gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
<Irenes[m]> gchristensen++
<{^_^}> gchristensen's karma got increased to 292
<Irenes[m]> much appreciated
<worldofpeace> ✨ gchristensen
<{^_^}> gchristensen's karma got increased to 293
<cole-h> It's feeling a slightly less warm in here... <3 to all.
<cole-h> s/a //
<ashkitten> didn't mean to make assumptions
<ldlework> no problems whatsoever
<gchristensen> my impression is all the above discussion came from a place of not knowing, and not a place of disagreement or distaste, though it might be useful to add something about gender minorities to the topic, as the capitalism and "gm" bits could be a bit confusing :P
<qyliss> that has now been done
<gchristensen> cool :)
<worldofpeace> have been meaning too
<worldofpeace> but us in the channel enjoy a bit of ambiguity. I personally feel a bit protected by it. (it being just -gm)
<gchristensen> I can appreciate that, too
<MichaelRaskin> I will try to remember it to avoid joining, because I also have an habit to join random #nixos-* channels to see what are they about (and apparently here just reading the topic might not be enough in some iterations of topic)…
<gchristensen> me too, MichaelRaskin
<qyliss> MichaelRaskin: we're currently discussing adding some small barrier to entry to prevent such accidental joins
<qyliss> (while still allowing anybody who wants to join, to join with just slightly more friction than a normal channel)
<cole-h> The gatekeep should be following worldofpeace on mastodon :D
<cole-h> (JK)
<MichaelRaskin> Well, my joins are not accidental, I notice a #nixos-* name I have never seen and go see what it is
<worldofpeace> hehe, I've invited people through dm's there
<qyliss> Sure, I didn't mean literally accidental
* cole-h fingermashes keyboard and somehow comes up with /join #nixos-gm
<cole-h> :D
<MichaelRaskin> Well, given my GitHub username, it would not be unbelievable for me just to do some dictionary-attack-style joining
<gchristensen> it'll be good for, however you end up in there, to have a little extra step :)
<MichaelRaskin> Indeed
<cole-h> MichaelRaskin: What do the characters in your GH handle represent?
<MichaelRaskin> They are actually generated by a PRNG
<cole-h> You're telling me your handle isn't supposed to be `|ocl`?
<MichaelRaskin> Just like some of my other GH usernames…
<MichaelRaskin> What is ocl?
<cole-h> Your handle from hex -> ASCII
<cole-h> Oh sorry, I forgot the case
<MichaelRaskin> Hm, never actually tried to
<cole-h> `|oCL`?
<cole-h> s/?//
* cole-h writes a plugin for weechat to display MichaelRaskin's nick as |oCL
<MichaelRaskin> In a sense, that could be more fitting for my _other_ account (where I did some Common Lisp stuff)
<aleph-> And a wild Irenes[m]
<aleph-> Howdy
neeasade has joined #nixos-chat
<Irenes[m]> hi aleph-
<Irenes[m]> I'm everywhere
<drakonis> howdy friends
<Irenes[m]> hihi
<ashkitten> Irenes[m]: everywhere? :o
<drakonis> hmm, is nix something you'd consider a devops thing?
<drakonis> y'all would consider as such?
<Irenes[m]> was that question for me?
<{^_^}> #87639 (by mitchellh, 3 minutes ago, open): vimUtils: customize accepts alternate {g}vimExecutable value
<Irenes[m]> ashkitten: everywhere! at once.
<ashkitten> amazing :O
<cole-h> gchristensen: :O
<drakonis> everone
<drakonis> everyone!
<cole-h> *insert that one Ron Paul gif*
<drakonis> oh man
<aleph-> Irenes[m]: Heheheh
<aleph-> And my apartment dreams have been dashed
<aleph-> $1k, like a mile away, And smaller then the room I rent now. >_>
<Irenes[m]> aw :( sorry to hear
slack1256 has joined #nixos-chat
waleee-cl has quit [Quit: Connection closed for inactivity]
<aleph-> Irenes[m]: Yeah meh, still gonna give it a look in case I'm wrong. But I knew something had to be up if even a studio was only $1k~ around here
<Irenes[m]> yeah I hear that for sure
slack1256 has quit [Remote host closed the connection]
ajs124 has quit [Quit: killed]
das_j has quit [Quit: killed]
ajs124 has joined #nixos-chat
das_j has joined #nixos-chat
lovesegfault_ has joined #nixos-chat
lovesegfault has quit [Ping timeout: 260 seconds]
julm has quit [Remote host closed the connection]
julm has joined #nixos-chat
<emily> does anyone know what kind of scope/access the oauth app token that the new gh(1) cli app creates has?
<emily> at least with hub it was just a normal personal access token and you could twiddle the oauth scopes, but the new one doesn't even show up anywhere in the developer settings and I'm a little concerned it offers confirmationless push to all my repos
<ldlework> little thingie i made https://youtu.be/MjWTHzZACOg
<cole-h> emily: A good question. Apparently the config is stored in ~/.config/gh/config.yml -- does that file have any hints?
<cole-h> 🤔 https://i.imgur.com/G7N6iuJ.png Can anybody else spot what's wrong?
