samueldr changed the topic of #nixops to: NixOps related talk | logs:
lugh has quit [Quit: quitting bouncer]
craige has quit [*.net *.split]
craige has joined #nixops
craige has quit [*.net *.split]
craige has joined #nixops
<teto> johnny101: I think in my case it's because the sshd service doesn't have enough entropy to use ssh-keygen ? hence it times out ? I've checked my config but it seems every virtio feature is enabled in the guest (CONFIG_HW_RANDOM_VIRTIO) so maybe I need to just increase the timeout, not sure
<clever> teto: after CONFIG_HW_RANDOM_VIRTIO you still need to use that hwrng device
<clever> teto: you shouldnt need any kernel config flags, just `modprobe virtio_rng` to create `/dev/hwrng` then run `rngd -r /dev/hwrng` to transfer entropy from the hw generator to the kernel
<teto> clever: interesting. I wonder how to best plug the rngd command in my nixops config. I believe system.activationScripts are run before any systemd service. could that be a solution ?
<clever> teto: just make a systemd service, and flag sshd as depending on rngd
<clever> or dont bother, since sshd will just hang until enough entropy is available, and systemd will start both rngd and sshd at the same time
<clever> and then rngd will feed sshd, and un-hang it
<teto> sounds good
<teto> is 'clever' an humble alias for 'god' ;) ?
<clever> :D
<teto> I wonder if the lack of entropy is due to me now using to virtio
<teto> once I looked into some issue with my service, I found out there was already security.rngd.enable option in nixpkgs xD
<teto> and qemu-guest.nix disables rngd :s
psyanticy has joined #nixops
<teto> clever: ok finally managed to make it work \o/
<teto> it fixes the problem
psyanticy has quit [Quit: Connection closed for inactivity]