<eyJhb>
Although, they did use quite some money for the Obama thing here in Aalborg
<adamt>
I'm pretty sure Obama knows less about nix/nixos than our meetup group does. Just saying
<eyJhb>
But only PRETTY SURE, if I get the chance I will try to ask him ;) :D
<eyJhb>
"What is your opinion about NixOS?"
<adamt>
Heh
<adamt>
eyJhb: Btw. do you know of other Danish companies using nix/nixos?
<eyJhb>
Nope, not at all... Before chatting with you guys and srhb , I knew none
<eyJhb>
Also I only know of three people in Aalborg (also Jydeland in general) who uses NixOS
<eyJhb>
Any others than DBC adamt ?
<adamt>
eyJhb: Not that I know of. Would be nice though.
<eyJhb>
adamt: well, you can try and convince AAU, but that is a lot more servers :p
<eyJhb>
(what I am currently doing)
<adamt>
eyJhb: I think I'll continue trying to get the rest of our IT appartment to _not_ panic when they realize they can't edit things in /etc/ before taking on AAU :P
<srhb>
AAAAHH EVERYTHING IS READ ONLY THE SKY IS FALLING
<srhb>
I was pondering something even more invasive.
<eyJhb>
srhb: first draft, what?
<srhb>
Like, intercept open() calls with O_RDWR from normal users, send them an email... But it would require injecting ptrace everywhere which is probably a bit much work.
<eyJhb>
Hahaha
<eyJhb>
Do it!
<eyJhb>
At least just for a demo box
<srhb>
I do too much syscall intercept hackery when I get ideas like that. :|
<eyJhb>
But it is for the greater good!
<adamt>
srhb: Hey you heard about this backup-solution called networker?
<srhb>
adamt: shhhhhhhhh I still have nightmares
<adamt>
It's still in the repo, waiting for you
<srhb>
I wonder when it will break. Then again, I guess it's never updated, so no problem :-P
<eyJhb>
*reboot it
<srhb>
They used it at DMI too, by the way..
<srhb>
It haunts me :P
<eyJhb>
Is it a love hate relationship, or just very much hate?
<eyJhb>
Or, disgust? :p
<srhb>
I actually quite like the idea for traditional systems. Like, the whole FS is incrementally backed up by a daemon, and then you can always request to roll back some thing.
<srhb>
But the entire thing is this opinionated proprietary POS that you really have to mangle to get to do what you want.
<eyJhb>
"proprietary", sounds nice!
<srhb>
in this case, iirc, the binary just straight up refuses to do anything if it realizes that it has >0 hardlinks
<eyJhb>
At least I hope they don't do encrypted logs, like DisplayLink
<srhb>
So, no optimizeStore.
<adamt>
eyJhb: Disgust is the right word here. The bloody thing refuses to start if it detects it's started from a link
<srhb>
lol, yes..
<eyJhb>
That is at least something! But damn that sounds idiotic
<eyJhb>
Patch it?! :D
<sphalerite>
intercept stat!
<srhb>
^
<srhb>
Exactly that.
<adamt>
Let's have a vote, who wants to see the pretty hack? /jk
<srhb>
Thankfully that's pure userspace, so LD_PRELOAD will do the trick with no ptrace hackery.
<srhb>
please no :P
<eyJhb>
I ++ that idea, go go
<eyJhb>
Also, I thought you adamt and johanot would be nice to srhb , to not scare her away again :p
<srhb>
I'm sure they will be for the first few days. :P
<adamt>
I am being nice. I honestly think this shows some real skill. And a fair bit of desperation. :P
<srhb>
Desperation is the right word for sure. :-P
<eyJhb>
Well, few days.. So few is basically more than one, less than 4-5. So two days!
<eyJhb>
Isn't there anything else that can work? :p
<srhb>
iirc it's only used in one place so there's also some amount of "cba to fix this properly"
<srhb>
Though frankly I'm not sure how one would even do that...
<eyJhb>
Sounds like they have a assignment for you, when you are not being nice to them as well
<eyJhb>
Sounds like you have a special use-case on this one, or something. Not entirely sure :p
<sphalerite>
how about "ask dell to fix it"?
<srhb>
sphalerite: It might even be fixed in newer versions.
<srhb>
But frankly I'd prefer not to use Dell EMC-bs.
<sphalerite>
oh lol
<eyJhb>
+1 on that srhb
<srhb>
And if you ever hear OneFS or Isilon, run away. :)
<adamt>
I think our plans for srhb are something like "hi, nice to see you, here's your laptop, go sit in the corner until you're happy" and then plan some actual work the following monday. I think that's pretty nice. :P
<adamt>
srhb: DMI uses Isilon?
<sphalerite>
I wonder if anyone is using zfs-send-to-tape in production
<srhb>
adamt: Unfortunately yes.
<srhb>
adamt: And it's been chosen based on some very poor metrics.
<adamt>
So did Statsbiblioteket when I worked there. It was brand spanking now even.
<adamt>
*new
<srhb>
In fact, I think networker was sold to them as a tiering solution for Isilon.
<srhb>
(Which it blatantly is not, has never been and will never be)
<eyJhb>
adamt: a whole week to setup her laptop?! It's nixos, shouldn't it only take 1 hour? ;)
<srhb>
There's some degree of technical malfeasance here, but frankly I'm still angry at Dell for their dishonesty in this.
<adamt>
It sounds about as integrated as SB's use of tape robots for tiered storage combined with Isilon :D
<srhb>
adamt: ... really
<srhb>
:P
<johanot>
eyJhb: "sit in the corner until you're happy" <- that could take a week or two though :P
<adamt>
eyJhb: There needs to be amble amount of time for beer, you know
<srhb>
My plan is to try and understand all the things I've forgotten :P
<srhb>
We'll see how much more than a week that takes...
<srhb>
Also get access to a million things, groan.
<srhb>
Speaking of which, I should generate fresh ssh and gpg keys. Mine are ooold.
<sphalerite>
make sure not to do it like me and lose the master key promptly after generating them
<srhb>
sphalerite: I thought that was a mandatory step :P
<srhb>
There is no dealing with keys without massive amounts of headdesking, in my experience.
<adamt>
Just back them up using networker
<srhb>
:|
<eyJhb>
Can I be like, assistant in the week if there is like,beer? I sounds like the dream workplace. NixOS, cake, beer (and srhb hacky solutions) :p
<eyJhb>
I always hate key management, and how one should backup those keys if everything goes wrong..
<adamt>
eyJhb: We have a case of Grimberged in the fridge right now
<srhb>
:o
<srhb>
Oh, was friday bar next week?
<adamt>
Friday the 4th at 15, yeah. But this is beer for more internal usage :P
<srhb>
"internal usage" :3
<eyJhb>
adamt: that would be a waste on me! I normally just take Guld Damer, or the cheapest beers I can find :D
<srhb>
eyJhb: Yeah, and I just realized my yubikey is apparently too old for a new good-sized key.
<eyJhb>
Setting a good image for Danes not being alcoholics :p
<eyJhb>
Many of my professors offices have cases of beers as well
<eyJhb>
srhb: I should get a Yubikey at some point....
<srhb>
I quite like it. But at points like this where I'm basically deleting my identity it's always a little harrowing.
<srhb>
(Of course, I have revocation certificates... Somewhere.)
<srhb>
I'm a bad person. :P
<eyJhb>
Ohh srhb , you woldn't want to know what I do for all that stuff
<eyJhb>
(not that I have things scattered in random unencrypted backups on my server)
<adamt>
eyJhb: How about you just quit that silly education of yours (what good is a degree anyways? :P), and apply for a job over here? :P
<srhb>
adamt: I hear having at least one degree is good for job security. :P
<srhb>
Who knows when the next dotcom bubble happens. :P
<adamt>
Climate change will give everybody plenty of degrees, so meh ;)
<eyJhb>
adamt: you're not the first one to say that, I don't think I will have trouble finding a job as-is, which would pay very well :p But I kinda like having a degree! I might take a PhD as well
<Taneb>
adamt: where (geographically) is this place?
<srhb>
eyJhb: Cool!
<srhb>
Taneb: Capital region of Denmark
<adamt>
eyJhb: Do a PhD about alternative ways of circumventing checks for number of hardlinks
<eyJhb>
srhb: How do you feel about the alternative title, "Sveriges Forstad"?
<eyJhb>
adamt: I think srhb is already working on that!
<srhb>
eyJhb: Well, I'm known sweden sympathizer, so pretty good. :P
<eyJhb>
But it depends on if I have anyhting that interest me, or good projects. I like my brothers PhD project, as it helps people who are paralyzed from the neck down
<adamt>
I thought that description was more fitting for Malmö :D
<eyJhb>
Don't the bot ever get... Destroyed/screwed up infinisil ?
<infinisil>
There are occasional problems, but nothing unfixable
<eyJhb>
But are there any filters for executing system commands?
<infinisil>
It's only nix evaluation, which can't do that
<eyJhb>
It still seems fun, considering using it for a little fun "project"
<infinisil>
It's not really made to work flawlessly for other people to run
<eyJhb>
It is more the concept of it
<eyJhb>
Just considered making a little exercise, CTF, read the flag, thing
<eyJhb>
So nothing fancy, just forcing people to try Nix :p
<infinisil>
I actually started writing a thing I call "nix-session", which is like "nix repl" but with more features like keeping the state and outputting a nix file
<infinisil>
While the basic functionality works, there are some weird semantic problems I need to fix/think about
adamt has quit [Ping timeout: 265 seconds]
johanot has quit [Ping timeout: 240 seconds]
<__monty__>
So, no one bonds network interfaces?
<clever>
__monty__: only time ive seen it being done with nixos, is on packet.net
<__monty__>
Really? Is it a bad idea?
<clever>
__monty__: more that you dont often have the right hardware on the other end to deal with things
<clever>
the switch on the far end needs to support bonding, for most modes
<__monty__>
Having moar performance sounds so sweet. Or at least automatic switching between wifi/wired without having to stop/restart everything.
<__monty__>
Oh, really? Darn.
<clever>
ive done the wired/wifi before, without bonding
<clever>
step 1, assign the same IP to both interfaces
<clever>
step 2, change the routing tables to point to the card of your choosing
<clever>
if you change the routing tables only, it will switch with minimal interuption
<__monty__>
gchristensen: Of course. But sending part of the traffic through another interface might?
<__monty__>
clever: Hmm, is that automateable?
<clever>
__monty__: i had written a QT util that uses mii to automate it in userland
<gchristensen>
__monty__: is your public internet connection faster than your wired or wireless connection?
<__monty__>
ALso, does it actually work? Wouldn't switches still use the previous interface's MAC?
<clever>
gchristensen: ive often found my laptop wifi is horid slow (router is to blame) and i wanted to just plug in a cable
<clever>
gchristensen: but nixos + dhcp will fight what i said above
<gchristensen>
aye
<clever>
__monty__: replies will still go to the previous mac, for a short time
<clever>
__monty__: but outbound traffic will obey the routing table
<clever>
and if you keep the addr on the old if, then replies still arrive, just slower
<clever>
and it will slowly phase over, without interuptions
<__monty__>
gchristensen: The trouble's mostly with automatically switching to wired when plugged in and back to wifi afterward. Currently using connman I can either choose to have both interfaces up but that means any already running programs will stick to wifi after plugging in. Or I can force a single device but then active connections get cut and I have to restart them anyway.
<clever>
__monty__: what you need to do, is have both IF's up, and the same ip configured on both, but the routing table only selecting one
<clever>
__monty__: the problem, is that if you have a unique IP for each IF, then things wont like switching over
<__monty__>
And I think an active backup bond would do the trick. Or clever's clever solution.
<clever>
active backup would likely automate what i had planned, and maybe even spoof the mac
<__monty__>
clever: The most important part would be having this happen automatically though. How do I use the same dhcp IP on both interfaces? And automatically update the route?
<clever>
bonding would likely make that a lot simpler
<__monty__>
I think it's supposed to spoof, yes.
<__monty__>
It's just that I'm talking about quite old hardware so if you say not much hardware supports it I'm probably SOL.
<clever>
the hardware support is more for the other modes, not active-backup
<clever>
if you want to use both links at once, the remote switch must understand that, and split your rx traffic 50/50 between the links
<clever>
but if you only want to use one at a time, you dont need hardware support
<__monty__>
Ah, ok. So TLB and Round Robin are out?
<clever>
yeah
<__monty__>
Ok, active backup's still a major improvement on the current situation. So I'll be trying to set that up.
<__monty__>
Would anyone recommend systemd-networkd or rather an ifenslave setup?
<clever>
i'm also thinking, it would be nice to put all of that into a single nixos module
<__monty__>
Yup.
<clever>
then you can comment out that entry in your imports, to turn it back off
<clever>
__monty__: it boots the nixos config on lines 20-27, and loads 2 modules on lines 11/12
<clever>
justdoit.nix then includes a bash script (called justdoit), that will wipe the hdd and install nixos, with zero confirmations (i should probably fix that)
<eyJhb>
clever: shoot first, ask questions later
<clever>
eyJhb: :D
<clever>
eyJhb: its the only way to convert the world to nixos!
<eyJhb>
You are giving me ideas clever ! :D I say that the nixos-community stuff had .iso ;) .iso with the justdoit.nix!
<eyJhb>
Plug in all the USBs!
<clever>
eyJhb: it is simple to make an iso with justdoit.nix, but it doesnt run on bootup
<eyJhb>
Well, that depends on the boot order, I might be lucky!
<tokudan[m]>
__monty__: I've configured two systems with network bonding in nixos. haven't read the full history of your chat, though
endformationage has joined #nixos-chat
vdemeester has joined #nixos-chat
AluisioASG has joined #nixos-chat
waleee-cl has joined #nixos-chat
__monty__ has quit [Ping timeout: 268 seconds]
nckx is now known as bug_bot
bug_bot is now known as nckx
lucus16 has quit [Quit: lucus16]
lucus16 has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis_ has quit [Ping timeout: 265 seconds]
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 246 seconds]
atopuzov[m] has joined #nixos-chat
bitmapper has joined #nixos-chat
__monty__ has joined #nixos-chat
Arahael has quit [Ping timeout: 240 seconds]
<__monty__>
tokudan[m]: Sorry, got disconnected. Are you using systemd-networkd or ifenslave? Anything to watch out for?
bitmapper has quit [Ping timeout: 245 seconds]
<__monty__>
,locate ifenslave
<{^_^}>
Found in packages: busybox, ifenslave
drakonis_ has quit [Quit: Leaving]
drakonis has joined #nixos-chat
<tokudan[m]>
__monty__: don't have access at home, but basically it's just networking.bonds with the necessary driverOptions
<__monty__>
Oh.
<tokudan[m]>
__monty__: i can send you an example tomorrow, if you want
<tokudan[m]>
there are some nifty options, e.g. you can tell the kernel to make an arp query for a specific ip every 2 seconds to verify that the link is up and can reach the gateway.
<tokudan[m]>
__monty__: i'm using an active-backup, so I just use it for redundancy, but if you have a switch that supports it on the other side, you can setup an active-active link as well.
<tokudan[m]>
just for fun I built my own iso with the bonding settings to install those systems :)
<__monty__>
tokudan[m]: I'm going for the simplest thing firts, so active-backup. All I need to know is whether the first interface in the list will become the primary?
<tokudan[m]>
__monty__: I actually don't know that. it can switch at any time, so does it matter?
<__monty__>
Well yeah, I'd much rather use the wired link than the wireless link : )
<tokudan[m]>
ah... you intend to set it up for a laptop? It may be possible to prefer one interface, but I don't have any experience with that, as my systems are in a datacenter and I have two physical links :)
<tokudan[m]>
you may want to have a look at the kernel documentation that's linked from the nixos option. it's not too hard to read
<__monty__>
Yeah, found the right driverOption. Thanks for pointing this out. I'd neglected to check the manual >.<
Jackneill has quit [Read error: Connection reset by peer]
<samueldr>
or screw with their engagement tracking
<__monty__>
Hmm, Maybe I should add /?utm_medium=freenode : )
drakonis has quit [Read error: Connection reset by peer]
drakonis has joined #nixos-chat
tokudan has quit [Quit: Dunno.]
tokudan has joined #nixos-chat
drakonis has quit [Ping timeout: 265 seconds]
psyanticy has quit [Quit: Connection closed for inactivity]
drakonis has joined #nixos-chat
Odin- is now known as aleph-
<andi->
Do you folks have experience with some kind of project listing software for a hackday where people can submit their ideas and find peers to work with?
<andi->
I have seen that at ZuriHac and kind of likes the idea. Trying to figure out if having that for NixCon would make sense to some degree.
<samueldr>
I guess that if it allows peeps to add their ideas before the day of the hackday, maybe even organizing beforehand
<samueldr>
that it would make for a more organized one, maybe more efficient?
Jackneill has joined #nixos-chat
<joepie91>
andi-: I've been slowly working on a similar-ish idea, though as a more general platform
<joepie91>
on an ecosystem-wide scale, this is a great idea
<joepie91>
I see no reason why it can't work on an event scale
<joepie91>
the lowest-friction implementation would probably just be an etherpad :)
<andi->
joepie91: yeah, I was thinking of just adopting the zurihac way: have a github project with a json/yaml/.. File. PRs for changes and we grant "everyone" merge rights
<joepie91>
andi-: an etherpad would be even lower-friction than that, basically just a world-writable shared notepad
<joepie91>
with revisions
<andi->
Yeah, I'll think about something :)
<andi->
Low friction is probably important
waleee-cl has quit [Quit: Connection closed for inactivity]
<joepie91>
(occasionally vandals come along, but they usually give up pretty quickly given that you can just restore from a revision)
<joepie91>
(for something non-controversial like this you probably won't even have vandals :P)
<andi->
Basic auth with credentials on paper at the venue..
<andi->
Like one user ;)
Jackneill has quit [Remote host closed the connection]
<andi->
Do we have etherpad packaged?
<andi->
Oh we have codimd.. Good enough
drakonis has quit [Ping timeout: 276 seconds]
drakonis has joined #nixos-chat
__monty__ has quit [Quit: leaving]
drakonis has quit [Ping timeout: 240 seconds]
<samueldr>
neat, binwalk seemingly has heuristics to detect a kernel configuration file
<gchristensen>
oh cool
<samueldr>
definitely, I can now compare a config file for a device for which I didn't have one beforehand
<gchristensen>
oh cool
<gchristensen>
!
<samueldr>
?
<gchristensen>
I meant, oh cool!
<samueldr>
oh, right, the dealy made me think you had something neat other :)