gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
abathur has quit [Quit: abathur]
Jackneill has quit [Ping timeout: 240 seconds]
Jackneill has joined #nixos-chat
andi- has quit [Ping timeout: 260 seconds]
andi- has joined #nixos-chat
slack1256 has quit [Remote host closed the connection]
<infinisil> In https://lobste.rs/s/4wnemk/egui_experimental_immediate_mode_gui: "Personally, I think this kind of UI implementations are going to be the majority of the web in near future. (in 5 years) HTML+CSS will disappear slowly."
<infinisil> And that thing is "an immediate mode GUI written in Rust, compiled to WebAssembly, rendered with WebGL. Everything you see is rendered as textured triangles. There is no DOM. There are no HTML elements. This is not JavaScript. This is Rust, running at 60 FPS."
<infinisil> I will commit sudoku if this becomes the majority of the web
<samueldr> it's cyclical
<samueldr> at one point it was java applets
<samueldr> then flash
<samueldr> then canvas
<samueldr> now wasm+canvas
<samueldr> uh, wasm+webgl obv.
<aleph-> Eyep
<aleph-> Always feels weird seeing lobste.rs in places
<aleph-> Despite the crossover here, heh
<ldlework> it's pretty buggy
rajivr has joined #nixos-chat
<infinisil> ldlework: Yeah noticed it too
<infinisil> Just experimental for now, so not too unexpected
<infinisil> Oh no, I'm just seeing a huge spider on my wall
<ldlework> how huge we talking
<aleph-> Good spooder
<aleph-> Aussie big?
<infinisil> How big is the average aussie?
<infinisil> Doesn't matter, it's BIGGER!
<infinisil> Oh wait, it's just a bug, false alarm!
<infinisil> A harmless bug, I'm going to ride him to the outside now
Emantor has quit [Quit: ZNC - http://znc.in]
<pie_> re immediate mode, something that seems relatively common is Dear ImGUI
Emantor has joined #nixos-chat
<ldlework> If you can't tell whether the thing is a spider or bug, it's probably not an aussie spider.
<gchristensen> did you thank the spider for its good work?
<infinisil> I let it outside to its friends :)
<gchristensen> good choice
<infinisil> (wasn't a spuder though, just a friendly bug)
<gchristensen> just going through some mail/bills/paperwork... I'm wishing I lived in EU :P
<gchristensen> the health insurance here sucks so much
<infinisil> Ohh yeah I've heard about that
<gchristensen> some medically necessary blood tests were covered like 50% by insurance and I owe like $1k
<samueldr> is that after or before being haggled down?
<gchristensen> me haggling with them, or them haggling with the doctor?
<samueldr> yes
<gchristensen> yes on dr, no me w/ them
<samueldr> I've read (very few) people from Canada say that if we did like the USA, hospital wait would be much lower... I surely agree, so much people simply couldn't afford it!
<gchristensen> yeah that wait time thing is an interesting thing :)
abathur has joined #nixos-chat
<ldlework> If you wanted to build a private community library of materials, public domain books, works and datasets, how would you use IPFS to go about it?
<ldlework> Do you know of any IPFS tools or tech that can make it easy for a community to come together and curate and share data?
<abathur> gchristensen: struggled to find enough spare brain cells to rub together to pull it together, but refactor of resholved to be able to handle aliases is now handling my silly little test correctly, at least: https://gist.github.com/abathur/3c60b874354404698b48f52c7da53658
waleee-cl has quit [Quit: Connection closed for inactivity]
hoverbear has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
<colemickens> If you had to name one other technology that you use as much as Nix and get as much, what I'm going to call, "joy of utility" from, what would it be?
<colemickens> ldlework: Dat? But I guess that's Hyperdrive now? My understanding is one of the original goals was "datasets" that might change over time, where you want a swarm of people seeding the latest version.
<colemickens> ldlework: hyperdrive-daemon is the user-entry point to look at if you're interested
<ldlework> colemickens: that's pretty easy for me, emacs
<ldlework> colemickens: thanks i'm googling now
abathur has quit [Quit: abathur]
abathur has joined #nixos-chat
<ashkitten> omg i hate the idea of webapps that don't use html so much
<ashkitten> do people not understand how inaccessible that is?
