gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
<joepie91> posted some extended comments under the gist: https://gist.github.com/edolstra/29ce9d8ea399b703a7023073b0dbc00d#gistcomment-2613564
Synthetica has quit [Quit: Connection closed for inactivity]
<joepie91> can somebody ping edolstra about that? Gist doesn't send out notifications
<gchristensen> you can ping him :)
<joepie91> gchristensen: he's not on here?
<gchristensen> niksnut in #nixos-dev
<joepie91> oh, I was looking for the wrong nick :)
<gchristensen> :)
<joepie91> thanks
<gchristensen> it isn't exactly a secret, but for whatever reason that connection isn't forthcoming :P
<joepie91> no nickname similarity :P
<gchristensen> I super agree w.r.t. include
<joepie91> gchristensen: include mechanisms are one of those "you may think you want X, but you really don't" kind of things :P
<gchristensen> yea
<joepie91> gchristensen: what are your thoughts on my proposed annotation syntax?
<gchristensen> didn't read it all, sorry
<joepie91> gchristensen: ah, skip all the text and scroll to the second code block in https://gist.github.com/edolstra/29ce9d8ea399b703a7023073b0dbc00d#gistcomment-2613564
<joepie91> syntax should be self-explanatory
<gchristensen> hmm seems okay
<joepie91> any problems / ergonomics issues you can see with it?
<infinisil> WHyyy
<gchristensen> sorry joepie91 I really can't focus on that tonight
<infinisil> Why did Java succeed in getting into every universities assignments
<joepie91> alright :)
matthewbauer has quit [Read error: Connection reset by peer]
<infinisil> I thought about implementing something cool, but not having sum types and pattern matching now has me stopping with it
<infinisil> It would be really nice if I would've gotten it done, but it's just not worth the pain
matthewbauer has joined #nixos-chat
<gchristensen> just shell out to ghci
<infinisil> What I got started with was static interval analysis for a compiler, to try to keep the number of necessary array checks to a minimum
<infinisil> Throwing away these 600 lines of code now, it probably would've been another 400 until completion
jtojnar has joined #nixos-chat
<infinisil> Alright, now that I have settled on not making the compiler any better, I feel inclined to write a proper one in Haskell instead
lassulus_ has joined #nixos-chat
lassulus has quit [Ping timeout: 240 seconds]
lassulus_ is now known as lassulus
Lisanna has quit [Quit: Lisanna]
<joepie91> I've had to neuter the archival job for nixpkgs a bit, but it's now steadily going through commits, PRs, issues, etc.
<joepie91> github includes *so much junk*
<joepie91> currently at 157.2GiB data archived, about 4.9 million URLs left in queue, and I hope that continues going down..
<joepie91> (progress at http://dashboard.at.ninjawedding.org/3?showNicks=1 - filter by 'nixpkgs')
Sonarpulse has quit [Ping timeout: 240 seconds]
<ldlework> Is there a fun symbol allowed for an options name that I can use to store local site options under?
<ldlework> infinisil uses like "options.mine.*" for example
<ldlework> is there something even more tricky?
<infinisil> define "tricky"?
<ldlework> just, shorter lol
<ldlework> like is $ magically an allowed name/
<ldlework> options.$.*
<ldlework> something like that
<ldlework> I know you can use quotes to get anything, but meh
<infinisil> Heh, I think _ should work
<infinisil> it's a completely valid identifier
<ldlework> nice
<infinisil> I wouldn't do that though, it doesn't get rid of the problem of naming something, it just gives it the worst possible one
<ldlework> it is semantically devoid
<ldlework> "mine", who's?
<ldlework> just opt out completely
<ldlework> it is just the shortest extraneous namespace possible
<ldlework> Anything that would be usefully semantic would be too long :P
<ldlework> infinisil: the best part
<ldlework> options._.docker.enable = mkEnableOption "Docker";
<ldlework> ._.
<infinisil> Whew :P
<ldlework> lol
<ldlework> infinisil: can you think of an implementation that is kinda like mkIf, but more like a switch statement?
<ldlework> is that just a mkMerge with different mkIf's?
