gchristensen changed the topic of #nixos-borg to: https://www.patreon.com/ofborg https://monitoring.nix.ci/dashboard/db/ofborg?refresh=10s&orgId=1&from=now-1h&to=now "I get to skip reviewing the PHP code and just wait until it is rewritten in something sane, like POSIX shell. || https://logs.nix.samueldr.com/nixos-borg
orivej has quit [Ping timeout: 252 seconds]
jtojnar has quit [Ping timeout: 252 seconds]
orivej has joined #nixos-borg
orivej has quit [Ping timeout: 252 seconds]
orivej has joined #nixos-borg
<gchristensen> LnL: 'round?
<LnL> kind of
<LnL> was sick but almost back to normal now
<gchristensen> oh, ouch, I'm sorry!
<LnL> all good :)
<gchristensen> I'm thinking I might run my ofborg builder in a Xen VM
<gchristensen> what do you think about that?
<gchristensen> my macos one*
<LnL> ah,
<LnL> I don't see a problem with that
<gchristensen> ok, so my thought is to install a NixOS host OS on the mac and run macOS (in a EULA-abiding way) inside that
<gchristensen> and if it works well, maybe admin the hydra macs the same way
<LnL> besides maintaining it and the potential eula issue
<LnL> but maintenance right now isn't great either
<gchristensen> yeah
<gchristensen> I looked at networked KVMs so I could see the screen if SSH is locked up, and it would be like $5k
<gchristensen> -device isa-applesmc,osk="ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc" \
<gchristensen> heh.
<andi-> If you already have working device and all you want is to access something nearby there is this fancy thing: https://www.startech.com/Server-Management/KVM-Switches/USB-Crash-Cart-Adapter~NOTECONS02X
<andi-> I never got to use one of them but always wanted to give it a try :)
<gchristensen> wow!
<gchristensen> ok time to erase this mac and install nixos
<gchristensen> finally, it is coming home
<gchristensen> I took a backup of my files, and like 4 copies of the 5.2gb macos high sierra installer in different formats -- the .dmg it came as, a `dd` of the install USB disk it makes, and a .iso of the DVD it canmake
<gchristensen> nix-shell -p xemu
<gchristensen> no, that isn't right
<gchristensen> nix-shell -p qen
<gchristensen> no, that isn't right
<gchristensen> nix-shell -p qemu
<cransom> the iso inside of the installer .app is all you need for a reinstall. though also, i think if you boot the internet recovery, it will install the last major os revision it had on there. there's no way to wipe that out.
<gchristensen> I deleted the entire disk..?
<cransom> the recovery booter is burned into the machine. you can internet recover from blank disks.
<gchristensen> :O
<gchristensen> amazing!
<cransom> unlike the the typical pc side of things where there's a hidden 2g partition that if you nuke, it's hell to get back.
<andi-> Since when is that undeletable? Last year I managed to wipe the entire disk of a MacBook Air and then the recovery was also borked :/
<cransom> though on the lenovo i have from a couple years ago, at least the windows license is stored in uefi so you can take any media and install windows and it will rekey from there
<cransom> https://support.apple.com/en-us/HT202313 apparently ~2011ish machines if you had updated firmware
<cransom> there is a difference between recovery and internet recovery though. recovery still tries to boot from disk
<gchristensen> :/
<gchristensen> LnL: have you followed the OSX-KVM instructions before?
<LnL> yes
<gchristensen> oh interesting
<gchristensen> it was failing to boot
<gchristensen> I passed -smp 8, cores=6 and it failed
<gchristensen> -smp 8, cores=4 works fine
jtojnar has joined #nixos-borg
<samueldr> gchristensen: curious about xen vs. kvm
<gchristensen> oh?
<samueldr> just wondering why xen
<gchristensen> so I don't actually care
<gchristensen> how would you do it?
<samueldr> I dont really know :)
<gchristensen> yeah
<samueldr> that's why I'm asking "why xen?"
<gchristensen> oh I thought that was a statement not a question
<gchristensen> much of the reason is nixos has a xen module and I don't know better
<gchristensen> :D
<samueldr> haha right
<gchristensen> though I realize now I'musing OSX-KVM so I Should probably use KVM
orivej has quit [Ping timeout: 252 seconds]
<samueldr> might work better, but who knows other than future you
<gchristensen> lol
<gchristensen> right now I'm just using qemu with kvm
<samueldr> qemu-kvm won't get you something "servicey" like xen would I guess
* samueldr is just now looking at xen options in nixos
<gchristensen> not sure I mind
<gchristensen> I can make a systemd service to blow away the HD and run qemu-kvm
<samueldr> also look into the snapshot parameter for qemu
<samueldr> IIRC you can use it so all changes are ephemeral
<gchristensen> :o
<gchristensen> accepting links now :)
<samueldr> man qemu /^\s+-snapshot
<gchristensen> right now the disk is a zfs vdev
<gchristensen> crazy, just passing -snapshot does the thing
<samueldr> I believe the "force the write back by pressin C-a s" is in the qemu console thing, not that the guest can do that
<samueldr> so with -snapshot, and a golden base image, you could probably provision it then start ofborg
<samueldr> it'd take time, but always a clean slate
<gchristensen> yeah
<gchristensen> or take just FS snapshots of the setup progress so it doesn't need to do an ofborg install each boot
<samueldr> looking quicky at explanations, xen HVM is basically qemu
<samueldr> (not that there's anything wrong with that, considering the tooling xen adds on top)
<gchristensen> I have a snapshot already of the disk with a fresh install without even the TZ setup
<gchristensen> https://browser.geekbench.com/v4/cpu/10253338 virtualiing doesn't penalize it much
<gchristensen> gosh I think this is really going to work
<samueldr> why wouldn't it?
<samueldr> :)
<gchristensen> I was expecting something about it to be miserable
<samueldr> you don't need GFX accel which AFAIK is the main issue with macOS virtualization
<gchristensen> I can't get it to properly auto-boot .. hmm
<samueldr> gchristensen: clover wants input?
<gchristensen> yeah
<gchristensen> I've found the option to fix it, but afaict its properly set
<samueldr> AFAIK it's something in the plist you can change /Extra/org.chameleon.Boot.plist
<samueldr> hmm
<samueldr> and you might need the *right* plist file, since it's a separate drive?
<gchristensen> I don't have an /Extra
<samueldr> (I wasn't yet at the point I needed to fix that)
<gchristensen> and the Clover.qcow2 file doesn't present as a drive
<samueldr> I think you'll need to mount the EFI
<samueldr> uh, that ESP
<samueldr> (taking cues from that one time I tried using a hackintosh)
<samueldr> the alternative is using guestfish on the host
<gchristensen> guestfish seems weird I Don't want that
<samueldr> that's only one time to edit the contents of the drive
<samueldr> only issue with guestfish I had (unrelated to osx-kvm) is that it isn't built by hydra
* samueldr is booting his dirty macOS install
<samueldr> at least I won't build on assumptions
orivej has joined #nixos-borg
<LnL> gchristensen: cpu performance should be fine, main thing that might be impacted is disk io I think
<samueldr> if the goal is to always start fresh, the "unsafe but quick" options in qemu should cause the least impact
<gchristensen> I gave it a real device
<samueldr> the default value for "DefaultVolume" in the default clover disk is "clover"
<samueldr> when I formatted I named my volume "macos"
<samueldr> switching it to "macos" works
<samueldr> or alternatively I guess that LastBootedVolume would also work
<samueldr> gchristensen: ^ in case you're just busy enough not to check, and still working on that
<gchristensen> ah, snapshot is passed for the Clover volume so I guess lastbootedvolume is being wiped out
<samueldr> haha, that could explain it
<gchristensen> yay! got auto-boot with a custom Clover image
<gchristensen> thanks for making me realize guestfish was part of nixpkgs, samueldr
<samueldr> might be good to check how it could build on nixos
<samueldr> uh
<samueldr> hydra
<samueldr> it's an awesome tool
<samueldr> I used it in the past to prepare an image for qemu consumption without actually virtualizing and requiring root privileges
* gchristensen erases all the things and starts over from scratch
<samueldr> verifying everything or something's wrong?
<gchristensen> (1) starting from a hand-build bootloader to improve my trust in the safety of the image, (2) writing down what I'm doing :)
<samueldr> nice
<gchristensen> samueldr: do you have suggetions on unsafe but quick options?
<samueldr> gchristensen: unsafe but quick options for?
<gchristensen> qemu
<samueldr> ah
<samueldr> only ones I know are for writing on disk (images?)
<gchristensen> ah
<gchristensen> so like -snapshot
<samueldr> (the description here is the same as for qemu)
<gchristensen> yeah, I get unsafe cache by using -snapshot
<gchristensen> cool
<samueldr> no idea though if it affects non-image use
<samueldr> argh, I would much rather do things like that than work on $client's project
orivej has quit [Ping timeout: 252 seconds]
orivej has joined #nixos-borg
jtojnar has quit [Quit: jtojnar]
jtojnar has joined #nixos-borg
jtojnar has quit [Remote host closed the connection]