gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
<mdash> gchristensen: xml, an improvement on many of its successors
<joepie91> viiiiiiiiiiiiiictoryyyyyyyy
<joepie91> I have a working CSS Modules and ICSS setup!
<joepie91> that's actually spec-compliant!
<joepie91> after two days of work!
<joepie91> I am not at all bitter about the amount of time, blood and tears this required! not at all!
drakonis has quit [Ping timeout: 252 seconds]
alex_giusi_tiri has joined #nixos-chat
jasongrossman has quit [Ping timeout: 246 seconds]
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 250 seconds]
alex_giusi_tiri has left #nixos-chat [#nixos-chat]
drakonis has joined #nixos-chat
jasongrossman has joined #nixos-chat
drakonis_ has quit [Ping timeout: 250 seconds]
drakonis_ has joined #nixos-chat
drakonis_ has quit [Ping timeout: 252 seconds]
drakonis_ has joined #nixos-chat
drakonis1 has joined #nixos-chat
drakonis_ has quit [Ping timeout: 252 seconds]
drakonis_ has joined #nixos-chat
drakonis1 has quit [Ping timeout: 252 seconds]
jackdk has quit [Ping timeout: 240 seconds]
drakonis1 has joined #nixos-chat
drakonis_ has quit [Ping timeout: 252 seconds]
drakonis_ has joined #nixos-chat
drakonis_ has quit [Client Quit]
drakonis1 has quit [Ping timeout: 276 seconds]
jackdk has joined #nixos-chat
jackdk has quit [Remote host closed the connection]
jackdk has joined #nixos-chat
drakonis has quit [Quit: WeeChat 2.2]
<colemickens> I've recently started clearing cookies on exit.
<colemickens> Google now thinks it should show Spanish to me. My IP clearly homes to Seattle WA.
<colemickens> wt
<colemickens> and then after a few minutes reverts back, maybe a server side issue, given what we know about their chat teams
<jasongrossman> colemickens: I find that very reassuring. I hate the idea of companies knowing (correctly) where people are from their IP addresses.
<colemickens> I mean, I'd love them to stop "sniffing" location as language preference, people have complained about Google doing it for over a decade.
<colemickens> The frustration was that there was *no way to change the language* on Hangouts... typical Google's arrogance.
<jasongrossman> colemickens: That's interesting (and interestingly crap).
<jasongrossman> colemickens: Not only is it arrogant of them to think they know where you live, it's also arrogant of them to think they know what languages you can read given where you live. In *most* places there's a language that most people can read, but that's not true everywere.
<colemickens> Yes! That's why I used the word "arrogance", it feels like a big tech co "we know better than you" thing.
<colemickens> And not even in the "we want to limit options to limit the support matrix way", which I understand and sympathize with.
<colemickens> Or maybe not arrogant, but very uhm, dumb American, of them. (I say as a dumb American that can only speak 1 language properly...)
<jasongrossman> Well I can't even spell "everywhere", apparently.
<andi-> I remember when the office /24 of the old job was mapped to Iran.. Took us years to have that corrected.. Many many many hours trying to reach someone there..
<clever> a VPN i used to use, took an "unused" 5.0.0.0/8
<clever> and many years afterwards, it became used
<colemickens> When I was on Twitter I had a few Googlers following that would file bug reports when I ranted about obvious bugs, but I don't want to get back on just to complain.
<clever> then random websites just dont load, because the vpn routed that out its own interface!
<colemickens> Plus they know about this one :P I remember reading about it when "gmail swap" was a thing.
<colemickens> Fun thing - archive.is and friends don't resolve when using CloudFlare's DNS.
<colemickens> Apparently the NSes for archive.* domains send bad results that Cloudflare is unwilling to "workaround".
<simpson> Why must CF have this air of quirkiness and shadiness around them? It's really irritating that a startup can simultaneously get so much of the Internet under their control while being so opaque and questionable.
