Re: [Nix-dev] gentoo like nixpkgs globala useflags in nixpkgs config - would it be worth it?

2017-03-25 Thread Ertugrul Söylemez
>> Issue pulseSupport -> does it make sense to have a global 'enable
>> pulse for all packgages' config.pulseSupport = true flag?
>>
>> packages could be using:  config.pulseSupport or false to disable by
>> default then.
>
> In my opinion baking global implicit state into nixpkgs is not a good
> idea.

It's not *state*, is it?  We're basically already doing global
configuration, and I think the proposal is about actually using this to
get a USE-like system.

IMO it wouldn't hurt, as long as the defaults are sensible, because
Hydra will most likely only build those (the number of possible
configurations it could build increases exponentially with every new
setting, so it couldn't possibly build all of them).

In other words: please don't turn NixOS into Gentoo by forcing us to
compile everything. =)


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Should we drop 9P?

2017-03-20 Thread Ertugrul Söylemez
> 9P is used by NixOS to share host's nix store with Qemu virtual
> machines. Such technique is used in the build process, in the
> test-driver, so to say in the critical places.
> Recently few bugs in 9P were found (#23957 #23020 #22695) which
> reveals that 9P code is not very mature and perhaps NixOS is the first
> team which uses 9P heavily and relies on it in production.
>
> Shouldn't we replace 9P with something battle-tested like NFS or
> Samba?  It may also improve the performance because 9P server works in
> qemu process, in user mode and there are as many servers as virtual
> machines running.

In terms of performance getting rid of QEMU where possible is probably
the better option.  Containers are fairly mature these days, and then
sharing file-systems is a matter of bind-mounting.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Move NodeJS to separate overlay repository?

2017-03-11 Thread Ertugrul Söylemez
> There are a few package groups that I believe are not used in NixOS
> core (boot, containers, ...) and are not updated as much as they could
> be. Node, Haskell, others?

Could the Haskell packages still be built by Hydra?  I highly appreciate
that, because it makes Haskell development a very smooth experience with
Nix, especially on lower-end systems that I have to use from time to
time.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Fwd: Why having releases if you break things in it often

2017-02-10 Thread Ertugrul Söylemez
>>> I dont want to be a 100% full time nixos developer / sysadmin just
>>> to solve such stupid problem. Except somebody would pay me for that,
>>> then I would think about it.
>>
>> Ah, so you won't do it for free but you expect the army of experts to
>> rush for help and do it for free for you, do I read that correctly?
>
> "rush" the bug is open since over a month, I would not call that
> "rush".

That's not the point, is it?  NixOS is not a commercial organisation.
It's entirely driven by voluntary work.  Yes, even the companies that
contribute to NixOS are volunteers!  In other words you can do one of
four things:

  * Contribute patches yourself.

  * Kindly (!) ask for help and with a bit of luck receive voluntary (!)
support from the community.  Remember that nobody is obliged to help
you, but if you're nice and respectful, people will usually try
their best in my experience.

  * Use a different solution.

  * Oblige somebody to help you by paying them.

Did you pay someone?  If yes, talk to them and be as rude as you want,
because you have a contract.  If no, then pick one of the other three
options.


> If thats only a very unproffessional project, why creating a
> professional looking web site?

Why not?  We are not obliged to *anything*, not even a terrible
website. =)


> So you find time for much PR, but you cant answer a bug report in a
> month?

Sure, why not?  Who are you to tell me what I should do in my spare
time?  Pick one of the four options above.


Greets
ertes


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Arch is dropping i686. Should we?

2017-01-26 Thread Ertugrul Söylemez
> As far as I know, Nix has no way to gather statistics on how many people
> are using different architectures. This makes questions like this a bit
> awkward.
>
> One person on IRC said they think they may have used it once. Does
> anyone on this list use NixOS on i686? anyone on this list know anyone
> using NixOS on i686?

Arch has a different philosophy, so it makes sense for them to drop
legacy support sooner than other distributions.  It's also important to
consider that they actually have to manage two sets of packages, so
their maintenance cost may be a lot higher, while in Nixpkgs we can get
away with a single expression for both (and more) architectures most of
the time.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Malicious installation methods

2016-06-17 Thread Ertugrul Söylemez
>> I ask you to PLEASE remove this installation method from the
>> recommendations on the page because it makes it look like you don't
>> care about computer secuirty one bit.
>
> Now, that's an interesting point. Are there many people who never
> installed nix because the installer is the recommended installation
> method?

I have actually witnessed a few people (in person) who expressed
concerns about that method.  When questioned, the concerns turned out to
be unreasonable, because you are going to trust code from that server to
run as root blindly anyway, but this is one of those "evil pattern"
triggers that make security-minded people jump.  It's like seeing
"strcpy" in C code: not *necessarily* bad, but triggers the warning
bell.

For marketing reasons it may be beneficial to attach a security note to
that command, such that people understand why it's really not any less
secure than other methods.  Alternatively get rid of the pattern and
distribute a bunch of tarballs instead.  In other words: perform the
installation on Hydra, tar it, then provide platform-specific tars.

One interesting point is that little of the installation really requires
root permissions.  Users could be asked to create the `/nix` directory
and optionally a bunch of build users as root and then let the script do
its job without root.  That way the script never needs to switch users.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Haskell NG: Local packages

2015-04-28 Thread Ertugrul Söylemez
Hi Jeff,

I'm using a similar approach for non-Haskell packages.  However, for
Haskell packages it doesn't interact well with cabal2nix.  Hence my
question.  I have now solved it the following way in
`~/.nixpkgs/config.nix`:

haskellPackageOverrides = self: super:
let asDarcs = path:
(self.callPackage (import path) {}).override (args: args // {
mkDerivation = expr:
args.mkDerivation (expr // {
src = nixos.pkgs.fetchdarcs { url = path; };
});
});
in {
myxmonad   = self.callPackage  {};
mytaffybar = self.callPackage  {};
testpkg1   = asDarcs ;
testpkg2   = asDarcs ;
};

The testpkg2 executable depends on the testpkg1 library, and it works.
The expressions are generated by cabal2nix, so no manual work is
involved.  So it seems to do exactly what it should.

> It's not specific to Haskell (and I haven't tried haskellng at all
> yet) but for personal packages I have mypkgs//default.nix,
> and then a top-level mypkgs/default.nix:
>
> [...]
>
> I add that to my NIX_PATH so I can `import ` anywhere to get
>  overridden with the stuff I'm working on.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Haskell NG: Local packages

2015-04-28 Thread Ertugrul Söylemez
> I believe Peter's message <87mw5qvj9x@write-only.cryp.to> could
> answer my question.  I will give it a try.

It does and works well.  Thanks anyway!


>> I have a bunch of local Haskell packages, mostly libraries.  The package
>> X lives in the directory ``.  There are lots of direct
>> and indirect dependencies between them.  My current solution is ad hoc
>> and rather ugly.  I'm using the following hand-crafted `shell.nix` file
>> in every project:
>>
>> { pkgs ? import  {} }:
>>
>> let inherit (pkgs.haskellngPackages) callPackage;
>>
>> extPkg = path: deps:
>> (callPackage (import path) deps).override (args: args // {
>> mkDerivation = expr:
>> args.mkDerivation (expr // {
>> src = pkgs.fetchdarcs { url = path; };
>> });
>> });
>>
>> thisPkg = callPackage (import ./devel.nix) {
>> direct-dep1 = extPkg  {
>> indirect-dep1 = ...;
>> indirect-dep2 = ...;
>> };
>> direct-dep2 = extPkg  {};
>> };
>>
>> in thisPkg.env
>>
>> Do not pay too much attention to the `extPkg` function.  It just works
>> around cabal2nix' lack of support for Darcs URLs.
>>
>> My question is:  Is there a nicer and more principled way to solve this?
>> Ideally I could simply add all of my local packages in some way to my
>> `~/.nixpkgs/config.nix`.  Then they could just depend on each other
>> regularly and I wouldn't need any shell.nix hackery.  I'm guessing that
>> I need to override haskellngPackages in some way or perhaps create my
>> own using some override.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Haskell NG: Local packages

2015-04-28 Thread Ertugrul Söylemez
I believe Peter's message <87mw5qvj9x@write-only.cryp.to> could
answer my question.  I will give it a try.

> Hello fellow Haskellers,
>
> I have a bunch of local Haskell packages, mostly libraries.  The package
> X lives in the directory ``.  There are lots of direct
> and indirect dependencies between them.  My current solution is ad hoc
> and rather ugly.  I'm using the following hand-crafted `shell.nix` file
> in every project:
>
> { pkgs ? import  {} }:
>
> let inherit (pkgs.haskellngPackages) callPackage;
>
> extPkg = path: deps:
> (callPackage (import path) deps).override (args: args // {
> mkDerivation = expr:
> args.mkDerivation (expr // {
> src = pkgs.fetchdarcs { url = path; };
> });
> });
>
> thisPkg = callPackage (import ./devel.nix) {
> direct-dep1 = extPkg  {
> indirect-dep1 = ...;
> indirect-dep2 = ...;
> };
> direct-dep2 = extPkg  {};
> };
>
> in thisPkg.env
>
> Do not pay too much attention to the `extPkg` function.  It just works
> around cabal2nix' lack of support for Darcs URLs.
>
> My question is:  Is there a nicer and more principled way to solve this?
> Ideally I could simply add all of my local packages in some way to my
> `~/.nixpkgs/config.nix`.  Then they could just depend on each other
> regularly and I wouldn't need any shell.nix hackery.  I'm guessing that
> I need to override haskellngPackages in some way or perhaps create my
> own using some override.
>
>
> Greets,
> Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Haskell NG: Local packages

2015-04-28 Thread Ertugrul Söylemez
Hello fellow Haskellers,

I have a bunch of local Haskell packages, mostly libraries.  The package
X lives in the directory ``.  There are lots of direct
and indirect dependencies between them.  My current solution is ad hoc
and rather ugly.  I'm using the following hand-crafted `shell.nix` file
in every project:

{ pkgs ? import  {} }:

let inherit (pkgs.haskellngPackages) callPackage;

extPkg = path: deps:
(callPackage (import path) deps).override (args: args // {
mkDerivation = expr:
args.mkDerivation (expr // {
src = pkgs.fetchdarcs { url = path; };
});
});

thisPkg = callPackage (import ./devel.nix) {
direct-dep1 = extPkg  {
indirect-dep1 = ...;
indirect-dep2 = ...;
};
direct-dep2 = extPkg  {};
};

in thisPkg.env

Do not pay too much attention to the `extPkg` function.  It just works
around cabal2nix' lack of support for Darcs URLs.

My question is:  Is there a nicer and more principled way to solve this?
Ideally I could simply add all of my local packages in some way to my
`~/.nixpkgs/config.nix`.  Then they could just depend on each other
regularly and I wouldn't need any shell.nix hackery.  I'm guessing that
I need to override haskellngPackages in some way or perhaps create my
own using some override.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Please test Nix store auto-optimise

2015-04-25 Thread Ertugrul Söylemez
> IMO much of the time overhead is basically unavoidable, as you need to
> do lots of random probes to a huge table (order of million entries,
> e.g.  1.5M in my case). Putting a single Bloom filter in front would
> shave I/O of most *failed* probes, but otherwise we can't get much
> better, I believe (being a PhD student in data structures).

There is some overhead, but it doesn't have to be anywhere near the one
we have right now.  The filesystem stores a lot more information than
necessary.  Basically making the on-disk structure smaller and more
domain-specific makes the operation noticably faster, and I can't think
of a smaller structure to store hash-maps than patricia trees.  A simple
hash-to-block mapping is all we need.

I'm not sure whether the Bloom filter would really help.  Since it is
impossible to predict the required size you would have to use some form
of growing Bloom filter or proactively create a filter that is so large
that it might destroy its own purpose.


> Anyway, this deduplication work seems better delegated to some other
> SW/library. Surely there are some already. If we wanted to deduplicate
> *similar* (unequal) files, we would even need to get FS-dependent. In
> the typical ext4 case, we don't even have reflinks AFAIK...

That's what I'm saying.  A separate tool should handle this, and it
would depend on the FS (in the sense of being a function of the FS), but
not be bound to any particular one.  For traditional FSes like ext4 it
would do hard-linking, but perhaps in a slightly smarter way.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS on a machine with only one user

2015-04-25 Thread Ertugrul Söylemez
> > Assuming bigger things usually gives you a better or at least more
> > scalable result, and in most cases the additional cost is very close
> > to zero. For example every single-disk system I set up uses a
> > two-disk RAID array with one missing disk from the point of view of
> > mdadm. If it does happen that I actually want to add more disks, it
> > will be a few short online commands to do it instead of a tedious
> > reinstallation of the entire system, and it costs only a few
> > megabytes. The additional disk might as well be an external
> > emergency disk that starts synchronising as soon as I plug it in.
>
> How did you manage to make mdadm do that?

It allows you to create arrays with missing disks, and you can activate
them as long as enough disks are present.  It's like creating an array
with a failed disk right from the beginning:

mdadm --create /dev/md/blah-system \
-l 1 -n 2 \
/dev/sda2 missing

Notice the `missing` argument.  It tells mdadm that the first disk is
`/dev/sda2` and the second disk is currently missing.  When you plug in
a second disk, just add it to the array.  When you plug in a third disk,
convert the array to RAID5 (can be done online in the background, see
`--grow`) and add the third disk.  And so on.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Please test Nix store auto-optimise

2015-04-25 Thread Ertugrul Söylemez
> Once I wondered if using reflinks instead of hardlinks might be better
> from some point of view, but it probably won't be a big difference.

Tl;dr:  The current linking strategy has a noticable space and time
overhead that is large enough to be unacceptable for me, so I turned it
off.  The overhead can be removed in two ways:  Use reflinking when
available and more importantly get rid of the `.links` directory.

When the filesystem supports reflinking, it should be used.  The
advantages are:

  * From the viewpoint of the FS user this is completely transparent.

  * Most modern FSes support block-level deduplication.

  * The FS ensures consistency.  No potentially dangerous assumptions
about the atomicity of FS operations.

  * Can be done in the background even on systems without nix-daemon.

  * Can be used safely to copy files into the store when `src` points to
the local filesystem.

  * The `.links` approach would no longer work, forcing us to do
something more sensible, for example a database file.

To deduplicate new builds, simply maintain a fast database of block
hashes and compare the newly written files against it.  If a match is
found, instruct the filesystem to deduplicate and that's it.  After GC
check to see if the GCed blocks still exist, otherwise remove them from
the database.

Should it happen that the database becomes inconsistent with the store
(for example because the system crashed during deduplication), nothing
bad will happen except that a few blocks might be wasted.

It would also help developers.  For example it's not uncommon for me to
point `src` to the local filesystem.  And since I'm doing a lot with
machine learning nowadays, often enough there are some huge files in a
`data` or `examples` directory.  Each time I do nix-build those are
copied verbatim to the store, which not only takes an unnecessarily long
time, but also wastes space.  As a btrfs user I would definitely benefit
From reflinking.  It would still require reading the entire file for
hashing, but the space waste would be gone.

The requirement to have this huge .links directory would be gone, making
both the optimisation process and garbage collection faster.  Just
listing its contents takes more than a minute for me with most of the
time spent disk-thrashing.  I'm not even sure if it's really required at
all, since for book-keeping a database file would be a better option.

I'd also like to note that store optimisation is probably better handled
by a separate program.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] NixOS on a machine with only one user

2015-04-24 Thread Ertugrul Söylemez
> NixOS noob here. I'm using NixOS on a machine with only one user (me).
> What's the best strategy for installing packages?
> [...]
> Installing into a normal user profile

In general I tend to just assume that my system is an actual multi-user
system.  I'm a normal user, so I don't make any assumptions on the way
imaginary fellow users use their account.  A very small number of
packages will have to be used by the majority of the users on the
system, for example because they are relevant to the network topology or
purpose.  Most of them will be installed in the form of NixOS services.
All other packages are user-specific.

Installing user packages into the user profile has the additional
advantage that it is safe and secure to install your own packages, which
you may want to do from time to time, perhaps because you may want to
use Nixpkgs-master for some bleeding edge version or because you may
want to use Nix for a custom package or development.  Remember that Nix
handles not only code.  You can equally well write and deploy a bunch of
static files using it.

Assuming bigger things usually gives you a better or at least more
scalable result, and in most cases the additional cost is very close to
zero.  For example every single-disk system I set up uses a two-disk
RAID array with one missing disk from the point of view of mdadm.  If it
does happen that I actually want to add more disks, it will be a few
short online commands to do it instead of a tedious reinstallation of
the entire system, and it costs only a few megabytes.  The additional
disk might as well be an external emergency disk that starts
synchronising as soon as I plug it in.

Fortunately this is possible with NixOS.  Many distributions, including
all Anaconda-based ones (RHEL, CentOS, Fedora, etc.), do not allow you
to do this.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to develop with chicken and emacs

2015-04-20 Thread Ertugrul Söylemez
>> The way I do this is to fire up a Makefile from Emacs.  The Makefile
>> uses nix-shell to start the actual builder:
>>
>> nix-shell --pure --command "./Setup build"
>>
>> This is an indirection, but it makes sure that the environment the
>> builder sees is (fairly close to) the environment the build script
>> would see when you use nix-build.  And indeed, you can actually use
>> nix-build as well, although you probably don't want to, because it
>> rebuilds the whole thing all the time.
>
> That's a good tip! I will start with this. But it still wouldn't allow
> me to use the interactive features of emacs, if I understand
> correctly?  It would be great to evaluate expressions inside emacs
> without building the whole app.

Well, you can invoke nix-shell instead of the regular shell from within
Emacs.  Getting an inferior mode or any other tighter integration to
work, if there is one, could be more difficult.  One thing you can do is
to make Emacs part of a project-specific development environment using
myEnvFun.  The wiki should help you with this.  Alternatively many
integration modes allow you to specify the command used for invoking the
helper programs.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] cabal2nix: Local Darcs URLs

2015-04-20 Thread Ertugrul Söylemez
Hello fellow Haskellers,

how do I specify a Darcs repository on the local filesystem when
invoking haskell-ng's cabal2nix?  Note: I need the Darcs variant, not
the local filesystem variant, so just giving a filesystem path does not
work.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to develop with chicken and emacs

2015-04-18 Thread Ertugrul Söylemez
Hi there Eike,

> I found out about the egg2nix program and saw, that the
> 'chicken-eggs.nix' file contains many eggs and that the egg2nix
> program uses it. So, right now I'm starting a shell like this
>
> nix-shell -p egg2nix
>
> This drops me in a shell, where the eggs are setup via
> CHICKEN_REPOSITORY_EXTRA and CHICKEN_INCLUDE_PATH. That's a step
> forward, but it still feels strange. Maybe just because I'm not used
> to it… Is this a recommended way for developing? (I probably should
> create my own nix file to make this env I guess)

My experience with Chicken is limited, but what you are describing
sounds about right.  It is indeed the way we develop software with the
help of Nix.  In Haskell land cabal2nix generates both an expression for
your project and a (separate) expression that drops you into a shell
with all the dependencies in scope.


> But the real problem is, that my emacs doesn't know about this
> environment. I don't know how to handle this (besides starting a new
> emacs from the nix-shell shell, which I don't want).

The way I do this is to fire up a Makefile from Emacs.  The Makefile
uses nix-shell to start the actual builder:

nix-shell --pure --command "./Setup build"

This is an indirection, but it makes sure that the environment the
builder sees is (fairly close to) the environment the build script would
see when you use nix-build.  And indeed, you can actually use nix-build
as well, although you probably don't want to, because it rebuilds the
whole thing all the time.

I hope this helps.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Per-user default binary caches

2015-04-16 Thread Ertugrul Söylemez
Hello everybody,

is there a way to set a default binary cache for my regular user without
making it a systemwide default, perhaps in `~/.nixpkgs/config.nix`?
Basically I'd like to get rid of the --option argument when dealing with
Haskell packages.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Haskell NG: Still no binaries

2015-04-16 Thread Ertugrul Söylemez
> > That did it!  Since I'm running NixOS I am indeed running
> > nix-daemon.  The following setting did the trick:
> >
> > nix.binaryCaches = [
> > "https://cache.nixos.org/";
> > "https://hydra.nixos.org/";
> > ];
>
> IMHO, "nix-env" should pass those options on to the daemon, i.e. it
> should not be necessary to hard-code hydra.cryp.to as a global binary
> cache for this to work.

Actually I'm not sure whether this is such a good idea.  If it did, it
would be a backdoor into fellow system users.  An attacker could
construct a Nix expression that matches exactly another system user's
expression.  Then the attacker builds it, but they tell Nix that they
have a binary cache available for it, which delivers an infected version
of the derivation.

When the other system user tries to build the same expression, they find
that it is already built, but it is actually the infected substitute
injected by the attacker.


> Just out of curiosity, did you configure
>
>   nix.trustedBinaryCaches = [ http://hydra.nixos.org http://hydra.cryp.to ];
>
> in your configuration.nix?

I didn't.  Now that you mention it I briefly remember Nix telling me
something about the untrusted binary cache.  I just ignored it, assuming
that Nix would go ahead and use it anyway.  I will try with that
setting.

But yes, because of the above it's totally sensible that Nix doesn't
just use any cache that you tell it to use.

Thanks!


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Binary trust (was: Haskell NG: Still no binaries)

2015-04-16 Thread Ertugrul Söylemez
Hi Kirill,

 nix-env \
 --option extra-binary-caches https://hydra.nixos.org \
 --option extra-binary-caches https://hydra.cryp.to \
 -iA nixos.pkgs.hsEnv
>
> Might it be the case that you are running nix in daemon mode and thus it
> ignores `binary-caches`?

That did it!  Since I'm running NixOS I am indeed running nix-daemon.
The following setting did the trick:

nix.binaryCaches = [
"https://cache.nixos.org/";
"https://hydra.nixos.org/";
];

Thanks a lot!

Unfortunately hydra.cryp.to does not seem to support TLS.  That's why I
left it out.  But that raises an interesting question:  Where do the
hash values for the binary packages come from?

At this point since we lack deterministic builds I would assume that
they come from the same host that delivers the substitutes.  A related
question is:  Are the hashes signed?

If the hashes are not trusted, then a plain-text connection would be a
huge security risk regardless of whether you trust the host.  Even a
malicious user or an infected machine on your local network could
replace binary packages on their way and get arbitrary code onto your
machine.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Haskell NG: Still no binaries

2015-04-16 Thread Ertugrul Söylemez
Hi Peter,

> > nix-env \
> > --option extra-binary-caches https://hydra.nixos.org \
> > --option extra-binary-caches https://hydra.cryp.to \
> > -iA nixos.pkgs.hsEnv
>
> what happpens when you use that command to install the attribute
> nixos.pkgs.haskell-ng.ghc784.cabal-install and/or
> nixos.pkgs.haskell-ng.ghc7101.cabal-install? Does your machine get
> binaries for those attributes?

Both are built from source, no binaries except GHC.


> You are running x86_64-linux, right?

That's right.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Haskell NG: Still no binaries

2015-04-16 Thread Ertugrul Söylemez
Hello everybody,

today I've attempted to switch to Haskell NG again.  The new tree itself
seems to work for me, but I'm still not getting prebuilt binary
packages.  The only binary I get is GHC, while every other Haskell
package seems to be compiled from source code.

I've tried with the following reasonably minimal setup.  My
~/.nixpkgs/config.nix contains the following code:

nixos : {
packageOverrides = pkgs : rec {
hsEnv = pkgs.haskellngPackages.ghcWithPackages (hs: with hs; [
cabal-install
]);
};
}

In my initial attempt I would have liked to switch to the new GHC as
well, so I've also tried the following override:

hsEnv = pkgs.haskell-ng.packages.ghc7101.ghcWithPackages (hs: with hs; [
cabal-install
]);

I'm on the nixos-unstable channel:

# nix-channel --list
nixos https://nixos.org/channels/nixos-unstable

The commands I've tried to get binary packages were:

nix-env \
--option extra-binary-caches https://hydra.nixos.org \
--option extra-binary-caches https://hydra.cryp.to \
-iA nixos.pkgs.hsEnv

nix-env \
--option extra-binary-caches http://hydra.nixos.org \
--option extra-binary-caches http://hydra.cryp.to \
-iA nixos.pkgs.hsEnv

Neither of them gave me binaries.  Am I doing something wrong there?

Background: As noted in an earlier thread my current development machine
is too weak to build everything from source.  The build of the GHC
7.10-based environment above took about 30 minutes, and that doesn't
include GHC itself.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use GHC 7.10.1 as default Haskell compiler in nixpkgs

2015-04-02 Thread Ertugrul Söylemez
> > The last time I tried to switch, Nix started to build everything
> > from source, including GHC, even with the options described in the
> > Haskell NG thread.
>
> what architecture do you use? Is it i686-linux by any chance? I'm
> asking because Hydra isn't building binaries for that platform at the
> moment.
>
> You should always get binaries of GHC itself, though. Those are part
> of the standard "nixos-unstable" channel.

It's x86_64 using the unstable channel.  Since it has been a while I
will just retry with the original instructions and see what happens.
I'll report my result here.

Thanks!


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use GHC 7.10.1 as default Haskell compiler in nixpkgs

2015-04-02 Thread Ertugrul Söylemez
> If you haven't migrated to Haskell NG yet ... now would be a good time
> to do it. (I'm looking at you, Agda.)

I'm currently forced to work on a rather weak machine, so building from
source is prohibitively expensive.

Is there a very short summary of how to do it and still get binary
packages?  The last time I tried to switch, Nix started to build
everything from source, including GHC, even with the options described
in the Haskell NG thread.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Let's switch the default shell in Nixpks / NixOS to csh

2015-04-01 Thread Ertugrul Söylemez
>> This makes me wonder whether maybe we should switch all shell
>> scripting in Nixpkgs to "csh"? Wouldn't that solve a lot of problems?
>> I've heard experts say that "csh" is generally considered superior
>> for scripting tasks because of its more intuitive syntax.
>
> I really dislike csh's syntax, and that of tcsh, and having to learn
> it in order to write scripts for Nix would be undesirable to say the
> least.

What you are saying is basically:  Switching away from Bash is not the
proper solution.  The proper solution is not to assume a certain shell
at all and let the builder itself choose it.  And I agree.  This would
be easy to support by stdenv.  Basically all we need is to make
$stdenv/setup portable (i.e. parametric).

Also I agree that Guix is in a number of ways superior.  My only problem
with Guix is Scheme, because I have some language-design issues with it.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-18 Thread Ertugrul Söylemez
> What I want to say is that it might be boring to maintain such a
> comprehensive help system, but it’s totally worth it, and it’s
> wonderful that someone volounteers to do that. BTW it would be nice to
> have a generic framework for writing docs and then doing things like
> generating man-pages and context-sensitive help automatically. Maybe
> such a framework already exists?

That's what I want to do, but I'm still not sure whether the community
is behind me.  I don't want to spend days to develop a nice solution
just to find that nobody actually wants it.

I did not count formally, but so far my proposal was met with mixed
feelings.  If there is a definite, "stop talking, please just do it",
then I will do it.  My changes would include minor documentation
improvements, but most notably a context-sensitive help system that is
easy to use especially for Nix developers.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to add an additional IP address besides the DHCP configured address?

2015-02-18 Thread Ertugrul Söylemez
> I would like to add the IP address 172.16.48.17/28 to my enp0s3
> interface but I would also like to keep the DHCP configured address.
> [...]
> Is this possible or should I use networking.localCommands?

The proper way to do this is to instruct the DHCP *server* to assign the
addresses.  Most servers can assign IP addresses based on MAC addresses.
All options below are hacks, because they circumvent the lease system of
DHCP, so they are unsafe.

The most proper unsafe way is to configure the DHCP *client* to assign
the additional address.  Unfortunately when you configure dhcpcd to
assign a static address, it does not ask the server to get a lease at
all.  Perhaps you can figure out a way to do both.  The relevant option
is `networking.dhcpcd.extraConfig` and the `static` option from
dhcpcd.conf(5).

A less proper way is to use a hook and assign the additional address
yourself.  The most general interface to that seems to be
`networking.dhcpcd.runHook`.  It's less proper, because then the client
does not manage that address.

See also the section "3rdparty link management" (sic) in dhcpcd(8).  It
seems to offer an addtional option, but I did not follow all the
references.

If all else fails you can disable the DHCP client *daemon* altogether
and do one-shot setups instead.  This is a horrible setup that cries for
network problems, because now even the regular dynamic address falls
outside of the lease system.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-17 Thread Ertugrul Söylemez
>> Software should be fully documented.  If you don't know where the
>> line between "regular users" and "advanced users" is, don't draw one
>> in the first place.
>
> It's not so much a question of regular vs. advanced use, but whether
> something is a stable interface. If we document a command like
> nix-store --register-validity (which is mostly a hack to support the
> nixos-install bootstrap), we'd pretty much commit to supporting it in
> the future. If it's undocumented, we can change or remove it in the
> future.

Good point.  Nevertheless it's a useful feature, so perhaps it's time to
consider stabilising it or providing a stable wrapper.  At this point it
is practically the only way to install Nix-based distributions, and you
really want access to it when you're building lots of machines and
containers, i.e. whenever you don't want to use any of the predefined
installation routines.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-17 Thread Ertugrul Söylemez
> Umm, this is kinda the point that I was making, you were the one who
> suggested to write that "regular users" should use this feature, so I
> explained that you can't differentiate between regular and advanced
> users to you need to treat all users equally and just document the
> feature in a clear and straightforward way.

Apparently we never disagreed.  We just failed to communicate our
notions properly. =)

One thing to note is that some functionality is genuinely unsafe, but
sometimes still useful to users doing less obvious, experimental or
innovative things.  There is nothing wrong with adding big warning signs
to the documentation in the form of:  "This is an unsafe operation that
can violate assumptions X and Y.  Make sure you understand how to apply
it safely before use!".

Sometimes there are use cases that the developers simply did not
anticipate.  This is actually quite common.  For example the `--set`
flag to `nix-env` should definitely be documented, because it is both
safe and useful when you do more with environments than managing
user-specific package sets.

If you follow this line of thought to its conclusion, then the set of
interfaces is really a union of safe (assumptions-preserving) and unsafe
(potentially assumptions-violating) interfaces.  The notion of an
"internal" interface is informal and more often than not ill-defined.  I
believe that all interfaces should be fully exposed and documented, but
the unsafe ones should carry a warning sign along with the rules you
need to follow to preserve the assumptions, i.e. how to use unsafe
interfaces safely.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-16 Thread Ertugrul Söylemez
>> I believe everything should be documented at least in a technical
>> manual.  But there is nothing wrong with putting a note there:
>> "Regular users should not need to use this command."
>
> I wouldn't be in such a hurry to document things in this manner ,
> because the basic assumption is "if it's documented then it's
> supported and we welcome users to use it", and how would you
> differentiate between regular and advanced users anyway?
>
> Of course you should introduce the feature or functionality with the
> use-case that it's aimed at (i.e. Why do I need this?), but
> documenting something and then disclaimering it with "but actually you
> don't really want to use this coz it's risky" is usually just an
> invitation for mayhem.
>
> Bottom line IMHO - either you educate users with the correct
> information and then trust them to use the feature responsibly, or you
> don't expose it.

That doesn't seem to be a coherent argument.  Would you suggest that the
`-f` option to `rm` should not be documented?  Would you deny access to
the manual of `dd` or `sgdisk` while being root?  You can seriously
break stuff with those even worse than with any Nix command.

Software should be fully documented.  If you don't know where the line
between "regular users" and "advanced users" is, don't draw one in the
first place.  Chances are the line doesn't exist and you're just trying
to patronise your users.  I hate software that patronises me.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-16 Thread Ertugrul Söylemez
> Regarding --register-validity, it's a bit of internal command that I'm
> not sure should be documented. But yeah, ‘exportReferencesGraph’
> shouldn't refer to it :-)

Well, it is apparently a helpful utility when you change core parts of
NixOS, when you create your own Nix-based distribution or when you
create virtual machine images without using NixOS tools.  In fact it may
be the only way to do it properly.

I believe everything should be documented at least in a technical
manual.  But there is nothing wrong with putting a note there:  "Regular
users should not need to use this command."


> The format is as follows (see decodeValidPathInfo() in store-api.cc):
>
>   
>   the path (nix-store -q --path)>
>   the path (nix-store -q --size)>
>   
>   
>   
>
> This is repeated until EOF.
>
> See pkgs/build-support/kernel/paths-from-graph.pl for an example of a
> script that generates registration info in this format.

Thanks.  That's a bit difficult for shell scripts to parse, because it's
context-sensitive.  Is there a context-free or regular format or a
predefined parser that I can use from within a small shell script?  I
need to copy the full closure of a derivation in a builder.


>> Regarding the overhaul of `--help` I will just do it and see what
>> people think about it.
>
> Note that I removed --help on purpose because I didn't want to
> maintain two sets of option documentation. Invoking "man" is also what
> tools like Git do, so it's not entirely uncommon.

One advantage of the way Git does it is that it's context-sensitive.  It
does not just fire up a general man-page and lets you search it.  Nix
tools have a large and growing set of options, so at least we should
have that.

Would you agree to reintroduce it, if it contributes to a better UX?  I
will think of ways to keep everything in one place.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-16 Thread Ertugrul Söylemez
>>> +1 to doc fixes! :-) I'll gladly help with peer review for the
>>> content or whatever I can within the prose capacity :-)
>>
>> Nobody else?  I would just do it, but at the very least I need an
>> explanation of the missing parts.
>
> The best way to find out might be to use git blame and see commit
> history.

Okay, I will try that.

Regarding the overhaul of `--help` I will just do it and see what people
think about it.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Missing documentation

2015-02-16 Thread Ertugrul Söylemez
> +1 to doc fixes! :-) I'll gladly help with peer review for the content
> or whatever I can within the prose capacity :-)

Nobody else?  I would just do it, but at the very least I need an
explanation of the missing parts.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Missing documentation

2015-02-14 Thread Ertugrul Söylemez
Hi again everybody,

I noticed that the documentation of various Nix tools is incomplete and
often too vague, so I'd like to contribute documentation patches.  From
the top of my head the following two flags are currently undocumented:

  * `nix-store --register-validity`
  * `nix-env --set`

The latter seems pretty straightforward from the way it is used in NixOS
scripts, but the former is a bit of a mystery to me.  If someone could
give an explanation in simple prose, I'm happy to update the Nix
documentation.

Another thing I would like to do is to add an actual help system to all
Nix tools.  This means that `--help` no longer opens the man page, but
instead displays context-sensitive help.  For example

nix-store -q --help

would display the documentation of the query functionality of
`nix-store`.  I believe, this is much more useful than opening the man
page.  Please tell me what you think about that.

Finally with some help from the community we can fix all dead
references.  For example when you read the documentation for
`exportReferencesGraph`, it refers to "the format used by `nix-store
--register-validity`", and there the reference chain breaks, because the
latter is not documented anywhere except perhaps in the source code.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] nix-store --register-validity

2015-02-14 Thread Ertugrul Söylemez
Hi everybody,

could someone please explain the `--register-validity` flag of
`nix-store` to me?  I'm mostly interested in the format, because I need
to use `exportReferencesGraph` in a derivation.  But most likely from
the search results I've got when searching for its documentation, later
I will need the flag itself as well.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-11 Thread Ertugrul Söylemez
>> Remember that we're talking about very different paradigms.  I can
>> totally see how you would want and love macros in CL.  In CL you
>> encode your solution in such a way that using macros is the natural
>> thing to do, and then lexical manipulation is probably something that
>> comes in handy.  In Haskell your encoding is entirely different, so
>> you wouldn't use macros in the first place.  Instead you would use
>> non-strict higher-order functions together with type classes.
>
> And of course Common Lisp does have higher-order functions; do type
> classes add any encoding power? I always thought they were needed to
> keep track of all that happens, and working duck typing with optional
> multiple dispatch allows to write the same code but with less safety.

Type classes are essentially just principled overloading.  They allow
you to write reusable code bound to certain *features* (rather than
specific types):

multiCoreMapReduce :: (Monoid b) => (a -> b) -> [a] -> b
multiCoreMapReduce f = fold . parMap rseq f

Whenever `b` is a monoid, the above function is a multi-core MapReduce
implementation.  Here `Monoid` is a class.


> There is a myth on the Lisp side that Common Lisp has a paradigm that
> means it wouldn't benefit from some more static annotation and
> analysis features; there is a myth in many non-Lisp places that
> feature X makes macros unneeded.
>
> Both are myths. Just a trivial with-fields (in its many many forms) is
> an example of a thing that is trivial with macros, useful enough to be
> built into Object Pascal and doesn't perform its primary task
> (reducing clutter) if implemented without macros.

I couldn't find any information online about what `with-fields` is, but
From its name I'm just going to assume that it brings stuff into scope
semi-automatically, i.e. it does something a regular function cannot do.
Does a CL programmer benefit from this?  Absolutely!  Would programmers
of most languages benefit from this, for example Object Pascal?  Likely!
Would a Haskell programmer benefit from this?  Well, probably not as
much as you would want them to.

Let's turn the table:  Laziness is a very powerful feature in Haskell.
Could I convince you of that?  Probably not, because you're not a
Haskell programmer and you wouldn't find it very useful in CL.  But I
may be crazy about laziness and think:  "How can anyone deny the
usefulness of laziness?".  You're suffering from the same fallacy
w.r.t. macros.  Let me explain.

There is a *very common* myth on the CL side that macros are so powerful
and so useful in CL that they must be powerful and useful *everywhere*.
That may easily lead you into the trap of thinking that any language
that lacks macros has a serious drawback compared to CL.  But that's a
myth.

I'll assume that right now you're thinking:  "Oh, come on, macros allow
you to manipulate lexical features, scope, introduce new views to data,
build functions automatically, etc.  How can they be useless in any
language?".  I could fall into the same trap:  "Oh, come on, laziness
allows you to build virtual data structures, specify if, how and when to
evaluate (e.g. in parallel), apply semantically huge/infinite transforms
in O(1), use action DSLs, etc.  How can it be useless in any language?".
Yet it would still be pretty useless in CL.

Let me go one step further:  Macros would do more harm than good in
Haskell, if people would actually be going to use them.  In fact we do
have a similarly powerful macro system called TH.  We even have a system
for custom syntax called QuasiQuotes, if you need it.  Our TH and QQ are
even type-safe!  Yet most experienced Haskell programmers try to avoid
both of them as much as possible, and for a good reason, which is beyond
the scope of this mail.

Now macros-considered-harmful probably goes even worse against your
world-view than macros-considered-useless.  But consider this:  In a
similar way laziness would not only be pretty useless in CL, it would do
more harm than good, because it entails the kind of non-determinism that
requires all side effects to be expressed in terms of a lazy
domain-specific action language (which is our `IO`).  You probably don't
want that.  Combined with macros it would have the potential to render
CL unpredictable.


>> Modern van Laarhoven lenses are a powerful abstraction for accessing
>> data structures, mainly because a lens does not necessarily
>> correspond to a certain concrete field (it can correspond to many
>> fields or to a logical alternate view of certain data) and also
>> because both lenses and lens operators are first class values.
>
> _Which_ lenses should be used, actually? It looks like there is a
> controversy about which packages are the correct ones to use and which
> should be considered just a proof-of-concept playground for new ideas.

It doesn't actually matter.  One nice thing about van Laarhoven lenses
is that all the lens packages are compatible with each other.  Most
people use 

Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
>> Oh, Common Lisp (CL) macros don't correspond to TH, but rather to
>> regular functions in Haskell.  We have first class actions together
>> with lazy evaluation.  What is "code is data is code" in CL is
>> "actions are first class values" in Haskell.
>>
>> You only need TH when you need to generate something that is not
>> first class, for example class instances.
>
> And many actions are first class values in CL. But there are many
> things that are not first class even in Haskell. Macros can manipulate
> lexical environments in many convenient ways, for example.
>
> Also, while you could make a function out of a complex iteration
> macro, it is guaranteed to be simpler to use.

Remember that we're talking about very different paradigms.  I can
totally see how you would want and love macros in CL.  In CL you encode
your solution in such a way that using macros is the natural thing to
do, and then lexical manipulation is probably something that comes in
handy.  In Haskell your encoding is entirely different, so you wouldn't
use macros in the first place.  Instead you would use non-strict
higher-order functions together with type classes.


> Ah, so Haskell has no usable records without lenses?

The standard record system is very limited, even though some language
extensions try to improve it (without much success).  However, you would
most likely want to use lenses anyway, even if standard records were
richer.

Modern van Laarhoven lenses are a powerful abstraction for accessing
data structures, mainly because a lens does not necessarily correspond
to a certain concrete field (it can correspond to many fields or to a
logical alternate view of certain data) and also because both lenses and
lens operators are first class values.

Where `temps` is a list of temperatures in degrees Celsius, the
following is that list with three degrees Fahrenheit added to each item:

(traverse . fahrenheit +~ 3) temps

The thing in parentheses is a function that takes any traversable data
structure (e.g. lists or trees), interprets its values as temperatures,
applies a Fahrenheit view and then adds 3.  The result is the modified
data structure (i.e. it's pure).

The following is the same function, except that it only adds if the
original temparature is greater than 10.  All lower temperatures remain
untouched:

traverse . filtered (> 10) . fahrenheit +~ 3

Finally as said lenses and lens operators are first class, so you can
take them as arguments, return them as results and put them into data
structures.  Let `fields` be a list of lenses.  Then the following is a
list of lenses pointing deeper into the individual data structures (into
the `field` subfield of whatever each lens points to):

(traverse %~ (. field)) fields

That's why we love lenses.  They are more than just a recovery from our
lack of a decent record system.  And they are defined in plain Haskell,
just to show you how far we can go without macros. =)


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] UI management (Was: Use Haskell for Shell Scripting)

2015-02-10 Thread Ertugrul Söylemez
> Actually, my idea of the core boot sequence is contrary to your goals:
> for core system I think in terms "I want to easily run recovery after
> a USB boot and I want to describe my system in terms of its imperative
> recovery procedure started from initramfs". It is likely that my
> service management will likely also be like that; but I knew you were
> doing something for staring a NixPkgs-like-structured service
> repository and so decided to get by with a minimum set of daemons
> until I can choose to just write service definitions for your approach
> or start my own set of definitions.

You don't have to wait.  If your services are defined in a functional
manner, you won't have much trouble translating them to my concept.
That means that a service is entirely self-contained and receives its
full configuration from its arguments.  It then returns an attribute set
that specifies at the very least the filesystem directories it needs to
access and a non-daemon program that represents the service:

{config, pkgs}: {
description = "nginx web server: " + f config;
init = builtins.toFile "nginx-init.sh" "...";
mounts = ["/var/www"];
}

You should assume that the init program runs as PID 1 and that it will
be killed from outside by the usual SIGTERM-wait-SIGKILL sequence.
SIGTERM is only sent to the init program.  If it does not quit fast
enough, the entire process group is killed by SIGKILL.  Also you should
assume that the init program can only access the Nix store and the
directories explicitly mentioned in `mounts`.  It should assume that the
root directory is a read-only RAM-disk and that `/proc`, `/sys` and
`/dev` are already mounted appropriately.


> Hm, want to try out QueryFS?

It looks very interesting.  Currently I'd have little use for it, but if
it's available online, I will certainly try it out when a use case pops
up.


> OK. Well, are you OK with me inviting some other people from the
> beginning? Not sure who of them will join.

Sure, go ahead.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
>>> Some of the shell tricks based on expansions are portable to Lisp,
>>> not worth it in Julia and definitely too costly in Haskell (learning
>>> Template Haskell is definitely outside my plans).
>>
>> I don't really know TH either.  Occasionally I use TH actions defined
>> in a library (for example to derive safecopy instances or, less
>> commonly, to auto-generate lenses).  But TH somehow feels wrong and
>> ugly.
>
> In both Julia and Common Lisp I use macros for many tasks and they
> make life much more comfortable. Of course, Haskell type system may
> make it hasrder to use macros.

Oh, Common Lisp (CL) macros don't correspond to TH, but rather to
regular functions in Haskell.  We have first class actions together with
lazy evaluation.  What is "code is data is code" in CL is "actions are
first class values" in Haskell.

You only need TH when you need to generate something that is not first
class, for example class instances.


 However, you may want to write type signatures anyway.  It doesn't
 increase your development time considerably.
>>>
>>> I also need to write matching to extract data from deep structures,
>>> no?
>>
>> I'm not sure what you mean by that.  Perhaps you can drop me an
>> off-list mail, so we can talk about your specific application.
>
> Well, it looks like field names are not scoped and if I use plain ADT
> I have to write pattern matching to extract data from a member of a
> member of a structure.

You can chain both functions and lenses.  Extraction via functions:

(innerField . outerField) value

Extraction via lenses:

value ^. outerField . innerField

Update via lenses:

(outerField . innerField .~ 15) value

You can even get completely imperative by using a state monad:

outerField . innerField .= 15
outerField . otherInnerField .= "blah"


>> The trouble is that xmonad's idea of "set of workspaces" is encoded
>> as a list zipper.  It does not allow me to encode the tree.  It only
>> ever holds *lists* of workspaces and does not abstract over this data
>> structure.
>
> So? Keep your own structure and keep pointers to XMonad-stored
> entries.

Yes, I do that, arguably not in the most elegant way possible, because
the predefined workspace switchers and layout algorithms need to
understand my concept as well.

If xmonad would simply abstract over StackSet, it would be very easy and
transparent to do.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] UI management (Was: Use Haskell for Shell Scripting)

2015-02-10 Thread Ertugrul Söylemez
> Also, I sometimes tend to use closing unneeded windows as a way of
> keeping track of short-term TODO list.

I think there doesn't have to be semantic difference between closing a
window and dropping it into a virtual drawer.  Your short-term to-dos
would be elsewhere.


>> Unfortunately it entails removing systemd from the top of the process
>> tree, which is a lot of work for a single person, but I'm highly
>> motivated.  By the way, this is not my usual systemd hatred.  There
>> are technical reasons to remove it from the top.
>
> Will you share it already? I do have a bootable systemd-less system
> based on NixPkgs, and would probably contribute some service
> definitions to the thing you develop.

I'm very close to a bootable system.  Allow me to arrive there first,
then we can compare and exchange ideas and code.  I will definitely let
you know, because I'm interested in your way of doing it.

Publishing a working prototype works better for me.


>> I'm not sure why.  This is not about a certain UX concept, but just
>> about a window manager being sufficiently general that I could start
>> to experiment.
>
> Well, because what you said in that paragraph is close to what I tried
> to do at some time, and there are hidden costs. When they become
> revealed (and they are different for different people, of course), you
> will take the things you have by this time and change the direction of
> development according to new data.

Oh, that might happen of course.


>> [...] In the same way I always thought that our filesystem concept is
>> wrong.  There is no inherent reason to have "files in folders".  I
>> believe that a disk should act more like a giant mutable variable.
>
> At some point I saw RelFS and tried to use it for tagging files. Then
> I hit its limitations and written my own QueryFS. Now I use it for
> many things, but not for file tagging because hierarchical structure
> made it simpler for me just to think in terms of hierarchy.
>
> So directory structure was a good idea for file storage, in my
> opinion.

Sure, it is great for some things, but terrible for others.  The point
is that we don't get a choice.  Everything is designed around the "files
in directories" notion.  That's why an sqlite database is completely
opaque from the point of view of the operating system.  You need special
tools with a special UI to inspect databases.


>> My vision for software in general is what I call "organic software".
>> [...]
>> How can we write software that isn't moronware?  Good design and
>> proper responses to exceptional circumstances can make our programs
>> faster, more responsive, more flexible and less like untrained
>> animals.  They make our programs *dependable* and in the end
>> *trustworthy*, because we can feed tasks to our program and focus on
>> other things or even just pick up a cup of coffee, because we *know*
>> that it will do its best to complete as much as possible without our
>> intervention."
>
> Well, this vision is what I consider one of the problems of modern
> software development. It would be yet another tangent, though; do you
> want to go in that direction?
>
> In short, I want (but don't yet know how to achieve in some cases)
> predictable transparent tools usable as IA in Engelbart speak, not
> DWIM helpers with wannabe-AI.
>
> I want tools that can be easily transparently wrapped to try to do as
> much as possible or to stop at the first problem.

I find this topic very interesting.  I believe it needs to be discussed,
but this mailing list is probably not the right place to do it.  For
lack of a better place, feel free to write me off-list, if you would
like to discuss this further.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
>> It's seldom that you have to write your own data types, if you don't
>> want to.  Basic types, functions, products and coproducts can express
>> anything you want that isn't a tightly packed array of machine words.
>>
>> But if you really want to dump everything into a table-like data
>> structure, you can use Data.Map or Data.IntMap for everything.
>> Together with GHC's OverloadedLists extension this should make your
>> code just as short as the usual everything-is-a-hash-table in most
>> scripting languages.
>
> Actually, I use a ton of tuples-as-records in my crunching code in
> Common Lisp or Julia.
>
> Some of the shell tricks based on expansions are portable to Lisp, not
> worth it in Julia and definitely too costly in Haskell (learning
> Template Haskell is definitely outside my plans).

I don't really know TH either.  Occasionally I use TH actions defined in
a library (for example to derive safecopy instances or, less commonly,
to auto-generate lenses).  But TH somehow feels wrong and ugly.


>> However, you may want to write type signatures anyway.  It doesn't
>> increase your development time considerably.
>
> I also need to write matching to extract data from deep structures,
> no?

I'm not sure what you mean by that.  Perhaps you can drop me an off-list
mail, so we can talk about your specific application.


 I'm using a tree-shaped set of workspaces, but I need to encode
 this tree within the names of the workspaces, which is incredibly
 awkward.
>>>
>>> Well, I think you should be able just to write alternative UI for
>>> workspace selection simply ignoring the old one, no?
>>
>> Unfortunately not.  Everything in xmonad goes through the core data
>> structure StackSet.
>
> Why is it a problem? For hierarchically structured workspaces you just
> tell XMonad core to select the low-level workspace.

The trouble is that xmonad's idea of "set of workspaces" is encoded as a
list zipper.  It does not allow me to encode the tree.  It only ever
holds *lists* of workspaces and does not abstract over this data
structure.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
>>> Data type declarations are not free in any case, I think.
>>
>> Compared to what?  Algebraic abstractions usually compile to exactly
>> the code you would have written if you had not used abstraction.
>
> Data type declarations have to be written. Store-everything-in-hash-
> tables is slower but quicker to write as long as I can keep the entire
> program structure in my head.
>
> Also I am trying to learn to write reasonable Haskell code for a small
> data-crunching script without just "writing Fortran into Haskell";
> well, many of its features are minor annoyances in that mode even if
> they are useful for giving structure to a large program.

It's seldom that you have to write your own data types, if you don't
want to.  Basic types, functions, products and coproducts can express
anything you want that isn't a tightly packed array of machine words.

But if you really want to dump everything into a table-like data
structure, you can use Data.Map or Data.IntMap for everything.  Together
with GHC's OverloadedLists extension this should make your code just as
short as the usual everything-is-a-hash-table in most scripting
languages.

However, you may want to write type signatures anyway.  It doesn't
increase your development time considerably.


>>> Well, you started talking like you were considering some limitation
>>> of XMonad hard to work around.
>>
>> I am.  I'm using a tree-shaped set of workspaces, but I need to
>> encode this tree within the names of the workspaces, which is
>> incredibly awkward.
>
> Well, I think you should be able just to write alternative UI for
> workspace selection simply ignoring the old one, no?

Unfortunately not.  Everything in xmonad goes through the core data
structure StackSet.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
> Data type declarations are not free in any case, I think.

Compared to what?  Algebraic abstractions usually compile to exactly the
code you would have written if you had not used abstraction.


> Well, you started talking like you were considering some limitation of
> XMonad hard to work around.

I am.  I'm using a tree-shaped set of workspaces, but I need to encode
this tree within the names of the workspaces, which is incredibly
awkward.


>> So I'm probably already doing what you're suggesting, except that it
>> doesn't look like Unix, because there is no "pipe" involved. =)
>
> Well, with sockets it is easier to do decoupling, and cross-language
> development.

Decoupling seems unrelated, but the cross-language point is valid of
course.  Also sockets can work over a network.  So yeah, it's a
tradeoff.  For my window manager I really don't want to go through that
complexity.  It's written in Haskell, I'd like to configure in Haskell
and I'm not planning to offload my WM state to another machine.  So I'm
glad I can just use xmonad as a library.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] UI management (Was: Use Haskell for Shell Scripting)

2015-02-10 Thread Ertugrul Söylemez
>> It's not that esoteric.  Think about the average 2013 laptop or PC
>> with plenty of RAM.  When you're done with a certain task, you close
>> its window, simply because you're used to that and perhaps because
>> you draw a relationship to the physical world, where you prefer your
>> desk to be clean and organised.
>
> Erm, some of the things need to know they should stop eating CPU
> cycles and stop touching their esident working set — I do think that
> my 8 GiBs of RAM are sometimes better used with more disk caching of
> my active-in- brain tasks and not caching LibreOffice and
> Firefox. Sometimes not.

That's actually fairly easy to handle on Linux by using namespaces,
sigstopping and sigconting.  There is probably also a way to force
programs to go to swap by using cgroups.  Be patient, I'm still working
on a DSL for this design. =)

Unfortunately it entails removing systemd from the top of the process
tree, which is a lot of work for a single person, but I'm highly
motivated.  By the way, this is not my usual systemd hatred.  There are
technical reasons to remove it from the top.


>> So what's the solution?  Simple: Workspaces must be cheap, dynamic
>> and extremely easy to manage.  There should not be a rigid mapping
>> between workspaces and windows.  Windows should easily be able to
>> belong to multiple workspaces.  A generalised xmonad could do it, but
>> the current one can't.
>
> My experience says that moving towards your goal is a good idea w.r.t.
> status quo, but halfway there you'll switch the direction.

I'm not sure why.  This is not about a certain UX concept, but just
about a window manager being sufficiently general that I could start to
experiment.


> What is your vision and what is your experience on your way there?

Wow, big question!  I'll try: It's twofold.

A long time ago (≥ 13 years), little me was using Windows, and he always
thought that there is something wrong with this concept of "windows on a
desktop".  "Folders" felt unnatural, too.  Everything about my operating
system tried to mimic the physical world.  I never really cared about
learning curves, so I always asked myself what it would look like if we
could use the potential of a virtual space to its full potential instead
of locking ourselves up within the boundary of our own imagination
("office work" means "sitting in front of a desk" to most people).

A later me had already switched to Linux and discovered workspaces.  It
was a minor improvement, because this time you have multiple virtual
desks, so you had no reason to drop something on the floor (minimising).
But it still felt wrong, and this feeling continues to this day.

My vision for UX is that we move away from the physical world.  In the
computer we can construct our own universe with the rules of physics
constructed or bent to support the work we are doing, perhaps in a fun
way.  Let's not think of the space on our screen as a virtual desk.
It's a projection of a space that we programmers create, and we have
complete freedom to create whatever we want!  In the same way I always
thought that our filesystem concept is wrong.  There is no inherent
reason to have "files in folders".  I believe that a disk should act
more like a giant mutable variable.

My vision for software in general is what I call "organic software".
I'm actually writing an article about it, so let me just quote a few
paragraphs of the section *Moronware* from that one:

"View programs, especially interactive ones, as part of your team.
Imagine that you have handwritten a bunch of documents that you would
like me, your teammate, to review.  So you hand me a copy and I start
reading.  Later that day you return to my office, and I'm just sitting
there, doing nothing.  You ask what's wrong, and I point to one of the
words in the document I were reading.  I simply couldn't decipher your
handwriting, so I stopped and waited for your assistance instead of
making a note and continuing.  Seems absurd, right?  No good teammate
would do that.  That's true.  Our programs are probably not such good
teammates.

When humans act the way our programs do we like to call them morons.  We
should do that with programs instead of humans.  They aren't self-aware
beings (yet), so they won't be offended, and they really do act like
morons.  I propose the term *moronware*.

How can we write software that isn't moronware?  Good design and proper
responses to exceptional circumstances can make our programs faster,
more responsive, more flexible and less like untrained animals.  They
make our programs *dependable* and in the end *trustworthy*, because we
can feed tasks to our program and focus on other things or even just
pick up a cup of coffee, because we *know* that it will do its best to
complete as much as possible without our intervention."


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/m

Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-10 Thread Ertugrul Söylemez
> I think you are thinking too big-system-design instead of
> quick-scripting about that.

Let's say I don't draw a line between small systems and large systems
when it comes to abstractions, because algebraic abstractions are cheap.

IMO a minimum requirement for a language to be called "functional" is
that functions are cheap.  I mean cheap as in "almost free", just like
mutable variables are almost free in imperative programming.
Quantification ("generics" in most languages) must be entirely free.
It's not in C++, but in boxing languages it is.

Now if quantification is free and your functions are almost free, then
algebraic abstractions are also almost free.  You might as well use them
everywhere, even in your quick-n-dirty scripts, because they make your
code shorter, more maintainable and usually more readable as well
(especially the types).

While you're reading this you should not think of OOP.  OO abstractions
are expensive in every way.  They make your program slower and your
source code longer.  They are not suitable for quick-n-dirty scripts.


> I have added an external module to StumpWM that goes completely
> against the default logic of connecting screens, workspaces and
> windows.
>
> It just moves windows between the workspaces when it needs to.
>
> I still use the hard parts of a WM (X protocol handling) and just
> added my own implementation of the fun parts.

Yeah, that sounds pretty much like what I do right now, except with a
different WM at the core.


> I think I was not clear with my idea about Ratpoison. I meant the Unix
> way of doing things: there is Ratpoison that can easily receive
> commands to change the splits and move the windows. Your logic is in
> Haskell and it just sends commands to Ratpoison (which has been
> debugged once).

The Unix philosophy can manifest in a number of ways.  Usually you make
programs pipe-friendly and perhaps add a configuration file.  That's the
traditional approach, which has one huge drawback:  When communicating
all structure must be flattened, because pipes understand only the
"stream of bytes" notion.  Then at the receiving end the structure must
be recovered from the byte-stream.  For long-running programs like a WM
it also means that you need to act non-blockingly and handle errors
sensibly.

An interesting alternative is that you don't make your program a
"program" in the first place.  After all what is a "program"?  It's a
library together with a `main` procedure.  Just leave out `main`.  Now
it's just a library and "configuring" amounts to the user writing an
actual program that uses the library.  That way there is no need to go
through the flatten-and-recover process from above.  You can stay within
the language's type system.  That's what most Haskell programs do,
including xmonad.

So I'm probably already doing what you're suggesting, except that it
doesn't look like Unix, because there is no "pipe" involved. =)


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-09 Thread Ertugrul Söylemez
>> In short:  Better stop arguing against them, [...]
>
> I'm not; [...]

Alright. =)


>> In the ideal graphical environment I wouldn't see any reason to close
>> or move a single window -- ever.  Xmonad gets closer, but is still
>> far away.
>
> What?!! That sounds very abstract and cool! Maybe esoteric. Can you
> elaborate?

It's not that esoteric.  Think about the average 2013 laptop or PC with
plenty of RAM.  When you're done with a certain task, you close its
window, simply because you're used to that and perhaps because you draw
a relationship to the physical world, where you prefer your desk to be
clean and organised.

The truth is that a virtual "desktop" does not really (have to)
correspond to a real one.  There is no technical reason to close the
window other than the limits imposed by your amount of RAM and swap.  In
fact you shouldn't close windows, unless you're absolutely sure that you
will never need them again.  Most of the windows you close you just find
yourself reopening again later, going through all the procedures from
firing up a program to navigating to a file to scrolling to the part you
want to view or edit.  It's not *much* work, but it's repetetive and
unnecessary.

Think of the average Windows user, who is used to the fact that there is
only one "desktop".  When they need to suspend a task to temporarily
work on another one, they start to close or minimise windows, only to
have to find and recall all of them later.  This takes a considerable
amount of time, probably wasting a good ten minutes before you can get
back up to speed again.

Why?  Because it's the most unnatural thing you can do.  When you need
to interrupt your current work in the physical world, do you drop
everything to the floor or stuff everything back into the drawer?
Perhaps you do the first few times, but then you get a second desk or a
larger one.  That's probably the number one reason why Windows users
generally have at least two screens and would prefer to have more.

So what's the solution?  Simple: Workspaces must be cheap, dynamic and
extremely easy to manage.  There should not be a rigid mapping between
workspaces and windows.  Windows should easily be able to belong to
multiple workspaces.  A generalised xmonad could do it, but the current
one can't.

I'd be happy to discuss this further, but I'm afraid we're getting way
out of topic. =)


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-09 Thread Ertugrul Söylemez
>> Thanks!  However, I'd better not switch to a WM that I wouldn't enjoy
>> configuring.  Also I think that I've bent xmonad pretty much to its
>> limits and hit the abstraction wall.  Nowadays my configuration is a
>> whole cabalised package that I install via Nix.  If you're
>> interested, it's online [1].
>
> If you hit an abstraction wall, maybe you would actually enjoy doing
> what you originally wanted with access to lower-level abstraction.

For xmonad StackSet is the lowest level.  Using something different
amounts to writing a new window manager, a generalisation of xmonad.


> Well, StumpWM allows arbitrary splits, very useful for Lazarus, Gimp,
> etc.

Oh, this is not about splits.  Xmonad allows that, too, via layouts.
This is about the core data structure holding the current window
configuration (the associations between windows and workspaces, and
between workspaces and screens).  It is a core piece of the window
manager and cannot be modified by an addon.  Haskell allows to abstract
over this data structure easily, i.e. quantify over what is currently
"StackSet".  The problem is: Xmonad does not do that.  There is no
inherent technical difficulty in doing it, it just doesn't do it.

The equivalent in C++ would be to use templates instead of concrete
functions, but there is no good translation for type classes.  You
really want type classes for this kind of thing.


> Maybe you should try Ratpoison and give it commands from a Haskell
> decision-making piece of code? Ratpoison also has arbitrary splits, it
> is simpler than StumpWM and can do way less. Driving StumpWM
> externally shoud also be easy, although with larger overhead.

Generalising the xmonad source code would probably work better for me,
because it allows me to stay in Haskell land and use types the way I'm
used to.  Also I don't believe that a WM written in C can have what I'm
looking for at all (abstracting over the core data structure).  It would
have to be implemented by horrible pointer magic, and I don't want to
touch that, even if it were there.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-09 Thread Ertugrul Söylemez
> Maybe you need to script it properly? Maybe StumpWM is less rigid from
> the beginning, though (I use it and extended it for my needs, so I can
> probably answer your questions if you wonder about it; it is in Common
> Lisp, by default all the splits are manual, and there are many hooks
> to perform actiosn on events like window addition)

Thanks!  However, I'd better not switch to a WM that I wouldn't enjoy
configuring.  Also I think that I've bent xmonad pretty much to its
limits and hit the abstraction wall.  Nowadays my configuration is a
whole cabalised package that I install via Nix.  If you're interested,
it's online [1].

The abstraction wall I hit is StackSet.  It is highly sequential
(workspaces are lists of windows, there is a mapping from screens to
workspaces, etc.) and offers absolutely no choice to organise windows
differently.  What I mean by "too rigid" is having

f :: Blah X -> M ()

instead of

f :: (SomeAppropriateClass f) => f X -> M ()

thereby enforcing `Blah` instead of an `f` of my choice.

[1]: http://hub.darcs.net/ertes-m/config/browse/myxmonad


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-09 Thread Ertugrul Söylemez
>> To be fair, there is also the GNU OS, which uses Guix, although the
>> underlying ideas and build system (nix-daemon) are the same.
>
> [...] As such, it's probably best for me to not talk about GNU
> OS, Guix, and Guile until I get the time/willpower to explain why my
> viewpoint against that project is not malicious and why NixOS is –
> perhaps counterintuitively to some libre software supporters – more
> beneficial to the software freedom movement.

Do yourself a favour by not getting into that kind of argument.  They
see benefit in their way of doing things, and I would strongly support
their project.  Both GNU OS and NixOS are heading into a much better
direction than pretty much all other distributions in my personal view,
and I would happily encourage them to carry on.

At some point in time we will benefit from each other, and in fact I see
a huge benefit even for NixOS in the sole existence of GNU OS, if only
to have some GNU people following the functional distribution approach.
If nothing else the fact that two projects happily follow the same idea
may well indicate to some people that we're on the right track.  "We" as
in "the GNU OS and NixOS people."

In short:  Better stop arguing against them, regardless of what your
reasons are.  The only thing you can gain by that is a week of heated
flamewars with no conclusion other than that they will think that NixOS
people are jerks.  I'd prefer us to work together instead of against
each other.


> Nevertheless, I still think that human interface choice is
> important, and XMonad is an example of the original point that I was
> trying to get at. It is a classic user interface, a tiling window
> manager, using a pure-functional language. Just because something is
> written using modern techniques doesn't mean to say that the user
> interface itself is ‘modern’.

I use the same combination (xmonad + taffybar) and could complain all
day long about it.  Of course this is constructive criticism, and I'm an
idealist to some extent, but still there is a lot of room for
improvement.

For example xmonad is too rigid.  It has a fixed data structure that
corresponds directly to what is displayed on each screen.  Workspace
names are strings, which is hugely inconvenient.  Something like
tag-based volatile workspaces are not possible, although with some
really ugly (and slow) hacks you could do it.

In the ideal graphical environment I wouldn't see any reason to close or
move a single window -- ever.  Xmonad gets closer, but is still far
away.


> ‘multiparadigm’ is ambiguous as to what multiple paradigms that refers
> to, but I clarified that by saying “functional/imperative”.

I did mean that Haskell supports imperative programming just as well as
it does support declarative programming.  Some people say that it's the
best imperative language out there.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-02-09 Thread Ertugrul Söylemez
>> Also the Nix model allows us to compile all our scripts easily (just
>> apply a function), which might hold some benefit in terms of startup
>> and switch times.  There is little reason to use interpreted scripts
>> when you have a fast compiler.
>
> So would you say that this is preferable to the shell-monad idea?

Yes.  Even when compiling a Haskell DSL to a shell script you need to
compile the DSL itself first into a program that can output the script.
If you are going to compile anyway, just compile the source language to
a runnable binary in the first place.

One huge benefit of that is that you can use the libraries and
abstractions of the source language.  As a simple example by compiling
to Bash you give up the option of using Haskell's concurrency, exception
handling, etc.  And those two are particularly difficult to translate to
Bash, or pretty much every other shell.


> I'd definitely say that NixOS is the most state-of-the-art GNU+Linux
> distribution in existence, [...]

To be fair, there is also the GNU OS, which uses Guix, although the
underlying ideas and build system (nix-daemon) are the same.


> [...] for people who rarely use computers, the potential difference is
> a lot lower, so UI changes should not be forced upon them.)

I think it is important to define your target audience.  If you are
specifically targetting, as you call them, computer illiterates or
people who rarely use computers, it is entirely reasonable to offer them
an easy, slowly evolving UI.

However, for the general public I would say that our current state of
the art in UIs is so broken that the faster we move on the better for
humanity.  For example anyone who tells me that touch screens are
intuitive does not understand the word *intuitive*.  Hint: It does not
mean pictures, nor does it mean pointing.  The same holds for virtual
UIs that we access through HIDs.  For a concrete example just try to use
style sheets *and* be productive at the same time in your office suite
of choice (don't worry, they all suck).  Try to handle hundreds of
e-mails per day (*handle*, not skim!) in multiple mailboxes *and* use
less than 50% of your work time for dealing with e-mail in any MUA (yes,
I'm including mutt and Emacs).

Now don't get me wrong.  You do have a point there.  If a UI was
perfectly reasonable and has been replaced by something less reasonable,
I can totally understand your dissatisfaction.  That does happen from
time to time when marketing people try to be smart.  But if the sole
reason that you are unhappy is because you have to learn something new,
then you shouldn't suggest moving to purely functional languages for
scripting.  Remember that contributors are humans as well, many of them
will face having to learn something new and nontrivial, and some of them
will probably be just as angry as you are when your UI has been replaced
without the option to go back.

Again don't get me wrong.  I suggest that we do it, as long as we think
that we're moving along the right track.  Innovation will almost by
necessity cause some dissatisfaction.  I'm really just saying that there
is not much difference between innovation in programming languages
(programmers are humans) and user experience (users are humans).  For
some of them innovation will be a problem in both cases.  Either you
choose to respect that, or you choose to move on regardless.  It depends
on your target audience.


> I'm also only interested in the pure-functional languages. I'm not
> interested in so-called ‘multiparadigm’ functional/imperative
> languages like Scheme as this does not provide the deterministic
> purity guarantees that pure-functional languages are based-on.

I would love to use Haskell for everything, but it's simply not a
realistic option.  Currently GHC is practically our only compiler.  It
is huge, compiling takes time, etc.  We can fix all of these things, but
we haven't so far and GHC will not get smaller or faster any time soon.

Let me clarify:  GHC is not slow per se, if you consider that Haskell
has an extremely high signal/noise ratio, not just in syntax, but
especially in semantics.  Two lines of Haskell can easily *mean a lot*
(i.e. encode a program that does lots of things or very complicated
things).  If we measure by "time spent per semantic content", then GHC
is lightning-fast.  However, that measure is only interesting for larger
projects.  For small scripts the measure "time spent per line of code"
counts, and GHC does not perform too well there.

The other static functional languages I have tried were either too
noisy, too immature or did not provide a reasonable FFI.  Things will
improve and new options will pop up, but right now our choices are
limited.


> True, but the idea is to minimise impure code. The documentation and
> tutorials of pure languages encourage the practice of factoring-out
> any necessary impure code and writing most code to be pure. Can the
> same be said about multiparadigm languages?

You may n

Re: [Nix-dev] Can we please have text-only on this ML?

2015-02-09 Thread Ertugrul Söylemez
> My issue with text-only is that I don't know how to turn off
> hard-wrapping in my client. By ‘hard-wrapping’ I mean:

That's always something that bothered me about e-mail (among other
things).  There are only two formats that are widely supported, and none
of them get it right.  The text/plain format is too much 1980's terminal
or perhaps 1900's typewriter to be useful as a standard electronic
format, especially given our nowadays rich diversity in potential
viewing devices.  Certainly text/plain hurts on my small phone.  There
is an extension to turn wrapping off globally, but obviously that's just
desparation rather than a solution.

Also most MUAs interpret this as:  "Make the paragraphs of this message
use the entire horizontal space."  That works for phones, but
typographically it's a bad idea for a MUA displayed on a large 16:9
display, unless you make the window smaller.

On the other hand text/html is too much.  It comes with huge
implementation costs, even when you use ready-made libraries for parsing
and rendering.  It comes with an unnecessarily high potential for abuse.
If you think about it, in e-mail it is really an extremely reduced
variant of HTML to get rich text formatting and independence of the
source text layout.  These are features some of us (including me) would
like, but without the complexity of HTML.

So what we really need is something inbetween.  I would request that:

  * it can easily be typed by hand even in very poor editors, but
especially well in advanced editors like Emacs or Vim,

  * that it can be read without rendering, so that the barrier to
writing a new MUA does not become much worse (it's horrible enough).

  * WYSIWYG editors for it are reasonably easy to write and would render
to readable source text,

  * it allows us to be completely independent of source text layout
except in parts where we specifically want it,

  * it is a standard format that all agree to interpret the same way.

You may be thinking: "Except for the last point that's just Markdown!".
Indeed, a Markdown standard is currently in development as far as I'm
informed.  And I'm happy to adopt it as the standard format for email.
In fact I wouldn't be surprised if some people already configured their
MUAs to pass text/plain parts through Pandoc or something similar.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Can we please have text-only on this ML?

2015-02-06 Thread Ertugrul Söylemez
> I just notice that almost everything I read from this ML is html.

I don't really mind text/html parts (as long as there is a text/plain
part as well), except that in this list they are probably just a waste
of bandwidth.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-01-31 Thread Ertugrul Söylemez
> What about other languages as Python, Perl etc.? I know it is against
> our purity standards, but they are a far superior to Bash scripting.

Well, that's the current state of the art.  They are both used in
Nixpkgs and some Nix-related tools.  They are an improvement over Bash
scripting, but I believe we might as well go all the way and use a
functional language.

Also the Nix model allows us to compile all our scripts easily (just
apply a function), which might hold some benefit in terms of startup and
switch times.  There is little reason to use interpreted scripts when
you have a fast compiler.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-01-31 Thread Ertugrul Söylemez
> Curry is indeed a beautiful language, and is essentially a
> conservative extension of Haskell. I am surprised that more Haskell
> folk have not adopted it.

Well, it does lack quite a few things right now, including on the
language level.  For example its way to deal with ad-hoc polymorphism is
very ugly, because it has no type classes yet:

(==) :: a -> a -> Bool

Constraint programming can be done reasonably in Haskell, it just won't
be as pretty and implicit as in Curry.  So I can live with Haskell's
lack of built-in constraint programming, but I can't live with Curry's
lack of type classes.

In other words, there is still a lot of room for improvement, and it
caught my attention so much that I will definitely check from time to
time for Curry news.

The perfect programming language in my view would combine the best of
Agda, Curry, Haskell, Idris and this crazy data flow language whose name
I forgot (it has negative and reciprocal types representing lack of
information).


> PAKCS compiles Curry to Prolog (typically SICStus), which drags in the Prolog
> system. To get a binary executable, a better choice would be MCC (compiles
> Curry to native code) or KiCS2 (compiles Curry to Haskell, which can go into
> ghc):

PAKCS was the only implementation I could find in Nixpkgs, and it was
sufficient to get a feeling for the language.


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-01-31 Thread Ertugrul Söylemez
> Yes, I’m planning to work on multiple outputs for ghc soon :)

Great!  I'm looking forward to that. =)


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-01-31 Thread Ertugrul Söylemez
> If only we had a way to produce multiple outputs from a single
> package... :)

We have.  The `derivation` function supports producing multiple outputs,
and I'm sure that `mkDerivation` forwards this ability.


Greets,
Ertugrul


signature.asc
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Use Haskell for Shell Scripting

2015-01-31 Thread Ertugrul Söylemez
> At this current point in time, GHC is packaged in a poor manner, with
> GHC being unbelievably huge. Dynamic linking is the answer, which
> isn't done by default.

I have actually experimented with using Haskell (and a few other FP
languages) as a substitute for shells.  It is feasible if you disable
dynamic linking.  The non-Haskell libraries are still linked
dynamically, but the reference to the GHC derivation is then gone.  This
brings the closure of a Haskell hello-world "script" from a huge 1.1 GiB
down to a mere 131 MiB (on my x86_64 system), which makes it on par with
shell scripts.

However, static linking is probably not a good idea.  The resulting
"scripts" are on the order of megabytes and can quickly approach a few
tens of them.  To really fix this and make Haskell viable as a shell
substitute we need to split the GHC derivation.  There should be a pure
library derivation and a separate compiler derivation.  The former
should be as small as possible.  Ideally there would be one derivation
per library.

The other languages I have tried are Scheme (via Chicken), Curry (via
PAKCS), SML (via mlton) and Idris.

Before I present my results, let me clarify what I think a "script" is:
It is a string that I can run through a simple Nix function, which gives
me a derivation that contains a runnable version of that string, either
binary or shebanged.  This derivation pulls a reasonably sized closure
along with it.  I can choose to combine many such runnable scripts to a
single derivation using buildEnv, which is often very useful.  In other
words:  For the language "blah" there is a simple, deterministic,
unconfigurable function that would have the following signature in a
hypothetical typed Nix:

blahScript : String -> Derivation

This function can be a special case of a slightly more powerful function
that takes a directory and a main entry point, because if we choose to
use a better language, we might as well choose to utilise its module
system, if it has one, for some of our larger scripts.

Now to my results:  All of the above languages, except Curry, work more
or less, if all you need to do is to start programs or move files
around.  As soon as you need to do operating-system-specific stuff
(e.g. `unshare` on Linux) it gets less juicy, because unless someone has
written a nice high-level library you need to touch the FFI.

Chicken Scheme worked best for that, because rather than trying to model
the syscall in the language, you can just dump C code into it.  Not a
nice and clean solution, but a working one for the many cases when you
just need to -- you know -- get stuff done.

Haskell works, because lots of the OS bindings can be found on Hackage,
including Linux-specific libraries.  But it does require a slightly more
expressive 'haskellScriptWith' function.  You need to be able to tell it
what you depend on.

SML works and produces surprisingly small executables.  It loses at the
library end, because there aren't many OS-specific libraries around (or
I couldn't find them).  Also some of the advanced FFI tooling that I'm
used to from Haskell seems to be missing.  Finally I would say that the
syntax is too verbose for quick scripting (but that's subjective -- I
have seen people use VB.NET for scripting).

You might be interested why Curry didn't work.  Simple: I couldn't
figure out how to write a program.  Actually I went through the whole
tutorial, did all the exercises (they aren't really difficult to a
Haskell programmer) and then skimmed through the whole PAKCS manual.  I
could write extremely elegant algorithmic code and was quite amazed at
the beauty of this language, even compared to Haskell.  But in the end I
still didn't know how to turn all this beautiful Curry code into an
executable file that I can run without invoking PAKCS explicitly.
Something with a shebang or ideally something binary.  It would probably
be possible to write wrapper scripts, but let's just wait until one of
the implementations becomes mature enough for systems programming.

Finally there is Idris.  It is a beautiful language that comes with
reasonable editor integration and a lightweight syntax.  It compiles to
executable binary code and has a carefully designed yet useful FFI.
Sounds good for scripting.  On the other hand it is very young and
documentation is far from mature.  Not that I would mind its youth, but
I do mind the barrier to entry at this point.  At the very least when
other authors don't understand my code, it should be reasonably obvious
where to look for answers.  Also the library landscape is very flat, so
bootstrapping might use most of your time, if you choose to use Idris
for systems-level scripting at this point.

The most viable options seem to be Chicken Scheme and Haskell.  Both are
well documented and have a usable FFI.  Chicken produces much smaller
executables, and programs are very memory-efficient.  By design it
compiles via C; because of that instead of providing a carefully
desig

Re: [Nix-dev] Announcing support for GHCJS

2015-01-05 Thread Ertugrul Söylemez
Hi everybody,

> I was going to try it out and found the compiler itself, but couldn't
> figure out how to make a derivation for a JS package.  Is there any
> documentation on that?  If not, in which files should I look?  Something
> like ghcjsWithPackages and cabal.mkJsDerivation would be great.

Nevermind, I think I got it.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Announcing support for GHCJS

2015-01-05 Thread Ertugrul Söylemez
Hi Charles,

> I'm happy to announce that support for the GHCJS compiler [...] has
> been merged into master [...].
> This introduces a new top-level package set: haskellPackages_ghcjs.

I was going to try it out and found the compiler itself, but couldn't
figure out how to make a derivation for a JS package.  Is there any
documentation on that?  If not, in which files should I look?  Something
like ghcjsWithPackages and cabal.mkJsDerivation would be great.


> And now for credit where credit is due: Ryan Trinkle and John Wiegly
> [...], Bas van Dijk [...] and Peter Simons [...]. Thanks guys!

Thanks from me as well!


Greets
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Multiple MySQL instances (or nginx/apache/...)

2015-01-03 Thread Ertugrul Söylemez
Hi Marc,

>> But don't hold your breath.  It could take a week or two before I can
>> present my first prototype.
>
> Maybe you can sketch your idea for the sake of discussion?

Allow me to send you to the thread in question:

http://lists.science.uu.nl/pipermail/nix-dev/2014-December/015362.html

The original discussion was about replacing systemd, but you can just
scroll down to my proposal.  I really should have started a thread of
its own for that.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Multiple MySQL instances (or nginx/apache/...)

2015-01-03 Thread Ertugrul Söylemez
Hi Luca,

> Let's not break the discussion in two places. It started on the github
> issue and can be kept there.

one advantage of breaking it up is that I can take note of it and add
that I'm currently working on a prototype of my earlier algebraic
services proposal, which among other things allows you to run as many
MySQL and other service instances as you like. =)

But don't hold your breath.  It could take a week or two before I can
present my first prototype.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Eelco,

>> There is a very good reason for this principle.  If a program does
>> more than what it's intended to do, then it hurts composability.
>
> There shouldn't be an issue with composability here, because Nix will
> only run the pager when stdout is a terminal. So things work fine if
> you pipe Nix into another command.

Let me give you an example where this assumption fails:  Listing the
current generations from your shell profile.  In fact something very
similar happened to me, which motivated me to start this thread:  The
change broke my assumption that Nix can be used safely from a shell
script.

Nothing bad happened, but one day was wasted, because a script stopped
for `less` without my knowledge.

I really believe that projects should start as non-interactive script-
and command-line-friendly programs /by default/.  I'd go as far as to
call this a good design principle.  Frontends can always be made.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Eelco,

>> If it helps at all, git seems to use GIT_PAGER first and then falls
>> back to PAGER and then to `less` for the commands that use
>> it. Perhaps nix could respect a NIX_PAGER env var?
>
> I've implemented this now, with the same semantics as GIT_PAGER and
> SYSTEMD_PAGER.

Thanks a lot!

What about issue #2?  Would you agree to switch from `man` to short
context-sensitive help-messages?  If yes, I can refresh my rusty C++
skills and implement it.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Domen,

> My 2c: if Nix offers a way to disable the pager then I'd rather see 1% of
> users for such needs to make the bash alias instead of the other way around.

why do you insist on an interactive-by-default Nix?  There should be an
interactive frontend, something like an interactive nox.


> [...] 1% [...]

Also let's not throw around unfounded numbers here.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Bjørn,

> Hm, I've never thought of "automatic less" as a misfeature before. I
> didn't have anything to do with its inclusion in nix, but I remember
> when I started using git that I was pleasantly surprised by it's use
> of less, which made git more fun to work with. (If I was a nix
> developer I might have added "automatic less" myself.)

I guess that you're not the only one who likes a more interactive user
experience, which is probably why Nix got this feature in the first
place.  But it assumes a workflow where interactivity is achieved
through the program in question.  In my case it is achieved by my shell
and my terminal emulator and that fits the way I use Nix.  In particular
I don't want Nix to enforce the invoke-pager-then-quit pattern on me,
even if I do use a pager, because that's not the way I work.

Just to give you a data point:  I've always been pissed off by Git's
auto-invocation of the pager.  But that's only one and a rather small
addition to my long list of reasons why I hate Git.


> So what's the best way forward? Using $NIX_PAGER first, as suggested
> by Michael Jones earlier in this thread? That should cover your use
> case, right? (_And_ preserve the current behaviour for people liking
> it "interactive"?

That sounds like a reasonable solution to me, as long as it's strictly
opt-in.  In other words, you have to set NIX_PAGER to pipe through a
pager by default, otherwise it just prints to stdout.  The sole fact of
using a pager on the wrong level (program-level instead of shell-level)
will make NIX_PAGER completely useless for me, even when I use a pager.
There is good reason why I insist that piping should always be done by
the shell, not by the programs you invoke.

However, I really think that a better solution is to use your shell
properly.  There is absolutely no reason for Nix to do the piping, and
there is plenty of reason not to do it.  Remember that programs should
only do one thing and do it well?  Shells are for piping, and they do it
well.  Nix is for building and managing derivations and environments,
and it does it well.

There is a very good reason for this principle.  If a program does more
than what it's intended to do, then it hurts composability.  That will
piss people like me off who really love the Unix philosophy, because it
fits well with my algebraic way of thinking and therefore with the
assumptions I make about my system.

Bonus:  Making programs less interactive is always a win, because you
can always make an interactive frontend to a noninteractive program.
But you cannot make a noninteractive frontend to an interactive one.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Michael,

> I know; I was answering the question of why it is a problem to choose
> a single PAGER value.

Sorry, I'm still getting used to my new mail setup. =)


>>nix-env --list-generations
>
> I use ls instead of this command.

That's actually a good idea, thanks.


> Well, systemd is intentionally breaking my workflow in ways that
> cannot be worked around with trivial shell scripts, and I don't care
> what pager journalctl when it takes multiple minutes to do the job
> that "tail -f" does in tens of milliseconds.
>
> So I let's not compare oversight with malice..

Sure, systemd is broken in too many ways to enumerate.

Nix has just taken a small step into the wrong direction.  Nothing will
explode because of that, but we should be aware of that and step back.

Of course all of this is my personal opinion.  If the majority of the
community disagrees, then I will have to live with it.  I have opened
this thread because I think that many people will actually agree.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Michael,

> When I explicitly launch man, I am going to read the top of the man
> page and some place in the middle, so "less" is useful.

Absolutely, `man` is supposed to be an interactive program, and it
usually displays formatted text that wouldn't fit on one page anyway.
But honestly I wouldn't even mind if `man` just dumped everything on
stdout.  Since we have a Unix-like system I can easily set my shell up
to pipe its output through PAGER by default.


> When I launch some nix build-related tool I expect to monitor current
> progress, and read the last 50 lines if something fails (something
> like tail -f, but for a stream).

Your terminal emulator does exactly that.  People, especially text-based
UX programmers, often forget that there is a terminal that displays
everything, and that the terminal is a non-trivial piece of software
that offers everything you need to view long output, etc.

You only really need an additional program when you need to save the
output to a file, but nix-build writes build logs by itself anyway.


> But the PAGER really matters for man, so I keep it set to 'less -R'
> anyway.

And then a command like the following uses it as well:

nix-env --list-generations

I'm mostly only interested in the last few lines, so just printing
everything to stdout would be the correct solution for me.


> The original poster probably has other motivations and workflow
> patterns, but that's my experience.

I think I have similar workflow patterns, but my point is that Nix 1.8
makes assumptions on the workflow patterns, and that's horrible.  It
helps ruining the world of UX, slowly, piece by piece.

Systemd makes the same assumptions.  That's why invoking most systemd
commands is a horrible experience.  Either I write `--no-pager` with
every command, or I have to live with the fact that they abuse PAGER and
my output disappears when I press `q`, when all they should really do is
to print to stdout.  That's what stdout is for after all!

Assumptions ruin the world.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Paul,

>> No, they can't choose.  I would choose to use `less` as a pager when
>> I need it, and otherwise I would use my terminal.  I can't make that
>> choice without corrupting the PAGER variable (which I use for other
>> things!).
>
> I'm not a fan of using less for nix tools. But it seems you're
> inconsistent here. Which other programs use $PAGER for legitimate
> reasons? And what reasons are good for that? I'm asking not to insult
> you, but rather to make my own future decisions better.

Personally I don't use PAGER much anymore, because most of my use cases
have vanished by replacing applications.  For example my mail client is
Emacs now, so I don't need an external pager any longer.  I just use
Emacs itself to view, for example, text attachments.

Of course new use cases could pop up any time.  For example I could
choose to pipe the output of `ledger reg` through PAGER by default.

The reasonable use case of PAGER is the scenario where you have an
interactive program that either does not have a built-in pager or gives
you the choice to use an external one, similar to how the EDITOR and
BROWSER variables are used.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Vladimír,

> If you set PAGER=cat or PAGER="" you get pretty much the old behavior.
> Also, if the output isn't a terminal, less isn't used, e.g. ``nix-env -q
> | cat`` or ``nix-env -q | grep foo`` works the old way for me.

I'm aware of that, and it's a terrible solution.  I want to have
PAGER=less for other programs, I just don't want Nix to use the pager.
`nix-env -q` using the pager has already been trouble for me, but now
even things like `--list-generations` use it.


> I see no harm in having the option.

It's not an option.  It's builtin and enforced behaviour since Nix 1.8.
And it annoys me to such an extent that I'm almost willing to fork Nix
and remove this "option", or to write a command-line front-end to Nix,
because Nix is no longer a command line program.  It has become an
interactive program.

Think about it:  Do you want `ls` or `find` to force-use the pager?  Do
you want to opt out by setting PAGER to something that isn't a pager?
Or by piping every invocation of them through `cat`?

If you really want interactive behaviour, there should be an interactive
frontend.


> Most importantly, people can choose their preferred way of displaying
> long output with one variable common to many programs, which IMO
> rather helps those with special needs (blind; or e.g. PAGER=tail if
> you always want the end, etc.).

No, they can't choose.  I would choose to use `less` as a pager when I
need it, and otherwise I would use my terminal.  I can't make that
choice without corrupting the PAGER variable (which I use for other
things!).


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] less: When assumptions ruin the world

2015-01-02 Thread Ertugrul Söylemez
Hi Charles,

> Perhaps suggesting shell aliases would be sufficient for those that
> may want the pager by default?

Yes, that's a good solution.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] less: When assumptions ruin the world

2015-01-01 Thread Ertugrul Söylemez
Hi everybody,

since Nix 1.8 much of the output of nix commands is piped through
`less`, which is certainly meant to be a convenience, but that
convenience depends on a few assumptions:

  * the user uses a crappy terminal emulator,
  * the user is interested in all of the output,
  * the user reads using their eyes.

The first assumption is wrong for me and probably for a lot of other
people as well.  The second assumption is wrong for me most of the time;
in most cases only the last few lines are interesting.  The third one is
wrong for blind people.  If they can't afford an external braille
terminal (not those single-line pads, which are expensive enough, but a
real terminal), they will rely on text-to-speech.

If not all three assumptions hold, then this "feature" makes Nix
consistently `less` convenient to use.  Not only do I have to press `q`
now, but `less` is an ncurses program, which means that the output
disappears after quitting.  This does not happen when I just use my
terminal emulator to scroll, and yes, most of them if not all allow
scrolling with the keyboard (commonly Shift+PageUp and Shift+PageDown).

Furthermore we hold in our hands an operating system that follows the
Unix philosophy, which is about composability.  There is simply no need
to precompose everything with `less`.  As humans we are smart beings,
and we have a powerful shell, so that every user can decide for
themselves when to use a pager.

Also remember that we may have disabled users.  A blind person will
dislike this new anti-feature even more than I do, because `less` is not
exactly a text-to-speech-friendly program.

Feature request 1:  Please do your part in saving the software world and
remove this anti-feature.  Don't even consider making it optional.  It's
useless.  Remove it.  In the future, whenever you think that some
UX-related automation will make things easier, think again.  You are
most likely wrong.  Just look at the huge damage that Microsoft has done
by assuming that users are complete idiots.

Feature request 2:  Also I strongly believe that `--help` should
absolutely never open a man-page.  When we need a manual, we will use
the `man` command, but in most cases we just need a quick reminder of
what that one option was called that we're failing to recall, so I would
much prefer the original purpose of the `--help` option:  Print a short
summary to the terminal.

If this appears superficial to you, please remember that many little bad
things can do a lot of damage in the long run.  The purpose of this post
is to wake everybody up before it's too late.

I hope that some people agree with me, and if yes, I will turn these
into actual feature requests on Github.  I'm also happy to help with
implementing the latter one, because writing a good `--help` system for
commands with subcommands is not necessarily easy.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Service composition

2014-12-31 Thread Ertugrul Söylemez
Hi Ludovic,

>> As a first approximation there would be a Service monoid, which would
>> combine certain typical attributes about a service, including startup
>> scripts, required bind-mounts, required system resources and if
>> really necessary shutdown scripts (most programs should shutdown
>> properly when the container goes down).
>>
>> Service : Mon
>>
>> Its identity idS would be the empty service, which you can think of
>> as an empty group of processes with no mounts, no resources, etc.
>>
>> The Bitlbee service would be constructed through a regular function
>> that takes the typical bitlbee options.  Nothing special here:
>>
>> bitlbee : BitlbeeConf -> Service
>
> OK.  I suppose ‘Service’ would specify required user accounts, PAM
> services, etc., right?

Yes.  It specifies everything to build a machine for the purpose of
carrying out the task that the service denotes, but in such a way that
two such machines can be combined into a single machine.

I still need to figure out a few details though, especially since I'm
relying on a lot of Linux technology here.  I'd like to keep it
sufficiently general that users of other kernels (most notably FreeBSD)
can benefit from it as well.


>> The nginx function is more interesting.  It involves a second monoid,
>> the monoid of web services (identity idW):
>>
>> WebService : Mon
>>
>> Then nginx is a monoid morphism,
>>
>> nginx : WebService -> Service
>>
>> that is a function with additional structure, in particular:
>>
>> nginx x ◇ nginx y ≡ nginx (x ◇ y)
>> nginx idW ≡ idS
>
> Very interesting.  I wonder what other types of services would benefit
> from similar treatment.

It would split the view on the configuration into two parts:  services
and environment.  For example networking belongs to the environment, so
requirements on the network as well as networking options will be part
of a service.

This means that creating a bridge device amounts not to adding a
service, but to applying a service morphism:

withBridge brCfg (br:
service1 br <> service2 br)

This reminds me that it would be great if Nix would allow some way to
define custom infix operators or at least provide a few generic ones.
At this point we will need to use prefix notation, which might make this
a bit uglier:

withBridge brCfg (br:
compose (service1 br)
(service2 br))

Although it's just monoid composition, so using a list argument would do
the trick.  Just a nice-to-have.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd (was: Modifying the init system (introducing S6 supervision suite))

2014-12-28 Thread Ertugrul Söylemez
Hi Colin,

> This sounds a lot like Disnix! How would it be similar? How would it
> be different?

Disnix and NixOps are machine-oriented.  You have a network of machines
with configurations.  The goal is a service-oriented architecture.
Every service itself is a "machine", and those machines can be combined
to larger machines.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd

2014-12-28 Thread Ertugrul Söylemez
Hi Ludovic,

> FWIW, Guix uses an approach along these lines: the ‘bitlbee-service’
> function, for instance, returns a ‘service’ object as a monadic value
> (see
> 
> for details.)

The way I understand the section on the store monad is that it's really
a state monad with a view on the current store (they should really show
the underlying types to make this easier to understand).  That's not
related to the way they define services, but rather just how the store
itself is used.

Nix has the store built into the language.  Side effects happen to build
store paths and, once built, they appear like regular immutable values
within the language.  It's convenient, but makes the assumption that
build outputs depend solely on their inputs, which unfortunately, as we
know, is not always true at this point.

However, the way they define services seems indeed a lot better than
what we currently have.  In part they already have what I think we
should have (functional services), but with no algebraic structure
behind it other than the store monad.


> Unlike in NixOS, the service implementation doesn’t have access to the
> rest of the system configuration, which I think is a good thing, as
> you note.

Absolutely.  Everything they depend on should be an argument.


> What’s unsatisfying (and thus subject to change) is that
> ‘operating-system’ objects (which are pure declarations) end up with
> monadic values in their ‘services’ field.  That makes it inconvenient
> to, say, filter items from that list, or to tweak their configuration,
> because one first needs to bind them.  That said, it’s probably not a
> problem for Nix, because every Nix function is really a function in
> what we call the “store monad”.

You could think of it that way, if you wanted.  I prefer to think of
what Nix does as the same magic that functional languages do with other
resources like memory (alloc and GC).


> In your example, what would ‘bitlbee’, ‘nginx’ etc. return exactly?
> An attribute set describing the service?

As a first approximation there would be a Service monoid, which would
combine certain typical attributes about a service, including startup
scripts, required bind-mounts, required system resources and if really
necessary shutdown scripts (most programs should shutdown properly when
the container goes down).

Service : Mon

Its identity idS would be the empty service, which you can think of as
an empty group of processes with no mounts, no resources, etc.

The Bitlbee service would be constructed through a regular function that
takes the typical bitlbee options.  Nothing special here:

bitlbee : BitlbeeConf -> Service

The nginx function is more interesting.  It involves a second monoid,
the monoid of web services (identity idW):

WebService : Mon

Then nginx is a monoid morphism,

nginx : WebService -> Service

that is a function with additional structure, in particular:

nginx x ◇ nginx y ≡ nginx (x ◇ y)
nginx idW ≡ idS

The most important part is to get the equivalence `≡` relation right,
i.e. when do we regard two services as equivalent?  This requires a lot
of careful thought, because services in the real world are messy and
effectful.  Example:

 1. One nginx instance serves two websites x and y.

 2. Load balancer scenario:  Three nginx instances.  One serves x, one
serves y, the other redirects to the correct instance depending on
the request.

 3. Mapping identities:  A hundred load-balanced nginx instances, one of
them serving x, a second one serving y and all others serving
nothing at all (returning 404 unconditionally).

These three examples really describe the same service.  One may be a
more efficient implementation, but they should be equivalent with
respect to `≡`, because they are indistinguishable from the outside
other than in exceptional cases (case 3 is more likely to run out of
memory than case 1).  That enables us to use equational reasoning for
correctness.  It also enables us to apply automatic semantics-preserving
optimisations.

Example: The host may be serving two sites. At the same time a system
monitoring daemon might generate health reports periodically that are
also served via HTTP.  Such a configuration might look like:

nginxStatic "site1.host" "/var/www/site1" <>
nginxStatic "site2.host" "/var/www/site2" <>
systemHealth "health.host"

A semantics-preserving optimistation (which is really not an
optimistation, but the way web services are combined) would collapse all
of that to a single instance of nginx and one entry in the crontab for
the health reporter.

I hope this gives a first impression of how everything would fit
together.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd (was: Modifying the init system (introducing S6 supervision suite))

2014-12-28 Thread Ertugrul Söylemez
Hi Alexander,

> We can use a monoid system to construct configurations, but the socket
> activation standard for example, is centered on optimizing the
> activation script itself.  What are your thoughts on the activation
> script?

I have no concrete thoughts at this point, just throwing around ideas.
Socket activation, for those daemons that support it, should be
something sufficiently transparent from the point of view of the
configuration author.


> I can easily see that using systemd might be overkill and way too
> complex for a container-based system, so I think there is something to
> research here.

The trouble with systemd for this particular purpose is that it wants
everything to have an identity, so basically you need to map a
compositional system to a system of global variables.  In many ways you
go through the same trouble when compiling a functional language to an
imperative architecture.


> I also think upgrading services doesn't really seem to work in systemd or
> in the current setup.  Similarly to how, when using a distributed docker
> setup, we have a load-balancer that atomically switches instances, we
> should not need to take down the old instance service before the new one is
> created.
>
> Rather, the upgraded service should be started in isolation (using
> containers), and after ensuring that it has started, is working etc, then
> should the switch happen using namespaces, routing entries etc.  This
> should be the preferred way to deal with non-transactional services (i.e.
> non-database stuff).

That's pretty much the way I want upgrading to work.


> The idea that the old service must be stopped before the new one is
> started is based on what I think is a conflation of concerns, namely
> treating the whole service state as global state.

Yes, that's exactly what I want to get rid of.  Ironically that's
something systemd does very well.  Systemd gets the stuff right that we
don't want in the first place. =)


> Instead a lot of services can be treated as a sequence of isolated
> containers, and a small set of "load-balanced", mutable service entry
> points.  Namespace magic can make a lot of previously global state,
> local, such as ports, pid-files, log files etc.
>
> For these kinds of services, you don't need graceful shutdown, which is a
> great simplification, similarly to what docker typically provides.
>
> I feel that a great design in this area should blend well with distributing
> services across machines, failover, etc. which are concerns that systemd
> doesn't start to cover.

That's a very good summary of why I want to implement my proposal.  Let
me see if I can get a working prototype.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd (was: Modifying the init system (introducing S6 supervision suite))

2014-12-27 Thread Ertugrul Söylemez
Hi there Tobias,

>> One thing most of us seem to agree about [...]
>
> Maybe that's true (I don't see a consensus on the list, only the usual
> sparse FUD. I don't follow IRC) but arguments that start this way
> always give me the willies.

I understand why, but I'm not very good at English rhetoric.  Please
don't let that overshadow the rest of the mail.


>> [...] is that conceptually NixOS does not depend as much on something
>> like systemd as most other distributions do.
>
> "Something like systemd"? Nix doesn't magically make *nix less *nix,
> for better or worse. The meat of systemd is still service management,
> which NixOS needs as much as any distribution.

NixOS needs service *management*, but it doesn't necessarily need a
service *manager*.  In traditional distributions services are managed by
destructive update (enable/disable).  Normally we don't have that.


>> Switching to it was a huge step back from the ideals of NixOS,
>> because it represents all the traditional views on what a system
>> should look like: a giant pile of interconnected mutable variables.
>
> That's what a running system is, though. Immutability *is* just for
> file systems. You plant a pretty tree, and hope it describes a sane
> system that will do the right thing most of the time. Then, something
> will happen that will kick all your pretty algebraic assumptions off
> the table very quickly. Most of your OS is in buggy C, whether you
> like it or not...

The assumptions are not that the programs will do what I expect them to
do, but rather that "two instances of nginx each with one virtual host"
is equivalent "one instance of nginx with two virtual hosts".  This does
not assume anything about the correctness of nginx itself, but it does
help building systems, containers and networks componentwise.


> You seem to have some very nice ideas about describing "services" (or
> something better), if still very rough around the edges. But if you
> can't implement your ideas on top of systemd, so much for
> init-agnosticism. And probably conceptual purity, too.

This may be a misunderstanding.  Init-agnosticism means that the
complexity of translating this concept to an actual set of services that
systemd can work with is the responsibility of a single
function/script/whatever.  We achieve separation of concerns.

Should we, at any point, decide to turn our back on systemd or even just
provide the option to use another manager, then all we need to do is to
reimplement this one function/script/whatever.


> Those who don't understand systemd are doomed to reinvent
> it. Poorly. :-)

I do understand systemd very well and still don't like it.  However,
reinventing it is certainly not something I have planned for the near
future. =)


>> As a final bonus this is so difficult and ugly to solve with systemd
>> that we would feel a much greater temptation to get rid of it. =)
>
> Because your plan is centred entirely around it not being systemd.

Not at all.  It would be a nice bonus, but I doubt that it's going to
happen.  The motivation for my proposal, as the motivation for most of
the things I do right now, is easy, composable, transparent
containerisation as well as a configuration DSL that is easy to reason
about.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd (was: Modifying the initsystem (introducing S6 supervision suite))

2014-12-27 Thread Ertugrul Söylemez
Hi Michael,

> Well, with NixPkgs having multiple instances of a package installed
> requires zero support from the package expression itself. I do think
> that services becoming more like packages would be a good thing, but
> currently I have no idea how to do this except by just giving up the
> module system.

I don't think we need to or even should give up the module system.  Some
settings are global (like the hostname and most boot options), and the
module system makes those a lot easier to manage.

This proposal is only for services and service-like entities.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] How to get rid of systemd (was: Modifying the init system (introducing S6 supervision suite))

2014-12-27 Thread Ertugrul Söylemez
Hi Nicolas,

>> I think as a first step to get rid of systemd and gain a much more
>> sensible services model as well we should move away from NixOS
>> modules for services.
>
> The module system is made in such a way that one can build on top of
> the work of the other without having any computer scientist knowledge.

I hope you realise that my proposal makes everything *simpler* both for
module/service writers and configuration authors.  Services will be
simpler and less tedious to write (simple functions).  They will compose
naturally.  The algebraic part is *design* and perhaps terminology.  It
enables *those who want* to exploit the additional structure especially
for equational reasoning and containerisation, but understanding
abstract algebra is in no way a requirement for the regular NixOS user.

Let me respond to your objection anyway:  If we can have a configuration
DSL that gives us a major benefit, including much simpler modules,
provable safety, full automation of tedious tasks, etc., then I'm sorry
for the "I don't want to learn something new" cavemen, but I'm more than
happy to leave them far behind.  Exploring and using new ideas require
acquiring new knowledge from time to time.  NixOS itself is a great
example of this.

One thing I'd like to see *by default* in NixOS is containerisation,
even for the regular desktop user who only uses Firefox and LibreOffice,
in the spirit of Qubes OS.  It's technically possible, supported by
Linux by and does not require setup.  This is the motivating purpose for
my proposal.  Let me give you a very compelling example:

services =
withBridge bridgeConfig (br:
container (nginx ... <> openssh ...) <>
container (openvpn ... br ...)) <>
openssh ...

This simple configuration would define a whole network of containerised
applications.


> This is also the reason why I am pushing to abolish "functions" as
> option definitions.  Most of the time if you want to use a function,
> you can express it as a set of input (option declaration) which are
> being processed to provide a lower level of abstraction given by
> another module (option definitions).

Perhaps NixOS with its *functional* package management and *functional*
configuration language is just the wrong distribution for you. ;) 

Jokes aside, when a function makes sense, I go for it, because functions
make things simpler.  Please stop pushing that way.  For those who
aren't programmers, functions are just syntax anyway.


> The module system does not prevent us from doing anything, it provides
> a new way of formatting which makes things declarative and extensible.

I won't go as far as to argue that "declarative" is a meaningless term.
Also I'm not sure what you mean by "formatting" (syntax?).

The extensibility of the current module system is limited in the same
way global variables limit the extensibility of a program.  Everything
is global, and every module can affect every other module in completely
unrestricted and unpredictable ways.  Any kind of data feedback requires
something you would classify as "computer scientist knowledge"
(least-defined fixed points of nonstrict recursive functions).

Again, this has bitten me in the past.  There is no way to reason about
your configuration other than to look into the resulting derivation.
This is a bad situation.  The more modules and options we get, the more
difficult it will get to keep everything together.


> If a module does not serve what you expect, you can always write
> another module and use it instead of the previous one.  Having
> multiple instances of a service is an issue with the module, not a
> limitation in the module system.

I guess we have very different philosophical views, so it is difficult
to communicate the advantage of my proposal to you without actually
implementing a prototype.

I admit that to a non-FP programmer the concept I propose must look very
similar to what we have today except that you can add the same service
multiple times.  The advantage is only apparent when you start ot use
the functional and algebraic features.  Otherwise all that changes is
that the syntax becomes simpler (still a small benefit though).


>> Being able to reason about the resulting system is very important.
>
> Have you tried nixos-option ?

This question suggests that you are unfamiliar with equational
reasoning.  To answer your question: Yes, I'm aware of nixos-option, and
it's orthogonal to the issue I'm raising.

Also I should point out explicitly that I'm not proposing to replace the
module system.  I'm proposing not to use the module system for services.
If my proposal works as intended and finds acceptance we will quickly
find other things that would benefit from this, for example the network
configuration.


>> I would prefer and do propose an algebraic solution (view services as
>> a toolbox from which you can pick the services you want and compose
>> them together).  A services configuratio

[Nix-dev] How to get rid of systemd (was: Modifying the init system (introducing S6 supervision suite))

2014-12-26 Thread Ertugrul Söylemez
Hi there Anderson,

> I want to know if it's possible to use an alternate to Systemd as init
> system on NixOS.

this has been asked many times now, and I'm in favour of switching to an
alternative.  Unfortunately it's not easy, because a considerable
portion of NixOS currently depends on systemd, most notably the services
infrastructure and pretty much all container-related stuff.  Note that
systemd is not just an init system.

One thing most of us seem to agree about is that conceptually NixOS does
not depend as much on something like systemd as most other distributions
do.  In principle most of what systemd does could be handled by the
activation script and perhaps a custom daemon (or even just a set of
scripts) that allows us to manage the services that are part of the
current system derivation.  NixOS can deal with things like cgroups or
ACPI events in a more sensible, repeatable and transparent way.

I would go as far as to say that systemd is the number one thing that
cripples us in many ways.  Switching to it was a huge step back from the
ideals of NixOS, because it represents all the traditional views on what
a system should look like: a giant pile of interconnected mutable
variables.  Remember that immutability is not only about the filesystem.


How to get rid of systemd
=

I think as a first step to get rid of systemd and gain a much more
sensible services model as well we should move away from NixOS modules
for services.  At this point we are trapped in the traditional view that
services preexist and we get to enable/disable them.  Our system is
defined by a large set of switches and global settings.  This needlessly
robs us of a lot of flexibility, for example to run multiple instances
of the same daemon or to give us a choice to use our already running
preferred webserver when installing a web application as a service.

It also corrupts our ability to reason about the resulting system,
because enabling a certain service might trigger settings in some other
part of the system configuration to change.  This has actually bitten me
in the past.  Being able to reason about the resulting system is very
important.

I would prefer and do propose an algebraic solution (view services as a
toolbox from which you can pick the services you want and compose them
together).  A services configuration then might look like this:

services =
bitlbee { port = 1; stateDir = "/var/lib/bitlbee1"; } <>
bitlbee { port = 10001; stateDir = "/var/lib/bitlbee2"; } <>
nginx { httpConfig = "..."; } <>
postfix { postMasterAlias = "blah"; }

The big difference is that now services are first class values and form
a monoid under composition, which brings a number of advantages:

  * It allows us to run multiple instances of a daemon with slightly
different configurations, as those are really just similar but
otherwise unrelated services.

  * Services can take services as arguments, which would become the
primary way to construct a dependency graph.  Think of a web
application depending on a webserver or the other way around.

  * We could develop a fully automated way for services in different
containers to communicate with each other.

  * Now people like me can actually use equational reasoning to
understand and make predictions about the resulting system.  I can
use the fact that the `<>` operator is associative, that certain
services are idempotent with respect to `<>` and also that certain
functions are morphisms in a rich category.  For example if the
nginx function is a monoid morphism, then I know that regardless of
how I compose multiple webservers, the result will be a sensible
combination of either separate daemons or multiple configurations.
This would be extremely valuable.

The last point is very important, because it basically tells that a
service is not directly related to what programs will run on the
resulting system.  Even if you compose ten nginx services, there will be
only one nginx *program* with a suitable configuration file to represent
this composition.  It also means that when a service itself comes with
nginx, then adding another nginx does not actually mean that two
instances will be running.  If we go as far as to containerise services
by default, we can make predictions about the container's structure.

As a final bonus this is so difficult and ugly to solve with systemd
that we would feel a much greater temptation to get rid of it. =)

Let me know what you think.  If this idea finds acceptance, I'm happy to
develop a formal model and a prototype.


Greets,
Ertugrul
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Proposal: Standard installation procedure

2014-10-22 Thread Ertugrul Söylemez
On Mon, 20 Oct 2014 09:50:15 +0200
Eelco Dolstra  wrote:

> > The basic idea is this:  To build a system, you use a standard
> > function from Nixpkgs and pass it a configuration module.  The
> > result is a derivation that represents a complete self-contained
> > system.
>
> How does that differ from how NixOS is currently implemented? You can
> do:
>
>   $ nix-build '' -A system
>
> which gives you a complete system in ./result, where
> e.g. ./result/init is the stage 2 init script that runs the activation
> script and invokes systemd.

How would I refer to multiple systems with different configurations from
within a Nix expression?  The change would allow this:

{ system1 = import  module1;
  system2 = import  module2;
  system3 = import  module3; }


> Programs like nixos-rebuild, nixos-install, nixos-container and even
> NixOps are really just wrappers around this (except that they add
> various levels of provisioning).

They all make the assumption that there is exactly one current system
configuration.


> > In other words a container-based NixOS system is really just a Nix
> > store, nothing more.  It doesn't need to contain any additional
> > files or directories and building it does not require us to
> > understand the complexity of nixos-install, because it will all be
> > moved to the system initialisation phase.
>
> I don't think nixos-install is that complex. Almost all of the
> initialisation it does in the target file system is to make nix-build
> work in the chroot. The NixOS initialisation is done by the activation
> script.
>
> Check out "nixos-container create" - it does almost no initialisation
> of the container file system, since everything is done by the
> activation script during the first boot of the container.

That's already most of what I need.  What remains is a way to build
multiple configurations and deploy them to different systems in a
functional way, in particular without environment variables.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Proposal: Standard installation procedure

2014-10-16 Thread Ertugrul Söylemez
Hi there fellow Nixers,

I'd like to propose an installation standard that would make it a lot
easier and more reliable to deploy NixOS to virtual and container-based
systems, including qemu, LXC and Docker.  As a nice side effect it would
greatly simplify most NixOS tools, including nixos-install and
nixos-rebuild.

First of all:  Yes, I'm aware of Nixops, and I don't want to use it for
various reasons.  Currently I'm using my own variant of
make-system-tarball.nix (really just to avoid the expensive and in my
case unnecessary compression step) together with a bunch of Makefiles.
It's a mess and the sooner I can dispense with it, the better.


Proposal


The basic idea is this:  To build a system, you use a standard function
from Nixpkgs and pass it a configuration module.  The result is a
derivation that represents a complete self-contained system.  The
initialisation program ($out/init) is not systemd directly, but a script
that first checks whether the filesystem has already been initialised.
If not, it sets up all necessary directories (like /etc) and then starts
systemd as normal.

In other words a container-based NixOS system is really just a Nix
store, nothing more.  It doesn't need to contain any additional files or
directories and building it does not require us to understand the
complexity of nixos-install, because it will all be moved to the system
initialisation phase.  Ideally we should factor out the initialisation
into a separate script $out/pre-init that accepts a prefix argument.
Then $out/init would simply look like this:

#! /bin/sh
/nix/store/abcxyz-nixos/pre-init --prefix=/
exec /nix/store/abc123-systemd/bin/systemd

If we can also move pre-boot initialisation (like installing the boot
loader) into the system itself (say, $out/pre-boot), then we could build
entire virtual machines completely without relying on a hypervisor and
the complexity of having to communicate with the installation process.
Just set up the disk image, install the system and use the resulting
$out/pre-boot script with appropriate override arguments:

out=`nix-build my-machine.nix`
# ... copy the closure ...
$out/pre-boot --override-grub-device=disk.img

This would greatly simplify the implementation of nixos-install (just
build the system and invoke the pre-boot script without overrides), but
more importantly it would provide a very simple and standardised
installation procedure for virtual machines and containers that we can
rely on.


How to use it
=

Create a file that defines the system derivation (build-system.nix
contains a currently hypothetical function that we would implement as
part of this proposal):

# my-machine.nix
let cfg = {config, pkgs, ...}: ...;
in import  cfg

To build the system, we simply use nix-build:

% nix-build my-machine.nix
/nix/store/abcxyz-nixos

It is now very easy to create the filesystem for the container.  Just
copy the full closure of the derivation and point the container driver
to the proper initialisation script (or link /sbin/init to it).


Liberated system environments
=

Another advantage of this proposal is that we can easily put those
builds in a local user environment and copy only the closure to the
containers (I use *non-remote* containers a lot).  We can even update
them off-line.  That prevents a lot of duplication, because the
containers can be garbage-collected after every change and will contain
only the bare minimum required for operation.  The actual history is
saved on a separate management machine and uses sharing where
appropriate.

In fact we could switch multiple VMs on multiple hosts almost fully
transactionally.  Build and upload everything, then tell every machine
to switch.  Finally update the environment and collect garbage on the
target machines.

Updating the local system would follow the same scheme, so even
nixos-rebuild would become very simple.


Final remarks
=

The main point of this is that it becomes really easy to reliably
implement something like a custom nixos-install, a remote nixos-rebuild,
Nixops or even make-system-tarball.nix.  No deep knowledge is required
and the instructions and relevant information can be put on a fairly
simple wiki page.

What do you think?  I would love to provide a prototype, but I really
need help with this one.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] "Package archeology" in nixpkgs

2014-08-31 Thread Ertugrul Söylemez
On Sat, 30 Aug 2014 23:31:42 -0400
Daniel Peebles  wrote:

> I've had a sudden urge to do some Haskell archeology and that led me
> to a question about how we feel "philosophically" about keeping
> abandoned projects and old versions of live projects in nixpkgs.

I think it's a very good idea, but ...
 

> How do people feel about this? Is it something I should maintain
> independently of nixpkgs or does it belong in the main repo?

... please keep it out of the main Nixpkgs, at least for now.  Reason
is that currently Nix performance drops linearly with the number of
packages.  Until we have a caching solution of some sort, I'd prefer to
keep Nixpkgs slim.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Nixos basic Qs

2014-07-31 Thread Ertugrul Söylemez
Ben B  wrote:

> - I have xmonad as my window manager, and it defaults to slim as display
> manager/login gadget.  My problem is that one of those two opens a terminal
> by default.  If you type 'exit' into that terminal it kiboshes all open
> programs and exits the window manager.

I use the ~/.xsession file.  It's (usually) a shell script, and you can
just execute `xmonad` from there.  It will override whatever login
script slim uses:

#! /usr/bin/env sh
exec xmonad

Note that the file must be executable and XMonad must be either
installed in your profile or enabled in your configuration.nix.


Greets,
Ertgrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] how does NixOS ensure focus?

2014-07-28 Thread Ertugrul Söylemez
On Mon, 28 Jul 2014 14:08:38 +
hasufell  wrote:

> > Whenever you install NixOS, you're really forking it, and your
> > installation becomes your own distribution.  You can then choose to
> > merge some or all changes in the official NixOS channel into yours
> > (you might call this "upgrading").  That also works the other way
> > around.  Contributing to NixOS really means that you make a change to
> > your own distribution and send a patch or pull-request.  So unlike other
> > distributions we do not actually have "contributors" or "maintainers"
> > in the traditional sense.  As far as I can tell, this model is unique.
> 
> We have a similar concept in gentoo where you can "overwrite" ebuilds
> (package definitions) by adding 3rd party repositories called overlays.
> So you can in fact mix gentoo with funtoo with sabayoon with pentoo, set
> priorities of those overlays and even force package foo from a specific
> overlay.
> However, this usually gives a lot of complicated problems where packages
> rely on certain behavior or even patches of other packages. Maybe NixOS
> doesn't have these problems due to it's technical concept, but I find it
> hard to tell at this stage.

This can happen in the form of state ("configuration") interactions.
For example it's probably a bad idea to run two versions of the same
program, when they share a state directory.  To prevent this some
programs use/allow version-specific state directories.  For example I
remember seeing directories like ~/.kde3 and ~/.kde4.  However versions
aren't the only things that affect this.  The set of available plugins
may, too.

What NixOS can do for you here is to ensure that there are no
unintended stateless interactions.  This includes libraries, programs,
stuff you would normally find in /usr/share, etc.  In other words,
there are no package-level problems.


> In addition, most user overlays have very poor quality (pretty much what
> arch linux has with AUR) and regularly break non-trivial libraries like
> SDL for example.
> 
> I see that as a big problem of decentralized packaging: quality
> assurance and consistency (consistency in a very low-level sense, as in:
> packages work with each other). From my experience it doesn't work to
> randomly review other peoples work and encourage them to more QA etc.
> There has to be a very strong attraction for people to have their work
> merged at some point.

This has to be done on the community level.  For example everything
that eventually makes it into Nixpkgs is reviewed by the committers.  I
don't think we have any formal standards here, but that may well
establish at some point.  Of course that doesn't mean that third-party
forks don't screw things up.

The current NixOS state of the art is that Nixpkgs is a safe choice and
for regular operation you don't need extra sources.  Forks are usually
used to update or add new packages, and then they are merged.  What
does happen primarily outside of the upstream Nixpkgs is experiments
and custom site-specific customisations.  This is the normal and
accepted way to do it.


> > [...]
> >
> > After half a century we have mostly figured out how to develop software
> > productively, using decentralised methods, forks, branches, merges,
> > etc.  Compared to this almost all distributions still use stone-age
> > methodologies.  NixOS is a step into the right direction, not only
> > regarding packaging, development and deployment, but also community
> > structure.
> 
> This sounds great, in a way. However, worst case scenario is that there
> are so many forks and people working on so different ideas that none of
> these can compete with up2date distributions and that getting a
> consistent experience involves a lot of research, manual fiddling and
> following unofficial tutorials and hacks.
> 
> I don't want to paint things too black, I'm just saying that it really
> depends on details and what actually happens, probably even a culture thing.

This is a theoretical possibility, but our current workflow and
community mindset makes such a scenario unlikely.  I'm pretty confident
that it will stay this way for the foreseeable future.


> But I guess I'd have to get involved in order to actually know.

You could install NixOS and pick a program that you would like to see
in Nixpkgs.  Then just add it to your local installation and send a
patch/PR to Nixpkgs, just to get a feeling of how it works, both
technically and socially.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] how does NixOS ensure focus?

2014-07-27 Thread Ertugrul Söylemez
this to function
> properly, otherwise people will give up on overcomplicated contribution
> procedures/channels and do their own thing.
> I'd pretty much say that the linux kernel runs this model successfully,
> although reasons for this are probably a bit more complicated.
> 
> Gentoo here is almost the complete opposite with >200 core developers
> and it is rapidly losing focus and consistency every year. Decision
> making is a cumbersome process, there are too many diverging ideas,
> although we have a "council" to settle global issues (doesn't work very
> well). That in turn leads to less people caring about global issues and
> new ideas or about fixing non-trivial fundamental problems.
> There is also no enforced internal review workflow. People want to "get
> things done" and avoid unnecessary reviews. That is dangerous and has
> led to serious problems in the past.
> At the same time, a lot of our contribution channels have failed and are
> too complicated. Because the number of random contributors is
> decreasing, we add more core developers to the team, causing even more
> internal problems.
> 
> I almost think that a centralized distribution model is doomed to fail.
> That does not only include the workflow with review platforms, DVCS
> tools etc., but also the political and organizational structure.
> 
> I don't see much information about these points on your website (only
> technical stuff). What are your solutions to the mentioned issue, if
> any? How do you ensure focus and collaboration at the same time?
> ___
> nix-dev mailing list
> nix-dev@lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev


-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Fw: Re: @nixpkg

2014-06-30 Thread Ertugrul Söylemez
[forgot reply-all]

Hi there Steven,

Steven Shaw  wrote:

> I only knew about nixos_org. I didn't know about the tips a/c. Thing is,
> this is about the package system. Not the Linux distribution. Not about
> tips. Does that make sense?
>
> Someone already replied to one of my tweets saying that they hadn't
> understood that you could use Nix as a package manager separate from
> NixOS.  Where there is 1, there are many. I rest your honour.

I'm a bit torn here.  One one hand I agree with you that there should be
more resources for Nix itself as a development and deployment system.
On the other hand I agree with Oliver that at our current community size
fragmentation could become a serious problem.

My two cents is that at this point it's probably better to post this
information via @nixostips.  However, you could use your new account for
retweets from the more well known sources, whenever you find something
relevant to non-NixOS users.  That should make the information flow
sufficiently hierarchial to avoid fragmentation or at least make it
apparent to followers.

In either case the name @nixpkg is very unfortunate and especially
misleading to existing NixOS users (because of an actual project called
Nixpkgs).  A name like @nixtips would be more appropriate, should you
decide to keep maintaining it.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A


pgpGIcrt9i9qD.pgp
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Hi, I'm new!

2014-06-29 Thread Ertugrul Söylemez
Hi there Matthias,

On Sun, 29 Jun 2014 11:01:26 +0200
Matthias Beyer  wrote:

> I don't know if this is wanted on this list (isn't there a users-list
> somewhere?), but I want to introduce myself before sending my bunch of
> questions!
>
> I'm a 22 year old CS student from south germany. I heard from nixos
> the first time at UnFUCK[0], a conference at my university, I
> organized myself. ATM I'm an Archlinux user (been for ~7 years), but
> within the next year I want to build a Tower-PC and I'm heavily
> thinking about nixos for it.

This is currently our main mailing list.  Sadly introducing yourself to
a web community is a custom that seems to have gone into oblivion, so
I'm glad that you're remining us that it still exists.

Also south Germany (where I live, too) may benefit from more NixOS
users. =)


> Is it appropriate to send my questions to this ML? I guess I will send
> them in seperate mails if you ACK this, as some of them may lead to
> longer discussuions (who knows).

Go ahead.  As Cillian noted there is also the #nixos channel, if you
prefer a less rigid form of communication.


Greets
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-17 Thread Ertugrul Söylemez
On Mon, 16 Jun 2014 10:19:59 -0400
Eelco Dolstra  wrote:

> > Well, let's not try to decide the undecidable.  Would it be so bad to
> > have explicit dependencies? 
> 
> One of Nix's main selling points is that you *don't* need to specify runtime
> dependencies explicitly. That has worked great for the last ten years, so I'm
> rather hesitant to change this.
> 
> Of course, you can always make runtime dependencies explicit in the way you
> describe, but it's important to be aware that packages that require this are
> broken (e.g. they won't work with Nix's --repair flag and multiple output
> support, because these use hash rewriting).

We will probably have to find a solution sooner or later.  Perhaps what
we really need is the ability to give each package its own view of the
Nix store.  They should always find other packages where they would
expect in their own virtualised environment.  The Linux kernel has
the necessary support to implement this securely.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-14 Thread Ertugrul Söylemez
On Sat, 14 Jun 2014 22:09:21 +0400
Michael Raskin <7c6f4...@mail.ru> wrote:

> >It's probably not a big deal.  On the other hand consider that it only
> >happens in a rather special scenario and may go unnoticed for quite
> >some time.
> >
> >Consider an application (like a game) with a bunch of separate sets of
> >data files, each optional and referring to each other, compressed to
> >save space.  This is an actual design that I'm following in one of my
> >projects.  I'll know to make it Nix-friendly, but non-NixOS developers
> >may fail to do so.
> 
> I think that any proposal would be seriously considered. Any already
> existing application creating such a problem would increase your chances
> to make someone else propose a solution… Otherwise — I think the problem
> can surface, but I have no idea ho to fix it sanely… I think many other
> people think the same.

Well, let's not try to decide the undecidable.  Would it be so bad to
have explicit dependencies?  That seems to be the only sound solution.

A straightforward way is to add a small dotfile via the builder script
with paths to the output.  The only problem at this point is that there
is pretty much no support for doing that, so it's error-prone.  I could
totally see something like this happening:

stdenv.mkDerivation {
...
requisites = [cacert dataFiles1 dataFiles2];
...
}

All it does is to register the given derivations as requisites
unconditionally, perhaps simply by writing the aforementioned dotfile
at $out/.nixdeps.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-14 Thread Ertugrul Söylemez
On Sat, 14 Jun 2014 13:43:24 -0400
Shea Levy  wrote:

> > I can't.  I'm just pointing out a potential problem here.  If you
> > disagree, I'll be happy to construct a proof of concept.
> 
> Of course it could happen, but we have a huge number of packages in nixpkgs, 
> including a significant subset of hackage, and it hasn't actually happened 
> yet as far as anyone knows.
> 
> No one claims hash scanning/hash rewriting is 100% sound. It is, however, 
> extremely convenient and has worked remarkably well up until now. If we start 
> finding real world use cases where it fails, then we can start thinking about 
> alternatives, but until then why is this a big deal?

It's probably not a big deal.  On the other hand consider that it only
happens in a rather special scenario and may go unnoticed for quite
some time.

Consider an application (like a game) with a bunch of separate sets of
data files, each optional and referring to each other, compressed to
save space.  This is an actual design that I'm following in one of my
projects.  I'll know to make it Nix-friendly, but non-NixOS developers
may fail to do so.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-14 Thread Ertugrul Söylemez
On Sat, 14 Jun 2014 09:36:21 -0400
Shea Levy  wrote:

> Please point to a specific example of a package with an unretained dependency 
> due to UTF-16 storage

I can't.  I'm just pointing out a potential problem here.  If you
disagree, I'll be happy to construct a proof of concept.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-14 Thread Ertugrul Söylemez
On Fri, 13 Jun 2014 18:54:53 +0200
Eelco Dolstra  wrote:

> > The path-rewriting proposal is a very bad idea and will cause a lot of
> > breakage.  For many/enough applications rewriting will not work at all,
> > because they might encode paths in data structures or be using a
> > non-UTF8 multi-byte encoding.
> 
> Packages that store paths in UTF-16 don't work with Nix anyway, independent 
> from
> hash rewriting, because Nix finds runtime dependencies by scanning for plain
> ASCII hashes. To my knowledge we've never encountered such a package in 
> Nixpkgs.
>
> This paper has a small evaluation of hash rewriting:
> http://nixos.org/~eelco/pubs/secsharing-ase2005-final.pdf (section 6.1)

We certainly have.  As said, Haskell works that way:  while hardcoded
paths are commonly stored in UTF-8, serialized text is more likely in
UTF-16, because that's the internal format of the Text type.  Also
continuous path strings are very uncommon, because we use
platform-independent combinators to construct paths.

Nix' dependency scanning still works most of the time, because paths to
other Haskell packages are stored at least in a GHC registration file as
continuous strings.  It could fail for other requisites like data files
from non-Haskell packages.  For example the CA certificates are stored
in their own derivation.  If not half of the system would depend on that
derivation, it would most likely be GCed away and Haskell programs
would be unable to find them.

Rewriting is even worse, because now you are interpreting a
structurally rich file as a mere byte-string and then changing things
based on vague assumptions.  This is dangerous, in particular for ELF
files, which are in fact Turing-complete (ELF itself, not the code it
contains).  Just as a theoretical point consider that the question
whether your rewriting algorithm is correct is undecidable in general.

More practically you would break half of Hackage.  The breakage would
range from being as gentle as a Haskell program failing to find
certificate files to as severe as a Haskell plugin-based web
application (like clckwrks) fatal-error-crashing.

As a Haskell developer I must warn you about rewriting.  This /will/
cause trouble at least for Haskell.  Even the current dependency
scanning mechanism is a ticking time bomb for Haskell users, though it
did not yet explode for me.


> Or even better, ask the admin to use pam_namespace:
> 
> http://www.linux-pam.org/Linux-PAM-html/sag-pam_namespace.html
> 
> And hopefully, one day users won't need to be root to do bind mounts.

That would be very useful, yeah.  It's probably already possible anyway
given the right capability, but I don't know.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Binary packages for custom store path installs

2014-06-12 Thread Ertugrul Söylemez
Vladimír Čunát  wrote:

> For some previous discussion you can see
> https://github.com/NixOS/nix/issues/16
>
> So far there's IMHO been no really good solution proposal. And
> probably none is currently providing binaries to use.

The path-rewriting proposal is a very bad idea and will cause a lot of
breakage.  For many/enough applications rewriting will not work at all,
because they might encode paths in data structures or be using a
non-UTF8 multi-byte encoding.

For example rewriting will fail for pretty much all Haskell packages,
because UTF-16 is a common encoding and path handling is not stringly
typed in Haskell.  In many cases there is an actual data structure for
paths with separated path segments in memory.  Many other strongly typed
languages will cause the same trouble.

In other words:  Do not rewrite paths!  If your proposal requires
violently manipulating binaries, it is most likely a bad idea.

One simple and safe way to do this would involve using private mounts
with chrooting:  Create a private bind-mount of "/" somewhere, then
bind-mount the Nix store at "/nix/store".  Run the application within a
chroot in that directory.  To the application the Nix store will appear
to be mounted at "/nix/store".

The drawback of this method is that it requires the administrator to
allow one SetUID executable for the setup, or perhaps a bunch of entries
in the fstab.  After that no further support from the administrator is
required.

Another way would be to hook the path handling procedures of the libc.
Rewrite "/nix/store" to whatever is in the NIX_STORE variable.  This
would be a lot of hard work, but would work much more reliably than
rewriting paths in binaries, and it would work without help from root.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A


pgp7GDP_cdOm9.pgp
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


[Nix-dev] Fw: Re: Linux Action Show is calling

2014-06-12 Thread Ertugrul Söylemez
Oops, this should go to the list.  Some day I'll learn to press C-R
instead of C-r. =)


Thor Arne Hopland  wrote:

> I made this post on the LAS Reddit page because I thought they needed
> a better introduction.
>
> http://www.reddit.com/r/LinuxActionShow/comments/27xoqd/nixos_a_challanger_appears/
>
> I hope I represented NixOS correctly :/

I could nitpick (some details are wrong), but your presentation is fair.
In particular I liked the way you presented the Nix suite as a fully
fledged (continuous) deployment solution rather than a mere package
manager.  I don't want Nix to stand alongside apt, pacman and
Portage. =)


> But anwyays, they've said they've tried to contact you many
> times. They want one of the NixOS developers to come on the show and
> talk about NixOS! This is a great marketing oppertunity, you
> guys. Tons of people watch Linux Action Show and it might lead to us
> getting more pullers, committers and packagers (we need moar).

Well, this is controversial.  Of course I want NixOS to gain popularity,
because that would get us at least new Nixpkgs developers.  On the other
hand the lack of large-scale success has helped us preserve and maintain
the soundness of the system.  As SPJ once said (about Haskell): "Avoid
success at all costs!".

Yet I can't deny that I would like to see an LAS episode featuring
NixOS.  I'm not a core developer, but I contribute stuff from time to
time (patches, snippets and support on Freenode), and I use both NixOS
and the Nix suite to most of their potential.  I can both praise and
complain about them a lot. =)

I'll offer my soul, if nobody else has time, on the following
conditions:

  * +1 from Eelco,

  * more +1s than -1s from the Nixpkgs committers (note: 0 ≯ 0).

Whoami: I'm ertes on Github and mm_freak on Freenode.  Some of you may
know me as @ertesx, too.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A


-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A


pgpYNEpfJHnlG.pgp
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Extra manpage per service?

2014-06-09 Thread Ertugrul Söylemez
Hi Bjørn,

that sounds amazing, I would love that.  I wouldn't know where to start either, 
though.


Greets,
Ertugrul


On Mon, 9 Jun 2014 12:02:35 +0200
Bjørn Forsman  wrote:

> I've been messing around with the nixos 'graphite' service lately. I
> thought the module was a bit thin on the documentation side, so I
> started to search online. I came across this graphite puppet
> module[1], and what struck me is that there is no way that our current
> "man configuration.nix" can provide that kind of detail for each
> service, without being completely unreadable.
> 
> So, how about we add a manpage for each service.? I think it
> would be a good idea to still have everything in man
> configuration.nix, although "man nixos-service-TAB-TAB" would probably
> be just as easy to navigate.
> 
> Does that sound like a good idea to you? Is it easy to do? I don't
> know where to begin :-)

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Openssl and fast security updates

2014-06-06 Thread Ertugrul Söylemez
On Thu, 05 Jun 2014 23:39:34 +0200
Vladimír Čunát  wrote:

> Hydra has and uses priorities. Anyway, building OpenSSL itself is very 
> quick, but rebuilding all that (transitively) depends on it is worse. 
> And there are CVE fixes for stdenv stuff sometimes (glibc)...

Yes, and the basic idea is that you could have high priority packages like 
OpenSSL, OpenVPN and nginx.  Whenever Hydra sees a job of higher priority it 
starts doing it (potentially aborting whatever it is currently doing).  Once 
all jobs of the same priority are done, it runs the tests of the same priority 
and updates the channel.  Then it goes to the next highest priority.  That way 
security updates won't take longer than necessary.

When we use priorities generously we could avoid a lot of delay even in less 
critical cases.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] Openssl and fast security updates

2014-06-05 Thread Ertugrul Söylemez
On Thu, 5 Jun 2014 21:01:59 +0100
Shell Turner  wrote:

> So is the argument that it should be possible to update the channel
> with the new package definition before the binary cache has finished
> building, thus letting people rebuild their systems locally if need
> be? That seems reasonable.

I think a nice solution would be to add build priorities to Hydra.  When a 
security update is required quickly, then update the OpenSSL expression, assign 
a high build priority to OpenSSL and the common server packages and let Hydra 
do the building.  Most people will build on weaker machines, so I think that 
"waiting for Hydra" is the way to go, even when you can't watch the actual 
build process and thus feel that nothing is happening.

All we need is to make sure that Hydra builds those quickly enough.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] New website

2014-06-02 Thread Ertugrul Söylemez
Eelco Dolstra  wrote:

> Actually, a major goal in the redesign was to *get rid* of all the
> non-NixOS stuff. It's the NixOS homepage, after all, not the Nixpkgs
> homepage. Confronting visitors with a lot of other projects is just
> confusing.

While non-NixOS stuff belongs into the wiki, nixpkgs itself is not quite
non-NixOS.  I very much like the structure of the Arch Linux homepage
with its small introduction (no large fonts), news as the primary
content and recent activity in the package database.  On the right hand
side you find links to documentation and other stuff.

NixOS differs from other distributions in that it is actually a
collection of projects that work together.  As such a "projects" menu
should appear somewhere on the page and you should not have to unroll it
first.  It should include at least (here in alphabetical order):

  * Hydra,
  * Nixops,
  * NixOS,
  * nixpkgs.

I agree that helper packages like PatchELF do not belong there.


> It would be nice to have a "Packages" link in the navbar though, like
> on archlinux.org, linking to a easily browseable list of available
> packages. Also, the front page could have a blurb about the number of
> packages available in NixOS, which could link to Nixpkgs.

This should be easy enough by using nix-env's XML output together with a
suitable XSLT stylesheet.  Hydra could take care of maintaining it.


> >   * The front page is serving new visitors and active users, it should pick 
> > one.
>
> I considered removing all the news from the homepage, but 1) it seems
> useful to show activity on the homepage, just to convey that the
> project is alive; 2) visitors don't have to read it, it's easy to
> mentally filter it, so I felt it doesn't hurt much to have it there.

News are fine.  They are useful both to newcomers and to active users.


> Videolan.org actually has a pretty similar layout to nixos.org: a
> description + big download button, followed by news/blogs.

I would compare VideoLAN less to a distribution and more to a monolithic
software package similar to Firefox or LibreOffice.  Also I wouldn't
like people to mistake NixOS as "just another distro".  It is, among
other things, a development and (continuous) deployment platform.  The
homepage should make this clear.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 

Key-ID: F9B5212A
Fingerprint: 8D89 7AC9 21CF F868 F074  9058 30CB D56F F9B5 212A


pgpU5_7dQ32YB.pgp
Description: PGP signature
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] New website

2014-06-01 Thread Ertugrul Söylemez
On Sat, 31 May 2014 17:29:12 -0700
"M. P. Ashton"  wrote:

> > > I don't mind the new website at all. I think it looks nice, and it does
> > > seem more professional than the old one.
> > 
> > If you need to look like some Enter Prise Service (typos intended) to
> > deserve the "professional" label, I'm happy to look unprofessional.
> [...]
> 
> I'm afraid I must not have written very clearly. I certainly didn't
> intend to imply that you were wrong about anything. I just thought I'd
> tell Dr Dolstra and the list about my own experience, since it was
> obviously very different to yours and the other fellow's. (And was also
> not "wrong".) I'm sorry for the confusion.
> 
> As I'm sure you and the other knowledgeable participants will have no
> trouble working out these weighty matters amongst yourselves, and I
> actually don't care that much about this anyway, I'll just step aside
> and let you all do that.

No worries, I didn't mean to be offensive.  This is not about my experience, 
but about my opinion, and I'm just stating that we do not have to follow the 
lead of large websites, particularly since the goal of our website is to convey 
useful information.  It does not provide a web service in the traditional sense.

The new website does have a few new features, but most of them look like 
stopgaps to me, like the commit history, which isn't really useful on the home 
page.  I would prefer the subprojects themselves to take most of the space with 
a very short introduction at the top.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


Re: [Nix-dev] New website

2014-05-30 Thread Ertugrul Söylemez
On Fri, 30 May 2014 13:27:00 -0700
"M. P. Ashton"  wrote:

> I don't mind the new website at all. I think it looks nice, and it does
> seem more professional than the old one.

If you need to look like some Enter Prise Service (typos intended) to deserve 
the "professional" label, I'm happy to look unprofessional.


> It also has a more promotional bent, which may or may not fit the
> project's goals -- I don't know if world domination is an aim for the
> project right now, but the new website seems to satisfy that goal much
> better than the old one.

I can't speak for the whole community, but I would say the project's aim is to 
provide a decent deployment system.  A growing community is certainly helpful, 
yet we have managed to get this far with a comparatively small one.  In either 
case there is no need for an Enter Prise Web Site (typos intended) to be 
successful.


> I don't care for websites sending me to external servers, mostly because
> the load time tends to become much longer, and occasionally the external
> servers don't cooperate. But for me it's not such a big deal. I'm pretty
> sure Google and NSA and Facebook know more about me than I do, even if I
> studiously use DuckDuckGo (which is probably a trigger word).

As Jay explained we shouldn't actively contribute to their power.  Anyway, this 
problem has been fixed.


> Someone said that they couldn't find the manual -- I found it very
> quickly under "HELP". I usually look for "Documentation" first, but
> "Help" seemed a reasonable second guess.

At least two of us overlooked the top bar the first time, including myself, and 
neither of us is a novice in web-browsing.  This is very strong evidence that 
there must be something wrong with the design.  This bar is more important than 
everything else on the page, so it should be very visible.  In fact I'd go as 
far as to say that a single-line bar isn't even sufficient.

For example the NixOS projects should be visible all the time.  They are our 
bread and butter.


> So, thanks for working on this -- I appreciate it, FWIW.

Don't get me wrong.  I do appreciate the work, but the process behind it was 
completely wrong.  The website was switched before the community even had a 
chance to review it.  I'd ask all committers to pay more attention to what the 
community says before applying patches.


Greets,
Ertugrul

-- 
Ertugrul Söylemez 
___
nix-dev mailing list
nix-dev@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-dev


  1   2   >