<cole-h> ldlework: Oh hey, did you finally get jack to work? :D
<ldlework> ya
<cole-h> Next, I request 12-tone.
<ldlework> no quantization?
<ldlework> gonna sound awful lol :P
<ldlework> cole-h: https://youtu.be/bofyUriq_Fw
<cole-h> Aw yiss
<cole-h> Back in my highschool days, I went to a trumpet masterclass and the dude played some 12-tone stuff and it was fun to listen to.
<cole-h> ldlework++ Thankee
<{^_^}> ldlework's karma got increased to 12
<emily> cole-h: the hint is just the opaque token, sadly
<cole-h> emily: From skimming the tracker, it sounds like there should be a token *somewhere*...
<cole-h> (on GitHub)
endformationage has quit [Quit: WeeChat 2.6]
<cole-h> emily: Are you sure it's not listed here: https://github.com/settings/tokens ?
<cole-h> The one I got for the `hub` cli shows up there.
<emily> I'm sure, because it's specifically that my hub one shows up there and not my gh one
<cole-h> Maybe they're piggy-backing on the hub one?
<emily> even the hub token has more access than I'd like :(
* cole-h experiments
<emily> it's not :p
<emily> it's a separate oauth thing with its own verification flow
<emily> they even skip prompting you for approval
<emily> which seems like a big hole in their oauth but whatever
<cole-h> Ah found it
<cole-h> "GitHub CLI"
<cole-h> emily: "Permissions: Full control of private repositories" lol
<emily> ah, thanks
<emily> well, that sounds ominous.
<cole-h> I mean, it makes sense if you want to be able to use it to view issues, etc for private repos
<cole-h> I imagine they want you to be able to label/open/close issues (and other stuff), which is where the implied w+ comes from
<cole-h> But yeah, not great that it's not an actual personal access token where you can modify the scopes...
<cole-h> Actually, I wonder if you use your hub token in the config file, if it would work...
<cole-h> Yeah, indeed it does work.
<cole-h> emily: So you can just replace the token they generate with your own personal access token and then revoke their app
<cole-h> Seems to work fine for viewing a PR, at least (all I tested was `gh pr view ####`)
<emily> makes sense, thanks
<cole-h> And in case you didn't know, you can shrink the permissions for the hub token (and thus the gh token)
<emily> 06:06 <cole-h> I mean, it makes sense if you want to be able to use it to view issues, etc for private repos
<emily> right, this is why I specifically wonder whether it can push
<emily> because you can do commits from the github web interface, say
<cole-h> emily: The scope it asks for is `repo`, so yeah that includes pushes I think
<cole-h> "Grants full access to private and public repositories. That includes read/write access to code, commit statuses, repository and organization projects, invitations, collaborators, adding team memberships, deployment statuses, and repository webhooks for public and private repositories and organizations. Also grants ability to manage user projects."
<emily> whew
<emily> that one little line of yaml makes all your fancy two-factor and smartcard SSH key setups irrelevant
<emily> thanks github
<cole-h> )"
<cole-h> (:
drakonis has quit [Quit: WeeChat 2.8]
cole-h has quit [Quit: Goodbye]
<arianvp> That's a security hole in my book
<sphalerite> emily: no, it doesn't use depthcharge because depthcharge is annoying :p it's linux-as-a-bootloader
parsley936 has joined #nixos-chat
<arianvp> Gchristensen ^
cjpbirkbeck has quit [Quit: cjpbirkbeck]
<colemickens> windows: of course you can only resize the VM when the VM is shutdown. why would you want to minimize downtime? god forbid you need the VM To reboot unattended. I swear idk how some of this stuff ever passes code review. Even virt-manager handles this better!
<ar> arianvp: oh, someone made a bunch of script wrappers around all the utilities?
<colemickens> I know one git forge doesn't support authenticated git over http, for security-minded reasons.
<eyJhb> Well this hits a all time new low, having to extract powerpoint audio files, because it won't play in libreoffice impress...j
<eyJhb> Presentation? Dunno. MS stuff won't work with libreoffice is the point I guess
<eyJhb> Jesus, opened all the files with Ranger, and now I have a hidden progarm playing the audio files
<eyJhb> Oh the joys
obadz has quit [Ping timeout: 246 seconds]
obadz has joined #nixos-chat
obadz has quit [Ping timeout: 272 seconds]
obadz has joined #nixos-chat
obadz has quit [Ping timeout: 256 seconds]
obadz has joined #nixos-chat
Jackneill has quit [Ping timeout: 256 seconds]
Jackneill has joined #nixos-chat
Jackneill has quit [Ping timeout: 264 seconds]
Jackneill has joined #nixos-chat
<gchristensen> oh cool, arianvp
ravndal has quit [Ping timeout: 246 seconds]
<LnL> anybody here familiar with low level disk stuff, like how to check if your partition is misaligned?
<viric> lsblk arguments may show the detail
<pie_> is there something like -Inixpkgs=channel:nixos-channel but for checking out a specific channel revision
<infinisil> pie_: g*hristensen provides channel history here: https://channels.nix.gsc.io/
__monty__ has joined #nixos-chat
<infinisil> No other way to get it afaik
<pie_> ok meanwhile
<pie_> is there a way to get a python repl with not broken input from this? nix-shell -I nixpkgs=channel:nixos-unstable -p "python37Full.withPackages (p: [ p.pudb ])"
<infinisil> stable?
<pie_> infinisil: i mean, can i use that with -I?
<pie_> re: channels
<pie_> infinisil: oh huh so thats broken on unstable
<infinisil> No I just assumed it was because you asked that
<infinisil> Now I get that you're asking how to make the command work
<infinisil> pie_: nix-shell '<nixpkgs>' -I nixpkgs=channel:nixos-unstable -p "python37Full.withPackages (p: [ p.pudb ])"
<pie_> wait wat
<pie_> no the command works
<pie_> kind of all over the place right now
<pie_> i meant can i use this with -I somehow or is it just the history files showing the corresponding commits <infinisil> pie_: g*hristensen provides channel history here: https://channels.nix.gsc.io/
<infinisil> Oh it does
<infinisil> Nope
<infinisil> Oh right it does hah, I just got up, I blame it on that :)
<infinisil> pie_: You can only use a specific nixpkgs commit with -I nixpkgs=https://github.com/nixos/nixpkgs/tarball/<revision>
<pie_> ah right cool
<pie_> so this is what im actually doing;
<pie_> nix-shell -I nixpkgs=channel:nixos-unstable -p "python37Full.withPackages (p: [ p.pudb ])" lldb --run 'PYTHONPATH="$PYTHONPATH":$(nix-build --no-link "<nixpkgs>" -A lldb)/lib/python3.7/site-packages python'
<pie_> im weirded out because adding -I to the pythonpath command breaks the input
<pie_> but it works like this???
<pie_> ok its because the pythonpat i was setting was broken
<pie_> so if its set correctly the shell is broken again...
<pie_> ah well whatever
<pie_> my actual problem: lldb.py isnt saying why it doesnt like a binary -_-
<infinisil> pie_: How about using a Nix file
<infinisil> Then you don't need to mess with the CLI interface
<pie_> i do that most of the time
<pie_> but something sometihng one line repros
<infinisil> pie_: Put the nix file into a repo, then `nix-shell <path to repo tarball>`. One line repro without a mess :)
Jackneill has quit [Ping timeout: 260 seconds]
Jackneill has joined #nixos-chat
<Woutifier> Trying to get a NodeJS thing working with node2nix
<Woutifier> dependency list is about as long as the whole nixpkgs repository
waleee-cl has joined #nixos-chat
<infinisil> On my steam receipt for a game I just bought: "7.69999980926513672% VAT"
<infinisil> These damn floats again!
<infinisil> The game is DemonCrawl btw, it's a rogue-like minesweeper, can recommend!
qyliss has quit [Quit: bye]
qyliss has joined #nixos-chat
ninjin has joined #nixos-chat
cole-h has joined #nixos-chat
<cole-h> colemickens: Is passrs#6 still a problem for you?
evanjs has quit [Ping timeout: 272 seconds]
<emily> so it turns out that nixos-unstable is broken because there's a package that patches the meson build system to dynamically output NixOS configuration as a .nix file in the root of the package
<emily> and then the NixOS module for it IFDs it
* qyliss walks backward through hedge
<adisbladis> emily: Where? :O
<cole-h> s/is/was/
<cole-h> But seriously wtf
<cole-h> (err, ignore that sed)
<emily> adisbladis: pkgs/desktops/enlightenment/enlightenment.nix pkgs/desktops/enlightenment/enlightenment.suid-exes.patch nixos/modules/services/x11/desktop-managers/enlightenment.nix
<emily> I'm sitting here trying to fix it but I just... needed to share this information with the world
<qyliss> could we just revert it?
<emily> the comment in pkgs/desktops/enlightenment/enlightenment.nix confuses and worries me because I don't understand what the symlinking thing it's talking about... are there symlinks to wrappers in /run being placed into the Nix store?
<qyliss> something like that shouldn't hold up the channels
<emily> there's another test that requires a Debian image at evaluation time https://github.com/NixOS/nixpkgs/issues/87592#issuecomment-627391267
<cole-h> emily: Oh no
<emily> answer: yes, there are symlinks to /run being placed into the Nix store -+ ln -sv /run/wrappers/bin/"$b" "$f"
<adisbladis> Wow, just wow
<emily> I don't see any good solution here but to revert and patch the paths in the source/binary instaed
<cole-h> That patch has been in-tree for 2 years though :o
<emily> and I don't know Enlightenment enough to figure out what the patching dance to point to /run would be
<cole-h> At least 2 years, that is
<qyliss> How come it never broke things before then?
<cole-h> That's my question
<emily> because the test was only recently added
<gchristensen> it was probabl ynot breaking it, but just causing a lot of trouble for hyda
<emily> yeah eelco just shut off IFD for hydra
<cole-h> Good...
<adisbladis> emily: That's truly "amazing"
<cole-h> Actually mindblowing
<emily> anyway someone should reopen the https://github.com/NixOS/nixpkgs/issues/87592 at least
<{^_^}> #87592 (by peti, 1 day ago, closed): Unstable channel hasn't updated for 2 weeks
<cole-h> Well, or maybe a new issue since the title isn't accurate..
<emily> is it not? afaik unstable has still not moved
<cole-h> s.no.o shows green for nixos-unstable
<cole-h> Sure it has a build problem now, but last update was 4h ago
<adisbladis> Nice, unstable progressed :)
drakonis has joined #nixos-chat
<adisbladis> cole-h: Enlightenment is not a channel blocker
<cole-h> Ah, roger.
<adisbladis> emily: ^
<emily> oh, hm
<emily> yeah, I guess upstream/nixos-unstable is from May 10 now
<cole-h> I mean, it should still be fixed for sure. It's just not a blocker. I vote new issue.
<gchristensen> +1
<cole-h> emily: And since you're already looking into it, I vote you submit it... :P
<emily> yeah, I'll open an issue
<cole-h> emily++
<{^_^}> emily's karma got increased to 23
<pie_> time since channel stuck: 0 days
<pie_> :P
<adisbladis> Tbf though, it was a long time ago since the channel was stuck for this long
<adisbladis> I think ofborg is to thank
<cole-h> <3 gchristensen Thanks for all that you do, especially related to ofborg.
<{^_^}> gchristensen's karma got increased to 294
<{^_^}> #87678 (by emilazy, 2 minutes ago, open): enlightenment: module uses import-from-derivation
<{^_^}> #87679 (by emilazy, 14 seconds ago, open): os-prober: test uses import-from-derivation
<adisbladis> emily: Good that you made me look at hydra again :) Fixed another small channel blocker in the kde tests
<cole-h> There's been a lot of 404'ing patches recently...
<emily> adisbladis: yay!
<adisbladis> Go team!
<emily> I wish there was a bit more automated triage for channel breakage :(
<emily> like a bot that opens an issue and pings relevant maintainers
<cole-h> btw adisbladis, if you have a moment... #87581
<{^_^}> https://github.com/NixOS/nixpkgs/pull/87581 (by cole-h, 1 day ago, open): nixos/doas: default rule should be first
<adisbladis> Oh yeah
<adisbladis> I reviewed it but didn't merge
<adisbladis> Doh!
<cole-h> <3 adisbladis
<{^_^}> adisbladis's karma got increased to 72
endformationage has joined #nixos-chat
<c4rc4s> I'm curious if anyone here is running VMs under libvirt and has managed to get decently responsive graphics out of the guests? Not trying to game or anything within VMs, but I haven't got plasma usably responsive yet. Using the nvidia driver, libvirt can't find opengl. Without using nvidia driver I can enable opengl on guests but ... it doesn't
<c4rc4s> seem like I'm getting anything out of that. QXL performance was awful, virtio a little bit better but had other problems.
drakonis has quit [Ping timeout: 244 seconds]
* infinisil is just digging some rabbit holes
<gchristensen> bummer, looks like it is tricky to construct python code from an AST
<__monty__> gchristensen: Is it not as simple as calling the compile() built-in on an ast.AST object?
evanjs has joined #nixos-chat
<gchristensen> oh!
drakonis has joined #nixos-chat
<gchristensen> __monty__: I'm not seeing a way to do it with compile()
<__monty__> Hmm, the documentation claims this: "Compile the source into a code or AST object. Code objects can be executed by exec() or eval(). source can either be a normal string, a byte string, or an AST object."
<gchristensen> I want a string of valid Python out the other end, I suppose `code` is a bit misleading
<LnL> I'm not sure there's a builtin way to go in that direction
<__monty__> Oh, you want to pretty-print an AST?
<gchristensen> yeah, exactly __monty__
<LnL> actually...
<__monty__> Hmm, not really finding anything. `astpretty` just barfs out the AST as valid python constructor calls it seems, similar to ast.dump.
<__monty__> Kinda weird that this isn't easy.
<viric> Today I discovered that ssh doesn't help much if a known remote machine changed ip address
<viric> it prompts as if the machine was a complete unknown
<viric> And it even outputs a hash of the key instead of the public key, to grep known_hosts.
<__monty__> Doesn't known_hosts usually store hashes for privacy?
<viric> not by default
<__monty__> gchristensen: Did you write a custom visitor?
<gchristensen> no I used print
<__monty__> >.<
<gchristensen> :)
<__monty__> TIL
<gchristensen> hm?
<gchristensen> oh you misunderstand
<__monty__> Ah, ok.
<LnL> gchristensen: was thinking about 2to3 but looks like that's purely token level https://github.com/python/cpython/blob/f453221c8b80e0570066a9375337f208d50e6406/Lib/lib2to3/refactor.py
<gchristensen> actually tbh it isn't worth making this very good, because it isn't good enoug hto go 100%
<__monty__> Does no one else have github notifications stuck in unread limbo?
<LnL> which makes sense since it needs to parse a python version it doesn't understand anymore...
<gchristensen> LnL: heh yeah that is a good point
julm has quit [Remote host closed the connection]
julm has joined #nixos-chat
<LnL> weird, seems something like astor would be the way to go if you really need it
<eyJhb> gchristensen: did you ever revisit having a kinda tmpfs $HOME?
<aanderse> eyJhb: that sounds great. my $HOME is such a disaster a tmpfs would force me to stop being such a slob (I'd hope)
<eyJhb> aanderse: same here, but I still struggle finding a good way to handle all files+projects...
<emily> I was extremely frustrated to find out there's no way you can track directories named .git in git
<emily> I was hoping to track my ~/src/<repo>/.git/config files so I can have most of my repository checkouts tracked across machines
<emily> I guess I could probably get home-manager to do something like that though
<__monty__> emily: Hmm, wouldn't subtrees do this?
<emily> submodules would be closer, I wouldn't want to actually merge all the repos together
<gchristensen> emily: no, I'd be too scared to lose important stuff
<emily> eyJhb :)
<gchristensen> comparisonOperator: Union[Literal["GreaterThanOrEqualToThreshold"], Literal["GreaterThanThreshold"], Literal["LessThanThreshold"], Literal["LessThanOrEqualToThreshold"]]
<gchristensen> oh yeah that is the good stuff
<gchristensen> alarmActions: List[str,Union[str, CANNOT-DETERMINE-TYPE:resource of type ‘sns-topic’]] not quite the good stuff
<colemickens> <cole-h "colemickens: Is passrs#6 still a"> It feels weird to me to have gpg-agent running during a nix build, but otherwise, no I'm not blocked, happily using passrs now. Thanks
<viric> does anybody program arduinos from nixos?
lovesegfault_ has quit [Quit: WeeChat 2.8]
lovesegfault has joined #nixos-chat
<eyJhb> gchristensen: I really like the idea, but I have that same feeling. But I would add a $HOME/important. But I am sure I would abuse it
<gchristensen> I think the only way I'd feel okay doing it is by making $HOME read-only
<eyJhb> And then using something else that is persistent?
<gchristensen> yeah
<eyJhb> I like it. I should take some time to actually do this
<eyJhb> From my current calendar I won't have time the next year or so
<gchristensen> :P
<gchristensen> you know as well as I do that this kind of fun happens when you're stealing minutes
<eyJhb> Yeah, but I have so many exams, and some over the summer as well :(
<eyJhb> Considering doing it in the weekend, if the lady is busy doing her uni project :p
<eyJhb> Would feel much safer doing it on a spare SSD for now. Something WILL go wrong as usual
<MichaelRaskin> With proper backups, every single device is a spare devie
<__monty__> A if anyone has proper backup discipline : p
<MichaelRaskin> You definitely should cleanup the backlog before experimenting, yes
<MichaelRaskin> (but _some_ of the backups should better be automated!)
qyliss has quit [Quit: bye]
qyliss has joined #nixos-chat
<eyJhb> Anyone see something wrong with writing this commit message? git cm "auth: json tags now `id` and `perm`"
<eyJhb> To spoil it `auth: json tags now uid=1000(eyjhb) gid=100(users) groups=100(users),1(wheel),26(video),27(dialout),57(networkmanager),72(vboxusers),131(docker) and`
<LnL> perm: command not found?
<eyJhb> Pretty much :p
<eyJhb> Forget about it actually executing commands...
<joepie91> eyJhb: shells are great aren't they :P
<cole-h> Just gotta single-quote it :D
<joepie91> sure, single quote works to escape stuff, except when it doesn't
<joepie91> :)
<eyJhb> cole-h: but I love my ` quote :p
<eyJhb> Unreleated note, my.. whatever she is, has taught the cat to come back with the mouse after you have thrown it. So now she just sprints after it, and returns with it in ther mouth
<eyJhb> joepie91: they are lovely :p
<viric> eyJhb: is it common in your language to quote with backtick?` ?
<joepie91> eyJhb: relationship of nondescript status? :P
<ldlework> eyJhb: you got a fetch playing cat too?
<joepie91> viric: it's somewhat a (Markdown-inspired) convention to wrap identifiers in text with ``
<viric> ahhh
<eyJhb> Not at all viric , it is a annoying character to make. I just love for quoting, as I write a lot of markdown and it has meaning there. And in Go as well :p
<eyJhb> joepie91: Basically not sure what it is as of now :p
<eyJhb> ldlework: I do!
<eyJhb> You as well?
<ldlework> yeah two of em
<ldlework> one a bit more proficient than the other :P
<joepie91> eyJhb: eh, my relationships tend to be permanently so :P
cjpbirkbeck has joined #nixos-chat
<eyJhb> ldlework: do they actually give it back to you when done?
<eyJhb> joepie91: Hope she get her mind together soon. :p Known her for waay too long
<ldlework> eyJhb: One will randomly present you with a toy, you throw it, she chases it, then forgets and starts playing soccer with it. The other will go get it and bring it back pretty reliably.
<ldlework> That second cat is too smart. We say, if they start learning how to open doors, we should probably call the government.
<ldlework> We have one of those tall garbage cans with a top, that you have to engage a foot pedal to open. Yeah she totally figured that out. So now we have The Best of 2600 ontop of the garbage can at all times. :P
KeiraT has quit [Ping timeout: 240 seconds]
<eyJhb> ldlework: we have the cage of shame when she does stupid things like that. But seems like the one who plays soccer with it is the easier one :p
<eyJhb> THis one has just started to clean the floor of the kitchen...
