samueldr changed the topic of #nixops to: NixOps related talk | logs:
abathur has joined #nixops
nuncanada2 has quit [Ping timeout: 268 seconds]
<DigitalKiwi> why'd nixops move
<samueldr> you mean the website?
<samueldr> it's been a long time coming, as hydra's
<samueldr> it was spoken of since before I started being involved with the nixos project
<DigitalKiwi> yes that
<adisbladis> I think it's very unfortunate that there is no reference to nixops on
<adisbladis> But there is one to disnix? :S
<adisbladis> Very strange
<gchristensen> there is
<gchristensen> but I'm sure it will again, maybe open an issue to make sure?
<adisbladis> gchristensen: Not in the menu
<adisbladis> When you click in the upper left corner
<DigitalKiwi> and this stopped showing nixos-unstable?
<gchristensen> ah. give it time :P in flux. anyway, I promised I'd be going to bed , so here I go :P
<DigitalKiwi> and seems to be a lot slower but that could be on my end
<samueldr> nixos-unstable going away from that list was not an accident
<samueldr> (though feel free to open an issue about that)
<samueldr> it could be slower to download, but it's unlikely, except if netlify gzips poorly the output
<DigitalKiwi> yeah, not in the mood to get told off again
<DigitalKiwi> if it wasn't an accident then i'm sure an issue would be unwelcome
abathur has quit [Ping timeout: 258 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 260 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 256 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 256 seconds]
abathur has joined #nixops
abathur has quit [Ping timeout: 255 seconds]
abathur has joined #nixops
<aminechikhaoui> gchristensen do you know if buildkite needs a special setup for open-source free version ?
<aminechikhaoui> it says 14 days free trial for a simple account I created where I didn't do anything yet
<gchristensen> ping me in 1h, I didn't mean to see this :)
<aminechikhaoui> sure
<adisbladis> aminechikhaoui: Are you thinking to use buildkite for nixops ?
<gchristensen> (this is not hard)
<aminechikhaoui> yeah want to experiment a bit with it first
<adisbladis> aminechikhaoui: We have capacity in the build machine we use for nix-community.
<adisbladis> Personally I'd really like to use github actions if we could get their self-hosted runners working.
<aminechikhaoui> adisbladis how does secret mgmt work with Github actions ?
<adisbladis> It doesn't I think?
<adisbladis> I mean it's not like buildkite has a satisfactory answer to that either.
* gchristensen wishes he could participate more in this chat :x
<adisbladis> gchristensen had some interesting ideas around using vault for short-lived secrets
<adisbladis> So even _if_ something would leak we'd be fine
<aminechikhaoui> buildkite you run things on your machines right, so at least you can manage secrets but yeah it doesn't prevent them being exposed by mistake
<aminechikhaoui> yeah vault would be ideal, but then would that mean hosting our own vault instance
<adisbladis> aminechikhaoui: Right, when I say github actions I mean a github actions setup with a runner on our own machines
<aminechikhaoui> oh that can be done
* aminechikhaoui goes to read about Github actions
<adisbladis> It's just a PITA to package
<adisbladis> zimbatm made some great progress in that area, I don't know where it ended up
<adisbladis> Migrating buildkite<->github-actions shouldn't be too hard though, so we may start with buildkite if we're blocked on the runner situation?
<gchristensen> <3 buildkite
<aminechikhaoui> I guess I can experiment with nixops-libvirt or nixops-vbox where there is no problem with secrets
<aminechikhaoui> but Github actions or buildkite doesn't really matter to me as long as it does the job :-)
<adisbladis> I like the UX of having all build output integrated in the github web interface :>
<adisbladis> Other than that not very strong opinions
<aminechikhaoui> heh it's been a while since I didn't see a C# codebase :D
<adisbladis> :D
<aminechikhaoui> is this post Microsoft ?
<adisbladis> aminechikhaoui: It's actually a forked azure devops runner
<aminechikhaoui> ah definitely post Microsoft then
<adisbladis> Yeah
<adisbladis> In any case let's not get blocked on whether the bike shed should have a github or a buildkite logo :)
<aminechikhaoui> yup :)
<gchristensen> +1
<adisbladis> Btw, aminechikhaoui (& gchristensen )
<adisbladis> I'd love some feedback on
<{^_^}> nixops#1256 (by adisbladis, 1 day ago, open): RFC: Use Poetry & Poetry2nix for environment and plugin management
<aminechikhaoui> yes on my todo to read that, thanks
<adisbladis> Great =)
bhipple has joined #nixops
<bhipple> Is there a way we can make this redirect to the lastest Hydar build instead?
<samueldr> checking this
<bhipple> It's the top hit on Google, for instance:
<samueldr> yep, I agree
<bhipple> and currently results in Page Not Found
<gchristensen> bhipple++ samueldr++
<{^_^}> bhipple's karma got increased to 6, samueldr's karma got increased to 186
<{^_^}> nixos-homepage#344 (by samueldr, 13 seconds ago, open): Redirect hydra and nixops manuals to the latest hydra builds
<gchristensen> maybe 302? not sure how permanent 301 is
<adisbladis> gchristensen: Extremely permanent.
<adisbladis> Imho 301 should almost never be used.
<gchristensen> I think a 302 would be better then
<adisbladis> Yes, we should replace all 301s with 302s
<adisbladis> If you ever want to change your mind on URLs that is
wirew0rm has joined #nixops
gchristensen has joined #nixops
<adisbladis> "At least two browsers - Chrome and Firefox - will cache a 301 redirect with no expiry date."
<gchristensen> well let's not do that as part of *this* PR.
<bhipple> I believe they reconsider the cache if the webpage fails to load, but otherwise never expire
<adisbladis> gchristensen: I'm making a PR to update that.
<bhipple> Anyways, I was wondering if there's any documentation on building a custom NixOS AMI and using it with nixops?
<bhipple> I see there's deployment.ec2.ami, wondering how to make/build/upload the AMI itself
<gchristensen> nixos maintainer scripts ec2
<gchristensen> my thinking about Actions is it's probably easiest to just get some creds on a box with buildkite and Get It Done
<gchristensen> we don't need to make the logs public For Now
<gchristensen> and step 2 can be use expiring creds always and public logs
<adisbladis> +1
<adisbladis> Like I said: We can use the nix-community machine
<gchristensen> that too
<gchristensen> doesn't matter
<adisbladis> Already has buildkite set up and ready to go :>
<gchristensen> aminechikhaoui: did you create a NixOS organization? if so, can you add me to it? it is easy to get it exempted for free access for OSS. I have three such orgs :P
<samueldr> I was only going with 301 because of the other redirects, though 302 may indeed be better, but I think "it's permanent" in the mind of those who implemented the changes
<gchristensen> permanent yes but that specific location may change
<gchristensen> and it might be nice to not point to hydra foever
<gchristensen> (which cannot be pointed elsewhere later)
<samueldr> sure
<samueldr> though it also changes things for indexing, not sure how exactly
<adisbladis> Iirc 301s carry over page ranks to the new url, 302s don't.
<samueldr> (updated to 302)
<adisbladis> Don't quote me on that ^
<gchristensen> hrm
<gchristensen> :/
<samueldr> yeah, why I didn't say anything about what I know but not "know"
<gchristensen> I wonder if a 200 redirect would work :)
<adisbladis> Huh?
<gchristensen> a feature of netlify
<adisbladis> I'm guessing it inserts a bit of js?
<gchristensen> no
<gchristensen> is a "200 redirect"
<samueldr> is it that it gets proxied by netlify?
<gchristensen> I think so
<samueldr> >> 200: "OK". Redirects with this status code will change the server response without changing the URL in the browser address bar. This is used for rewrites and proxying.
<samueldr> that may be the actually good answer to this
<gchristensen> nice that you can test it without any access!
<samueldr> 302 the project root (/nixops) and 200 the manual (/nixops/manual)
<gchristensen> +1
<samueldr> I'm pretty sure that 301/302 rules for indexing are more guidelines than rules, and that it's part of the inscrutable black box
<samueldr> but that also, they *do* affect indexing
<gchristensen> samueldr: I can't tell, did that PR get deployed to a test site?
<gchristensen> > Netlify credentials not provided, not deployable
<{^_^}> error: syntax error, unexpected ',', expecting ')', at (string):288:33
<gchristensen> I think there is a way to make it deploy to a demo site automatically .....
<samueldr> I think it is intended for it to work
<bhipple> How is the NixOps manual actually built/tested? It looks like the nixops-aws repo has a copy of all the NixOps generic stuff and other plugins? Is that just dead code?
<bhipple> Do I build the manual starting from NixOS/nixops and add the nixops-aws repo as a plugin?
<bhipple> I'm looking at the release.nix and it appears there isn't a separated out target for just building the manual (it inlines some cmds in the tarball tho that I can follow)
<bhipple> Wondering if I'm on the right track or heading down a rabbit hole here ...
<samueldr> (I can't help about that, I was only jumping in due to website technicalities)
<bhipple> The NixOps repo manual build seems to have no understanding of plugins, and the nixops-aws repo seems to have a weird duplication going on but doesn't expect it to be built stand-alone
<bhipple> Actually, it looks like all the doc stuff in the nixops-aws repo is just dead, and the docs are duplicated in the nixops repo itself
<bhipple> Probably better to take it onto an issue, of which there already is one:
<{^_^}> nixops-aws#19 (by tbenst, 16 weeks ago, open): Make fails
<gchristensen> bhipple: the plugins stuff is super in flux (cc adisbladis, aminechikhaoui :))
<bhipple> done: not reference it when generating the release, so best to delete it to avoid
<bhipple> err
<{^_^}> nixops-aws#26 (by bhipple, 1 minute ago, open): Remove the duplicated nixops manual
<bhipple> We'll see what they say
<bhipple> it looks like the nixops-aws repo has a lot of dead cruft from the split and needs some tender loving care, e.g.
<{^_^}> nixops-aws#25 (by bhipple, 6 minutes ago, open): Fix dev-shell exclusion reference non-existent target
<gchristensen> nice!
<gchristensen> will merge soon, if amine doesn't first :)
<adisbladis> I wonder what building docs would look like with plugins...
<bhipple> yeah, not sure what the contract would be there. Mechanically, we'd have to make this target aware of the plugins:
<bhipple> There's probably some inspiration to be had in the way the NixPkgs manual combines the docs from the various language sections (pyth, rust, golang, etc.)
<adisbladis> bhipple: I wouldn't get so caught up in what's already there :)
* adisbladis wants to change a lot
<bhipple> How about we start with this then :)
<{^_^}> nixops-aws#22 (by bhipple, 4 weeks ago, open): Format python code with Black 19.10b0
<adisbladis> I don't have commit bit to nixops (yet?), but looks like a no-brainer to me
<bhipple> Is there anyone besides Amine? He's the only one who's been merging my PRs:
<bhipple> Even tho you can't commit, it might be helpful to comment/approve the black format review to show moral support, like Graham did
<bhipple> :)
<adisbladis> :)
<adisbladis> bhipple: You might have some opinions on ?
<{^_^}> nixops#1256 (by adisbladis, 1 day ago, open): RFC: Use Poetry & Poetry2nix for environment and plugin management
<bhipple> I saw it, but I don't actually know much about Poetry yet
<adisbladis> In particular this is roughly how I envision we package up nixops+plugins
<bhipple> I'm still struggling to just compile the manual :'(
<bhipple> baby steps ...
<aminechikhaoui> gchristensen yes I created a NixOS organization but did nothing in it yet, I'll invite you
dhess has quit [*.net *.split]
dhess has joined #nixops
GlennS has joined #nixops
<bhipple> aminechikhaoui: any thoughts on these open PRs to nixops-aws?
abathur has quit [Ping timeout: 265 seconds]
myskran has joined #nixops
<aminechikhaoui> thanks bhipple !
myskran has quit [Ping timeout: 258 seconds]
<bhipple> Thanks for the review/merge! I have this to add it into CI as well now that we've decided to use it:
<{^_^}> nixops-aws#27 (by bhipple, 2 minutes ago, open): Add black formatting check to PR validation in CI
<gchristensen> yay!
<gchristensen> bhipple++ this is great
<{^_^}> bhipple's karma got increased to 7
<adisbladis> I think formatting should only be done against a single channel, and a pinned one at that
<gchristensen> I agree, but also I'm not going to turn away a PR making it better now, even if not perfect
<adisbladis> My concrete proposal is just to remove the 19.09 check
<bhipple> I can make it run against a completely pinned channel, one sec
<gchristensen> bhipple: would you be up to making it use GitHub Actions, too?
<bhipple> I don't think I have permission/entitlement to test/add/integrate that, but I'd be up for it otherwise.
<bhipple> as in, I think GitHub Actions is a material improvement
<gchristensen> delete mypy tsuff for now, at a minimum
<gchristensen> delete stuff until it works imo. the repo isn't running travis test seven.
<bhipple> oh lol :'(
<bhipple> Spent time today trying to compile a manual that doesn't exist and update a CI job that doesn't run
<bhipple> haha
<gchristensen> :') it is important work
<adisbladis> Graham suggested to me that we might wanna use RST instead
<aminechikhaoui> yeah some files are still around from the time we did the split of the repository
<adisbladis> Which would probably mean Sphinx
<gchristensen> I'll take any PR which makes anything better at all tbh
<adisbladis> I think it's a really good idea to be more closely aligned to what's used in the python community
<gchristensen> yes I just don't want to stop a small improvemnet in the goal of a big one
<bhipple> I've now updated to something completely deterministic that will not break someday :)
myskran has joined #nixops
<bhipple> Now to port the cmd to github actions ...
<bhipple> it looks like we're moving away from ci.nix back to just having a yaml file, based on some feedback from Eelco. I think I agree with Eelco here that the straightforward yaml file is easier, as long as the CI job is very simple (which nixops-aws is)
<{^_^}> nixops#1255 (by lovesegfault, 2 days ago, open): ci: move back to hand-written yaml
myskran has quit [Ping timeout: 250 seconds]
<bhipple> aminechikhaoui: can you give the github actions job in a try?
<{^_^}> nixops-aws#27 (by bhipple, 21 minutes ago, open): Add black formatting check to PR validation in CI
<bhipple> gchristensen: take a look at my ci.yaml and LMK if you spot anything amiss. AFAIK I can't test it without help from aminechikhaoui
<gchristensen> I think we have to merge it to get it to work
<aminechikhaoui> yeah not sure how to activate it from the PR
<bhipple> it looks like it's working!!!
<gchristensen> woot!
<bhipple> Wow this UI is really slick, and tightly integrated with GitHub too ... RIP travis
<gchristensen> travis died last January :P
<bhipple> this pull request CI couldn't be easier, so nice
<{^_^}> nixops-aws#28 (by bhipple, 2 minutes ago, open): autoflake: remove unused stdlib imports
myskran has joined #nixops
myskran is now known as abathur
bhipple has quit [Ping timeout: 265 seconds]
bhipple has joined #nixops
<dhess> How does one use buildkite for NixOps? Anyone have an example of a config?
<gchristensen> dhess: I have 1 agent which can deploy, and I use this
<dhess> gchristensen: oh so the buildkite agent actually runs the deploy?
nuncanada2 has joined #nixops