| 2 Jan 2025 |
 atemu12 | Try to access that directory from within the sandbox via a e.g. a simple runCommand to verify | 14:56:11 |
 countoren | maybe I will try to switch out from flake to be able to change default.nix | 14:56:59 |
| atemu12 | You should be able to modify it with flakes too; they're shit but not that shit | 14:57:36 |
| countoren | well flake is downloading the source (of robotnix) to the nix store | 14:58:31 |
| countoren | well I mean to clone the repo. | 14:58:52 |
| countoren | in this machine that i switched to I just used the flake without cloning | 14:59:11 |
| atemu12 | Ah I see | 15:01:08 |
| countoren | * in this machine that i switched to I just use the flake without cloning | 15:01:14 |
| atemu12 | Cloning and using the local flake should be easy enough | 15:01:19 |
| atemu12 | Ahaahaa wait, this is flakes, I have no idea whether that's simple | 15:01:37 |
| atemu12 | Right | 15:01:41 |
| countoren | yes true, tho with my experience it still might deffer between flake to nix-build I had some differences before with file path parsing between the 2 | 15:02:37 |
| countoren | but it was long ago it might be fine now | 15:02:57 |
| atemu12 | You should be able to do the simple sanity check regardless of flakes though | 15:05:08 |
| atemu12 | It doesn't depend on robotnix | 15:05:25 |
| countoren | anyway trying to understand it better is KEYSDIR is env var expected by the android build tool? | 15:05:53 |
| atemu12 | Come again? | 15:09:02 |
| countoren | o it talking about it being directory. ```
Missing KEYSDIR directory, did you use "--option extra-sandbox-paths /keys=..." ?
| 15:10:22 |
| countoren | * o it talking about it being directory. ```
Missing KEYSDIR directory, did you use "--option extra-sandbox-paths /keys=..." ?
| 15:10:44 |
| atemu12 | Check whether that directory exists and is readable inside the sandbox | 15:10:53 |
| atemu12 | You can do that with a simple runCommand | 15:11:11 |
| atemu12 | To skip all the complexity of robotnix for troubleshooting | 15:11:33 |
| countoren | you mean nix shell --pure ? as well? | 15:14:46 |
| countoren | * you mean nix shell --impure ? as well? | 15:15:56 |
| atemu12 | However you prefer to eval Nix code | 15:17:57 |
| atemu12 | I'd use a repl or --expr but whatever you like | 15:18:15 |
| countoren | where should I see KEYSDIR? | 15:21:08 |
| atemu12 | You should check whether the path you've passed through to the sandbox actually exists and the contents are readable | 15:21:34 |
| atemu12 | (From within the sandbox of course.) | 15:25:01 |
| countoren | I guess I never had to use extra-sendbox-paths for everything I did until now(like 10 years of nix) I always resulted with a wrapper if "secrets" are involved. I did add it to my nixos configuration getting permission issues now, I will look into it.
but I wonder how hard it will be (or make sense) to "wrap" the builder in writeShellApplication/Script to execute not from a nix sendbox. | 16:17:37 |