<ldlework> eyJhb: wanna see some pictures
<gchristensen> it should be a crime to write python without a linter
<eyJhb> ldlework: always kitty photos!
<eyJhb> gchristensen: HEY! Don't hate me
<eyJhb> Have a good one?
<gchristensen> mypy, flake8, pylint
<gchristensen> half the mypy bugs I'm fixing now are "you forgot to import something ..."
<joepie91> ldlework: my cat can open doors...
<ldlework> joepie91: hehe
<joepie91> ldlework: thankfully my cat is also easily discouraged
<joepie91> which is also how I could keep her off the balcony railing with a bunch of netting
<joepie91> when I installed it, she just sat there looking at it, giving me an accusing stare, and then looking for another spot
kraem has quit [Ping timeout: 272 seconds]
<eyJhb> ldlework: cuuute, food stealer :p
<eyJhb> And christmas tree jumper!
<ldlework> literal can haz sandwich
<cole-h> colemickens: You bring up a good point, so I've added a GNUPGHOME to the tree. No more gpg callouts in tests!
<eyJhb> ldlework: last photo is a kitten photo, right?
<ldlework> yeah
KeiraT has joined #nixos-chat
<ldlework> eyJhb: Penny and Pino
<eyJhb> Male + female?
<ldlework> both female
<ldlework> does anyone know how to check what actual tcp/udp ports are configured to be allowed in the firewall?
<ldlework> is it something you need a restart for to change?
<eyJhb> ldlework: iptables + nixos is somewhat funny if your up and down do not match
<ldlework> I have the port in networking.firewall.allowedTCPPorts but it doesn't seem to allow the port through.
<eyJhb> What does netstat -tln show?
<ldlework> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
<eyJhb> Hmm. weird. And if you nc to that port from another host. does it say anything?
<eyJhb> Generally the allowedPorts work on switch
__monty__ has quit [Quit: leaving]
<colemickens> cole-h: afaik as soon as a private key is loaded, a gpg-agent has to be running, and due to nix sandboxing, I'm not sure if setting GNUPGHOME won much other than it puts my mind at ease about my gpg store not being touched. Anyway, I don't think gpg-agent can be avoided, if you want actual testing like you're doing. What you have now certainly works for me! Thank you!
maxdevjs has quit [Remote host closed the connection]
<cole-h> colemickens: Indeed, I forgot about that. What I could do is tag the tests that touch the gpgme stuff as `#[ignore]`, which means those tests won't be run automatically (unless you run `cargo test -- --ignored`).
maxdevjs has joined #nixos-chat
<cole-h> colemickens: Do you think that would be a good compromise? I'd run the tests with `-- --ignored` locally, so there'd be no issue.
kraem has joined #nixos-chat
<colemickens> honestly you should soft announce this
<cole-h> Definitely not this week lol. I have so much to do for finals :D
<colemickens> I already didn't like the gopass code base and their latest release has a massive, massive regression
<colemickens> very happy that I had passrs sitting around.
<cole-h> The removal of PASSWORD_STORE_DIR, right?
<colemickens> no they flat out broke `gopass show`.
* cole-h was just trying to test something with PASSWORD_STORE_DIR and found out it was removed...
<cole-h> Really? lol
<{^_^}> gopasspw/gopass#1353 (by muesli, 1 day ago, closed): gopass show doesn't display password, even with -C
<colemickens> idk, or its "intentional" and I'm using it wrong, honestly I can't be bothered to find out.
<colemickens> this is exactly the kind of crap I hoped to not have to deal with with a tool lik epass
<cole-h> Wow
<danderson> stuff like this is why I use 1password
<danderson> it's not open, not free, but a company will die if they get it wrong
<danderson> so they try to get it right :)
<cole-h> colemickens: OK, gpg-agent-spawning tests are now ignored by default.
<cole-h> danderson: I'm open AND free AND will probably die if I get it wrong... come to the dark side :D
<colemickens> When my dad types "python3" the MIcrosoft Store opens, despite him having installed Python correctly. So that's where I'm at with computers right now. Drafted a whiny frustrated email, hopefully I don't hit send. Apparently you have to go in and remove their special "feature" dir from PATH before python works right, if you don't use the UWP version. Oh and don't forget the UWP version can't touch path, so it's useless from
<colemickens> cmd/PS.
<cole-h> I think I remember reading about that... Microsoft wtf
<colemickens> Honestly, the number of horrid decisions and UX flaws from that one feature is just stunning. And after the controversy of shoving a not-actually-wget into PowerShell. I am just pretty upset.
<danderson> cole-h: I missed the start of the discussion, what are you building?
<cole-h> I was kidding, though :P
<danderson> the security disclaimer is enough, I'm good thanks :D
<cole-h> Hahaha
<cole-h> At least it did its job
<joepie91> cole-h: I have a complaint
<joepie91> cole-h: the big, red, flashy warning is neither big, nor red, nor flashy :P
<cole-h> Well, I did say I should *probably* add one, not that I would >:)
<joepie91> hence the complaint :D!
<cole-h> lol
KeiraT has quit [Ping timeout: 240 seconds]
<samueldr> after how long should I give up on a machine that locked itself up due to memory pressure caused by a[n unnamed] bad web browser? there are things that were happening on that machine that I really would like not to interrupt, but it looks dire
<samueldr> 20 minutes since the last time the clock updated in my bar
KeiraT has joined #nixos-chat
<immae> samueldr: did you try the oom killer or are you afraid to kill the things you want to keep?
<samueldr> things are locked up, I'm not sure I have sysrq magic keys enabled
<samueldr> tried to ssh to kill things manually, but ssh is, too, locked :(
<samueldr> in fact, I thought for sure that the OOM killer would have killed things already
<eyJhb> I would have killed it after 2 mintes
<eyJhb> 5 tops
<samueldr> as it generally is not shy in killing that browser
<immae> well, maybe you have a big swap and it didn’t reach the top of it yet?
<samueldr> htop (which was already open) tells me 8/8GiB for the swap
<immae> (it’s magic f to force oom kill anyway, if you want to try it)
<immae> ok
<samueldr> tried it, I guess it's not enabled by default
<samueldr> (or that it didn't recover)
<immae> ok
<samueldr> oh, a reason, eyJhb, that I haven't reset yet is that I just used another computer to continue doing stuff
<cole-h> Can you SSH in from another device? If so, start killing things :D
<immae> do you have access to a root shell somewhere maybe? (is your htop running as root?)
<samueldr> cole-h: yes, as stated :)
<samueldr> immae: the machine is locked up
<cole-h> Sorry ^^; Got a big floating window over half of IRC right now :P
<samueldr> as in nothing updates on the display, and doesn't react to stimulus
<samueldr> cole-h: no worries
<immae> ah ok htop is frozen too, I misunderstood yes
<samueldr> yes, everything :/
<cole-h> samueldr: Get a drink and wait for your other computer to finish "doing stuff" so you can kill it :^)
<immae> (I thought you said it was still updating, I didn’t think that what you saw was its last display)
<samueldr> I'm thinking it's probably in some pathological loop where it's shoving things in-n-out of the swapfile, instead of killing things, but no way to prove that
<immae> does it have some hicups sometimes? It might take long, but you could note of a few process to kill from your htop and type the killing command char by char
<samueldr> absolutely frozen stiff
<immae> Ah :(
<samueldr> yeah, that's why I was asking about giving up
<gchristensen> reisub?
<samueldr> gchristensen: tried it, but I assume it's not enabled by default
<gchristensen> hows your caps lock light?
<samueldr> but that doesn't solve my issue of not killing what was going on
<samueldr> (I just reset it manually)
<samueldr> I don't have a hard-lined keyboard to it, and I don't know if the capslock thingies would affect the logitech keyboard
<samueldr> as I believe it uses another driver once modprobed, not positive though
<JJJollyjim> the oom killer not triggering for ages or never triggering is a super common thing
<samueldr> yeah, though it usually triggers on that machine in similar circumstances (you know... just browsing)
<samueldr> anyway, magic sysrq did nothing f, reisub, both did nothing
<cole-h> The best thing about having a systemd unit for sway: you can ssh in and `systemctl stop --user sway` and eventually you'll get control of your computer back
<cole-h> (when it freezes)
<samueldr> except if, like for me, the machine is actually locked up and ssh doesn't work too :)
<cole-h> o7
<gchristensen> I'd look at the journal for the last boot straight away
<immae> samueldr: just in case, I had similar issues some time ago, and I concluded that I didn’t have sysrq enabled either. It turned out it was actually enabled, but that my laptop (logitech) has a strange ocnvention for the sysrq key, could it be that you have that kind of strange thing?
<samueldr> logitech laptop? or describing your logical leap?
<immae> I had to look at the documentation afterwards to find out that I wasn’t typing the "magic keys" as I thought
<immae> thinkpad sorry
<samueldr> probably yeah, I don't have a sysrq labeled key, but from what I found out it should have likely worked using print screen
<immae> Don’t know why I said logitech
<samueldr> :)
<samueldr> that's a possibility for me
<samueldr> gchristensen: what for? anyway last event coincides with the time that was last updated on the display
<immae> I have a dedicated print key, but the real sysrq was something like fn+alt+s, hold alt and leave other keys, then type your magic keys
<gchristensen> Just In Case there was any sorto f hardware even
<samueldr> ah, nah, it was pretty clear cut a thread (of memory) just decided to loop itself on an axle of the machinery and gum up the works
<samueldr> I felt it, and I just about failed to rescue it
<samueldr> that dang bestbuy website
<gchristensen> ah
<gchristensen> lol
<samueldr> anyone knows if there is work to tag process trees in a way where they will not necessarily be OOM'd, but they maybe are not allowed to take the whole 16+8GiB of memory?
<samueldr> flinging words and pictures to the display shouldn't require all of the memory available, and yet here we are
<samueldr> neat, something upgraded and now browser windows restore in their respective tags in my WM
<pie_> samueldr: i would like my firefox window sto show up in the right place in kde, idk what youre doing
<pie_> samueldr: also one of the cgroups settings is "swap after this amount of memory usage" which is what im doing with firefox
<pie_> its better than it lagging my entire mahcine constantly even if things get slower :
<pie_> :/
<samueldr> pie_: which setting, so I can use the right search term?
<pie_> uhhhh
<gchristensen> systemd-run --user --scope --property MemoryMax=1G ... maybe?
<samueldr> or even better, if you have a way you're doing it
<pie_> samueldr: this is what i have:
<pie_> systemd-run --user --scope -p MemoryHigh=8192M firefox "$@"
<pie_> damn inb4-d by graham :p
<pie_> hm thats a different attr
<samueldr> yeah
<samueldr> reading about those
<samueldr> max invokes the OOM killer
<pie_> memorymax might be an alias, or it might be the one thatkills you
<pie_> ok
<samueldr> now reading what high does
<pie_> you need to use cgroupsv2 for this to work though
<samueldr> is it different than what's default on nixos?
<pie_> it wont work in hybrid mode for whatever reason, which nixos is set to by default
<gchristensen> systemd-run --user --scope --property MemoryHigh=1M google-chrome-stable is decidedly not staying under 1M
<samueldr> >> Specify the throttling limit on memory usage of the executed processes in this unit. Memory usage may go above the limit if unavoidable, but the processes are heavily slowed down and memory is taken away aggressively in such cases. This is the main mechanism to control memory usage of a unit.
<pie_> gchristensen: idk but it seems to have been working for me recently
<samueldr> I guess it must have been unavoidable
<pie_> if you use docker or whatever apparently you need v1 enabled
<pie_> gchristensen: if you have hybrid mode enabled the property just gets ignored
<gchristensen> hm
<pie_> gchristensen: it left me scratching my head for way too long
<samueldr> and how do we set cgroups to v2? :)
<gchristensen> I'm in hybrid mode Ithink
<pie_> i should have some stuff scattered across the discourse and github from when this was destroying my sanity
<samueldr> pie_: it's you
<samueldr> you're in that thread
<pie_> hello yes
<pie_> itsa me
<pie_> i even tried looking throug the systemd source code but its all a bunch of dbus and i couldnt even find the right part
<gchristensen> this is great!
<pie_> or the code for systemd-run that invokes whatever it is that was failing
<samueldr> since I just destroyed my "working space" on that machine I'm chaing that option right now and rebooting
<pie_> i can still remember the WTF IS GOING ON feeling
<pie_> then again thats how i feel most of the time
<pie_> idk who slack 1256 is but they deserve a box of cookies or something
<pie_> anyway congratulations on your free ram :P
<samueldr> I don't even want free ram
<samueldr> free ram is wasted ram
<samueldr> I want software that behave under those conditions
<pie_> :))))))))))))))
<cole-h> Pfft, you want behaving software?
<julm> gchristensen: doc of MemoryHigh says: Memory usage may go above the limit if unavoidable, but the processes are heavily slowed down and memory is taken away aggressively in such cases. This is the main mechanism to control memory usage of a unit.
<cole-h> Weak.
<pie_> noone codes for memory pressure
<samueldr> if there was a "freeze process tree when it uses $maths memory" I would take it
<samueldr> or "act as if there was no more ram, but do not reap using the OOM killer", assuming there is a difference
<samueldr> I *know* most browsers will not allocate or collect when given the chance
<pie_> well you could have a daemon do that but it sounds like it wouldnt work very well
<samueldr> yeah no, it has to be able to run when things go awry
<samueldr> so it likely has to be in the memory management loop
<samueldr> like cgroups is
<julm> gchristensen: oh, sorry, samueldr already said it
<pie_> i wish i could serialize tabs to disk
<pie_> no dont tell me to use bookmarks xD
<samueldr> that's another thing I would like to be able to do
<samueldr> allow a process to have "infinite swap space"
<pie_> i would also like to be able to serialize processes to disk
<pie_> but ykow
<samueldr> that, too
<samueldr> but apparently we're still living in a world with strict differentiation between working ram and storage
<samueldr> like it's the 70s or some dumb thing like that
<pie_> well, latency makes that reasonable
<pie_> but
<julm> pie_: you can save pages. I do it a lot
<pie_> julm: i wouldnt mind some good tooling for that anyway
<pie_> the problem with serialization is all the stuff at the boundaries like file descriptors or whatever and i imagine youd have to do a lot of base layer recoding to get stuff to behave sanely
<pie_> ive been meaning to look at criu but it sounds kind of limited
<pie_> the rocket launcher approach is to hibernate VMs to disk i guess
<pie_> but i aint got RAM fo that
<eyJhb> Is there a manpage for [
<julm> test ?
<cole-h> ^
<cole-h> It's basically test, -3 characters :P
<samueldr> cole-h: help
parsley936 has quit [Remote host closed the connection]
<samueldr> it's part of the shell, so it's in `help`
<cole-h> eyJhb: "This is a synonym for the "test" builtin, but the last argument must be a literal `]', to match the opening `['."
<samueldr> help '[' # in your case :)
<cole-h> (Or it would be if I was using bash)
<julm> there is also a /run/current-system/sw/bin/[
<samueldr> yeah, things get a bit fuzzy with shell built-ins