<{^_^}>
To get a sha256 hash of a new source, you can use the Trust On First Use model: use probably-wrong hash (for example: 0000000000000000000000000000000000000000000000000000) then replace it with the correct hash Nix expected. See: tofu-vim
drakonis has joined #nixos-chat
<eyJhb>
infinisil: ahh yes :D If we can't TOFU, then we are F'ed at some point
<eyJhb>
I cannot count how many, invalid base32 I have gotten..
endformationage has joined #nixos-chat
<srhb>
gchristensen: Fwiw the freeipa PR is basically mergeable at any one point for basic functionality, if you're looking for systems level stuff.
<srhb>
Or, well, it has conflicts, but it's easy to fix up and use.
<{^_^}>
#22789 (by e-user, 3 years ago, open): freeipa: init at 4.4.3
<gchristensen>
3yrs :o
<srhb>
Yeah, I think everyone is too scared to touch pam stuff :P
<srhb>
Anyway, it was workable less than a year ago :)
<gchristensen>
oh, pam? *closes tab lol*
<gchristensen>
(kidding)
<srhb>
:P
<srk>
oO, freeipa, wow
<srhb>
It's not.. Great... But it works :P
<srhb>
And it is an easy way to hook up krb auth
<srhb>
Maybe there's an even easier way.
<srk>
I guess it doesn't really use the mad setup script as the original one
<srk>
yup, neat!
<srhb>
Oh yeah, that stuff is fun
<srhb>
"do 1000 lines of bash and we promise :haha: all will be good"
<srhb>
It even has rollback
<srk>
:D
<srhb>
Sort of.
<srhb>
:P
<srk>
imagine trying to run that on openvz vm :D
<srhb>
eeeek
<srk>
it worked after lots of fixes and hacks
<srk>
cool that NixOS can do all that, cli and webui of FreeIPA are nice
<srhb>
Don't think the webui is in. But maybe I'm wrong.
<srhb>
But yes, it's pretty okay.
<drakonis>
haha, i'm checking the nixos website again and wow, this is one hell of an improvement
<drakonis>
i just linked to the website and it convinced someone to check it out
<srk>
srhb: if it's java it should be easy to add
cole-h has joined #nixos-chat
parsley936 has joined #nixos-chat
parsley9366 has quit [Ping timeout: 260 seconds]
<ixxie>
I donno, I think the new site is probably better for new people but its a little bit hard to get at the things I need
<gchristensen>
ixxie: like the package and option search?
<gchristensen>
or manuals?
<ixxie>
Manuals for Nix/OS/Ops and search yes
<ixxie>
I can see why the previous navigation might have been overwhelming for newcomers though
<ixxie>
maybe a single top-level 'reference' page with all that stuff linked could work
<ixxie>
then I could bookmark that page
<srk>
I was looking for manuals today as well, maybe dropdown on Learn button?
<sphalerite>
I just type "opti" in my browser bar and get it from the history :p
<gchristensen>
try the Learn button, ixxie?
<sphalerite>
or "nixos/man"
<sphalerite>
(or nixpkgs/man or nix/man)
<gchristensen>
ah missing some stuff, looks like that page is still wip
<ixxie>
oh
<ixxie>
Learn page is good, but I guess the name was counterintuitive
<ixxie>
but I guess its not bad, maybe I was just blind
<ixxie>
Maybe labeling the sections that link to documentation documentation would be helpful
<ixxie>
then the headers could be links as well
<gchristensen>
would you be up for sending a PR?
waleee-cl has joined #nixos-chat
<ixxie>
gchristensen: yes!
<ixxie>
Im on vacation so gladly
<gchristensen>
nice!
<gchristensen>
github.com/nixos/nixos-homepage
<drakonis>
the current homepage has a missing feature
<drakonis>
the services list is stowed away
<drakonis>
and there's no search bar in the landing page for it either
<drakonis>
ah its mentioned already
neeasade has quit [Ping timeout: 240 seconds]
<ixxie>
why does starting the nix-shell for the nixos-homepage seem to be a waaay heavier build than anything I have build this year including the NixOS ISO
<samueldr>
what do you mean "way heavier build"?
<samueldr>
though recently a bunch of things were added that might have increased the closure size a bunch I think
<ixxie>
seems to be building C++ toolchain
<ixxie>
libutil stuff
<ixxie>
I donno much about it
<samueldr>
that doesn't sound right
<ixxie>
but its been over five minutes and my fan is blasting
* samueldr
pulls and checks
<ixxie>
I think its building Nix from scratch
<ixxie>
o.o
<samueldr>
it seems that yes, it will build nix /nix/store/7c5wrh7bpx4pq0yscfjyysmicwjbz7dy-nix-2.3.6.drv
<samueldr>
but it's among the only two things built
<samueldr>
the other is its tarball
<samueldr>
so basically the only one on my side
<samueldr>
everything else is downloaded
<ixxie>
but is that overkill? I mean, why build Nix for the website?