<ashkitten> no html = no screenreaders, no voice control, no anything
<ashkitten> use html!! it's there!
<ashkitten> on the web it's the only way to have an accessible app! if you're writing a desktop app you can do whatever you want (just be sure to support accessibility apis)
lopsided98 has quit [Ping timeout: 260 seconds]
lopsided98 has joined #nixos-chat
drakonis has quit [Quit: WeeChat 2.8]
<aleph-> ashkitten: Eh there's some decent things with reasonml and accessibility we've done at work
<aleph-> Our stuff works surprisingly well with a screenreader
<aleph-> Given there's like 10 lines of html wrapping a ton of js
<ashkitten> well, either way id say it's probably gonna be hard to match the speed of a browser engine
<ashkitten> especially once we have css custom layouts and web interfaces accessible directly from wasm
<ashkitten> css custom layouts are gonna be huge i think, because it'll let people stop abusing layout constraints that aren't meant to work the way they do
<ashkitten> i guess it's possible to manually position elements already with code
<ashkitten> but i'm not sure how well that works
cole-h has quit [Quit: Goodbye]
<JJJollyjim> Omg I hadn't heard of this api
<JJJollyjim> That's cool
dadada_ has quit [Ping timeout: 265 seconds]
dadada_ has joined #nixos-chat
lucus16 has quit [Quit: WeeChat 2.8]
parsley936 has joined #nixos-chat
lucus16 has joined #nixos-chat
lopsided98 has quit [Ping timeout: 240 seconds]
lopsided98 has joined #nixos-chat
__monty__ has joined #nixos-chat
cjpbirkbeck has joined #nixos-chat
arahael2 is now known as Arahael
<eyJhb> gchristensen: Time to do ZFS snap rollbacks at boot!
<gchristensen> nice!
<gchristensen> I bet I could use some sort of machine learning goop to group scanned mail by who it is from
<__monty__> Definitely sounds up ML's alley.
<gchristensen> (I have a few hundred letters scanned, and ocrmypdf is the only metadata)
<gchristensen> I guess ideally I'd get features from the ocr'd text and image to use for clustering
hoverbear has joined #nixos-chat
<abathur> who's scanning this email
<abathur> sorry, mail
<abathur> freudian
<abathur> gchristensen ^
<joepie91> colemickens: JS + npm (the package ecosystem), I'd say
<joepie91> GMail is slow as molasses, I'm getting spam from companies on HackerOne, and shitty marketing company is still sending me surveys
<joepie91> great day for technology today
arahael1 has joined #nixos-chat
Arahael has quit [Ping timeout: 256 seconds]
<gchristensen> I'm scanning the mail
<cransom> as in, postal mail?
<__monty__> No, chain mail.
<__monty__> : )
<__monty__> I wonder how many plattens will break before all that armor has been scanned.
slack1256 has joined #nixos-chat
<slack1256> srk: Jesus dude, a 47Gb pc? and running like 50+ cabal processes, haha
<srk> slack1256: that's just a single process interacting with htop running in a namespace :D
<srk> much threaded
<joepie91> only 47G?
<joepie91> :P
<joepie91> my PC is Chromium-ready!
<cransom> that bit where haskell always just claims 1T of virt triggers kneejerk wtf moments.
<slack1256> Hahaha, linux overcommit ftw
<slack1256> Ok, now you guy are just flexing.
<joepie91> cransom: is that your desktop though
<joepie91> slack1256: :P
<joepie91> I paid good money for this hardware! I want to get a bit of flexing out of it :D
<cransom> it is, more or less, the mainframe of the house. it does storage and all my day to day stuff.
<cransom> the machine that sits on my desk is just a driver for displays to run a browser and get me tmux into that machine.
<philipp[m]> Sounds nice.
