Discoverability - Nix

Welcome to the Functional Programming Zulip Chat Archive. You can join the chat here.

Magnus Therning

What tricks am I missing when it comes to finding things, e.g. packages or even files in packages?
For instance, right now I'm in need of finding some certificates.

The background is that I have a service that talks HTTPS with some other services. When I tried to remake the Docker image using Nix (from scratch instead of basing it on a rather fat Ubuntu image) I started getting this error

HttpExceptionRequest Request {
  host                 = ""
  port                 = 443
  secure               = True
  requestHeaders       = [("x-correlation-id","427ae008-76fb-4807-a35b-4851fbbbe2d7")]
  path                 = "/status"
  queryString          = ""
  method               = "GET"
  proxy                = Nothing
  rawBody              = False
  redirectCount        = 10
  responseTimeout      = ResponseTimeoutDefault
  requestVersion       = HTTP/1.1
 (InternalException (HandshakeFailed (Error_Protocol ("certificate has unknown CA",True,UnknownCa))))
Magnus Therning

I found a solution around this by using the haskellPackages.tls-debug package to fetch exactly the certificates I need.

Jack Henahan

Usually that means that you need to put cacert in your buildInputs and set whatever the env var is (I've forgotten the exact one) to something like ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt

Magnus Therning

Ah, yes, that's the package I could have used. Thanks!

How could I have found that package on my own?

Jack Henahan

Woof, good question. I think I found it by looking through GitHub issues, tbh. My main "discovery" techniques are searching issues and ripgrep on my local nixpkgs checkout. Maybe I should start writing docs