<samueldr>
sometimes I forget I'm old, and that in the olden times some kids used IRC
<energizer>
i'm grateful that my first irc messages aren't in public logs
<gchristensen>
"Firmware updates to address security advisory . Firmware updates to address Intel security advisories and ." ... HRM
<infinisil>
samueldr: Wait aren't you like 25-30?
<samueldr>
like 30
<infinisil>
"old"
<samueldr>
heh
<energizer>
btw is there an unlogged nix channel? i find that people often are more willing to have frank discussions in those
<gchristensen>
energizer: no official nixos channel is intentionally unlogged
<gchristensen>
bad things grow in dark places
<samueldr>
I have been using IRC non-stop since before I had my first "own" computer in 2003
<energizer>
is there an unofficial nixos channel?
<gchristensen>
energizer: none that I know of :)
<gchristensen>
samueldr: same
<samueldr>
if there are that are unlogged, it's because they didn't ask for it, or that I forgor to do it
<samueldr>
forgot*
<cransom>
i uhh. i've irc'd since 1996. when we graduated from AOL to GNN (which, was still owned by AOL, but it was a more basic isp/internet experience). I have some logs from way back, but not that far back.
<energizer>
gchristensen: sure. on the other hand, check out freenodes guidelines on public logs https://freenode.net/changuide
<energizer>
(last paragraph)
<samueldr>
and I was half-jokingly saying "old", though I'm an older soul computers-wise considering my first actual job programming was in 2005, with a couple years of self-taught experience playing around with stuff
<energizer>
hard to discuss delicate issues in public channels because people reading the logs don't have context. same problem twitter has
<samueldr>
while I know other people, as old as I am, that started way later
<infinisil>
energizer: Guess you can always just create a temporary channel, inviting those people you wish to discuss with
<energizer>
infinisil: unforunately channel switching in the middle of a conversation is pretty disruptive in practice
<samueldr>
there is something to consider, too, is that many people will have their private logs
<samueldr>
this means that they can cherry-pick context if there is no public log
<samueldr>
and still cause harm
<energizer>
yes but they don't
<infinisil>
I guess you have to trust the participants
<energizer>
#python is the largest channel on freenode and has no public logs
<samueldr>
it's their perogative
<cransom>
imo. once you type something out into the internet, you've lost control of it.
<infinisil>
+1
<energizer>
cransom: i dont buy into absolutist thinking like that
<samueldr>
nixos has, from before my time, decided that the "unwritten quasi-oral tradition" that is log-less channel is detrimental to the collective knowledge
<samueldr>
I have received private e-mails, multiple times, from people that are not even on IRC, giving thanks for the fact the channels are logged
<samueldr>
since they found solutions to their issues
<energizer>
not sure how that applies to chat channels etc
<infinisil>
In contrast, I know of a channel that's very much technical in nature, where the owner/main contributor explicitly said that they wouldn't participate anymore if it was publicly logged
<cransom>
energizer: whether or not you buy into it, the information is still out an stored acrossed many distributed nodes beyond your control.
hexa- has joined #nixos-chat
<energizer>
cransom: sure. but people who hang out in a channel all day (and therefore have the logs) constitute a *community* of people who know and like each other, and have the context to understand what people were talking about around that time
<cransom>
if the log is public and the conversation is entirely in that channel, where do you lose context? if someone cuts up a log to say something else, you can validate that.
<energizer>
i dont know how it happens but, see twitter for proof
<energizer>
moreover, it can be embarrassing to ask newbie questions if it's gonna be logged
<cransom>
that sounds like a particularly toxic environment if newbies are shunned for asking questions.
<energizer>
newbies don't know whether it is or not -- they're new!
<lovesegfault>
cole-h: What's the distinction between system, local, and user on your zfs pool?
slack1256 has joined #nixos-chat
abathur has quit [Ping timeout: 240 seconds]
ajs124 has quit [Quit: killed]
das_j has quit [Quit: killed]
ajs124 has joined #nixos-chat
das_j has joined #nixos-chat
drakonis has quit [Quit: WeeChat 2.8]
<ashkitten>
the only time i've felt weird about talking in a logged channel is the pdp-10 channel which is publicly displayed on a vax machine in the living computers museum
<ashkitten>
and that's just because someone pinged me asking what musicians i was talking about in the photo of that machine on the museum's website, because they couldn't read the names of the artists in the pic
<ashkitten>
that is probably the weirdest experience i've ever had on irc
waleee-cl has quit [Quit: Connection closed for inactivity]
slack1256 has quit [Ping timeout: 258 seconds]
<clever>
ashkitten: lol!
<clever>
thats beyond just logged publicly, thats logged publicly in a museum!
<ashkitten>
[indiana jones voice]
<ohhaimark[m]>
Has anyone gotten hardware acceleration working with intel iris graphics on NixOS?
<ohhaimark[m]>
`vainfo` isn't able to dynamically load some libraries, but I'm not sure what to do about it.
<eyJhb>
monsieurp: Not that it is okay, but at that point is it then how they are going to spend the day?
<eyJhb>
WELL FUCK
<eyJhb>
adisbladis , etu: so physlock screwed up my LP, had to restart and apparantly I did not save anything, which is untrue
<eyJhb>
None-the-less, no data
<eyJhb>
Found it, good
<eyJhb>
Don't have to start from scratch
<monsieurp>
eyJhb: they = ?
<monsieurp>
the protesters?
<monsieurp>
on a sidenote, I <3 NY
<etu>
eyJhb: Uhm?
