Re: [Nix-dev] nix-daemon and private git repos

2017-07-03 Thread Tomasz Czyż
You don't need to know the user itself I think, you could share it with
nixbld group (probably).
Also, I think this way recommends to use ssh-agent as far as I remember
looking at that (but could changed).

What I did for one project was:

 337   fetchgitPrivate = (args: derivation ((nixpkgs.fetchgit
> args).drvAttrs // {
>  338 # This function is wrapper around nix fetch git function
> to use SSH key.
>  339 # It can be useful when fetching from private
> repositories.
>  340 #
>
>  341 # Original function is in
> https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/fetchgit/default.nix
>  342 #
>
>  343 GIT_SSH = rr.lib.writeShellScript "git-ssh" ''#!
> ${nixpkgs.bash}/bin/bash -eu
>  344   if ! [[ -r '${repositories-ssh-private-key-path}'
> ]];then
>  345 echo "ERROR:" >&2
>
>  346 echo "ERROR:" >&2
>
>  347 echo "ERROR: ssh key
> '${repositories-ssh-private-key-path}' is not readable by build user
> ($(id))" >&2
>  348 echo "ERROR:" >&2
>
>  349 echo "ERROR:" >&2
>
>  350 exit 5
>
>  351   fi
>
>  352   exec ${nixpkgs.openssh}/bin/ssh -o
> StrictHostKeyChecking=no -i '${repositories-ssh-private-key-path}' "$@"
>  353 '';

But probably is way better to go with agent.

2017-07-03 14:19 GMT+01:00 Harmen <har...@lijzij.de>:

> Hi all,
>
> I'm struggling to get fetchgitPrivate to work on nix-daemon installation
> (no
> NixOS, these are Ubuntu machines with nix).
> I can make it work on my dev machine, with is a non-daemon install, by
> setting
>
> NIX_PATH=ssh-config-file=/my/ssh/config:$NIX_PATH
>
> But that doesn't work in sandboxed daemon mode, because the nixbld* users
> can't
> read that file (both because of access rights, and because of the sandbox).
>
> Nix has this warning in fetchgitPrivate:
> > Note that the config file and any keys it points to must be readable
> > by the build user, which depending on your nix configuration means
> making it
> > readable by the build-users-group, the user of the running nix-daemon,
> or the
> > user calling the nix command which started the build. Similarly, if
> using an
> > ssh agent ssh-auth-sock must point to a socket the build user can access.
> > You may need StrictHostKeyChecking=no in the config file. Since ssh
> > will refuse to use a group-readable private key, if using build-users
> you will
> > likely want to use something like IdentityFile /some/directory/%u/key
> and have
> > a directory for each build user accessible to that user.
> from
> https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/fetchgit/
> private.nix
>
> which sounds reasonable, but it I don't see how to do that since I don't
> know
> exactly which user will run the build. Also because of the sandbox the
> build
> can't read the ssh config file at all.
>
>
> So next option is to generate the configfile in my expression, a-la
> https://www.mpscholten.de/nixos/2016/07/07/private-
> github-repositories-and-nixos.html
> but I don't know how to set nix.path from inside an expression. It would
> also
> require bundling the key with the expression, but if that works...
>
>
> I can't be the first to want to use fetchgitPrivate with a sandboxed
> nix-daemon. Any experiences or tips?
> Thanks!
> Harmen
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] okteta fix build

2017-06-27 Thread Tomasz Czyż
For me https://nixos.org/nixpkgs/manual/#chap-submitting-changes implies
that github must be used.

But on website http://nixos.org/nixos/community.html nix-dev mailing list
is mentioned as another way.

Would be nice to be more clear and specific how it works and who is
responsible for testing changes if they are not comming as PR, is there any
travis like pipeline etc.

2017-06-27 16:10 GMT+01:00 Shea Levy <s...@shealevy.com>:

> Mailing list is a perfectly appropriate place to send git patches that
> doesn't require membership with a proprietary service; You may not care
> about that (I personally don't), but there's no reason we can't
> accommodate those who do.
>
> Joachim Schiele <j...@lastlog.de> writes:
>
> > please provide your nice patches via a PR on github.com/nixos/nixpkgs to
> > 'master'
> >
> > if you are unsure about the workflow, please ask and we'll help you!
> > thanks for your work!
> >
> > On 25.06.2017 19:51, Karn Kallio wrote:
> >>
> >> The attached patch fixes the build of the Nixpkgs KDE application
> >> okteta by adding some missing dependencies.
> >>
> >>
> >>
> >> ___
> >> nix-dev mailing list
> >> nix-dev@lists.science.uu.nl
> >> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
> >>
> >
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] A nix pretty-printer and a trace function you can tell how deep it should go

2017-06-12 Thread Tomasz Czyż
nice, thank you

2017-06-12 16:33 GMT+01:00 Profpatsch <m...@profpatsch.de>:

> https://github.com/NixOS/nixpkgs/pull/26433
>
> Pretty Printing:
>
> nix-repl> lib.generators.toPretty {} { foo = [ 2 3 netcat-openbsd ]; bar =
> lib.id; x = {args, def ? 42}: args; }
> "{ \"bar\" = <λ>; \"foo\" = [ 2 3 <δ> ]; \"x\" = <λ:{args,(def)}>; }"
>
> nix-repl> lib.generators.toPretty {} (import )
> "<λ:{(config),(crossSystem),(localSystem),(overlays),(
> platform),(system)}>"
>
>
> Trace Folding:
>
> nix-repl> foo = { a = [ 1 [ 2 3 ] ]; b = { c.d.e = "yip yip"; }; }
>
> nix-repl> lib.traceValSeqN 10 foo
> trace: { "a" = [ 1 [ 2 3 ] ]; "b" = { "c" = { "d" = { "e" = "yip yip"; };
> }; }; }
> { a = [ ... ]; b = { ... }; }
>
> nix-repl> lib.traceValSeqN 3 foo
> trace: { "a" = [ 1 [ 2 3 ] ]; "b" = { "c" = { "d" = {…}; }; }; }
> { a = [ ... ]; b = { ... }; }
>
> nix-repl> lib.traceValSeqN 1 foo
> trace: { "a" = […]; "b" = {…}; }
> { a = [ ... ]; b = { ... }; }
>
> nix-repl> lib.traceValSeqN 0 foo
> trace: {…}
> { a = [ ... ]; b = { ... }; }
>
>
> https://twitter.com/Profpatsch/status/874127956884566016
>
> I hope this helps some people.
> Please review the code.
>
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Background images of desktop managers

2017-05-30 Thread Tomasz Czyż
Shouldn't the wallpaper be the user/session setting rather than system
setting?

Looks like kde, gnome, xfce way of doing this seems to be more natural,
user changes the wallpaper in his session.

Personally, I'm using awesome window manager and I use it with xfce session
so I have all other goodies that awesome is not offering. For all other
cases I think this should be implemented on the user space.

2017-05-30 9:25 GMT+01:00 zimbatm <zimb...@zimbatm.com>:

> Hi Maximilian,
>
> Welcome to the list :)
>
> Did you try setting `services.xserver.desktopManager.default = "none"`? I
> suspect that might do what you wanted. The "none" desktop manager doesn't
> do anything but should still apply the wallpaper regardless of the
> windowManager that you chose.
>
>
> On Sun, 28 May 2017, 08:53 Maximilian Bosch, <maximil...@mbosch.me> wrote:
>
>> Hey there,
>>
>> before I start with the actual topic I'd like to introduce myself as this
>> is the first time I submit something to the `nix-dev` mailing list: I'm
>> Maximilian Bosch from Munich, I work for the Mayflower GmbH and I started
>> using NixOS at the beginning of 2017 and submitted several PRs since then.
>>
>> Right now I'm working on the following thing: https://github.com/
>> NixOS/nixpkgs/pull/26156
>>
>> As the title says, I'd like to have some background image support for
>> window managers as well (XMonad in my case). Right now I solve this with
>> some ugly shell in the `sessionCommands` script, but I'd like to have a
>> more suitable solution for this.
>>
>> Right now you can set an internal option in the {desktop,window}Managers,
>> but `bgSupport` isn't available for the windowManagers (see
>> https://github.com/NixOS/nixpkgs/blob/master/nixos/
>> modules/services/x11/window-managers/default.nix,
>> https://github.com/NixOS/nixpkgs/blob/master/nixos/
>> modules/services/x11/desktop-managers/default.nix).
>>
>> I decided to change this, please refer to the linked PR for more details
>> there.
>>
>> Right now it works quite fine with `i3`, but when I tried to test it with
>> desktopManagers like `gnome3` or `xfce` (both of them have `bgSupport`
>> enabled ATM), I realized that they set their own background internally and
>> override the stuff declared by the `feh --bg-scale` call.
>>
>> Therefore I'd like to know: is there any specific reason I'm missing why
>> desktopManagers have this bgSupport thign? It works fine with some
>> windowManagers (not all of them, `awesome` overrides the background as
>> well), but it seems to break with the desktopManagers.
>>
>> And if that's just some legacy thing: can the bgSupport be removed from
>> the desktopManagers?
>>
>> Have a great sunday and thanks in advance,
>>
>> Maximilian Bosch
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Auto-generated expressions for applications

2017-05-30 Thread Tomasz Czyż
Current approach seems to be doing the job except notifying people when
dependency is updated. Previously we had monitor to do some similar stuff,
and I think vulnix can check that without much effort so I wouldn't worry
about having duplicated packages for apps.
I think focusing on improving CI process and security notifications process
is the way to go.

Probably we could set another process/job in hydra to check all apps for
security issues/updates. (I'm not sure if security team doesn't have that
already).

2017-05-30 10:17 GMT+01:00 Marc Weber <marco-owe...@gmx.de>:

> Let met try to sum up what I remember:
>
> - There 3+ solutions to update "sources" documented on the wiki
>   somewhere - ideas from comparing versions with other distributions up
>   to adding scrapers getting latest version from web sites if I recall
>   correctly
>
> - Putting automatically generated code into nixpkgs doesn't solve all
>   issues, for corner cases you have to duplicate dependencies using
>   different version constraints.
>
>   -> overhead
>
> - Its not always quite clear how stable the user wants to be
>   (gimp/inskscape) case, master sometimes has new features.
>
>   So which versions to support ?
>
> - Whatever we do, we don't solve anything for other distros (which
>   suffer the same problem), unless we switch point of view:
>
>   The solution would be a cross platform cross language dependency
>   management system allowing to declare dependencies in a file so that
>   you can even install from gihtub automatically.
>
>   systemPackages = [ (fromGithub "user/package" "HEAD") ] # sort rest out
> on your own, thanks
>
> package A could be working, package B could be working, but [A B] in the
> same environment not (because they both depend on executable C)
>
> After all we want nixpkgs to be at least stable enough to have broken
> packages marked as broken and expect everything else to at least
> compile/install.
>
> Which are the best short/middle/long term solutions ?
>
> Marc Weber
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] concatAttrs :: [attrSet] -> attrSet ?

2017-05-29 Thread Tomasz Czyż
https://github.com/NixOS/nixpkgs/blob/master/lib/attrsets.nix#L413 is also
handy

2017-05-29 13:36 GMT+01:00 Domen Kožar <do...@dev.si>:

> mkMerge can be used only with NixOS modules.
>
> I do remember some recursive merge function, but can't find it now.
>
> On Mon, May 29, 2017 at 2:29 PM, Volth <vo...@volth.com> wrote:
>
>> there is also lib.mkMerge to handle nested attrs
>>
>> On 5/29/17, Domen Kožar <do...@dev.si> wrote:
>> > Note that this will fail if you'll nest the attributes, one will
>> override
>> > the other.
>> >
>> > nix-repl> :p concatAttrs [ {x={a =3;};} {x={ b= 4;};} ]
>> > { x = { b = 4; }; }
>> >
>> >
>> > On Sun, May 28, 2017 at 5:23 PM, Sergiu Ivanov <siva...@colimite.fr>
>> wrote:
>> >
>> >> Hey Leo,
>> >>
>> >> Thus quoth  Leo Gaspard  at 13:05 on Sun, May 28 2017:
>> >> > On 05/28/2017 02:58 PM, Sergiu Ivanov wrote:
>> >> >> My use case is quite specific. I do this, approximately:
>> >> >>
>> >> >>   let func name = { "${name}" = something name; };
>> >> >>   in concatAttrs (map func [ "name1" "name2" ])
>> >> >
>> >> > If this is your use case, you could also be interested in `genAttrs`
>> >> > defined in `lib/attrsets.nix` ;)
>> >>
>> >> Excellent!  Worked like a charm, thanks a lot!  (After I realised I had
>> >> to use it like pkgs.lib.genAttrs in my context :-) )
>> >>
>> >> --
>> >> Sergiu
>> >>
>> >> ___
>> >> nix-dev mailing list
>> >> nix-dev@lists.science.uu.nl
>> >> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>> >>
>> >>
>> >
>>
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] ZFS configuration for 17.03

2017-05-26 Thread Tomasz Czyż
Evan, I found zfs config pretty straight forward.

I just added
supportedFilesystems = ["zfs"];
and configured particular partitions as ZFS so they are mounted during boot.

What exactly you want to know?


2017-05-26 21:11 GMT+01:00 Evan Rowley <rowley.e...@gmail.com>:

> I have seen some guides from 2014 and 2015 but these are pre-17.03. Are
> there any recent configurations guides, configuration.nix, or basic
> pointers for setting this up for a new system?
>
> --
>  - EJR
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to build all of nixpkgs?

2017-05-22 Thread Tomasz Czyż
Look there, that's how all packages are build by CI:
http://hydra.nixos.org/jobset/nixpkgs/trunk#tabs-configuration
It uses pkgs/top-level/release.nix to build all of that.
Also it passes nixpkgs. So maybe you need to do something like

nix-build -I nixpkgs=path-to-your-nixpkgs pkgs/top-level/release.nix (and
eventually pass other options like officialRelease etc)

2017-05-22 16:18 GMT+01:00 Bjørn Forsman <bjorn.fors...@gmail.com>:

> On 21 May 2017 at 19:26, Tomasz Czyż <tomasz.c...@gmail.com> wrote:
> > check release.nix (release-*.nix)
>
> I've tried to look at some of those. For instance,
> ./pkgs/top-level/release{,-small}.nix, and
> ./nixos/release-{small,combined}.nix. But I don't seem to get them
> working like I want with 'nix-build'.
>
> Examples:
>
> 1. "nix-build ./pkgs/top-level/release-small.nix" doesn't build any of
> the packages, it only builds channel, manual, isos and a bunch of VM
> tests. It seems to be because the attributes of the 'nixpkgs'
> attribute in that top-level expression does not contain direct
> derivations as sub-attributes but rather the derivations are one level
> further down, in an 'arch' attribute. Like mypkg.x86_64-linux instead
> of just mypkg. I tried adding 'recurseIntoAttrs', but it didn't help.
>
> 2. "nix-build ./pkgs/top-level/release.nix" gives "error: value is a
> set while a Boolean was expected". AFAICT, the expression has sensible
> default arguments. I don't know where it fails and --show-trace
> doesn't show any trace. So I'm stuck there.
>
> 3. "nix-build ./nixos/release-combined.nix" (and the -small variant)
> doesn't build any packages from the 'nixpkgs' set because it doesn't
> contain (direct) derivations. Same problem as (1).
>
> So is Hydra doing some magic with these expressions? Is it possible to
> build "world" with a simple "nix-build"?
>
> Best regards,
> Bjørn Forsman
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to build all of nixpkgs?

2017-05-21 Thread Tomasz Czyż
check release.nix (release-*.nix)

2017-05-21 16:49 GMT+01:00 Bjørn Forsman <bjorn.fors...@gmail.com>:

> Hi all Nix users,
>
> I'd like to build all of nixpkgs. Or as much as possible.
>
> What I've tried:
>
> 8<
> $ nix-build --keep-going
> error: Package ‘Agda-Sheaves-8a06162a8f0f7df308458db91d720cf8f7345d69’
> in ‘/home/bfo/proj/code/forks/nixpkgs/pkgs/development/
> libraries/agda/Agda-Sheaves/default.nix:18’
> is marked as broken, refusing to evaluate.
>
> a) For `nixos-rebuild` you can set
>   { nixpkgs.config.allowBroken = true; }
> in configuration.nix to override this.
>
> b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you
> can add
>   { allowBroken = true; }
> to ~/.config/nixpkgs/config.nix.
>
> $ NIXPKGS_ALLOW_BROKEN=1 nix-build --keep-going
> error: assertion failed at
> /home/bfo/proj/code/forks/nixpkgs/pkgs/top-level/all-packages.nix:6164:19
> >8
>
> So no success.
>
> Any suggestions?
>
> Best regards,
> Bjørn Forsman
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] why has each revision / generation not a own configuration.nix

2017-05-12 Thread Tomasz Czyż
https://nixos.org/nixos/options.html#configuration+copy

2017-05-12 22:57 GMT+01:00 Stefan Huchler <stefan.huch...@mail.de>:

> Hi,
>
> I find it always strange, that when I revert back or boot a older
> version of nixos, the configuration file has no version that reflected
> that version. So I have to seperatly have to backup the
> configuration.nix file.
>
> Could there not be at least a backup of the config used in that
> generation somewhere (or is there somewhere one) when you build a
> generation?
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS and nix 1.12

2017-05-09 Thread Tomasz Czyż
Actually, wouldn't be great if we transfer that functions over a time
rather than doing big bang?

I was thinking recently that probably simple bash wrapper aggregating
various commands under common executable would be good start. In that case
we can then replace functions one by one with new implementation or
reogranize it. What do you think?

2017-05-09 10:39 GMT+01:00 Sergey Mironov <grr...@gmail.com>:

> Where can I read more about new features of nix-1.12 ?
>
> Regards,
> Sergey
>
> 2017-04-25 11:26 GMT+03:00 zimbatm <zimb...@zimbatm.com>:
> > At some point but there is no timeline yet. We don't even have a list of
> > regressions to fix before release yet.
> >
> >
> > On Thu, 13 Apr 2017, 15:12 Volth, <vo...@volth.com> wrote:
> >>
> >> Hi
> >>
> >> Is nix-1.12 going to replace traditional nix command line utilities on
> >> NixOS ?
> >> If yes, when it is going to happen, approximately?
> >> With NixOS-17.09, 18.03 or later?
> >> ___
> >> nix-dev mailing list
> >> nix-dev@lists.science.uu.nl
> >> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
> >
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > https://mailman.science.uu.nl/mailman/listinfo/nix-dev
> >
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] github triggered builds

2017-05-08 Thread Tomasz Czyż
https://nixos.org/hydra/

and

https://github.com/hercules-ci/hercules ( looks like still in heavy
development but maybe usable :))

2017-05-08 18:14 GMT+01:00 Harmen <har...@lijzij.de>:

> Hi,
>
> I'm trying to see how I can make my build processes easier with nix. So far
> it's going pretty good and it's fun, although there was a lot of searching
> online for scattered documents.
>
> Want I want to do (as the first thing to change to nix in production) is to
> port the building of some docker images I use for testing. The idea is to
> have docker images build, tagged with their branch they come from, when
> someone
> pushes something. The building and pushing an sich work. The .nix files
> live in
> the repo, and with a `make docker` the image is build and uploaded. I'm
> very
> happy to be able to build docker images without actually having to use
> docker
> ;)
>
> So, what would be the recommended way to trigger the building process? I'm
> currently using drone.io, but that works with containers. It works with
> nix,
> when I give it the nixos/nix docker image, but building a node project
> takes
> about 5 minutes, and drags in way too much from cache.nixos.org. I tried
> to
> have it make a local nix binary-cache, but there are some problems there,
> but
> drone also just doesn't fit the problem nicely.  Nix solves the problem of
> versioning so much nicer than containers that I would prefer to use
> something
> simpler. Hydra could work, but I'm a bit intimidated by that, and would
> like to
> have something simpler for now.
>
> The LT;DR: question: is there a simple nix based build system which can be
> triggered via git{hub,lab} hooks?
>
>
> Thanks!
> Harmen
> (If there is a better place to ask this, let me know)
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> https://mailman.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
https://mailman.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] [Help] Accidentally removed configuration.nix

2017-04-06 Thread Tomasz Czyż
As it's read by nix, I assume it would be somewhere in nix store, but I did
quick look and didn't find (but might be there, nexted somewhere)

2017-04-06 15:12 GMT+01:00 <ni...@vince.lol>:

> Hi all,
>
> I acidentally removed my /etc/nixos/configuration.nix is there any way I
> can get it back?
>
> Sincerely,
> Vince
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Chromium extensions

2017-04-04 Thread Tomasz Czyż
Works for me.

What version of nix/nixos do you use?

2017-04-04 8:42 GMT+01:00 Judson Lester <nya...@gmail.com>:

> I've found that every time I update Chromium, all my extensions get ...
> lost? Their icons become puzzle pieces, and their behavior is erratic. Is
> there a fix for this, or an easy way to reinstall them all?
>
> Judson
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nix init system

2017-04-03 Thread Tomasz Czyż
I was almost convinced by that message but I think there was not enough f
word (but almost!). I think it would be a + when you attach your scream as
mp3 or something (just more interactive!)