<jasongrossman> simpson: I agree. Actually, I think they've done some great things (and I don't give praise easily), but I still think it's worrying. Sigh.
<colemickens> Is it a general fear of centralization or have there been specific things? I'm just aware of when they stopped providing DNS for ... Stormfront, maybe? I don't recall exactly.
<colemickens> The thing with archive.*, I don't mind so much, as I understand it's more on the nameserver's probably and I'm okay with a principaled stand of not wanting to re-write DNS results.
<simpson> Their attitude towards the Tor community was frustrating, I bet, for Tor users.
<colemickens> Didn't they go and build Privacy Pass though, to help out with that problem?
<simpson> I guess. They're on Team Enable All JS, too, which is frustrating for me personally.
<colemickens> Ah, that's too bad.
<simpson> I dislike that there are times when, in order to view a static site's static content, I must allow CF to serve me JS because the static site's owner is a CF customer.
<colemickens> Interesting. I've just recently started blocking all third party cookies and have noticed things breaking or the web feeling more hostile. I can't imagine how annoying it is to have JS disabled everywhere.
<colemickens> God I LOVE filling out 5x Captchas a day.
<colemickens> Don't even have to be on Tor, just block third party cookies and clear all on exit, every day Web is annoying. Can't imagine in another 5-10 years.
<simpson> It's not really annoying, just part of browsing. I notice when a site is JS-laden. It's perceptible. I have to reach out and grant the permission. I have to choose.
<colemickens> simpson: how long ago did you start doing this? does your "allow" list sync between Firefox? clients?
<colemickens> simpson: I'm curious but have just avoided it because I've had enough workflow changes lately to give myself a bit of a break....
<simpson> colemickens: Years and years ago, I use NoScript for Firefox, I don't sync between my machines.
<colemickens> okay, thanks, I'll just throw it on and see how it goes.
jackdk has quit [Ping timeout: 245 seconds]
<jasongrossman> Not only do I hate captchas, they're also very slow. Sometimes I haven't got time to do them. So it's not just a minor annoyance.
mmercier has joined #nixos-chat
__monty__ has joined #nixos-chat
__Sander__ has joined #nixos-chat
<joepie91> fuck cloudflare.
<joepie91> fuck cloudflare very, very much.
<joepie91> their entire business is built on lies, and it's gotten them a double-digit percentage insight into web traffic
<joepie91> making accessibility worse for everybody who doesn't run the ideal expected setup
<joepie91> they're an actively bad actor.
mmercier has quit [Quit: mmercier]
Lisanna has joined #nixos-chat
mmercier has joined #nixos-chat
<simpson> But is there proof, or just circumstantial evidence?
<joepie91> simpson: they are actively centralizing the web, they are aware of this and are taking no significant steps to counteract it - both of those are easy to prove, and together they are enough for me to conclude that they are a bad actor, without even needing to consider the *consequences* of that centralization
<simpson> joepie91: That's not sufficient for me to have anything other than a bad feeling about things.
<joepie91> simpson: what more is needed for you?
<simpson> joepie91: A smoking gun. An actual action taken which demonstrates abuse of their logs or similar.
<joepie91> simpson: that's the kind of thing where once you have the proof, it's too late :)
<joepie91> I consider them a bad actor because knowingly centralizing the web is *in and of itself* adversarial behaviour
<joepie91> exactly what is then subsequently done with it is a whole separate concern
<simpson> Yeah, but consider e.g. Vanguard. They're big, they're centralizing, and big centralized piles of money have been poorly managed over the past few decades. Okay. *But* that's not by itself enough.
<simpson> Being angry and scared at big things in society is reactionary. We should prize evidence.
<joepie91> I know nothing about Vanguard, so I cannot speak about them.
<joepie91> simpson: evidence is readily available for the behaviour that I am accusing CF of.
<joepie91> which is in and of itself undesirable.
<simpson> I agree that it smells bad, but bad smell is not convictable. Not even arraignable.
