<energizer>
gchristensen: are there other things you wouldnt want synced other than keys?
<DigitalKiwi>
ok so what's the best route to backup to zfs encrypted because i too have been needing to setup znapzend but now it sounds like i can't do that how i wanted (thanks eyJhb for saving me the troubles you've had)
<DigitalKiwi>
zfs on luks? or is there something that i can use native zfs encryption? (preferred)
<colemickens>
uh oh I missed that conversation
<energizer>
suspect i can't sync my syncthing state files via syncthing :)
<joepie91>
syncthingthing
<energizer>
i have so little in /persist anyway that i'm wondering if i should just start keeping it on a usb drive
<DigitalKiwi>
is there an easy way to just send the snapshots the nixos auto snapshots makes somewhere
<tokudan>
DigitalKiwi, have a look at znapzend nixos module
<DigitalKiwi>
it can't send to an encrypted zfs
<gchristensen>
that seems outrageous to me lol
<tokudan>
well, write your own script then? zfs send/receive shouldn't be too complicated
<DigitalKiwi>
at least that's what i've gathered from the previous conversation with eyJhb
parsley936 has quit [Remote host closed the connection]
<DigitalKiwi>
btw if you shop on amazon...highly recommend keepa
<gchristensen>
or do it over a wireguard interface which goes up only when in a good place
<infinisil>
Damn zrepl looks really neat!
<gchristensen>
and it isn't even perl :)
<cole-h>
:O
<lovesegfault>
is there some nix shorthand for if foo == null then bar else foo
<lovesegfault>
I find myself doing that a lot
<gchristensen>
looks pretty short to me
<DigitalKiwi>
but it's not ? : short
<DigitalKiwi>
it's like at least 5 times more typing
<gchristensen>
tbh, good
<DigitalKiwi>
/s btw if it wasn't obvious
<DigitalKiwi>
elvishjerricco: if i use the nixos autoSnapshotting do i replace that with sanoid? use both? or only use syncoid?
<DigitalKiwi>
services.zfs.autoSnapshot
<cole-h>
gchristensen: So when are you publishing the zrepl package and nixos service? ;)
<gchristensen>
hoh
<abathur>
anyone have loosely-held opinions on n-th email address/hosting?
<abathur>
looks like I'll be losing access to an ISP address I've had for ~14+ years that has been serving as my alt/recovery address for my primary email
<gchristensen>
n-th?
<gchristensen>
I like (pay for) fastmail
rardiol_ has quit [Read error: Connection reset by peer]
<lovesegfault>
energizer: I really wanted an invite to that
drakonis has quit [Ping timeout: 260 seconds]
<cole-h>
You can apply for one
iqubic` has joined #nixos-chat
<abathur>
forgot about hey
iqubic` has left #nixos-chat [#nixos-chat]
iqubic has quit [Ping timeout: 256 seconds]
<abathur>
gchristensen: how long have you had it? did you pick it over any also-rans? no problems with outbound delivery?
betawaffle has quit [Read error: Connection reset by peer]
emilazy has quit [Read error: Connection reset by peer]
<ashkitten>
i wouldn't be so pissed about the cosmo if planet would respond to my emails
<ashkitten>
this is ridiculous
liszt has quit [Ping timeout: 246 seconds]
peel has quit [Ping timeout: 260 seconds]
<ashkitten>
if it's not locked next week i'm gonna scream
<Shados>
abathur: I'll second fastmail as being good
<abathur>
cool
<abathur>
did you pick it over any other candidates? proton, etc?
<Shados>
protonmail did not exist at the time, but I definitely wouldn't switch. It doesn't have any additional features that interest me, and is more expensive.
<Shados>
I'll also say that fastmail's web interface is extremely good
<ashkitten>
i'd like to switch from protonmail, maybe i'll look at fastmail
<DigitalKiwi>
why don't you like protonmail?
emilazy has joined #nixos-chat
betawaffle has joined #nixos-chat
liszt has joined #nixos-chat
<abathur>
Shados++
<{^_^}>
Shados's karma got increased to 1
liszt has quit [Max SendQ exceeded]
betawaffle has quit [Max SendQ exceeded]
<ashkitten>
DigitalKiwi: support for imap has to be done through a bridge program, which is a pain. i've changed my opinion slightly since they open sourced the bridge and android client, but it still feels a bit like a walled garden
emilazy has quit [Ping timeout: 260 seconds]
<DigitalKiwi>
oh
<DigitalKiwi>
when did they open source it? is it still a paid service but open source or can you use it now for free?
<ashkitten>
i don't know
<ashkitten>
i haven't used it
peel has joined #nixos-chat
emilazy has joined #nixos-chat
betawaffle has joined #nixos-chat
liszt has joined #nixos-chat
drakonis1 has quit [Read error: Connection reset by peer]
drakonis1 has joined #nixos-chat
<ldlework>
Anyone else, when they accidentally type into a long running command, delete the echoed characters like weirdo?
<DigitalKiwi>
wait is that weird
<ldlework>
lol well it is kind of pointless
<colemickens>
It sort of feels like when I type "clear" right before "exit"
<ldlework>
haha
<DigitalKiwi>
what if you type something and then it goes to the prompt when the command ends and then you accidentally hit enter and it does something bad
<DigitalKiwi>
gotta clear it out!
<DigitalKiwi>
or if you copy paste the output
<ldlework>
lol
<DigitalKiwi>
plus ~aesthetics~
<abathur>
my favorite is when some past version of myself copied 20k lines of bullshit while working on something, and forgot all about it
<abathur>
and the poor, present, naive version of myself goes to copy some command and paste it
<abathur>
but, uh, does something wrong?
<energizer>
i *just* accidentally pasted a document into a root shell
<abathur>
and then dumps a ton of lines containing god-knows-what in the terminal?
<DigitalKiwi>
rm <relative path that is no longer relative to what you intended but does match something>
<ldlework>
rm -fr ./config/ after hitting M-Backspace one too many times
<abathur>
even better when it's a database shell
<energizer>
uh i think this document had some effect on my system
<energizer>
my hostname is now =
<abathur>
hehe
<energizer>
wtf
<energizer>
ah i see what happened, the config file had `hostname = myhost` and there's a command called `hostname` that sets the hostname to the $1
<{^_^}>
lovesegfault/lange#1 (by Kiwi, 42 seconds ago, open): Suggestions for Language Environments
<DigitalKiwi>
does anyone know this hardware project i saw a while ago it's like a pager i think possibly they also had a phone (i think one with like a blackberry keyboard/vibe)
peel has joined #nixos-chat
betawaffle has joined #nixos-chat
emilazy has joined #nixos-chat
<DigitalKiwi>
lovesegfault: is android a thing you'd want
liszt has joined #nixos-chat
slack1256 has quit [Remote host closed the connection]
<energizer>
danderson: i'm configuring a service in nix and i want it to listen only on the vpn ip address, should i do "100.0.0.0/8"?
<DigitalKiwi>
lovesegfault: what's the scope of your project like...would including a vscode with plugins be a thing we could do?
<DigitalKiwi>
lovesegfault: anyway i always end up with a shell.nix with at least cabal-install, ghcide (my preferred lately) and/or haskell-ide-engine, direnv, hoogle (ghcWithHoogle), ghcid, hlint, brittany (because hindent is broken...but you can use old version >.> not ideal..., same for pointfree and pointful), djinn is really cool, threadscope... maybe some extra useful common libraries...
<DigitalKiwi>
lovesegfault: https://mostlyabsurd.com/files/shell.nix this is what i use for my website useful things to note is it has hoogle and it will try to use the nix versions instead of building
<DigitalKiwi>
you can actually run that if you delete the two lines that say purifycss
* DigitalKiwi
should get purifycss in nixpkgs...
<DigitalKiwi>
someone beat me to prettier which used to be in there too
cole-h has quit [Quit: Goodbye]
waleee-cl has quit [Quit: Connection closed for inactivity]
<energizer>
danderson: oops nevermind, i can just rely on the firewall :-)
cjpbirkbeck has quit [Quit: cjpbirkbeck]
parsley936 has joined #nixos-chat
FRidh has joined #nixos-chat
julm has quit [Remote host closed the connection]
julm has joined #nixos-chat
<eyJhb>
It is SO weird for me, that ZFS can't backup encrypted to encrypted :p
<julm>
eyJhb: what make you think it can't?
<julm>
eyJhb: I think that if you use zfs send without --raw it should reencrypt if the target is encrypted ; while with --raw it keeps the original encryption
<DigitalKiwi>
it's a znapzend thing
<julm>
oh. strange. I'm using sanoid/syncoid. works great
<eyJhb>
Well, yes and no. It is because znapzend wants to do zfs recv -F, I guess
<ldlework>
In nix-shell is there a way to invoke the standard builder?
<DigitalKiwi>
eyJhb: do you have a guide for using luks?
<DigitalKiwi>
though everyone keeps saying to use sanoid/syncoid >.>
<eyJhb>
DigitalKiwi: ehmmm... I guess? We are talking using it on a external drive in the same machine, right?
<eyJhb>
A guide from me is however weird, is my external drive is mapped to /dev/sda :p
<energizer>
ldlework: sometimes nix-shell provides `buildPhase` command
<DigitalKiwi>
oh i meant like did you find one not that you'd already made one
<eyJhb>
Ahh, I am using multiple :p
<eyJhb>
And now I need to mount it on boot, which is extra fun
<eyJhb>
But I can throw the links into a sigle file
<energizer>
eyJhb: hey mind if i ask, are you a native english speaker?
<eyJhb>
energizer: No, I just suck at writing both my native language and English :p
<eyJhb>
Why do you ask energizer ? (I am Danish)
<energizer>
eyJhb: "<eyJhb> Is there any order in filesystems that they are run in?" reminded me of a song lyric that always made me smile. "i got a list; here's the order of my list that it's in"
<eyJhb>
Ahh no, sadly not. And never heard that song, but happy if it made you smile! ;)
<eyJhb>
Lets reboot and watch me not being able to boot anymore
<eyJhb>
Well that went as expected, no boot
tilpner has quit [Quit: tilpner]
<MichaelRaskin>
ashkitten: Hm, interesting. Mine is locked but no further details yet (from the updates, I do not expect news until they import into the EU warehouse) — so I hope they have at least QC-accepted the phone, though. Maybe there are more than 2 batches in the second run
parsley936 has quit [Remote host closed the connection]
parsley936 has joined #nixos-chat
__monty__ has joined #nixos-chat
andi- has quit [Remote host closed the connection]
andi- has joined #nixos-chat
ninjin has quit [Ping timeout: 240 seconds]
ninjin has joined #nixos-chat
<ldlework>
Come join us in #nixos-gaming if that's relevant to you.
__monty__ has quit [Quit: leaving]
luc65r has joined #nixos-chat
<eyJhb>
ping elvishjerricco
luc65r has quit [Ping timeout: 272 seconds]
<eyJhb>
I simply cannot get my LUKS to unlock using a keyfile, since NixOS will only mount the volumes needed after the LUKS has been opened. Using this https://termbin.com/l6iy1 with a mount -t zfs .... so that it is ready before the open command
<eyJhb>
Really need something better
luc65r has joined #nixos-chat
luc65r has quit [Ping timeout: 264 seconds]
luc65r has joined #nixos-chat
rajivr has quit [Quit: Connection closed for inactivity]
luc65r has quit [Read error: Connection reset by peer]
luc65r has joined #nixos-chat
luc65r has quit [Read error: Connection reset by peer]
luc65r has joined #nixos-chat
luc65r has quit [Read error: Connection reset by peer]
luc65r has joined #nixos-chat
luc65r has quit [Read error: Connection reset by peer]
drakonis has joined #nixos-chat
luc65r has joined #nixos-chat
luc65r has quit [Read error: Connection reset by peer]
luc65r has joined #nixos-chat
drakonis1 has quit [Ping timeout: 264 seconds]
luc65r has quit [Client Quit]
drakonis has quit [Ping timeout: 272 seconds]
drakonis_ has joined #nixos-chat
drakonis_ has quit [Read error: Connection reset by peer]
drakonis_ has joined #nixos-chat
cole-h has joined #nixos-chat
tokudan has quit [Remote host closed the connection]
<elvishjerricco>
eyJhb: Yea, keyfiles for LUKS have to be available in initrd. It's a little silly
<elvishjerricco>
I'm sure there's probably a way to use /etc/crypttab in stage 2 so you can do it after / has been mounted, and then you could use systemd dependencies to ensure the zfs mount only happens AFTER the mount with the keyfile
<DigitalKiwi>
elvishjerricco: so does the sanoid replace the zfs.autoSnapshots?
<DigitalKiwi>
or can i use both or use syncoid but not sanoid?
<elvishjerricco>
DigitalKiwi: You can totally use syncoid without sanoid. I'm not sure if sanoid and autoSnapshots would work together; I'm guessing not. But they're very similar and I think sanoid is basically just better.
<elvishjerricco>
But syncoid literally just keeps a syncoid snapshot on the source and destination and runs an incremental stream from a new syncoid snapshot for you, then deletes the old syncoid snapshot
<elvishjerricco>
You can tell it to send all snapshots on the dataset or none, but it won't delete anything but that special syncoid snapshot
<elvishjerricco>
You can also tell it not to use its own special snapshot and instead try to just use the ones already on the datasets
<cole-h>
elvishjerricco: Another reason behind my disk perf might be the fact that zfs detected my ashift as 9 on my ssd!
<elvishjerricco>
cole-h: Yea most disks lie about that
<cole-h>
wait wat -- when I was on Arch, I'm like 99% sure my `physical_block_size` was 4096
<cole-h>
now it says 512
<colemickens>
I was just going to say, I always manage to re-confuse myself when I look at my block size stuff.
<cole-h>
Then it makes sense why the ashift is 9
<cole-h>
lol
<colemickens>
on my old m2 sata: Sector size (logical/physical): 512 bytes / 4096 bytes
<colemickens>
on my nice new nvme: Sector size (logical/physical): 512 bytes / 512 bytes
<cole-h>
Why is there no site that tells me the expected physical_block_size so I can know if I'm imagining things
<colemickens>
I dont get it.
<cole-h>
My non-m2 sata is 512/512......
<cole-h>
I'm really confused help
<cole-h>
elvishjerricco: Do you know why GCM is faster than CCM?
<elvishjerricco>
cole-h: Yea I think the gist of it is that it's more friendly to simd
<elvishjerricco>
And just assume all disks are lying about their sector size if they say 512/512 :P Even if they're not, it basically never hurts to assume 4K anyway; the slack space is minimal in basically any practical setup
<cole-h>
Is there any way to check?
<elvishjerricco>
cole-h: Nothing reliable
<elvishjerricco>
that I've found anyway
<cole-h>
Unfortunate.
<colemickens>
so even if it says 512/512, I should configure zfs as if it was 4k sectors and "good things" will just happen?
<colemickens>
I want to make sure I've interpreted "it basically never hurts to assume 4K anyway" correctly.
<elvishjerricco>
colemickens: Either it'll have negligible effect or it'll be a substantial performance improvement.
<cole-h>
So, I think my plan is (when I have some time that I want to mess around with this) to do the following: 1) `zfs send rpool | zfs recv newrpool`, where newrpool is a new pool on another disk (with enough space for rpool); 2) recreate rpool on my SSD with ashift=12 and encryption=aes-256-gcm; 3) `zfs send newrpool/* | zfs recv rpool/*` to get all my stuff back.
<cole-h>
Would this (roughly) work?
<elvishjerricco>
At least that's what I've read from other users. I've never tested it
<elvishjerricco>
cole-h: Sounds sane to me
<cole-h>
And just plain `zfs send newrpool | zfs recv rpool` wouldn't work, because I would have already created rpool with the new settings, yes? Otherwise, I'd run into the same issue ey*hb did, IIRC
<elvishjerricco>
cole-h: The problem they had was with `recv -F`
<elvishjerricco>
Oh wait
<elvishjerricco>
yea
<elvishjerricco>
That sounds correct
<cole-h>
lol
<eyJhb>
elvishjerricco: so you are saying that I should use systemd to mount and init my LUKS in stage-2?
<eyJhb>
Seems like NixOS should have a option to mix these things.... :/
<elvishjerricco>
eyJhb: I have no idea. It was just a thought :P
<eyJhb>
There is a need to intermix initrd with normal filesystems
<eyJhb>
It would be nice to be able to specify a universal order :(
<eyJhb>
Atm. It works, but that is only because of the most hacky patch that I linked :p
<eyJhb>
Are there any other usecases for this? Maybe a preCommand isn't a bad thing to have
<elvishjerricco>
eyJhb: It'd certainly be useful in a lot of cases. Stuff like this is why I'm slowly trying to systemd-ify initrd
<eyJhb>
So, you would backup a pre/post cmds for filsystem devices + initrd devices?
<eyJhb>
Not sure if filsystem devices makes sense
<eyJhb>
But I am guessing systemd-ify isn't meet nicely from all. There is a lot of hate regarding it
<eyJhb>
Do you have any PR/issue open for anything elvishjerricco ?
<samueldr>
I don't know that there is hate
<samueldr>
I think the main issue is that there is work to do
<samueldr>
and lack of time all around
<elvishjerricco>
eyJhb: I've got an older attempt at putting systemd in initrd from a while ago somewhere
<samueldr>
preliminary results are in: sd cards suck
<samueldr>
real world testing, using an rpi4, and a known legit class 1 µsd card from a reputable brand
<samueldr>
if I ignore the SD card and use a system running solely on a usb 5400rpm HDD, it takes ~17 minutes to build a specific kernel configuration
<samueldr>
if I use the SD card as the sole storage, as expected on the device, ~65 minutes
<joepie91>
class 1? you mean 10?
<samueldr>
compare this to a build on a 2012-era xeon, 6 cores 6 HT, on hard drives, ~8-9 minutes
<samueldr>
yeah, uhs-1, sorry
<samueldr>
class 10 == uhs-1
<samueldr>
which can get confusing
<joepie91>
ah right :) was wondering
<samueldr>
good remark
<joepie91>
on class 1, the slowness would be... unsurprising :P
<joepie91>
anyway, HDDs are typically 100-150 MB/sec, UHS-1 is 10MB/sec guaranteed, write speeds
<samueldr>
I also have monitoring on the CPU speed, I overclocked the pi to ~1.7Ghz, and it practically never dips to 700mhz due to thermal throttling with the fan I'm using
<samueldr>
yeah, but this just proves on a non-synthetic benchmark how atrocious SD cards are
<energizer>
joepie91: i'm not seeing the advantage of hermes, am i missing something?
<joepie91>
energizer: which may be interesting, in principle, I am just a little skeptical about the "simpler model", because it doesn't explain anywhere where that improved simplicity would come from and what the tradeoffs are (or, alternatively, what design mistakes in Nix it fixes that eliminate the complexity inherently)
<samueldr>
it's a bit ridiculous since SD cards are basically accidentally making people think ARM sucks
<srk>
yes, and devices like bpi m4 which has fake SATA capable of max 10Mb/s writes
<samueldr>
heh
<srk>
my imx6 with native sata feels snappy as any other x86 computer
<samueldr>
my totally non-scientific and definitely not single-or-double blind test of starting and using firefox on the pi4 also paints a story that says: sd cards suck
<samueldr>
though I really was surprised to see how close the compilation time was compared to a 2012-era xeon
<srk>
I've used to run arm buildfarm and had to switch it to netboot + nbd completely from sata/usb/sdcards
<srk>
even then I've had some cards failing to even read uboot
<srk>
not sure if reading causes wear as well, probably
<samueldr>
I don't think it should in a way that matters
<samueldr>
[citation needed] I guess :)
<samueldr>
there's also the big issue of "actual provenance" of the SD cards
<srk>
this, hard to find a source for that
<samueldr>
yep :)
<samueldr>
as bunnie demonstrated few years back, even reputable sellers can end up having non-reputable sourcing
<samueldr>
or their source, non-reputable sourcing
<joepie91>
fake SD cards seem to just not be an issue in NL
<samueldr>
and AFAICT it never was specified in a blog update
<sphalerite>
ah right
<sphalerite>
oh well, I've survived without ECC on all my other machines
<eyJhb>
Is sway/wayland ready to use?
<eyJhb>
Anyone in here using it?
<eyJhb>
(either)
<qyliss>
Yes and yes
<cole-h>
Yes and yes, as well.
<sphalerite>
^
<cole-h>
Depends on your expectations, though.
<eyJhb>
What to expect, and what to not expect?
<sphalerite>
it's far from perfect, but it's good enough that I prefer it over X
<eyJhb>
:p
<sphalerite>
don't expect it never to crash and all applications to display perfectly all the time
<cole-h>
I've heard from people like ashk*tten that stuff like screen readers, etc (accessibility mostly), don't work real well.
<cole-h>
So if you depend on those pieces of software, wayland might not be totally ready for you yet.
<cole-h>
Right, there will be segfaults at times due to the nature of C, but overall I'm satisfied.
<eyJhb>
Lets see how screwed I am if I switch
<eyJhb>
BRB :p (the joys of NixOS)
<eyJhb>
Did not go that well
<DigitalKiwi>
why isn't there a nixpkgs-unstable-darwin
<cole-h>
There is. It's called nixpkgs-unstable :P
<DigitalKiwi>
oh
<cole-h>
I wish GitHub allowed me to subscribe to certain tags
<cole-h>
e.g. I really want to subscribe to the channel blocker tag on nixpkgs so I don't have to visit s.no.o to find out if it's already known why a channel is blocked
<DigitalKiwi>
why does this fail on nixpkgs-unstable on darwin but not on nixos :/
parsley936 has quit [Remote host closed the connection]
parsley936 has joined #nixos-chat
<ashkitten>
eyJhb: don't think screenreaders support wayland yet (as if screenreaders work at all on linux really. ugh)
<ashkitten>
also, sway segfaults a lot
<ashkitten>
it's ridiculous
<ashkitten>
would be cool if someone was working on accessibility support in linux, then my friends wouldn't have to constantly be complaining about it