Actually, I'm little disapointed that only few kind of curses were there, I
think you didn't put too much effort into that email. Not enough
non-substantive
arguments as well; hate is directed to dead things, make it personal! You
can blame me if this will help you :-) Use all the power, memes and tweets!
Use curses to encourage volontiers to do the work! That's how you do it.

PS. Please send me details to your Personal Communication coach, looks like
I need that as well.

(please) - at the end is really sweet :-)



btw, https://youtu.be/CT6Mn8UZqnY?t=3m50s - tomorrow Ulrich has
presentation about immutable infrastructures on NixOS Dublin if anyone
interested :-)

2017-04-03 16:24 GMT+01:00 Graham Christensen <gra...@grahamc.com>:

> NixOS is 14 years old and has used systemd for about five years.
>
> On Mon, Apr 3, 2017 at 11:22 AM Luescher Claude <starg...@tango.lu> wrote:
>
>> On 2017-04-03 16:20, Profpatsch wrote:
>> > On 17-04-03 11:14am, Luescher Claude wrote:
>> >> Hello,
>> >
>> > Guess what?
>> >
>> > NOBODY CARES.
>> >
>> > Keep your hate.
>> > Go back to the hole you came from.
>>
>> No I won't keep my hate because if everybody does nothing will happen
>> towards eliminating the cancer from the linux community what malware(d)
>> is.
>>
>> I hope you all realize that this whole system(d) pottering scheme is
>> putting the worse NSA funded malware backdoor into linux.
>>
>> System(d) taking away the control from users, sysadmins and hackers and
>> giving it all to Redhat & associates.
>>
>> Your project is still just couple of months old so removing systemd
>> should happen now at early stages!
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS 17.03 'Gorilla' Released

2017-03-31 Thread Tomasz Czyż
Robin, thank you for your work on this release!

2017-03-31 15:29 GMT+01:00 Robin Gloster <ro...@loc-com.de>:

> Dear community,
>
> I'm proud to announce the 7th NixOS stable release 17.03 named
> "Gorilla".
>
> With over 12479 (last release: 13283) commits from 625 (last release
> 554) contributors the release brings a few highlights:
>
> * Nixpkgs is now extensible through overlays. See the Nixpkgs manual for
>   more information.
>
> * This release is based on Glibc 2.25, GCC 5.4.0 and systemd 232. The
>   default Linux kernel is 4.9 and Nix is at 1.11.8.
>
> * The default desktop environment now is KDE's Plasma 5. KDE 4 has been
>   removed
>
> * The setuid wrapper functionality now supports setting capabilities.
>
> * X.org server uses branch 1.19. Due to ABI incompatibilities,
>   ati_unfree keeps forcing 1.17 and amdgpu-pro starts forcing 1.18.
>
> * Cross compilation has been rewritten. See the nixpkgs manual for
>   details. The most obvious breaking change is that in derivations there
>   is no .nativeDrv nor .crossDrv and are now cross by default, not
>   native.
>
> * The overridePackages function has been rewritten to be replaced by
>   overlays
>
> * Packages in nixpkgs can be marked as insecure through listed
>   vulnerabilities. See the Nixpkgs manual for more information.
>
> There are two open issues currently:
>  * gdm crashes on some hardware, using slim to start gnome works, see
> the github issue for more information:
>https://github.com/NixOS/nixpkgs/issues/24172
>  * Firefox e10s tabs crash, see the github issue for more information:
>https://github.com/NixOS/nixpkgs/issues/24295
>
> See release notes for more information about major changes and updates
> at http://nixos.org/nixos/manual/release-notes.html#sec-release-17.03
>
> ISO and VirtualBox images can be downloaded from:
> http://nixos.org/nixos/download.html
> (Azure BLOBs and EC2 AMIs will follow)
>
> The NixOS manual is at http://nixos.org/nixos/manual/
>
> A fresh installation can be done by following "Installation chapter" in
> the manual:
>
> http://nixos.org/nixos/manual/index.html#sec-installation
>
> Upgrading existing NixOS installations:
>
> $ nix-channel --add https://nixos.org/channels/nixos-17.03 nixos
> $ nixos-rebuild switch --upgrade
>
> Please report issues to our bug tracker:
> https://github.com/NixOS/nixpkgs/issues
>
> The most active contributors for this release were:
> 621 commits: Frederik Rietdijk
> 498 commits: Franz Pletz
> 379 commits: Vladimír Čunát
> 377 commits: Thomas Tuegel
> 324 commits: Joachim Fasting
>
> And of course the regular thank you to Eelco Dolstra for his tireless
> work on NixOS, Nix and all the projects around that. I'd like to thank
> Domen Kožar for his help on getting this release out smoothly and his
> regular work on NixOS, the security team for taking a lot of workload
> off the release manager by always making sure to keep our systems and
> packages secure and also Mayflower for allowing me to work on NixOS a
> lot in working hours.
>
> Also I'd like to start a discussion if we want to start rotating the
> release manager for every release or maybe have two release managers
> each rotating after two releases, so you always have one who has
> managed one release. Any opinions? I'm not opposed to doing it again
> but it needs quite some time I could also spend on other work.
>
> PS: Note that according to our new policy, 16.09 is still supported one
> month by our security team until the end of April.
>
> Cheers,
> Robin
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] [RFC 004] Add Replace Unicode Quotes draft

2017-03-31 Thread Tomasz Czyż
2017-03-29 12:33 GMT+01:00 Profpatsch <m...@profpatsch.de>:

> On 17-03-28 10:03pm, zimbatm wrote:
> > Hi everyone,
> >
> > RFC 004 is now ready for wider reviews if you care to take a look:
> >
> > https://github.com/NixOS/rfcs/pull/4
>
> For posterity, the responses are exactly
> the kind of bikeshedding I feared would come out of RFCs.
>
> But maybe it is for the best?
> I don’t know.
>
I think it's valuable, right now some of the decisions are hidden and some
of them must be rediscovered. With RFC, when someone asks about certain
thing, you can says, "hey, you have RFC, read it, that's why" - you have
track of all discussion in one place rather.
Alternative is to have discussions distributed over github issues, mailing
list and irc channel, IMHO RFC is very good decision log.

>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOps on VServer (update)

2017-03-27 Thread Tomasz Czyż
Usually you have the layout like

disk
disk/partition1
disk/partition2

so you install grub on disk (/dev/sda, /dev/xvda) or something like that
(generally block device with partition table I think).
New grub also requires boot partition I think (but not 100% sure).

There are other methods how you can install grub or other boot loader, for
example gummibot. Now I think it's more general issue, not nixos specific
so maybe you can get infro from other sources.

I, in my setups, use that layout, block device + boot partition + other
partition

2017-03-28 0:55 GMT+01:00 <m...@thought2.de>:

> nice, this got me a step further. Now I face this however:
>
> network> closures copied successfully
> webserver> updating GRUB 2 menu...
> webserver> installing the GRUB 2 boot loader on /dev/disk/by-uuid/49dd2ea0-
> e795-4b57-b45a-0649794a804d...
> webserver> Installing for i386-pc platform.
> webserver> /nix/store/wvmch6hwsz5ls592c1qcjk0qcb8w8a
> jh-grub-2.x-2015-11-16/sbin/grub-install: warning: File system `ext2'
> doesn't support embedding.
> webserver> /nix/store/wvmch6hwsz5ls592c1qcjk0qcb8w8a
> jh-grub-2.x-2015-11-16/sbin/grub-install: warning: Embedding is not
> possible.  GRUB can only be installed in this setup by using blocklists.
> However, blocklists are UNRELIABLE and their use is discouraged..
> webserver> /nix/store/wvmch6hwsz5ls592c1qcjk0qcb8w8a
> jh-grub-2.x-2015-11-16/sbin/grub-install: error: will not proceed with
> blocklists.
> webserver> /nix/store/ivy5afbs8xrqm71xdqsll7z4kv37llh2-install-grub.pl:
> installation of GRUB on /dev/disk/by-uuid/49dd2ea0-e795-4b57-b45a-0649794a804d
> failed
> webserver> error: unable to activate new configuration
> error: activation of 1 of 1 machines failed (namely on ‘webserver’)
>
>
> I  just added the following copied from the remote hardware config to the
> deploy cfg:
>
>
>   fileSystems."/" =
> { fsType = "ext4";
>   device = "/dev/disk/by-uuid/49dd2ea0-e795-4b57-b45a-0649794a804d";
> };
>
>   boot.loader.grub.devices = ["/dev/disk/by-uuid/49dd2ea0-
> e795-4b57-b45a-0649794a804d"];
>
> There's only one partition remote, is this maybe wrong? I mean should I
> either provide a separate boot partition or have the one of another type?
>
> thanks a lot for the hints!
>
>
>
>
>
> On 28.03.2017 01:34, Tomasz Czyż wrote:
>
> You are missing few required parts in your configuration.
>
> If you are deploying to the VM installed from CD or somethign like that
> you should get that in /etc/nixos/hardware-configuration.nix (or you can
> generate that with some command). There are settings about filesystems and
> boot options. Copy that to your config (or just put in "import" section).
>
> 2017-03-28 0:21 GMT+01:00 <m...@thought2.de>:
>
>> Here are more details to my previous message:
>>
>> I'm getting the following error, when deploying this
>> (http://lpaste.net/353990) config to a remote nix machine:
>>
>> nixops deploy -d network
>> building all machine configurations...
>> error:
>> Failed assertions:
>> - The ‘fileSystems’ option does not specify your root file system.
>> - You must set the option ‘boot.loader.grub.devices’ or
>> 'boot.loader.grub.mirroredBoots' to make the system bootable.
>> (use ‘--show-trace’ to show detailed location information)
>> error: unable to build all machine configurations
>>
>> Does anybody have an idea how to fix this?
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
>
>
> --
> Tomasz Czyż
>
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOps on VServer (update)

2017-03-27 Thread Tomasz Czyż
You are missing few required parts in your configuration.

If you are deploying to the VM installed from CD or somethign like that you
should get that in /etc/nixos/hardware-configuration.nix (or you can
generate that with some command). There are settings about filesystems and
boot options. Copy that to your config (or just put in "import" section).

2017-03-28 0:21 GMT+01:00 <m...@thought2.de>:

> Here are more details to my previous message:
>
> I'm getting the following error, when deploying this
> (http://lpaste.net/353990) config to a remote nix machine:
>
> nixops deploy -d network
> building all machine configurations...
> error:
> Failed assertions:
> - The ‘fileSystems’ option does not specify your root file system.
> - You must set the option ‘boot.loader.grub.devices’ or
> 'boot.loader.grub.mirroredBoots' to make the system bootable.
> (use ‘--show-trace’ to show detailed location information)
> error: unable to build all machine configurations
>
> Does anybody have an idea how to fix this?
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Provide options for storing secrets outside the Nix store

2017-03-25 Thread Tomasz Czyż
Great job Bas. We already started going into that direction with some new
pull requests. nlewo implemented that for new openstack modules for
example.

I think your proposal is very good. Should that go to our new shiny RFC?

2017-03-24 22:52 GMT+00:00 Bas van Dijk <v.dijk@gmail.com>:

> Dear module authors, maintainers and contributors,
>
> I would like to bring your attention to:
>
>   https://github.com/NixOS/nixpkgs/issues/24288
>
> The idea is to add a `passwordFile` option for every `password` option so
> that users have a choice other than storing secrets inside the
> world-readable Nix store.
>
> What do you think about the proposal?
>
> If you agree and want to contribute, please mention in the issue which
> module you want to take on. That way we can coordinate the effort.
>
> Happy hacking,
>
> Bas
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] NixOs containers and secrets

2017-03-20 Thread Tomasz Czyż
Hey nixos-containers users,

according to https://github.com/NixOS/nixops/issues/631

how to you deploy secrets to containers?

Tom
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Fwd: nixos-container networking

2017-03-14 Thread Tomasz Czyż
-- Forwarded message --
From: Tomasz Czyż <tomasz.c...@gmail.com>
Date: 2017-03-14 18:12 GMT+00:00
Subject: Re: [Nix-dev] nixos-container networking
To: Danylo Hlynskyi <abcz2.upr...@gmail.com>


Hey Danylo,

yup, I hit 13 char limit and because I was removing - I thought it's that.

I also had the issue with recreating containers, but this happened only
sometimes and didn't happen when I restart the machine so I was not sure
why is that. Thanks for your mail, it's very useful.

Would you share your bridget networking?
I was trying that but I'm wondering if you have one shared bridge or you
have bridge per container and how you access containers from host (or route
traffic to them).

Cheers,
Tom


2017-03-14 6:01 GMT+00:00 Danylo Hlynskyi <abcz2.upr...@gmail.com>:

> Strange, I have lot's of containers with "-" and experience no problems.
> But maybe you've exceeded by accident limit 13 symbols per container name?
>
> Also, last time I tried "veth" networking, I was struggling from
> https://github.com/NixOS/nixpkgs/issues/16330. My container experience
> was awful when I tried container renames. That's why I've already switched
> to bridged networking
>
> ---
>
> BTW, I highly recommend patch to switch-to-configuration.pl
> <https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b277f78ece1bb81b79b5651897e46a2bf#diff-0a057d6ff3f6f83f68b859178484f4fe>
> from https://github.com/NixOS/nixpkgs/pull/3021/commits/6e36619b2
> 77f78ece1bb81b79b5651897e46a2bf
>
> It isn't clear from commit message, but it does the following: makes
> declarative containers truly reloadable (when you change
> container config, it activates new configuration for container). The
> culprit is *it should be* default behavior, because of
>
> 1. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/
> virtualisation/containers.nix#L225-L230
> 2. https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/
> virtualisation/containers.nix#L676
>
> I'd like to PR this, but got no time to test properly other parts of Nixos.
>
> 2017-03-14 4:42 GMT+02:00 Tomasz Czyż <tomasz.c...@gmail.com>:
>
>> Michael, Ian, thank you for your answers.
>>
>> Looks like my problem was with the container name. I tried bunch of
>> different setups which didn't work and I discovered that when I'm using "-"
>> in container name it doesn't work (I had impression that worked one or two
>> times when I started machine from scratch, but most of the time didn't).
>>
>> After I removed "-" from the name, looks like private network is working
>> (I can access private IP of container) so I don't need NAT actually.
>>
>> Tom
>>
>> 2017-03-13 23:54 GMT+00:00 Ian-Woo Kim <ianwoo...@gmail.com>:
>>
>>> I've recently made nixos-container port forwarding easier (both
>>> imperative and declarative) and it's now merged into master.
>>>
>>> https://github.com/NixOS/nixpkgs/pull/20869
>>>
>>> Hope that this helps.
>>>
>>> Ian
>>>
>>> On Sun, Mar 12, 2017 at 7:52 PM, Michael Walker <m...@barrucadu.co.uk>
>>> wrote:
>>> > Tomasz,
>>> >
>>> > I have declarative container networking set up and working on a VPS,
>>> > but I wrote most of the configuration as I was learning things, so it
>>> > may not be the best way.
>>> >
>>> > Here's the configuration.nix for the VPS:
>>> > https://github.com/barrucadu/nixfiles/blob/master/hosts/innsmouth.nix
>>> > Each container has a config file here:
>>> > https://github.com/barrucadu/nixfiles/tree/master/containers
>>> >
>>> > Containers have ports forwarded to them via NAT; each container is
>>> > running a web server on port 80 with the host reverse-proxying via
>>> > nginx; the host also does https and letsencrypt for all the proxied
>>> > containers.
>>> >
>>> > At the top of the innsmouth.nix file, I have a "containerSpecs" record
>>> > which has all the details for each container. The relevant bits of the
>>> > config are:
>>> >
>>> > 1. Set up the networking and NAT:
>>> >
>>> > networking.nat.enable = true;
>>> > networking.nat.internalInterfaces = ["ve-+"];
>>> > networking.nat.externalInterface = "enp0s4";
>>> >
>>> > 2. Forward ports to containers:
>>> >
>>> > networking.nat.forwardPorts = concatMap
>>> > ( {num, ports, ...}:
>>> > map (p: { sourc

Re: [Nix-dev] nixos-container networking

2017-03-13 Thread Tomasz Czyż
Michael, Ian, thank you for your answers.

Looks like my problem was with the container name. I tried bunch of
different setups which didn't work and I discovered that when I'm using "-"
in container name it doesn't work (I had impression that worked one or two
times when I started machine from scratch, but most of the time didn't).

After I removed "-" from the name, looks like private network is working (I
can access private IP of container) so I don't need NAT actually.

Tom

2017-03-13 23:54 GMT+00:00 Ian-Woo Kim <ianwoo...@gmail.com>:

> I've recently made nixos-container port forwarding easier (both
> imperative and declarative) and it's now merged into master.
>
> https://github.com/NixOS/nixpkgs/pull/20869
>
> Hope that this helps.
>
> Ian
>
> On Sun, Mar 12, 2017 at 7:52 PM, Michael Walker <m...@barrucadu.co.uk>
> wrote:
> > Tomasz,
> >
> > I have declarative container networking set up and working on a VPS,
> > but I wrote most of the configuration as I was learning things, so it
> > may not be the best way.
> >
> > Here's the configuration.nix for the VPS:
> > https://github.com/barrucadu/nixfiles/blob/master/hosts/innsmouth.nix
> > Each container has a config file here:
> > https://github.com/barrucadu/nixfiles/tree/master/containers
> >
> > Containers have ports forwarded to them via NAT; each container is
> > running a web server on port 80 with the host reverse-proxying via
> > nginx; the host also does https and letsencrypt for all the proxied
> > containers.
> >
> > At the top of the innsmouth.nix file, I have a "containerSpecs" record
> > which has all the details for each container. The relevant bits of the
> > config are:
> >
> > 1. Set up the networking and NAT:
> >
> > networking.nat.enable = true;
> > networking.nat.internalInterfaces = ["ve-+"];
> > networking.nat.externalInterface = "enp0s4";
> >
> > 2. Forward ports to containers:
> >
> > networking.nat.forwardPorts = concatMap
> > ( {num, ports, ...}:
> > map (p: { sourcePort = p; destination =
> > "192.168.255.${toString num}:${toString p}"; }) ports
> > ) containerSpecs';
> >
> > 3. Define all the containers:
> >
> > containers = mapAttrs
> > (_: {num, config, ...}:
> > { autoStart = true
> > ; privateNetwork = true
> > ; hostAddress = "192.168.254.${toString num}"
> > ; localAddress = "192.168.255.${toString num}"
> > ; config = config
> > ; }
> > ) containerSpecs;
> >
> > 4. Reverse-proxy HTTPS to HTTP in each container, manage letsencrypt
> > certificates, and forward HTTP to HTTPS.
> >
> > This is a little complex as I have a fairly custom nginx config (see
> > the services/nginx.nix file in the repository), but the
> > reverse-proxying is fairly straightfoward. Here is the generated
> > nginx.conf: https://misc.barrucadu.co.uk/nginx.txt
> >
> > On 13 March 2017 at 02:12, Tomasz Czyż <tomasz.c...@gmail.com> wrote:
> >> Hey,
> >>
> >> could anyone using nixos-container (declarative style) share how you
> setup
> >> networking?
> >>
> >> I'm trying to setup few containers with private network and http proxy
> at
> >> the front. Each container potentially could run application on port 80
> and I
> >> would like to expose them through proxy.
> >>
> >> I tried to set this up with
> >>
> >> privateNetwork=true;
> >> hostAddress
> >> localAddress
> >>
> >> and I tried to also run nat on the host with (just to enable outbound
> >> traffic)
> >> internalInterfaces = ["ve-+"];
> >> externalInterfaces = "eth0";
> >>
> >> but no luck.
> >> My next try will be creating bridge on the host and add containers to
> that
> >> bridge. Is that how you do stuff or are better ways of doing container
> >> networking?
> >>
> >> Tom
> >>
> >> ___
> >> nix-dev mailing list
> >> nix-dev@lists.science.uu.nl
> >> http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >>
> >
> >
> >
> > --
> > Michael Walker (http://www.barrucadu.co.uk)
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] nixos-container networking

2017-03-12 Thread Tomasz Czyż
Hey,

could anyone using nixos-container (declarative style) share how you setup
networking?

I'm trying to setup few containers with private network and http proxy at
the front. Each container potentially could run application on port 80 and
I would like to expose them through proxy.

I tried to set this up with

privateNetwork=true;
hostAddress
localAddress

and I tried to also run nat on the host with (just to enable outbound
traffic)
internalInterfaces = ["ve-+"];
externalInterfaces = "eth0";

but no luck.
My next try will be creating bridge on the host and add containers to that
bridge. Is that how you do stuff or are better ways of doing container
networking?

Tom
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Vulnerability Roundup #missing

2017-03-09 Thread Tomasz Czyż
Graham, thank you, you are doing great job.