<simpson> A pyramid scheme isn't bad because everybody piles on, but because money isn't being used in the way that it was promised to be used. It's the difference between buying pyramid schemes and buying bonds.
<joepie91> you seem to continue trying to shift the discussion to "they haven't provably abused their power" when that was never the point to begin with
<simpson> Or, maybe closer to home, Google gained dominance by having a good search engine. They (probably) weren't yet evil in the late 90s. It's true that getting big allowed them the chance to misbehave.
<joepie91> the point was that the power accumulation should not have occurred in the first place, and that it directly goes against how the web was designed
<joepie91> and that they are actively and knowingly accumulating power
<joepie91> and that THAT IS THE PROBLEM, in and of itself
<joepie91> what they do *with* the power is not the topic of discussion
<simpson> Yeah, but if that were true, then you'd have been moved by the Vanguard example. A cursory look at their holdings should be sufficient to make you scared of what it means to centralize all that money.
<simpson> Again, I agree that CF gives bad vibes. However, if you want me to have your sort of conviction, you're gonna need *evidence*.
<joepie91> simpson: Vanguard is not centralizing the web, and like I said, I am not familiar with Vanguard. my remarks are specifically in the context of the web.
<joepie91> Vanguard is therefore irrelevant.
<joepie91> it may be relevant to *another* discussion, but not to this one.
<joepie91> and like I said, the evidence for my claim is readily available.
<simpson> Okay. Why doesn't your argument go through for, say, Dreamhost? They're big, they're centralizing, they offer a free tier, they advertise heavily, they serve lots of traffic.
<joepie91> because a) they are not replacing core infrastructure, they are integrating with it on an equal playing field as other providers, and b) they are not being added as an extra unnecessary layer of centralization on top of the bare minimum need-to-trust-a-provider
<simpson> I asked a search engine for "joe's claim's readily available evidence" and I got that 'no reliable scientific evidence' supports your claims: https://www.foodnavigator-usa.com/Article/2018/07/20/No-reliable-scientific-evidence-supports-Trader-Joe-s-alkaline-water-claims-alleges-lawsuit
<simpson> Ah. Which parts are the core?
<simpson> And what is the bare minimum trust, and which providers regularly meet it? Not to put too high of a burden on things, but I've only just now heard of this concept.
<joepie91> simpson: I've written a rather extensive article about cloudflare a while ago that should probably be a start: http://cryto.net/~joepie91/blog/2016/07/14/cloudflare-we-have-a-problem/
<joepie91> since then, they've begun subsuming things like BGP (https://www.cloudflare.com/products/argo-smart-routing/) and the domain registration system (https://www.cloudflare.com/products/registrar/)
<joepie91> more about the latter here: https://twitter.com/joepie91/status/1046193735883771904
<joepie91> they're more broadly starting to replace regular routing mechanisms through edge computing (https://www.cloudflare.com/products/cloudflare-workers/)
<simpson> joepie91: Your first argument looks an awful lot like "Vanguard essentially controls over $5T USD in assets. That's almost 2% of the entire wealth of the world."
drakonis has joined #nixos-chat
<simpson> And the rest of it is "CDNs are scummy middlemen." Which, again, not false! But also not indictable.
<joepie91> I am not making a legal argument here.
<joepie91> I'm making a 'bad actor' argument.
<joepie91> legality is irrelevant.
<simpson> It is *much* easier to see their pile of offerings as pet projects by engineers which they've acquired. CF's young enough that they can hire people to work on pet projects. For example, Workers is based on Kenton (the Protobuf and Capn Proto guy); he joined CF, and they let him work on Capn, and this Workers thing is something he thought would be fun and interesting.
<simpson> Now, yes, it's *also* yet another tentacle that the evil CF octopus is using to become ever-more-essential in our lives, but again, that doesn't mean that it's time for takoyaki.
<gchristensen> I'm surprised to see you come from that perspective
<simpson> I don't like takoyaki personally, but a former roommate does.