<jD91mZM2>
I just got Nix installed on a rootless machine that normally sucks with outdated packages everywhere. Be still, my beating heart
<jD91mZM2>
Turns out the error I got with proot was documented like 1 sentence under where I was reading, but somehow I missed that all those months ago
<jD91mZM2>
So now using proot and PROOT_NO_SECCOMP=1 I got nix and can install things
<eyJhb>
etu: there is something funky going on
<pie_>
jtojnar: schweet
__monty__ has joined #nixos-chat
zimbatm has quit [Ping timeout: 265 seconds]
neeasade has quit [Ping timeout: 265 seconds]
webstrand has quit [Ping timeout: 265 seconds]
webstrand has joined #nixos-chat
raboof has quit [Ping timeout: 246 seconds]
neeasade has joined #nixos-chat
zimbatm has joined #nixos-chat
raboof has joined #nixos-chat
<lovesegfault>
eyJhb: I survived!
<lovesegfault>
It was _way_ harder than I expected
<eyJhb>
lovesegfault: so ZFS snapshot + rollback on boot?
<lovesegfault>
yeah
<pie_>
samueldr: im still botheres by the fact that we have 30 different places to search for information without a single search engine, and the fact that i cant search all the channels at once :P
<gchristensen>
phew ... forced my laptop to reboot in "the middle" of a firmware upgrade and it survived
<__monty__>
Now why'd you go an do that?
<eyJhb>
Living life!
<gchristensen>
__monty__: I couldn't give it any more than 12 hours to do the job
<__monty__>
Wow, that's a big honkin update.
<gchristensen>
nah, it was just not working
<eyJhb>
Seems weird
<eyJhb>
Reminds me, I should backup my BIOS at some point
<eyJhb>
Or maybe flash it as some point, bought all the things to do it
<eyJhb>
lovesegfault: but only /, or also $HOME
<eyJhb>
?
<gchristensen>
samueldr: is it just me or is inkscape palettes not really usable in nixos?
drakonis has joined #nixos-chat
bkv has quit [Quit: WeeChat 2.8]
c4rc4s_ has joined #nixos-chat
eyJhbV2 has joined #nixos-chat
<eyJhbV2>
Give me my nick back you ghost!
bqv has joined #nixos-chat
eyJhb has quit [Disconnected by services]
<sphalerite>
eyJhbV2: use the ghost command?
<sphalerite>
oh there we go ha
<eyJhbV2>
sphalerite: :D
<eyJhbV2>
WAIT
ottidmes_ has joined #nixos-chat
eyJhbV2 is now known as eyJhb
eyJhb has joined #nixos-chat
eyJhb has quit [Changing host]
<eyJhb>
Finally
emilazy_ has joined #nixos-chat
<eyJhb>
I hate channels that ban you, and then you cannot change nick
emilazy has quit [Ping timeout: 246 seconds]
ajs124 has quit [Ping timeout: 246 seconds]
Jackneill has quit [Ping timeout: 246 seconds]
edef has quit [Ping timeout: 246 seconds]
c4rc4s has quit [Ping timeout: 246 seconds]
emilazy_ is now known as emilazy
leah2 has quit [Ping timeout: 264 seconds]
cransom has quit [Ping timeout: 264 seconds]
mtjmullen has quit [Ping timeout: 264 seconds]
ottidmes has quit [Ping timeout: 264 seconds]
edef_ has joined #nixos-chat
c4rc4s_ is now known as c4rc4s
mutantmell has joined #nixos-chat
edef_ has joined #nixos-chat
edef_ has quit [Changing host]
edef_ is now known as edef
<pie_>
thunderbird manage to corrupt someting
<pie_>
all the emails are there when searching but nothing shows up in the frontend
<pie_>
only copy of this backup that i have....ffs
cransom has joined #nixos-chat
<pie_>
JavaScript error: chrome://messenger/content/mailTabs.js, line 419: NS_ERROR_ILLEGAL_VALUE: Component returned failure code: 0x80070057 (NS_ERROR_ILLEGAL_VALUE) [nsIMessenger.msgHdrFromURI]
<pie_>
only output i get is
<pie_>
so im hoping i can check the source but mozillas code search seems to be down
leah2_ has joined #nixos-chat
<__monty__>
Are you sure the backup isn't corrupted?
<pie_>
i can probably reimport te messages but ffs
<eyJhb>
restoreTab?
<eyJhb>
Isn't it just the state of tabs that sucks then?
<pie_>
idk, but theres firstTab stuff
<pie_>
which sounds reasonable
<pie_>
"magic first tab"
<pie_>
!#$%#@ i dont have time for debugging this :(
<pie_>
yak shaves, yak shaves everywhere
<pie_>
this is so stupid
<pie_>
i bet its because i upgraded it like 30 versins and it did something stupidd
Jackneill has joined #nixos-chat
<pie_>
ok no there is something really stupid happening here because it happens to the other profiles on the device too
<pie_>
idk how mozilla stuff cant ever get their session management right
leah2_ is now known as leah2
<pie_>
theres some weird artefacts but this was a stupid rollercoaster
<pie_>
per some random internet suggestion of using importexporttools to reimport the profile
<pie_>
success
<eyJhb>
Now you should do a Dropbox adventure pie_
<eyJhb>
Because this makes no sense either
<pie_>
yeah but i wouldnt trust dropbox to begin with because weird opaque distsys syncing
<pie_>
or something
<eyJhb>
Never had a problem with it in all the time I have been using it :\
<pie_>
oh well thats good ten
<pie_>
i never used it
<eyJhb>
I have used it since 2010 I think
<__monty__>
eyJhb: You've been having problems since switching to ZFS, right? Maybe they discontinued support for it for a reason? Have you tried the suggestion of going with an ext4 zvol?
<eyJhb>
__monty__: it works fine, currently I am annoyed that I cannot make a home-manager module , that can start it from scratch (without me having to run it manually first)
<eyJhb>
For SOME REASON, it will not work when NixOS starts it. Think it needs some more bins
<__monty__>
Hmm, there's something about HM startUserServices being false by default.
<__monty__>
IS that your problem?
<eyJhb>
Nope, it will run and download the files, fill up /tmp, but will not put the files in my home
<eyJhb>
Maybe it is the symlinks that screws with it?
<__monty__>
How do you specify your home directory?
<eyJhb>
And my configs are not public, not even on Git as-of-now :/
<lovesegfault>
Ah, I mostly wanted to see which state dirs you had set
KeiraT has quit [Ping timeout: 240 seconds]
<lovesegfault>
and how you set them up for $home
<lovesegfault>
Are you using tmpfiles.d to create the links?
<colemickens>
eyJhb: so then is rpool/safe/home just what you persist, or is that the volume you check to make sure doesn't have anything important and wipe periodically (maybe eventually on boot)?
<colemickens>
That's what I've been thinking about. I want to wipe /home but maybe only "manually" for a while, allowing me to spot check that I didn't miss anything.
KeiraT has joined #nixos-chat
<colemickens>
I guess I could snapshot and then wipe on boot, so I could always go back to the snapshot to recover data?
<talyz>
eyJhb: please do ;)
endformationage has joined #nixos-chat
<eyJhb>
WELL! Now you can see, that I actually forgot I had a safe/home, and just use persistent... But it is where I keep all the data that is persistent, so I use symbolic links for it to work (and actually use talyz module for this!)
<eyJhb>
I can show the dirs as well I think lovesegfault , 2 sec
<eyJhb>
colemickens: Well, I have a backup with all my previous data in, so I have just started clean with everything and then use tmpfs for / and $HOME
<gchristensen>
it might be worth noting that my /persist is explicitly different from backed up data
<gchristensen>
I never back up /persist because it is mostly host-specific private keys
<lovesegfault>
talyz: Oh, nice!
<eyJhb>
gchristensen: If I loose my /persistent, then I am a sad panda
<eyJhb>
I need to fix not using the home thing..
<lovesegfault>
I might want to reshape my pool as local/{root,state} safe/{home,state}
<colemickens>
eyJhb: I guess what I'm asking is, say I forgot to add a path to my persisted list, I got a one-time-available token and saved it in $HOME. I rebooted and it got wiped, in your scenario is there any chance of recovery?
<lovesegfault>
That way I only back up safe/state
<eyJhb>
colemickens: nope, gone forever if not saved in a propper dir
<eyJhb>
But I just have my projects/ for that
<colemickens>
yeah, I'm thinking of a random dotfile or something, probably droped straight into $HOME of course :P
<ldlework>
colemickens: eyJhb have you ever just deleted a file you really needed / have been working on for hours for literally no reason at all?
<ldlework>
the regularity at which I do this is too damn high
<eyJhb>
ldlework: I once did `rm -rf /*`
<ldlework>
linux Garbage Bin when?
<eyJhb>
That works wonders
<ldlework>
eyJhb: I have done similar
<colemickens>
don't know that I've done that lately, but I absolutely wiped out a good hour of work the other day just fumbling the wrong git command :)
<eyJhb>
I think I had a sudo as well :p
<eyJhb>
I JUST did a rm -rf dropbox
<ldlework>
I've done things like rm -fr ~/.config/
<eyJhb>
Which was not the right thing
<ldlework>
when trying to delete ~/.config/something
<eyJhb>
Same
<ldlework>
the horror
<ldlework>
the sheer horror
<eyJhb>
My persistent should have snapshots
<lovesegfault>
talyz: thanks!
<lovesegfault>
eyJhb++ talyz++
<{^_^}>
eyJhb's karma got increased to 5
<{^_^}>
talyz's karma got increased to 2
<colemickens>
I have done, "ls ~/some/dir/to/wipe" and then "rm -rf *" right afterword in the wrong PWD
<ldlework>
done that one too
<ldlework>
fuck!
<eyJhb>
The only poor program NOT doing what I tell it to is chromium, everything else is lowercase. EVEN DROPBOX! :D
<colemickens>
I think I did that one the other day and wiped out my wg priv keys that weren't in git :(
<talyz>
lovesegfault: so you tell it where to store the persistent data by defining an attribute in home.persistence with that path, then just list files and directories
<eyJhb>
At some point we should not be allowed to rm
<ldlework>
should make an alias for rm to mv
<ldlework>
mv things to /tmp
<ldlework>
lol
<talyz>
lovesegfault: directories will by default be created in the persistent directory if they don't already exist
<ldlework>
that's actually not the worst idea i've ever had
<colemickens>
I think theres a trash command or something? but `rm -i` would work too probably most times :P
<lovesegfault>
talyz: really nice
<lovesegfault>
I'm tempted :D
<ldlework>
colemickens: but get immediately annoying and subsequently removed :P
<talyz>
eyJhb: nah, adisbladis brought it up in an issue before that :)
<eyJhb>
Ahh
<eyJhb>
Is there any good way to do the ln magig I am doing talyz ?
<eyJhb>
Without recreating the links each time?
<sphalerite>
ldlework: 5-minutely zfs snapshots ♥
<ldlework>
I don't know anything about filesystems so I've been putting that stuff off
<lovesegfault>
talyz: Usage example for the NixOS one?
<sphalerite>
ldlework: it's very nice to have snapshots, allows you to go back on overwriting files too, not just deleting them, stuff like that
<ldlework>
sphalerite: yeah it just seems like a big hill so it's in the background
<sphalerite>
at one point I wrote a little project over the space of 12 hours or so without gitting anything, then reconstructed a git history from the snapshots
<sphalerite>
(can still recommend gitting from the beginning, but it's better than nothing)
<sphalerite>
ldlework: but it's a very good hill
<ldlework>
That's why it's on the tapestry!
<talyz>
eyJhb: well, you have to recreate the links every time, but you could just use the built-in home-manager support for it - home.file."blah".source
<eyJhb>
talyz: It does not nice stuff with that
<eyJhb>
Seeing as it does some copy, something I guess and loads my Dropbox into memory
<samueldr>
gchristensen: assuming stable, I had no trouble last time I did
<colemickens>
lovesegfault, ew, also thank you :)
<talyz>
lovesegfault: right, maybe a bind mount would solve it, then :)
cole-h has joined #nixos-chat
<lovesegfault>
colemickens: :D
<lovesegfault>
talyz: Why would that make a difference?
<cole-h>
lovesegfault: How'd it go?
<sphalerite>
joepie91++
<{^_^}>
joepie91's karma got increased to 13
<colemickens>
I feel so... something from the stalebot emails :s
<joepie91>
colemickens: something? :P
<cole-h>
sphalerite: How do you configure your 5-minutely snapshots, and do they ever expire/get pruned?
<sphalerite>
cole-h: with znapzend, and yes
<sphalerite>
plan = "15min=>5min,4h=>15min,4d=>1h,1w=>1d,1m=>1w";
<colemickens>
joepie91: It's a mix of guilty, forgetful, and easily distracted based on the random things I've sent PR/issues for. They're sort of a reminder of "your abandoned nix projects".
<joepie91>
colemickens: ah yeah, I totally get what you mean
<eyJhb>
Stupp works yo!
<lovesegfault>
cole-h: it was tough but I succeeded
<eyJhb>
sphalerite: how do you set it? znapzend?
<cole-h>
lovesegfault: What were your pain points?
<lovesegfault>
colemickens: Did you get vaapi working with ff?
<lovesegfault>
I keep getting [Child 23517: MediaPDecoder #2]: D/PlatformDecoderModule VA-API FFmpeg is disabled by platform
<lovesegfault>
cole-h: I had forgotten how hard it is to bootstrap my keys
<colemickens>
Only in Nightly.
<lovesegfault>
colemickens: lame :P
<colemickens>
for sure. I tried quite a bit to get it to work in stable and kept getting confused and stuck. :(
<lovesegfault>
cole-h: I also deeply regret not having made my homedir stateless
FRidh has quit [Quit: Konversation terminated!]
<eyJhb>
Btw. lovesegfault I remember that my rpool/safe/home was for the two boots I ran a persistent home
<cole-h>
sphalerite: Is it possible to configure znapzend to only use `zfs snapshot` and not `send`/`recv`? Does it do that automagically?
<eyJhb>
But I shoul slity those two up
<lovesegfault>
eyJhb: Yeah, I'm thinking of how to make it stateless now
<cole-h>
lovesegfault: Well, since you only did it just now, you can probably start over and fix that... ;)
<lovesegfault>
My plan is:
<talyz>
lovesegfault: because bind mounts are much more transparent than symlinks - in file listings they look like any other directory or mounted device
<lovesegfault>
1. new dataset safe/home_new
<lovesegfault>
2. use talyz's stuff to set up persistence to /state/...
<lovesegfault>
3. move things to state manually
<eyJhb>
lovesegfault: /state/root ** /state/home
<eyJhb>
?
<lovesegfault>
4. rename home_new to home
<lovesegfault>
5. snapshot empty home
<lovesegfault>
6. set up the new mount
<lovesegfault>
7. reboot and hope
<etu>
talyz: woo, our madness is spreading :D
<lovesegfault>
talyz: Stop tempting me!!!
<talyz>
lovesegfault: :D
waleee-cl has joined #nixos-chat
<etu>
lovesegfault: It's pretty great though
<lovesegfault>
talyz: How about we extract those modules into a repo of it's own
<lovesegfault>
then at least I can pin them with niv and import without copy-paste
<lovesegfault>
:D
<etu>
nix-community/stateless-helpers :p
<etu>
(suggestion)
<talyz>
lovesegfault: yeah, I probably should :p
<talyz>
etu: I don't have access to nix-community (that I know, at least)
<lovesegfault>
wait, I'm confused, do you bind-mount or do you symlink
<etu>
talyz: I do:)
<lovesegfault>
FWIW: bind mounting would most likely make iwd work without magic hacks
<etu>
talyz: I'm not sure what policies there is. But if we come up with a good name and talk a bit to adisbladis for pointers on how to do this I think it will be fine. I'm willing to maintain it :)
<talyz>
lovesegfault: I link files and directories that are put in environment.persistence.etc and bind mount directories in environment.persistence.root
<lovesegfault>
etu: Let's do it! I will help :D
<lovesegfault>
talyz: what do you do with /var/lib stuff?
<talyz>
etu: ah, maybe adisbladis can give me access, then :)
<etu>
talyz: No real need, If I make a repo I can invite you to that repo
<energizer>
funny calling it stateless when the point of the module is having persistent mutable data :)
<etu>
yeah
<cole-h>
etu: But it doesn't only apply to /, it also applies to /home, right?
<etu>
true :/
<cole-h>
(Granted /home is a descendant of /, but usually most people have stateless / and stateful /home)
<etu>
And it doesn't rely either on tmpfs or zfs rollbacks :p
<energizer>
nix-community/persistent
<cole-h>
Ooh
<etu>
nix-community/persistent-paths ? :)
* talyz
uses btrfs with a new subvolume for root on each boot
<talyz>
everyone has their own way :p
<cole-h>
nix-community/impermanence
<Valodim>
nix-community/ephemerality
<cole-h>
I walk back my support of /persistent because this module isn't really about making this more persistent, but collecting all/most those persistent things in a single place
KeiraT has quit [Ping timeout: 240 seconds]
<energizer>
/persistent-tree
<etu>
nix-community/persistent-helpers
<eyJhb>
nix-community/know-your-state-helpers
<cole-h>
I kinda like stateless- more than persistent-helpers because you're helping the system become more stateless, rather than more persistent, IMO.
<cole-h>
Oh, so it's more a "you don't want to", rather than a "you literally cannot even if you wanted to"
<cole-h>
First star >:)
<drakonis>
impermanence?
<cole-h>
impermanence.
<lovesegfault>
talyz: do you want to push your modules as-is to that repo?
<eyJhb>
lovesegfault: into the two datasets
<lovesegfault>
I guess any further discussion can happen there :D
<eyJhb>
HOME and ROOT
<lovesegfault>
eyJhb: Ah, nice
<talyz>
lovesegfault: sure :)
<energizer>
in other words, i want to be able to persist files/directories in /var /root /etc /home, but i dont see the reason for those to be in separate options
<lovesegfault>
energizer: What's your proposal?
<lovesegfault>
i.e. how to do that
<cole-h>
Is there a historical reason we only have `environment.etc` and not `environment."/"`, `environment.var`, etc? Is it because there's typically no reason to need to drop files into those locations?
<talyz>
energizer: everything not in /etc or /home/you would go in environment.persistence.root
<talyz>
Oh, you mean generally
<energizer>
lovesegfault: systemd.tmpfiles.rules would do it i think. but to be clear i dont understand why it's done the way it is, so i'd guess there is a reason that i just don't understand
<lovesegfault>
energizer: FWIW those don't fully work, they get created kind of late
<lovesegfault>
also some things (e.g. iwd) don't like symlinks
<etu>
I added a readme
<etu>
to get the repo started
<lovesegfault>
for state directories bind >>>> link
<lovesegfault>
but for single files link is best
<etu>
We have to document how to use the modules in the readme
<etu>
:)
<energizer>
lovesegfault: ok so yeah why isn't it environment.<name>.
* energizer
waits for a nixos historian
<lovesegfault>
If I knew I'd tell you :P
<eyJhb>
lovesegfault: add Dropbox to that list
<etu>
gotta head off now though, but talyz, add your modules there when you have the time :)
<etu>
talyz: and we can document and clean things up to make it nicer for everyone
<lovesegfault>
TEAM WORK
<cole-h>
I can help with documentation! Probably.
<cole-h>
(Since I don't run it yet myself.)
<energizer>
fwiw you can bind-mount a regular file, not just directories
<etu>
energizer: wait, you can?
<etu>
:O
<etu>
I have to try this
<lovesegfault>
energizer: you can?!
<lovesegfault>
This changes everything
<energizer>
touch x; mount -o bind x y
<talyz>
energizer: bind mount all the things \o/
<energizer>
otoh nix style seems to be symlinking, which has the advantage that looking at the file makes it obvious what it's pointing to. bind mounts are pretty "transparent" (read: opaque)
<talyz>
etu: I will :)
<etu>
energizer: I just tried
<etu>
energizer: It worked
<etu>
wow
<etu>
TIL
<etu>
✨ energizer
<{^_^}>
energizer's karma got increased to 16
<etu>
energizer: That is *much* better than symlinks everywhere
<etu>
bind-mounts everywhere instead
<energizer>
what do you like better about it etu?
<etu>
symlinks comes with weird side effects, like tools following symlinks etc
<pistache>
energizer: I get "No such file or directory" when I try your command
<lovesegfault>
So does everyone agree with the API of environment.persistence.{directories,files} = [...]
<energizer>
following symlinks is what we want, no?
<etu>
So I tell emacs to open /etc/nixos/... and then it's like "but ya know, /etc/nixos is a symlink, do you want to follow it?"
<lovesegfault>
maybe `entities` instead of dirs and files
<lovesegfault>
and that all gets bind mounter
<lovesegfault>
*mounted
<pistache>
ah right I need "touch y" as well
<etu>
energizer: Sure, but bind mounts becomes more transparent
<Valodim>
etu: is that an emacs-specific bias though?
<talyz>
lovesegfault: the separation comes from the need for automatic creation - mkdir for directories and nothing for files
<etu>
Valodim: No, bash also does that
<energizer>
pistache: right, my example was incomplete
<etu>
Valodim: but silent
<energizer>
etu: is transparent an advantage?
<Valodim>
hmm
<etu>
energizer: maybe? That can be discussed :D
<energizer>
etu: i set emacs to follow symlinks by default (which should be the default imo)
<etu>
oh well, I'm heading off for tonight. We'll get something together for our new repo :)
<talyz>
The output of `mount` would be glorious
<pistache>
is there a way to "follow" bind mounts ?
<energizer>
pistache: what does that mean?
<pistache>
as in, to know the original path it is mounted from ?
<etu>
pistache: No, since it's actually "not moved"
<etu>
pistache: It's abstracted in the filesystem
<pistache>
yes I wasn't clear in what I asked
<talyz>
pistache: mount, the command
<pistache>
but when bind-mount x to y, is there a way that y is x ?
<pistache>
talyz: it doesn't show the original path, though
<talyz>
But otherwise, not really
<etu>
pistache: /etc/fstab will tell that :D
<etu>
pistache: when configured declaratively that is
<pistache>
yes, true
<pistache>
when I use mount I get :
<pistache>
tmpfs on /tmp/y type tmpfs (...)
<pistache>
ah, findmnt does tell it, so it must be accessible somewhere
<pistache>
yep, /proc/self/mountinfo shows it
<lovesegfault>
talyz: you still need to create files for bind-mounting, right?
<energizer>
lovesegfault: yes
abathur has joined #nixos-chat
buckley310 has quit [Quit: Connection closed for inactivity]
<lovesegfault>
infinisil++
<{^_^}>
infinisil's karma got increased to 308
<samueldr>
git bisect, while good, sorely needs more, like a way to ignore commits found in a branch (e.g. bisect only staging-next exclusive changs)
<samueldr>
or tag *why* a commit was skipped, I have skips for 3 different distinct reasons, it would help in the end to see the reasons and know where problem A stopped and problem B started
<cole-h>
Maybe you could use tags for that? I also remember reading about a way to add notes to commits, but I don't remember how...
<samueldr>
tags are quite dangerous in git in my experience
<samueldr>
easy to accidentally push
<samueldr>
and IIRC I've been told tags don't scale
<samueldr>
though that wouldn't be much of an issue
<cole-h>
man git-notes
<cole-h>
^ That's what I was thinking of
<samueldr>
but that won't show in the review of a bisect, won't it?
<cole-h>
I guess it would add more complexity, but then couldn't you just view the notes of the skipped commits to verify the reasons for doing so?
<samueldr>
the real issue is it needs to be "skip because of problem A" so that *bisect* at the end shows it
<samueldr>
I must have about 100 skipped commits already
<cole-h>
Maybe you could output the bisect status thing to a file and check every skipped commit for a reason and then add that reason to said file?
<samueldr>
probably, with enough work everything is possible
<cole-h>
:P
<energizer>
there was a bisect merges-only option PR but it stalled out iirc
<energizer>
you can still emulate it with rev-list --merges --first-parent
<samueldr>
I kind of want the inverse of that, merges are likely all good, so I want to ignore the "foreign" branch
<energizer>
exactly
<samueldr>
but what do I do with that list? can git bisect work only on a list of revision?
<samueldr>
git's tools are poorly composable
<cole-h>
How often do you guys garbage-collect old generations?
<samueldr>
whenever necessary
<energizer>
when i run out of space. i think grahamc does it automatically on a timer
<samueldr>
meaning that they take too much space
<cole-h>
Yeah, I ask because that just happened to me x)
<samueldr>
though on my main machine the store is on another drive than my home
<samueldr>
so it ends up that only nix builds are affected
<samueldr>
I don't feel the squeeze for my other uses
<samueldr>
though thinking a bit more, what I need is "multi-bisect", where it would also bisect sub-problems to find when new problems are introduced and fixed
<LnL>
cole-h: "pretty recent" 2020-02-04 :)
<cole-h>
How big is your /boot?!
* cole-h
regrets making it only 512M
<LnL>
never had any problems with that
<cole-h>
Well, I have built a few kernels in the past few days...
<LnL>
but I use the release and just pull in specific stuff I want from unstable
<samueldr>
my /boot is my /
<samueldr>
oops, no, it isn't
<samueldr>
2.0GiB, though it was "overkill" only to allow experimentation as it's the ESP for UEFI
<samueldr>
e.g. I'm using clever's thing that makes a bootable option that is basically the installer iso
<samueldr>
though it's not *that* useful, but it did save me that one time I tried (foolishly, but I wanted to see it break) to force delete something sitll anchored to the GC and it collected all generations
<cole-h>
lmao
<samueldr>
it saved me from digging up a usb drive
<cole-h>
Well, I have my USB drives literally a couple inches away, so I don't feel any of that pain :P
<samueldr>
now, imagine if you had to *bend down* to plug that usb drive to the computer
<cole-h>
x)
<samueldr>
the horror
<pistache>
samueldr: oh that's a neat modul, thanks for the link
<pistache>
module*
<cole-h>
sphalerite++ I've started using znapzend with your plan, thanks for the recommendation :) Just gotta keep an eye on it and see how disk usage piles up
<{^_^}>
sphalerite's karma got increased to 93
<Valodim>
talyz: pardon the uninformed question, but how do you actually use the configuration.nix files from your nixos-config?
<pistache>
cole-h: if you're using ZFS 0.8.x, take care to not fill up your pool with snapshots
<cole-h>
Why's that?
<pistache>
as that can completely break your pool, and make it unrecoverable
<pistache>
it can also happen when you fiddle with refreservation at the pool level
bqv has quit [Ping timeout: 256 seconds]
<pistache>
I've had it happen on a pool with less than 60% allocated space (lots of empty zvols)
bqv has joined #nixos-chat
<pistache>
it was really a... surprising moment (permanently wedging a pool just by running zfs snapshot)
EatThem has joined #nixos-chat
<cole-h>
Uh
<pistache>
I think the pool can be recovered by reverting to an earlier TXG, but did not try that as I wasn't sure, and just used new disks to recreate the pool
<cole-h>
That's a little scary
<pistache>
yes it is
<cole-h>
How do you revert to an earlier TXG?
<joepie91>
begrudgingly bought a portable airco unit
<joepie91>
the manual was extremely "draw the rest of the fucking owl"
<pistache>
cole-h: with the -T argument to zpool import
<pistache>
but if it's your root pool, that implies rebooting
<pistache>
and since at that point I wasn't even sure that I would be able to import the pool again, I just split my mirror, and moved everything to a new pool made from the detached device
<pistache>
(it implies rebooting because the pool can not even be exported at that point)
<samueldr>
joepie91: I'm curious what's to draw on a portable aircon, though I don't know how, and if, european designs differ
<joepie91>
samueldr: too high
<talyz>
Valodim: On most machines I simply symlink the right configuration.nix to /etc/nixos/configuration.nix
<joepie91>
1 kW for this one
<samueldr>
joepie91: sorry, not "the power draw", but "what's unexplained", e.g. drawin the owl :)
<joepie91>
this is a stopgap measure; I want to look into a proper split unit but right now I already have too much on my mind to deal with that also
<joepie91>
oh
<joepie91>
:p
<Valodim>
talyz: does that just work for the "../../" paths in the configuration.nix-es?
<joepie91>
samueldr: so the manual basically went "please make sure that all the parts are present before you install it, there are three ways to take out the hot air <end>"
<joepie91>
it didn't even list the three ways!
<joepie91>
it just came with a bunch of unlabelled parts, no instructions on how to attach them
<samueldr>
oof
<joepie91>
a separate difficult-to-understand manual for the window mounting kit
<talyz>
Valodim: yes, the paths are relative from the location of the real file
<joepie91>
I still don't know what half the parts are for :P
<Valodim>
talyz: cool! thanks for the info. that explains a lot of things :)
<joepie91>
but the hose was round, there was what seemed like a square attachment bracket on the backside at one of the exhaust points
<joepie91>
so I figured that I should put the square-to-round converter thingem there
<talyz>
Valodim: no problem! :)
<joepie91>
and the hose clicked into the thingem so I GUESS that it's now correctly set up
<joepie91>
and I'm currently test-running it
<talyz>
Valodim: on evals I instead put the configuration file path in nix.nixPath, so I wouldn't have to symlink it :)
<joepie91>
the window mounting kit is also super disapppointing
<samueldr>
1kW isn't that bad though, depending on the BTU, the one I have (second hand, a bit older) is 1.5kW
<samueldr>
(but yes, way worse than a "proper" one)
<joepie91>
it's basically a hood of the cheapo-polyester-tent material
<joepie91>
which doesn't insulate at all... so that's gonna be a project
<joepie91>
samueldr: "9000" BTU
<joepie91>
by an unspecified standard of measurement
<joepie91>
so I assume they are like camera manufacturer pixels
<joepie91>
or chinese mAh
<samueldr>
"12000" here
<samueldr>
likely the same standard, or similarly cheatable
<joepie91>
also the cheapskates didn't even include batteries for the remote <.<
<samueldr>
rude!
<samueldr>
CR2030?
<joepie91>
nah, AAA at least
<samueldr>
at least!
<joepie91>
so at least it's something people probably have
<samueldr>
tip, for anyone with an IR blaster, if the brand can't be found, check for the actual manufacturer on a regulatory body's database, e.g. UL or Intertek for North America
<joepie91>
on a 450 EUR device
<joepie91>
so yeah, not too impressed with the packaging :D
<joepie91>
but it does seem to work
<joepie91>
but two AAAs cost like what, a few cents to include?
<joepie91>
I have also already lost the remote
<samueldr>
a classic
<joepie91>
found it again :P
<lovesegfault>
gchristensen: When should I add elevator=none to kernelParams?
<gchristensen>
don't do that, I just haven't deleted it from my post yet
<lovesegfault>
Ah
<lovesegfault>
What was it supposed to achieve?
<cole-h>
It was supposed to set the disk scheduler to none, since ZFS manages scheduling itself, I guess
<infinisil>
So I thought I was being smart by setting chmod o-r on a directory, which would allow access only to those people who know what items are in it
<infinisil>
Because with o-r, you can't list directories anymore
<ldlework>
What was the gotcha?
<infinisil>
Turns out that doesn't quite work, as people can just brute force all possible strings: Accessing a non-existant directory gives "No such file or directory", while everything else indicates an existing directory
<ldlework>
Just make all your filenames 1024 character random strings
<energizer>
there was a proposal to do that for /nix/store
<ldlework>
Hmm I was joking because doesn't that then hide the information from yourself
<ldlework>
unless you can remember arbitrary semantics for random 1024 strings
<ldlework>
^_^'
<infinisil>
ldlework: In my case, I have permissions set up so only those users can even access those files
<energizer>
to do the o-r, not the random strings
<infinisil>
energizer: Hmm it would work there because you can't brute-force the strings
<infinisil>
Hehe, I could add some hashes to my directory layout
<energizer>
infinisil: right. there's still concern the paths would appear in other places, like pstree
<infinisil>
How about having a file system that only gives temporary access to files
<infinisil>
It will expose a file under some hashed path, which you need to know to access it
<infinisil>
After the first process accesses it, the file system essentially deletes it from view
<ldlework>
energizer: oh lol
<energizer>
infinisil: that would be neat
<joepie91>
infinisil: that's starting to sound a lot like a capability-based system :P
<infinisil>
joepie91: Kinda does indeed! I don't know capability systems too well, but I heard good things about them
<abathur>
hmm
<infinisil>
For context: I'm working on a secret module for nixus, and the secrets are structured like /var/lib/nixus-secrets/active/per-user/<username>/<secretname>
<abathur>
I guess you could implement that with FIFOs for read-only stuff
<infinisil>
I set o-r on `per-user`, such that other users can't know whether you even have secrets or not
<infinisil>
But since linux tells you whether the directory exists or not even with o-r, that's kind of pointless, since you can just go through all users of the system
cjpbirkbeck has joined #nixos-chat
<infinisil>
I'm considering adding a hash to make that impossible
<qyliss>
This sort of thing is something that systemd could probably do well
<qyliss>
On startup, open all the secret files, then bind mount over them or something, so nothing else can get them from disk.
<qyliss>
Then hand out the file descriptors to each secret file to subprocesses as required
<infinisil>
That might work indeed
<qyliss>
Of course, anything with root could undo the bind mount
<qyliss>
But you can't really protect against root
<energizer>
yup
<infinisil>
Ideally only the administrator can run commands as root, and only manually
<qyliss>
Yeah
<infinisil>
(I wish no NixOS services would require root..)
<abathur>
can a FUSE serve different files to different processes out of the same namespace?
<abathur>
maybe, a fuse that pretends every path is valid
<abathur>
as a denial of knowledge?
<samueldr>
fuse can differentiate processes I think, at least I abused knowing the PID to get the UID to show a different view for a test
<infinisil>
Neat
<samueldr>
I'm not sure it's supported, but it worked well enough to show the xdg application folder of that user merged with the system ones
<infinisil>
Although, pid's can change and be reused
<samueldr>
it's not during mount time, it's during runtime, though I guess TOCTU
<samueldr>
though I guess it's not strictly TOCTOU, but could look like it
* samueldr
thinks
<samueldr>
nah, it shouldn't be an issue, the PID is currently opening the file, it's not like the PID will vanish during that operation, won't it?
