gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
<samueldr> while I'm in a downtime, before picking back up the subject: anyone already has (no need to google it for me :)) good resources and/or tools for using U2F for misc. purposes? yubikey-specific solutions far too often pollute the results while here I'm looking into using a U2F-only thing
<samueldr> found a couple things already, but curious about what people have on hand
Synthetica has quit [Quit: Connection closed for inactivity]
<pie__> has anyone thought of patching ldd for nixos so it works on executables that have the wrong interpreter, or would that not make sense
<samueldr> I need to search about it, but doesn't ldd actually use the interpreter to work?
<samueldr> does not corroborate what I said directly, but that's what I had in mind
<samueldr> right, I forgot to read the man page segment they quoted :/ it does corroborate :)
<pie__> samueldr, i figured something like that :/
<pie__> joepie91, ugh looks like nixpkgs stance on propreitary stuff is a pain in the ass. so much for a big repo 'o errything ;P
<pie__> re: wine stuff
<elvishjerricco> Noob to NAT here: I have a tinc network connecting several machines. If I turned one of the machines into a NAT, then all the other machines would be able to see the IPs visible to the NAT machine on its external interface, right?
sir_guy_carleton has joined #nixos-chat
<pie__> elvishjerricco, i dont thiiiink so?
<pie__> elvishjerricco, youd at least probably have to set up the routes?
drakonis has joined #nixos-chat
<elvishjerricco> What does that mean?
<pie__> im not sure. you probably need to tell the other machines the external world exists through the NATed machine, regardless of NAT
<pie__> im not that good at this stuff either :P
<pie__> if youre trying to set up some kind of gateway, in my experience, iirc, you will need to set up ip forwarding, and probably masquerading
<elvishjerricco> What is masquerading?
<pie__> Guides Exist (TM)
<pie__> im not sure but it makes things work through my nat :D
<elvishjerricco> haha alright. I'll look into that another time.
<pie__> probably some kind of remapping that happens so that to external machines, it looks like they are talking to the gateway, but for the internal machines, like they are talking to the external machine? idk
<elvishjerricco> Basically I'm kind of wondering if I can make my own VPN router. i.e. traffic my internet usage through my own server
<elvishjerricco> and still let the machines see each other even if they're physically remote
<elvishjerricco> Another problem there that I don't know the answer to: What service on a router facilitates the ability to find a local machine by its hostname?
<pie__> @ the first thing, yeah im pretty sure that you can do that mostly fine
<pie__> but someone better at networkign would be nice to ask
<pie__> no, let me change that, you can definitely do that, with some caveats probably
<pie__> the local machine by hostname stuff..mayyyy be dhcp? that doesnt make a whole lot of sense to me though. i find it more likely that the router is probably using some local dns server
<pie__> i have dns stuff set up for my vpn but its kind of (slightly?) a pain in the ass/ugly, everything needs to be running its own local dns server
<elvishjerricco> pie__: Yea, did some reading, and I *think* with DHCP, the router can inform the clients what nameservers it wants them to use. So obviously it can just tell them to use itself, and then it just runs a nameserver that resolves the hostnames
<pie__> yeah
<pie__> so what i did is set up a dns server that gets queried, and the machine local dns servers have a setting that the .lan TLD gets mapped to the VPN server, and everything else goes to the usual normal dns servers
<pie__> or somethng like that
hedning has quit [Quit: hedning]
lassulus_ has joined #nixos-chat
lassulus has quit [Ping timeout: 272 seconds]
lassulus_ is now known as lassulus
sir_guy_carleton has quit [Quit: WeeChat 2.2]
pie__ has quit [Remote host closed the connection]
pie__ has joined #nixos-chat
drakonis has quit [Ping timeout: 250 seconds]
endformationage has quit [Quit: WeeChat 2.3]
pie__ has quit [Ping timeout: 250 seconds]
pie__ has joined #nixos-chat
jasongrossman has quit [Remote host closed the connection]
jasongrossman has joined #nixos-chat
pie__ has quit [Ping timeout: 250 seconds]
emily has quit [Ping timeout: 260 seconds]
ottidmes has joined #nixos-chat
jasongrossman has quit [Ping timeout: 250 seconds]
__monty__ has joined #nixos-chat
jasongrossman has joined #nixos-chat
sir_guy_carleton has joined #nixos-chat
