martinklepsch has quit [Quit: YourBNC - (https://yourbnc.co.uk)]
martinklepsch has joined #nix-darwin
martinklepsch has quit [Read error: Connection reset by peer]
martinklepsch has joined #nix-darwin
hamishmack has quit [Quit: hamishmack]
hamishmack has joined #nix-darwin
hamishmack has quit [Quit: hamishmack]
hamishmack has joined #nix-darwin
<LnL> johnw: I found what was missing preferLocalBuild
zzamboni has joined #nix-darwin
zzamboni has quit [Quit: Leaving.]
periklis has joined #nix-darwin
zarel has joined #nix-darwin
zzamboni has joined #nix-darwin
zzamboni has quit [Quit: Leaving.]
zarel has quit [Quit: Leaving]
periklis has quit [Ping timeout: 246 seconds]
zzamboni has joined #nix-darwin
{^_^} has quit [Remote host closed the connection]
{^_^} has joined #nix-darwin
zzamboni has quit [Quit: Leaving.]
<gchristensen> LnL: what is the status of sandboxing, still no-go for ofborg for "a while"?
<LnL> yeah, I've been pretty distracted with other stuff
<gchristensen> sure
<gchristensen> I think I/we should brainstorm ways to go around that requirement, then
<gchristensen> like a builder-in-a-vm or something like that
<LnL> and I understand the issue with nix-env / build-remote and mostly know how to fix those
<LnL> but the propagation of impure stuff is a bit harder
<gchristensen> hmm makes sense
<gchristensen> another option would be to have "tiers" of callers where "anon" -> linux only, trusted -> darwin too
<LnL> yeah
<LnL> it's also possible to disable on a per build basis
<gchristensen> oh?
<LnL> if the ofborg builder is running as a trusted user it could pass --option build-use-sandbox false
<gchristensen> another option is to drop darwin from ofborg for now
<LnL> trusted users seems fine to me
<gchristensen> run it on darwin w/out the sandbox if the requestor is trusted?
<gchristensen> otherwise, skip darwin?
<LnL> yeah
<gchristensen> yeah
<gchristensen> ok, that requires a slight restructuring in the job-creation end, but not a big deal
<gchristensen> right now it spews jobs to an exchange that get automatically copied to each architecture. this will require directing explicitly to archs
<gchristensen> also possibly opens up https://github.com/NixOS/ofborg/issues/5
<LnL> another idea is to keep running sandboxed builds but add some heuristics to the raporting
<LnL> doing something similar for 'is not supported on platform' would also be nice
<gchristensen> right
<gchristensen> we're sort of careening towards a world where I have to keep state about builds :P
nkpart has joined #nix-darwin