There is few I'm aware of:
- https://oval.cisecurity.org/ (previously I think it was open
vulnerability ID)
- https://github.com/distributedweaknessfiling
- https://github.com/distributedweaknessfiling/DWF-Database

2017-03-09 11:39 GMT+00:00 Jörg Thalheim <jo...@higgsboson.tk>:

> On 2017-03-08 14:36, Graham Christensen wrote:
> > Just a heads up that the LWN Vulnerability Database we use hasn't been
> > updated in over a week, which means our tooling thinks there have been
> > zero problems. This is obviously not true.
> >
> > LWN's database provides a hugely valuable resource for us. They collect
> > mail from many distro's mailing lists and aggregate similar reports in
> > to a single entry. Each of those then will have multiple solutions and
> > patches that we can use to fix the issue in our distribution. This
> > aggregation has been a huge "force multiplier," allowing us to keep up
> > to date and patch almost as fast as the bigger distributions, even in
> > the earliest weeks of roundups where only a few people were regularly
> > contributing.
> >
> > If you appreciate the work we've done, I recommend subscribing to LWN as
> > a thank-you.
> >
> >
> > Remediation:
> >
> >  - I've messaged LWN to ask if the database will be updated again.
> >  - I've been researching alternative ways to get the job done:
> >- Other DBs with similar goals of aggregating issues and reports.
> >- Reviewing all the mail from oss-security
> >- Subscribing to and reviewing all the mail from all the distro's
> >  that LWN watched
> >  - other options?
> >
> > This is a tough spot to be in, and I am hoping LWN will continue. Either
> > way, we should likely expand our tooling to support other sources as
> > well.
> >
> > If anyone has any ideas or suggestions, I'm all ears :)
> >
> > Best,
> > Graham Christensen
>
> Do you know how LWN aggregates the reports? Is it more of a manual process
> or is done automatically?
>
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] RFC for RFCs

2017-03-09 Thread Tomasz Czyż
Thanks! Great stuff!

2017-03-08 21:21 GMT+00:00 zimbatm <zimb...@zimbatm.com>:

> The RFC for RFCs is ready for a final round of review. Unless there are
> major objections I would like to move forward with it, with the idea that
> we can always improve the process with further RFCs.
>
> https://github.com/zimbatm/rfcs/pull/1
>
> On Sun, 12 Feb 2017 at 20:17 Maarten Hoogendoorn <maar...@moretea.nl>
> wrote:
>
>> Also see the notes that Arian took during the BoF session at FOSDEM:
>>
>> We had a very spontaneous NixOS discussion panel at FOSDEM.
>>
>> I took minutes.  I must say they're a bit rushy at times, so add stuff to
>> it
>> you think isn't clear or is lacking in content.  Thanks!
>>
>>
>> http://piratepad.net/1nHg65LMQj
>>
>>
>> 2017-02-12 19:46 GMT+01:00 Thomas Hunger <tehun...@gmail.com>:
>>
>> That would be amazing! I actually have an email sitting in my draft
>> folder proposing Nix Enhancement Proposals (NEPs).
>>
>> IMHO one of the things we aren't very good at is getting larger changes
>> merged or rejected. We attract a lot of smart people because Nix is pretty
>> awesome. These smart people then do substantial work, submit a PR and the
>> PR bitrots. This is highly demotivating.
>>
>> An RFC process would allow us to get to an accept / reject early on, with
>> the expectation that accepted RFCs will be merged when the technical work
>> is done.
>>
>> I'll add more specific comments to your PR.
>>
>> ~
>>
>> On 12 February 2017 at 15:12, zimbatm <zimb...@zimbatm.com> wrote:
>>
>> Hi all,
>>
>> we discussed of introducing a RFC process during FOSDEM. The goal is to
>> help discussion for large or controversial changes which typically grind to
>> a halt.
>>
>> Here is an initial proposal based on the one from the Rust community:
>> https://github.com/zimbatm/rfcs/pull/1 . Please let me know what you
>> think.
>>
>> Cheers,
>> z
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Copy a closure to machine with no Nix installed on it

2017-03-02 Thread Tomasz Czyż
Also, somebody mentioned https://github.com/matthewbauer/nix-bundle
recently which is nice way to distribute some software to non nix
environments.

2017-03-02 16:49 GMT+00:00 Bjørn Forsman <bjorn.fors...@gmail.com>:

> On 2 March 2017 at 17:38, Volth <vo...@volth.com> wrote:
> > Hello
> >
> > What is a good way to copy a closure to a Linux machine where Nix is
> > not installed (and it is tricky to install: 1. there is only root
> > account and 2. there may be no Internet access) ?
> >
> > "nix-copy-closure" expects "nix-store" on the target machine.
> >
> > Would "nix-store" be a single executable with no dependencies, it
> > could be uploaded beforehand, but it has a lot of dependencies so its
> > uploading is also the task of uploading a closure to a machine without
> > Nix...
>
> Don't know how to do it without Nix, but Nix can be installed offline.
> Get the binary tarball for you system:
>
> http://nixos.org/releases/nix/nix-1.11.7/nix-1.11.7-x86_64-linux.tar.bz2
>
> Copy it to your target machine, unpack and run ./install from the
> extracted tree.
>
> That creates a single user install. It requires sudo to create the
> /nix directory, everything else is owned and run by your user. (There
> are ways to run nix from $HOME or wherever, I think "proot" is a good
> search word.)
>
> Once you have nix you have nix-copy-closure.
>
> Hope that helps.
>
> Best regards,
> Bjørn Forsman
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Copy a closure to machine with no Nix installed on it

2017-03-02 Thread Tomasz Czyż
I assume you could do
nix-store --export or nix-store --dump to prepare archive
or you can query nix store for all dependnecies and with that list you can
copy them using method of your choice


2017-03-02 16:38 GMT+00:00 Volth <vo...@volth.com>:

> Hello
>
> What is a good way to copy a closure to a Linux machine where Nix is
> not installed (and it is tricky to install: 1. there is only root
> account and 2. there may be no Internet access) ?
>
> "nix-copy-closure" expects "nix-store" on the target machine.
>
> Would "nix-store" be a single executable with no dependencies, it
> could be uploaded beforehand, but it has a lot of dependencies so its
> uploading is also the task of uploading a closure to a machine without
> Nix...
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Fwd: Python 3 as default

2017-02-27 Thread Tomasz Czyż
2017-02-27 15:20 GMT+00:00 Eelco Dolstra <eelco.dols...@logicblox.com>:

> Hi,
>
> On 02/24/2017 07:54 AM, Freddy Rietdijk wrote:
>
> >> I'd be happy to help with the process of mass-renaming, if somebody
> provided a
> > list of packages wanting 2 or 3, however I suspect the real work is in
> > determining those package sets.
> > So, if a query-replace for `pkgs.python` -> `pkgs.python2` /
> `pkgs.python3`
> > within nixpkgs would cause so much trouble, how would a rename in
> > `all-packages.nix` fare any better? Are we ready to throw the switch yet?
> >
> > All the packages that explicitly need Python 2 are already pinned to use
> Python
> > 2. That was a matter of converting, testing, and moving on. About 150
> packages
> > were pinned to `python2`. That is why a `python = python3` won't break
> anything
> > (or nearly nothing) in Nixpkgs anymore.
>
> It may silently break external users, though. So removing the "python"
> attribute
> is preferable to aliasing it to "python3".
>
> BTW, I just noticed that the Python 3 package in 17.03 already defines a
> "python
> -> python3" symlink (introduced by [1]). IMHO, we should revert that,
> since it
> can only lead to pointless environment collision errors/warnings. Also, we
> probably don't want to promote the use of the "python" executable name
> because
> it's unversioned (so when Python 4 breaks the language again, we'll have
> to go
> through this whole process again).
>
I agree totally.

>
> [1] https://github.com/NixOS/nixpkgs/commit/708822250e017f0256b0bace5af27a
> 7232e6e1fd
>
> --
> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Best Practices on Modularizing Configuration.nix?

2017-02-27 Thread Tomasz Czyż
Hey Mark,

I use almost the same setup and for 1.5y works very well.

I have "modules" and "hosts" directories. Each "host" contains
configuration about hardware/disk setup and includes set of modules from
"modules". On each host there is a symlink to correct
"hosts/.nix" file.

I found this setup pretty robust on dev machines.
On servers I use nixops which pushes configuration so I don't manage
/etc/nixos there.

Tom

2017-02-27 14:15 GMT+00:00 Mark Gardner <m...@vt.edu>:

> Now that I am putting NixOS on more and more machines, I would like to
> modularize and share parts of the config to maximize reuse and ensure
> uniformity. My approach is to consider the sub-config files as traits or
> roles and combine them together to create configuration.nix for a specific
> machine, like this:
>
> - cfg/common.nix  # common config
> - cfg/desktop.nix  # xorg and related
> - cfg/laptop.nix  # related to all laptops
> - cfg/work.nix  # work location related
> ...
> - cfg/mylaptop.nix  # specific laptop related
>
> I import from these to make up configuration.nix. For example, on my
> laptop, configuration.nix contains:
>
> ---
> { config, pkgs, ... }:
>
> {
>   imports =
> [
>   ./hardware-configuration.nix
>   ./cfg/mylaptop.nix
>   ./cfg/common.nix
>   ./cfg/desktop.nix
>   ./cfg/laptop.nix
>   ./cfg/work.nix
> ];
> }
> ---
>
> So far, this seems like a good approach. Except that each machine has its
> own configuration.nix that I would like to keep in the git repository too
> but of course I can't have different top level files with the same name. To
> solve this, I could moved the current configuration.nix inside of cfg (as
> cfg/mylaptop.cfg.nix perhaps) or merge with the existing cfg/mylaptop.nix
> then making configuration.nix a symlink to it. That way the only thing to
> do by hand is create the symlink to select a particular configuration. Is
> this reasonable? Is there a better way to do it?
>
> How do you modularize your configuration and put it into a repo such that
> you can easily create a configuration for a new machine (and put it in the
> repo too) without a lot of hand work?
>
> Mark
> --
> Mark Gardner
> --
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-commits] [NixOS/nixpkgs] 0b27c7: pgjwt: init at 0.0.1 (#22644)

2017-02-26 Thread Tomasz Czyż
  Branch: refs/heads/master
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 0b27c74eb2517d307b1c1bbd04567157fba7cb63
  
https://github.com/NixOS/nixpkgs/commit/0b27c74eb2517d307b1c1bbd04567157fba7cb63
  Author: Tomasz Czyż <tomasz.c...@gmail.com>
  Date:   2017-02-26 (Sun, 26 Feb 2017)

  Changed paths:
M nixos/release.nix
A nixos/tests/pgjwt.nix
A pkgs/servers/sql/postgresql/pgjwt/default.nix
M pkgs/top-level/all-packages.nix

  Log Message:
  ---
  pgjwt: init at 0.0.1 (#22644)


___
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits


Re: [Nix-dev] Which option replaces security.setuidOwners?

2017-02-14 Thread Tomasz Czyż
Actually, very strange that such a huge change has no documentation changes
at all.

Good thing is, there were some tests :)

2017-02-14 22:07 GMT+00:00 Bjørn Forsman <bjorn.fors...@gmail.com>:

> On 14 February 2017 at 23:04, Bjørn Forsman <bjorn.fors...@gmail.com>
> wrote:
> > On 14 February 2017 at 22:51, Domen Kožar <do...@dev.si> wrote:
> >> We need to use renames for backwards compatibility then :)
> >
> > A rename implies same signature under different namespace (AFAICS).
> > This is not the case here, because the option types are different.
> >
> > I've got a local change that is about to be pushed:
> >
> > +(mkRemovedOptionModule [ "security" "setuidOwners" ] "Use
> > security.wrappers instead")
> > +(mkRemovedOptionModule [ "security" "setuidPrograms" ] "Use
> > security.wrappers instead")
> >
> > (I also do some other fixups that was wrt. new security.wrapper to
> > make my NixOS build.)
>
> I created PR: https://github.com/NixOS/nixpkgs/pull/22806
>
> Best regards,
> Bjørn Forsman
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Python 3 as default

2017-02-14 Thread Tomasz Czyż
I would also vote for not changing "default" python as it will break stuff.
I was going to propose what Eelco already wrote here, just to have explicit
sets like python27Packages, python35Packages without any "default".
But I would leave symlink as it is for compatibility reasons.

2017-02-14 15:54 GMT+00:00 Kevin Cox <kevin...@kevincox.ca>:

>
>
> On Feb 14, 2017 07:49, "Freddy Rietdijk" <freddyrietd...@fridh.nl> wrote:
>
> It would two mean things:
>
>1.  alias `python3 to `python`
>2.  add a symlink that points to the `python` program, as discussed
>before in this thread.
>
> For what it is worth I would prefer that we have a python executable in
> the path (if it is "installed"), but the nix expressions only have the
> version suffixed attributes to increase explicitness and improve
> readability.
>
> Plus then we will be ready for python 4 
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Fwd: Why having releases if you break things in it often

2017-02-10 Thread Tomasz Czyż
I'm not sure if that's a troll or not, but let's try:

So any help would be nice. I am a technicaly shurly keen guy, but I cant
> reboot daily my machine for months, cause nobody of you experts can
> invest 5-15 mins to fix that.
>
But you know, experts stuff is pretty expensive resource, and maybe people
decided will be better if they use it differently than you would expect?

>
>
> I dont want to be a 100% full time nixos developer / sysadmin just to
> solve such stupid problem. Except somebody would pay me for that, then I
> would think about it.
>
Ah, so you won't do it for free but you expect the army of experts to rush
for help and do it for free for you, do I read that correctly?

>
> Is that really what I have to expect?
>
:-)

>
> Sorry for ranting here, I stopp now, but maybe some of that feedback
> helps you to improve something, and maybe somebody could give me some
> config lines or nix-env commands that gets flexget running again.
>
I can improve, but you know... if you would pay me, than I would think
about it.
Sorry, just kidding :-)

And now serious,
nix is an effort of huge number of people, they contribute in their free
time mostly, and even those who do it for cash, mostly work for some
companies and nixos contribution is just side effect of their work. It
looks like a lot of people think that nixos is so useful for their work
they contribute to it and even help others. You can join to that movement
and spend a lot of time learning about this open source project or you can
use the company to help you. Few people started nixos consulting (me as
well :-) and this is a second option, you pay for product/service. It's
like most of the open source software, right?


> Graham Christensen <gra...@grahamc.com> writes:
>
> > I'm very sorry you've had a bad experience with breakage on stable. :( I
> > use 16.09 myself.
> >
> >>> yes I think that html5lib thing would it be. So it was at least a
> >>> security fix, so you dont just update stuff to update it, which would
> >>> make releases pretty useless concept :)
> >
> > Roughly, this is why backports happen:
> >
> >  - Security patches which aren't major updates
> >  - If a security patch is a major upgrade, try and find patches to our
> >current version which accomplish the same goal. Apply the major
> >update to master, and the patches to stable.
> >  - Bug fixes to applications which, again, aren't major updates.
> >Generally be cautious about these.
> >  - Any updates when the current stable version is utterly broken. A key
> >example of this is Spotify, who regularly breaks their old versions.
> >  - Extremely security-sensitive software, in particular Chrome,
> >Chromium, Firefox, Thunderbird, and of course the kernel.
> >
> >>> Sorry I formulated that message a bit trollish, but just wanted to
> learn
> >>> why how releases are done in nixos.
> >
> > Please know that Freddy, Franz, Robin, Domen, myself, and the rest of
> > the people contributing to NixOS work very hard to keep the stable
> > version of NixOS working nicely. This is very important to us.
> >
> > It can be very stressful when preparing to backport changes, but it is
> > important to do them anyway. I try to think through impact and run tests
> > across a wide range of software to see what will break. We also try not
> > to backport any substantial changes, but instead smaller patches to
> > prevent breakage.
> >
> > When you do find breakage, please do promptly open an issue on send a
> > report on the mailing list so we can address the problem and perhaps add
> > testing to prevent it in the future. We're also quite accessible on the
> > #nixos IRC channel on Freenode.
> >
> > If you would like to take part in the process of identifying and solving
> > security problems on master and backporting to stable, we sure would
> > love the extra help -- feel free to comment on
> > https://github.com/NixOS/nixpkgs/issues/21967 and I'll tag you on
> > Wednesday when I open the next roundup.
> >
> > Best,
> > Graham Christensen
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] help with patch for screen locking

2017-02-07 Thread Tomasz Czyż
David,

I assume you are not talking about
https://github.com/NixOS/nixpkgs/issues/16485?

Usually I'm using this kind of stuff as part of user session/desktop
environment. Which means that xfce-session or gnome-session or whatever is
starting all those for user.

Do we really need to start is outside of user session? Does it break any
existing user sessions?

2017-02-07 18:36 GMT+00:00 zimbatm <zimb...@zimbatm.com>:

> As a user I would expect slock to be installed and added to the suid list
> if I selected it as my screensaver. That way I can also invoke it manually
> in cases where I want to lock the screen manually.
>
> On Mon, 6 Feb 2017, 23:51 , <da...@zarel.net> wrote:
>
>> Hi!
>> I am making a patch to fix issue #16485 but I have encountered an issue.
>>
>> I added an option called screenLock to
>> services.xserver.desktopManager.xfce that can take only "xscreensaver"
>> "xlockmore" "slock" "gnome-screensaver" as values but:
>>
>> - gnome-screensaver seems to not exist anymore, at least not on nixos,
>> so I removed the choice
>> - slock needs suid to lock the screen, as explained in the wiki too, so
>> I don't know if with this patch I should install slock and also set it
>> suid, or if it's better to leave the choice out, or if the user that
>> puts screenLock = "slock" should be presented an error in case slock is
>> not set suid by the user themselves.
>>
>>
>> Thanks for your help
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] nix-bundle: Bundle Nix derivations to run anywhere

2017-02-07 Thread Tomasz Czyż
I would vote for mirroring this tool in nixos github namespace (or even
trying to make this project official one) as it can have big impact of
propagating/implementing nix ideas into environments where it's not
straight forward to use it.

What do you think people?

2017-02-07 11:31 GMT+00:00 Tomasz Czyż <tomasz.c...@gmail.com>:

> Matthew,
> very good tool, thank you for sharing.
>
> 2017-02-07 10:32 GMT+00:00 Domen Kožar <do...@dev.si>:
>
>> Awesome! I will need this very soon, good timing :)
>>
>> On Tue, Feb 7, 2017 at 11:30 AM, Moritz Ulrich <mor...@tarn-vedra.de>
>> wrote:
>>
>>>
>>> Hey Matthew,
>>>
>>> This sounds great! I'll give it a try :-)
>>>
>>> One question: Will it create a persistent /nix directory on the machine
>>> the generated binary is running?
>>>
>>> Cheers
>>> Moritz
>>>
>>> Matthew Bauer <mjbaue...@gmail.com> writes:
>>>
>>> > GitHub page: https://github.com/matthewbauer/nix-bundle
>>> >
>>> > I just wanted to post about a little project I've been working on. I'm
>>> > calling it "nix-bundle".
>>> >
>>> > Basically, what it does is: take a Nix closure, compress it into a
>>> > tarball, and turn that tarball into an executable using "Arx". The
>>> > final result looks like a plain shell script, but actually has a
>>> > tarball closure appended to it. When you run that script, Arx will
>>> > execute "nix-user-chroot" (which is included in the closure) which
>>> > will setup a /nix/ directory, then execute a target executable. All of
>>> > this should work "out of the box" for any Nix derivation folder with a
>>> > valid executable.
>>> >
>>> > For example, to generate a "hello" bundle:
>>> >
>>> > ./nix-bundle.sh hello /bin/hello
>>> >
>>> > "hello" specifies pkgs.hello and /bin/hello specifies the file
>>> > ${pkgs.helloi}/bin/hello to be executed. The output file will just be
>>> > called "hello".
>>> >p
>>> > The result is a "bundle" that can run without Nix being installed! No
>>> > external dependencies are needed because they are all contained within
>>> > the Nix closure.
>>> >
>>> > There are two main drawbacks: slow startup and large file size.
>>> > Extracting the tarball takes time and this adds on to startup times.
>>> > Also, because everything is included from the Nix closure, complicated
>>> > apps tend to be much larger because of the dependency tree.
>>> >
>>> > I've been experimenting with using AppImage as a format to package
>>> > them in, but it is not currently ready yet.
>>> > ___
>>> > nix-dev mailing list
>>> > nix-dev@lists.science.uu.nl
>>> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>> --
>>>
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>>
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>
>
> --
> Tomasz Czyż
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] nix-bundle: Bundle Nix derivations to run anywhere

2017-02-07 Thread Tomasz Czyż
Matthew,
very good tool, thank you for sharing.

2017-02-07 10:32 GMT+00:00 Domen Kožar <do...@dev.si>:

> Awesome! I will need this very soon, good timing :)
>
> On Tue, Feb 7, 2017 at 11:30 AM, Moritz Ulrich <mor...@tarn-vedra.de>
> wrote:
>
>>
>> Hey Matthew,
>>
>> This sounds great! I'll give it a try :-)
>>
>> One question: Will it create a persistent /nix directory on the machine
>> the generated binary is running?
>>
>> Cheers
>> Moritz
>>
>> Matthew Bauer <mjbaue...@gmail.com> writes:
>>
>> > GitHub page: https://github.com/matthewbauer/nix-bundle
>> >
>> > I just wanted to post about a little project I've been working on. I'm
>> > calling it "nix-bundle".
>> >
>> > Basically, what it does is: take a Nix closure, compress it into a
>> > tarball, and turn that tarball into an executable using "Arx". The
>> > final result looks like a plain shell script, but actually has a
>> > tarball closure appended to it. When you run that script, Arx will
>> > execute "nix-user-chroot" (which is included in the closure) which
>> > will setup a /nix/ directory, then execute a target executable. All of
>> > this should work "out of the box" for any Nix derivation folder with a
>> > valid executable.
>> >
>> > For example, to generate a "hello" bundle:
>> >
>> > ./nix-bundle.sh hello /bin/hello
>> >
>> > "hello" specifies pkgs.hello and /bin/hello specifies the file
>> > ${pkgs.helloi}/bin/hello to be executed. The output file will just be
>> > called "hello".
>> >p
>> > The result is a "bundle" that can run without Nix being installed! No
>> > external dependencies are needed because they are all contained within
>> > the Nix closure.
>> >
>> > There are two main drawbacks: slow startup and large file size.
>> > Extracting the tarball takes time and this adds on to startup times.
>> > Also, because everything is included from the Nix closure, complicated
>> > apps tend to be much larger because of the dependency tree.
>> >
>> > I've been experimenting with using AppImage as a format to package
>> > them in, but it is not currently ready yet.
>> > _______
>> > nix-dev mailing list
>> > nix-dev@lists.science.uu.nl
>> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>> --
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] PCI Expresscard not working under NixOS

2017-02-07 Thread Tomasz Czyż
What about doing quick check and running ubuntu from livecd/usb to confirm
if card still is alive?

