<aanderse>
we've reached that point in our 6 month release cycle that my config files have so many `disabledModules`, `imports`, entries in `overlay`, and `unstable.pkgName` that it is starting to make sense to jump to the next release :\
<infinisil>
That's why people use unstable!
<CRTified>
,tofu
<{^_^}>
To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected. See: tofu-vim
<aanderse>
infinisil: i like sticking to stable generally... but yeah, convenient to be on unstable
<infinisil>
Unrelated: I think every spam email I get has "undisclosed-recipients:;" or so as the recipient. Why can't spam filters just filter for that?
<gchristensen>
I get a lot of legit mail on that
<pie_[bnc]>
i wish people would stop using the friggin chromatic aberration filter so much ;P
slack1256 has joined #nixos-chat
<slack1256>
Nice topic
endformationage has quit [Quit: WeeChat 2.6]
KeiraT has quit [Remote host closed the connection]
KeiraT has joined #nixos-chat
slack1256 has quit [Remote host closed the connection]
<samueldr>
I'm being told it's been 13 years since I created my account on that bird site
<samueldr>
which confuses me
<samueldr>
>> FoundedMarch 21, 2006; 13 years ago
<samueldr>
ah, it's "13 years ago" as in 13.whatever truncated I guess
<samueldr>
relative dates strike again!
drakonis has quit [Read error: Connection reset by peer]
lovesegfault has quit [Quit: WeeChat 2.7]
slack1256 has joined #nixos-chat
nckx has quit [Ping timeout: 268 seconds]
slack1256 has quit [Remote host closed the connection]
ar has quit [Ping timeout: 252 seconds]
nckx has joined #nixos-chat
<sphalerite>
infinisil: yeah, it's used for non-spam mass mailings too
ar has joined #nixos-chat
<m1cr0m4n>
Are any folks at fosdem? My mate has spotted some nixos shirt wearers going around
<lassulus>
m1cr0m4n: there is the channel #nixos-fosdem
<m1cr0m4n>
Thanks lassulus
Hunterkll has joined #nixos-chat
<Hunterkll>
sphalerite, SMB3 multichannel and CAFS
<sphalerite>
hm, what's CAFS?
<Hunterkll>
sphalerite, Oracle's SMB implementation has a LOT more stable and reliable features versus samba
<Hunterkll>
sphalerite, continuously available file shares - basically, failover without losing a file lock etc
<Hunterkll>
the only game in town to support it is windows storage - or oracle solaris
<sphalerite>
interesting
<Hunterkll>
sphalerite, Samba's multichannel has greatly improved, but not yet out of the 'potential data loss' scenarios when interacting with windows clients
<sphalerite>
oh, yeah that's unfortunate…
<Hunterkll>
we have a few petabytes under solaris management...
<Hunterkll>
well, technically speaking, solaris powered, hitachi managed :D
<Hunterkll>
sphalerite, oh, here's a fun one - in sol11, root doesn't exist unless you work really hard to make it exist
<sphalerite>
the user or the path?
<Hunterkll>
the user
<Hunterkll>
UID 0 is eliminated
<Hunterkll>
sphalerite, it's all RBAC. you have to assign mangement roles to an account to give it the root 'role' to be able to act as UID 0
<sphalerite>
ah, that's nice
<Hunterkll>
sphalerite, screwed with my head first time i installed it :D
<Hunterkll>
you CAN reinstate root and give it regular root functionality
<Hunterkll>
but that isnt' how the security model is supposed to work
<sphalerite>
sounds pretty sensible really
<Hunterkll>
it's kind of... like windows U AC
<Hunterkll>
you're logged in as administrator but you're not... not really. until you approve elevation
<sphalerite>
right…
<Hunterkll>
sphalerite, yea, and if anyone who's a fan of systemd ever used solaris's SMF they'd be like "who smoked enough crack to come up with systemd?"
<Hunterkll>
but i'll try not to go on my systemd rant lol
<sphalerite>
heh
<Hunterkll>
let's increase attack surface everywhere! said no one ever... except....
