Re: [Nix-dev] nixos-rebuild without Internet

[Danylo Hlynskyi]

In general, no, there isn't "partial" rebuild, because Nix itself doesn't
support "partial" builds (and NixOS is
just another derivation)

There are workarounds, however:
- don't setup network via NixOS modules, do it with direct imperative
commands
- often some commands are hidden. For example, when network-manager is
enabled, dhcpcd is disabled.
  And the only way to run dhcpcd is to find the binary in /nix/store/...
hoping GC didn't remove it.
- don't do channel updates and GCs, if you know you may experience internet
problems.
- if you do channel updates, don't GC channel profiles at least (so you can
nix-channel --rollback)
  I've done this several times, updated a channel to setup some package,
but didn't do nixos-rebuild...
- if you do know, what possible NixOS configurations may help you in
future, use the `nesting.clone` option.
  Let me show you an example.

  # configuration.nix
  { lib, ...}: {

 networking.networkmanager.enable = true;

 nesting.clone = [
   {
   networking.networkmanager.enable = lib.mkForce false;
   networking.dhcpcd.enable = lib.mkForce true;
   }
 ];

  }

  This defines a default configuration with NM enabled, and alternative
with NM disabled and DHCPcd enabled
  You can activate the alternative configuration with
  $ sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration
test

  To revert back either reboot, or
  $ sudo /run/booted-system/bin/switch-to-configuration test

  By using nesting.clone, you can declaratively control which parts of
configuration should
  be retained by GC collector without polluting your current environment.
  The activation of configuration shouldn't require internet connection.

2017-06-25 1:52 GMT+03:00 Maximilian Bosch :

> Hey guys,
>
> I'm using a NixOS setup on my developer machine. For WLAN networks I use
> the `networking.wireless` option as it allows me a declarative/reproducible
> setup of the networks I use on a daily basis.
>
> Unfortunately I'm facing from time to time the following issue: whenever I
> try to add a new network (and no connection is available ATM) I have a
> problem running `nixos-rebuild` as the rebuild usually causes a lot of
> other operations and some of them require a connection to the internet
> (e.g. for [re]downloads).
>
> However this is quite bad when I need a new network, but the rebuild
> fails. I currently solve it using several tricks, but in the end I'd like
> to now if there's some kind of tool to do a "partial-rebuild" on a NixOS
> machine (although it might break the reproducability as the expressions
> wouln'dt be 100%-deterministic anymore) or if I have to live with this
> issue.
>
> Thanks and have a nice Sunday,
>
> Maximilian
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Hydra and security updates

[Danylo Hlynskyi]

So, the assumption is: "security updates hardly should break stuff, so we
can apply them without tests"
And desire is: "don't publish untested changes to channel"

This clearly leads to necessity of two channels, just as described in
https://github.com/NixOS/nixpkgs/pull/10851#issuecomment-212099317

The second channel, like `nixpkgs-secure`, shouldn't be a fork of nixpkgs
with
`quickfix`-es, but perhaps an overlay with security patches.
It is then included like `nixpkgs.overlays = [ (import
).channel-unstable ];`

This would require for user to "configure" security-update system, and
maintainers to
update nixpkgs-secure package database alongside with nixpkgs master and
nixpkgs stable.

--

Another option is to maintain branches with sufficies "-secure".

1. maintainers should add/remove security patches to "XXX-secure" branches
in nixpkgs-channels
2. hydra should regularly merge "XXX-secure" to "XXX"
3. hydra should merge "XXX" to "XXX-secure" on channel updates
4. hydra should build "XXX" and "XXX-secure" in parallel, and publish
channel whichever finishes faster


2017-06-03 4:13 GMT+03:00 Leo Gaspard :

> On 06/03/2017 01:55 AM, Frank wrote:
> > Op 3-6-2017 om 0:59 schreef Leo Gaspard:
> >> On 06/02/2017 06:54 PM, Frank wrote:
> >>> Op 1-6-2017 om 23:32 schreef Leo Gaspard:
>  Hi all,
> 
>  I just wanted to point out an issue with hydra: it doesn't make any
>  distinction between security updates and normal changes.
> >>> Why is this an issue? Security-updates are just as likely to introduce
> >>> bugs as every other update.
> >> If I have to choose between having a security vulnerability and having
> >> some installer tests that don't build (as these seem to be the source of
> >> most test failures)... I know what I'd rather have (especially given
> >> install images aren't generated from every commit of nixpkgs), don't you
> >> think?
> > You mean al the tests that didn't catch the bug in the first place? Or
> > the tests that assure the fix will be installed without problems?
> >
> > If the testing is a problem for distributing the software, the tests are
> > probably wrong. You can't fix things by testing, so don't try to repeat
> > and improve the upstream testing (not during distribution at least).
> >
> > The focus of the distribution is, distributing software, that installs
> > well on all target systems. And if your fix breaks some systems it
> > doesn't matter how important it is for security.
> >
> > I really agree, it's important to roll out security fixes fast. But I
> > don't see why other updates should be very time consuming.
>
> OK, I think I failed explaining what I think the issue is.
>
> In my mind, the issue is not having a security fix that breaks tests*,
> as fixes are(/should be) tested by upstream to not change any observable
> behavior except the actual security flaw.
>
> However, the issue is in having security fixes being delayed by
> unrelated commits that break tests. Because those other packages are way
> more disruptive than a security fix, and can (often) break tests, as
> there is no enforced "must pass tests on hydra" before merging a PR.
>
>
> * Even though I'd bet that may happen with transient test failures --
> and I'd still want that patch, so that anyone can't break in my system,
> even though it may mean some features not working perfectly as intended:
> time for tests is when preparing the patch, patching systems should be
> done within a few hours at most to consistently avoid attacks, and a few
> hours is hardly enough to even rebuild the system and get people to
> patch. Like, major distros get an ahead-of-time notification of serious
> flaws and prepare and pre-build the patch before it's even known to us,
> just to get the patch out faster... But it's not my main point, as this
> should actually just never happen, the choice of behavior in this case
> is irrelevant.
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

[Nix-dev] hydra problems

[Danylo Hlynskyi]

1. https://hydra.nixos.org seems to have problems with HTTPS: in my Firefox.
2. no build results can be downloaded
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Declarative VMs in libvirt/Qemu

[Danylo Hlynskyi]

You can get some inspiration from NixOps libvirtd backend.
Also, I think little changes to NixOps will allow to start/stop non-NixOS
images too.