<gchristensen> I meant the "pet projects" angle
<simpson> It's true. Kenton's one of those "you don't separate me from my pet projects" people.
<joepie91> simpson: this is irrelevant to them being a bad actor or not.
<joepie91> CF, that is.
<simpson> joepie91: You still need to provide evidence. Do you have evidence for your paid-by-state-actors insinuation, for example?
<gchristensen> A pet project isn't a Pile of pet projects
<joepie91> simpson: if I did, then it wouldn't have been phrased as a possibility, would it?
<simpson> joepie91: So, when CF's registar offering comes online, there will be an inconvenient truth that other registrars are *undercutting* their "at-cost" pricing.
<simpson> joepie91: I don't know; I can't tell what evidence is required for you to believe things!
* joepie91 is rapidly trending towards seeing this as a bad-faith attempt at discussion
<simpson> I just checked and both Namecheap and Dreamhost are offering "sales" which cause them to not just be competitive with, but actually meet and undercut, the listed CF prices. On the CF product which appears to not even have launched.
<simpson> joepie91: No, you just can't deal with disagreement. This isn't our first conversation. Disregard feelings, acquire evidence.
<simpson> Also, it's hilarious that you're the (former?) CF customer and I swore long ago to never purchase anything from them, even free tier, because the feeling I got from them was so shitty.
<joepie91> simpson: registrars have been selling domains at a loss for years. the catch is that it's either first-year-only (with significant markup afterwards), or involves incessant/misleading upselling, or both.
<joepie91> simpson: I'm perfectly fine with being asked for evidence. but I don't feel that you're interpreting that evidence in good faith.
<simpson> And I don't feel that you came to your current position in good faith either. So?
<joepie91> then why are we still having this discussion? evidently nothing productive is going to come out of it.
<simpson> My point is that CF is no different from other registrar+bundled-services vendors, *except* that they refuse to sell domains at a loss apparently? Which sounds like terrible business sense, but whatever.
<simpson> Because I'm not interested in seeing your viewpoint go unexamined. If we let people just *say* stupid shit without thinking, then what will happen to the world?
<joepie91> [15:09] <simpson> My point is that CF is no different from other registrar+bundled-services vendors, *except* that they refuse to sell domains at a loss apparently? Which sounds like terrible business sense, but whatever.
<joepie91> this is a bad-faith and inaccurate interpretation of the point being made.
<joepie91> but frankly I'm tired of correcting these, because you're doing it constantly.
<joepie91> so... this is where I bow out of the discussion.
<simpson> Show some evidence. Also, don't whine about bad faith after directly ignoring two attempts at analogizing and putting things in perspective. You were set in stone from the first moment and are unwilling to examine anything.
<simpson> Good. Bye.
<joepie91> I have shown you evidence.
<simpson> You showed me a blog post and a Twitter rant.
<joepie91> like I said: bad-faith interpretations.
<simpson> Faith, not words, yo. Again, which of us has *actually used CF*? And which of us *makes a lot of noise about not using CF*?
averell has quit [Quit: .]
averell has joined #nixos-chat
aanderse has joined #nixos-chat
__Sander__ has quit [Quit: Konversation terminated!]
<elvishjerricco> New dream for my macbook: One ZFS pool using the entire hard drive. One dataset for my desktop NixOS setup, and one for a NixOS system whose sole purpose is to launch a macOS VM and pass the GPU and other hardware thru to it, with the drive being a zvol. Biggest reason for this being the ability to ZFS snapshot the macOS system.
<gchristensen> elvishjerricco: how do you run the macos vm?
<elvishjerricco> gchristensen: Not sure yet. Still in the dream phase :P
<gchristensen> ok
<elvishjerricco> gchristensen: Let me know if you have any ideas
<gchristensen> because I have a macos a zvol, and have a zfs snapshot right after a fresh install, and I run the VM with qemu
<gchristensen> and then every restart of qemu , the macos zvol is reset back to the snapshot's state
<elvishjerricco> Oh that's neat. Useful for using it as a builder.
