In the PR linked below we are trying to get RFC42 style settings into the syncthing NixOS module. We have some disagreements there unfortunately, so we’d appreciate if someone a bit experienced with NixOS modules would share their opinion and help us make a decision.
NixOS:master ← Lassulus:syncthing-fix
opened 10:00AM - 22 May 23 UTC
###### Description of changes
alternative to https://github.com/NixOS/nixpkgs… /pull/233377
fix https://github.com/NixOS/nixpkgs/issues/232679
<!--
For package updates please link to a changelog or describe changes, this helps your fellow maintainers discover breaking updates.
For new packages please briefly describe the package or provide a link to its homepage.
-->
###### Things done
- Built on platform(s)
- [ ] x86_64-linux
- [ ] aarch64-linux
- [ ] x86_64-darwin
- [ ] aarch64-darwin
- [ ] For non-Linux: Is `sandbox = true` set in `nix.conf`? (See [Nix manual](https://nixos.org/manual/nix/stable/command-ref/conf-file.html))
- [ ] Tested, as applicable:
- [NixOS test(s)](https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests) (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- and/or [package tests](https://nixos.org/manual/nixpkgs/unstable/#sec-package-tests)
- or, for functions and "core" functionality, tests in [lib/tests](https://github.com/NixOS/nixpkgs/blob/master/lib/tests) or [pkgs/test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/test)
- made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages
- [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage)
- [ ] Tested basic functionality of all binary files (usually in `./result/bin/`)
- [23.05 Release Notes (or backporting 22.11 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2305-release-notes)
- [ ] (Package updates) Added a release notes entry if the change is major or breaking
- [ ] (Module updates) Added a release notes entry if the change is significant
- [ ] (Module addition) Added a release notes entry if adding a new NixOS module
- [ ] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md).
<!--
To help with the large amounts of pull requests, we would appreciate your
reviews of other pull requests, especially simple package updates. Just leave a
comment describing what you have tested in the relevant package/service.
Reviewing helps to reduce the average time-to-merge for everyone.
Thanks a lot if you do!
List of open PRs: https://github.com/NixOS/nixpkgs/pulls
Reviewing guidelines: https://nixos.org/manual/nixpkgs/unstable/#chap-reviewing-contributions
-->
This PR is also blocking a dependent PR of mine , that fixes a very annoying bug in the module, and that was very hard to debug. I have been merging those 2 PRs to my nixpkgs fork for a few months now.
2 Likes
errnoh
August 19, 2023, 8:55am
66
I have a question on this topic, together with two example cases:
What’s the protocol on PRs for software that requires specific hardware and/or setup? I have two PRs open (one is recent and the other one multiple months old) that functionality-wise are hard to review due to their hardware requirements.
Recent example is [edit: has now been merged] a new package/module that was requested: goxlr-utility: init at 0.12.6 (fixes #243701) by errnoh · Pull Request #249860 · NixOS/nixpkgs · GitHub for GoXLR product line audio mixers. The person who requested the feature is active enough that I can likely get them to test the functionality, but I can imagine cases where even that is not available, what’s the protocol in situations where one wants to add a new package that can’t be tested without specific hardware?
The one that’s been hanging for months is luksroot: fix issue when yubikey is detached during boot process by errnoh · Pull Request #228144 · NixOS/nixpkgs · GitHub where there’s a repeatable corner case functionality for niche setup that involves rotating Yubikey full disk encryption. The problem and solution has been thoroughly explained, fix is simple, but as it involves hardware security it’s not like it should just be rubber stamped without proper review.
Unfortunately, we don’t have such a policy, very similarly to how we lack even more basic policies (people are complaining about that these days in this thread ). However, in my experience, if 1 person is able to verify the change is working with the hardware, or even if none, and the changes look good and software at least compiles and is able to not crash for a --help argument, it should be good to go.
For the 1st PR you linked, getting a
1 Like
But, for changes such as in the 2nd PR, testing that this doesn’t break a setup for someone else is crucial. So that would require an approval from someone with that hardware available.
A PR rewriting i2pd nixos service is fixing its fundamental functionality is in:
NixOS:master ← one-d-wide:i2pd-refactor-freeform
opened 05:07PM - 10 Apr 23 UTC
###### Description of changes
<!--
For package updates please link to a chan… gelog or describe changes, this helps your fellow maintainers discover breaking updates.
For new packages please briefly describe the package or provide a link to its homepage.
-->
#### Refactor
- Redundant option declaration replaced with free-formed one (as proposed in [RFC42](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md)).
#### Add
- String enumerator options in place of raw integer indexing
- Systemd service hardening
- Basic configure validation (only option names in `i2pd.conf`)
- Runtime credentials passing
###### Things done
- Built on platform(s)
- [x] x86_64-linux
- [ ] aarch64-linux
- [ ] x86_64-darwin
- [ ] aarch64-darwin
- [ ] For non-Linux: Is `sandbox = true` set in `nix.conf`? (See [Nix manual](https://nixos.org/manual/nix/stable/command-ref/conf-file.html))
- [ ] Tested, as applicable:
- [NixOS test(s)](https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests) (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- and/or [package tests](https://nixos.org/manual/nixpkgs/unstable/#sec-package-tests)
- or, for functions and "core" functionality, tests in [lib/tests](https://github.com/NixOS/nixpkgs/blob/master/lib/tests) or [pkgs/test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/test)
- made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages
- [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage)
- [x] Tested basic functionality of all binary files (usually in `./result/bin/`)
- [23.05 Release Notes (or backporting 22.11 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2305-release-notes)
- [ ] (Package updates) Added a release notes entry if the change is major or breaking
- [ ] (Module updates) Added a release notes entry if the change is significant
- [ ] (Module addition) Added a release notes entry if adding a new NixOS module
- [x] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md).
<!--
To help with the large amounts of pull requests, we would appreciate your
reviews of other pull requests, especially simple package updates. Just leave a
comment describing what you have tested in the relevant package/service.
Reviewing helps to reduce the average time-to-merge for everyone.
Thanks a lot if you do!
List of open PRs: https://github.com/NixOS/nixpkgs/pulls
Reviewing guidelines: https://nixos.org/manual/nixpkgs/unstable/#chap-reviewing-contributions
-->
The quality of writing seems very good to me - impressive for a first time contribution. I have little to no experience with freeformed submodules, and little experience with modules with so many options, so help will be appreciated.
Majiir
September 17, 2023, 9:26pm
70
nixos/generations-dir: Improve symlinking in `/boot` by Majiir · Pull Request #198728 · NixOS/nixpkgs · GitHub has been “LGTM” for almost a year. I think it’s stuck because not many reviewers run the relevant configuration to test it. (It can be tested on practically any hardware, but almost nobody runs generations-dir because there are better boot loader integrations for most systems.)
I’ve run this patch on one of my systems for at least as long as the PR has been up, and it’s been smooth sailing.
2 Likes
bbigras
September 22, 2023, 4:41pm
71
This PR for msodbcsql18 has been languishing for almost a year, and given that OpenSSL 1.1.1 is now EOL, It would be great to get an ODBC SQL Server driver that can support OpenSSL 3.0
NixOS:master ← SamirTalwar:msodbcsql18
opened 07:33PM - 24 Oct 22 UTC
###### Description of changes
This is the ODBC Driver 18 for SQL Server, whic… h now supports arm64 (and therefore modern Mac hardware). Download links were acquired from the [Linux](https://learn.microsoft.com/en-us/sql/connect/odbc/linux-mac/installing-the-microsoft-odbc-driver-for-sql-server?view=sql-server-ver16) and [macOS](https://learn.microsoft.com/en-us/sql/connect/odbc/linux-mac/install-microsoft-odbc-driver-sql-server-macos?view=sql-server-ver16) installation pages.
I used the Debian packages, as that's what the `msodbcsql17` package uses.
I have verified these build appropriately. I haven't tested them thoroughly in nixpkgs, but I have tested them at length as part of [hasura/graphql-engine](https://github.com/hasura/graphql-engine). The contents are copied from [_nix/msodbcsql18-linux.nix_](https://github.com/hasura/graphql-engine/blob/c3afa0fdd7eece8eb1bc708e4e241efe36c18618/nix/msodbcsql18-linux.nix) and [_nix/msodbcsql18-darwin.nix_](https://github.com/hasura/graphql-engine/blob/c3afa0fdd7eece8eb1bc708e4e241efe36c18618/nix/msodbcsql18-darwin.nix).
###### Things done
- Built on platform(s)
- [x] x86_64-linux
- [ ] aarch64-linux
- [ ] x86_64-darwin
- [x] aarch64-darwin
- [ ] For non-Linux: Is `sandbox = true` set in `nix.conf`? (See [Nix manual](https://nixos.org/manual/nix/stable/command-ref/conf-file.html))
- [ ] Tested, as applicable:
- [NixOS test(s)](https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests) (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- and/or [package tests](https://nixos.org/manual/nixpkgs/unstable/#sec-package-tests)
- or, for functions and "core" functionality, tests in [lib/tests](https://github.com/NixOS/nixpkgs/blob/master/lib/tests) or [pkgs/test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/test)
- made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages
- [x] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage)
- [x] Tested basic functionality of all binary files (usually in `./result/bin/`)
- [22.11 Release Notes (or backporting 22.05 Release notes)](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#generating-2211-release-notes)
- [ ] (Package updates) Added a release notes entry if the change is major or breaking
- [ ] (Module updates) Added a release notes entry if the change is significant
- [ ] (Module addition) Added a release notes entry if adding a new NixOS module
- [ ] (Release notes changes) Ran `nixos/doc/manual/md-to-db.sh` to update generated release notes
- [x] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md).
bbigras
September 28, 2023, 1:32am
73
Anyone knows what to do when the git repo doesn’t have any tags, and we want to build from source?
NixOS:master ← bbigras:gpt4all
There's no tag on https://github.com/nomic-ai/gpt4all . Is there anything we can… do?
Haven’t looked at the PR, but in general, the fact there are no Git tags should have no effect on the decision whether to build from source or not. In general, building from source is preferred, with or without Git tags.
In case Git tags are missing, but there are version strings staggered in the source, it’d be nice to ping upstream about it, and use an explicit git revision in the meantime. Put a good comment near where the commit hash revision is used (instead of a rev = version or alike). Use the revision that marked the bump of the version string in the source.
2 Likes
from that person who requested the feature would greatly benefit, after most of the review is done.