<gchristensen>
ah. give it time :P in flux. anyway, I promised I'd be going to bed , so here I go :P
<DigitalKiwi>
and seems to be a lot slower but that could be on my end
<samueldr>
nixos-unstable going away from that list was not an accident
<samueldr>
(though feel free to open an issue about that)
<samueldr>
it could be slower to download, but it's unlikely, except if netlify gzips poorly the output
<DigitalKiwi>
yeah, not in the mood to get told off again
<DigitalKiwi>
if it wasn't an accident then i'm sure an issue would be unwelcome
abathur has quit [Ping timeout: 258 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 260 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 256 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 256 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 255 seconds]
abathur has joined #nixops
<aminechikhaoui>
gchristensen do you know if buildkite needs a special setup for open-source free version ?
<aminechikhaoui>
it says 14 days free trial for a simple account I created where I didn't do anything yet
<gchristensen>
ping me in 1h, I didn't mean to see this :)
<aminechikhaoui>
sure
<adisbladis>
aminechikhaoui: Are you thinking to use buildkite for nixops ?
<gchristensen>
(this is not hard)
<aminechikhaoui>
yeah want to experiment a bit with it first
<adisbladis>
aminechikhaoui: We have capacity in the build machine we use for nix-community.
<adisbladis>
Personally I'd really like to use github actions if we could get their self-hosted runners working.
<aminechikhaoui>
adisbladis how does secret mgmt work with Github actions ?
<adisbladis>
It doesn't I think?
<adisbladis>
I mean it's not like buildkite has a satisfactory answer to that either.
* gchristensen
wishes he could participate more in this chat :x
<adisbladis>
gchristensen had some interesting ideas around using vault for short-lived secrets
<adisbladis>
So even _if_ something would leak we'd be fine
<aminechikhaoui>
buildkite you run things on your machines right, so at least you can manage secrets but yeah it doesn't prevent them being exposed by mistake
<aminechikhaoui>
yeah vault would be ideal, but then would that mean hosting our own vault instance
<adisbladis>
aminechikhaoui: Right, when I say github actions I mean a github actions setup with a runner on our own machines
<aminechikhaoui>
oh that can be done
* aminechikhaoui
goes to read about Github actions
<adisbladis>
zimbatm made some great progress in that area, I don't know where it ended up
<adisbladis>
Migrating buildkite<->github-actions shouldn't be too hard though, so we may start with buildkite if we're blocked on the runner situation?
<gchristensen>
<3 buildkite
<aminechikhaoui>
I guess I can experiment with nixops-libvirt or nixops-vbox where there is no problem with secrets
<aminechikhaoui>
but Github actions or buildkite doesn't really matter to me as long as it does the job :-)
<adisbladis>
I like the UX of having all build output integrated in the github web interface :>
<adisbladis>
Other than that not very strong opinions
<aminechikhaoui>
heh it's been a while since I didn't see a C# codebase :D
<adisbladis>
:D
<aminechikhaoui>
is this post Microsoft ?
<adisbladis>
aminechikhaoui: It's actually a forked azure devops runner
<aminechikhaoui>
ah definitely post Microsoft then
<adisbladis>
Yeah
<adisbladis>
In any case let's not get blocked on whether the bike shed should have a github or a buildkite logo :)
<adisbladis>
"At least two browsers - Chrome and Firefox - will cache a 301 redirect with no expiry date."
<gchristensen>
well let's not do that as part of *this* PR.
<bhipple>
I believe they reconsider the cache if the webpage fails to load, but otherwise never expire
<adisbladis>
gchristensen: I'm making a PR to update that.
<bhipple>
Anyways, I was wondering if there's any documentation on building a custom NixOS AMI and using it with nixops?
<bhipple>
I see there's deployment.ec2.ami, wondering how to make/build/upload the AMI itself
<gchristensen>
nixos maintainer scripts ec2
<gchristensen>
my thinking about Actions is it's probably easiest to just get some creds on a box with buildkite and Get It Done
<gchristensen>
we don't need to make the logs public For Now
<gchristensen>
and step 2 can be use expiring creds always and public logs
<adisbladis>
+1
<adisbladis>
Like I said: We can use the nix-community machine
<gchristensen>
that too
<gchristensen>
doesn't matter
<adisbladis>
Already has buildkite set up and ready to go :>
<gchristensen>
aminechikhaoui: did you create a NixOS organization? if so, can you add me to it? it is easy to get it exempted for free access for OSS. I have three such orgs :P
<samueldr>
I was only going with 301 because of the other redirects, though 302 may indeed be better, but I think "it's permanent" in the mind of those who implemented the changes
<gchristensen>
permanent yes but that specific location may change
<gchristensen>
and it might be nice to not point to hydra foever
<gchristensen>
(which cannot be pointed elsewhere later)
<samueldr>
sure
<samueldr>
though it also changes things for indexing, not sure how exactly
<adisbladis>
Iirc 301s carry over page ranks to the new url, 302s don't.
<samueldr>
(updated to 302)
<adisbladis>
Don't quote me on that ^
<gchristensen>
hrm
<gchristensen>
:/
<samueldr>
yeah, why I didn't say anything about what I know but not "know"
<gchristensen>
I wonder if a 200 redirect would work :)
<adisbladis>
Huh?
<gchristensen>
a feature of netlify
<adisbladis>
I'm guessing it inserts a bit of js?
<gchristensen>
no
<gchristensen>
nixos.org/nix/install is a "200 redirect"
<samueldr>
is it that it gets proxied by netlify?
<gchristensen>
I think so
<samueldr>
>> 200: "OK". Redirects with this status code will change the server response without changing the URL in the browser address bar. This is used for rewrites and proxying.
<samueldr>
that may be the actually good answer to this
<gchristensen>
nice that you can test it without any access!
<samueldr>
302 the project root (/nixops) and 200 the manual (/nixops/manual)
<gchristensen>
+1
<samueldr>
I'm pretty sure that 301/302 rules for indexing are more guidelines than rules, and that it's part of the inscrutable black box
<samueldr>
but that also, they *do* affect indexing
<gchristensen>
samueldr: I can't tell, did that PR get deployed to a test site?
<gchristensen>
> Netlify credentials not provided, not deployable
<{^_^}>
error: syntax error, unexpected ',', expecting ')', at (string):288:33
<gchristensen>
I think there is a way to make it deploy to a demo site automatically .....
<samueldr>
I think it is intended for it to work
<bhipple>
How is the NixOps manual actually built/tested? It looks like the nixops-aws repo has a copy of all the NixOps generic stuff and other plugins? Is that just dead code?
<bhipple>
Do I build the manual starting from NixOS/nixops and add the nixops-aws repo as a plugin?
<bhipple>
I'm looking at the release.nix and it appears there isn't a separated out target for just building the manual (it inlines some cmds in the tarball tho that I can follow)
<bhipple>
Wondering if I'm on the right track or heading down a rabbit hole here ...
<samueldr>
(I can't help about that, I was only jumping in due to website technicalities)
<bhipple>
The NixOps repo manual build seems to have no understanding of plugins, and the nixops-aws repo seems to have a weird duplication going on but doesn't expect it to be built stand-alone
<bhipple>
Actually, it looks like all the doc stuff in the nixops-aws repo is just dead, and the docs are duplicated in the nixops repo itself
<bhipple>
There's probably some inspiration to be had in the way the NixPkgs manual combines the docs from the various language sections (pyth, rust, golang, etc.)
<adisbladis>
bhipple: I wouldn't get so caught up in what's already there :)
<bhipple>
Now to port the cmd to github actions ...
<bhipple>
https://github.com/NixOS/nixops/pull/1255 it looks like we're moving away from ci.nix back to just having a yaml file, based on some feedback from Eelco. I think I agree with Eelco here that the straightforward yaml file is easier, as long as the CI job is very simple (which nixops-aws is)
<{^_^}>
nixops#1255 (by lovesegfault, 2 days ago, open): ci: move back to hand-written yaml