hedning has joined #nixos-chat
ottidmes has quit [Ping timeout: 240 seconds]
endformationage has joined #nixos-chat
Synthetica has joined #nixos-chat
etu has quit [Quit: WeeChat 2.3]
etu has joined #nixos-chat
obadz has quit [Ping timeout: 245 seconds]
obadz has joined #nixos-chat
jD91mZM2 has joined #nixos-chat
jD91mZM2 has quit [Quit: WeeChat 2.2]
pie__ has joined #nixos-chat
pie__ has quit [Remote host closed the connection]
pie__ has joined #nixos-chat
drakonis has joined #nixos-chat
<pie__> joepie91, youre interested in my wine kludgery right
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-chat
pie__ has quit [Ping timeout: 250 seconds]
ottidmes has joined #nixos-chat
rawreraw has joined #nixos-chat
pie__ has joined #nixos-chat
rawreraw has quit [Client Quit]
pie___ has joined #nixos-chat
pie__ has quit [Read error: Connection reset by peer]
emily has joined #nixos-chat
pie___ has quit [Remote host closed the connection]
pie___ has joined #nixos-chat
pie___ has quit [Remote host closed the connection]
pie__ has joined #nixos-chat
pie___ has joined #nixos-chat
pie__ has quit [Ping timeout: 252 seconds]
pie__ has joined #nixos-chat
pie___ has quit [Ping timeout: 252 seconds]
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-chat
<infinisil> Aw man
<infinisil> I made a one-char mistake
<infinisil> A one-bit mistake even
<infinisil> I put a 1 instead of a 0, literally
<infinisil> And all hell breaks loose
<samueldr> you can't leave us hanging like that
<__monty__> How many ICBMs do you want to launch? 1. Aww man, one bit off, don't be such a spoilsport.
<infinisil> Ahhh, finally fixed
<infinisil> So
<infinisil> In my server's openvpn config i changed the line `tls-auth <fixed-file> 0` to `tls-auth <dynamic-file> 1` by accident (I deleted the 0 and thought it was a 1 that I deleted)
<infinisil> This number indicates the direction, 0 for server, 1 for client..
<infinisil> Meaning my openvpn config didn't work anymore
<infinisil> And because I rely on openvpn to have good internet (my route/ISP does some fuckery), I ended up without any working internet, on all my machines at home
<infinisil> But I need internet to be able to fix the server's config
<elvishjerricco> infinisil: I'm curious about relying on openvpn for good internet
<elvishjerricco> What would the ISP be doing where that could help?
<infinisil> I have no idea what's going on tbh
<infinisil> Apparently all my family doesn't have any problems (they use macOS/windows)
<infinisil> And it also works on my phone
<infinisil> Maybe I just have something bad in my config haha
<infinisil> That's the most likely thing tbh, but I really don't think I do, it's pretty standard (bare wpa_supplicant)
<infinisil> elvishjerricco: It's something with DNS for sure though, I think pinging IP's always worked
<infinisil> But using a fixed DNS server didn't fix it iirc
<elvishjerricco> infinisil: Do you use networkmanager?
<infinisil> Nope
<elvishjerricco> some network managers rely on solely the router's DNS. You can probably just add 8.8.8.8 manually
<infinisil> Yeah tried that, didn't work
<infinisil> I'm always using a custom DNS server anyways (1.1.1.1 in my case)
<ottidmes> infinisil: I too have a problem on my Linux desktop with my internet connection, but in my case only when I configure a static IP address, but if I use network-manager the problem is solved. No idea why. I tried a lot of things, many times, but never got further with figuring out the issue or alternatives.
<MichaelRaskin> Let me guess, they mess with outbound DNS traffic
<MichaelRaskin> OpenVPN goes through cached IP, no problem.
<ottidmes> MichaelRaskin: so in infinisil's case using 1.1.1.1 might have worked against him, and he should instead just use the ISP's DNS servers?
<MichaelRaskin> Maybe
<MichaelRaskin> Or just SSH to the server by IP
<MichaelRaskin> And fix the OpenVPN config
<ottidmes> it would explain why the other devices do not have any problems, if he has only configured his device to use 1.1.1.1 and the other devices just use the DNS servers suggested by the DHCP server on his router
sir_guy_carleton has quit [Quit: WeeChat 2.2]
<infinisil> Eh, ssh ing via IP didn't work either afaik
<infinisil> But ICMP worked?
<infinisil> I'm not sure myself!
<infinisil> It's weird af
<infinisil> In the end I had to use my phone's hotspot to fix it..
<{^_^}> #30518 (by Infinisil, 1 year ago, merged): usbmuxd service: init
<elvishjerricco> TIL about `replaceDependency` and `system.replaceRuntimeDependencies`
<elvishjerricco> So cool
pie__ has quit [Ping timeout: 250 seconds]