Though I've run into issues with network of libvirtd machines (DHCP
problems)...


2017-05-15 20:26 GMT+03:00 Justin Humm :

> Hello everyone,
>
> I'm looking for a best practice for declarative VMs in libvirt/qemu. What
> I want
> to do:
>
> * define volumes with an OS image (not NixOS) on it
> * access the fs on the volume once, change some files (e.g. ssh keys)
> * boot the vm
> * define networks, which connect the vms with each other
>
> Would be lovely to have this done entirely in Nix, but I haven't seen
> anything like that yet. Does anybody have an approach, which works good and
> is declarative?
>
> Best and thanks,
> Justin
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Nixos wiki project

[Danylo Hlynskyi]

People also can subscribe to wiki changes using
https://github.com/nixos-users/wiki/wiki.atom RSS feed

2017-05-10 9:56 GMT+03:00 Mic92 :

> As the official wiki is now finally part of the history:
> https://nixos.org/nixos/wiki.html,
> we have started our own community wiki:
>
>   https://github.com/nixos-users/wiki/wiki
>
> It is at the moment editable by every GitHub user and
> we use our IRC channel #krebs to review and track changes.
>
> We invite you to dump your knowledge and useful snippets,
> if you found out something cool about Nix/NixOS.
>
> Cheers Mic92.
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] why has each revision / generation not a own configuration.nix

[Danylo Hlynskyi]

Anotther solution shown in
https://mailman.science.uu.nl/pipermail/nix-dev/2017-April/023403.html
which has an advantage of copying related modules (assuming they belong to
same folder as configuration.nix)

2017-05-13 6:28 GMT+03:00 Stefan Huchler :

> Tomasz Czyż  writes:
>
> > https://nixos.org/nixos/options.html#configuration+copy
>
> Thanks nice, could not belive that I am the first "genieus" that thought
> on that.
>
> Do you know the reason why it defaults to false, cant think of any
> disadvantage of that functionality. I mean nixos eats harddrive like
> nearly no other distro. So saving space cant be the reason.
>
> Some sort of privacy concern?
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] NixOps prefer send from local.

[Danylo Hlynskyi]

did you consider

https://nixos.org/nixops/manual/#opt-deployment.hasFastConnection

?

2017-04-28 23:12 GMT+03:00 Kevin Cox :

> Hi all.
>
> I am using NixOps to configure a machine on the local network,
> unfortunately my uplink to the internet isn't great but the network is
> fast. Unfortunately when deploying I first download all the packages to
> my machine, then the remote host prefers using configured binary caches
> to download the packages. I was wondering if there is a way to prefer
> copying files from the local machine rather then consulting caches at all.
>
> I can remove the caches from the remote machines configuration but I do
> want to be able to install packages from the caches in user profiles, so
> while this is a workaround while deveoping I would need to remember to
> enable them again before I was done.
>
> I can also nix-serve the local machine but I am back to modifying the
> list of caches between deploying and using.
>
> So while I have two workarounds I was wondering if there was a simple
> solution.
>
> Thanks, Kevin
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Failure to boot after hibernate

[Danylo Hlynskyi]

Probably too late, but can you boot with hibernate=no kernel parameter?
In general I found this[1] article great on debugging suspend/hibernate
issues on Nixos (which I had twice).

[1] https://wiki.ubuntu.com/DebuggingKernelSuspend

2017-04-24 2:20 GMT+03:00 Bas van Dijk :

> I made a few pictures and a video of the boot process:
> https://goo.gl/photos/vrAkb5TFmZZ1J9kn9. In the video you can see that
> after I've input my passphrase the following lines are printed before
> the blinking cursor appears:
>
>   killall: cryptsetup: no process killed
>   starting device mapper and LVM...
> 2 logical volume(s) in volume group "MyStorage" now active
>   _
>
> Bas
>
>
> On 24 April 2017 at 00:48, Bas van Dijk  wrote:
> > Dear list,
> >
> > Two weeks ago I installed NixOS natively on my Mac Book Pro (I was
> > running NixOS in virtualbox before that). It ren well for two weeks
> > but today I hit a snag.
> >
> > I was doing some work when my battery power became too low. Then I
> > believe my system hibernated (suspended to disk) before it shut down.
> > Note that I've set:
> >
> >   powerManagement.enable = true;
> >
> > Now when I boot my system it asks me for the encryption passphrase for
> > my LUKS drive. After I enter it I see a cursor blinking for a few
> > seconds before it freezes. After that my system is unresponsive.
> >
> > As mentioned I have an encrypted LUKS drive. On top of that I have a
> > LVM root and swap volume. So what I believe has happened is that my
> > system saved its memory to the encrypted swap before it shut down. Now
> > when it boots up it tries to load that memory back in but fails for
> > some reason. I guess the trouble starts somewhere here:
> >
> >   https://github.com/NixOS/nixpkgs/blob/master/nixos/
> modules/system/boot/stage-1-init.sh#L407
> >
> > Note that I have not set: boot.resumeDevice. Also note that I have set:
> >
> >   swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
> >
> > Any idea how to fix this?
> >
> > Bas
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Presenting nix-index: a file-not-found utility

[Danylo Hlynskyi]

Great!
A question: what does it mean when expression is in round parents?

