gchristensen changed the topic of #nixos-borg to: https://www.patreon.com/ofborg https://monitoring.nix.ci/dashboard/db/ofborg?refresh=10s&orgId=1&from=now-1h&to=now "I get to skip reviewing the PHP code and just wait until it is rewritten in something sane, like POSIX shell. || https://logs.nix.samueldr.com/nixos-borg
<{^_^}> openssl/openssl#6988 (by parasssh, 34 weeks ago, open): Support Ed25519 sign/verify operations from OpenSSL CLI
orivej has quit [Ping timeout: 255 seconds]
<gchristensen> oh good grief, the darwin build queue is big
<infinisil> gchristensen: I have some bash for ya
<infinisil> To generate an (encrypted) RSA private key: openssl genpkey -algorithm rsa -aes-256-cbc -out private_key
<infinisil> (drop the -aes-256-cbc if you don't want to encrypt it)
<infinisil> To derive the public key: openssl pkey -in private_key -pubout -out public_key
<infinisil> To create a base64 signature: openssl dgst -sign private_key -pass pass:<password> message_file | openssl base64 -e -out signature
<infinisil> (drop the -pass .. if you didn't encrypt the private key, also supports -pass env:PASSWORD)
<infinisil> And on my end I'll verify with: openssl dgst -verify public_key -signature <(openssl base64 -in signature -d) message_file
<gchristensen> thanks, infinisil !
<gchristensen> I very dearly wish I could easily get darwin build cores :(
<infinisil> (also you might want to remove \n from the signature)
MichaelRaskin has quit [Quit: MichaelRaskin]
orivej has joined #nixos-borg
orivej has quit [Ping timeout: 255 seconds]
andi- has quit [Ping timeout: 250 seconds]
andi- has joined #nixos-borg
andi- has quit [Excess Flood]
andi- has joined #nixos-borg
andi- has quit [Ping timeout: 240 seconds]
andi- has joined #nixos-borg
orivej has joined #nixos-borg
<samueldr> is it a failure that ofborg should (with appropriate addition) detect?
<samueldr> it's on tarball *build*
<gchristensen> would-be-nice, but-not-yet
<samueldr> not yet because of?
<gchristensen> ofborg doesn't build untrusted stuff
<samueldr> I guess "checks don't build" or something like that?
<samueldr> yeah
<gchristensen> that is a high priority thing for me
<samueldr> and I see how "but tarball is not scary" is scary since a PR can be opened and replace tarball with anything :)
<gchristensen> or any of its dependencies :)
<samueldr> though here warnings on the module system could realistically be an eval thing like check meta?
<samueldr> (not as useful as a full blown tarball build though)
<gchristensen> ah!
<gchristensen> yev
<gchristensen> yes
<gchristensen> the evalution stats work I'm doing could catch that, as it reads stderr for stats
<gchristensen> and that'd cause a failure to read stats
orivej has quit [Read error: Connection reset by peer]
orivej has joined #nixos-borg