2017-02-07 2:23 GMT+00:00 Roger Qiu <roger@matrix.ai>:

> It might be a missing driver. Ultimately is the kernel, its drivers and
> modules that deal with hardware and IO. You might need to google around and
> ask specifically for the given pci expess hardware serial code and model.
> On 07/02/2017 9:39 AM, "Christoph-Simon Senjak" <
> christoph.sen...@googlemail.com> wrote:
>
>> Hello.
>>
>> On 06.02.2017 06:36, Roger Qiu wrote:
>>
>>> When you plug something in, the kernel log should show something. If it
>>> doesn't then the kernel doesn't know about it, nothing in the userspace
>>> can help.
>>>
>>
>> How can that be?
>>
>> Make sure you're running those commands before you plug the usb in.
>>>
>> >
>>
>>> Also I used to have faulty usb cables, but even then the kernel showed
>>> something. Usually repeating messages because the usb cable kept
>>> dropping out and coming back in.
>>>
>>> What happens if you plug those devices directly?
>>>
>>
>> The kernel does not notice the expresscard itself when I plug it in. My
>> usb hard disk works perfectly under the other ports.
>>
>> Ah, and fun fact: When plugging in the expresscard, I can reproducibly
>> scramble my sound output for a second (the music repeats for a second after
>> I plug it in). Still, the kernel says nothing. And no device nodes appear.
>>
>>
>> On 06/02/2017 2:55 PM, "Christoph-Simon Senjak"
>>> <christoph.sen...@googlemail.com
>>> <mailto:christoph.sen...@googlemail.com>> wrote:
>>>
>>> Hi.
>>>
>>> On 06.02.2017 04:46, Peter Hoeg wrote:
>>>
>>> Hi,
>>>
>>> My USB 3.0 Expresscard does not work under NixOS, it used to
>>> work
>>> under other distros. I already tried to add
>>>
>>>
>>> Can you be a little more specific about "does not work"?
>>>
>>>
>>> Nothing happens. Like, really nothing. No new hub is shown in lsusb
>>> (as it was under Ubuntu). Devices I plug in are not shown. Nothing.
>>>
>>> When you plug it in, what messages are you seeing while running
>>> these 2
>>> commands in separate terminals:
>>>
>>> journalctl -k -f
>>>
>>> and
>>>
>>> udevadm monitor
>>>
>>>
>>> Nothing. No output.
>>>
>>> Regards, CSS
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl <mailto:nix-dev@lists.science.uu.nl>
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>> <http://lists.science.uu.nl/mailman/listinfo/nix-dev>
>>>
>>>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Fwd: Grub problem: external pointer tables not supported

2017-01-23 Thread Tomasz Czyż
Roger,


I got it from my grub.cfg config file. It looks like that's how you access
"root" zfs volume.

If I have

/
/volume1
/volume2

in grub I could access it

$disk/@/
$disk/volume1/
$disk/volume2/

Looks like just a convention but didn't dive into it.

btw, just to clarify my setup, currently I have /boot and /nix/store on the
same zfs volume and works, looks like only one directory is affected by
hardlinks/too many files issue.

Thanks,
Tom

2017-01-24 3:43 GMT+00:00 Roger Qiu <roger@matrix.ai>:

> Btw what is the `@` symbol mean in your `ls` examples? I've never seen
> that. The grub rescue allows yo use `ls hd (0,1)/...` with no `@`.
> On 24/01/2017 12:52 PM, "Tomasz Czyż" <tomasz.c...@gmail.com> wrote:
>
>> It looks like I hit some ZFS feature that it's not supported by grub
>> module.
>>
>> How I found that?
>> In grub, you can list files in zfs volumes by doing ``ls $drive/@/home``
>> etc.
>> I could list ``ls $drive/@/nix`` or ``ls $drive/@/nix/var`` but not ``ls
>> $drive/@/nix/store`` where I kept the kernels.
>>
>> I found some explanations about lot's of files and lot's of hardlinks
>> (nix store had at that time more than 130G and probably triggered the
>> feature).
>>
>> nix-collect-garbage -d didn't help.
>>
>> I solved the problem by using boot.loader.grub.copyKernels = true;
>>
>> Kernels were copied to the same volume but to /boot where there is
>> smaller number of files and worked perfectly.
>>
>>
>> 2017-01-23 16:44 GMT+00:00 Tomasz Czyż <tomasz.c...@gmail.com>:
>>
>>>
>>>
>>> 2017-01-23 16:15 GMT+00:00 Roger Qiu <roger@matrix.ai>:
>>>
>>>> Hey,
>>>>
>>>> Changing nixos generations won't affect the grub boot partition, that
>>>> only changes which nixos kernel and initramfs image gets booted.
>>>>
>>> Because all boot options are not working one of my guesses is that in
>>> new nix version, wrong config was generated when I did system update which
>>> broke all options.
>>>
>>>> This looks like an error in the Grub partition. Maybe you recently
>>>> updated it or changed it, or the partition got corrupted.
>>>>
>>> It's possible, I tried to boot from USB, do ``nixos-install
>>> --no-root-passwd`` to reinstall the system, but I'm not sure how to force
>>> grub/uefi partition recreation/reinstalling, any idea? Should I just format
>>> it and will be recreated?
>>>
>>>> This is why other operating systems tend to make their /boot
>>>> read-only...
>>>>
>>>> If you can't get into the OS, then you can try booting off a USB, and
>>>> then edit the boot partition. Or run the uefi terminal app (but this one
>>>> never worked for me). If you had cloned/raided boot partitions you can try
>>>> changing the uefi image to boot from in your uefi settings (access it like
>>>> BIOS).
>>>>
>>> I tried that, but I'm not sure what to change. I tried to reinstall grub
>>> on EFI partition but I'm not sure how to do that, is regular grub-install
>>> stuff way to go (I thought I had some issues with that and I tried
>>> nixos-install after that).
>>>
>>>> Currently I have 2 uefi boot partitions cloned, but one failed so I've
>>>> been booting off the other one.
>>>>
>>> Nice one, I think I'll try to do something like that.
>>>
>>> Thanks Roger.
>>>
>>>> Thanks,
>>>> Roger
>>>> On 23/01/2017 10:48 PM, "Tomasz Czyż" 
>>>>
>>>
>>>
>>>> masz.c...@gmail.com <tomasz.c...@gmail.com>> wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> recently my grub said this to me after I restarted computer:
>>>>>
>>>>> Error: external pointer tables not supported
>>>>> Error: you need to load the kernel first.
>>>>>
>>>>> Every option I select with nix (also past generations) shows me this
>>>>> message.
>>>>>
>>>>> I updated the system to 17.03pre99792.c311871 on 2016-12-23 and
>>>>> restarted it before multiple times (and worked). I don't remember if I did
>>>>> other updates, but this is what's grub menu shows me.
>>>>>
>>>>> My disk layout is: EFI boot partition for grub, next partition is
>>>>> encrypted luks volume and ZFS on top of it.
>>>>>
>>>>> This setup worked for me for 1.5 year now without any issue.
>>>>>
>>>>> Anybody is aware of any changes to grub/zfs recently or had same issue?
>>>>> Any suggestions how I can recover from it or what can be wrong?
>>>>>
>>>>> Tom
>>>>>
>>>>>
>>>>>
>>>>> ___
>>>>> nix-dev mailing list
>>>>> nix-dev@lists.science.uu.nl
>>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>>
>>>>>
>>>
>>>
>>> --
>>> Tomasz Czyż
>>>
>>
>>
>>
>> --
>> Tomasz Czyż
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>


-- 
Tomasz Czyż



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Grub problem: external pointer tables not supported

2017-01-23 Thread Tomasz Czyż
It looks like I hit some ZFS feature that it's not supported by grub module.

How I found that?
In grub, you can list files in zfs volumes by doing ``ls $drive/@/home``
etc.
I could list ``ls $drive/@/nix`` or ``ls $drive/@/nix/var`` but not ``ls
$drive/@/nix/store`` where I kept the kernels.

I found some explanations about lot's of files and lot's of hardlinks (nix
store had at that time more than 130G and probably triggered the feature).

nix-collect-garbage -d didn't help.

I solved the problem by using boot.loader.grub.copyKernels = true;

Kernels were copied to the same volume but to /boot where there is smaller
number of files and worked perfectly.


2017-01-23 16:44 GMT+00:00 Tomasz Czyż <tomasz.c...@gmail.com>:

>
>
> 2017-01-23 16:15 GMT+00:00 Roger Qiu <roger@matrix.ai>:
>
>> Hey,
>>
>> Changing nixos generations won't affect the grub boot partition, that
>> only changes which nixos kernel and initramfs image gets booted.
>>
> Because all boot options are not working one of my guesses is that in new
> nix version, wrong config was generated when I did system update which
> broke all options.
>
>> This looks like an error in the Grub partition. Maybe you recently
>> updated it or changed it, or the partition got corrupted.
>>
> It's possible, I tried to boot from USB, do ``nixos-install
> --no-root-passwd`` to reinstall the system, but I'm not sure how to force
> grub/uefi partition recreation/reinstalling, any idea? Should I just format
> it and will be recreated?
>
>> This is why other operating systems tend to make their /boot read-only...
>>
>> If you can't get into the OS, then you can try booting off a USB, and
>> then edit the boot partition. Or run the uefi terminal app (but this one
>> never worked for me). If you had cloned/raided boot partitions you can try
>> changing the uefi image to boot from in your uefi settings (access it like
>> BIOS).
>>
> I tried that, but I'm not sure what to change. I tried to reinstall grub
> on EFI partition but I'm not sure how to do that, is regular grub-install
> stuff way to go (I thought I had some issues with that and I tried
> nixos-install after that).
>
>> Currently I have 2 uefi boot partitions cloned, but one failed so I've
>> been booting off the other one.
>>
> Nice one, I think I'll try to do something like that.
>
> Thanks Roger.
>
>> Thanks,
>> Roger
>> On 23/01/2017 10:48 PM, "Tomasz Czyż" 
>>
>
>
>> masz.c...@gmail.com <tomasz.c...@gmail.com>> wrote:
>>
>>> Hello,
>>>
>>> recently my grub said this to me after I restarted computer:
>>>
>>> Error: external pointer tables not supported
>>> Error: you need to load the kernel first.
>>>
>>> Every option I select with nix (also past generations) shows me this
>>> message.
>>>
>>> I updated the system to 17.03pre99792.c311871 on 2016-12-23 and
>>> restarted it before multiple times (and worked). I don't remember if I did
>>> other updates, but this is what's grub menu shows me.
>>>
>>> My disk layout is: EFI boot partition for grub, next partition is
>>> encrypted luks volume and ZFS on top of it.
>>>
>>> This setup worked for me for 1.5 year now without any issue.
>>>
>>> Anybody is aware of any changes to grub/zfs recently or had same issue?
>>> Any suggestions how I can recover from it or what can be wrong?
>>>
>>> Tom
>>>
>>>
>>>
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>>
>
>
> --
> Tomasz Czyż
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Grub problem: external pointer tables not supported

2017-01-23 Thread Tomasz Czyż
2017-01-23 16:15 GMT+00:00 Roger Qiu <roger@matrix.ai>:

> Hey,
>
> Changing nixos generations won't affect the grub boot partition, that only
> changes which nixos kernel and initramfs image gets booted.
>
Because all boot options are not working one of my guesses is that in new
nix version, wrong config was generated when I did system update which
broke all options.

> This looks like an error in the Grub partition. Maybe you recently updated
> it or changed it, or the partition got corrupted.
>
It's possible, I tried to boot from USB, do ``nixos-install
--no-root-passwd`` to reinstall the system, but I'm not sure how to force
grub/uefi partition recreation/reinstalling, any idea? Should I just format
it and will be recreated?

> This is why other operating systems tend to make their /boot read-only...
>
> If you can't get into the OS, then you can try booting off a USB, and then
> edit the boot partition. Or run the uefi terminal app (but this one never
> worked for me). If you had cloned/raided boot partitions you can try
> changing the uefi image to boot from in your uefi settings (access it like
> BIOS).
>
I tried that, but I'm not sure what to change. I tried to reinstall grub on
EFI partition but I'm not sure how to do that, is regular grub-install
stuff way to go (I thought I had some issues with that and I tried
nixos-install after that).

> Currently I have 2 uefi boot partitions cloned, but one failed so I've
> been booting off the other one.
>
Nice one, I think I'll try to do something like that.

Thanks Roger.

> Thanks,
> Roger
> On 23/01/2017 10:48 PM, "Tomasz Czyż" 
>


> masz.c...@gmail.com <tomasz.c...@gmail.com>> wrote:
>
>> Hello,
>>
>> recently my grub said this to me after I restarted computer:
>>
>> Error: external pointer tables not supported
>> Error: you need to load the kernel first.
>>
>> Every option I select with nix (also past generations) shows me this
>> message.
>>
>> I updated the system to 17.03pre99792.c311871 on 2016-12-23 and restarted
>> it before multiple times (and worked). I don't remember if I did other
>> updates, but this is what's grub menu shows me.
>>
>> My disk layout is: EFI boot partition for grub, next partition is
>> encrypted luks volume and ZFS on top of it.
>>
>> This setup worked for me for 1.5 year now without any issue.
>>
>> Anybody is aware of any changes to grub/zfs recently or had same issue?
>> Any suggestions how I can recover from it or what can be wrong?
>>
>> Tom
>>
>>
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Grub problem: external pointer tables not supported

2017-01-23 Thread Tomasz Czyż
Hello,

recently my grub said this to me after I restarted computer:

Error: external pointer tables not supported
Error: you need to load the kernel first.

Every option I select with nix (also past generations) shows me this
message.

I updated the system to 17.03pre99792.c311871 on 2016-12-23 and restarted
it before multiple times (and worked). I don't remember if I did other
updates, but this is what's grub menu shows me.

My disk layout is: EFI boot partition for grub, next partition is encrypted
luks volume and ZFS on top of it.

This setup worked for me for 1.5 year now without any issue.

Anybody is aware of any changes to grub/zfs recently or had same issue?
Any suggestions how I can recover from it or what can be wrong?

Tom
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Is it possible to limit nix access to sudoers and/or a group?

2017-01-20 Thread Tomasz Czyż
So obvious :-)

Eelco, is that the case with NixOS only or that works also when you install
Nix as regular user, let's say on Ubuntu?

2017-01-20 12:07 GMT+00:00 Eelco Dolstra <eelco.dols...@logicblox.com>:

> Hi,
>
> On 01/20/2017 03:15 AM, Mateusz Czaplinski wrote:
>
> > I'd like to build a system where regular users cannot access nix
> > commands, daemon, etc. Ideally, only users belonging to a particular
> > group could access those. (Probably worse solution, but still
> > acceptable, if this was limited to sudoers only.)
> >
> > Is it possible? If yes, how to do that on NixOS?
>
> Yes, by setting allowed-users in nix.conf, or nix.allowedUsers in the NixOS
> configuration, e.g.
>
>   nix.allowedUsers = [ "@wheel" ];
>
> The default is "*". I've been thinking that it might be good to tighten
> this to
> something like [ "root" "@users" ], to disallow (say) system daemons.
>
> --
> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Is it possible to limit nix access to sudoers and/or a group?

2017-01-19 Thread Tomasz Czyż
It's probably against nix design but let's try.

Just an idea (haven't tried yet). Install nix as NIXUSER (without the
deamon, just nix to run builds). Other users can access paths, build by nix
from /nix/store but they won't access nix as it belongs to NIXUSER.

But they probably can access nix at any point at this stage (or maybe they
need sudo to be added to a group, not sure).




2017-01-20 2:15 GMT+00:00 Mateusz Czaplinski <czapko...@gmail.com>:

> I'd like to build a system where regular users cannot access nix
> commands, daemon, etc. Ideally, only users belonging to a particular
> group could access those. (Probably worse solution, but still
> acceptable, if this was limited to sudoers only.)
>
> Is it possible? If yes, how to do that on NixOS?
>
> Thanks & Best Regards,
> /Mateusz.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nix in a Cluster Environment Talk Slides

2017-01-19 Thread Tomasz Czyż
Thanks Kevin, good stuff.

2017-01-19 22:15 GMT+00:00 Kevin Cox <kevin...@kevincox.ca>:

> Hello,
>
> There was recently a Nix meetup in Dublin and a couple of people
> expressed interest in my talk on using Nix in a clustered environment.
> Unfortunately I fat-fingered the recording but I have posted my slides
> for those who find them useful.
>
> https://kevincox.ca/2017/01/19/nix-and-mesos-talk/
>
> I'll try to make sure that we have the recording figured out for future
> meetups so that those who can't make it can get more value 
>
> Thanks again to Tomasz and Bariša for organizing and hosting the event,
> it's great so see such great attendance. Also if you find yourself in
> the Dublin area feel free to join us: https://www.meetup.com/NixOS-Dublin/
>
> Cheers, Kevin
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] NixOS Dublin

2017-01-04 Thread Tomasz Czyż
Hey guys,

we are organizing NixOS meetup in Dublin.
https://www.meetup.com/NixOS-Dublin/events/236649896/

Please join if you will be around.

Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] environment.etc.'filename'.owner ?

2016-12-16 Thread Tomasz Czyż
Azul,

try https://nixos.org/nixos/options.html, if you search for 'etc.' you can
see there are uid and gid options.

2016-12-16 12:39 GMT+00:00 Azul <m...@azulinho.com>:

> Is there a way to set the owner and group for a file as per the subject ?
>
> couldn't grep for any example for this.
>
> thanks
> azul
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] monitor.nixos.org

2016-11-30 Thread Tomasz Czyż
zimbatm: I don't think you need that branch selection thing. All the custom
logic you want for that package you can put in the update script and you
can even parametrize it from the outside I assume (update script generated
by nix expression). That should be enough to do whatever custom logic you
want.

2016-11-29 15:05 GMT+00:00 Profpatsch <m...@profpatsch.de>:

> On 16-11-28 11:05pm, Rok Garbas wrote:
> > On Mon, Nov 28, 2016 at 9:42 PM, Profpatsch <m...@profpatsch.de> wrote:
> > > Exactly.
> > > And of course the interface of what the script at this point should do.
> >
> > We don't need to define what that update script should do, since a
> > maintainer of that package also makes sure that generated files
> > (json/nix/...) that this update script provides will be read by the
> > package expression.
>
> In order for CI to check for updates there needs to be a standard
> way to call these update scripts. And more than that, a standard
> behaviour of these update scripts. I expect CI to completely sandbox
> them.
> Maybe even go so far as to loosen the “fixed input” rule only a tiny
> bit, meaning the update scripts have to specify exactly what state
> they are going to inspect to find new versions.
>
> > I think Nix has the advantage here actually. A maintainer can write an
> > update script in any language that he is most comfortable with. On the
> > end they have to support it etc... BUT everybody can run the update
> > without knowing that this is a ruby script since ``nix-shell``
> > provides all the needed dependencies for us.
>
> As long as updates always behave the same. And don’t rm -rf your $HOME …
> I’ve had enough untrusted source code run for two lifetimes.
>
> > So on the end we really need to just figure out the name ;) and start
> > writing update scripts. Even if they are full of regex :P
>
> If there is no interface, I’d rather not even have a fix name, or people
> will think updates are specified somehow. Maybe even go the other way
> and reserve the name until someone figures out a nice way to do this.
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] monitor.nixos.org

2016-11-28 Thread Tomasz Czyż
Nice research, thanks for providing a link.



