<ar>
so while gogs still has some contributions, gitea looks healthier
<manveru>
well, the difference is that gogs uses the dictator model, while gitea has several core devs
<gchristensen>
I'd encourage people to take a look at RhodeCode
<manveru>
and i'd rather stick with what has more devs
<gchristensen>
they use Nix :)
<srk>
need to deploy one I guess
<maurer>
manveru: gogs is dictator, but is google backed, which means if the dictator dies, they'll probably get replaced
<srk>
how hard it would be to create something like ldap compatibility layer so you can ldap without actual ldap?
<maurer>
or, I thought gogs was google backed
<maurer>
maybe I misread
<maurer>
nevermind, I misread
<ar>
srk: what is the problem you're trying to solve?
<manveru>
srk: adding other auth options should be pretty simple... it's written in Go
atu has quit [Ping timeout: 240 seconds]
<maurer>
gchristensen: RhodeCode appears to be closed?
<srk>
ar: git hosting basically
<srk>
ar: well, selfhosting in general
<ar>
srk: what is the problem you're trying to solve with emulating ldap?
<srk>
for personal purposes and small orgs
<gchristensen>
aww bummer
<maurer>
Not closed as in shut down
<ar>
srk: because - from docs - it looks like gitea also has PAM support, and configuring PAM seems by far simpler than writing an ldap-to-somethingelse proxy
<maurer>
but as in the source for the core stuff is not available
<gchristensen>
oh
<srk>
ar: not having to run actual ldap but it's quite common for apps to have ldap support
<srk>
ar: so lets say I'll proxy my-API<>ldap
<maurer>
Oh hm. Maybe it's still there and they just deleted github repositories
<maurer>
Yeah, I'm trying to figure out if the stuff to deploy a node is there
<ar>
srk: also, with openldap you can have some layers/overlays that do lots of funny things, and you can also have openldap ask other services for actual auth (as in userPassword) via sasl
<maurer>
because there's a lot of different repos
<manveru>
i'm pretty sure if we ask nicely rhocode would be happy to host us :)
<manveru>
but ok, the question is then who pays for it, and on whose machine does it run :P
<srk>
need revival but that's easy even with a rewrite to haskell or something
<srk>
*needs
<manveru>
maybe niksnut has space in his basement
<maurer>
manveru: Yeah, there's a difference between "nothing is forever" and "We have one year of VC runway left" though
<maurer>
(I don't know rhodecode's situation)
jtojnar has quit [Remote host closed the connection]
<maurer>
As far as hosting, I suspect that if we can manage to host the nixos cache on S3, we can probably host something like gitea on amazon on a similar budget
<maurer>
(again, only need to bother if something goes wrong with gh, which I don't think it will)
<srk>
manveru: at vpsfree (https://vpsfree.org/) can donate bunch of resources to nixos.org
<manveru>
well, i'm all for restarting this discussion when GH actually does something harmful :)
<srk>
we're a non-profit org that runs containers for members, currently moving to nixos (vpsadminos)
<manveru>
i'm fine with anything that works in nixops... and since you can install nixos OOtB, it seems easy
<gchristensen>
srk: how long does it take to provision a VPS, and how do you deal with abuse?
<srk>
manveru: that's quite high on my todo list :)
<gchristensen>
srk: and, how well would you handle a dozen VPSes being provisioned for just an hour?
<srk>
gchristensen: quickly, just a matter of unpacking a rootfs onto zfs dataset. we don't do hourly accounting (yet)
<srk>
gchristensen: but we can spawn a bunch of vpses for hydra for example that can run all the time on various nodes
<gchristensen>
depending on how you handle abuse, I have a project almost ready to go, but haven't been able to execute because I need a host that will work with me to handle abuse problems
<srk>
gchristensen: and just cpulimit these for example. during night the cluster is *too* idle IMHO :)
<srk>
gchristensen: we'll forward you abuse notices I guess. we're located in czech republic so we have to act according local law
<gchristensen>
do you allow email sending? (hoping no)
<srk>
what do you mean? from our IP blocks?
<gchristensen>
oops I mean running an smtp server on the vps
<srk>
I mean yes, that's the point of "free", right
<gchristensen>
well ... it can be problematic to do that, but okay, that isn't a problem for me specifically
<srk>
we try to educate our members to secure their stuff, like it's not ideal all the time but it works quite well
<srk>
sometimes you can get an IP that was blacklisted due to someones wordpress spamming or something but it's quite rare I would say
<gchristensen>
ok how do we talk further? :)
<gchristensen>
preferrably not super publicly like this
<srk>
query :)
<gchristensen>
on it, in 5min
<srk>
k
atu has quit [Ping timeout: 240 seconds]
<manveru>
srk: so nixops isn't working yet? not even with none backend?
<srk>
or you can write to support mail where more ppl will see it and can offer solution
<srk>
manveru: sure it does :)
<manveru>
what did you mean with todo list then :)
<srk>
manveru: "vpsfree" backend :)
<ar>
srk: i can't find any info about pricing, only the faq question about invoices
<manveru>
ah, cool
<srk>
ar: 12 euro monthly
<ar>
oh. cool
<manveru>
and you prepay the first 3 months
matthewbauer has quit [Ping timeout: 256 seconds]
<__monty__>
ar: >.< it's literally on the frontpage.
snajpa has joined #nixos-chat
<srk>
yeah :) with the resources you get
<manveru>
srk: it's also possible to have multiple VPSs (apart from the temp ones)?