<srk> slack1256: that unshare from yesterday was exactly what I was looking for to record that demo and not leak all the processes running on the host. thanks! :)
<joepie91> ah right, my machine is just a single desktop :P and I separately have some low-powered NAS
<slack1256> Hahah good to know
<slack1256> But there is also `htop -p <pids>` which is an older solution
<srk> like, epic timing. I was considering throwing a VM on it but this was way easier :)
abathur has quit [Quit: abathur]
rajivr has quit [Quit: Connection closed for inactivity]
drakonis has joined #nixos-chat
<sphalerite> srk: there's also a kernel option for users to only be able to see their own processes — mount /proc with hidepid=2
waleee-cl has joined #nixos-chat
parsley936 has quit [Remote host closed the connection]
parsley936 has joined #nixos-chat
<c4rc4s> Threw this in #nixos but chat always seems more active... installing NixOS on my netbook (GPD MicroPC) and everything seems to work OK except that the internal keyboard isn't working during stage 1 boot -- where I have to enter a LUKS key. Works fine after boot if I input that via a USB keyboard.
<c4rc4s> Any ideas as to where I might start figuring out how to fix this?
<__monty__> That's no reason to go off-topic though.
<c4rc4s> Sorry. In any case, since I threw the question in here I'll also reference the answer: "battery" needed to be added to availableKernelModules. Now to go back off-topic.
cole-h has joined #nixos-chat
<energizer> i recently switched a computer from HDD to SSD. google tells me HDD reads are ~100MB/s and SSD reads are ~500MB/s. However, tasks like `rg availableKernelModules nixpkgs/` wouldve taken >30s on HDD now take <1s on the SSD (cold cache). I don't understand why the improvement is so large.
<__monty__> energizer: SSDs have much lower latency for random access.
<__monty__> Those numbers are for throughput which means constant sequential reading/writing.
<__monty__> The files rg searches may be on completely different sectors of the HDD.
<energizer> ah that makes sense
<__monty__> Note that this is just my approximate understanding. There's probably way more going on if you dive deeper.
<samueldr> that's about right, movey bits go brrrrrr
<cransom> heh. 'movey bits go brrrrr'
<samueldr> prove me wrong!
<cransom> i cannot. it is undisputable that ssds do not have the same clackety.
MichaelRaskin has joined #nixos-chat
<slack1256> Does anyone know about a "prelude" for (g)awk functions?
<slack1256> I was writing a simple paragraph extractor on it. It is really simple to do, but I am sure it has been written 500+ times already.
waleee-cl has quit [Quit: Connection closed for inactivity]
<immae> slack1256: You mean a bunch of one-liners in which you can grep for ideas?
<slack1256> Not neccesarely one-liners. Just a bunch of gawk functions distributed and readily available for use in the same way zsh functions are distributed.
<energizer> i want a little computer with ethernet, 2GB ram and 2GB storage. is raspi 4 my best bet?
<immae> slack1256: ah ok no I don’t have that sorry
<cransom> energizer: it fits your 'little' requirement, i'm nto sure what else you'd be wanting it to do.
<slack1256> To me little is still 128Mb
<energizer> cransom: afaict it fits all my requirements, but i dont know much about this area
<cransom> little as being, physically small.
<samueldr> depends on what you intend to do with it I guess
<energizer> samueldr: i dont know what questions to ask :)
<energizer> i need: 2gb ram, 2gb storage, ethernet, some kind of usb. i dont need but not wifi, gpio, audio, hdmi
<energizer> i need: 2gb ram, 2gb storage, ethernet, some kind of usb. i dont need wifi, gpio, audio, hdmi
<energizer> (that raspi 4 provides those things i dont need)
<energizer> i wish i could query a database with my requirements and it'd tell me matching devices
<energizer> or maybe i can put those specs into a form and some robot will build that device for me
<energizer> no idea what's out there
cole-h has quit [Quit: Goodbye]
__monty__ has quit [Quit: leaving]
waleee-cl has joined #nixos-chat
<samueldr> I wonder what's their data source for that
<samueldr> it lacks at least a vendor
<MichaelRaskin> I am afraid manual entry
<samueldr> nothing from https://libre.computer/ AFAICT, love them or hate them
<samueldr> oh, they are in the index
<samueldr> ah, internal storage must have been the issue
<samueldr> ugh, their boards have "internal" storage as in eMMC modules
<samueldr> so it's half-right half-false
<samueldr> and I figure for other vendors like Pine too
<samueldr> oof, bad data entry
<MichaelRaskin> There is no such thing as good data entry process
<samueldr> Internal SSD: 128MB for pine64 pine h64
<samueldr> but it doesn't have that, it's 128megaBITS of SPI flash for the bios/u-boot
<samueldr> speaking of, that's a crucial data point missing!
<samueldr> where is the bootloader stored!
<genevino> helloooo
KarlJoad` has joined #nixos-chat
<colemickens> well, someone linked it from the Fedora/BTRFS thread and made it seem like it was already merged but I can't tell if that's true.
slack1256 has quit [Remote host closed the connection]
<genevino> speaking of which: i have such a high use of SSD drives. every computer i have has at least 2 of them and i like them large. i also switch them a lot to run different operating systems on different computers and even exchange them among those.
<genevino> RIP wallet.
<samueldr> it might not get better for a while still, price-wise
<genevino> that doesn't change my addiction to these things.
<samueldr> even before ol' 'rona, it was stated [citations needed] that SSD prices were going to go up
<genevino> it's not like i consider by looking at the price, it's more like "yup, NEED. *click*".
* colemickens also spies 'nbdkit' which looks nifty
<genevino> "Network Block Device (NBD) is a network protocol for accessing block devices over the network."
<genevino> okaaaaaay
<KarlJoad`> genevino: Engineering-level description of the tool.
abathur has joined #nixos-chat
<energizer> MichaelRaskin: nice search engine, thanks
<MichaelRaskin> Probably not the only one around, no idea how coverage relates
<colemickens> I see people using flakes to pull in package sources. Is this an intentional usage?
<samueldr> you're getting awfully off-topic :)
<colemickens> good point
<gchristensen> I think I asked this last night when I was like 3h late for bed, but here goes. I kinda want to play with ML legos and do some clustering of my mail: https://gist.github.com/grahamc/145e3382f7860431744c2a3d73e77636 -- anyone have some lego kits they would suggest?
<gchristensen> (mail = postal service delivered letters)
<energizer> sklearn knn is a good starting point
<bqv> any xmonad users here?
<KarlJoad`> bqv: Are you looking for someone experienced?
<bqv> i'm looking for a config to pinch
<bqv> :p
<bqv> (i'm considering switching from exwm)
<bqv> i've had a lapse of insanity (yes, you read that right)
<KarlJoad`> Nah, Haskell can be nice to write in. The strictness of the language is helpful. From a config perspective, I see it.
<bqv> oh, no, the joke there was that anyone who uses exwm is likely insane
<KarlJoad`> I don't get it. Software is software. Use what you like. If you like EXWM, so be it.
<c74d> KarlJoad`: Haskell is strict now? It really has been a while since I tried it!
<c74d> ;p
<KarlJoad`> If you think using EXWM makes you crazy, sure.
<KarlJoad`> c74d: It's strictly typed. Still lazily evaluated.
<bqv> i liked it, but i'm kinda itching to try xmonad, and while exwm has some very clear gains over every other WM, it also has a LOT of issues
<gchristensen> energizer: cool, thank you!
<bqv> i'm mostly sticking with it out of stockholm syndrome
<KarlJoad`> bqv: Besides EXWM being in elisp and integrating well/being Emacs, what other clear benefits does it have? I haven't used it.
<bqv> Well, thats kinda it
<bqv> The tight emacs integration is incredible though
<bqv> Things like superpowering the clipboard, etc
<KarlJoad`> Yeah, I do miss the kill ring in other programs. That's understandable. And an undo-tree, rather than linear history. But still, aren't there alternatives that allow you to do the same thing? At least for the paste/kill-ring?
<energizer> there are many clipboard managers that do the kill-ring thing
<energizer> undo tree in other programs would be cool tho
<energizer> maybe that's not possible
<bqv> not with the same level of tight integration to emacs
<bqv> the thing you have to understand here is that it feels *so nice* that literally everything i do is just Yet Another Emacs buffer
<KarlJoad`> energizer: Do you use the undo-tree package to visualize the undo-history? Because if you do, I might steal some of that config.
<bqv> and that's the thing that holds you with exwm
<bqv> it feels like you're just overcomplicating the situation by using any other wm
<KarlJoad`> bqv: There's nothing stopping you from trying xMonad then going back to EXWM.
<bqv> KarlJoad`: that's what i'm doing, silly :p
<KarlJoad`> You might even learn something...
<pie_> bqv: gotta love consistency
<energizer> pie_: all the isp privacy stuff seems like noise over nothing. if you dont use a vpn, your isp will see what ip addresses you connect to
<energizer> not *quite* nothing, but it's really not that different
<pie_> on one hand, i guess, on the other hand, ehhh
<energizer> KarlJoad`: i never got the hang of undo tree tbh
<pie_> on the third hand, gee routing all my dns over cloudflare is also probably a great idea
<KarlJoad`> Ok. Neither did I. I can't seem to get a visualizer going, no matter how I tried.
<abathur> gchristensen: not sure if you saw this yesterday https://gist.github.com/abathur/3c60b874354404698b48f52c7da53658
<bqv> here we go, building a system set to use xmonad instead of exwm
<energizer> the visualizer worked for me but i couldnt understand what was happening unless i looked at the visualizer, and that takes a lot of screen real estate
<KarlJoad`> bqv: Time to hear the fans spin.
parsley936 has quit [Remote host closed the connection]
<KarlJoad`> energizer: Yeah, that's the downside of a tree system. It's hard for the human mind to keep everything together.
<bqv> eh? why?
<bqv> is it not cached?
<KarlJoad`> It might be, probably is. My laptop fans spin up for almost any reason.
<KarlJoad`> If I go over a process load of 2, then the fans start picking up quickly.
<colemickens> oh, I had asked about an 'age' powered 'pass': https://github.com/gopasspw/gopass/issues/1365
<{^_^}> gopasspw/gopass#1365 (by dominikschulz, 5 weeks ago, open): RFC: Handling breaking changes
jneplokh has joined #nixos-chat
<gchristensen> abathur: OMG
<abathur> heheh
<abathur> been struggling a little, it's taken a fairly big rework to give it a context-dependent sense of resolution order
<abathur> it'll take a little bit to bite off some dangling issues and clean it, but anyways; finally got the core of it working last night
<gchristensen> the act that it is possible *at all* is an incredible testament
<abathur> well, it's still cheatin' like hell :D
<KarlJoad`> gchristensen: I believe I have seen videos with you speaking, and I'm curious about your Emacs configuration for Nix. What is your setup for Nix development?
<colemickens> wow, so PIV spec can't handle 4096 bit RSA keys apparently?
<colemickens> Apparently the draft of the NIST PIV spec once included them but then they removed it before publishing.
<danderson> probably for consistency with FIPS 140-2
<colemickens> ". To comply with FIPS 186-3, SP 800-78-2 accordingly removes RSA 4096 as an algorithm and key size for generating signatures for PIV data objects."
<danderson> bizarrely, FIPS 140-2 mandates that compliant devices should only offer RSA 1024, 2048 or 3096
<colemickens> not that that means anything to me
<danderson> yup, same thing then
<danderson> so this is a collection of standards for "US government approved cryptography"
<danderson> one of the standards specifies exactly which algorithms and key sizes are permitted, and all the other documents from NIST reference that one
<danderson> and that one says that RSA keys can only be 1024, 2048 or 3092 bits long
<danderson> and so, the standard everyone follows for hardware-based crypto, says that 4096 bit RSA isn't allowed.
<danderson> allegedly this is just a screwup that nobody noticed before publication, but bureaucracies being what they are, those are the rules until the next revision of the standards are published
<danderson> the next revision will allow 4096 bits, and may also include some wording about "larger keys than we say are also okay"
<danderson> ... but the standards refreshes operate on a cycle of years. This silly state has already been around for a couple of years now
<danderson> it especially causes hilarious problems for TLS certificate authorities
<bqv> hello from xmonad
<bqv> that was a farce
<bqv> it started up and my screens were black and i realised i had no idea how to do anything
<danderson> because they have to abide by the CAB Baseline Requirements, which say that (a) a root CA's key must be stored in a hardware security module that's FIPS 140-2 level 3 or better
<danderson> and (b) it must be 4096 bits or larger
<danderson> ... but the current revision of FIPS 140-2 says 4096 bit or larger RSA keys aren't allowed
<colemickens> -_-
<danderson> so you can't be compliant with (a) and (b) at the same time
<KarlJoad`> bqv: Yeah, small downside of xmonad, if you don't expect that.
<danderson> the workaround is amazing: if your hardware security module was FIPS certified based on a _previous_ version of the FIPS standard, that's still okay. You can still claim FIPS compliance.
<joepie91> lol FIPS
<danderson> so, everyone has to keep using security modules from ca. 2013, which are certified against the standard that didn't say anything about key sizes
<colemickens> It also smells like a conspiracy/racket.
abathur has quit [Quit: abathur]
<danderson> nah, there's discussions on public mailing lists where everyone's like "oh, yup, that was dumb, ha, we'll fix it in the next patch"
<joepie91> literally every time I hear about FIPS it's in the context of some dumb hack to get vaguely acceptable levels of security despite FIPS requirements
<danderson> but again, bureaucracies gotta bureaucracy. Just because everyone agrees that a phrase of the standard is dumb, doesn't mean you can choose to ignore it.
<danderson> I mean, you can choose to ignore it, but you won't get FIPS 140-2 certified
<danderson> ... and so you can't sell to people who have "Unique Compliance Requirements"
<danderson> FIPS isn't _that_ bad
<danderson> I mean, it's a lot of pomp and circumstance for not much effective result, but the goal of the standard isn't terrible, at least
<danderson> it's just slow to catch up to modern cryptography.
<danderson> and a lot of stuff in it was written assuming purpose-built security silicon, rather than stuff like OpenSSL
<danderson> so there's a lot of weird requirements that don't make much sense for software
<danderson> like, a FIPS crypto module has to perform a self-test on startup, doing crypto operations on a couple of known vectors to verify that it's not damaged.
abathur has joined #nixos-chat
<danderson> which... yeah, makes sense, you want your Top Secret crypto chip to not produce garbage because a neutrino borked it
<danderson> but as a result, all FIPS certified software libraries also have to do a self-test every time the enclosing program starts up, and fall into a "safe mode" if the crypto goes wrong
<danderson> it's a bit weird and silly, but you can see the reasoning behind it. Sort of.
<danderson> A lot of where FIPS really hurts is the list of ciphers, cipher modes, padding, key lengths...
<danderson> for obvious reasons, the standard specifies the exact list of what is allowed, which are the things that were scrutinized while putting the standard together
<danderson> so you can't use state of the art elliptic curve stuff, because hey, it didn't exist the last time the standard was made
<danderson> and FIPS tends to be quite conservative, so give it a decade or so before they feel comfortable with a new thing
<danderson> meanwhile, old busted things that were great at one time, but not any more, are still in the standard, because retiring stuff from standards is hard
<danderson> e.g. you can't just say "MD5 is bad now, no MD5 in FIPS devices", because there's probably a body of existing crypto products out there using those things
<danderson> and you can't just tell DoD "sorry, you can't verify those old signatures any more"
<danderson> anyway. FIPS gets a bunch of flack. Some of it deserved. But I think its heart is in the right place, at least.
<bqv> KarlJoad`: it's fine, i'm just not used to anything except exwm at this point
<bqv> it's been years
<bqv> i was looking for how to close a window... "mod-shift-q will close xmonad, but don't do that now"
<bqv> guess what i did
<bqv> how does copy and paste even work?
<KarlJoad`> Hoestly, magic.
<bqv> i can't seem to copy from qutebrowser into urxvt
<bqv> halp
<c74d> bqv: In i3 I paste into urxvt by selecting the text to copy and then pressing Shift-Insert; does that work?
<colemickens> and pkcs11 v3 isn't released, so pkcs11 + ed25519 is a no go too
<c74d> s/;/ in urxvt;/
<colemickens> heh, I keep running into Nix people when looking into this. looks like volth tried to do pkcs11 + ed25519 as well
<bqv> various things
<bqv> ooh
<bqv> it works
<bqv> thanks c74d !!
<bqv> literally minutes into xmonad and i already miss exwm
<bqv> but i'll give it more of a chance