<samueldr>
not sure, but I think it's related to releasing the nix tarball
<samueldr>
or maybe not
<samueldr>
looking into it
<ixxie>
20m it took on my poor little laptop
<samueldr>
looks like it's for the manual
<samueldr>
ixxie: you're ixxie on github too, right?
<samueldr>
>> Last time we said one of our target audience are developers, we discussed this a bit and our target group are not only developers but advance users, which we classified as users that are familiar with command line. This includes developers, sysadmins, …
<samueldr>
the landing page is not for people already knowing about Nix
<samueldr>
though I guess that doesn't answer how the remainder of the website should present itself
<samueldr>
as far as *design*, it's something that is going to be discussed later on, it's been decided that for the near future no *visual* changes are to be made, visuals being a goal for a later still not far future
<samueldr>
but that's only about the "coat of paint", organization is pertinent
<ixxie>
I actually did some tweaks on the Nix logos a while back but never got that finalized
<samueldr>
you might want to read the announcement, and get in touch with the team
<ixxie>
I guess I would like to sign up if the meeting cadence isn't too intense
<samueldr>
almost every two weeks
<ixxie>
thats okay
<samueldr>
sometimes a week ends up being skipped
<samueldr>
for ~1 hour
<ixxie>
and I guess I can commit to work depending on my situation at hand?
<samueldr>
yeah, it's not like accepting a job
<ixxie>
should I submit my application by replying to that announcement thread or is there a better way?
<samueldr>
>> To join the team please write an email to webmaster@nixos.org trying to answer the following questions:
<ixxie>
right
<ixxie>
I missed that
<ixxie>
I will do so
<samueldr>
no worries
<ixxie>
:)
<energizer>
is there a way to say "these are the containers i want. these are the computers i have. distribute the containers across the computers somehow and keep them running."?
<energizer>
in nix
<samueldr>
is there in non-nix?
<samueldr>
(that may help find solutions with nix)
<energizer>
kubernetes, docker swarm, etc
<ixxie>
energizer: there is kubernetes options for NixOS which are quite elaborate
<samueldr>
right, that's really out of my wheelhouse, so I really didn't know if those did "that" or if they needed more input from the admin
<gchristensen>
this is just like, simulating the internet in your code, right?
<srk>
bkv: cool, ty!
<bkv>
basically all left is to either update the parts of waymonad that use outdated wlroots apis, or downgrade wlroots and revert the hsroots updates
<srk>
guess that depends on how much wlroots changed
<danderson>
gchristensen: yeah, we're simulating network topologies entirely in Go code
<danderson>
you create Networks, attach Machines to them. Some Machines can produce sockets for you (to let you dial out/listen/etc.), other Machines implement various NAT-ey behaviors
<gchristensen>
gotcha
<danderson>
and the sockets "just work", in the sense that packets move around in a way that makes intuitive sense for how it's wired up
<danderson>
but we don't actually construct packets or anything, it's just function calls moving stuff around and doing route table lookups
<danderson>
and we only do UDP, because the entire purpose of this is to test NAT traversal logic
<danderson>
so, wire up a terrible network topology, fire up our NAT busting peers on both ends, and see if we can break through
<gchristensen>
I have to wonder how well the simulator will match ̶t̶h̶e̶ ̶e̶n̶e̶m̶y actual systems
<danderson>
well, two points: one, it's all just code, so we can emulate arbitrarily broken systems
<danderson>
and the other is yeah, it probably won't match every system on the planet, but we can convincingly emulate the ~dozen or so topologies and NAT behaviors that matter, and measure our progress against getting through those
<danderson>
(and guard our code against regressions for the obvious cases)
<gchristensen>
that is cool
<gchristensen>
and test in ms instead of tens of seconds
<danderson>
and we can do it without requiring root or any complex setup - it's literally just a unit test that runs completely in-memory
<danderson>
also the code is *joyously* terrible because we don't care about performance, so we can take all the shortcuts
<danderson>
like, rather than deal with packet queueing, we just spawn one goroutine per packet so that it can block on doing the delivery
<gchristensen>
yeah
<gchristensen>
very cool!
<danderson>
so we pay like 4k of stack per packet in flight, which is ridiculous... But we don't care! :D
<danderson>
likewise, route lookups, you'd normally use pretty tries and complicated optimizations... But no, fuck it! linear scan through an array, from most specific to least specific prefix
<danderson>
awful, awful performance, but it works, and it took ~2h to implement "the internet" and packet delivery over "the internet" :)
<gchristensen>
nice
<bkv>
yeah, i wanna carry on with updating waymonad, because it's the better option and i have already started, but i also don't even really know what i'm doing because i have no real idea how this works. also, having to use a nixpkgs from 2 years ago is an unpleasant solution, and it'd probably be the simplest way to get 2 year old wlroots building
lopsided98 has quit [Quit: Disconnected]
lopsided98 has joined #nixos-chat
abathur has quit [Quit: abathur]
tokudan has quit [Remote host closed the connection]
tokudan has joined #nixos-chat
parsley936 has quit [Remote host closed the connection]