The Arcology Garden

Hey Smell This : In the spirit of my Shell Grymoire , here are some useful Nix invocations/patterns/commands.

I am always updating this page, check it in your feed reader: https://arcology.garden/grymoires/nix.xml

I have to "boot from file", browse the EFI system partition to load grubx64.efi, then boot normally. Once booted, run:

 source: 
[root@virtuous-cassette:~]# NIXOS_INSTALL_BOOTLOADER=1 /run/current-system/bin/switch-to-configuration boot
updating GRUB 2 menu...
installing the GRUB 2 boot loader into /boot...
Installing for x86_64-efi platform.
Installation finished. No error reported.

tailscaled-autoconnect will block everything if you set tailscale up to approve new devices, this makes bootstrapping a new system really confusing!!

Another beautiful little piece of a priori knowledge, how to get a local nix flake build to include the repo's submodules:

You do not add the submodule itself as an input, you need to add the submodules=1 query parameter to the input that has the submodule.

shell source: 
nix build .?submodules=1

Recently pantalaimon stopped working, complaining that it couldn't do GObject introspection to load the DBus library it uses for its user interface. I spent some time digging in to it because i like using Ement.el more than element-desktop, and found that GTK/GNOME apps require these "typelib" files to be in a known path to do the object introspection. (I don't know how you GNOME/GTK people live like this, but that's a different conversation)

My first attempt injected them with a custom wrapProgram invocation since wrapGAppsHook was used for GUI stuff:

nix source: 
postFixup = let
  typelibPath = lib.makeSearchPath "/lib/girepository-1.0" [
    (placeholder "out")
    (lib.getLib glib)
  ];
in ''
  for pgm in pantalaimon panctl; do 
    wrapProgram "$out/bin/$pgm" \
      --prefix GI_TYPELIB_PATH : "$GI_TYPELIB_PATH:${typelibPath}"
  done
'';

The reviewer on my nixpkgs pull request for this recommended using wrapGAppsNoGuiHook which I hadn't seen before, but then said that it had to prevent "double-wrapping", a thing I've seen myself but never resolved:

 source: 
[rrix@virtuous-cassette:~/Code/nixpkgs]$ ls -alh /nix/store/kxddbaf1w5wwwfpi02fscmqfmc6jfgqz-pantalaimon-0.10.5/bin/
total 37K
dr-xr-xr-x 2 root root    8 Dec 31  1969 .
dr-xr-xr-x 6 root root    6 Dec 31  1969 ..
-r-xr-xr-x 1 root root  16K Dec 31  1969 panctl
-r-xr-xr-x 1 root root  16K Dec 31  1969 .panctl-wrapped
-r-xr-xr-x 1 root root 6.6K Dec 31  1969 ..panctl-wrapped-wrapped
-r-xr-xr-x 1 root root  16K Dec 31  1969 pantalaimon
-r-xr-xr-x 1 root root  16K Dec 31  1969 .pantalaimon-wrapped
-r-xr-xr-x 1 root root 6.6K Dec 31  1969 ..pantalaimon-wrapped-wrapped

The person recommended the following, which I did and does work, yet another roam:Nixpkgs A Priori Pattern ...:

nix source: 
nativeBuildInputs = [
  wrapGAppsNoGuiHook
  gobject-introspection
];

# Prevent double wrapping from wrapGApps and wrapPythonProgram
dontWrapGApps = true;
makeWrapperArgs = [
  "\${gappsWrapperArgs[@]}"
];

aye aye aye...

I've tried a few times now to build software on my nixos system using ccache, but I failed mostly because programs.ccache.packageNames didn't reliably recurse in to the attrset which all the KDE packages are hidden in. Anyways, I don't compile things very often, so it was mostly shelved.

I've been for a few months now dealing with a difficult to reproduce crasher bug in Plasma KWin Wayland and I am more motivated than ever to try to track this down. Especially after david edmundson dropped a patch that is "close but no cigar", I wanted to get to the point where I could build KWin and not have it be a full recompile every time I added a debug statement.

This is what ccache is for!

In my custom package overlay I was only able to get ccache used for these builds by overriding the plasma5Packages "scope" -- another essentially undocumented roam:Nixpkgs A Priori Pattern . This would cause ccache to be used for every binary, and cause Binary Cache misses; every Plasma package would be compiled from source! 😩

But you can do Some Computer :( Bullshit to override the scope just for KWin and inject my local source checkout in the process, I wonder if someone can suggest something more legible:

nix source: 
final: prev:
{
  plasma5Packages = let
    p5pcc = pkgs.plasma5Packages.overrideScope (pFinal: pPrev: rec {
      stdenv = pkgs.ccacheStdenv;
    });
  in
    pkgs.plasma5Packages.overrideScope (plasmaFinal: plasmaPrev: rec {
      kwin = p5pcc.kwin.overrideAttrs (old: {
        src = /home/rrix/Code/kwin;
      });
    });
}

• create a plasma5Packages scope with the ccacheStdenv injected in to it called p5pcc

• override the "stock" plasma5Packages to:

  • take the KWin package and override its src attribute to point to my local fs

  • use the scope with ccache in it for KWin and its dependencies

When writing NixOS modules, you often need to make sure that attrsets with dynamic or cfg.enable or other mkIf thing are merged lazily; this is done with the un-documented nixpkgs function lib.mkMerge...

shell source: 
nix copy --to ssh://root@192.168.69.36?remote-store=local?root=/mnt /nix/store/dalm2ggzvgd2b09m0lrff61gbqf8gy05-morph --no-check-sigs

I hosed my server pretty hard, and ended up having to deploy a new version of grub configuration, mountpoints etc, while I only had access to a rescue environment attached to the server. While I plan to write a full postmortem of that incident, this is useful for myself and for others, i found it discussed only in a github issue for nix, presumably the options passed to the ssh path are documented somewhere but this will copy in to a store mounted under /mnt/nix/store which sure is nice!

nix source: 
checks.pytest = pkgs.stdenvNoCC.mkDerivation {
  name = "pytest";
  src =./.;
  dontBuild = true;
  doCheck = true;
  nativeBuildInputs = [
    pkgs.python3.pkgs.pytest
    pkgs.callPackage ./default.nix {};
  ];
  checkPhase = "pytest test";
  installPhase = "mkdir $out";
};

Add NIX_CONFIG = "builders ="; to the derivation (and thus process environment)

(or you can just invoke the Magic contained in the Version Pins document )

shell source: 
nix-build --expr '(import <nixpkgs> {}).fetchFromGitHub (import /home/rrix/arroyo-nix/versions.nix {}).org-fc' | xargs -n1 nix hash path