/* How to run? See nixos/release.nix or release-combined. nix-build -A tests.firwall -f release.nix or such. (I didn't run any test for a long time). Marc Weber ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Please help me with getting the Taskserver service running
On 17-11-2015 16:59:16, Marc Weber wrote: > > The problems I'm facing is mainly the fact that the taskserver wants > > to create certificates and keys[1]. A follow-up problem will be the > > creating of users on the taskserver. > What about describing which kind of user(s) you mean? /etc/passwd ones? No, taskserver internal ones. > Certificates: Apache and similar have settings to tell it which > certificates to use. You want to look at similar services like > ssh/dovecot/... how it is done. I'm unsure. > > There are two choices: Either use a pre startup script to create them > (eg mysqlinit or such gets used this way) - or allow user to set paths. > > Usually its nice if things "just work" which means generating > certificates. That's what I'm aiming for. > > Eg mysql does not populate time zone info (mysql_tzinfo_to_sql /etc/zoneinfo/ > | mysql) > should it be done? the MYSQL_TZ function requires it (otherwise it returns > null) > > If nobody has a strong opnion just be the maintainer and make a choice ? What do you mean by that? > > Testing services see nixos/tests/* How to run? See nixos/release.nix or > release-combined. nix-build -A tests.firwall -f release.nix or such. > (I didn't run any test for a long time). Yeah, I know that already, though there is no documentation on how to _write_ them properly! -- Mit freundlichen Grüßen, Kind regards, Matthias Beyer Proudly sent with mutt. Happily signed with gnupg. signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] TexLive wiki page
Hi. On 11/17/2015 07:05 PM, Arseniy Seroka wrote: > Please, can someone write about our new texlive support in a wiki page > https://nixos.org/wiki/TexLive_HOWTO? I had put a link to the currently only documentation at the top of that wiki page. It's planned to have a better user docs in nixpkgs manual. I might even find time for it myself within a few weeks, unless someone does it first. Vladimir smime.p7s Description: S/MIME Cryptographic Signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] TexLive wiki page
Please, can someone write about our new texlive support in a wiki page https://nixos.org/wiki/TexLive_HOWTO? -- Sincerely, Arseniy Seroka ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] TexLive wiki page
Didn't we decide to kill (all of) the wiki and replace it with real documentation? :-) See Rok's nicely inspiring NixCon talk "Make Nix friendlier for Beginners", https://media.ccc.de/v/nixcon2015-3-MakeNixfriendlierforBeginners -- Regards, Hajo Möller ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] TexLive wiki page
On 17-11-2015 20:53:24, Pascal Wittmann wrote: > On 11/17/2015 08:03 PM, Hajo Möller wrote: > > Didn't we decide to kill (all of) the wiki and replace it with real > > documentation? :-) > > > > See Rok's nicely inspiring NixCon talk "Make Nix friendlier for Beginners", > > https://media.ccc.de/v/nixcon2015-3-MakeNixfriendlierforBeginners > > As far as I know no decision was made. Rok only made the proposal in his > talk. But +1 from me for killing the wiki and migrate it into "real" > documentation. I wonder what a "real" documentation looks like! -- Mit freundlichen Grüßen, Kind regards, Matthias Beyer Proudly sent with mutt. Happily signed with gnupg. signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] TexLive wiki page
On 11/17/2015 08:03 PM, Hajo Möller wrote: > Didn't we decide to kill (all of) the wiki and replace it with real > documentation? :-) > > See Rok's nicely inspiring NixCon talk "Make Nix friendlier for Beginners", > https://media.ccc.de/v/nixcon2015-3-MakeNixfriendlierforBeginners As far as I know no decision was made. Rok only made the proposal in his talk. But +1 from me for killing the wiki and migrate it into "real" documentation. signature.asc Description: OpenPGP digital signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
[Nix-dev] [PATCH] pulseaudio: Add support for package configuration files.
In a fashion like udev's support, this patch allows configurations from packages to be merged in to directories for PulseAudio to read from. Currently supported directories are the alsa-mixer mdoule's profile-sets and paths. This is accomplished by patching PulseAudio to read directories from environment variables globally defined by NixOS rather from the data path in the Nix store. Modules that support it (such as the alsa module) can still be configured at runtime to use specific paths, this just changes the default paths. The environment variables are only used if they're defined, as such the previous behaviour can be reverted to if the variables are unset or NixOS isn't running. --- nixos/modules/config/pulseaudio.nix | 43 + pkgs/servers/pulseaudio/custom-dirs.patch | 52 +++ pkgs/servers/pulseaudio/default.nix | 2 +- 3 files changed, 96 insertions(+), 1 deletion(-) create mode 100644 pkgs/servers/pulseaudio/custom-dirs.patch diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index 2ebc612..bad4bf3 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -52,6 +52,37 @@ let } ''); + # Create a directory full of configuration files for PulseAudio to use for + # various modules. Packages are scanned similiar how udev does it. + moduleEnvVars = { +PA_ALSA_PATHS_DIR = "${moduleConf}/alsa-paths"; +PA_ALSA_PROFILE_SETS_DIR = "${moduleConf}/alsa-profiles"; + }; + moduleConf = stdenv.mkDerivation { +name = "pulseaudio-moduleconf"; + +preferLocalBuild = true; +allowSubstitutes = false; + +buildCommand = '' + mkdir -p $out/{alsa-profiles,alsa-paths} + shopt -s nullglob + set +o pipefail + + function copy_dir() { +for j in $1/$2/*; do + echo "Copying $i to $out/$3/$(basename $j)" + cat $j > $out/$3/$(basename $j) +done + } + + for i in ${toString cfg.packages}; do +echo "Adding configuration for package $i" +copy_dir $i/usr/share/pulseaudio/alsa-mixer profile-sets alsa-profiles +copy_dir $i/usr/share/pulseaudio/alsa-mixer paths alsa-paths + done +''; + }; in { options = { @@ -96,6 +127,17 @@ in { ''; }; + packages = mkOption { +type = types.listOf types.path; +description = '' + List of packages containing additional PulseAudio configuration. + All files found in the following directories: + pkg/usr/share/lib/pulseaudio/alsa-mixer/profile-sets + pkg/usr/share/lib/pulseaudio/alsa-mixer/paths + will be included. +''; + }; + package = mkOption { type = types.package; default = pulseaudioLight; @@ -130,6 +172,7 @@ in { }; hardware.pulseaudio.configFile = mkDefault "${cfg.package}/etc/pulse/default.pa"; + environment.sessionVariables = moduleEnvVars; } (mkIf cfg.enable { diff --git a/pkgs/servers/pulseaudio/custom-dirs.patch b/pkgs/servers/pulseaudio/custom-dirs.patch new file mode 100644 index 000..00e2ee7 --- /dev/null +++ b/pkgs/servers/pulseaudio/custom-dirs.patch @@ -0,0 +1,52 @@ +diff -Naur pulseaudio-7.0/src/modules/alsa/alsa-mixer.c pulseaudio-7.0.new/src/modules/alsa/alsa-mixer.c +--- pulseaudio-7.0/src/modules/alsa/alsa-mixer.c 2015-09-15 14:46:06.0 +1000 pulseaudio-7.0.new/src/modules/alsa/alsa-mixer.c 2015-11-18 12:58:33.490001078 +1100 +@@ -2521,10 +2521,11 @@ + } + + static const char *get_default_paths_dir(void) { ++char *env = getenv("PA_ALSA_PATHS_DIR"); + if (pa_run_from_build_tree()) + return PA_SRCDIR "/modules/alsa/mixer/paths/"; + else +-return PA_ALSA_PATHS_DIR; ++return (env ? env : PA_ALSA_PATHS_DIR); + } + + pa_alsa_path* pa_alsa_path_new(const char *paths_dir, const char *fname, pa_alsa_direction_t direction) { +@@ -4347,6 +4348,7 @@ + pa_alsa_profile *p; + pa_alsa_mapping *m; + pa_alsa_decibel_fix *db_fix; ++char *env; + char *fn; + int r; + void *state; +@@ -4392,9 +4394,10 @@ + if (!fname) + fname = "default.conf"; + ++env = getenv("PA_ALSA_PROFILE_SETS_DIR"); + fn = pa_maybe_prefix_path(fname, + pa_run_from_build_tree() ? PA_SRCDIR "/modules/alsa/mixer/profile-sets/" : +- PA_ALSA_PROFILE_SETS_DIR); ++ (env ? env : PA_ALSA_PROFILE_SETS_DIR)); + + r = pa_config_parse(fn, NULL, items, NULL, ps); + pa_xfree(fn); +diff -Naur pulseaudio-7.0/src/tests/alsa-mixer-path-test.c pulseaudio-7.0.new/src/tests/alsa-mixer-path-test.c +--- pulseaudio-7.0/src/tests/alsa-mixer-path-test.c2014-02-15 03:06:12.0 +1100 pulseaudio-7.0.new/src/tests/alsa-mixer-path-test.c2015-11-18 12:57:40.750001071 +1100 +@@ -15,10 +15,11 @@ + + /*
Re: [Nix-dev] NixCon thanks
Great putting faces to names, currently working my way through the talks online. Very enjoyable indeed. /sjm ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] NixCon thanks
On 16-11-2015 18:10:13, Karsten Gebbert wrote: > Arseniy Serokawrites: > > > Thank you all for NixCon 2015! That was super amazing and super awesome. > > I agree completely! For me it was also really amazing. I learned *a lot* and > am > looking forward to get deeper into everything. :) > Me too! I learned a lot! Thank you all for beeing there and for the great event! -- Mit freundlichen Grüßen, Kind regards, Matthias Beyer Proudly sent with mutt. Happily signed with gnupg. signature.asc Description: PGP signature ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] TexLive wiki page
Matthias Beyerwrites: > On 17-11-2015 20:53:24, Pascal Wittmann wrote: >> On 11/17/2015 08:03 PM, Hajo Möller wrote: >> > Didn't we decide to kill (all of) the wiki and replace it with real >> > documentation? :-) >> > >> > See Rok's nicely inspiring NixCon talk "Make Nix friendlier for Beginners", >> > https://media.ccc.de/v/nixcon2015-3-MakeNixfriendlierforBeginners >> >> As far as I know no decision was made. Rok only made the proposal in his >> talk. But +1 from me for killing the wiki and migrate it into "real" >> documentation. > > I wonder what a "real" documentation looks like! Of course that is debatable :) - I think the discussion ought to be about how to lower the bar to contribute documentation by making it more accessible/hackable and preferably concentrating in one place. IMHO, the Github wiki should probably be that place, and the workflow markdown/rst/org -> pandoc -> pdf/html (& possibly gh-pages). It makes it easy to contribute via $EDITOR + git or a convenient web interface. My $0.02 :) -- Karsten ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev
Re: [Nix-dev] Please help me with getting the Taskserver service running
The configuration of orgnisations, groups and users is not declarative, so it will be hard to implement this part in NixOS. Best way would be to write a short script which parses a yaml/json file and then "syncs" this configuration with taskserver. Unfortunately, taskserver isn't good documented and seems to be quite buggy to me (the whole "taskd" command line). Did you play a bit with the "taskd" tool? It's not much fun :-( -- Jascha Geerds j...@ekby.de ___ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev