<LnL>
uhoh, somebody at apple just reviewed the installer pr
<gchristensen>
oh shit
<gchristensen>
:o
<gchristensen>
what'd they think? :)
<gchristensen>
link?
<gchristensen>
:o
<gchristensen>
:o
<gchristensen>
:o
<LnL>
have a feeling there's a magic tool they didn't include in the release
<gchristensen>
oh
<gchristensen>
is it called nix?
<LnL>
:D
<evelyn>
thye clearly havi inside knowledge about the magical firmlinks :P
<gchristensen>
very interesting that they're reviewing the PR, I assume this means they were *told* to review the PR
<evelyn>
maybe it's in the beta?
<gchristensen>
since they have an absolutely draconian internal policy around OSS contributions
<evelyn>
i guess this kind of suggests that synthetic.conf was dropped for us + other oss projects like fink
<gchristensen>
interesting
<LnL>
yeah pretty sure it was, or at least a big part of the reason they decided to add it
<LnL>
from synthetic.conf(5)
<LnL>
synthetic.conf is intended to be used for creating mount points at / (e.g. for use as NFS mount points in enterprise deployments) and symbolic links (e.g. for creating a package manager root without modifying the system volume)
<LnL>
aparenlty we're an enterprise nfs mount
<abathur>
:]
<gchristensen>
nice
<abathur>
I dunno if told, it smells like from his repo that he does already use nix
<evelyn>
would be funny if apple were using nix internally
<abathur>
he's got a fork of vgo2nix last updated in mid march for example
<gchristensen>
LnL: michaelraskin got me thinking things about nix-darwin's model of applying service management, that I'm kind of interested in trying more generally
<LnL>
not sure I follow
<gchristensen>
nix-darwin adding services to the system's service manager
<gchristensen>
which is something nix-on-systemd-linux could do really trivially, with systemd generators
<__monty__>
What is this service manager? Launchd? How are the systemd services different?
<gchristensen>
LnL: if we look at the "getting in to nixos" as a ramp of try nix -> nix shell -> nix-built docker container -> [...] -> nixos, something to fit in that [...] could be "running a service on rhel, but built by nix"
<gchristensen>
abathur: oh wow hello
<gchristensen>
LnL: and nix-darwin so perfectly fits in that [...] already
<__monty__>
Oh yeah, that would be really cool.
<__monty__>
"Just install this thing with nix." "Oh, yeah, you could run that service with nix." "Now just remove pacman/apt-get. >: )"
<LnL>
well I'm not sure if nixos modules as they are now would be the way to go for this
<gchristensen>
yeah, probably not
<LnL>
they are not very composable and you want that for something like this much more compared to nixos
<gchristensen>
they're have lots and lots of assumptions about being "on nixos"
<__monty__>
Yeah, we should probably just migrate them all to hnix and use the haskell module system. : >
<gchristensen>
well that is ... an idea
<gchristensen>
:)
<LnL>
and on the activation part sharing the host system makes things also much more complicated
<gchristensen>
yeah
<LnL>
I've mostly opted to be safe and not touch anything that nix-darwin doesn't know about / expect
<gchristensen>
yeah
<LnL>
but that has a bunch of annoying downsides
<LnL>
bigger picture I think nixos handles many of these things too much in the traditional way (ie. global)
<gchristensen>
you are speaking michaelraskin's language
<evelyn>
hmm tolfaeletti writes "
<evelyn>
Sorry, looks like this isn't available. I'll see if I can find another way.
<LnL>
environment.etc is an old concept, things like vim_configurable are _way_ more powerful since it's decoupled
<evelyn>
so apfsctl must be an internal apple tool? .oO
<gchristensen>
+1
<LnL>
but that's an easy example, services are already quite a bit more complicated to approach in a similar way
<gchristensen>
there are _some_ things I want in /etc, like my `sway` configuration, so I can reload the config withouht killing my gui
<gchristensen>
but almost all things -> none of that please
<LnL>
well no, you don't want it in /etc you just want it to support reloading
<gchristensen>
I need a mutable file to pivot the configuration at, I think
<LnL>
yeah probably, but it's tied to the lifetime of that service if you stop that it could go away
<gchristensen>
yeah true
<LnL>
on linux a good example could be to tie that to the namespace of the process like containers do
<LnL>
but that's not a very generic feature across other platforms
<evelyn>
i wonder what apfsctl actually does, why would they keep such a program internally? :(
<gchristensen>
can't trust us hooligans with the tools
<LnL>
I have a feeling it just wasn't ready yet
<gchristensen>
yeah probably :)
<LnL>
the synthetic.conf story came pretty late, or at least that's what it seemed like to me, so I wouldn't be surprised they had to rush that out a bit
<gchristensen>
yeah
<abathur>
hmm
<abathur>
does something about the create volumes script implicitly disable encryption on other volumes?
<abathur>
I could swear I left filevault enabled during install, but fiddling around with diskutil now and it doesn't look like it's enabled on either my system or data volumes
<LnL>
I doubt that's even possible to automate
__monty__ has quit [Quit: leaving]
<abathur>
yeah, not sure; I had the same discovery on my previous system still on mojave, but it had been so long since setup that I thought maybe I had just forgotten
<abathur>
but when I was setting up this new system I don't think I did a single install without leaving FV enabled, but disabling the reset-from-my-appleid option
<abathur>
maybe the installer is just dumb
<LnL>
you mean the check I added?
<abathur>
sorry, maybe the macOS installer is just dumb
<abathur>
I
<abathur>
I'm talking through the loop of clean macOS install with FV ostensibly enabled, run your create volume script, install nix, pull in my dotfiles, run my bootstrap script
<evelyn>
I don't think the macOS installer enables filevault by default?
<abathur>
and then ~5 days later noticing FV is off on all volumes, when my reasoning about the process was that it would only be off for the Nix Store volume
<LnL>
yeah, unless there's a step somewhere it's not on by default
<abathur>
plausible; I'd have to re-do it to know for sure, in any case I make sure the top checkbox is ticked to enable it but untick the 2nd one to disable the icloud-reset part
<gchristensen>
btw LnL I don't have brain space to think about the PR fixing installation to macos, so I guess I'd like to say ... tell me when it is ready, and I can push merge? and if something breaks, I trust you'd fix it :)
* gchristensen
feels guilty for not looking at that
<abathur>
it looks like it IS enabled on my older macbook running mojave
<abathur>
and I was installing both of these systems repeatedly last week to make sure my bootstrap still worked for both mojave and for catalina
<LnL>
gchristensen: well at this point I think it's only the filevault error message
<LnL>
stuff can still be improved and whatever, but that's no reason not to have a working version
<abathur>
the script worked fine for me bootstrapping on catalina, though I did set up my bootstrap to only run it when the sw_vers was 10.15+
<LnL>
that's the current error which should probably give a bit more context
<abathur>
with the asterisk that I'm not quite sure why my FV is off, and could swear I enabled it; but I'm also the kind of person who just occasionally forgets to close the front door
<abathur>
or take my keys out of it
<abathur>
so, anything's possible :)
<abathur>
I did run the create volume script on my older MBA on mojave with FV enabled and the script did detect FV and refuse to create the volume