(wineUnstable.out)2,141 r /nix/store/
cl7b6kw7y8cqkpy4pnwwq4iqmaiw52d0-xextproto-7.3.0/include/
X11/extensions/secur.h

2017-04-21 13:36 GMT+03:00 Benno Fünfstück :

> Hello nixers,
>
> finding the package that provides a certain file in nixpkgs can be hard.
> That is why I've written a tool to make the process easier, which I thought
> would be helpful for other people as well: https://github.com/
> bennofs/nix-index
>
> To use it, you first have to generate an index:
>
> $ nix-index # this will generate an index for `` in NIX_PATH
>
> Note that it relies on the `ls{,.xz}` files from hydra, so for best
> results you should use it with `` pointing at a channel to
> maximize the chance of a path being available in the binary cache.
>
> You also need to make sure that all packages in `` evaluate. This
> is currently not the case for `nixos-unstable` or `nixos-17.03` (due to
> some obsolete haskell overrides). So if you're not using `nixpkgs-unstable`
> as your channel, you can instead run the following command to generate the
> index using the `nixpkgs-unstable` channel: (the `-f` argument works like
> the one from `nix-env`):
>
> $  nix-index -f https://d3g5gsiof5omrk.cloudfront.net/nixpkgs/
> nixpkgs-17.09pre105825.67adf69a16/nixexprs.tar.xz
>
> You can then search for files using `nix-locate`:
>
> $ nix-locate 'extensions/secur.h'
> xorg.xextproto.out2,141 r /nix/store/
> riqpq4m0h0hqgif0kkwxkhzjpvz81x3g-xextproto-7.3.0/include/
> X11/extensions/secur.h
> (wineUnstable.out)2,141 r /nix/store/
> cl7b6kw7y8cqkpy4pnwwq4iqmaiw52d0-xextproto-7.3.0/include/
> X11/extensions/secur.h
>
> The attribute path in parentheses indicates that the exact expression is
> unknown, but the store path is in the closure of the printed attribute.
>
> For more information, see the `--help` of the commands.
>
>
> Regards,
>
> Benno Fünfstück
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

[Nix-dev] Postgresql, rsyslog and systemd journal

[Danylo Hlynskyi]

Hi.

I want to enable syslog log destination in Postgresql. Existing postgresql
module hardcodes log_destination to 'stderr', so I use

#  alter system set log_destination = 'syslog'

in psql session.

The problem is, logs still are routed to systemd journal, not to configured
`rsyslog`.

As far as I can say, there is no problem on postgres side, because I see in
logs:

2017-04-18 13:24:39 GMT [3404]: LOG:  ending log output to
stderr

2017-04-18 13:24:39 GMT [3404]: HINT:  Future log output will go to log
destination
"syslog".
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] The Church of Suckless NixOS is looking for followers

[Danylo Hlynskyi]

I'm interested for this project to succeed, in case it will be NixOS
extension like nixsap[1], and not a fork like triton[2] or microgram[3].
Currently NixOS is very customizable:

- module system
- disabling modules [4]
- nixpkgs overlays

Because of these ways, it is possible to belong to The Church more
granularly (for example, use it's overlay, but not drop systemd) and
leverage NixOS as OS builder library

[1] https://github.com/zalora/nixsap
[2] https://github.com/triton/triton
[3] https://github.com/zalora/microgram
[4] https://github.com/NixOS/nixpkgs/pull/22764


2017-03-23 14:05 GMT+02:00 Jan Malakhovski :

> > However, all major Linux distributions without exceptions enable
> > "moderate" hardening by default for very good reasons, and all of them
> > can run on eeePC without issues.
> >
> > If your aim is not to run NixOS on arduino, or little embedded MIPS or
> > RISC-V machines, it does not matter at all. If you want to run on this
> ... or Intel Atom ...
> > can of machine, you know what you are doing and you know how to tune
> > your code anyway.
>
> At least for Atoms hardening does produce a qualitative difference. I'm
> not sure why. I assume that things that fit into cache without hardening
> stop fitting into it with hardening.
>
> Cheers,
>   Jan
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Use PHP FPM with 2 PHP versions simultaneously

[Danylo Hlynskyi]

Apart from container solution, there are no easy ways to do this.
1. You can patch nixpkgs and add option `phpPackage` per-pool, that
overrides global `phpPackage`
2. You can use `lib.mkForce` like here:

systemd.services.phpfpm-your-pool-name.serviceConfig = lib.mkForce {
  Slice = "phpfpm.slice";
  PrivateDevices = true;
  ProtectSystem = "full";
  ProtectHome = true;
  NoNewPrivileges = true;
  RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6";
  Type = "notify";
  ExecStart = "${phpPackage}/bin/php-fpm -y ${cfgFile} -c ${phpIni}";
  ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
}

but this (2a) breaks abstraction [1] and (2b) requires you to supply your
own ${cfgFile} and ${phpIni}

[1] especially beacuse of https://github.com/NixOS/nixpkgs/issues/23921
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] nixops: how to deploy containers with specified IP addresses

[Danylo Hlynskyi]

You may be interested in
https://github.com/NixOS/nixpkgs/issues/18355#issuecomment-288903363

But perhaps the easiest option would be to generate container .conf file
via `environment.etc."containers/***.conf"`, if you control host.