2016-11-28 15:04 GMT+00:00 <phree...@yandex.ru>:

> On Monday, November 28, 2016 13:32:16 Tomasz Czyż wrote:
> > 2016-11-28 13:18 GMT+00:00 Profpatsch <m...@profpatsch.de>:
> > > On 16-11-12 06:39pm, Rok Garbas wrote:
> > > > On Sat, Nov 12, 2016 at 6:27 PM, Daniel Frank
> > > > I wrote recently[1] how we tackle this problem at RelEng team at
> > > > Mozilla. I'm slowly moving all my nix projects to do the same. I will
> > > > also do the same for the packages I manage in nixpkgs at least that
> is
> > > > what I will write to Santa this year, to give me more time to play
> > > > work on nixpkgs :)
> > > >
> > > >
> > > > [1] https://garbas.si/2016/updating-your-nix-sources.html
> > >
> > > So you had a very similar idea about update scripts.
> > >
> > > We should chat about that; I think there should be a system
> > > in place for derivations to specify how the next version can
> > > be found and if possible how to automatically update the version
> > > tags & hashes.
> >
> > debian has such a strategy:
> > - https://wiki.debian.org/debian/watch
>
> That happens to not work all that well:
> https://github.com/Phreedom/nixpkgs-monitor/blob/master/
> debian-watchfiles/watchfiles.md
>
> It turns out that debian watchfiles were much less reliable at getting
> updates
> from SourceForge, than a generic SourceForge updater. This is because
> naming
> schemes change, devs forget to update the updater script and lots of other
> tiny but important reasons.
>
> In practice, having developers maintain package-specific update scripts is
> just
> as hard if not harder than maintaining the package itself.
>
> This is why the strategy chosen for nixpkgs-monitor was to develop updaters
> that can tackle at least hundreds of packages.
>
> -- Evgeny
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] monitor.nixos.org

2016-11-28 Thread Tomasz Czyż
2016-11-28 13:18 GMT+00:00 Profpatsch <m...@profpatsch.de>:

> On 16-11-12 06:39pm, Rok Garbas wrote:
> > On Sat, Nov 12, 2016 at 6:27 PM, Daniel Frank
> > I wrote recently[1] how we tackle this problem at RelEng team at
> > Mozilla. I'm slowly moving all my nix projects to do the same. I will
> > also do the same for the packages I manage in nixpkgs at least that is
> > what I will write to Santa this year, to give me more time to play
> > work on nixpkgs :)
> >
> >
> > [1] https://garbas.si/2016/updating-your-nix-sources.html
>
> So you had a very similar idea about update scripts.
>
> We should chat about that; I think there should be a system
> in place for derivations to specify how the next version can
> be found and if possible how to automatically update the version
> tags & hashes.
>
debian has such a strategy:
- https://wiki.debian.org/debian/watch
-
https://github.com/FedericoCeratto/debian-package-init/blob/master/deb_create_watch.py

I think better place to execute this would be in CI pipeline, when you can
decide if after upgrading the package you are still able to build the
project.

Also, I'm not sure if automatic upgrades would be that great without manual
verification. There are cases when packages have no signatures and somebody
switched the code on the website (this happens from time to time).

Probably topic worth discussing.

Maybe workflow like that could be a start point:

- monitor - checks if upgrades are possible
- CI/hydra
- checks if upgrades are possible
- if yes, tries to upgrade package and build it
- if package is built correctly, sends email to package maintainers
with a patch (or open pull request) and asks for verification.

Also I had an idea that would be nice to integrate this update command into
"meta" of derivation. What do you think?




>
> Those can obviously not be executed by nix itself, but by other
> systems like the nixos monitor.
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] hotswappable self managing services in nix

2016-11-28 Thread Tomasz Czyż
Stewart:
check my comment for configuration reload, if you want this on service
level, https://github.com/NixOS/nixpkgs/issues/1988#issuecomment-247779639
could be helpful for you (at least I'm implementing such things that way).



2016-11-28 10:49 GMT+00:00 zimbatm <zimb...@zimbatm.com>:

> For process-level graceful restarts see https://github.com/zimbatm/
> socketmaster and https://github.com/pusher/crank . Those could be
> integrated into the activation script.
>
> On Mon, 28 Nov 2016 at 09:33 zimbatm <zimb...@zimbatm.com> wrote:
>
>> Hi Stewart,
>>
>> In a HA setup availability is generally achieved on a network level
>> instead of system level. Typically you would have two hotswappable
>> load-balancers that distribute the traffic to multiple instances of your
>> service boxes. In that context is doesn't matter how processes are being
>> restarted because the load-balancer will automatically detect unresponsive
>> machines and route the traffic accordingly. It's also handy because it
>> allows to restart the machines in the event where the kernel needs an
>> upgrade. In that setup I suppose you can think of each machine as being one
>> Erlang OTP "process" and the network the "message-passing".
>>
>> One responsibility of the service in that setup is to shutdown properly
>> to avoid unnecessary disruption of service. Mainly when the process gets
>> the SIGTERM signal it should close the listening socket (so the
>> load-balancer can route new incoming connections to a different machine)
>> and then drain the existing client connection gracefully. It shouldn't stop
>> all at once but let the clients disconnect when they are done with their
>> sessions (and optionally signal them to go away if the protocol supports
>> it).
>>
>> A last thing regarding this approach: generally you need a way to control
>> the deploys; if all the service boxes are being upgraded at the same time
>> then the load-balancer doesn't have anywhere to route the traffic to. It's
>> also something desirable to have to do blue/green deployments.
>>
>> I need to stop there for now but I also have a similar design answer on
>> the system level where processes get replaced gracefully.
>>
>> Cheers,
>> z
>>
>> On Sun, 27 Nov 2016 at 04:33 stewart mackenzie <setor...@gmail.com>
>> wrote:
>>
>> 9 9s not unheard of in these circles, Google uptimes are a joke not
>> worthy of mention.
>>
>> There are systems that have been running for some 40 odd years in
>> production that factor in changes to legal banking regulations, hardware,
>> business logic etc. Erlang has a system called the Ericsson AXD301 which
>> has achieved this time frame.
>>
>> Just because Nixos hasn't been around that long doesn't mean it can't
>> have the primitives to allow for such feats. Its these primitives I'm
>> enquiring about.
>>
>> So let's use a new, less controversial figure of 5 9s and keep on topic.
>>
>> The thing is, we're designing this system so that its governed by nix
>> don't necessarily have to depend heavily on the runtime - I really don't
>> want to go down the imperative route, by introducing imperative language
>> concepts into our declarative language which is managed by another
>> declarative language (nix). Besides just bringing in a single component
>> with an OS Dependency demands we manage this change from nix level.
>>
>> We currently have a hack in place, that will resolve dependencies and
>> give us a path to load a correctly compiled shared object into memory:
>> https://github.com/fractalide/fractalide/blob/master/
>> components/nucleus/find/component/src/lib.rs#L43 nasty and cringe worthy
>> I know.
>>
>> Thanks for your pointer, I'll take a look at these activation scripts.
>>
>> Maybe this hack is the answer, and confine the dynamism to an ssh login
>> al a Erlang style...
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Convert sha1 from base64 into "normal" string

2016-10-12 Thread Tomasz Czyż
Interesting stuff, thanks for sharing.

2016-10-11 20:28 GMT+01:00 Игорь Пашев <pashev.i...@gmail.com>:

> You must be wondering why :-)
>
> https://github.com/zalora/nixsap/commit/592dee8bef92debede3724bf5ddbf8
> 249c30c488
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Custom libc

2016-10-12 Thread Tomasz Czyż
Nikita, how do you override the attributes?

Did you try packageOverrides like in example below?

{
 packageOverrides = pkgs: rec {
   # Make "xbmc" use the "python26" package,
   #   instead of NixPkgs default python version.
   xbmc = pkgs.xbmc.override {
 python = pkgs.python26;
   };
 };
   }

2016-10-12 22:16 GMT+01:00 Nikita Karetnikov <nik...@karetnikov.org>:

> How can I override glibc in nix-shell and use eglibc, for instance? Are
> there any examples? Do I need to override stdenv for that? Overriding the
> attributes of glibc (version and sha) directly doesn't seem to work. Could
> anyone provide an example?
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] recursiveUpdate for lists

2016-10-11 Thread Tomasz Czyż
Basically I created simple wrapper function to create systemd services.

The function produces something like

{
  my-service={
requires=["service1.service"];
  };
}

I want to customize it after with recursiveUpdate function, I want to merge
it with

{
  my-service={
requires=["some-other.service"]
  };
}

I tried to avoid module stuff as in that case if I understand correctly I
need to prepare my description of systemd service on top of standard nix
systemd config structures which is probably big waste.

What do you think?

2016-10-11 14:31 GMT+01:00 Игорь Пашев <pashev.i...@gmail.com>:

> Something like https://github.com/NixOS/nixpkgs/blob/master/lib/types.
> nix#L117 ?
>
> I don't know what you are dealing with, but probably you could
> delegate it to modules.
>
> 2016-10-11 16:00 GMT+03:00 Tomasz Czyż <tomasz.c...@gmail.com>:
> > Hi,
> >
> > I'm using recursiveUpdate to merge some attribute sets to construct
> > configurations.
> >
> > Does anyone know similar function but which also merges lists?
> > recursiveUpdate just overrides list from the lastest attribute instead of
> > merging (list it does for attributes).
> >
> > Tom
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] recursiveUpdate for lists

2016-10-11 Thread Tomasz Czyż
Hi,

I'm using recursiveUpdate to merge some attribute sets to construct
configurations.

Does anyone know similar function but which also merges lists?
recursiveUpdate just overrides list from the lastest attribute instead of
merging (list it does for attributes).

Tom
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] qutebrowser undefined symbol 16.09

2016-10-08 Thread Tomasz Czyż
It happen to me before, when I upgraded the system but not userlang
packages.
So try after upgrading your nixos upgrade you user packages with

nix-env --upgrade

2016-10-08 1:23 GMT+01:00 Stefan Huchler <stefan.huch...@mail.de>:

> Hi,
>
> I just upgraded again my acer chromebook 11 but qutebrowser since a week
> or so refuses to start.
>
> it throughs a symbol lookup error:
>
> http://ix.io/1u6r
>
> and exits afterwards. btw not really related to it I guess, maybe
> opening anothher seperate post about it, but I cant paste a copied
> string into qutebrowser on my main machine (using exwm), I guess I could
> test if the same issue happens when I use xfce.
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Environment variable $COQPATH not set

2016-10-04 Thread Tomasz Czyż
I don't think COQPATH will be set in your environment. What I understand
from it is: when you install interpreter, interpeter gets packages from
this variable and this variable will be set (it does not mean that it's
your local variable). On this level I assume it only means that your
interpreter/compiler will find the libraries.

2016-10-04 23:00 GMT+01:00 Tomasz Czyż <tomasz.c...@gmail.com>:

> Anders,
> how did you install it?
>
>
> 2016-10-04 22:51 GMT+01:00 Anders Lundstedt <and...@anderslundstedt.se>:
>
>> I have installed the packages coq and coqPackages.mathcomp. As I
>> understand the documentation at
>>
>> https://nixos.org/nixpkgs/manual/#sec-language-coq
>>
>> the $COQPATH variable should then be set to include the mathcomp
>> libraries. However the $COQPATH variable is not set. Is this a bug or
>> have I misunderstood something?
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
>
>
> --
> Tomasz Czyż
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Environment variable $COQPATH not set

2016-10-04 Thread Tomasz Czyż
Anders,
how did you install it?


2016-10-04 22:51 GMT+01:00 Anders Lundstedt <and...@anderslundstedt.se>:

> I have installed the packages coq and coqPackages.mathcomp. As I
> understand the documentation at
>
> https://nixos.org/nixpkgs/manual/#sec-language-coq
>
> the $COQPATH variable should then be set to include the mathcomp
> libraries. However the $COQPATH variable is not set. Is this a bug or
> have I misunderstood something?
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to use MySQL

2016-10-03 Thread Tomasz Czyż
By looking at errors you pasted I assume you are not using proper
configuration or default configuration is used when you don't provide any.
And by default probably paths are set to /var/lib which is writeable only
by root or system services.

To run mysql in userspace you need to adjust all those paths in your
configuration to point to directories accessible/writeable by user.

I'm not sure if this actually worth the effort.

You could try to run mysql using nixos-container, so you run mysql as
"service" but in container and you can start/stop the container whenever
you want (and it's easier to start because you can use system level
"service" inside).

2016-10-03 9:30 GMT+01:00 Tomasz Czyż <tomasz.c...@gmail.com>:

> Linus,
>
> by installing it with nix-env you install only the binary and all
> application execution is in user hands. By using "service" in
> configuration.nix you actually start a daemon (like /etc/init.d/mysql in
> ubuntu for instance).
>
> If you want to start it in user space you have to follow exactly the same
> steps as in other distros when you are not using /etc/init.d/ or upstart or
> whatever system level daemon manager.
>
> If you want to try to reproduce what "service" is doing in your userspace,
> you can check config of service and try to execture those commands in
> userspace:
>
> https://github.com/NixOS/nixpkgs/blob/master/nixos/
> modules/services/databases/mysql.nix
>
> So you can see, that configuration is generated first and then service is
> started with
>
> serviceConfig.ExecStart = "${mysql}/bin/mysqld
> --defaults-extra-file=${myCnf} ${mysqldOptions}";
>
>
> 2016-10-03 9:21 GMT+01:00 Linus Arver <linusar...@gmail.com>:
>
>> Hello all,
>>
>> I want to install and use MySQL on NixOS, but am not sure how to
>> proceed. I've managed to do
>>
>> nix-env -iA nixos.mysql55
>>
>> but trying to get it to run is difficult. Here is what I tried:
>>
>> [月 03 0:50:47] - l_k0 ~/prog/sqfmm/mysql
>>  > mysql
>> ERROR 2002 (HY000): Can't connect to local MySQL server through
>> socket '/run/mysqld/mysqld.sock' (2)
>> [月 03 0:50:53] 1 - l_k0 ~/prog/sqfmm/mysql
>>  > systemctl start mysqld
>>  AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
>> Authentication is required to start 'mysqld.service'.
>> Multiple identities can be used for authentication:
>>  1.  System administrator (root)
>>  2.  Linus Arver (l)
>> Choose identity to authenticate as (1-2): 2
>> Password:
>>  AUTHENTICATION COMPLETE ===
>> Failed to start mysqld.service: Unit mysqld.service not found.
>> [月 03 0:52:33] 5 - l_k0 ~/prog/sqfmm/mysql
>>  > systemctl start mysql
>>  AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
>> Authentication is required to start 'mysql.service'.
>> Multiple identities can be used for authentication:
>>  1.  System administrator (root)
>>  2.  Linus Arver (l)
>> Choose identity to authenticate as (1-2): 2
>> Password:
>>  AUTHENTICATION COMPLETE ===
>> Failed to start mysql.service: Unit mysql.service not found.
>> [月 03 0:52:57] 5 - l_k0 ~/prog/sqfmm/mysql
>>  > mysqld
>> 161003  0:53:16 [Note] mysqld (mysqld 5.5.50) starting as process
>> 12363 ...
>> 161003  0:53:16 [Warning] Can't create test file
>> /var/lib/mysql/k0.lower-test
>> 161003  0:53:16 [Warning] Can't create test file
>> /var/lib/mysql/k0.lower-test
>> mysqld: Can't change dir to '/var/lib/mysql/' (Errcode: 2)
>> 161003  0:53:16 [ERROR] Aborting
>>
>> 161003  0:53:16 [Note] mysqld: Shutdown complete
>>
>> [月 03 0:53:16] 1 - l_k0 ~/prog/sqfmm/mysql
>>  > mysqld_safe
>> 161003 00:54:16 mysqld_safe Logging to '/var/lib/mysql/k0.err'.
>> touch: cannot touch '/var/lib/mysql/k0.err': No such file or directory
>> chmod: cannot access '/var/lib/mysql/k0.err': No such file or
>> directory
>> mkdir: cannot create directory ‘/run/mysqld’: Permission denied
>> chown: invalid user: ‘mysql’
>> chmod: cannot access '/run/mysqld': No such file or directory
>> 161003 00:54:16 mysqld_safe Starting mysqld daemon with databases
>> from /var/lib/mysql
>> /home/l/.nix-profile/bin/mysqld_safe: line 128:
>> /var/lib/mysql/k0.err: No such file or directory
>> /home/l/.nix-profile/bin/mysqld_safe: line 165:
>> /var/lib/mysql/k0.err: No such file or directory
>> touch: cannot touch '/var/li

Re: [Nix-dev] How to use MySQL

2016-10-03 Thread Tomasz Czyż
figs but seeing a
> second-hand account of the entire process would be very helpful.
>
> Please forgive me if I have missed any obvious documentation.
>
> Best,
> Linus
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nix Logo license

2016-10-02 Thread Tomasz Czyż
I wrote to Tim as I would like to start doing some t-shirts, stickers etc
as well.
I would like to do this as a part of nix popularisation (which is part of
NixOS Dublin meetup).



2016-10-02 21:27 GMT+01:00 Graham Christensen <gra...@grahamc.com>:

> FWIW the nixos logo may be copy written and licensed, but as a logo is
> more of a trademark can be used more liberally.
>
> I wonder if this conversation is sparked out of me making stickers?
>
> On Sun, Oct 2, 2016 at 4:23 PM Tomasz Czyż <tomasz.c...@gmail.com> wrote:
>
>> Bumping the topic. Would be much much easier to use those kind of stuff
>> if the situation is completely clear.
>>
>> 2016-10-02 7:49 GMT+01:00 Tim Cuthbertson <t...@gfxmonk.net>:
>>
>> Hi all,
>>
>> Thomasz recently asked about the Nix logo license, and when I searched I
>> noticed there had been another question about this a few months ago on the
>> mailing list (which I missed).
>>
>> Apologies for not addressing this sooner, I agree that we should be
>> explicit about the logo license. I'm happy to go along with pretty much
>> whatever the nix project prefers (CC-BY has already been suggested), and if
>> there's some official nix project entity which could be credited, I'd be
>> happy to assign copyright there too (so you could just credit e.g. the nix
>> foundation, not me specifically).
>>
>> @edolstra: are you happy with a CC-BY license for the logo? I'm holding
>> off from _actually_ declaring it yet in case you'd prefer to restrict
>> derivatives or something, but if I don't hear back from you within a week
>> I'll assume that CC-BY is fine :). And if you are happy with CC-BY, could
>> you go ahead and declare that on the website / repo somewhere so we have it
>> in writing for anyone else that comes looking?
>>
>> Cheers,
>>  - Tim.
>>
>>
>>
>>
>> --
>> Tomasz Czyż
>>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nix Logo license

2016-10-02 Thread Tomasz Czyż
Bumping the topic. Would be much much easier to use those kind of stuff if
the situation is completely clear.

2016-10-02 7:49 GMT+01:00 Tim Cuthbertson <t...@gfxmonk.net>:

> Hi all,
>
> Thomasz recently asked about the Nix logo license, and when I searched I
> noticed there had been another question about this a few months ago on the
> mailing list (which I missed).
>
> Apologies for not addressing this sooner, I agree that we should be
> explicit about the logo license. I'm happy to go along with pretty much
> whatever the nix project prefers (CC-BY has already been suggested), and if
> there's some official nix project entity which could be credited, I'd be
> happy to assign copyright there too (so you could just credit e.g. the nix
> foundation, not me specifically).
>
> @edolstra: are you happy with a CC-BY license for the logo? I'm holding
> off from _actually_ declaring it yet in case you'd prefer to restrict
> derivatives or something, but if I don't hear back from you within a week
> I'll assume that CC-BY is fine :). And if you are happy with CC-BY, could
> you go ahead and declare that on the website / repo somewhere so we have it
> in writing for anyone else that comes looking?
>
> Cheers,
>  - Tim.
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] python2nix not working

2016-09-29 Thread Tomasz Czyż
I'm not sure if python2nix is maintainer,

but check this https://garbas.si/2016/pypi2nix-reborn.html

2016-09-29 20:49 GMT+01:00 Christoph-Simon Senjak <
christoph.sen...@googlemail.com>:

> Hi.
>
> I would like to have the package [1] (which has not been packaged yet,
> neither any other mediawiki-libraries for python, apparently) in a
> nix-shell.
>
> I tried to use python2nix, but I get the following error message:
>
>
> $ python2nix wptools
> Traceback (most recent call last):
>   File "/nix/store/alb0xq3d2rz5cvhsnycfqy6vvps7rf8i-python2nix-
> 20140927/bin/.python2nix-wrapped", line 8, in 
> from python2nix import main
>   File "/nix/store/alb0xq3d2rz5cvhsnycfqy6vvps7rf8i-python2nix-
> 20140927/lib/python2.7/site-packages/python2nix/__init__.py", line 5, in
> 
> from python2nix import pip_deps
>   File "/nix/store/alb0xq3d2rz5cvhsnycfqy6vvps7rf8i-python2nix-
> 20140927/lib/python2.7/site-packages/python2nix/pip_deps.py", line 15, in
> 
> from pip.log import logger
> ImportError: No module named log
>
> This appears to be some dependency problem, right? How can I fix this?
>
> Best Regards,
> Christoph-Simon Senjak
>
> [1]:https://github.com/siznax/wptools
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Can vim 8.0 be included in 16.09

2016-09-29 Thread Tomasz Czyż
Domen: I remember you were preparing some document/page about doing
releases.
Do you need help there?


2016-09-29 4:33 GMT+01:00 Wink Saville <w...@saville.com>:

> What is the criteria for inclusion in 16.09, any possibility we could
> include 16.09?
>
> -- Wink
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS UEFI+LUKS+LVM or UEFI+LUKS+ZFS

2016-09-27 Thread Tomasz Czyż
boot.initrd.luks.devices = [
>> {
>>   name = "luksroot";
>>   device = "/dev/sda3";
>>   preLVM = true;
>> }
>>   ];
>>
>>   networking.hostName = "nixos";
>>
>>   system.stateVersion = "16.03";
>> }
>>
>> When I rebooted after installation, it seems to hang after prompting for
>> the LUKS password. I have searched the mailing list archives and can't find
>> anything that indicates where it is going wrong.
>>
>> Does anyone have a configuration.nix that combines LUKS with LVM? Or with
>> ZFS? (Ultimately, I want to use ZFS. I am only using LVM to figure out
>> where the problem lies. Apparently the problem is related to LUKS.)
>>
>> Mark
>> --
>> Mark Gardner
>> --
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] docker import ignores dockerTools.buildImage config

2016-09-26 Thread Tomasz Czyż
Brian, thank you for explanation.

2016-09-26 11:13 GMT+01:00 Brian McKenna <br...@brianmckenna.org>:

> Yes, it's "docker load" instead of "docker import"
>
> The escaping thing is due to jshon trying to support generating JSON
> which can be inserted into a  tag. It adds a backslash so that
> it never generates the string ""
>
> On 26/09/2016, Michael Fellinger <m.fellin...@gmail.com> wrote:
> > Try using 'docker load -i' instead
> >
> > On Sun, Sep 25, 2016, 13:44 Tomasz Czyż <tomasz.c...@gmail.com> wrote:
> >
> >> Hi,
> >>
> >> I'm preparing docker image using dockerTools.buildImage with
> >>
> >>   x = pkgs.dockerTools.buildImage {name="myimage";·
> >>
> >> contents = [dumb-init ];
> >>
> >> config={
> >>
> >>   WorkingDir = "/";
> >>
> >> };
> >>
> >>  };
> >>
> >> After the image is ready I do
> >>
> >> docker import /nix/store/xx.tar.gz myimage
> >> and I have the image imported but
> >>
> >> docker inspect myimage
> >>
> >> "Config": {
> >> "Hostname": "",
> >> "Domainname": "",
> >> "User": "",
> >> "AttachStdin": false,
> >> "AttachStdout": false,
> >> "AttachStderr": false,
> >> "Tty": false,
> >> "OpenStdin": false,
> >> "StdinOnce": false,
> >> "Env": null,
> >> "Cmd": null,
> >> "Image": "",
> >> "Volumes": null,
> >> "WorkingDir": "",
> >> "Entrypoint": null,
> >> "OnBuild": null,
> >> "Labels": null
> >> },
> >>
> >> inside the tar file I have the config like:
> >>
> >> {
> >>  "architecture": "amd64",
> >>  "config": {
> >>   "WorkingDir": "\/"
> >>  },
> >>  "created": "1970-01-01T00:00:01Z",
> >>  "os": "linux",
> >>  "checksum":
> >> "tarsum.v1+sha256:41988742f842b9214b599674ccc7d3
> da9a0df5336276657cec1a9eabf1c297ef",
> >>  "id":
> >> "9edfe86ac62fc829c5a122778565e3af12ce720dd64ca6547c6664e671996c63",
> >>  "Size": 22067200
> >> }
> >>
> >> So as you can see, the json config is generated inside docker image, but
> >> docker does not import that settings. Also it looks like it's escaped
> but
> >> it should not be right?
> >>
> >> Does anyone knows how to do it properly or tell how I could fix it?
> >> ___
> >> nix-dev mailing list
> >> nix-dev@lists.science.uu.nl
> >> http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >>
> >
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Packaging up a prebuilt software that needs fonts

2016-09-26 Thread Tomasz Czyż
strace sounds good, strace -e open ./app


2016-09-26 10:24 GMT+01:00 Roger Qiu <roger@matrix.ai>:

> Hi,
>
> I'm trying to package up https://code-industry.net/masterpdfeditor/ for
> Linux. I've managed to use patchelf to set the interpreter and rpath.
>
> The application is now launching, and everything seems to work except text
> insertion. When I try it, it complains about fonts not being able to be
> loaded.
>
> Checking the settings shows that fonts are not being found at all, there's
> no list of fonts to choose from.
>
> What's the proper solution to debug this? Strace?
>
> Thanks,
>
> Roger
>
> --
> Founder of Matrix AI
> https://matrix.ai/
> +61420925975
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] docker import ignores dockerTools.buildImage config

2016-09-25 Thread Tomasz Czyż
Hi,

I'm preparing docker image using dockerTools.buildImage with

  x = pkgs.dockerTools.buildImage {name="myimage";·

contents = [dumb-init ];

config={

  WorkingDir = "/";

};

 };

After the image is ready I do

docker import /nix/store/xx.tar.gz myimage
and I have the image imported but

docker inspect myimage

"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},

inside the tar file I have the config like:

{
 "architecture": "amd64",
 "config": {
  "WorkingDir": "\/"
 },
 "created": "1970-01-01T00:00:01Z",
 "os": "linux",
 "checksum":
"tarsum.v1+sha256:41988742f842b9214b599674ccc7d3da9a0df5336276657cec1a9eabf1c297ef",
 "id": "9edfe86ac62fc829c5a122778565e3af12ce720dd64ca6547c6664e671996c63",
 "Size": 22067200
}

So as you can see, the json config is generated inside docker image, but
docker does not import that settings. Also it looks like it's escaped but
it should not be right?

Does anyone knows how to do it properly or tell how I could fix it?
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Internet Issue

2016-09-23 Thread Tomasz Czyż
whireshark is your friend

2016-09-23 16:46 GMT+01:00 Taeer Bar-Yam <tb...@cornell.edu>:

> It *seems* as though my computer is breaking the internet for other
> people. Sometimes at home the internet cuts out (not the wifi, that still
> connects; but webpages do not load on anyone's computers). This also
> happens at my friend's house, but not the on-campus wifi network. It
> appears to only happen when I am there and try to connect to the internet,
> but it doesn't always happen when I try to connect to the internet.
>
> Is it possible that my computer is responsible? What would be causing that?
>
> I am using NixOS 16.03 stable and my internet setup is:
> ```
> networking.hostName = "rebel";
> networking.networkmanager.enable = true;
> ```
> and I'm using ```nmtui connect``` to connect to the wifi network
>
> let me know if there's any other relevant information I should send.
>
>  --Taeer
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Including SSL certificates with NixOS configuration

2016-09-12 Thread Tomasz Czyż
Wilhelm,

all files written by nix (or maybe almost all) end up in /nix/store and are
world-readable, not the best way to keep secrets.

You have to deploy secrets manually or you could use NixOps (and
deployment.keys) to deploy server with NixOS and deploy keys/secrets.

2016-09-12 22:54 GMT+01:00 Wilhelm Schuster <w...@wilhelm.re>:

> Hi,
>
> I’m quite new to Nix/NixOS; coming from Archlinux I like being able to
> configure my system in a declarative manner. I tried setting up a small web
> server using nginx and I hit an interesting challenge:
>
> How would be the a good way to include SSL certificates with the NixOS
> configuration. I’d like to have all my system configuration inside a couple
> of nix expressions to easily be able to move between different systems. I
> figured I’d have a separate .nix file which includes all certificates,
> dhparams, etc. as strings (PEM) which I import into my main
> configuration.nix. I found builtins.toFile for writing a certificate file
> from a string, but there doesn’t seem a way to set permissions, which would
> be important for private certificates (chmod 400).
>
> How would you solve this? Is this even the right approach?
>
> Thanks and cheers, Wilhelm Schuster.
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOps usage survey.

2016-09-12 Thread Tomasz Czyż
Using pinned commit++, CI checks if upgrade is ok.

2016-09-12 10:05 GMT+01:00 Tobias Pflug <tobias.pf...@gmx.net>:

> If I may just jump in with a question: What I feel uneasy about is to just
> use some channel. Is that what everyone does? I usually pinpoint a specific
> commit so that i know that my deployments are actually deterministic about
> what nixpkgs set is being used.
>
> Am I just being paranoid/impractical? Maybe it is even an anti-pattern
> since I obviously have to manually update then.
>
> Thanks in advance for any input :)
>
> -Tobi
>
> Sent from my iPhone
>
> > On 06 Sep 2016, at 15:06, Игорь Пашев <pashev.i...@gmail.com> wrote:
> >
> > I'm using NixOps in production, EC2, Hetzner, VBox with no issues.
> >
> > Of course, commit NixOps state (JSON) in git with git-crypt. And this
> > wrapper for NixOps:
> >
> > #!/usr/bin/env bash
> >
> > set -euo pipefail
> >
> > NIXPKGS=https://github.com/NixOS/nixpkgs-channels/
> archive/nixos-15.09.tar.gz
> > NIXOPS=${NIXOPS:-nixops}
> > export NIX_PATH=nixpkgs="$NIXPKGS":.
> >
> > usage () {
> > cat < > Usage: $0   [nixops options]
> > Examples:
> >  $0 deploy realms/vbox.nix
> >  $0 info realms/vbox.nix
> >  $0 deploy realms/dumpoo.nix --build-only
> >  $0 destroy realms/cats.nix --include slothcat
> > USAGE
> > }
> >
> > fatal () {
> >  echo '** ERROR:' "$@" >&2
> >  usage >&2
> >  exit 1
> > }
> >
> > if [ $# -lt 2 ]; then
> >  fatal "missing agruments."
> > fi
> >
> > CMD="$1"; shift
> > REALM_NIX="$1"; shift
> >
> > case "$REALM_NIX" in
> >  *realms/*.nix) REALM=$(basename "$REALM_NIX" .nix);;
> >  *) fatal "invalid realm spec: $REALM_NIX";;
> > esac
> >
> > cd "$(dirname "$0")"
> >
> > state="secrets/nixops-${REALM}.json"
> > db=$(mktemp -u "secrets/tmp.${REALM}.XX.nixops")
> >
> > trap 'save' EXIT
> >
> > save() {
> >  if [ -f "$db" ]; then
> >"$NIXOPS" export -s "${db}" > "${state}.tmp"
> >mv "${state}.tmp" "${state}"
> >rm -f "$db"*
> >  fi
> > }
> >
> > create() {
> >  "$NIXOPS" create -s "$db" -d "$REALM" ""
> > }
> >
> > case "$CMD" in
> >  create)
> >[ ! -f "$state" ] || fatal "\`$state' already exists."
> >create
> >;;
> >  *)
> >[ -f "$state" ] || fatal "\`$state' does not exists."
> >"$NIXOPS" import -s "${db}" < "$state"
> >"$NIXOPS" "$CMD" -s "$db" -d "$REALM" "$@"
> >;;
> > esac
> >
> >
> >
> > And makefile for development with vbox;
> >
> > REALM = cats
> > override STATE = secrets/nixops-vbox-$(REALM).json
> >
> > build: $(STATE)
> >./let deploy realms/vbox-$(REALM).nix --build-only
> >
> > destroy:
> >./let $@ realms/vbox-$(REALM).nix --confirm
> >
> > info deploy check send-keys start stop reboot: $(STATE)
> >./let $@ realms/vbox-$(REALM).nix
> >
> > $(STATE):
> >./let create realms/vbox-$(REALM).nix
> >
> > 2016-09-05 19:01 GMT+03:00 Aloïs Cochard <alois.coch...@gmail.com>:
> >> Hi all,
> >>
> >> We are experimenting with NixOps and we are having great success. We do
> plan
> >> to use it for our development infrastructure, and it seems to be very
> >> promising.
> >>
> >> In the light of applying the same technology on our production stack,
> I'm
> >> curious to know how NixOps is used "for real"? Do you use it in
> production?
> >>
> >> Do you have some success story to share?
> >>
> >> Would love to know more about how it is used, the size of clusters, ...
> >>
> >> Thanks in advance!
> >>
> >> --
> >> Λ\oïs
> >> http://twitter.com/aloiscochard
> >> http://github.com/aloiscochard
> >>
> >> ___
> >> nix-dev mailing list
> >> nix-dev@lists.science.uu.nl
> >> http://lists.science.uu.nl/mailman/listinfo/nix-dev
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] 16.09 beta released

2016-09-12 Thread Tomasz Czyż
Domen,

so far, everything is working for me.

Would be nice to add news on nixos.org page (last news is about nixops 1.4
release, and previous about nixos 16.03)

2016-09-12 9:28 GMT+01:00 Domen Kožar <do...@dev.si>:

> This release is pretty quiet so far.
>
> I wonder if that means most of things work or do we need a more broader
> call of more testing?
>
> Please report back your findings - thanks!
>
> On Tue, Sep 6, 2016 at 10:51 PM, zimbatm <zimb...@zimbatm.com> wrote:
>
>> Thanks for coordinating the release Domen!
>>
>> On Tue, 6 Sep 2016, 21:17 Tomasz Czyż, <tomasz.c...@gmail.com> wrote:
>>
>>> Cheers!
>>>
>>> 2016-09-06 21:02 GMT+01:00 Domen Kožar <do...@dev.si>:
>>>
>>>> Hi all,
>>>>
>>>> I'd like to announce NixOS 16.09 beta in the name of community.
>>>>
>>>> This release will bring two major changes:
>>>>
>>>> - multiple outputs, reducing runtime closure size (sometimes even by
>>>> half)
>>>> - security hardening flags
>>>>
>>>> Please upgrade channels as usual and test:
>>>>
>>>> $ nix-channel --add https://nixos.org/channels/nixos-16.09 nixos
>>>> $ nixos-rebuild switch --upgrade
>>>>
>>>> I'd like to point out two serious bugs that you might hit:
>>>>
>>>> - dbus will fail to reload, see https://github.com/NixOS/n
>>>> ixpkgs/issues/18358
>>>> - make sure /var/empty doesn't have write permissions set otherwise
>>>> sshd won't start, see https://github.com/NixOS/nixpkgs/pull/18365
>>>>
>>>> If you'd like to help out, test and check the github bug tracker under
>>>> 16.09 milestone.
>>>>
>>>> As usual, we're working on getting build failures down:
>>>> https://github.com/NixOS/nixpkgs/issues/18209
>>>>
>>>> Final is set to be release on 29th September.
>>>>
>>>> I've also finally put together a PR that documents the release process,
>>>> any feeback is welcome (it's still far from perfect):
>>>> https://github.com/NixOS/nixpkgs/pull/18062
>>>>
>>>> PS: 16.09-small channel will be also created once container tests are
>>>> fixed
>>>>
>>>> Domen
>>>>
>>>> ___
>>>> nix-dev mailing list
>>>> nix-dev@lists.science.uu.nl
>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>
>>>>
>>>
>>>
>>> --
>>> Tomasz Czyż
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOps usage survey.

2016-09-07 Thread Tomasz Czyż
obadz: nixops has backend to deploy to hetzner.

2016-09-07 15:39 GMT+01:00 obadz <obadz-...@obadz.com>:

> On Wed, Sep 7, 2016 at 11:36 AM, Игорь Пашев <pashev.i...@gmail.com>
> wrote:
>
>> The other day I moved one of the machines from EC2 to Hetzner... in the
>> blink of an eye :-)
>>
>
> Out of curiosity, how do you install NixOS on the Hetzner machines?
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] nix modules: Unsetting attrsOf options?

2016-09-07 Thread Tomasz Czyż
filterAttrs is going through all of them I think, but try removeAttrs (or
something similar).

I'm not sure, but probably you want to remove those before importing (or
rather before evaluation), right?

so probably you need to do something like

module = import ./my-module;
module` = removeAttrs.

imports = [ module` ];

but I've not tried this, just my guess.

2016-09-07 11:12 GMT+01:00 Rickard Nilsson <rickard.nils...@telia.com>:

> On 09/07/2016 11:54 AM, 4levels wrote:
>
>> Hi Rickard,
>>
>> All I can think of currently is that you could create a new config
>> variable using filterAttrs to keep only the information you need.
>> Not sure if this solves your question though as I'm not aware if you can
>> use another variable in your scenario.
>>
>
> Using filterAttrs like this would introduce an infinite recursion, I think:
>
> config = {
>   myattrs = filterAttrs (k: _: k != "a") config.myattrs;
> }
>
> But maybe that wasn't what you had in mind.
>
> For the issue that spurred this question I have now added an "enable"
> option for the attributes, see: https://github.com/NixOS/nixpk
> gs/pull/18391
>
> However, that is not a general solution to this problem, so any further
> hints are welcome.
>
>   / Rickard
>
>
> Kind regards,
>>
>> Erik
>>
>> On Wed, Sep 7, 2016 at 12:35 AM Rickard Nilsson
>> <rickard.nils...@telia.com <mailto:rickard.nils...@telia.com>> wrote:
>>
>> Is it possible to unset an attrsOf option? Say I import a module that
>> looks like this:
>>
>> options = {
>>myattrs = mkOption {
>>  type = types.attrsOf ...
>>  default = {};
>>};
>> }
>>
>> config = {
>>myattrs = {
>>  a = ...
>>  b = ...
>>};
>> };
>>
>> And then I want to remove the "a" attribute in the importing config:
>>
>> config = {
>>myattrs.a = mkForce ...
>> }
>>
>> Is that possible in any way?
>>
>>
>>/ Rickard
>> _______
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl <mailto:nix-dev@lists.science.uu.nl>
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] 16.09 beta released

2016-09-06 Thread Tomasz Czyż
Cheers!

2016-09-06 21:02 GMT+01:00 Domen Kožar <do...@dev.si>:

> Hi all,
>
> I'd like to announce NixOS 16.09 beta in the name of community.
>
> This release will bring two major changes:
>
> - multiple outputs, reducing runtime closure size (sometimes even by half)
> - security hardening flags
>
> Please upgrade channels as usual and test:
>
> $ nix-channel --add https://nixos.org/channels/nixos-16.09 nixos
> $ nixos-rebuild switch --upgrade
>
> I'd like to point out two serious bugs that you might hit:
>
> - dbus will fail to reload, see https://github.com/NixOS/
> nixpkgs/issues/18358
> - make sure /var/empty doesn't have write permissions set otherwise sshd
> won't start, see https://github.com/NixOS/nixpkgs/pull/18365
>
> If you'd like to help out, test and check the github bug tracker under
> 16.09 milestone.
>
> As usual, we're working on getting build failures down:
> https://github.com/NixOS/nixpkgs/issues/18209
>
> Final is set to be release on 29th September.
>
> I've also finally put together a PR that documents the release process,
> any feeback is welcome (it's still far from perfect):
> https://github.com/NixOS/nixpkgs/pull/18062
>
> PS: 16.09-small channel will be also created once container tests are fixed
>
> Domen
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Better support for channels in nixos

2016-09-01 Thread Tomasz Czyż
2016-09-01 20:23 GMT+01:00 Matthew O'Gorman <m...@rldn.net>:

> Domen Kožar <do...@dev.si> writes:
>
> > We can (and do) backport new services to stable releases.
>
>   Not trying to argue, but the example I gave still stands? The service
>   was not back ported.
> >
> > For "Another example would be I am developing a service that I want to
> test
> > on my system" I don't really understand what you're trying to say.
> >
>   The other example, say I ported an application to nixos, like huginn,
>   and I want to test it on my system easily.
>
you can do this with nix-build, you don't need all channel to install one
package.

>
>   A third example would be a package that moves ridiculously quickly,
>   like gitlab, stable is on 8.5, unstable is on 8.10, the current
>   release is 8.11.

 You can create your package set on top of nixpkgs and you can upgrade
versions by yourself and still have all the packages from the original
nixpkgs, no problem with that.

my-packages = (import  {}) // {upgraded-gitlab = mkDerivation
..}

or probably better to use packageOverrides

>


>   I think it would be easier to maintain a system if I could have point
>   to multiple places for channels, and then in the install specifically
>   describe which provider I want to use.
>
if I understand this correctly, whole point of nix is to reduce source and
have as few source of truth as possible (IMHO).

>
> --
> Matthew O'Gorman
> BM-NBUmia4p88Jny5bZbRGcMt64SWWp5WVv
> TorChat: 5w3dtk7nhkkijcpc
> Site: https://b.rldn.net
> Xim/Email: m...@rldn.net
> mog@rldn:~$ fortune wisdom -s|cowsay -f /dev/null
>  ___
> < Life exists for no known purpose. >
>  ---
>
> _______
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] GHC "unable to decommit memory"

2016-08-31 Thread Tomasz Czyż
Thomas,

thank you for explaining this! I saw this message but had no time to debug
it yet. Cheers!

2016-08-31 23:58 GMT+01:00 Thomas Tuegel <ttue...@gmail.com>:

> Hello nix-dev!
>
> If you're a Haskell user and run NixOS unstable or newer, by now you
> have probably seen the message:
>
> "unable to decommit memory: Invalid argument"
>
> coming from GHC-built programs. The short version is, you need the
> latest Linux kernel; try with
>
>   boot.kernelPackages = pkgs.linuxPackages_latest;
>
> in your configuration.nix.
>
> The long version of the story [1] is that Linux 4.5 added a feature
> present in other Unixy systems for some time (MADV_FREE). The NixOS
> default glibc is currently newer than that, so it advertises MADV_FREE
> and GHC will use it. But, the default kernel in NixOS is Linux 4.4 at
> the moment, where the MADV_FREE isn't supported.
>
> Hope this helps,
> Thomas
>
> [1]. https://ghc.haskell.org/trac/ghc/ticket/12495
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Generating nixos-compatible binaries? And bootstrapped packages.

2016-08-24 Thread Tomasz Czyż
Personaly, I was a little tired with repatching 3rd party binaries and I
linked ld-linux-x86-64.so to /lib and /usr/lib (where most apps looks for
this).