* Hunterkll
angrily fumes
<sphalerite>
I'm very unfamiliar with all the solaris stuff, it's just so much less accessible
<Hunterkll>
sphalerite, you can download it free (without updates) and work with it
<Hunterkll>
or use Illumos
<Hunterkll>
which is the continuation of open solaris
<sphalerite>
oh, maybe I should give that a try :)
<Hunterkll>
Illumos is the old Sol10 opensolaris codebase, but still has SMF
<Hunterkll>
some storage vendors use it as their OS
<Hunterkll>
just like NetApp uses BSD :)
<Hunterkll>
sphalerite, Illumos, I think, is the last remaining UNIX that's not OS X that's open source
<Hunterkll>
Apple's currently the largest UNIX vendor in the world
<Hunterkll>
:o
<Hunterkll>
RIP sun
<Hunterkll>
:'(
symphorien has joined #nixos-chat
<Hunterkll>
sphalerite, so, to deal with the new features i'm talking about, youll have to download the OTN solaris (full release/install) without patches so don't rely on it, but sol is still free to download... otherwise, Illumos and other branched off distros are the legitimately ONLY open source SVR4 UNIX systems in the world
<Hunterkll>
so worth poking at either way
<Hunterkll>
note: recent solaris dropped support for 'legacy' DECchip NIC in VM platforms, so you might have some fun there
<Hunterkll>
sphalerite, if you want a REAL intersting exercise, check out AIX 5.x or higher's LVM
<Hunterkll>
sphalerite, and imagine that, being in a 1999 OS install media
<sphalerite>
ok, what makes it better than zfs with zvols? :p
<Hunterkll>
I reinstalled my RS/6000 and it asked me for IPv6 config using 1999 media
<Hunterkll>
>_>
<sphalerite>
nice
yugi has joined #nixos-chat
<Hunterkll>
lol, not too much, but the interface...
<Hunterkll>
sphalerite, you ever use Suse/ with YaST2?
<Hunterkll>
Smitty on AIX is like that
<sphalerite>
nope >_<
<sphalerite>
or rather, I tried it at one point but only for like 10min
<yugi>
sphalerite: think windows control panel but on Linux
<yugi>
This is me just waking for a smoke lol
<sphalerite>
meh
<yugi>
sphalerite: imagine power shell DSC or ansible in a ncurses driven interface
<yugi>
sphalerite: or being able to do parity MD arrays with a single config line
<yugi>
Thought that is becoming more common theses days
<yugi>
God, with all it’s failings - AIX Management was insanely awsome
<yugi>
SuSE too
<yugi>
In 2001 I bought my first copy of Linux at Best Buy lol
<sphalerite>
I feel like there's just way too much stuff out there to know x)
<ar>
yugi: fun fact: IBM used SuSE on some of its SAN products, for the management plane
<ar>
yugi: eg. Storwize (both SAN virtualizers, and actual arrays)
<yugi>
Ar: I know ! And some of the Z series management stuff too
<yugi>
sphalerite: suse in 2001 was just as easy to dual boot as Ubuntu (barf) is today lol
<sphalerite>
now if only I could download that openindiana image…
<sphalerite>
guess I'll try omnios instead
<yugi>
It came with fat manuals too
<yugi>
11 year old me went from install to custom kernel having never touched Linux in 2 weeks lol
<ar>
yugi: mandrake was also easy to dualboot back then
<yugi>
I saw my dad pc mag and was like I WANT THIS LINUX THING
<sphalerite>
heh
<yugi>
so we bought a boxed copy at Best Buy lol
<sphalerite>
my intro to linux was my dad taking me to work with him and sitting me in front of a computer and opening the gimp
<sphalerite>
(I think I was 4)
<yugi>
God
<yugi>
My dad had a netware lab lol
<yugi>
I have all his netware 3 stuff
<Hunterkll>
sphalerite, i run a dial in BBS with Wildcat! 4 using a legitimate license lol
<Hunterkll>
got his license card and manual and everything :D
<pie_[bnc]>
sphalerite: peppers
yugi has quit [Remote host closed the connection]
<Hunterkll>
ar, my little brother pulled the power cable on my computer at the time, i flew into a rage and hurt him, then dad helped me call SuSE support to recover the backup superblock and repair my ext2 file system
<sphalerite>
one distinct memory I have is that my dad told me one day that we were getting broadband and that it means we get faster internet, and I thought "huh, why should I care? I don't need the internet."
<Hunterkll>
heh
<sphalerite>
I was using my computer regularly at the time, but didn't realise what I was missing :D
<Hunterkll>
sphalerite, one day i remember... when we got cable... in like 2002? @home service bfore it wasbought by comcast....
<sphalerite>
(I think I had my own computer at that point?)
<Hunterkll>
mom yelled for dad
<Hunterkll>
i was looking at some cable modem tweaks
<Hunterkll>
they had yelled at me before for warez
<Hunterkll>
lol
<Hunterkll>
dad looked and was like "eh this is fine"
<pie_[bnc]>
Hunterkll: those peppers sound scary :p
<Hunterkll>
pie_[bnc], try eating a full one and not vomiting :D
<pie_[bnc]>
are you saying id get as far as swallowing
<pie_[bnc]>
*are you trying to say
<Hunterkll>
pie_[bnc], i did a dryout run using my dryer and told my family "what day can i do this, the house will reek of peppers and kill you if you walk in"
<Hunterkll>
kids don't even know how that life was anymore
<pie_[bnc]>
who the heck ever paid for that
<pie_[bnc]>
you know what i dont want to know
<Hunterkll>
pie_[bnc], back then, if you did a firmware edit on your verizon phone, it counted against minutes instead of data...
<pie_[bnc]>
:O
<sphalerite>
ok so I've installed omnios on a VM, now what do I actually run on it x)
<Hunterkll>
sphalerite, ... anything you'd run on linux basically? :D
<Hunterkll>
it probably started out with gnome as the default DE
<sphalerite>
no, I went for the text one
<sphalerite>
first thing I want is probably networking and an sshd, because using the graphical text console via SPICE sucks
<Hunterkll>
sphalerite, well, make a sperate boot BE
<Hunterkll>
:D
<Hunterkll>
so you have a fallback
<Hunterkll>
lol
<Hunterkll>
sphalerite, it'll be beadm
<Hunterkll>
you can see the doc from man beadm
<Hunterkll>
sphalerite, beadm create NEWBDE shold be enough from a root shelll
<Hunterkll>
you might have to sudo su -
<sphalerite>
I logged in as root with no password
<sphalerite>
because I didn't at any point create a user or set a password or anything
<Hunterkll>
oh right, sol10 codebase
<sphalerite>
I guessed that the login would be root and no password, and I was right
<Hunterkll>
sol11 is where the RBAC was laid down hard
<Hunterkll>
anyweay
<Hunterkll>
beadm your shit
<sphalerite>
ifconfig doesn't list the NIC :(
<Hunterkll>
that way you can instantly roll back to stock
<Hunterkll>
sphalerite, VM platform?
<sphalerite>
libvirt+kvm, it initially created an e1000 NIC, I've tried switching it to virtio, but no dice. I guess I need to get a driver from somewhere
<Hunterkll>
hol up
<Hunterkll>
wait wait
<Hunterkll>
sphalerite, you didn't plumb the interface yet, right?
<sphalerite>
no of course not, I have no idea what that means :D
<Hunterkll>
o0k
<Hunterkll>
sphalerite, modinfo | grep e1000g
<Hunterkll>
in a root shell
<sphalerite>
well I guess it should be virtio rather than e1000 now?
<sphalerite>
or should I go bcak to e1000
<Hunterkll>
oh i'd just use e1000
<sphalerite>
ok
<Hunterkll>
IDK about anything else, but i know the emulation compat drivers
<sphalerite>
right, so the only result from the modinfo command is one where the address contains the string e1000
<sphalerite>
(guessing the thing with the 'f's is an address)
<Hunterkll>
sweet! nic is recognized
<Hunterkll>
sphalerite, what's the version number after the Intel PRO/100 Ethernet part
<sphalerite>
hm, it doesn't seem to have applied DNS settings from dhcp?
<Hunterkll>
sphalerite, modify the etc file
<Hunterkll>
sphalerite, everything that happens here is EXTEREMLY cautious
<Hunterkll>
it won't touch ANYHTING you don't explicitly tell it to
<sphalerite>
which etc file? :D
<sphalerite>
resolv.conf, creating it?
<Hunterkll>
that should work
<Hunterkll>
OH SHIT
<Hunterkll>
I FORGOT
<Hunterkll>
sphalerite, you have to plumb ipv6 too
<Hunterkll>
ifconfig inet6 <interface> plumb up
<Hunterkll>
then start in.ndpd
<sphalerite>
hm, I can resolve a hostname using dig @nameserveraddress, but even afert putting nameserver … in /etc/resolv.conf, pkg update fails to resolve DNS names
<Hunterkll>
er
<Hunterkll>
are you using oracle or illumos/openindiana
<sphalerite>
illumos, omnios
<Hunterkll>
alright, well
<sphalerite>
also, the order of interface and inet6 was wrong ;)
<Hunterkll>
so ping 8.8.8.8 works?
<sphalerite>
yup
<Hunterkll>
sphalerite, not in solaris 11 and real solaris 10/9 ;)
<Hunterkll>
it's not wrong *there*
<sphalerite>
oh lol
<Hunterkll>
i don't knwo what those open source rouges have done
<sphalerite>
ok so kill it with fire and start again with oracle solaris? x)
<Hunterkll>
nah
<Hunterkll>
it should wokr the same
<Hunterkll>
same codebase
<Hunterkll>
Oracle you'd need someone like me to give you patches
<Hunterkll>
lol
<sphalerite>
well clearly it doesn't work the same :D
<Hunterkll>
sphalerite, what's ifconfig -a say
<Hunterkll>
I love how Oracle's docs show the output of a QFE, even though QFE's don't work on Sol 11... lol
<Hunterkll>
(QFE === quad fast ethernet - 4 100mbit ports - and HME - happymeal ethernet - is pre 90s
<Hunterkll>
sphalerite, at this point i kinda want to remote in to your instance to see wtf is different lmao
<Hunterkll>
OH
<Hunterkll>
ifconfig -a6
<sphalerite>
I have ipv4 as I'd expect from DNS, and a link-local IPv6
<Hunterkll>
your ipv6
<Hunterkll>
is it broadcasting RA's ?
<sphalerite>
yep
<Hunterkll>
did you do the v6 plumb?
<sphalerite>
yep
<sphalerite>
I didn't have the link-local v6 before that
<sphalerite>
I didn't start in.ndpd though
<Hunterkll>
you should probably do that
<sphalerite>
how do I do that?
<sphalerite>
(let me know if you get tired of handholding, I can also look for manuals :) )
<Hunterkll>
svc:/network/routing/ndp:default
<Hunterkll>
sphalerite, oh no, i am gunning up to get more people on ipv6, see how solaris does things, or both :D
<sphalerite>
svcadm enable that?
<sphalerite>
I like my ipv6 too :)
Jackneill has joined #nixos-chat
<sphalerite>
ah yes, now I have a globally routable one
<Hunterkll>
:)
<sphalerite>
now for DNS, I guess
<pie_[bnc]>
anyone who firmware edited their phone to count minutes instead of megabytes is probably worth listening to
<Hunterkll>
sphalerite, now, normally, it'd be a different story because it'd be network deployed
<pie_[bnc]>
in 2000
<Hunterkll>
pie_[bnc], pfff. just editing the APN to not be blocked and verizon didn't have methods of tracking it at he time
<gchristensen>
I feel lucky that I ordered mine the day before prices went up, then :)
das_j has quit [Remote host closed the connection]
ajs124 has quit [Remote host closed the connection]
ajs124 has joined #nixos-chat
das_j has joined #nixos-chat
<gchristensen>
I ordered one because I noticed I would feel sick after a 45min+ meeting in a "meeting pod" phone-booth sized thing at my coworking space, and I was wondering if high CO2 was the cause
<sphalerite>
aah
<gchristensen>
I'm just about done hooking it up to prometheus now
<sphalerite>
why does bash have until but not unless
<gchristensen>
it can!
<gchristensen>
no it can't
<sphalerite>
lol
<samueldr>
you're not thinking with enough .so
<samueldr>
(though I'm not 100% positive it could)
<gchristensen>
okay, surely it could, but I thought maybe alias could fix it :P
<sphalerite>
whee, hacked together some backup freshness alerting with nixos, systemd, bash and telegram xD
<gchristensen>
not sure I agree, I think open hardware at that level is important too
<drakonis1>
well, open hardware is really nice, but ryf is just
<drakonis1>
you can see it in that tweet
<sphalerite>
now I really need to ask myself: why did this take so long
<qyliss>
There is no other logically consistent position you can take
<qyliss>
RYF is the least bad option
<gchristensen>
RYF?
<sphalerite>
(as in: was that so hard)
<qyliss>
Respects Your Freedom, the FSF endorsement program
<gchristensen>
aye
<samueldr>
hiding blobs rather than making them a tangible object that is inspectable is, imo, not the way to go to respect someone
<gchristensen>
aye
<samueldr>
that's my main gripe
<qyliss>
Either they say something that can run arbitrary software, of which only non-free software is your only option, is a-ok (which they can't do, they're the FSF!)
<qyliss>
Or you say that any device that runs software needs to allow you to install your own free software on it
<qyliss>
Which is impractical
<samueldr>
they never shyed away from impracticality
<sphalerite>
^
<samueldr>
I'm not sure why they're cutting it at the firmware level by roping it off entirely
<samueldr>
I would rather they sell the same card, without the SPI chip, with a known audited firmware that we install
<qyliss>
Because otherwise they'd need to start certifying microwaves
<samueldr>
why not?
<samueldr>
my washing machine has a couple annoying bugs
<samueldr>
I can't fix them
<samueldr>
bugs that are environmentally unfriendly
<samueldr>
like dumping all the water for no reason
<samueldr>
and it's not like they're certifying much RYF stuff
<qyliss>
By going in this direction, it would be fine to implement something in hardware, but not in software, even if it did exactly the same thing.
<samueldr>
the certification is too black and white, it should be levels, like a nutrition label
<samueldr>
"This respects your freedom by having open source drivers, but has these issues: closed source blob, non-free hardware design"
<samueldr>
now it's simply a rubber stamp
<qyliss>
Yeah, that would be nice
<joepie91>
or like a... washing machine energy label!
<joepie91>
(no, kidding, those are not very well-managed)
<samueldr>
lol
<samueldr>
that's something I intend to do with phones, an enthusiast information label
<joepie91>
ever noticed how the max rating for energy labels keeps improving?
<joepie91>
A++++
<qyliss>
But I guess they'd be concerned about being seen to endorse things that didn't meet their actual definition of free?
<joepie91>
that's because they didn't design in a facility for readjusting the scale, like year-versioned labels :P
<samueldr>
this phone allows bootloader unlocking, but has these issues: bootloader unlock is timed, bootloader unlock requires communication with third party servers"
<joepie91>
samueldr: I'd be in favour of that
<qyliss>
Like, if you put a label saying "FSF rating: D" on your thing, that looks like the FSF endorsing your product, even if D means that actually they don't like it atall
<joepie91>
just be careful to not make the energy label mistake
<samueldr>
though, right now they're endorsing non-free things by hiding away the blobs :(
<joepie91>
and actually design in some futureproofness :D
<samueldr>
joepie91: no numbers, only facts on lines
<qyliss>
Their argument is that if it's non-updatable it's equivalent to if its implemented in hardware
<joepie91>
that won't work for the average user though
<qyliss>
And I don't think that's necessarily a bad argument.
<samueldr>
joepie91: enthusiasts!
<joepie91>
requires too much background knowledge and working memory to weigh them against each other
<qyliss>
It also means that the manufacturer can't change how it works from under you
<samueldr>
it already requires the user to know about my listings :)
<qyliss>
Which they can do if it's updatable.
<joepie91>
samueldr: the potential category of enthusiasts is much bigger than the category of people who could easily parse those labels
<joepie91>
see also: Geocities
<joepie91>
you can increase the enthusiast pool by making information accessible!
<joepie91>
which is an everyone-wins scenario imo
<samueldr>
but if it's a non-updatable firmware, bugs can't be fixed like they would otherwise?
<samueldr>
joepie91: I'm won't be sugaring down the contents of the label to a single letter or number, but will link to explanations
<qyliss>
Meaning the manufacturer would have to RMA, presumably.
<sphalerite>
"oh no, there's a bug! Guess you'll have to buy the new model!"
<samueldr>
but generally, the assumptions on my design is that there will be a list of good things, and bad things
<samueldr>
so the more good, and the less bad, the better :)
<joepie91>
samueldr: that doesn't mean there shouldn't be an at-a-glance overview of things
<qyliss>
the software being non-updatable means it's probably much easier to apply consumer protection laws
<qyliss>
(I imagine)
<joepie91>
a list of facts is only useful for weighing your options if you know and understand every single fact listed therein
<qyliss>
they can't just say "it's okay, we'll fix the bug"
<samueldr>
the at-a-glance will be the amount of ✔️ vs. ❌
<joepie91>
the reality is that most people won't
<joepie91>
samueldr: yeah but different facts aren't going to be equally important
<joepie91>
and how about if you discover new problems in a new device? are you going to retroactively update the label for every other device with "does not have this problem" whereas that was previously a given?
<samueldr>
oh well, then I guess that can't be good and I'll just drop the project altogether
<joepie91>
there's a good reason why normalized scales are used for this sort of thing, it allows this sort of accessibility and futureproofness
<joepie91>
samueldr: I'm not saying that, I'm suggesting how to improve it
<joepie91>
you don't need to remove the information, I'm only suggesting how to contextualize it
<samueldr>
I'm not designing an actual label, but a list of facts on an updatable site
<samueldr>
so going back and adding is entirely fine
<samueldr>
there is no "gsmarena, but for enthusiasts who wants to run custom roms"
<samueldr>
even on like the lineageos wiki, some information is not available, like the requirements to connect to OEM servers for unlocks
<joepie91>
that's going to mean a lot of work for you, though; for example, if a device has an obvious problem that you've never seen before, you can't blindly say for all the other devices that they don't have that problem, because they might have a more subtle version of the problem that didn't jump out at you before
<samueldr>
exactly
<joepie91>
so it'd be easier to just not retroactively update older entries for new problems, but then there's missing data there
<samueldr>
I've never said it was going to be easy
<samueldr>
the best it could do is the ability to list unknown facts
<joepie91>
and that;s the sort of problem that a normalized scale can solve, by scoring something in the context of what was known at that time as a reasonable set of criteria
<samueldr>
"It is unknown if this device requires OEM intervention to recover it from a bricked state"
lovesegfault has joined #nixos-chat
avn has quit [Ping timeout: 265 seconds]
<samueldr>
gosh, this is distracting, squirrels are having a big fight on the tree branches outside my window
<samueldr>
that window is right behind my monitors
<gchristensen>
"[Nix is] so much more than a simple system-wide package manager. Calling it a Homebrew replacement is like calling a Porsche a replacement for a tricycle."
<gchristensen>
and the temperature was putting it on a hot pad
evanjs has joined #nixos-chat
<makefu>
gchristensen: what are you using for the co2 monitoring? right now i have a bunch of esp8266 with sensors on them. everything is pulled together with mqtt and made actionable (e.g. set of bad air alarm) with home-manager
<samueldr>
so you're telling me your head is full of toxic-level Co2?
<gchristensen>
makefu: I bought a CO2 monitor made by co2meter.com (ZGm053UKA) for $50 of Ebay
<gchristensen>
which was apparently lucky timing since SwiftOnSecurity talked about them the day after I ordered
<makefu>
ha, very nice. i have deployed a VOC meter at work to signal bad air with a big orange truck signaling lamp. the trigger works reasonably well to open the windows
<gchristensen>
nice
<gchristensen>
one thing about this meter is it has a beeper for when it gets too high
<makefu>
not sure if reasonable or just very annoying
<gchristensen>
the good news though is the back can be removed easily with a spudger and a few guitar picks and trivially put back on, and you can destroy the speaker's voice coil with a small screwdriver or tweezers (what I did)
<makefu>
that is what i'd probably do as well. beeping devices is one of the worst things
<gchristensen>
yeah
<gchristensen>
I can imagine the beep being useful if I wasn't using it for purely data-gathering purposes
<makefu>
but for a real use case the beeper would probably be too quiet
<gchristensen>
yeah it isn't a safety device
jared-w has quit []
jared-w has joined #nixos-chat
Jackneill has joined #nixos-chat
<gchristensen>
I really, really want a wireguard tool which uses other nodes in the network for identifying endpoints
Jackneill has quit [Remote host closed the connection]
<gchristensen>
like if every node dumped `wg show wg0 endpoints` somewhere reliable, and other nodes could gossip this around
<ashkitten>
gchristensen: have you considered tinc? or are you set on wireguard
<gchristensen>
pretty set
<ashkitten>
ah
<gchristensen>
I hear tinc and also zerotier are great
<ashkitten>
supposedly some people working on tinc have considered a wireguard backend
<ashkitten>
i use tinc personally because it consistently can find the shortest route to a host, so even though my only fixed endpoint is my server in canada, packets from my phone won't go out to the internet just to be routed back to my desktop in the same room
<ashkitten>
i believe it also tries to do tcp hole punching but i never tested that
<gchristensen>
yeah, thaht is a really nice feature (both holepunching and shortest-route)
<joepie91>
tinc is great when it works
<joepie91>
it's pretty annoying when it doesn't, because it isn't very vocal about precisely what is wrong
<ashkitten>
yeah, that is an issue but i never found it any more annoying than wireguard lol
<tilpner>
Yeah, I've been thinking about making a "systemctl restart tinc" icon for my laptop
<joepie91>
and that can include things like "oh you used indentation in your config file but that is not allowed!!1!"
<joepie91>
(IIRC)
<joepie91>
well true, wireguard isn't great about this either
<joepie91>
I actually gave up on wireguard before, for this reason :P
<ashkitten>
considering i only set up tinc through my nixos config i never had any issues with indentation
<gchristensen>
interesting, I don't think I've ever needed to debug wireguard, though perhaps I'm more familiar with its state-machine and that helps
<makefu>
ashkitten: there was a discussion between Guus (tinc BDFL) and Jason (wireguard BDFL) almost 3 years ago. They discussed how wireguard could be used as transport encryption for tinc. however nothing really came out of it unfortunately
<ashkitten>
also, tinc doesn't keep connections open if it doesn't need to - my devices are only always-connected to my server, and they establish more direct routes to each other as needed
<ashkitten>
which is nice, i think, though it makes the latency of the first few packets pretty large
<ashkitten>
pinging my desktop over the tunnel is like 200ms, 200ms, 200ms, 200ms, 7ms
<ashkitten>
makefu: ah
<makefu>
i am using tinc for almost 8 years now, the magic auto-routing stuff is what kept me there. multiple entry-points is a killer feature
<sphalerite>
yep that's what I love about tinc tooo
<gchristensen>
I started half-writing support for multiple enpdoints as a systemd service but got bored :x
<gchristensen>
(wg)
<sphalerite>
also, how dangerous are electric shocks to the hand that make your arm hurt for a while afterwards? Definitely asking for a friend
<gchristensen>
don't do it again?
<ashkitten>
^
<sphalerite>
well yeah I don't do it intentionally in the first place, but you know…
<sphalerite>
this power supply is weird.
<gchristensen>
take steps to avoid it in the future
<sphalerite>
yeah, I think I'm going to tape over the switch of the PSU so that it's always on
<gchristensen>
you don't want to tickle your ticker the wrong way
<ashkitten>
im sure it's fine, one time my friend shocked themselves with a camera's flash capacitor and their arm went dead for like 5 minutes and they're fine now
<sphalerite>
somehow, if I turn the switch on the PSU off, then unplug it, there's electricity on the plug of the cable for a while afterwards
<sphalerite>
I have to leave the switch on the PSU on, unplug it, then it's safe to touch the plug
<ashkitten>
weird grounding issue
<gchristensen>
yikes, sounds like they're not bleeding the capacitors
<ashkitten>
er, yeah
<ashkitten>
my brain sometimes thinks two things at once and then says one of them at random
<sphalerite>
thing is, you never expect something that's supposed to take electricity in and put it out on the other end to put electricity _out_ from the electricity-in-end
<samueldr>
oh, angry pixies leaking from the caps :)
<joepie91>
ashkitten: sounds familiar :P
<sphalerite>
I'll measure it next time I fiddle with the box…
<ashkitten>
yeah but the secret is the electricity-in-end is also the electricity-out-end because of alternating current
<samueldr>
curious if you actually get a jolt at ~220V for a real short amount of time
<sphalerite>
samueldr: I suspect that's the case
<sphalerite>
not even sure how short the amount of time is
<samueldr>
likely yeah
<gchristensen>
sounds maybe les sbad
<gchristensen>
a real frightful experience is to electrocute yourself in a way you can't let go
<ashkitten>
yeah, if you think something might be charged touch it with the back of your hand
<samueldr>
pedantic mode engaged: electrocution is death by electric shock :)
<ashkitten>
or like, not your hand
<sphalerite>
ashkitten: but the electricity is supposed to go from the wall into the computer, and when it's unplugged there's not supposed to be any electricity in the computer!
<sphalerite>
Or only a very little bit for keeping the clock ticking
<gchristensen>
neat, samueldr
<samueldr>
sphalerite: smoothing caps holding a charge
<joepie91>
gchristensen: ah, the good old "whack em with a two-by-four"
<samueldr>
most likely culprit
<ashkitten>
sphalerite: tell that to a crt
<gchristensen>
sphalerite: seriously though, you might consider replacing the power supply with one which isn't dangerous
<samueldr>
that's the best option
<joepie91>
+1
<sphalerite>
gchristensen: by taping the switch into the on position? :D
<ashkitten>
gchristensen++
<{^_^}>
gchristensen's karma got increased to 203
<samueldr>
is this a self-import from a chinese supplier?
<joepie91>
power supplies are not that expensive, generally :P
<samueldr>
or something you bought locally?
<joepie91>
certainly not expensive enough to warrant risking your health
<sphalerite>
I bought it from a German company
<gchristensen>
sphalerite: assuming by taping you mean "discarding" and "the switch into the on position" you mean "the power supply" ... :)
<samueldr>
oof
<sphalerite>
I think it _might_ be my fault though actually
<samueldr>
how come?
<samueldr>
unless you modded it
<cransom>
sphalerite: if the plug is still live after you unplug it for a few seconds, it means that psu is suppper cheap. they didn't put a bleeder resistor across the mains capacitor to prevent that thing.
<sphalerite>
and that this might not happen if the PS_ON pin weren't shorted to ground
<cransom>
no, the plug should never stay live.
<gchristensen>
+1
<gchristensen>
btw the safety of these things is not necessarily about you
<ashkitten>
help ive been listening to the starship mario theme from smg2 for like, hours now
<sphalerite>
alright then, I'll complain to the supplier I bought it from :)
<sphalerite>
so yes, the "ultra cheap" assessment is correct x)
<samueldr>
that "2nd edition" print is making me worry about the first
<joepie91>
that's not even that cheap!
<sphalerite>
lol
<sphalerite>
joepie91: oh?
<sphalerite>
joepie91: are there even cheaper 500W ATX power supplies?
<cransom>
22 euro for any pc psu is suspiciously cheap to me.
<cransom>
but thats also one of the things i don't cheap out on.
<joepie91>
sphalerite: I don't know if there are *cheaper* ones, but I'm pretty sure that I've seen low-budget branded ones for like 30 EUR in the past
<joepie91>
in that context, saving a tenner doesn't seem worth it :D
<samueldr>
think about all the *fun* you're missing out on, cransom
<sphalerite>
joepie91: ooh right
<sphalerite>
well, it does a pretty good job of supplying power
<sphalerite>
both inside and outside the computer xD
<joepie91>
eh... :P
<joepie91>
"free bonus power"!
<cransom>
saving tenths of a penny a year on that feature, indeed.
<ashkitten>
i feel powerless to do anything about it though
<samueldr>
now I want to get one of those PoSa android tablet, get the bootloader and see what makes it tick :|
<ashkitten>
i wonder if we should be giving them money for this garbage
<ashkitten>
even if it's to crack it
<gchristensen>
get it, dump it, return it
<ashkitten>
yeah
<drakonis1>
we shouldnt, but the masses will like it
<gchristensen>
will they like it or tolerate it?
<ashkitten>
well if someone is going to buy it they might as well have the tools to crack it
<samueldr>
that implies I need to find something that has that, that can be dumped with my skill set
<samueldr>
the former being the harder part
<qyliss>
why would the masses like it? they're not worried about inventory going missing from authorised retailers or the manufacturer.
<samueldr>
pretty sure this is also illegal here in my province considering the service is not available properly in the language
<jtojnar>
.......
<qyliss>
they take that pretty seriously, right?
<drakonis1>
it'll be pretty bad for poorer countries mind you
<drakonis1>
this whole thing seems prone to allow controlling who really owns the phone
<samueldr>
there is already something for that, FRP, in android-land that does the job passably well enough, this one is *only* about devices being bought
<samueldr>
at least, designed for that
<joepie91>
today in joepie91's software adventures: in which I realize that I'm inadvertently trying to solve the infamous WYSIWYG editor insertion-in-style-context problem, in a project that has nothing to do with WYSIWYG editing
<joepie91>
(that problem being roughly the general case of "if my cursor is at the start of a hyperlink, and I type a character, should that become part of the hyperlink or just be prefixed as normal text)
<samueldr>
flip a coin
<joepie91>
I have bad experiences with coinflip API design :D