2017-04-03 21:57 GMT+03:00 Bas van Dijk :

> Dear list,
>
> I have a nixops deployment configuration where the machines are configured
> to run in a container on localhost:
>
>   deployment.targetEnv = "container"
>
> When deploying the configuration a machine gets the IP address 10.233.n.2
> where n is the order in which the machines got deployed. Since this happens
> in parallel the IP addresses are nondeterministic. I see that this is
> happening here:
>
> https://github.com/NixOS/nixpkgs/blob/master/pkgs/
> tools/virtualization/nixos-container/nixos-container.pl#L155
>
> With declarative containers user can specify the address using:
>
>   containers..localAddress
>
> Is there a way to override the computed IP address with a user supplied
> address for imperative containers deployed using nixops?
>
> Cheers,
>
> Bas
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] updating my mesos cluster to 17.03

[Danylo Hlynskyi]

Rolled back to 16.09, because Gnome3+gdb is unusable in 17.03 (system
inresonsible, lots of errors in logs)

Probably https://hydra.nixos.org/build/51025002, but not sure.

disappointed

2017-03-31 16:39 GMT+03:00 Azul :

>
> minor changes related to my own setup but looking good so far.
>
> happy
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Declarative containers are not updated after creation

[Danylo Hlynskyi]

You have to restart container for changes to apply.

Also, check second part of
http://lists.science.uu.nl/pipermail/nix-dev/2017-March/023069.html

Answering your question: the cause is because of an error in
switch-to-configuration.pl script

2017-03-31 0:35 GMT+03:00 Guido Witmond :

> Hi All,
>
> I'm reasonably new to Nix, I have a server running NixOs with caddy and
> transmission. Now I'm creating a declarative container to run Postfix
> and Dovecot to keep the user-namespace separate from the host.
>
> I've noticed that the container get started and both postfix and dovecot
> get started at 'nixos-rebuild test'. So far so good.
>
> Now when I change the configuration and run rebuild-test again, nothing
> happens. The changes don't get propagated to the container.
>
> In fact, when taking out the complete container-specification from my
> configuration.nix file, the container - and postfix and dovecot in it
> keep running.
>
> I'd expect that the inside of the declarative container be updated
> during nixos-rebuild test.
>
>
> Simplest test case:
>
> configuration.nix:
> containers."test" = {
>   autoStart = true;
>   config =
> { config, pkgs, ... }: {
>   services.transmission.enable = true;
> };
> };
>
> # nixos-rebuild test -I nixpkgs=/home/guido/nixpkgs/
>
> The nixpks is a clone of github.com/NixOS/nixpkgs.git at commit
> 955b79f4 (Sun Mar 26 17:12:13 2017 +0200) and the channel is
> https://nixos.org/channels/nixos-16.09
>
> To test: uncomment the transmission service and rebuild. The process
> remains running. I expect it to get stopped.
>
> Then delete the whole 'containers.test' section and rebuild again. The
> entire container keeps running while I expect it gets stopped.
>
>
>
> What could be the cause that the container won't get updated?
> What log files / systemd journals should I check for errors?
>
> Any help is appreciated.
>
> Regards,
> Guido Witmond.
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Typing nix − funding campaign

[Danylo Hlynskyi]

That looks like a feature of gradual typing: unless you exlicitly specify
type annotations, it can infer type, be it ?, ? -> ? or more complicated.

But I'm too interested on how to specify type for `if` without introducing
local lambda (e.g., will there be special syntax for this).

2017-03-29 19:25 GMT+03:00 Mateusz Kowalczyk :

> On 03/28/2017 10:45 AM, Théophane Hufschmitt wrote:
> > Hi everyone,
> >
> > My internship has now started, and I'll try to post regular updates on
> > https://typing-nix.regnat.ovh/ as promised. So if you're interested,
> > just follow the rss :)
> >
> >> --
> >> Théophane Hufschmitt
> >
>
> Hi,
>
> I'm sure you've answered this ad nauseum before but I wonder how you're
> going to type sets? They are bread-and-butter in nixpkgs. Presumably
> they will be typed on their fields with the standard subtyping, like
> anonymous records.
>
> Secondly, I wonder about the motivation for the typing of `if` with
> intersections. It seems counter-intuitive to have it in the type-system.
> Why not provide an explicit union type as part of some standard library?
> I would have thought that most people expect `if` to have `Bool -> a ->
> a -> a` type. Error messages suffer because it becomes unclear whether
> the caller to `if` is expecting wrong type or the `if` is providing
> wrong type. I don't think that sort of `if` usage is common in nixpkgs
> (at least not so common to justify weird typing as opposed to just
> fixing the uses which in turn could be detected if we don't have this
> typing rule).
>
> If stuff like this is already written somewhere, let me know and I'll RTFM.
>
>
> [1]: https://typing-nix.regnat.ovh/posts/lets-type-nix.html
>
>
> --
> Mateusz K.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Fwd: nixos-container networking

[Danylo Hlynskyi]

Host side:

networking.bridges.${bridgeName}.interfaces = [];
networking.interfaces.${bridgeName}.ip4 = [ { address = "${subnet}.1";
prefixLength = 24; } ];

# Each container takes at least 4 inotify file handles, so you quickly
reach limit 128 when spawning many containers
boot.kernel.sysctl."fs.inotify.max_user_instances" = 2048;

# internet in containers!
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-+" "vb-+" bridgeName ]; #
TODO check if bridgeName is required
networking.nat.externalInterface = "eth0";

Container side:

privateNetwork = true;
hostBridge = bridgeName;
localAddress = container_ip + "/24";
config = {
networking.defaultGateway = "${subnet}.1";
networking.extraHosts = ''
  ${subnet}.1 ${hostConfig.networking.hostName}
'';
};

There is also some code to set-up hostname resolving via /etc/hosts,
because I know little about DHCP
, mDNS, nss-* and so on (https://github.com/NixOS/nixpkgs/issues/16754). It
is a wrapper around `containers`
and monitors IP clashes (which are set manually in my setup)


In general, I have 1 bridge with multiple IPs/subnets, so containers in one
subnet don't see containers in other.