EatThem has quit [Quit: Leaving]
bqv has quit [Ping timeout: 256 seconds]
* infinisil
has no ieda
<infinisil>
idea
bqv has joined #nixos-chat
emilazy has quit [Ping timeout: 246 seconds]
noonien has quit [Ping timeout: 240 seconds]
rajivr has quit [Ping timeout: 260 seconds]
waleee-cl has quit [Ping timeout: 246 seconds]
pasukon has quit [Ping timeout: 260 seconds]
liszt has quit [Ping timeout: 260 seconds]
steveeJ has quit [Ping timeout: 260 seconds]
savanni has quit [Ping timeout: 260 seconds]
manveru has quit [Ping timeout: 260 seconds]
johanot has quit [Ping timeout: 256 seconds]
tazjin has quit [Ping timeout: 272 seconds]
feepo has quit [Ping timeout: 272 seconds]
jackdk has quit [Ping timeout: 272 seconds]
srhb has quit [Ping timeout: 246 seconds]
peel has quit [Ping timeout: 260 seconds]
jared-w has quit [Ping timeout: 260 seconds]
Cynthia has quit [Ping timeout: 240 seconds]
aria has quit [Ping timeout: 260 seconds]
cbarrett has quit [Ping timeout: 260 seconds]
davidtwco has quit [Ping timeout: 272 seconds]
taktoa[c] has quit [Ping timeout: 272 seconds]
sdier has quit [Ping timeout: 272 seconds]
mudri has quit [Ping timeout: 272 seconds]
rizary has quit [Ping timeout: 246 seconds]
zimbatm has quit [Ping timeout: 260 seconds]
kalbasit has quit [Ping timeout: 260 seconds]
<samueldr>
I thing git bisect has a pretty poor UX
peel has joined #nixos-chat
raboof has quit [Ping timeout: 272 seconds]
elvishjerricco has quit [Ping timeout: 272 seconds]
jw358 has quit [Ping timeout: 272 seconds]
waleee-cl has joined #nixos-chat
aria has joined #nixos-chat
mudri has joined #nixos-chat
<samueldr>
it's been dozens of commits that it's been telling me "40 commits left"
jackdk has joined #nixos-chat
pasukon has joined #nixos-chat
<samueldr>
I mark one good, 39 left...
emilazy has joined #nixos-chat
<samueldr>
I mark another good, 40 left...
zimbatm has joined #nixos-chat
liszt has joined #nixos-chat
Cynthia has joined #nixos-chat
davidtwco has joined #nixos-chat
raboof has joined #nixos-chat
<samueldr>
I don't event know what it the maximum amount of revisions actually left to try, since it apparently doesn't change on skip, and can go back and forth on an actual action :(
johanot has joined #nixos-chat
steveeJ has joined #nixos-chat
feepo has joined #nixos-chat
savanni has joined #nixos-chat
kalbasit has joined #nixos-chat
sdier has joined #nixos-chat
elvishjerricco has joined #nixos-chat
jw358 has joined #nixos-chat
srhb has joined #nixos-chat
rajivr has joined #nixos-chat
rizary has joined #nixos-chat
noonien has joined #nixos-chat
cbarrett has joined #nixos-chat
manveru has joined #nixos-chat
tazjin has joined #nixos-chat
tazjin has quit [Client Quit]
tazjin has joined #nixos-chat
<infinisil>
I guess bisecting with a non-linear history isn't trivial
<danderson>
I thought git bisect handled that
<danderson>
it might take a thousand more steps, but I thought it got the correct answer eventually
<samueldr>
I would have hoped that a maximum amount of revisions to test is trivial to compute
<samueldr>
since... you know... you can list all revisions in the search space
<energizer>
samueldr: do you have a script to check good/bad or are you doing it manually?
<samueldr>
so I don't know what "commits left" is... steps, I know, but *revisions left* I don't
<danderson>
sure, but at which point does it stop being a bisect and start being a linear scan of all possible changes
taktoa[c] has joined #nixos-chat
<joepie91>
isn't it supposed to do a binary search
<samueldr>
energizer: I can't script it as different kind of failures happen that are unrelated, and no trivial way to disciminate
jared-w has joined #nixos-chat
<samueldr>
danderson: I think that's it, revisions left should have been the max, and steps binary in that search space
<samueldr>
but I guess I'm wrong
<danderson>
with a very branching history, how much work you eliminate with each test can get complicated, but it should still require scanning less than "everything"
<samueldr>
exactly, but I don't know what you're getting at
<samueldr>
what I'm saying is that there is a number which should be the total number of revisions to test, and that number changes in unpredictable ways
<samueldr>
so it must not be that, but if it isn't it's not clear what it is
<danderson>
oh, that is confusing.
<samueldr>
for now two dozens revisions, I've been told I'm left with 40 revisions to test, approximately 5 steps
<samueldr>
the 5 steps I know I broke by skipping
<samueldr>
but the first number I'm entirely confused by
cole-h has quit [Quit: Goodbye]
cole-h has joined #nixos-chat
bqv has quit [Ping timeout: 260 seconds]
cole-h has quit [Client Quit]
bqv has joined #nixos-chat
cole-h has joined #nixos-chat
cole-h has quit [Client Quit]
bqv has quit [Ping timeout: 260 seconds]
bqv has joined #nixos-chat
cole-h has joined #nixos-chat
cole-h has quit [Client Quit]
<samueldr>
:/ just listed commits using master..staging-next, to get the list of commits not in master, dropped them in a text file and bisected by hand, and I'm already at a 3 commits range in 10 minutes