<srk>
snajpa <- is a founding member of vpsfree
<srk>
I need a smoke :D
aither has joined #nixos-chat
<snajpa>
o/
<manveru>
\o
<ar>
__monty__: i see it now
<ar>
,_,
<snajpa>
manveru: yeah you can split it up into up to 4 CTs now
<__monty__>
srk: How about different configs, mostly CPU, mostly storage, etc.?
<snajpa>
vpsAdminOS will have support for custom cgroups, so you'll be able to have a single cgroup on a node and then within that "unlimited" (or a high limit of) containers
<ar>
srk: you're not a LIR, and you're not a RIPE member, no?
<snajpa>
__monty__: as of now only multiples of a basic set of resources for multiples of basic membership fee
<snajpa>
we only dont have our ASN yet, as we only have 1 upstream
<snajpa>
as we're not in network-neutral DC
<snajpa>
(but that's something we're working on too)
<ar>
cool :)
<snajpa>
over the time we've become friends with the guys who run the company where we host, so we'll have our own pipes for not much extra cost when compared to net neutral DCs
<snajpa>
my personal dream why am I doing vpsFree is to build our own datacenter one day
<snajpa>
fully opensource
matthewbauer has joined #nixos-chat
<manveru>
hmm, only thing worrying me is the openvz thing, how does that work with nixos?
<snajpa>
down to the last drawing of last AC unit
<snajpa>
that's a stable thing we're running now, it's been a kind of dead period now between openvz 6 and kernels ~4.9+
<srk>
manveru: you need to include one nix file
<snajpa>
4.9+ is good enough, 4.14+ even better, 4.18 will be hell-yeah, so we have a custom nixos spinoff - #vpsadminos
<manveru>
so you specify the kernel for me?
<snajpa>
yes and if you need to, you can run QEMU/KVM as a first level HW virt inside that containers
<snajpa>
gchristensen: do you have approx idea about the bandwidth on the pipes to the net?
<srk>
but if it's manageable then why not, right
<srk>
manveru: approved! have fun :)
<gchristensen>
snajpa: that is also quite sizable but don't remember exactly
<snajpa>
I'd be more worried about that TBH
<snajpa>
60TB is one time investment in the disk shelf
<snajpa>
I think we could do ~500Mbit continuously, but I have no idea if that isn't like a drop in the sea
<manveru>
srk: awesome, thanks :)
<snajpa>
for the alpine guys it's enough to redistribute it to CDN nodes
<gchristensen>
the org doesn't have a traditional distribution process, it uses cloudfront + s3
<gchristensen>
so we'd need to do some re-imagining of what this looks like exactly
<snajpa>
well if you ever reach that point, pls ping me or srk, we'd be happy to help
<snajpa>
or if you need some builder nodes or some place to put some hw
<snajpa>
gchristensen: re: nixos demo thing
<snajpa>
could we perhaps prepare a demo net with everything necessary to try some stuff out?
<snajpa>
but not the full thing?
<snajpa>
gchristensen: or if we did that ipv6 only, we could dedicate a subnet for that with devnull@ as abuse mailbox + some note in the RIPE DB
<gchristensen>
snajpa: see PM
Sonarpulse has joined #nixos-chat
Myrl-saki has joined #nixos-chat
<Myrl-saki>
Oh, didn't know this exists.
<Myrl-saki>
TIL.
<infinisil>
Myrl-saki: I actually almost don't use number in vim modes
<Myrl-saki>
infinisil: Ah. :P
<Myrl-saki>
infinisil: I wanted to make a minor mode in Emacs that will hilight powers of 4.
<infinisil>
(The fact that numbers are a bit of a pain to type with programmer dvorak helps)
<infinisil>
Heh
<Myrl-saki>
Wait, I'm pretty sure that already exists.
tazjin has joined #nixos-chat
matthewbauer has quit [Read error: Connection reset by peer]
matthewbauer has joined #nixos-chat
Sonarpulse has quit [Ping timeout: 276 seconds]
atu has joined #nixos-chat
Sonarpulse has joined #nixos-chat
<ldlework>
I only have 50 lines of ZNC scrollback. Does anyone know if my answers last night got answered?
<ldlework>
questions*
<ldlework>
infinisil: do I understand correctly, that with your "recursive import" snippet, that any file will be added to imports, such that, if a module does not have a mkIf conditional block around its configuration, then that module's configuration will always be used?
<infinisil>
yup
MichaelRaskin has joined #nixos-chat
<MichaelRaskin>
It's a pity that the Hydra megarebuild fiasco has burned our most obvious argument for «what can MS do worse than just destroying the data.»
<gchristensen>
huh?
<MichaelRaskin>
I mean, isn't it obvious? It could declare each GitHub account also a LinkedIn account, and use «have commits in the same repository» as the contact book.
<gchristensen>
what is the fiasco?
<MichaelRaskin>
That one time when Hydra sent _everyone_ a thousand emails and wanted to send more