2017-03-14 20:12 GMT+02:00 Tomasz Czyż <tomasz.c...@gmail.com>:

>
> -- Forwarded message --
> From: Tomasz Czyż <tomasz.c...@gmail.com>
> Date: 2017-03-14 18:12 GMT+00:00
> Subject: Re: [Nix-dev] nixos-container networking
> To: Danylo Hlynskyi <abcz2.upr...@gmail.com>
>
>
> Hey Danylo,
>
> yup, I hit 13 char limit and because I was removing - I thought it's that.
>
> I also had the issue with recreating containers, but this happened only
> sometimes and didn't happen when I restart the machine so I was not sure
> why is that. Thanks for your mail, it's very useful.
>
> Would you share your bridget networking?
> I was trying that but I'm wondering if you have one shared bridge or you
> have bridge per container and how you access containers from host (or route
> traffic to them).
>
> Cheers,
> Tom
>
>
> 2017-03-14 6:01 GMT+00:00 Danylo Hlynskyi <abcz2.upr...@gmail.com>:
>
>> Strange, I have lot's of containers with "-" and experience no problems.
>> But maybe you've exceeded by accident limit 13 symbols per container name?
>>
>> Also, last time I tried "veth" networking, I was struggling from
>> https://github.com/NixOS/nixpkgs/issues/16330. My container experience
>> was awful when I tried container renames. That's why I've already switched
>> to bridged networking
>>
>> ---
>>
>> BTW, I highly recommend patch to switch-to-configuration.pl
>> <https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b277f78ece1bb81b79b5651897e46a2bf#diff-0a057d6ff3f6f83f68b859178484f4fe>
>> from https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b2
>> 77f78ece1bb81b79b5651897e46a2bf
>>
>> It isn't clear from commit message, but it does the following: makes
>> declarative containers truly reloadable (when you change
>> container config, it activates new configuration for container). The
>> culprit is *it should be* default behavior, because of
>>
>> 1. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/v
>> irtualisation/containers.nix#L225-L230
>> 2. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/v
>> irtualisation/containers.nix#L676
>>
>> I'd like to PR this, but got no time to test properly other parts of
>> Nixos.
>>
>> 2017-03-14 4:42 GMT+02:00 Tomasz Czyż <tomasz.c...@gmail.com>:
>>
>>> Michael, Ian, thank you for your answers.
>>>
>>> Looks like my problem was with the container name. I tried bunch of
>>> different setups which didn't work and I discovered that when I'm using "-"
>>> in container name it doesn't work (I had impression that worked one or two
>>> times when I started machine from scratch, but most of the time didn't).
>>>
>>> After I removed "-" from the name, looks like private network is working
>>> (I can access private IP of container) so I don't need NAT actually.
>>>
>>> Tom
>>>
>>> 2017-03-13 23:54 GMT+00:00 Ian-Woo Kim <ianwoo...@gmail.com>:
>>>
>>>> I've recently made nixos-container port forwarding easier (both
>>>> imperative and declarative) and it's now merged into master.
>>>>
>>>> https://github.com/NixOS/nixpkgs/pull/20869
>>>>
>>>> Hope that this helps.
>>>>
>>>> Ian
>>>>
>

Re: [Nix-dev] nixos-container networking

[Danylo Hlynskyi]

I think it's possible. It is even done for imperative containers:
https://github.com/NixOS/nixpkgs/blob/98a9d815e05dd56aba0f9040d96092335cd90444/pkgs/tools/virtualization/nixos-container/nixos-container.pl#L131
(but I think 11 chars is too restrictive - veth name should be 16 chars max
minus 3 for "ve-" or "vb-")

Another possibility to remove this (unintuitive IMO) restriction is to
generate veth name uniquely by some hashing (like it's done in
https://github.com/chrisfarms/nixos-shell ). Yet another possibility -
expose veth name as configurable container parameter (break abstraction).

2017-03-14 16:48 GMT+02:00 Thomas Hunger <tehun...@gmail.com>:

> Would it be possible to add an assert if there are any restrictions on the
> naming? I don't know enough about this to be of much help though.
>
> On 14 March 2017 at 06:01, Danylo Hlynskyi <abcz2.upr...@gmail.com> wrote:
>
>> Strange, I have lot's of containers with "-" and experience no problems.
>> But maybe you've exceeded by accident limit 13 symbols per container name?
>>
>> Also, last time I tried "veth" networking, I was struggling from
>> https://github.com/NixOS/nixpkgs/issues/16330. My container experience
>> was awful when I tried container renames. That's why I've already switched
>> to bridged networking
>>
>> ---
>>
>> BTW, I highly recommend patch to switch-to-configuration.pl
>> <https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b277f78ece1bb81b79b5651897e46a2bf#diff-0a057d6ff3f6f83f68b859178484f4fe>
>> from https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b2
>> 77f78ece1bb81b79b5651897e46a2bf
>>
>> It isn't clear from commit message, but it does the following: makes
>> declarative containers truly reloadable (when you change
>> container config, it activates new configuration for container). The
>> culprit is *it should be* default behavior, because of
>>
>> 1. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/
>> virtualisation/containers.nix#L225-L230
>> 2. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/
>> virtualisation/containers.nix#L676
>>
>> I'd like to PR this, but got no time to test properly other parts of
>> Nixos.
>>
>> 2017-03-14 4:42 GMT+02:00 Tomasz Czyż <tomasz.c...@gmail.com>:
>>
>>> Michael, Ian, thank you for your answers.
>>>
>>> Looks like my problem was with the container name. I tried bunch of
>>> different setups which didn't work and I discovered that when I'm using "-"
>>> in container name it doesn't work (I had impression that worked one or two
>>> times when I started machine from scratch, but most of the time didn't).
>>>
>>> After I removed "-" from the name, looks like private network is working
>>> (I can access private IP of container) so I don't need NAT actually.
>>>
>>> Tom
>>>
>>> 2017-03-13 23:54 GMT+00:00 Ian-Woo Kim <ianwoo...@gmail.com>:
>>>
>>>> I've recently made nixos-container port forwarding easier (both
>>>> imperative and declarative) and it's now merged into master.
>>>>
>>>> https://github.com/NixOS/nixpkgs/pull/20869
>>>>
>>>> Hope that this helps.
>>>>
>>>> Ian
>>>>
>>>> On Sun, Mar 12, 2017 at 7:52 PM, Michael Walker <m...@barrucadu.co.uk>
>>>> wrote:
>>>> > Tomasz,
>>>> >
>>>> > I have declarative container networking set up and working on a VPS,
>>>> > but I wrote most of the configuration as I was learning things, so it
>>>> > may not be the best way.
>>>> >
>>>> > Here's the configuration.nix for the VPS:
>>>> > https://github.com/barrucadu/nixfiles/blob/master/hosts/innsmouth.nix
>>>> > Each container has a config file here:
>>>> > https://github.com/barrucadu/nixfiles/tree/master/containers
>>>> >
>>>> > Containers have ports forwarded to them via NAT; each container is
>>>> > running a web server on port 80 with the host reverse-proxying via
>>>> > nginx; the host also does https and letsencrypt for all the proxied
>>>> > containers.
>>>> >
>>>> > At the top of the innsmouth.nix file, I have a "containerSpecs" record
>>>> > which has all the details for each container. The relevant bits of the
>>>> > config are:
>>>> >
>>>> > 1. Set up the networking and NAT:
>>>>

Re: [Nix-dev] nixos-container networking

[Danylo Hlynskyi]

Strange, I have lot's of containers with "-" and experience no problems.
But maybe you've exceeded by accident limit 13 symbols per container name?

Also, last time I tried "veth" networking, I was struggling from
https://github.com/NixOS/nixpkgs/issues/16330. My container experience was
awful when I tried container renames. That's why I've already switched to
bridged networking

---

BTW, I highly recommend patch to switch-to-configuration.pl

from
https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b277f78ece1bb81b79b5651897e46a2bf

It isn't clear from commit message, but it does the following: makes
declarative containers truly reloadable (when you change
container config, it activates new configuration for container). The
culprit is *it should be* default behavior, because of

1.
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/containers.nix#L225-L230
2.
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/containers.nix#L676

I'd like to PR this, but got no time to test properly other parts of Nixos.

2017-03-14 4:42 GMT+02:00 Tomasz Czyż :

> Michael, Ian, thank you for your answers.
>
> Looks like my problem was with the container name. I tried bunch of
> different setups which didn't work and I discovered that when I'm using "-"
> in container name it doesn't work (I had impression that worked one or two
> times when I started machine from scratch, but most of the time didn't).
>
> After I removed "-" from the name, looks like private network is working
> (I can access private IP of container) so I don't need NAT actually.
>
> Tom
>
> 2017-03-13 23:54 GMT+00:00 Ian-Woo Kim :
>
>> I've recently made nixos-container port forwarding easier (both
>> imperative and declarative) and it's now merged into master.
>>
>> https://github.com/NixOS/nixpkgs/pull/20869
>>
>> Hope that this helps.
>>
>> Ian
>>
>> On Sun, Mar 12, 2017 at 7:52 PM, Michael Walker 
>> wrote:
>> > Tomasz,
>> >
>> > I have declarative container networking set up and working on a VPS,
>> > but I wrote most of the configuration as I was learning things, so it
>> > may not be the best way.
>> >
>> > Here's the configuration.nix for the VPS:
>> > https://github.com/barrucadu/nixfiles/blob/master/hosts/innsmouth.nix
>> > Each container has a config file here:
>> > https://github.com/barrucadu/nixfiles/tree/master/containers
>> >
>> > Containers have ports forwarded to them via NAT; each container is
>> > running a web server on port 80 with the host reverse-proxying via
>> > nginx; the host also does https and letsencrypt for all the proxied
>> > containers.
>> >
>> > At the top of the innsmouth.nix file, I have a "containerSpecs" record
>> > which has all the details for each container. The relevant bits of the
>> > config are:
>> >
>> > 1. Set up the networking and NAT:
>> >
>> > networking.nat.enable = true;
>> > networking.nat.internalInterfaces = ["ve-+"];
>> > networking.nat.externalInterface = "enp0s4";
>> >
>> > 2. Forward ports to containers:
>> >
>> > networking.nat.forwardPorts = concatMap
>> > ( {num, ports, ...}:
>> > map (p: { sourcePort = p; destination =
>> > "192.168.255.${toString num}:${toString p}"; }) ports
>> > ) containerSpecs';
>> >
>> > 3. Define all the containers:
>> >
>> > containers = mapAttrs
>> > (_: {num, config, ...}:
>> > { autoStart = true
>> > ; privateNetwork = true
>> > ; hostAddress = "192.168.254.${toString num}"
>> > ; localAddress = "192.168.255.${toString num}"
>> > ; config = config
>> > ; }
>> > ) containerSpecs;
>> >
>> > 4. Reverse-proxy HTTPS to HTTP in each container, manage letsencrypt
>> > certificates, and forward HTTP to HTTPS.
>> >
>> > This is a little complex as I have a fairly custom nginx config (see
>> > the services/nginx.nix file in the repository), but the
>> > reverse-proxying is fairly straightfoward. Here is the generated
>> > nginx.conf: https://misc.barrucadu.co.uk/nginx.txt
>> >
>> > On 13 March 2017 at 02:12, Tomasz Czyż  wrote:
>> >> Hey,
>> >>
>> >> could anyone using nixos-container (declarative style) share how you
>> setup
>> >> networking?
>> >>
>> >> I'm trying to setup few containers with private network and http proxy
>> at
>> >> the front. Each container potentially could run application on port 80
>> and I
>> >> would like to expose them through proxy.
>> >>
>> >> I tried to set this up with
>> >>
>> >> privateNetwork=true;
>> >> hostAddress
>> >> localAddress
>> >>
>> >> and I tried to also run nat on the host with (just to enable outbound
>> >> traffic)
>> >> internalInterfaces = ["ve-+"];
>> >> externalInterfaces = "eth0";
>> >>
>> >> but no luck.
>> >> My next try will be creating bridge on the host and add containers 