One time I even linked /usr/lib and /lib directly to
/run/current-profile/sw/lib and even have got working some non static
binaries :-) (but that's evil, don't do that :-))

2016-08-24 20:24 GMT+01:00 Vladimír Čunát <vcu...@gmail.com>:

> On 08/24/2016 05:51 PM, Nick Sabalausky wrote:
> > Also, kind of related: When a package does depend on an older version of
> > itself in order to be built from source, what is the nix way of going
> > about that?
> >
> > Ie: Suppose building package foobar v3.0 depends on foobar v2.0, and
> > building foobar 2.0 depends on foobar v1.0.
> >
> > Would there be separate packages "foobar1, foobar2, and foobar3" with
> > foobar3 set to depend on foobar2, etc? But then wouldn't that lead to a
> > conflict when trying to build/install foobar v3.0 while foobar v2.0 is
> > already installed (since it needed to be installed in order to build
> v3.0)?
> >
> > Or would the nix expression for foobar v3.0 not *formally* depend on the
> > older packages and just simply *internally* download/build v1, then v2,
> > then v3? But then down the road, wouldn't that eventually severely bloat
> > build times for the latest versions?
>
> We do have some packages that require a binary version to bootstrap
> itself - often compilers, e.g. gcc, ghc, etc. The dependency would be
> build-time only, so most people get the final binary directly from Hydra
> and never see the older one.
>
> Conflicts: you have to realize that building a package doesn't normally
> put it into any visible/conflictable place - it's just a path in
> /nix/store/something. If the user *explicitly* asked to put multiple
> versions into a single environment (via nix-env -i or systemPackages),
> there would be a conflicting bin/foo most likely, but people typically
> don't need that...
>
> --Vladimir
>
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to install specific version of a package?

2016-08-11 Thread Tomasz Czyż
Nick,

I think the concept here is that:
- in nixpkgs there are only latest versions (in few cases more) of the
software, because it's hard to maintain huge set of packages with such a
small community (comparing to debian, redhat or other distros)
- nix is created to extend in mind, I find it lot lot easier to add
packages than in other distros, as well as integrating them to the system.
So for your specific use cases you can very easily create packages you
need, or if you need specific version of a package you can just refer to
older nix expression in nixpkgs and copy paste the file or refer to it
using fetchgit or other nix method. I personally treat nixpkgs as a base
for my specific use cases rather than something that should have everything
I need.

2016-08-11 20:38 GMT+01:00 Kevin Cox <kevin...@kevincox.ca>:

> If you know the path of the package the easiest way is `nix-env -i
> /nix/store/...`.
>
> For installing a package by previous version number I don't think there
> is an easy way to do it. (Except for some packages were different
> versions are available in nixpkgs). This is partially because "version"
> in nix includes all the versions of dependencies and build instructions.
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Passing credentials in NIX_PATH

2016-08-11 Thread Tomasz Czyż
I figure out, that if I use:

toString 

result is persistant and resolves to a path given not to nix store content
in both cases.

2016-08-11 14:36 GMT+01:00 Tomasz Czyż <tomasz.c...@gmail.com>:

> Hi,
>
> I wanted to use fetchgitPrivate, but instead of using agent, I thought I
> can pass ssh-key-path as nix path.
>
> I'm using it like
>
> { ssh-key-path ?  }:
> {
>   ...
> ssh -i ${ssh-key-path}
>  ...
> }
>
> I build with: ``nix-build my.nix -I ssh-key-path=/home/my/.ssh/key`` (key
> group is changed to nixbld so nix builder can access it).
>
> This is working fine on nixos (16.09). ssh-key-path is resolved to
> /home/my/.ssh/key as expected.
>
> But when I run this on ubuntu with nix installed in userland (no nix
> daemon) when I run build command I've got error that permissions to key are
> too wide. What happened is, the content of the file was copied to nix
> store, I wouldn't expect that. I new that attributes or derivations can end
> up written in nix store, but why the file which variable is pointing to
> ended up in nix store?
>
> I'm obviously missing something, anybody could point me to some
> explanation?
>
> Tom
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Passing credentials in NIX_PATH

2016-08-11 Thread Tomasz Czyż
Hi,

I wanted to use fetchgitPrivate, but instead of using agent, I thought I
can pass ssh-key-path as nix path.

I'm using it like

{ ssh-key-path ?  }:
{
  ...
ssh -i ${ssh-key-path}
 ...
}

I build with: ``nix-build my.nix -I ssh-key-path=/home/my/.ssh/key`` (key
group is changed to nixbld so nix builder can access it).

This is working fine on nixos (16.09). ssh-key-path is resolved to
/home/my/.ssh/key as expected.

But when I run this on ubuntu with nix installed in userland (no nix
daemon) when I run build command I've got error that permissions to key are
too wide. What happened is, the content of the file was copied to nix
store, I wouldn't expect that. I new that attributes or derivations can end
up written in nix store, but why the file which variable is pointing to
ended up in nix store?

I'm obviously missing something, anybody could point me to some
explanation?

Tom
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] using qemu virtual machine for testing software

2016-08-11 Thread Tomasz Czyż
Sure, if I make anything useful I'll go back.

2016-08-11 11:46 GMT+01:00 Domen Kožar <do...@dev.si>:

> I don't have a plan to contribute upstream, because I never had enough
> time to make it robust.
>
> As you mentioned, there would need to be logic to use different tap
> interface
> for each VM set. I think it would be easier to add tap0 only if
> exposeNetwork was set to true somewhere
> and it would default to false.
>
> Feel free to contribute that :)
>
> On Thu, Aug 11, 2016 at 12:43 PM, Tomasz Czyż <tomasz.c...@gmail.com>
> wrote:
>
>> Doman, thank you very much, it's very useful.
>>
>> Do you plan to add this patch to repo? (and create separate tap for every
>> vm in test network? (same as ip addresses are generated in test networks)?
>>
>> 2016-08-11 10:54 GMT+01:00 Domen Kožar <do...@dev.si>:
>>
>>> See https://github.com/NixOS/nixpkgs/issues/5241#issuecomment-172811419
>>>
>>> On Thu, Aug 11, 2016 at 9:01 AM, Alexey Lebedeff <bina...@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm not sure that it is the same problem, but have you tried setting
>>>>
>>>> networking.firewall.checkReversePath = false;
>>>>
>>>> as described in https://github.com/NixOS/nixpkgs/issues/10101 ?
>>>>
>>>> Best,
>>>> Alexey
>>>>
>>>>
>>>> On Thu, Aug 11, 2016 at 1:14 AM, Tomasz Czyż <tomasz.c...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Tomas,
>>>>>
>>>>> yeah, I've been there :-)
>>>>> I have a problem with TCP connection not with starting the machine.
>>>>>
>>>>> Basically, if you use VirtualBox it giving you kind of local
>>>>> networking for free, same as docker default setup. I was wondering if it's
>>>>> possible to have the same with qemu without setting up the bridge, ips etc
>>>>> by my own, but after some digging I don't think it's possible.
>>>>>
>>>>> I end up with port forwarding from qemu to localhost by adding params
>>>>> to qemu in nix machine expression.
>>>>>
>>>>> 2016-08-10 10:33 GMT+01:00 Tomas Hlavaty <
>>>>> tomas.hlav...@knowledgetools.de>:
>>>>>
>>>>>> Hi Tomasz,
>>>>>>
>>>>>> Tomasz Czyż <tomasz.c...@gmail.com> writes:
>>>>>> > I made this working/building the vm, but I still don't know how to
>>>>>> > connect to it. Any idea?
>>>>>>
>>>>>> when you build the VM, it will create a symlink called something like
>>>>>> result.  Inside there is a program to launch the VM inside qemu.  You
>>>>>> can simply run that command and it will open a window with the qemu
>>>>>> VM.
>>>>>>
>>>>>> Tomas
>>>>>> ___
>>>>>> nix-dev mailing list
>>>>>> nix-dev@lists.science.uu.nl
>>>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Tomasz Czyż
>>>>>
>>>>> ___
>>>>> nix-dev mailing list
>>>>> nix-dev@lists.science.uu.nl
>>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>>
>>>>>
>>>>
>>>> ___
>>>> nix-dev mailing list
>>>> nix-dev@lists.science.uu.nl
>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>
>>>>
>>>
>>
>>
>> --
>> Tomasz Czyż
>>
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] using qemu virtual machine for testing software

2016-08-11 Thread Tomasz Czyż
Doman, thank you very much, it's very useful.

Do you plan to add this patch to repo? (and create separate tap for every
vm in test network? (same as ip addresses are generated in test networks)?

2016-08-11 10:54 GMT+01:00 Domen Kožar <do...@dev.si>:

> See https://github.com/NixOS/nixpkgs/issues/5241#issuecomment-172811419
>
> On Thu, Aug 11, 2016 at 9:01 AM, Alexey Lebedeff <bina...@gmail.com>
> wrote:
>
>> Hi,
>>
>> I'm not sure that it is the same problem, but have you tried setting
>>
>> networking.firewall.checkReversePath = false;
>>
>> as described in https://github.com/NixOS/nixpkgs/issues/10101 ?
>>
>> Best,
>> Alexey
>>
>>
>> On Thu, Aug 11, 2016 at 1:14 AM, Tomasz Czyż <tomasz.c...@gmail.com>
>> wrote:
>>
>>> Hi Tomas,
>>>
>>> yeah, I've been there :-)
>>> I have a problem with TCP connection not with starting the machine.
>>>
>>> Basically, if you use VirtualBox it giving you kind of local networking
>>> for free, same as docker default setup. I was wondering if it's possible to
>>> have the same with qemu without setting up the bridge, ips etc by my own,
>>> but after some digging I don't think it's possible.
>>>
>>> I end up with port forwarding from qemu to localhost by adding params to
>>> qemu in nix machine expression.
>>>
>>> 2016-08-10 10:33 GMT+01:00 Tomas Hlavaty <tomas.hlavaty@knowledgetools.
>>> de>:
>>>
>>>> Hi Tomasz,
>>>>
>>>> Tomasz Czyż <tomasz.c...@gmail.com> writes:
>>>> > I made this working/building the vm, but I still don't know how to
>>>> > connect to it. Any idea?
>>>>
>>>> when you build the VM, it will create a symlink called something like
>>>> result.  Inside there is a program to launch the VM inside qemu.  You
>>>> can simply run that command and it will open a window with the qemu VM.
>>>>
>>>> Tomas
>>>> ___
>>>> nix-dev mailing list
>>>> nix-dev@lists.science.uu.nl
>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>
>>>
>>>
>>>
>>> --
>>> Tomasz Czyż
>>>
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>>
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] using qemu virtual machine for testing software

2016-08-10 Thread Tomasz Czyż
Hi Tomas,

yeah, I've been there :-)
I have a problem with TCP connection not with starting the machine.

Basically, if you use VirtualBox it giving you kind of local networking for
free, same as docker default setup. I was wondering if it's possible to
have the same with qemu without setting up the bridge, ips etc by my own,
but after some digging I don't think it's possible.

I end up with port forwarding from qemu to localhost by adding params to
qemu in nix machine expression.

2016-08-10 10:33 GMT+01:00 Tomas Hlavaty <tomas.hlav...@knowledgetools.de>:

> Hi Tomasz,
>
> Tomasz Czyż <tomasz.c...@gmail.com> writes:
> > I made this working/building the vm, but I still don't know how to
> > connect to it. Any idea?
>
> when you build the VM, it will create a symlink called something like
> result.  Inside there is a program to launch the VM inside qemu.  You
> can simply run that command and it will open a window with the qemu VM.
>
> Tomas
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nix GUI? / make Nix more beginner-friendly

2016-08-04 Thread Tomasz Czyż
Roland,

check: nix-env -iA nixos.nixui

2016-08-04 14:21 GMT+01:00 Roland Koebler <rk-l...@simple-is-better.org>:

> Hi,
>
> I really like the concept of Nix, but I think the commandline-tools
> are not very beginner-friendly and not very intuitive for non-Nix-users.
>
> Most distributions offer a GUI for package management, but I haven't
> found one for Nix, although nox looks like a step in the right direction.
> But the simplest way to search for a package is still
> https://nixos.org/nixos/packages.html
>
> So, I'm thinking of writing a GUI for Nix for managing packages in
> Python3 + GTK+3. But to prevent duplicate work: Is there already
> such a GUI, or is someone already working on it?
>
>
> regards,
> Roland
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to access makeTest function from nixpkgs/nixos/lib/testing.nix?

2016-08-02 Thread Tomasz Czyż
I'm just adding solution I was looking for and finally found:

(import "${toString my-nixpkgs.path}/nixos/lib/testing.nix")

that's how you get the path from custom nixpkgs.

2016-06-23 1:43 GMT+01:00 Tomasz Czyż <tomasz.c...@gmail.com>:

>
>
> 2016-06-23 1:39 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:
>
>> Cool.
>>
>> For development environments, it is recommended to use the nix-shell
>> program.
>>
> +1, I'm constantly forgetting about it.
>
>> A good example is nixops (nixos/nixops on github).
>>
>> PS, I've added the list again.
>>
> Cheers :-)
>
> Tom
>
>> Op 23 jun. 2016 02:34 schreef "Tomasz Czyż" <tomasz.c...@gmail.com>:
>>
>> Maarten,
>>>
>>> thank you for showing this, I definitely omitted this part, now I see
>>> how you set NIX_PATH in test.sh.
>>>
>>> I think this approach is fine, and I'll use that solution if I won't
>>> figure out better way.
>>>
>>> I have tree like that:
>>> ./nixpkgs.nix  # this stuff is importing specific nixpkgs commit
>>> ./app1
>>> ./app2
>>> ./app3
>>> ./tests
>>>
>>> each app is importing "../nixpkgs.nix" separately and tests are
>>> importing it as well so all separately are using same nix version
>>> "internally".
>>>
>>> By avoiding wrapper I can go to every directory and run nix-build and it
>>> will work and app will be bound to specific nixpkgs version.
>>>
>>> Another solution would be, as you pointed, setting -I / NIX_PATH, but
>>> this is another manual step that needs to be done. You have to add this to
>>> .profile (but this is not project specific :[) or you have to set this in
>>> every terminal you are working in, or figure out other way to set up this.
>>> I'll go this route if I have no other options.
>>>
>>> Right now with small workaround I described in previous post all stuff
>>> is working without any other setup.
>>>
>>> 1. Clone the repo
>>> 2. nix-build in every directory you want
>>>
>>> 2016-06-23 1:23 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:
>>>
>>>> You could set the nixpkgs path with the -I option, or as I do, with a
>>>> shell variable.
>>>> Point it to your fork of nixpkgs, and you're done.
>>>>
>>>> Alternatively, there is some overridePackage(s?) function that might
>>>> interest you. (I myself should look at in detail as well ;))
>>>> Op 23 jun. 2016 02:19 schreef "Tomasz Czyż" <tomasz.c...@gmail.com>:
>>>>
>>>> Maarten,
>>>>>
>>>>> thank you for sharing your work.
>>>>>
>>>>> I think you are using approach with "import " and not
>>>>> overriden pkgs inside testing config/machine - which I prefer to avoid,
>>>>> because I want to have bound nixpkgs version, I don't want to use "system"
>>>>> version. (maybe I'm missing some piece, in that case please point it out).
>>>>>
>>>>> In the meantime I found, that I can pass/override pinned pkgs inside
>>>>> config/machine description with a little trick.
>>>>>
>>>>>   import  ({
>>>>> machine = {config,pkgs,...}: {
>>>>>   _module.args.pkgs = my-nixpkgs;  # this trick overrides pkgs
>>>>> argument for all modules
>>>>>   imports = [
>>>>>   ... my modules...
>>>>>   ];
>>>>>
>>>>> };
>>>>> testScript=''
>>>>> ...
>>>>> '';
>>>>>   })
>>>>>
>>>>>
>>>>> I would prefer to not use this method as probably "pkgs" argument can
>>>>> "leak" in some places (the other version of nixpkgs can be used and I will
>>>>> not detect this easily). But that's the best I have so far.
>>>>>
>>>>>
>>>>>
>>>>> 2016-06-23 1:10 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:
>>>>>
>>>>>> Hi Tomasz,
>>>>>>
>>>>>> Some weeks ago, I looked into this to run zfs integration tests for a
>>>>>> rust binding to libzfs.
>>>>>>
>>>>>> The GitHub repository [1] is set up to run a qemu vm on Travis, so
>>&

Re: [Nix-dev] Too many open issues

2016-07-25 Thread Tomasz Czyż
Profpatsch, nice job, thanks.

2016-07-25 12:41 GMT+01:00 Profpatsch <m...@profpatsch.de>:

> On 16-07-24 03:12pm, Arnold Krille wrote:
> > FULL ACK!
> >
> > I couldn't said it any better.
> >
> > And please never, ever think about closing users contribution without
> > looking at them at least once by a human!
>
> +1
>
> Having done a lot of triaging these past days there were (estimated)
>
> 30% issues that had been solved and forgotten
> 30% issues that still need to be solved
> 20% issues that were not relevant anymore
> 10% issues where reminding lead to instant PRs
> 10% systemic issues
>
> Apart of the first 30% I think auto-closing would do
> more harm than good.
> For a lot of stuff a simple reminder after ~6 months can do wonders,
> simply because people learned new things in the meantime and can
> use them to solve the problem.
>
>
> --
> Proudly written in Mutt with Vim on NixOS.
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
> May take up to five days to read your message. If it’s urgent, call me.
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Too many open issues

2016-07-22 Thread Tomasz Czyż
ive issues from CURRENT-2 releases ago), but
>>>>>> 14 days is
>>>>>> wy to short. Bugs don't disappear after 14 days...
>>>>>>
>>>>>> --
>>>>>> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
>>>>>> ___
>>>>>> nix-dev mailing list
>>>>>> nix-dev@lists.science.uu.nl
>>>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>>>
>>>>> ___
>>>>> nix-dev mailing list
>>>>> nix-dev@lists.science.uu.nl
>>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>>
>>>>
>>>>
>>>> ___
>>>> nix-dev mailing 
>>>> listnix-...@lists.science.uu.nlhttp://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>
>>>>
>>>> --
>>>> Founder of Matrix AIhttps://matrix.ai/+61420925975
>>>>
>>>> ___
>>>> nix-dev mailing list
>>>> nix-dev@lists.science.uu.nl
>>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>>
>>>
>>> ___
>>> nix-dev mailing list
>>> nix-dev@lists.science.uu.nl
>>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>>
>>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] On npm2nix and the NPM package set in Nixpkgs

2016-07-14 Thread Tomasz Czyż
2016-07-13 22:13 GMT+01:00 Wout Mertens <wout.mert...@gmail.com>:

> Great!
>
> I tried npm2nix a few times and never really got it to work. I can't
> imagine that there are a lot of people that use npm2nix that would not be
> able to switch to your new version if it got added as npm2nix.
>
I'm just trying to show similar situation:
"I don't know if anyone is using gnome, but let's remove it because I think
it's difficult to use and nobody is using it" :-)

I think there were some cases similar to this one before and what was
suggested to check if the binary cache is used (if people are downloading
the package) or other way to check if package is being used.


> Having multiple solutions for the same thing is a frustrating experience
> for people that want to start using nix for npm. I would prefer simply
> replacing npm2nix.
>
Are you sure that having multiple tools/solutions is frustrating? Maybe
it's just lack of description or documentation?
(btw, currently there is only one, Sander is trying to introduce second
"official" one if I understand situation correctly).

Sander, maybe you could add a manual change to your PR to explain this
situation/move and how the tools can be used?



> On Tue, Jul 12, 2016 at 3:00 PM Sander van der Burg <svanderb...@gmail.com>
> wrote:
>
>> Hi,
>>
>> I just created a pull request for the release-16.03 branch integrating my
>> node2nix generated package set:
>> https://github.com/NixOS/nixpkgs/pull/16886
>>
>> I'm looking for feedback as I haven't extensively tested everything. My
>> stuff seems to work properly, though. If we find the results satisfactory,
>> I will implement the same kinds of changes for the master branch as well.
>>
>> Best,
>>
>> Sander
>>
>>
>> On Mon, Jul 11, 2016 at 10:36 AM, Nikolay Amiantov <a...@fmap.me> wrote:
>>
>>> One possible way is to add some attribute in current nixpkgs indicating
>>> version of checksumming scheme, e.g. `fetchgit.checksumVersion`.
>>> However, this implies that you would run something like
>>> `nix-instantiate` to determine it, and so you need access to the nixpkgs
>>> tree -- IIRC you don't have such requirements now, and adding whole
>>> complexity for just getting this version seems unreasonable.
>>>
>>> What about pushing different versions of your utility to release and
>>> master branches? I feel this could cover most usecases...
>>>
>>> On 07/11/2016 01:26 PM, Sander van der Burg wrote:
>>> > Thanks for the reference. Actually, the change in Nixpkgs makes sense,
>>> > as I never understood why any file with a .git prefix had to be
>>> removed.
>>> > Similarly, I replicated this odd behaviour in npm2nix.
>>> >
>>> > I have managed to implement a fix for this locally (which I haven't
>>> > pushed yet). The only annoying thing is that the 16.03 stable release
>>> > still uses the old git hash computation method, so I need to keep the
>>> > old method intact.
>>> >
>>> > I'm still a bit puzzled on how to proceed -- I could decide to release
>>> > my npm2nix version and use the hash computation method that works with
>>> > 16.03 since that's the stable version and what end-users should use.
>>> > Then for the master branch, people should switch to the development
>>> > version of npm2nix that implements the new strategy. The only thing I'm
>>> > afraid of is that people forget about this and push broken versions of
>>> > the Node.js packages to master.
>>> >
>>> > Alternatively, I could make both strategies configurable through a
>>> > command-line parameter, but this is not very nice either. And still,
>>> > end-users might forget about it and break the package set.
>>>
>>> --
>>> Nikolay.
>>>
>>
>> ___
>> nix-dev mailing list
>> nix-dev@lists.science.uu.nl
>> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] On npm2nix and the NPM package set in Nixpkgs

2016-07-05 Thread Tomasz Czyż
 use are different. It would
> > probably take a bit of effort to get these migrated.
> >
> > For example, this is how I override the webdrvr package to provide
> phantomjs
> > and the Selenium webdriver:
> >
> > {pkgs, system}:
> >
> > let
> >   nodePackages = import ./composition-v4.nix {
> > inherit pkgs system;
> >   };
> > in
> > nodePackages // {
> >   webdrvr = nodePackages.webdrvr.override (oldAttrs: {
> > buildInputs = oldAttrs.buildInputs ++ [ pkgs.phantomjs ];
> >
> > preRebuild = ''
> >   mkdir $TMPDIR/webdrvr
> >
> >   ln -s ${pkgs.fetchurl {
> > url =
> > "
> https://selenium-release.storage.googleapis.com/2.43/selenium-server-standalone-2.43.1.jar
> ";
> > sha1 = "ef1b5f8ae9c99332f99ba8794988a1d5b974d27b";
> >   }} $TMPDIR/webdrvr/selenium-server-standalone-2.43.1.jar
> >   ln -s ${pkgs.fetchurl {
> > url =
> > "
> http://chromedriver.storage.googleapis.com/2.10/chromedriver_linux64.zip;;
> > sha1 = "26220f7e43ee3c0d714860db61c4d0ecc9bb3d89";
> >   }} $TMPDIR/webdrvr/chromedriver_linux64.zip
> >
> > '';
> >   });
> > }
> >
> >
> > Although we have some practical issues, I think none of them would
> impose a
> > serious problem.
> >
> > Then about npm2nix itself: Obviously, we could say that my version
> replaces
> > the upstream npm2nix and gets "blessed" into the new "official" version,
> but
> > I don't know whether everybody likes it.
> >
> > Alternatively, we could be a bit more pragmatic: I stop calling my
> > reengineering2 version npm2nix, I give it a different name and I release
> it
> > as a different package. This makes it possible for those who want it, to
> > still use the 'vanilla' npm2nix alongside my version.
> >
> > Then in Nixpkgs we can decide to:
> >
> > - to keep npm2nix the default and provide my tool as a package
> > - or to make the reengineering2 version the default, and provide npm2nix
> as
> > a package
> > - in theory: support both package sets, but this might be a bit overkill
> :)
> >
> > For those who don't know: although my repository is a fork of npm2nix,
> the
> > reengineering2 version is basically a rewrite of npm2nix and quite
> different
> > than the upstream version. It is written in JavaScript (as opposed to
> > CoffeeScript), has a different modular structure and different
> command-line
> > interface, so that's why I'm very careful in proposing to replace the
> > upstream npm2nix.
> >
> > Moreover, it also does not share any git revision history with the
> upstream
> > npm2nix. :)
> >
> > As a final note: for those who do not know about this: the reengineering2
> > tool can already be used outside Nixpkgs and this is what I have been
> doing
> > for all my projects. The expressions that it generates are based on the
> > principles I have described in this blog post:
> >
> http://sandervanderburg.blogspot.com/2014/07/managing-private-nix-packages-outside.html
> >
> > My apologies for this very long email, but I'd like to have your feedback
> > and I don't want my preferences to disrupt other people's workflows.
> >
> > What do you think?
> >
> > Best,
> >
> > Sander
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
> >
> > ___
> > nix-dev mailing list
> > nix-dev@lists.science.uu.nl
> > http://lists.science.uu.nl/mailman/listinfo/nix-dev
> >
>
>
>
> --
> Rok Garbas
> http://www.garbas.si
> r...@garbas.si
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Intermittent Blank Screen upon Opening Laptop Lid

2016-07-01 Thread Tomasz Czyż
I have this issue sometimes on intel driver as well (once every few weeks),
I had this on debian/ubuntu as well, I think it's more a driver problem
rather than nixos specific thing if you are looking for a direction.

2016-07-01 14:15 GMT+01:00 Bjørn Forsman <bjorn.fors...@gmail.com>:

> On 1 July 2016 at 15:10, Roger Qiu <roger@matrix.ai> wrote:
> > Hi Nixers,
> >
> > I discovered this problem a while ago, basically upon closing the lid and
> > reopening it after 10 min, the screen stays blank, and I can't do
> anything.
> > Even switching to tty1 doesn't work.
> >
> > This doesn't always happen. And when I close the lid and reopen after a
> few
> > seconds, it usually works and displays something.
> >
> > What are the steps that I can take to debug this issue.
> >
> > It was happening back on NixOS 15.09. and is continuing on 16.03.
> >
> > I'm running NVIDIA and using NVIDIA video card driver.
>
> Did you check the system log?
>
> - Bjørn
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS hangs on boot after upgrading 15.09 -> 16.03; systemd update to blame?

2016-06-23 Thread Tomasz Czyż
James, maybe it's worth to open the ticket on
https://github.com/NixOS/nixpkgs/issues/

2016-06-23 4:08 GMT+01:00 James Cook <james.c...@utoronto.ca>:

> On 22 June 2016 at 19:27, James Cook <james.c...@utoronto.ca> wrote:
> > After updating my desktop from 15.09 to 16.03, it hangs on boot after
> > printing the message "regenerating udev hardware database". I do not
> > think the problem is directly related to that message; see below. Any
> > ideas for debugging this?
> >
> > Here's what I've figured out so far:
> >
> > * Using git-bisect, it seems that the problem starts at commit
> > ecbe04b4, "systemd: Update to 225". (I had to cherry-pick 3cc04956,
> > "libseccomp: Fix hash", to got it to build.)
> >
> > * I don't think the script that prints "regenerating udev hardware
> > database" is the one that hangs. I added a debugging echo command to
> > the end of system.activationScripts.udevd (in
> > nixos/modules/services/hardware/udev.nix), and I saw the extra message
> > when I booted. So the hang happens after.
> >
> > My next step was going to be to add more debugging statements to the
> > boot process, but I'm having trouble figuring out where any of that
> > stuff is. I can't find where system.activationScripts.udevd is called
> > from, and I was mystified to find that grep -R "egenerating udev"
> > /nix/store/(...)-nixos-16.0.3.git.3cc0495M produces no output (except
> > some errors, e.g. etc/zoneinfo/posix is a directoly loop).
> >
> > James
>
> Another note: the problem also happens on master (commit 0167eef9).
> The "regenerating udev hardware database..." message is no longer
> printed at master; the last messages before the hang are "setting up
> /etc..." and a bunch of "removing obsolete symblink ..." and "removing
> group ..." messages.
>
> James
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to access makeTest function from nixpkgs/nixos/lib/testing.nix?

2016-06-22 Thread Tomasz Czyż
2016-06-23 1:39 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:

> Cool.
>
> For development environments, it is recommended to use the nix-shell
> program.
>
+1, I'm constantly forgetting about it.

> A good example is nixops (nixos/nixops on github).
>
> PS, I've added the list again.
>
Cheers :-)

Tom

> Op 23 jun. 2016 02:34 schreef "Tomasz Czyż" <tomasz.c...@gmail.com>:
>
> Maarten,
>>
>> thank you for showing this, I definitely omitted this part, now I see how
>> you set NIX_PATH in test.sh.
>>
>> I think this approach is fine, and I'll use that solution if I won't
>> figure out better way.
>>
>> I have tree like that:
>> ./nixpkgs.nix  # this stuff is importing specific nixpkgs commit
>> ./app1
>> ./app2
>> ./app3
>> ./tests
>>
>> each app is importing "../nixpkgs.nix" separately and tests are importing
>> it as well so all separately are using same nix version "internally".
>>
>> By avoiding wrapper I can go to every directory and run nix-build and it
>> will work and app will be bound to specific nixpkgs version.
>>
>> Another solution would be, as you pointed, setting -I / NIX_PATH, but
>> this is another manual step that needs to be done. You have to add this to
>> .profile (but this is not project specific :[) or you have to set this in
>> every terminal you are working in, or figure out other way to set up this.
>> I'll go this route if I have no other options.
>>
>> Right now with small workaround I described in previous post all stuff is
>> working without any other setup.
>>
>> 1. Clone the repo
>> 2. nix-build in every directory you want
>>
>> 2016-06-23 1:23 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:
>>
>>> You could set the nixpkgs path with the -I option, or as I do, with a
>>> shell variable.
>>> Point it to your fork of nixpkgs, and you're done.
>>>
>>> Alternatively, there is some overridePackage(s?) function that might
>>> interest you. (I myself should look at in detail as well ;))
>>> Op 23 jun. 2016 02:19 schreef "Tomasz Czyż" <tomasz.c...@gmail.com>:
>>>
>>> Maarten,
>>>>
>>>> thank you for sharing your work.
>>>>
>>>> I think you are using approach with "import " and not
>>>> overriden pkgs inside testing config/machine - which I prefer to avoid,
>>>> because I want to have bound nixpkgs version, I don't want to use "system"
>>>> version. (maybe I'm missing some piece, in that case please point it out).
>>>>
>>>> In the meantime I found, that I can pass/override pinned pkgs inside
>>>> config/machine description with a little trick.
>>>>
>>>>   import  ({
>>>> machine = {config,pkgs,...}: {
>>>>   _module.args.pkgs = my-nixpkgs;  # this trick overrides pkgs
>>>> argument for all modules
>>>>   imports = [
>>>>   ... my modules...
>>>>   ];
>>>>
>>>> };
>>>> testScript=''
>>>> ...
>>>> '';
>>>>   })
>>>>
>>>>
>>>> I would prefer to not use this method as probably "pkgs" argument can
>>>> "leak" in some places (the other version of nixpkgs can be used and I will
>>>> not detect this easily). But that's the best I have so far.
>>>>
>>>>
>>>>
>>>> 2016-06-23 1:10 GMT+01:00 Maarten Hoogendoorn <maar...@moretea.nl>:
>>>>
>>>>> Hi Tomasz,
>>>>>
>>>>> Some weeks ago, I looked into this to run zfs integration tests for a
>>>>> rust binding to libzfs.
>>>>>
>>>>> The GitHub repository [1] is set up to run a qemu vm on Travis, so
>>>>> that my tests can run with a kernel that supports zfs. It also provides
>>>>> some isolation during development. I'd rather not destroy my main pool by
>>>>> accident ;)
>>>>>
>>>>> Good luck, and let me know if this helps you out :)
>>>>> Maarten
>>>>>
>>>>> [1] https://github.com/moretea/rust-zfs
>>>>>
>>>>> 2016-06-23 1:23 GMT+02:00 Tomasz Czyż <tomasz.c...@gmail.com>:
>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I found makeTest function from nixos useful and I would like to 

Re: [Nix-dev] On npm2nix and the NPM package set in Nixpkgs

2016-06-22 Thread Tomasz Czyż
n about npm2nix itself: Obviously, we could say that my version
> replaces the upstream npm2nix and gets "blessed" into the new "official"
> version, but I don't know whether everybody likes it.
>
> Alternatively, we could be a bit more pragmatic: I stop calling my
> reengineering2 version npm2nix, I give it a different name and I release it
> as a different package. This makes it possible for those who want it, to
> still use the 'vanilla' npm2nix alongside my version.
>
> Then in Nixpkgs we can decide to:
>
> - to keep npm2nix the default and provide my tool as a package
> - or to make the reengineering2 version the default, and provide npm2nix
> as a package
> - in theory: support both package sets, but this might be a bit overkill :)
>
> For those who don't know: although my repository is a fork of npm2nix, the
> reengineering2 version is basically a rewrite of npm2nix and quite
> different than the upstream version. It is written in JavaScript (as
> opposed to CoffeeScript), has a different modular structure and different
> command-line interface, so that's why I'm very careful in proposing to
> replace the upstream npm2nix.
>
> Moreover, it also does not share any git revision history with the
> upstream npm2nix. :)
>
> As a final note: for those who do not know about this: the reengineering2
> tool can already be used outside Nixpkgs and this is what I have been doing
> for all my projects. The expressions that it generates are based on the
> principles I have described in this blog post:
> http://sandervanderburg.blogspot.com/2014/07/managing-private-nix-packages-outside.html
>
> My apologies for this very long email, but I'd like to have your feedback
> and I don't want my preferences to disrupt other people's workflows.
>
> What do you think?
>
> Best,
>
> Sander
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] How to access makeTest function from nixpkgs/nixos/lib/testing.nix?

2016-06-22 Thread Tomasz Czyż
Hello,

I found makeTest function from nixos useful and I would like to use it in
my projects for building integration testing environments.

The only method I found by now, how to access it is:

(import ).makeTest

The problem is: in the script I'm running, the fixed nixpkgs version is
passed as "pkgs" argument. The script must test programs against that
specific nixpkgs version.

I see two options:
1. grab makeTest command from pinned nixpkgs
2. grab makeTest from  and pass pinned nixpkgs as argument to
makeTest (and further to machine/nodes).

1. I couldn't find the attribute which is pointing to that function or
file, if looks like I can access it only using path syntax like
. Is there any way to get path for current
"pkgs" set? Or are there any other ways how I can access this file/function?

2. I didn't find any way to pass pkgs argument down the stack, looks like
other funtions inside makeTest are just importing pkgs from "local" files
so probably this way won't work.

3. I could copy the files and bind them to attributes but I prefer to avoid
that if possible.

If anyone have some suggestions please let me know.

Tom

-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Persistent NixOps keys

2016-06-17 Thread Tomasz Czyż
Erik, you also could add your load-keys service to network.target or any
target which starts at the system start. So then you don't have to add it
to specific apps, depends on your keys workflow.

2016-06-17 9:48 GMT+01:00 4levels <4lev...@gmail.com>:

> That's probably it!
>
> I still need to update all service configs to have keys.target in the
> wantedBy list.
>
> I read somewhere that I should also use requiredBy for it to really wait
> untill keys.target is finished..
>
> Kind regards,
>
> Erik
>
> On Thu, Jun 16, 2016, 23:50 Игорь Пашев <pashev.i...@gmail.com> wrote:
>
>> 2016-06-14 17:17 GMT+03:00 4levels <4lev...@gmail.com>:
>> > wantedBy = [ "keys.target" ];
>>
>>
>> Maybe you don't have services depending on keys.target
>>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] hydra and nixos versions/commits at hydra.nixos.org

2016-06-16 Thread Tomasz Czyż
2016-06-16 11:31 GMT+01:00 Domen Kožar <do...@dev.si>:

> On Thu, Jun 16, 2016 at 11:23 AM, Tomasz Czyż <tomasz.c...@gmail.com>
> wrote:
>
>> Domen,
>>
>> do you know what's the strategy for hydra in nixos? Looks like module
>> file is not imported from hydra but is copied/prepared separately in nixos.
>> That means there are two module versions but one code base.
>>
>> Will hydra module be moved to nixos? If not, maybe would be better to
>> just import it from upstream?
>>
>> Is strategy (to keep modules inside nixos for external packages, even
>> those with nix modules) the way to go for all other projects? If yes, could
>> you explain why or point to some explanations?
>>
>
>  Currently module in nixpkgs and the module in hydra will be maintained
> separately. Eelco will deploy Hydra as it's always been and update
> package/module in hydra.git, I'll port changes to nixpkgs.
>
> We currently don't have a better way to deal with this. I'll see how it
> goes, but the idea is Hydra repository should be self contained.
>

IMHO, this makes additional work without giving too much.

1. you have to port module into nixos each time you fetch new hydra change
2. if hydra will brake compatibility with nixos you have to fix ported
version (which makes situation where two modules needs to be maintained)

but if you would just import module from nix you have:

1. when updating hydra you just check if tests pass
2. if something is broken you can fix upstream or override hydra module to
create temporary fix

So I assume second approach is lot less work with the same weak points.
Maybe I'm missing something but for me it looks like just adding more
manual work to do.
What do you think?

Also, there is a case (not mine yet, but I assume will be at some point)
when you want to keep specific hydra version with it's module
implementation, is it possible to do that in a current version? (I mean
import hydra's module which override local module)?
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] hydra and nixos versions/commits at hydra.nixos.org

2016-06-16 Thread Tomasz Czyż
Domen,

do you know what's the strategy for hydra in nixos? Looks like module file
is not imported from hydra but is copied/prepared separately in nixos. That
means there are two module versions but one code base.

Will hydra module be moved to nixos? If not, maybe would be better to just
import it from upstream?

Is strategy (to keep modules inside nixos for external packages, even those
with nix modules) the way to go for all other projects? If yes, could you
explain why or point to some explanations?

2016-06-16 9:54 GMT+01:00 Tomas Hlavaty <tomas.hlav...@knowledgetools.de>:

> Hi Domen,
>
> Domen Kožar <do...@dev.si> writes:
> > Hydra NixOS module and package are now available on nixpkgs master.
>
> thank you!
>
> > There's one bug I need to fix, then I'll backport these changes to
> > 16.03.
>
> great!
>
> > Meanwhile, I used following commit on 16.03 before I moved to the
> > fork using some improvements: https://github.com/snabblab/
> > snabblab-nixos/commit/20a3fe6e9cf9e0da2a855bd1df9ce7ebad434951
>
> good, if I don't succeed with my upgrade, I'll try that.
>
> > Official releases will for now be pinned git revisions on nixpkgs,
> > hopefully that will suffice for most of us.
>
> Will the official hydra be on 16.03 or unstable?
>
> > On Tue, Jun 14, 2016 at 4:21 PM, Tomas Hlavaty <
> >   1258008 2016-04-15 hydraSrc → 177bf25
> >   at https://hydra.nixos.org/jobset/hydra/master/evals?page=2
>
> I am upgrading to hydra 177bf25 on nixos 16.03 and it seems to work
> except that hydra lost the ability to do distributed builds.  Has
> something changed in this regard in hydra/nix/nixos?
>
> In "journal -xe" log, I can see that hydra-queue-runner loads a build
> into nix-daemon but then the build is stuck as queued forever.
>
> I can't see any error messages from nix-daemon.  Is there a way to debug
> nix-daemon in order to see, what is it doing?
>
> Tomas
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>



-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Setting default group & permissions on deployment.keys

2016-06-14 Thread Tomasz Czyż
https://nixos.org/nixops/manual/#opt-deployment.keys._name_.user

2016-06-14 11:12 GMT+01:00 4levels <4lev...@gmail.com>:

> Hi Rob,
>
> thank you for your swift reply!
> Does this mean I'm actually overriding the default keys behavior as
> defined in https://github.com/NixOS/nixops/blob/master/nix/keys.nix ?
> I was kind of hoping to be able to write something like
>
> deployment.keys.*.group = "keys";
> deployment.keys.*.permissions = "0640";
>
> I'll give it a try and post back here.
>
> Kind regards,
>
> Erik
>
> On Tue, Jun 14, 2016 at 12:06 PM Rob Vermaas <rob.verm...@gmail.com>
> wrote:
>
>> Hi Erik,
>>
>> > Is there a way to define a default group and permissions for all keys
>> > without me specifying this for each key individually?
>> > I'm currently well over 200 keys per machine so adding the group and
>> > permissions for each key is quite elaborate..
>>
>> You could do somthing like:
>>
>>   deployment.keys =
>> let
>>   keyDir = /path/to/dir/with/my/keys;
>>   keys = builtins.attrNames (lib.filterAttrs (n: v: v ==
>> "regular" ) (builtins.readDir keyDir));
>> in with lib; listToAttrs (map (n: nameValuePair n { text =
>> builtins.readFile (keyDir + ("/" + n)); group = "keys"; permissions =
>> "0640"; }) keys);
>>
>> This would upload all files in /path/to/dir/with/my/keys to the
>> machine in /run/keys. Note I didn't test this, so it might have some
>> typos, biut hope the idea is clear. It's an adapted piece copied from
>> something similar we are using.
>>
>> Cheers,
>> --
>> Rob Vermaas
>>
>> [email] rob.verm...@gmail.com
>>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to create a channel with hydra

2016-06-12 Thread Tomasz Czyż
Hey Arseniy,

did you succeed by any chance?

2016-05-21 15:47 GMT+01:00 Arseniy Seroka <ars.ser...@gmail.com>:

> Hello! I setup my first hydra job yesterday.
>
> Now I want to share it with nix's channel. What do I need to do to create
> one?
>
> I can see a channel tab in my hydra's job, but "There are no channels
> available.".
>
> My CI configuration is [1], and hydra's job is [2].
>
> Reading [3] I saw a paragraph about channels, but I miss that
> functionality..
>
> [1]: https://github.com/jagajaga/ci/blob/master/rscoin.nix
>
> [2]: https://hydra.serokell.io/jobset/rscoin/master
>
> [3]:
> http://sandervanderburg.blogspot.ru/2013/04/setting-up-hydra-build-cluster-for.html
>
> --
> Sincerely,
> Arseniy Seroka
>
>
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>


-- 
Tomasz Czyż
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


  1   2   >