<ldlework> like an option that takes a set of known values, and differing config for each
<ldlework> so that those configurations are exclusive to each other
<ldlework> rather than havein some.foo.enable and some.bar.enable which can be any combination of true and false
tilpner has quit [Ping timeout: 276 seconds]
tilpner has joined #nixos-chat
nckx has quit [Quit: Updating my GNU GuixSD server — gnu.org/s/guix]
nckx has joined #nixos-chat
Lisanna has joined #nixos-chat
Lisanna has quit [Quit: Lisanna]
atu has joined #nixos-chat
atu has quit [Ping timeout: 240 seconds]
atu has joined #nixos-chat
__monty__ has joined #nixos-chat
__monty__ has quit [Ping timeout: 245 seconds]
__monty__ has joined #nixos-chat
<infinisil> ldlework: (if foo then {} else {})?
atu has quit [Ping timeout: 240 seconds]
atu has joined #nixos-chat
ar has joined #nixos-chat
maurer has joined #nixos-chat
srk has joined #nixos-chat
<srk> o/
<ar> \o
<srk> how does gitea handle auth?
<gchristensen> \o/
<srk> like what are your options
<manveru> gitea has username/password
<srk> no oath/openid?
<manveru> i think they also have oauth... lemme check
<ar> srk: ldap, oauth consumer in progress
<maurer> So, gitea says it's a fork of gogs
<srk> pretty cool
<ar> srk: and it can have its own users defined in its own db
<srk> yeah
<maurer> what's the benefits of gitea over gogs?
<ar> maurer: gitea is alive
<maurer> In what sense is gogs not?
<maurer> I see a commit 4 days ago
<ar> most of the devs seem to have moved to gitea
<ar> so while gogs still has some contributions, gitea looks healthier
<manveru> well, the difference is that gogs uses the dictator model, while gitea has several core devs
<gchristensen> I'd encourage people to take a look at RhodeCode
<manveru> and i'd rather stick with what has more devs
<gchristensen> they use Nix :)
<srk> need to deploy one I guess
<maurer> manveru: gogs is dictator, but is google backed, which means if the dictator dies, they'll probably get replaced
<srk> how hard it would be to create something like ldap compatibility layer so you can ldap without actual ldap?
<maurer> or, I thought gogs was google backed
<maurer> maybe I misread
<maurer> nevermind, I misread
<ar> srk: what is the problem you're trying to solve?
<manveru> srk: adding other auth options should be pretty simple... it's written in Go
atu has quit [Ping timeout: 240 seconds]
<maurer> gchristensen: RhodeCode appears to be closed?
<srk> ar: git hosting basically
<srk> ar: well, selfhosting in general
<ar> srk: what is the problem you're trying to solve with emulating ldap?
<srk> for personal purposes and small orgs
<gchristensen> aww bummer
<maurer> Not closed as in shut down
<ar> srk: because - from docs - it looks like gitea also has PAM support, and configuring PAM seems by far simpler than writing an ldap-to-somethingelse proxy
<maurer> but as in the source for the core stuff is not available
<gchristensen> oh
<srk> ar: not having to run actual ldap but it's quite common for apps to have ldap support
<srk> ar: so lets say I'll proxy my-API<>ldap
<maurer> Oh hm. Maybe it's still there and they just deleted github repositories
<samueldr> I think they're dogfooding here https://code.rhodecode.com/
<manveru> jup
<maurer> Yeah, I'm trying to figure out if the stuff to deploy a node is there
<ar> srk: also, with openldap you can have some layers/overlays that do lots of funny things, and you can also have openldap ask other services for actual auth (as in userPassword) via sasl
<maurer> because there's a lot of different repos
<manveru> i'm pretty sure if we ask nicely rhocode would be happy to host us :)
<manveru> since they use nix a ton
<samueldr> https://rhodecode.com/download/community maybe work back from here
<srk> ar: interesting
<srk> ar: any docs you can recommend?