Re: [Nix-dev] importing nixpkgs from derivation dumps large path

[Danylo Hlynskyi]

as a workaround you can use fetchFromGitHub or

fetchTarball "https://github.com/NixOS/nixpkgs/archive/${commit}.tar.gz;



2017-03-02 9:01 GMT+02:00 Ganesh Sittampalam :

> Hi,
>
> I'm trying to maintain a set of development environments using
> nix-shell. For each environment, I want to keep them pinned at a
> particular git revision of nixpkgs until I explicitly upgrade that
> environment, so I can check that everything still works properly.
>
> I used to manage this manually with a comment on myEnvFun environments.
> While migrating them to nix-shell, I learnt that I can use "import from
> derivation" for this instead and have it expressed within the nix language:
>
>  {
>env =
>  let pkgs =
>   import
>  (with import  {} ;
>   fetchgit {
> url = ;
> rev = "264d42b";
> sha256 =
>  "19i77afcns8mf88vkxvm3jvkzdkf5x8p8kxnnivhd9l4kslkq3v5";
>   }) {};
>
>  in with pkgs ; stdenv.mkDerivation rec {
>  name = "haskell-http-ghc710";
>  buildInputs = [ stdenv pkgconfig gcc binutils
>  haskell.compiler.ghc7102
>  haskellPackages.cabal-install
>  zlib ];
>  };
>  }
>
> When I instantiate this, e.g. with
>
>  nix-instantiate -I nixpkgs= demo.nix -A env
>
> it takes about 5-10s and prints out this message, though it does complete:
>
> warning: dumping very large path (> 256 MiB); this may run out of memory
>
> I'm aware that this error is typically associated with trying to import
> large files or large trees into the store:
>
> https://github.com/NixOS/nix/issues/358
> https://github.com/NixOS/nixpkgs/issues/12243
>
> I guess that in this case the large tree is the import of the nixpkgs
> tree. Is there any work around or better way to achieve what I want? The
> time taken is annoying particularly because I have a lot of these shells
> that I sometimes want to rebuild all together.
>
> Cheers,
>
> Ganesh
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] newbie question nix private package

[Danylo Hlynskyi]

self = {

tango = callPackage ./development/libraries/tango {};

pytango = pythonPackages.pytango {};
   };


Key insight here is: pythonPackages.pytango is a derivation, not a function.

2017-02-23 15:49 GMT+02:00 Sébastien Petitdemange <
sebastien.petitdema...@esrf.fr>:

> Hello,
>
> I tried to create a set of private nix packages following this example
> (https://gist.github.com/benley/4d7f01805e60b39c2556).
>
> Unfortunately, when I try to build the only package I have, nix build
> give me an error:
>
>  nix-build  --show-trace ~/local/bcupkgs -A pytango
> error: attempt to call something which is not a function but a set, at
> ~/local/bcupkgs/default.nix:21:12
>
> I pretty sure that I wrote something stupid but I can find where.
>
> Is there someone who can help me with this?
>
> Kinds regards,
>
> SEB
>
>
> My private packages look like this:
>
>
> ├── default.nix
> ├── development
> │   └── python-modules
> │   └── pytango
> │   ├── default.nix
> │   └── setup.patch
> └── python_packages.nix
>
>
> with default.nix:
>
> { system ? builtins.currentSystem}:
>
> let
>pkgs = import  { inherit system; };
>callPackage = pkgs.lib.callPackageWith (pkgs // self);
>
>python27Packages = pkgs.recurseIntoAttrs (
>   callPackage ./python_packages.nix {
> python = pkgs.python27;
> self = combinedPython27Packages;
>   });
>
>pythonPackages = python27Packages;
>
>combinedPython27Packages = pkgs.python27Packages // python27Packages;
>
> self = {
>
> tango = callPackage ./development/libraries/tango {};
>
> pytango = pythonPackages.pytango {};
>};
>in self
>
>
> with pytango/default.nix
>
> { stdenv, fetchurl, pkgconfig, python, buildPythonPackage, boost, numpy,
> omniorb, zeromq }:
>
> let version = "9.2.0b"; in
>
> buildPythonPackage rec {
>   name = "pytango-${version}";
>
>   src = fetchurl {
> url = "https://github.com/tango-cs/pytango/archive/v${version}.tar.gz
> ";
> sha256 = "01wnb9bxszw2pr7jcxcbjdds4y4w7q8cx8ibj73lj6dbjl3ai116";
>   };
>
>   BOOST_ROOT = "";
>
>   patches = [
>   ./setup.patch
>   ];
>
>   buildInputs = [ pkgconfig boost python omniorb zeromq ];
>
>   propagatedBuildInputs = [ numpy ];
>
>   buildFlags = "BOOST_LIB=boost_python";
>
>   #postInstall = ''
>   #patchelf --set-rpath "${zeromq}/lib:${omniorb}/lib:$(patchelf
> --print-rpath $out/lib/python2.7/site-packages/PyTango/_PyTango.so)"
> $out/lib/python2.7/site-packages/PyTango/_PyTango.so
>   #'';
>
>   meta = with stdenv.lib; {
> description = "Python bindings for Tango Control System";
> homepage =
> http://www.esrf.eu/computing/cs/tango/tango_doc/kernel_doc/
> pytango/latest/index.html;
> license = licenses.lgpl3;
> maintainers = [ ];
> platforms = platforms.linux;
>   };
> }
>
> and with the python_packages.nix:
>
> { pkgs, stdenv, python, python27Packages, self }:
>
> with pkgs.lib;
> with {
>  inherit (python27Packages) isPyPy isPy33;
> };
>
> let
> buildPythonPackage = python27Packages.buildPythonPackage;
> callPackage = pkgs.lib.callPackageWith (pkgs // self);
>
> in rec {
> modules = python.modules;
>
> setupPyBaseBuildFlags = ["--build-base=$out"];
>
>
> pytango = callPackage ./development/python-modules/pytango { };
> }
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] How to ensure that a directory exists via configuration.nix