<gchristensen> exactly
<elvishjerricco> Yea I'm most interested in this for the ability to rewind after a bad update, and the ability to znapzend macOS
<gchristensen> elvishjerricco: https://github.com/grahamc/nixos-org-configurations/tree/macs-on-linux/macs explore this subdirectory
mmercier has quit [Ping timeout: 264 seconds]
<elvishjerricco> gchristensen: Beautiful
<gchristensen> but are just notes, so ...
<elvishjerricco> I guess my biggest problem will be suspending the system. I have enough trouble with suspending NixOS on this machine as it is, for some reason. Getting a Linux host to respect macOS's choices about suspending would be difficult.
<gchristensen> well macos doesn't need to know about suspension, since it doesn't actually have to set power states
<elvishjerricco> Really? Doesn't the kernel need to suspend?
<gchristensen> when your computer suspends its "CPU" will just stop ticking
<gchristensen> when it wakes back up, it'll just suddenly be in the future a while
<clever> gchristensen: and a dozen timeouts will fire because the cpu locked up for 15 hours
<clever> the clock may also be off
<gchristensen> the host clock will be right, and qemu will forward that on as the hardware clock, and it'll be right
<clever> most OS's only read the hardware clock on bootup
<clever> and then run a software clock on a timer interupt
<clever> and if the cpu hangs, and the guest doesnt know it was suspend
<elvishjerricco> I figure macOS probably does a bunch of crap before and after it suspends a normal system though
<gchristensen> I mean, I dunno, I'm pretty sure I've done this and it worked fine?
<gchristensen> but maybe not
<elvishjerricco> I know macos likes to wake itself up and do some routine stuff like updating apps and whatnot
<elvishjerricco> So that wouldn't be possible if Linux were in charge
<elvishjerricco> Arguably a benefit though :P
<gchristensen> yeah but also linux is in charge
<clever> i'm not sure if virtualbox or qemu support suspend at all
<clever> the guest doesnt seem to think its an option
<elvishjerricco> Scenario: You have a ZFS pool with 20G of space. You create a 15G zvol. You `dd` 15G to it and then snapshot it. Then you `dd` 15G to it again. What happens?
<elvishjerricco> It can't store both the new 15G and the snapshot with just 20G in the pool. So does it just delete the snapshot, or does the zvol stop working?
MichaelRaskin has joined #nixos-chat
<clever> elvishjerricco: i think it will fail with EIO, similar to if a real disk had write failures
<elvishjerricco> clever: I guess the real answer is "Don't let that happen." :P
<clever> yeah
<sphalerite> elvishjerricco: I think it might fail to create the snapshot
<clever> the issue is more that you have 15gig pinned by the 1st snapshot, and only 5gig free
<clever> then you try to write another 15gig to the zvol
<clever> snapshot creation is basically free, since its just adding another GC root
<clever> but writing blocks to something, that already has snapshots, can then increase usage
<elvishjerricco> clever: What if ZFS just doesn't let you make a snapshot unless you have enough free space to rewrite the zvol completely.
<sphalerite> ^ that
<clever> elvishjerricco: the quota and reservation flags may help with that
<elvishjerricco> Interesting advantage of this macOS over Linux idea: The machine can be its own Linux builder for Nix.
<emily> colemickens: meow! I've been happily using your nixpkgs-wayland & sway for a while; I was wondering if there was any progress on Wayland-supporting firefox/chrome, or just a Chrome build with the fix for xinput2 under Xwayland?
drakonis has quit [Ping timeout: 260 seconds]
<colemickens> Emily, I've got someone in #chromium that's offered to help me get a chromium build going. If you file an Issue I'll try to at least do a build with the xinput2 patch.
<colemickens> Emily, as for Firefox, the nightly builds from nixpkgs-wayland and the flatpak have Wayland enabled. However, it's basically unusable under sway, there are open issues on both sides.
<colemickens> Also, happy to hear there are happy users, glad it's being put to use.
<elvishjerricco> clever, sphalerite: Created a 4G zvol under a parent dataset with quota=6G. Attempting to snapshot at all yields `cannot create snapshot 'zroot/vol/vol@1': out of space`. So it appears ZFS won't allow you to reach a scenario where writing to the zvol would require more space than available. Snapshots on zvols remain nicely incremental.
<sphalerite> I thought as much :)
<elvishjerricco> It also means that the space usage of a zvol doubles once you take the first snapshot.
tertl3 has joined #nixos-chat
<elvishjerricco> So the macOS over zvol idea gets worse because of that. If you want to give 256G to macOS, you have to use at least 512G to have snapshots.
<sphalerite> elvishjerricco: only the first snapshot though, right? If you take another snapshot the usage won't go to 768G, only increase by the difference between the two snapshots
<sphalerite> AFAIU
<elvishjerricco> Correct
<sphalerite> and I'm not sure but I'd assume that compression works for zvol snapshots too?
<elvishjerricco> Yea I think so. But macOS uses apfs now, which encrypts everything by default (and just exposes the key if you don't turn FileVault on)
<elvishjerricco> And compressing encrypted data implies the encryption is bad :P
<sphalerite> well unless it does the tradeoff thing where unused regions are transparently so
<sphalerite> and is it impossible to continue to use HFS+?
<elvishjerricco> transparently what?
<clever> sphalerite: something ive looked into a bit bfore, is getting the vm to support trim
<clever> if the guest thinks the ssd supports trim, it will try to trim blocks when deleting things
<elvishjerricco> Mojave turns apfs on for any SSD
<clever> and then zfs can just drop those blocks from the zvol
<elvishjerricco> So if you tell it it's an HDD it'll use HFS
<sphalerite> elvishjerricco: i.e. don't randomise everything when you first format it, meaning that those blocks can be effectively zeroed and nicely compressible.
<elvishjerricco> Ah. But IIRC, don't most file systems prefer to use new blocks rather than reuse old blocks? So eventually that won't matter.
<elvishjerricco> clever: I thought ZFS didn't support trim for some reason.
<clever> elvishjerricco: zfs doesnt support trim on its own vdevs
<clever> but the zvol does support trim, i believe
<clever> so if you try to trim a zvol, the block will just be droppe
<clever> d
<elvishjerricco> Cool. Regardless, ZFS still has to count dropped blocks in the usage calculation of a zvol
<elvishjerricco> So that doesn't much help
<clever> but it wont duplicate those in the snapshots
<elvishjerricco> Ahh
<clever> zvols will reserve the "free" space, but not actually use it
<elvishjerricco> So then qemu just has to support trim
<clever> yep
<clever> and enable trim in darwin
<clever> -drive file=/dev/disk/by-id/wwn-0x5002538d4002d61f,if=none,id=drive-scsi0-0-0-0,format=raw,discard=on" \
<clever> from a random stackoverflow
<elvishjerricco> Cool
<elvishjerricco> sphalerite: Btw, I may have been wrong on the apfs encryption thing. Looks like there's a difference between APFS and APFS (Encrypted)? Still not clear...
<sphalerite> elvishjerricco: maaaaaybe
<elvishjerricco> sphalerite: I'm about to read this to figure it out: https://www.blackbagtech.com/blog/2018/04/02/ask-expert-apfs-encryption/
<elvishjerricco> That article was not helpful :P
<colemickens> emily, I replied above to "Emily", just rementioning in case your client is case sensitive :)
lassulus has quit [Remote host closed the connection]
tertl3 has quit [Quit: Connection closed for inactivity]
lassulus has joined #nixos-chat
jackdk has joined #nixos-chat
__monty__ has quit [Quit: leaving]
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat