<ldlework>
cole-h / drakonis if you would like some review, make sure to leave some time for it
<drakonis>
sure.
<colemickens>
how were y'all keep tracking of pijul to know that it went underground btw?
<ldlework>
colemickens: join #nixos-baduk to encourage yourself to join us some time
<MichaelRaskin>
colemickens: well, some searching around shows discussions of it
<pie_[bnc]>
colemickens: what?
neeasade has quit [Remote host closed the connection]
neeasade has joined #nixos-chat
neeasade has quit [Remote host closed the connection]
neeasade has joined #nixos-chat
* colemickens
feels like his client sent a bunch of messages at once
<gchristensen>
nope, does't look like it
<colemickens>
okay, just a coincidence :)
<gchristensen>
also I talk to the pijul author, ishow I knew
<colemickens>
pie_[bnc]: I just meant that there was conversation earlier about pijul going through a quiet rewrite and I was curious how people were apprised of this knowledge. I'd been sort of paying attention to it and thought it was dead. Was curious if it had popped up on HN/lobsters recently or if its just another one of those "lots of nix(os) people happen to be intrigued"
<colemickens>
gchristensen: oh, neat
<gchristensen>
the other day I was almost able to import all of nixops, hydra, and nix in to a repo :)
<gchristensen>
separate repos*
<pie_[bnc]>
aha
<MichaelRaskin>
I did a due diligence check as complete outsider, I found some information
<colemickens>
It's not the info was hard or impossible to find, but more of a "how did you discover this info" or is it just on the back of everyone's mind and it gets a google every month or so.
<colemickens>
I'm visiting certain sites less and less and missing some news. (though I did add some new RSS subs today, thanks to someone writing nixos blog posts)
<pie_[bnc]>
the meta problem of even knowing to look fo rinformation
eyJhb has quit [Quit: Clever message]
abathur has quit [Quit: abathur]
evanjs has joined #nixos-chat
drakonis has quit [Quit: WeeChat 2.8]
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
drakonis1 has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
drakonis1 has quit [Ping timeout: 272 seconds]
endformationage has quit [Quit: WeeChat 2.6]
drakonis has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis1 has joined #nixos-chat
disasm has quit [Ping timeout: 250 seconds]
drakonis has quit [Ping timeout: 246 seconds]
disasm has joined #nixos-chat
drakonis has joined #nixos-chat
drakonis1 has quit [Ping timeout: 256 seconds]
drakonis_ has joined #nixos-chat
drakonis has quit [Ping timeout: 246 seconds]
waleee-cl has joined #nixos-chat
cole-h has quit [Ping timeout: 264 seconds]
Jackneill has quit [Ping timeout: 252 seconds]
disasm has quit [Ping timeout: 258 seconds]
disasm has joined #nixos-chat
Jackneill has joined #nixos-chat
cjpbirkbeck has quit [Quit: cjpbirkbeck]
<talyz>
colemickens: I use tmpfs as my root file system, so that module, and the corresponding one I have for home-manager, is used to make some files and directories persist between reboots
<etu>
talyz: I should get around to migrate my home-directory from zfs to tmpfs :p
waleee-cl has quit [Quit: Connection closed for inactivity]
<andi->
Mhm, since when does the CSS files for nixos.org load so slowly? I recently started noticing that I see an unstyled version of the page for the first ~250ms or so :/
<srk>
I think ,help could be extended to include all
<srk>
just needs rate limiting, bot should already have that not to get kicked by freenode :)
<srk>
one day I'll roll a bot specifically for this
<srk>
with database and item history tracking
<immae>
nice :)
<eyJhb>
__monty__: not sure the reader will understand that :(
<__monty__>
eyJhb: partial?
<eyJhb>
Thanks __monty__ ! :D
<__monty__>
np
{`-`} has joined #nixos-chat
KeiraT has quit [Ping timeout: 240 seconds]
KeiraT has joined #nixos-chat
KeiraT has quit [Ping timeout: 240 seconds]
Jackneill has quit [Ping timeout: 240 seconds]
KeiraT has joined #nixos-chat
Jackneill has joined #nixos-chat
<gchristensen>
anyone available to review this PR, which drops longkeyid from the maintainer list, adds lib tests for the team list, and also documents how to review additions to the maintainer and team lists? https://github.com/NixOS/nixpkgs/pull/85247
<{^_^}>
#85247 (by grahamc, 16 hours ago, open): maintainers: document new maintainers and team changes
<MichaelRaskin>
I guess I should admit it: looking at the Discourse post — I was wrong about the impact of the graphic configuration tool for systemPackages and service list, it still requires understanding of the configuration structure, just provides a different search UI with integrated «add it» button.
<eyJhb>
gchristensen: why not swicth the keys thing? Or, why have the fingerprint thing at all?
<eyJhb>
keys = ["uuuu" "iiii"] etc.
<MichaelRaskin>
So, any of my doubts whether it draws a picture hiding too many details (and creates illusion of understanding) were unfounded.
<Valodim>
gchristensen: will do, some time later :)
<MichaelRaskin>
eyJhb: well, there is always risk of later extensions, and it's better if they change as little of the structure as possible
<gchristensen>
oh man I meant for that to go to -dev
<__monty__>
gchristensen: The rendering looks good. Didn't want to go over xml diffs : )
<gchristensen>
thanks, __monty__ :)
<eyJhb>
MichaelRaskin: also what I thought. Just wanted to make sure
<__monty__>
Ah, that makes more sense.
<gchristensen>
eyJhb: we haven't even gotten our first s/mime signer afaik :P and hopefully gpg will die soon and who knows maybe we'll put ssh keys in there
<gchristensen>
`keys` is a big word
Jackneill has quit [Ping timeout: 265 seconds]
<__monty__>
You think gpg's dying? Sequoia seems a pretty good effort to revive it.
<gchristensen>
I can only hope, __monty__
<etu>
Is sequoia the people working at the new keyservers where you can sign which signatures you have so only signed signatures can be published?
<__monty__>
keys.openpgp.org uses Hagrid I believe which uses the Sequoia-pgp library.
<__monty__>
I don't think they distribute signatures at all though?
<qyliss>
They distribute selfsigs, definitely
<qyliss>
Otherwise nothing would work
<etu>
__monty__: Yeah, they don't distribute signatures by others
<__monty__>
Yep, should've been more specific.
<etu>
But I've read somewhere that you could sign your own keys with the signatures from others you have and then that a keyserver could accept that
<etu>
But it's work in progress
Jackneill has joined #nixos-chat
<gchristensen>
any darcs fans? :P
<__monty__>
Fan is a big word. I *am* interested in formalized patch-based version control though.
<gchristensen>
oh I sorted it
<gchristensen>
`trackdown`
<etu>
Fish shell used to use darcs
<etu>
in the beforetime, like 12-13 years ago
<etu>
gchristensen: I remember that adisbladis was a big fan of that back then ;)
<adisbladis>
Yeah, I was :)
<adisbladis>
But in terms of actually using it I can't remember a thing
<tilpner>
deleted or invalidated more than 1048576 bytes; stopping
<tilpner>
Seems blender was large enough
<tilpner>
--max-freed takes units, so you can do 1M instead of 1000000
<tilpner>
(Which will use a different base, but ehh)
<gchristensen>
one of my favorite paper-cuts about Nix is that "everybody" copy-pastes this around: nix.gc.options = ''--max-freed "$((30 * 1024**3 - 1024 * $(df -P -k /nix/store | tail -n 1 | ${pkgs.gawk}/bin/awk '{ print $4 }')))"''; instead of teaching Nix to shoot for a target bytes free
<tilpner>
I have never seen that
<gchristensen>
oh :)
<gchristensen>
I guess it is just me then
<gchristensen>
,search
<tilpner>
Is the $() actually in there, and executed?
<gchristensen>
yeah
<tilpner>
Huh
<gchristensen>
what is that search engine for user configs?
<tilpner>
Someone didn't escapeStrings properly
<tilpner>
search.tx0.co
<tilpner>
,configsearch
<{^_^}>
To search public NixOS/Nixpkgs/NixOps configs, use https://search.tx0.co (Ping ${"til" + "pner"} if it acts up again)
<gchristensen>
what do you mean did'nt escape properly?
<tilpner>
It's sometimes convenient to have your strings be evaluated in a shell later, and the nix.gc.options example even assumes it
<gchristensen>
ah, right
<gchristensen>
given that `options` is just "arbitrary options to pass" it'd be probably wrong to escape it
<gchristensen>
at any rate, yeah, we should just teach nix how to reach a target free
<tilpner>
For a string, maybe
<tilpner>
But with listOf str?
<gchristensen>
still no good, because you'll break my control-key-heater-feature
<__monty__>
You could use ffmpeg to get something similar for screen capture.
<srk>
neat
drakonis has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
<ldlework>
gchristensen: My tool uses maim, slop, ffmeg, xclip, to do screenshots/videos fullscreen or with selection and can encode mpvs or gifs with the giphy-labs compression settings.
<ldlework>
gchristensen: If I write up a readme (it's got a nix expr) would you give a try?
<tilpner>
ldlework: Sounds incompatible with wayland?
<ldlework>
because of xclip?
<tilpner>
No, because of maim/slop
<ldlework>
tilpner: interesting, what are the wayland equivalent?
<tilpner>
The thing graham used in his paste: grim
<tilpner>
Don't know what else
<gchristensen>
ldlework: heck yeah I'd use it
<andi->
Anyone here can recommend a weather station that is possible based on FOSS or at least has a proper API to query data from? No internet connection required, please. :)
<tilpner>
._.
<ldlework>
gchristensen: looks like i'll have to make it compatible with wayland first
<srk>
andi-: build one!
<andi->
srk: that is the wrong answers!!
<andi->
I am already building my own alarm clock..
<srk>
fun one
<srk>
hehe :)
<ldlework>
tilpner: thanks for the heads up :)
drakonis has quit [Ping timeout: 272 seconds]
<tilpner>
andi-: I've been meaning to do that for a while, but "my code had a bug" is a very bad excuse for missing classes
<ldlework>
Is there some kind of tool like there is for X (I forgot the name sadly) that lets you run a session in a window, so you can try window managers and the like, without crashing your actual session?
<andi->
tilpner: Yeah it is but on the other hand there is nothingd decent out there. I do not want have to care about my phone to wake me up.
<ldlework>
For wayland that is.
<ldlework>
I mean other than a VM
<andi->
I can nest many sways
<ldlework>
Though I should probably eventually figure out how to run VMs on NixOS
<tilpner>
ldlework: You forgot Xephyr, and some wayland compositors can start in an X window
<__monty__>
andi-: I think I've come across RPi weather stations. (Might be a good search term?)
<srk>
tilpner: you need to write specification first, verify it and implement afterwards
<srk>
tilpner: then you have a better excuse - my verified alarm clock specification had a bugf
<MichaelRaskin>
andi-: well, remind is pretty old and stable and works
<tilpner>
:D
<__monty__>
srk: Are you sure this isn't mission critical enough to warrant automated extraction from the verification? Clearly we need to implement this clock in Coq.
<MichaelRaskin>
srk: nah, your spec is perfect, the problem is that audio driver violates its documentation
<srk>
np, just build verified computer
<srk>
__monty__: haha, love this extraction things .. :D
<MichaelRaskin>
srk: have any axiom library for defining sound from quantum physics?
<andi->
MichaelRaskin: yeah, I need more work on the hardware (I want it to change light in the bedroom, start music, turn off the light when I fell asleep, …)
<MichaelRaskin>
Yeah, you can plug whatever to remind, but the hardware interfaces are grrrrrrrr
<srk>
:D
<srk>
indeed
<srk>
andi-: what are you using for that?
* srk
suggests reactive-banana-automation
<ldlework>
tilpner: is Xwayland the thing?
<MichaelRaskin>
#nixos-chat, to complain it doesn't work
<tilpner>
ldlework: No, just run sway
<andi->
srk: a bunch of WS2812b for colored light (since I have them here, want some proper white leds at some point), some active speakers that I can power on/off through a GPIO and some hardware buttons.Literally just started thinking about this in the last few days.
<ldlework>
tilpner: run sway as a normal application, even though i already have a WM and I'm using X?
<tilpner>
Yes
<ldlework>
huh
<srk>
andi-: platform(s) I mean
<ldlework>
it'll just be a window with a DE inside?
<tilpner>
Yes
<ldlework>
huh
<andi->
srk: nixos?
<srk>
but for io
<ldlework>
well now i have to try that just to see it I guess
<andi->
aah a RPi probably
<srk>
andi-: I'm using similar setup with ws2812 lua interpreters (nodemcu) over tcp to control lights and relays
<srk>
andi-: few aliases to netcat and xmonad keybindings, sometimes reactive-banana-automation to run all that automagically
<ldlework>
srk did you know there's a ts->lua transpiler
<ldlework>
maybe you don't care
<ldlework>
tilpner: you wernt kidding!
<ldlework>
that's pretty freaking cool
<ldlework>
now to learn how to just enough Sway to use it
<srk>
ldlework: typescript?
<ldlework>
srk: yeah
<ldlework>
a much better language than lua
<srk>
well, these are so simple
<ldlework>
yeah fair enough :)
<srk>
than it can be scripted with nix
<ldlework>
srk: i got heavy into Tabletop Simulator modding for a while
<ldlework>
i built a whole tool for using typescript instead
<ldlework>
right on
<srk>
lol!
<srk>
I will switch all this from wifi to wired CANOpen at some point to dogfood my other project and not to rely on lua/esp8266 but stm32
<srk>
nodemcu is fine for singlepurpose apps and you can't beat the prize and simplicity to make stuff like ws2812 or relays/buttons work
<srk>
over wifi!
<ldlework>
tilpner: how would I start an application such that it opened inside of Sway?
<joepie91>
I want Rust on ESP32s :(
<joepie91>
then suddenly all sorts of ESP32s are gonna appear around the house...
<srk>
not worth it
<andi->
oh yes!
<srk>
I've also considered porting stuff to extense but porting to risc-v makes more sense
<srk>
*xtensa
neeasade has quit [Ping timeout: 258 seconds]
<ldlework>
What could be kind of cool is a nix-env -i for nix-shells
drakonis has joined #nixos-chat
<srk>
lorri?
<srk>
not quite
<srk>
but at least they don't get gced
<joepie91>
srk: the main factor for me is price
<srk>
just wait till you can't open the door or turn on the light
<ldlework>
gchristensen: you haven't packaged wofi yet...?
<ldlework>
:)
<srk>
we've had this hackerspace on/off switch for lights that used wifi, went thru *many* iterations for being just a (wifi enabled) button to toggle desk lights
<ldlework>
gchristensen: my tool recap needs rofi if you wanna use it with the UI I built for it, the wayland alternative is "wofi"
<sphalerite>
joepie91: huh, I thought there was some level of workingness achieved for rust on the esp32?
<joepie91>
sphalerite: I have been unable to locate the magical incantation to produce working Rust code for the ESP32, in particular using its wifi capabilities
<joepie91>
all I've found is a device crate that consists of "here are GPIO pins lol"
<joepie91>
which, well, at that point I might as well use an STM :P
<joepie91>
sphalerite: last I checked those were unobtainium in NL for any reasonable price
<joepie91>
let me check again
<sphalerite>
oh pff it can do wifi but how to use it from rust isn't mentioned on that page.
<joepie91>
(it had the "$2 microcontroller with $34 DHL shipping" problem)
<sphalerite>
oh nice lol
<joepie91>
oh, meh :P
<joepie91>
I mainly get ESP32s in the search results..
<sphalerite>
I had some smart sockets with rtl8710s in them, sold the ones I hadn't destroyed the case of because they weren't esp8266es like the older models
<sphalerite>
and _now_ I find out I can write rust for them
<sphalerite>
well, assuming that I can get my own code running on them, which is a bit of a bold assumption tbh
<joepie91>
haha
abathur has joined #nixos-chat
<joepie91>
sphalerite: I've known the RTLs as "ARMs with wifi" for a while now, they were just never cost-effective for me
<joepie91>
once that changes...
<joepie91>
but yeah you still need it to work with the hardware
<joepie91>
OTOH, if there's actual documentation of the wifi peripherals... I can write a driver
<joepie91>
I've already written a display driver, surely this shouldn't be much harder :P
<sphalerite>
yeah 802.11 is easy :p
<joepie91>
tbh I'm more concerned about the hardware-specific oddities
<joepie91>
those are harder to outsource to an ecosystem than standardized protocols
<ldlework>
gchristensen: oh hmm, couldn't you actually just write tiny little wrappers for grim and slurp to under the names "main" and "slop"?
<ldlework>
I guess I can test this with a nix-shell
<ldlework>
neat
<ldlework>
nixos b crazy
<gchristensen>
lol
<ottidmes>
I like home automation in theory, but in practice I never see their use, and e.g. being able to switch the light with my phone, is just as much work as physically flipping the switch, if not more (if the phone is not closeby)
<colemickens>
you're just not lazy enough
<srk>
that's why I have keyboard bindings and shell scripts :)
<joepie91>
lightbulbs are like the MVP of home automation
<sphalerite>
ottidmes: I like being able to schedule opening/closing for my blinds, switch my amp on/off automatically when I put music on or connect a bluetooth device, that sort of stuff
<joepie91>
they're not that useful to automate, but they are easy
<gchristensen>
ottidmes: yeah I have a bunch of fancy lights around and stuff
<srk>
want to build dedicated hw switch for that at some point
<gchristensen>
ottidmes: and instead of using the app I turn the light switch three times, on (but app-off), off, on, because it is faster and easier and more intuitive than the app
<srk>
:)))
<sphalerite>
gchristensen ldlework: wait are you talking about a screenshot script or similar?
<MichaelRaskin>
The problem with home automation is that you need a good safety-critical/non-safety-critical model, and, worse the _vendor_ should have a safety-critical-ness model compatible with laws of physics
drakonis1 has joined #nixos-chat
<ldlework>
sphalerite: yeah i wrote a pretty nice one and i'm trying to make it wayland compatible so gchristensen gives it a try
<sphalerite>
ldlework: ah ok, because there's already sway_screenshot
<ldlework>
sphalerite: it does more than just take the screenshot
<gchristensen>
MichaelRaskin: yeah I have no sizable inductive loads or anything that wouldn't mind rapid switching too much, and I only use things which don't require a public network connection
<sphalerite>
ldlework: sway_screenshot supports choosing what to screenshot and screen recording as well
<sphalerite>
ldlework: I'm guessing yours also supports pastebinning or something? ;)
<ldlework>
sphalerite: yeah, it does more than that. it can upload the screenshot to various places, and put a link in your clipboard
<gchristensen>
nice
<MichaelRaskin>
gchristensen: I am pretty sure that dimming incadescent bulbs would have a ton of _interesting_ failure modes even without inductive load
<ldlework>
it also will do videos, and compress gifs extremely well while keeping them looking good
<ottidmes>
Guess my place/current needs dont fit the use case for automation yet, a few simple habits seem enough for me, while automation would probably get in the way of irregularity (e.g. different times going to bed)
<ldlework>
even if you wanna screenshot some video from a movie
<ldlework>
it'll look great while being small as possible
<MichaelRaskin>
Low-power LEDs have a chance of being safe-ish, yeah
<gchristensen>
yeah but I don't have any of those either hehe
drakonis_ has quit [Ping timeout: 256 seconds]
<MichaelRaskin>
Do you have anything _but_ LEDs?
<ldlework>
sphalerite: it has a nice toml based config, a flexible cli with lots of options, and a Rofi based UI so you can quickly override your settings and set the FPS really low or turn down the compression, etc
<ldlework>
what is the easiest way to get a graphical NixOS VM going built on an arbitrary configuration.nix file? Does anyone happen to know of some nice writeup?
<joepie91>
ldlework: nixos-rebuild build-vm?
<joepie91>
or w/e the subcommand was
<MichaelRaskin>
gchristensen: ibuddy is LED + electrical motor of ~ same power?
<ldlework>
joepie91: i can get graphical vms if i look into that?
<sphalerite>
ldlework: $(nix-build '<nixpkgs/nixos>' -A vm --arg configuration ./configuration.nix)/bin/run-nixos-vm
<gchristensen>
yeah
<MichaelRaskin>
Right, home automation it safe when you automate a few toys and a few LEFs
<__monty__>
Yeah, ldlework don't bother with nix-shell invocations anymore. Lorri with direnv is a much nicer experience.
drakonis_ has joined #nixos-chat
drakonis1 has quit [Ping timeout: 246 seconds]
<joepie91>
ldlework: sure. it'll build a VM image with whatever config you give it, so if that config includes a graphical environment, that is what you get
<joepie91>
what sphalerite suggested is what happens under the hood I think
<ldlework>
__monty__: I remember looking briefly but I didn't have the bandwidth to understand at the time
<srk>
MichaelRaskin: it can be done safely :)
<ldlework>
On X, I can use xdpyinfo to get the screen dimensions
<ldlework>
how do I do this on Wayland
<__monty__>
ottidmes: One application of "home automation" I'd like to see is having radio track you through the house. Mostly so I can make it mute wherever I am : >
<ldlework>
i don't see any good info
<ldlework>
bleh
<ottidmes>
__monty__: I just have the desktop with stereo in the middle of the house, so it reaches everywhere
<ldlework>
ah swaymsg
<colemickens>
ldlework: nixpkgs-wayland can serve as a list of wayland utils for ideas, as well.
<colemickens>
ldlework: there are a number of tools that will talk the wlroots protocol to inspect outputs, and `swaymsg -t get_outputs` as well
<ldlework>
colemickens: i saw that you were on some "meson" stuff in nixpkgs, will it be hard to package this? https://hg.sr.ht/~scoopta/wofi
<ldlework>
i mean i suppose gchristensen wont have the original xdpyinfo, but still
<ldlework>
recap another package in the shell.nix installs the original, ah
<ottidmes>
ldlework: maybe use hiPrio on your fake?
<ldlework>
hmm but it also installs maim and slop, but my fakes for those work
<ldlework>
i'll google that
<ottidmes>
ldlework: hmm, that should only work for buildEnv, such as systemPackages, so I doubt its what you want actually
<ldlework>
ottidmes: i could techinically use overrideAttrs on the recap derivation and ... filter it's propagatedBuildInputs for xdpyinfo, and add my own to it?
<ottidmes>
you could
<ldlework>
ok i'll try that i guess
<ldlework>
gotta remember how to filter nix lists :)
<ottidmes>
but you probably are going at it wrong that way, why not just override?
<ottidmes>
change the xdpyinfo to your fake
<ldlework>
i thought that's what i just said haha
<ldlework>
ottidmes: what do you mean?
<ottidmes>
override is like overrideArgs, overrideAttrs is changing the attributes passed to the mkDerivation
* ldlework
scratches his head.
<ottidmes>
but rather than overrideAttrs and filtering for a package, why not just change the package that is passed to it in the first place
<ldlework>
oh
<ldlework>
so that pkgs.xdpyinfo, from recap's perspective, is my fake?
<ottidmes>
that is what override does, yes
<ldlework>
sick
<ottidmes>
or can do
<__monty__>
ottidmes: Then it should just always mute when home : >
<ottidmes>
__monty__: lol, I thought you made a typo there, but you hate music then?
<ldlework>
ottidmes: that means i can't really use "with import <nixpkgs> {};" right
<ldlework>
and it's not just for the recap package right?
<__monty__>
I don't hate it. Just don't like it much either and constant noise is very uncomfortable.
<ldlework>
basically everything in the nix-shell will see xdpyinfo as my fake?
<ottidmes>
ldlework: exactly, that is almost always the wrong approach in you'd ask me (with import <nixpkgs {}; that is)
<ldlework>
i see
<ldlework>
like "from foo import *" in python :)
<ottidmes>
__monty__: Makes me think you listen to the wrong music (for you that is, music is very personal after all). I love music, generally listen to it whenever I can
<ldlework>
ottidmes: hmm, the example given in the docs is like this
<ottidmes>
although you probably want to rename it or make sure to scope the right side, otherwise you will have infinite recursion, depending on where you define it
<ldlework>
I have it like, recap = (import ../default.nix).override {
<ottidmes>
ldlework: ow no, assuming default.nix is your package definition, you want to use callPackage instead
<ottidmes>
a package definition ought to be a function consisting of an attrset as its argument with packages/config to a derivation
<ldlework>
well it's not formatted like a nixpkgs pkg, it's just a derivation
<ottidmes>
if you want to make override work, you want to make it confirm a nixpkgs pkg, override assumes the attrset function -> derivation form
<ldlework>
i don't know what you just said, and it makes me frustrated with myself
<ldlework>
override will only work with nixpkgs formatted expressions?
<ottidmes>
in the worst case you pass it pkgs and override pkgs: pkgs // { recap = pkgs.recap.override { xdpyinfo = pkgs.my-fake }; }
<ldlework>
I got, error: anonymous function at /home/ldlework/src/recap/release.nix:1:1 called with unexpected argument 'xdpyinfo', at /nix/store/42m121d9r0l0rx984l92mnw5yb1dn8hl-source/lib/customisation.nix:69:12
<ldlework>
the default.nix and release.nix are in the parent directory...
<tilpner>
gchristensen: I've seen stuck characters in weechat with st and urxvt too
<ldlework>
I use weechat and urxvt, never seen stuck characters
<eyJhb>
Sooo grayish colorful gchristensen
<gchristensen>
yeah it used to be black but the semi-transparent window grays it out :)
<ottidmes>
I use xfce4-terminal, never had any problem with it
<ldlework>
I'm so confused. I have a nix-shell. When I execute "rofi" from the shell, it finds the writeScriptBin I made at that name. Everything I try, it finds the right rofi. Somehow... when I do from Python subprocess.Popen(["rofi"]) it finds the real one....
<ldlework>
shit wrong channel again
<aleph->
Heh, is it?
<ldlework>
Not really a support channel :)
<eyJhb>
gchristensen: makes sense
<gchristensen>
ldlework: you might need to run `hash`, but I'd be surprised if you would need to
<eyJhb>
Also... IKEA pick and collect has a three day waiting, wth
<__monty__>
gchristensen: I still like my terminals transparent too! Guess we share a lack of taste : )
<gchristensen>
:)
<gchristensen>
barely, though! and the background has to be very simple, otherwise it is too busy for me
<cole-h>
OK gchristensen I jinxed myself yesterday. Sway didn't just crash -- it froze my entire computer (audio still worked fine tho). I could SSH, but not switch TTY, and I had to REISUB in the end x)
<MichaelRaskin>
Sounds like crashing just the GPU
<gchristensen>
that could be, though sway is good at doing that too
<ldlework>
gchristensen: ?
<colemickens>
doesn't that sound like the intel gpu hang?
<cole-h>
"INFO: task systemd:1 blocked for more than 122 seconds." lol
<gchristensen>
ldlework: hrm?
<cole-h>
drm_fb_release in the first call trace, second call trace has nouveau stuff in it
<ldlework>
oh i didn't understand your other message
<ldlework>
but i get it
<gchristensen>
ah
<cole-h>
colemickens: No Intel GPU here :P
<__monty__>
gchristensen: I usually have a space background. Currently some dark nebula. (I say currently but I think that's been my background for several years now 🤔)
<lovesegfault>
Have any of you experimented with the boot-on-a-usb idea?
<lovesegfault>
like your laptop's ssd is fully encrypted
<lovesegfault>
and it boots into the USB to decrypt it and then move on from there
<lovesegfault>
you can even unplug the usb
<colemickens>
What are you trying to achieve? Or which attack are you trying to prevent?
<eyJhb>
Might have asked this once, but any tool that can produce this - https://i.imgur.com/4g5akpY.png - can't do it using plantuml or graphviz
<qyliss>
you can easily lose a sufficiently small usb drive in an emergency
<lovesegfault>
qyliss: I'd leave it plugged 99% of the time, I just want to remove it when travelling abroad, etc
<lovesegfault>
Or leaving my laptop in a hotel room
<colemickens>
secure boot + fde sounds fine
<lovesegfault>
And yes, I am security LARPing and I love it
<colemickens>
and avoids the border agent having a problem with your laptop being unusable/unbootable/etc
<gchristensen>
:D
<lovesegfault>
colemickens: setting up secure boot with NixOS is a huge headache last I heard?
<colemickens>
I shouldn't say, as I've not run it, but gchristensen's PR seemed very comprehensible to me and didn't seem like a huge burden at runtime
<{^_^}>
#53901 (by grahamc, 1 year ago, open): WIP: Sign systemd boot EFI images for secure booting.
<lovesegfault>
over 1 year old :(
<colemickens>
I mean, at least scroll to the bottom
<colemickens>
1yr doesn't even seem old to me anymore
<lovesegfault>
Oh, nice, danielfullmer popped up
<ottidmes>
eyJhb: have you looked at TikZ?
<lovesegfault>
the guy is doing god's work
<lovesegfault>
systemd-boot auto-rollback
KeiraT has quit [Ping timeout: 240 seconds]
KeiraT- is now known as KeiraT
<eyJhb>
ottidmes: would be nice to avoid the whole LaTeX world, but have considered it
<ottidmes>
eyJhb: let me know what you finally use, cause I am interested in it as well
<eyJhb>
Might just use it, but.. I hate having three different things to make diagrams
<eyJhb>
But Tikz solves all problems with free drawing
<eyJhb>
"free"
<ottidmes>
lovesegfault: I actually had (can't seem to find it...) USB stick in the shape of a key, which I planned to use for your use case, but in the end I went with sedutil instead
<lovesegfault>
ottidmes: What's that?
<MichaelRaskin>
eyJhb: Asymptote might be an even nicer drawing language
<ottidmes>
lovesegfault: its hardware based encryption, which most recent SSDs support
<MichaelRaskin>
Unlike TikZ, you get arrays and first-class functions in a typical scripting language context
<pie_[bnc]>
lovesegfault: were did you see auto rollback? idk what youre talking about but it sounds like something ive been poking people about but noone seemed to care enough toreally do anything >.>
<lovesegfault>
ottidmes: I thought that was called OPAL?
<lovesegfault>
pie_[bnc]: there's a PR in nixpkgs for it by danielfullmer
<eyJhb>
MichaelRaskin: I find it hard to just get going with
<ottidmes>
lovesegfault: sedutil is the software project for interacting with OPAL
<ajs124>
pie_[bnc]: apropos things noone seems to care about: #43607
<ajs124>
I have reason to believe nss/nscd is broken on NixOS, right now.
<MichaelRaskin>
eyJhb: you have looked at The Gallery, right?
<lovesegfault>
ottidmes: is OPAL safe?
<colemickens>
^ same question, don't I have to trust the drive manufacturer somewhat?
<joepie91>
I wouldn't trust hardware encryption as far as I can throw it
<ottidmes>
lovesegfault: yes and no, yes it is safe, but depending on your use case, its less safe than software alternatives, cause the hardware encryptions have had less eyes on them
<joepie91>
not auditable at all, and considering that drive manufacturers repeatedly have shown themselves incapable of even implementing erase correctly...
<lovesegfault>
ajs124: ye
<colemickens>
joepie91: or just lying about basic properties of their disks, heh
<joepie91>
yeah...
<eyJhb>
yeah, that might be the reason. Looking at the tut now
<ottidmes>
colemickens: I use sedutil on all my owned machines, where the purpose is not making it easy to access the stuff when stolen, which it does fine, and where sedutil is not available (i.e. VPS or old drives), I use LUKS
<colemickens>
ottidmes: hm, is there a presumption that sedutil/opal will be faster than LUKS?
<lovesegfault>
pie_[bnc]: someone just did :)
<lovesegfault>
colemickens: LUKS is pretty damn slow tbh
<ottidmes>
colemickens: it should be, from my understanding its enabled anyways always, its just like LUKS with a password that is just always supplied by default, but you can configure it to actually use a password
<lovesegfault>
My understanding is SSD's use encryption to load-balance writes in the cells, and OPAL just lets you provide your own key
<colemickens>
ottidmes: oh interesting, neat
<lovesegfault>
and OPAL is always on for that reason, so by using it you get "free" encryption
<lovesegfault>
But the implementation of encryption in OPAL doesn't have the utmost concern for security, that wasn't their goal, their goal was to homogenize data access among all cells
<lovesegfault>
(IIRC)
<ottidmes>
but as is always asked, rightfully so, what is your threat model? if that it security above all else, then listen to joepie91, but if it is just making it generally unusable except for real security experts, the OPAL should be fine
<lovesegfault>
My security model is to LARP as hard as I possibly can
<ottidmes>
if I get real security experts to look at my drives that closely, I problably have bigger issues in my life :P
<joepie91>
ottidmes: dunno about that. the problem is that when hardware manufacturers fuck up the security of their products, they tend to do so in *incredibly stupid and scalable* ways, shit like "you can calculate the WPA key of any device just from its SSID", and "oh actually it only used the first character from the encryption key"
<joepie91>
and once the word on that is out, every dick and harry can execute such an attack
<joepie91>
I would agree with you if the implementation errors were subtle ones that require domain knowledge to figure out or exploit, but I have no evidence that that is the case for hardware security fuckups :P
<joepie91>
(in fairness, the WPA key one was really useful as a way to get wifi most anywhere in NL)
<__monty__>
lovesegfault: Is the data encrypted so erasing only requires erasing the key rather than wearing out all the cells?
<cole-h>
lovesegfault: Been meaning to ask you this, but where is your nix config (from your GH repo) actually stored on-disk? Is your git repo in /etc/nixos? Somewhere in home?
lukegb has quit [Quit: ~~lukegb out~~]
lukegb has joined #nixos-chat
<lovesegfault>
__monty__: no, it's encrypted so that when you write to a block of cells the wear is distributed among them, since the output is pseudo-random
<lovesegfault>
cole-h: I keep it in ~/src/nix-config
<lovesegfault>
but it doesn't matter where it lives
<cole-h>
I guess I should actually read the default.nix/deployment.nix to see how it actually works
<lovesegfault>
cole-h: deployment.nix is morph-specific; read default.nix and `./switch` to understand how it work
<cole-h>
Got it, thank for the clarification
<lovesegfault>
I don't actually use `switch`, but morph does something very similar under the hood
<cole-h>
So `switch` is just the generic, not-morph-specific alternative to `deployment.nix`?
<lovesegfault>
Pretty much :)
<lovesegfault>
it's what I used before I knew of morph
<pie_[bnc]>
cant even see them inside the function to begin with i suppoes :I
abathur has joined #nixos-chat
<ldlework>
Has anyone read Wolfram's new article? Having had read NKS years ago, including the chapter on theoretical physics, I found the update to those ideas quite interesting to go through. Save your memes about Wolfram himself please..
<{^_^}>
#85331 (by worldofpeace, 1 hour ago, open): treewide: mark broken packages for 20.03
<cole-h>
worldofpeace: You can do it! It's dangerous to go alone, take this: ✨!
<worldofpeace>
!!!!!!
<worldofpeace>
I now have the power. I love it here 💖
<worldofpeace>
ok, I've put on the bubblegum pop. it's happening
<infinisil>
worldofpeace++ worldofpeace++
<{^_^}>
worldofpeace's karma got increased to 110
<cole-h>
worldofpeace++ worldofpeace++
<{^_^}>
worldofpeace's karma got increased to 111
<cole-h>
Guess that doesn't work
<infinisil>
Whaa
<infinisil>
Oh right haha
<infinisil>
Forgetting about my own code
<cole-h>
x)
<cole-h>
And disasm++
<{^_^}>
disasm's karma got increased to 21
<worldofpeace>
the PR should be about 50/50
<worldofpeace>
disasm++
<{^_^}>
disasm's karma got increased to 22
<worldofpeace>
disasm++
<{^_^}>
disasm's karma got increased to 23
<cole-h>
Still running local nixpkgs-review. python3.7-imgaug `installCheckPhase` killing me
<ashkitten>
is glx broken for nix on non-nixos somehow?
<gchristensen>
a very annoying thing about having a project which deploys to servers is needing to deploy to servers to properly exercise it in CI
<ottidmes>
gchristensen: I had that with sedutil, can't really test that without some hardware to experiment on, so basically everytime I do a clean install on hardware I plan to use it on, I try to get some work done on it :P
<gchristensen>
nice
<gchristensen>
yeah
<gchristensen>
very annoying. most public CI things don't really do that sort of thing
drakonis has quit [Quit: WeeChat 2.8]
<gchristensen>
aaand `darcs trackdown` dumped gigabytes of junk in to $TMPDIR
<ottidmes>
situations like that show why using tmpfs for TMPDIR usually doesnt work well