[Danylo Hlynskyi]

There exists also a systemd.tmpfiles.rules option. (which doesn't trigger
on system activation, howewer, only on boot)

I had problems with creating folders in activation scripts on mounted
disks, can't say any concrete for now, just experience.

2017-02-10 18:14 GMT+02:00 Mark Gardner :

>
>
> On Fri, Feb 10, 2017 at 11:11 AM, David Izquierdo 
> wrote:
>
>> Is there any reason not to use `mkdir -p`, to spare yourself the if?
>
>
> ​Didn't think of it...? :-)
>
> Mark
> --
> Mark Gardner
> --
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Is it possible to limit nix access to sudoers and/or a group?

[Danylo Hlynskyi]

Oh, I had in mind https://github.com/NixOS/nix/issues/8

I do Nix builds of some private packages. The source for builds is fetched
 from private repo, ofc. But nix store is a public place, and my private
sources become public.

2017-01-20 13:46 GMT+02:00 Profpatsch <m...@profpatsch.de>:

> On 17-01-20 10:59am, Danylo Hlynskyi wrote:
> > Nix design doesn't support quotas on filled store per-user, and let's not
> > forget #8.
>
> https://github.com/NixOS/nixpkgs/pull/8 ?
>
> That looks unrelated.
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Is it possible to limit nix access to sudoers and/or a group?

[Danylo Hlynskyi]

Nix design doesn't support quotas on filled store per-user, and let's not
forget #8.

2017-01-20 5:36 GMT+02:00 Tomasz Czyż :

> It's probably against nix design but let's try.
>
> Just an idea (haven't tried yet). Install nix as NIXUSER (without the
> deamon, just nix to run builds). Other users can access paths, build by nix
> from /nix/store but they won't access nix as it belongs to NIXUSER.
>
> But they probably can access nix at any point at this stage (or maybe they
> need sudo to be added to a group, not sure).
>
>
>
>
> 2017-01-20 2:15 GMT+00:00 Mateusz Czaplinski :
>
>> I'd like to build a system where regular users cannot access nix
>> commands, daemon, etc. Ideally, only users belonging to a particular
>> group could access those. (Probably worse solution, but still
>> acceptable, if this was limited to sudoers only.)
>>
>> Is it possible? If yes, how to do that on NixOS?
>>
>> Thanks & Best Regards,
>> /Mateusz.
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
>
>
> --
> Tomasz Czyż
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Various NetworkManager (and KDE) problems

[Danylo Hlynskyi]

  Though, there is a workaround (thanks to  Arch users!):
   # export $(dbus-launch)
 
  I don't know why, but it solves problems  with NetworkManagement applet
  and ocular (yes, ocular cannot open  documents without this hack). How
  can I add this command at system startup  or maybe it is a bug and will
  be fixed soon?
 
 It all looks like some dbus problem. Is it even  started alright (dbus
 service in configuration.nix)?

Yes, dbus was not listed in services. But adding it didn't help. Errors 
still exist.
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev

Re: [Nix-dev] Various NetworkManager (and KDE) problems

[Danylo Hlynskyi]

1. Could you link to your configuration.nix please? Maybe you have some 
additional services enabled, like dbus pointed above.

2. Problem is not only with applet. As I mentioned, `okular` fails to 
open documents, and this hack helps.

On 06.08.13 20:28, Domen Kožar wrote:
 1. NetworkManager starts fine for me on xfce and I know people tried 
 and succeeded without DE. You could experiment what really makes it 
 crash (maybe using kde?)

 2. We have kde applet? I'd suggest using networkmanagerapplet (gtk one)


 On Tue, Aug 6, 2013 at 10:56 PM, Danylo Hlynskyi 
 abcz2.upr...@gmail.com mailto:abcz2.upr...@gmail.com wrote:

   Though, there is a workaround (thanks to  Arch users!):
# export $(dbus-launch)
  
   I don't know why, but it solves problems  with
 NetworkManagement applet
   and ocular (yes, ocular cannot open  documents without this
 hack). How
   can I add this command at system startup  or maybe it is a bug
 and will
   be fixed soon?
  
  It all looks like some dbus problem. Is it even  started alright
 (dbus
  service in configuration.nix)?

 Yes, dbus was not listed in services. But adding it didn't help.
 Errors
 still exist.
 ___
 nix-dev mailing list
 nix-dev@lists.science.uu.nl mailto:nix-dev@lists.science.uu.nl
 http://lists.science.uu.nl/mailman/listinfo/nix-dev




 ___
 nix-dev mailing list
 nix-dev@lists.science.uu.nl
 http://lists.science.uu.nl/mailman/listinfo/nix-dev

___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev