gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
jtojnar has quit [*.net *.split]
Taneb has quit [*.net *.split]
jtojnar has joined #nixos-chat
Taneb has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 276 seconds]
waleee-cl has quit [Quit: Connection closed for inactivity]
qyliss has quit [Quit: bye]
genesis has quit [Ping timeout: 264 seconds]
qyliss has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis_ has quit [Ping timeout: 276 seconds]
cjpbirkbeck has quit [Quit: Quitting now.]
xd1le has joined #nixos-chat
<savanni> I gave it another shot, and a UEFI setup app that I swear wasn't there before appeared, and I was able to disable secure boot, and now I have a minimal running NixOS. Moral of the story: the minimal images *will* boot if secure boot is turned off. This is even documented, though maybe not in the best spot.
buckley310 has quit [Quit: The Lounge - https://thelounge.chat]
endformationage has quit [Quit: WeeChat 2.6]
buckley310 has joined #nixos-chat
<xd1le> nice
<etu> infinisil: Your config suggestion for weechat have made me typing "nick:<space><space>message" because I'm so used to pressing <tab><space> :p
<gchristensen> hehe
<etu> muscle memory... :)
__monty__ has joined #nixos-chat
Jackneill has joined #nixos-chat
<samueldr> I'm thinking air france doesn't know about the Schengen zone or something
<samueldr> Connecting from Austria through cdg I have to go through passport control?
<samueldr> Or maybe that's to be expected
<samueldr> At least this time there was no security right after deplaning
<samueldr> Ah exit visa it looks like
<samueldr> Yay, no security at all, makes up for last time
<gchristensen> nice
<samueldr> Wow... Those airport prices and the lack of choice on the secure side
* samueldr has a grump
<NinjaTrappeur> CDG user experience has never been really good I'm afraid :/
<samueldr> There's a stupidly huge amount of wasted space with duty agree and
<samueldr> Oops
<samueldr> With repeated duty-free shops
<samueldr> And with vapid luxury brands shops
eyJhb has joined #nixos-chat
<eyJhb> __monty__: it was more the specific request that sounded like someone could ship a free NixOS tablet
<__monty__> That's not how I read the conversation.
<eyJhb> __monty__: sadly how I read it... But I do hope I am wrong! But I don't know gensis at all
msgctl is now known as loonquawl
<gchristensen> using `netcat -u` neither side of netcat ever hangs up. anyone seen this before?
__Sander__ has joined #nixos-chat
<eyJhb> gchristensen: Maybe it doesn't send a "term" packet? Normally it closes because the TCP connection ends
<eyJhb> I would assume at least
<eyJhb> Also +1 for placing a laptop on pigs in blankets, while having a video meeting. Toasty !
<gchristensen> well it is UDP
<gchristensen> so I'm not really sure about the semantics of netcat and udp
<eyJhb> Precisely, that's why I am thinking it doesn't get any "term", as it just keeps it open for more packets. It cannot really know when to stop, without having any termination packet, and seeing as it is netcat, it wouldn't make sense to implement any
<ajs124> thanks gchristensen, I wanted to listen to floppy music for the next several hours.
<gchristensen> yup
<eyJhb> Why udp btw. gchristensen ?
<eyJhb> Btw. gchristensen why udp?* I guess
<gchristensen> I want to implement UDP holepunching with netcat
<__monty__> gchristensen: Nice. That would've been great as an it crowd intro: https://youtu.be/6bH-MdVCLWM
<eyJhb> Who was it that had the radio I stalked at some point? Was it you infinisil ?
<infinisil> Yup
<eyJhb> Link? :D
<infinisil> eyJhb: Hehe, currently I'm constantly running a single really long mix I really love: https://tune.infinisil.com
<eyJhb> infinisil: will listen to it for a while and see :D It is just fun to listen with sometimes ;)
<eyJhb> Does it run day/night? Or only when you are active?
<infinisil> Always
<eyJhb> Having a hard time understanding the lyrics atm. :p - Fair :) Just local library of stuff?
<infinisil> eyJhb: This is the mix running on loop: https://youtu.be/PoZNe3BNieA?t=25037
<eyJhb> I should do stuff like that at some point...
<infinisil> Eventually I should download each of the songs I like/love on its own
<eyJhb> Does it integrate with other services such as Spotify?
<infinisil> Nah, no spotify, I manage all of my music myself
<infinisil> beets for the library, mpd for playing
<infinisil> And a bunch of scripts around them
drakonis has quit [Ping timeout: 265 seconds]
<eyJhb> So works well on your phone as well?
<infinisil> eyJhb: Yeah, that's one of the main motivations for doing that
<infinisil> I can use an arbitrary http stream player and mpd client on my phone to listen/control my music
<infinisil> No need to put the data on my phone (which is an iPhone, so I'd have to use iTunes or such)
drakonis has joined #nixos-chat
endformationage has joined #nixos-chat
waleee-cl has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 268 seconds]
<etu> gchristensen: You showed a trick that you do to rollback a zfs snapshot on boot (instead of running on tmpfs), where did you put that command? I mostly run on tmpfs to have clean systems. But I have one directory that tend to grow (a lot with temporary data) so I made a zfs volume for backing that (and to avoid snapshots), but it would be nice to ensure it's actually empty as well.
AluisioASG has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
<gchristensen> nice
<sphalerite> etu: I have a "scratch" filesystem that I have mounted on /scratch, which I rollback to empty using a persistent systemd timer every day at 3am. Not sure that quite meets your requirements though?
<etu> sphalerite: Hmm, something like that should be fine
<etu> sphalerite: But I think I only want to run it on boot. But that can be done with a oneshot systemd service. Because I have jobs using that directory 24/7 at unknown times and they may be unhappy if I just remove it's files :D
<sphalerite> important to use /run/booted-system/sw/bin/zfs because according to #zfsonlinux the behaviour of using the wrong user-space tools is undefined and may "mulch your pool" iirc
<sphalerite> etu: well, then make a service that multi-user depends on and with a "before" dependency on all the services putting stuff in the zvols
<eyJhb> adamt: You free?
<adamt> eyJhb: Depends
<eyJhb> If you have the time, we have some workshop time at AAU, where NixOS could be nice ! :D
<adamt> So you want me to fly to Jutland and do stuff? That's harder than doing nothing, you know
<eyJhb> I just rememer we had a talk about AAU+NixOS, it might have been with srhb, but she isn't here
<eyJhb> Yes ;) Sorry
<eyJhb> Don't know if AAU could cover expenses adamt , would be nice if they could
<adamt> I'm not patient enough for teaching new people stuff. :P
<eyJhb> It is workshop/presenting NixOS, basically just a talk about NixOS I would assume :D
<eyJhb> I need details on it, but just wanted to hear if you might be interested
<sphalerite> etu: or even make the mount unit depend on the rollback units
<sphalerite> s/s$//
drakonis_ has quit [Ping timeout: 240 seconds]
<adamt> eyJhb: Not sure about the others. We're quite busy here, so I'm not sure any of the others are that keen on a trip to AAU right now
<eyJhb> adamt: kidnapping is a no-go I guess? But sure! Just wanted to vent the idea. :) Might have some more information, so I could sent it to you
buckley3108 has joined #nixos-chat
buckley3108 has quit [Client Quit]
evanjs has quit [Quit: ZNC 1.7.4 - https://znc.in]
<ajs124> "error: stack overflow (possible infinite recursion)", I'm something of a nix expert (nixpert?) myself.
evanjs has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis has joined #nixos-chat
Jackneill has quit [Remote host closed the connection]
drakonis_ has quit [Ping timeout: 264 seconds]
drakonis_ has joined #nixos-chat
xd1le has quit [Quit: leaving]
drakonis1 has joined #nixos-chat
drakonis has quit [Ping timeout: 265 seconds]
drakonis_ has quit [Ping timeout: 245 seconds]
drakonis has joined #nixos-chat
drakonis1 has quit [Ping timeout: 276 seconds]
drakonis_ has joined #nixos-chat
buckley310 has quit [Quit: The Lounge - https://thelounge.chat]
buckley310 has joined #nixos-chat
drakonis has quit [Ping timeout: 240 seconds]
drakonis_ has quit [Ping timeout: 252 seconds]
__Sander__ has quit [Quit: Konversation terminated!]
psyanticy has joined #nixos-chat
LnL has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis_ has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
<leons> yay! With PRs #59806, #72029, #72374 (and maybe #49755) we'll have (somewhat) painless SSH Key in TPM2 support for all those new laptops supporting it :)
<{^_^}> https://github.com/NixOS/nixpkgs/pull/59806 (by dtzWill, 28 weeks ago, merged): openssh: 7.9p1 -> 8.1p1
<{^_^}> https://github.com/NixOS/nixpkgs/pull/72029 (by lschuermann, 5 days ago, open): nixos/tpm2: init
<{^_^}> https://github.com/NixOS/nixpkgs/pull/72374 (by lschuermann, 9 minutes ago, open): tpm2-pkcs11: init at 0b7ceffb
<{^_^}> https://github.com/NixOS/nixpkgs/pull/49755 (by arianvp, 51 weeks ago, open): nixos/ssh: Add pkcs11 support for ssh agent
<leons> Should actually be the first distro then where you don't need to hack on it for some time ^^
<gchristensen> :o
<drakonis> when's secure boot images tho
<ar> secureboot with custom keys would be neat
<drakonis> this should be done within the near future, as intel will enforce secure boot in the future
<gchristensen> #53901
<{^_^}> https://github.com/NixOS/nixpkgs/pull/53901 (by grahamc, 41 weeks ago, open): WIP: Sign systemd boot EFI images for secure booting.
<leons> yeah, I'm excited for that too. Actually talked to Poettering about secure booting NixOS with systemd-boot
<drakonis> a year, welp.
<drakonis> noice
<drakonis> active again, nice.
<leons> I didn't know about #53901 at that time, though. So unfortunately probably everything we've discussed is known / obsolete by now :)
<{^_^}> https://github.com/NixOS/nixpkgs/pull/53901 (by grahamc, 41 weeks ago, open): WIP: Sign systemd boot EFI images for secure booting.
<leons> > "Finally, you can have much fewer generations: each generation on my laptop takes 20MB in /boot."
<leons> Oh well that was the issue we talked about but didn't find a solution to ^^
<{^_^}> "Finally, you can have much fewer generations: each generation on my laptop takes 20MB in /boot."
<gchristensen> nicely done, {^_^}
<drakonis> i just leave my generations on the root filesystem rather than /boot/efi
<drakonis> its probably a bad idea if something hoses
<leons> drakonis: Do you use systemd-boot? And what file system do you use?
<drakonis> i was using grub because systemd-boot did not allow the generations to be stored in /boot
<drakonis> the kernel images
<drakonis> so my tiny efi partition would run out of space
<leons> Okay sure, I'd rather disable secure boot than using grub but that's a philosophical discussion
<drakonis> my laptop only allows me to disable secure boot if i set a password
<drakonis> might be easier if i just do that
<drakonis> but then, intel had some wild plan regarding secure boot where they'll take away the ability to disable it entirely in the future
<leons> gchristensen: Nonetheless great work, soon I'll be able to store my secure boot signing key in the TPM and then just enter my Pin after nixos-rebuild :). Should probably keep a backup of the private key though
aleph- is now known as Church-
<gchristensen> neat
<eyJhb> I bothers me too much, that the Arduino starter kit doesn't use correct color codes....
<gchristensen> eh?
<eyJhb> arduino.cc/starterkit , the cables that comes with the kit are colored after length, and there are no black cables for ground etc..
<gchristensen> ah
<eyJhb> Seems weird to teach people, and then not doing these things in the normal manner. Even the schematics they use for teaching are color coded after red => +, ground => - ... :(
<eyJhb> It hurts seeing red wires going to ground
<leons> Would have expected that from some cheap fake but not the original one. But jumper wire colors are always a bit funky, always different order / combination from other vendors
<eyJhb> leons: pricesely... They have payed waaaay too much for the original, and it is just a big ripoff.. My cheaper off-brand kit with the original Arduino was cheaper with more components...
<__monty__> Random meaningless colors is still better than having people use meaningful colors incorrectly though. Fwiw it's the same in some breadboard kits I have.
<eyJhb> And correct cables.. :/ - Yeah funky, but like... This isn't even normal pin-cables, it is just stripped off wire
<eyJhb> We just have red for +/- :p
<eyJhb> But that is true __monty__ , but we basically don't have that option.. THere are two colors that are actually useable in the form of length :(
<leons> eyJhb: dafuq, that's crazy. My ocd will immediately kick in (and I know I shouldn't call it that way since I'm not suffering from the serious medical condition that is)
<eyJhb> leons: hurts as well... Doesn't make any sense to me :( And debugging is no fun
chreekat has joined #nixos-chat
psyanticy has quit [Quit: Connection closed for inactivity]
drakonis_ has quit [Ping timeout: 264 seconds]
drakonis has quit [Ping timeout: 268 seconds]
__monty__ has quit [Quit: leaving]
drakonis has joined #nixos-chat
chreekat has quit [Quit: quitting]
waleee-cl has quit [Quit: Connection closed for inactivity]
<kraem> wow.. iwd really is noticably faster connecting than wpa_supplicant, think this is a keeper :)
* infinisil is interested now
<joepie91> subscribe
<ajs124> I was looking for an excuse to test it!
<infinisil> kraem: Are you using it with networkmanager?
<kraem> yes
<infinisil> Hm it seems that with iwd on its own you can't specify the config declaratively (the module only has a .enable option)
<kraem> only tried it on my home ap for now.. will have to try it in the wild to see if it works as well
drakonis has quit [Ping timeout: 268 seconds]
<ar> there's no configuration generator in nix for it yet, no?
<ar> as in, something to generate entries in /var/lib/iwd without NM
<kraem> not that i know about, i can live with connecting with nm the first time though
<infinisil> ar: How's the format of the config files there?
<infinisil> Hm so general config in /etc/iwd, network-specific in /var/lib/iwd
<infinisil> Kind of wondering whether networks should be declarative or not
<gchristensen> imo not really
<infinisil> I like it being declarative because I won't have to remember how to connect to my university's network (and other of those kind)
<emily> it remembers networks
<infinisil> On the other hand having to rebuild for new networks can be annoying because of nix not liking having no internet
<emily> just use iwctl
<kraem> i've set up eduroam once and it's been working everywhere since. heard of a lot of people having trouble with eduroam though
<infinisil> emily: I mean like when I set up a new machine/restore from backup
<emily> sure
<emily> i think having to reconfigure nix for new networks is too crappy
<emily> it would be nice to have better imperative interfaces to changing declarative state like this but you'd need to make generation switches a lot faster
<infinisil> Oh actually, with iwd you can do partially declarative
<infinisil> Because every network is a separate file, you can have some of them in the nix store, some stateful
<infinisil> (wpa_supplicant on the other hand only uses a single file for all)
<ar> hm. i tried using this https://wiki.archlinux.org/index.php/Iwd#Optional_configuration config, and either i'm stupid, or something's there wrong
<kraem> i think they've missed to append the line 'Passphrase=test1234'
<ar> yeah
<ar> also, i did a "station wlan0 connect …" and it created a new file
<ar> "=6861636b657273706163652e706c2d6775657374732d3547.psk"
<kraem> hm i only have the <ssid>.psk file
<infinisil> Now I want to create some nice options for that!
<ar> i guess this =6861636b657273706163652e706c2d6775657374732d3547 is hackerspace.pl-guests-5G encoded somehow
<ar> ah
<ar> ascii bytes
<infinisil> Hmmm...
<kraem> converted to b64?
<ar> no
<infinisil> It's probably UTF8 even
<infinisil> Now I'm worried about writing a NixOS module for that, because I don't think there's a way to convert a string into that encoding in pure Nix
<kraem> infinisil: i need to find a project like that to practice some nix :)
<ar> irb(main):013:0> "hackerspace.pl-guests-5G".split("").map { |x| x.ord.to_s(16) }.join("")
<ar> => "6861636b657273706163652e706c2d6775657374732d3547"
<ar> infinisil: ↑
<infinisil> That might not work for unicode depending on what split considers characters
<infinisil> But yeah, that's gonna be tough to do in nix
<infinisil> Although..
<ar> hm
<ar> b009713135a575a45a95c50e0116d9b0 =6861636b657273706163652e706c2d6775657374732d3547.psk
<ar> b009713135a575a45a95c50e0116d9b0 hackerspace.pl-guests-5G.psk
<ar> and it didn't recognize my network after removing the =6861636b657273706163652e706c2d6775657374732d3547.psk file
<ar> (and didn't list it in "known-networks list")