<maurer> manveru: Even if rhodecode turned out to be an amazing product, I don't think we'd want to have our primary hosting be a small company
<ar> srk: not at hand
<srk> (like anything cause openldap-s docs /o\)
<maurer> manveru: If they fall over dead due to lack of revenue, there'd be nothing to be done abou tit
<ar> srk: i had to read openldap docs and discover all that stuff… ,_,
<manveru> maurer: nothing is forever
<srk> I also quite like http://www.bugseverywhere.org/
<srk> (so you can keep issues in your repository)
<manveru> but ok, the question is then who pays for it, and on whose machine does it run :P
<srk> need revival but that's easy even with a rewrite to haskell or something
<srk> *needs
<manveru> maybe niksnut has space in his basement
<maurer> manveru: Yeah, there's a difference between "nothing is forever" and "We have one year of VC runway left" though
<maurer> (I don't know rhodecode's situation)
jtojnar has quit [Remote host closed the connection]
<maurer> As far as hosting, I suspect that if we can manage to host the nixos cache on S3, we can probably host something like gitea on amazon on a similar budget
<maurer> (again, only need to bother if something goes wrong with gh, which I don't think it will)
<srk> manveru: at vpsfree (https://vpsfree.org/) can donate bunch of resources to nixos.org
<manveru> well, i'm all for restarting this discussion when GH actually does something harmful :)
<srk> we're a non-profit org that runs containers for members, currently moving to nixos (vpsadminos)
<gchristensen> srk: oh very cool
<srk> ar: lol :D looks like elaborate trolling
<samueldr> > Based on not-os - small experimental OS for embeded situations.
<samueldr> interesting
<manveru> hmm
<srk> yeah, many thanks to clever for not-os :)
<srk> and the rest for nix* :)
<samueldr> I now wonder for a home-hypervisor, could it be coaxed into working fine?
<srk> basically we are running openvz6 in production and need to move to upstream
<srk> (on zfs)
atu has joined #nixos-chat
<srk> samueldr: sure
<samueldr> neat, I'll have to take a look
<srk> samueldr: you can try "make qemu" and play with it
<samueldr> oh, neater
<srk> yeah, on any OS thanks to nix :D
<samueldr> ruby ♥
<manveru> srk: well, that seems like it's time for me to move from hetzner to you guys :)
<srk> \o/ :)
<samueldr> quick look at the doc + code, osctl (the CLI) is the only interface right now, righ?
<srk> that's the command line interface
<srk> we ran a complete cluster management on top of it
<manveru> i'm fine with anything that works in nixops... and since you can install nixos OOtB, it seems easy
<gchristensen> srk: how long does it take to provision a VPS, and how do you deal with abuse?
<srk> manveru: that's quite high on my todo list :)
<gchristensen> srk: and, how well would you handle a dozen VPSes being provisioned for just an hour?
<srk> gchristensen: quickly, just a matter of unpacking a rootfs onto zfs dataset. we don't do hourly accounting (yet)
<srk> gchristensen: but we can spawn a bunch of vpses for hydra for example that can run all the time on various nodes
<gchristensen> depending on how you handle abuse, I have a project almost ready to go, but haven't been able to execute because I need a host that will work with me to handle abuse problems
<srk> gchristensen: and just cpulimit these for example. during night the cluster is *too* idle IMHO :)
<srk> gchristensen: we'll forward you abuse notices I guess. we're located in czech republic so we have to act according local law
<gchristensen> do you allow email sending? (hoping no)
<srk> what do you mean? from our IP blocks?
<gchristensen> oops I mean running an smtp server on the vps
<srk> I mean yes, that's the point of "free", right
<gchristensen> well ... it can be problematic to do that, but okay, that isn't a problem for me specifically
<srk> we try to educate our members to secure their stuff, like it's not ideal all the time but it works quite well
<srk> sometimes you can get an IP that was blacklisted due to someones wordpress spamming or something but it's quite rare I would say
<gchristensen> ok how do we talk further? :)
<gchristensen> preferrably not super publicly like this
<srk> query :)
<gchristensen> on it, in 5min
<srk> k
atu has quit [Ping timeout: 240 seconds]
<manveru> srk: so nixops isn't working yet? not even with none backend?
<srk> or you can write to support mail where more ppl will see it and can offer solution
<srk> manveru: sure it does :)
<manveru> what did you mean with todo list then :)
<srk> manveru: "vpsfree" backend :)
<ar> srk: i can't find any info about pricing, only the faq question about invoices
<manveru> ah, cool
<srk> ar: 12 euro monthly
<ar> oh. cool
<manveru> and you prepay the first 3 months
matthewbauer has quit [Ping timeout: 256 seconds]
<__monty__> ar: >.< it's literally on the frontpage.
snajpa has joined #nixos-chat
<srk> yeah :) with the resources you get
<manveru> srk: it's also possible to have multiple VPSs (apart from the temp ones)?
<srk> snajpa <- is a founding member of vpsfree
<srk> I need a smoke :D
aither has joined #nixos-chat
<snajpa> o/
<manveru> \o
<ar> __monty__: i see it now
<ar> ,_,
<snajpa> manveru: yeah you can split it up into up to 4 CTs now
<__monty__> srk: How about different configs, mostly CPU, mostly storage, etc.?
<snajpa> vpsAdminOS will have support for custom cgroups, so you'll be able to have a single cgroup on a node and then within that "unlimited" (or a high limit of) containers
<ar> srk: you're not a LIR, and you're not a RIPE member, no?
<snajpa> __monty__: as of now only multiples of a basic set of resources for multiples of basic membership fee
<snajpa> cz.vpsfree
<manveru> __monty__: https://vpsfree.org/faq/ has details about that :)
<snajpa> we only dont have our ASN yet, as we only have 1 upstream
<snajpa> as we're not in network-neutral DC
<snajpa> (but that's something we're working on too)
<ar> cool :)
<snajpa> over the time we've become friends with the guys who run the company where we host, so we'll have our own pipes for not much extra cost when compared to net neutral DCs
<snajpa> my personal dream why am I doing vpsFree is to build our own datacenter one day
<snajpa> fully opensource
matthewbauer has joined #nixos-chat
<manveru> hmm, only thing worrying me is the openvz thing, how does that work with nixos?
<snajpa> down to the last drawing of last AC unit
<snajpa> that's a stable thing we're running now, it's been a kind of dead period now between openvz 6 and kernels ~4.9+
<srk> manveru: you need to include one nix file
<snajpa> 4.9+ is good enough, 4.14+ even better, 4.18 will be hell-yeah, so we have a custom nixos spinoff - #vpsadminos
<manveru> so you specify the kernel for me?
<snajpa> yes and if you need to, you can run QEMU/KVM as a first level HW virt inside that containers
<ar> at warsaw hackerspace we have our own "DC" and we're also a LIR, but we don't design our own AC units
<srk> manveru: that's the old infra we're trying to get rid of kind-of
<srk> manveru: not needed on staging anymore
<manveru> alright
<ar> (AS204880)
<manveru> well, seems reasonable enough :)
<snajpa> ar: nice :)
<manveru> i've tried other VPS, found out later they had only openvz, and i couldn't do shit :P
<snajpa> ar: the reason this is in a commercial DC is that they guarantee some level of availability + there's 24/7 remote hands-on support
<__monty__> snajpa: I assume the .08/GB is monthly?
<ar> snajpa: well, we have 24×7 access to the hackerspace, and we have members who live nearby ;)
<srk> ar: I live 10 minutes from ours ;D
<snajpa> __monty__: yep
<ar> but it's still mostly a YOLO-COLO thing
<snajpa> YOLO-COLO lol
<snajpa> sounds like a good sign theme for our hackerspace's rack lab
<srk> lol :D
<manveru> srk: k, i signed up... gonna be fun :)
<snajpa> manveru: thx for the interest :)
<snajpa> btw, if you guys @ nixos project need any infra, feel free to ping us
<snajpa> we could at least do a binary cache mirror or something :)
<snajpa> and some builders/QA nodes
<gchristensen> good to know w.r.t. mirroring
<gchristensen> it is a lot though ...
<snajpa> hey we're going to depend on your stuff :D
<gchristensen> maybe a mirror subset :)
<snajpa> it's the least we can do :D
<snajpa> how much are we talking?
<gchristensen> the entire binary cache was like 60TB a year ago, because it contains every build ever done on hydra.nixos.org
<snajpa> holy cow
<ar> wow. that's more storage than i have on my desktop
<gchristensen> but a binary cache's "working set" is obviously a SMALL fraction of that
<__monty__> : o That's amazing, I didn't know the hydra cache had inf-retention.
<srk> yeah, crazy :)
<ar> NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT
<ar> monolith 43.5T 36.7T 6.75T - 41% 84% 1.18x ONLINE -
<snajpa> gchristensen: do you have approx idea about the bandwidth on the pipes to the net?
<srk> but if it's manageable then why not, right
<srk> manveru: approved! have fun :)
<gchristensen> snajpa: that is also quite sizable but don't remember exactly
<snajpa> I'd be more worried about that TBH
<snajpa> 60TB is one time investment in the disk shelf
<snajpa> I think we could do ~500Mbit continuously, but I have no idea if that isn't like a drop in the sea
<manveru> srk: awesome, thanks :)
<snajpa> for the alpine guys it's enough to redistribute it to CDN nodes
<gchristensen> the org doesn't have a traditional distribution process, it uses cloudfront + s3
<gchristensen> so we'd need to do some re-imagining of what this looks like exactly
<snajpa> well if you ever reach that point, pls ping me or srk, we'd be happy to help
<snajpa> or if you need some builder nodes or some place to put some hw
<snajpa> gchristensen: re: nixos demo thing
<snajpa> could we perhaps prepare a demo net with everything necessary to try some stuff out?
<snajpa> but not the full thing?
<snajpa> gchristensen: or if we did that ipv6 only, we could dedicate a subnet for that with devnull@ as abuse mailbox + some note in the RIPE DB
<gchristensen> snajpa: see PM
Sonarpulse has joined #nixos-chat
Myrl-saki has joined #nixos-chat
<Myrl-saki> Oh, didn't know this exists.
<Myrl-saki> TIL.
<infinisil> Myrl-saki: I actually almost don't use number in vim modes
<Myrl-saki> infinisil: Ah. :P
<Myrl-saki> infinisil: I wanted to make a minor mode in Emacs that will hilight powers of 4.
<infinisil> (The fact that numbers are a bit of a pain to type with programmer dvorak helps)
<infinisil> Heh
<Myrl-saki> Wait, I'm pretty sure that already exists.
tazjin has joined #nixos-chat
matthewbauer has quit [Read error: Connection reset by peer]
matthewbauer has joined #nixos-chat
Sonarpulse has quit [Ping timeout: 276 seconds]
atu has joined #nixos-chat
Sonarpulse has joined #nixos-chat
<ldlework> I only have 50 lines of ZNC scrollback. Does anyone know if my answers last night got answered?
<ldlework> questions*
<ldlework> infinisil: do I understand correctly, that with your "recursive import" snippet, that any file will be added to imports, such that, if a module does not have a mkIf conditional block around its configuration, then that module's configuration will always be used?
<infinisil> yup
MichaelRaskin has joined #nixos-chat
<MichaelRaskin> It's a pity that the Hydra megarebuild fiasco has burned our most obvious argument for «what can MS do worse than just destroying the data.»
<gchristensen> huh?
<MichaelRaskin> I mean, isn't it obvious? It could declare each GitHub account also a LinkedIn account, and use «have commits in the same repository» as the contact book.
<gchristensen> what is the fiasco?
<MichaelRaskin> That one time when Hydra sent _everyone_ a thousand emails and wanted to send more
<gchristensen> aahhhh
<samueldr> ldlework: you can always check the chat logs :) https://logs.nix.samueldr.com/nixos-chat/2018-06-08
atu has quit [Ping timeout: 245 seconds]
<ldlework> neat
atu has joined #nixos-chat
matthewbauer has quit [Remote host closed the connection]
matthewbauer has joined #nixos-chat
<ldlework> The displayManager modules don't work like this at all
__monty__ has quit [Quit: leaving]
matthewbauer has quit [Remote host closed the connection]
matthewbauer has joined #nixos-chat
matthewbauer has quit [Remote host closed the connection]