<samueldr>
colemickens: it's a planned step, to not split results
<samueldr>
(though I'm not involved in the project other than being adjacent)
<colemickens>
samueldr: cool, thanks for letting me know
<colemickens>
Is there still no way to "forcibly subscribe" to a github topic without replying?
<colemickens>
I get all emails, but they come to my inbox if I reply in the thread, otherwise, I never see them. But I don't want to spam issues just to organize my email?
<samueldr>
issue/PR? in the right hand side you can click subscribe?
<joepie91>
colemickens: subscribe button on the right
<colemickens>
joepie91: I'm already subscribed by naturing of watching the repo.
<colemickens>
basically, if you are watching the repo, you get all emails, but they are not "To" you.
<colemickens>
So you can filter on that, but then if you do, there's no way to surface conversations that you care about, unless you do something to trigger GitHub to sned it "To" you. Usually via replying. I guess maybe there's a better heuristic I can write somehow?
Synthetica has quit [Quit: Connection closed for inactivity]
cjpbirkbeck has quit [Quit: Goodbye, take care]
hmpffff has joined #nixos-chat
rajivr has joined #nixos-chat
andi- has quit [Remote host closed the connection]
hmpffff_ has joined #nixos-chat
hmpffff has quit [Ping timeout: 258 seconds]
andi- has joined #nixos-chat
hmpffff_ has quit [Ping timeout: 272 seconds]
hmpffff has joined #nixos-chat
kalbasit_ has joined #nixos-chat
<samueldr>
heh, just thought that it could get confusing with how we have attribute names and name attributes
<samueldr>
which already can get confusing to users :)
<cole-h>
colemickens: Unsubscribe and then manually subscribe
<cole-h>
Works for me
hmpffff has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<samueldr>
I never really got it (didn't _have_ to get it yet)
<abathur>
yeah, probably
<samueldr>
if I understand what you linked, it's expect not handling `sudo` on travis?
* abathur
blinks
<abathur>
why do you say that?
<abathur>
I will note that I'm pretty sure travis-ci wraps curl, probably to add retry or something, and that it can break stuff, so it wouldn't shock me if sudo is wrapped in a way that weirds it
<abathur>
but I'm also low on firing neurons by this point of the night
<samueldr>
>> expect: does "" (spawn_id exp7) match glob pattern "Enter the password for user 'travis':"? no
<samueldr>
>> expect: timed out
<samueldr>
did I misunderstand that?
<cole-h>
Maybe travis sudo prompt is different
<cole-h>
(May be what samueldr was implying/meant/whatever?)
<abathur>
not certain; in theory it's supposed to be a passwordless sudo, but I do remember seeing something about it weirding sudo -v
<samueldr>
>> We have built a lot of fail-safes into the system which are shared with the broader Mainline project. If, for whatever reason, an update is pushed to the device that causes it to fail to boot—we have some complex heuristics about what "failed to boot" means—we have this pretty elaborate checkpointing mechanism built into Android where a failure to boot will be will cause the entire device state to be rolled back to a previous last known
<samueldr>
good point.
<samueldr>
>> In the case of catastrophic failure of this kind, you will simply revert back to the last known boot point in your device with whatever it was good with before.
<abathur>
gchristensen: do you have a sense of what might fix an expect script that runs fine on github actions, but isn't seeing output on travis-ci (and appears to end up seeing some of what it sent to the command?) suspecting this might be some difference in how GA/travis handle pty/tty for logging, or maybe travis wrapping/customizing sudo?
<cole-h>
You still can be! We never defined that number as unsigned!
<V>
NaN~
neeasade has joined #nixos-chat
<supersandro2000>
-1~
rajivr has quit [Quit: Connection closed for inactivity]
hmpffff has joined #nixos-chat
<infinisil>
-2~
hmpffff_ has quit [Ping timeout: 244 seconds]
<samueldr>
I'm not exactly fond of all that snow in late october
<samueldr>
good thing it's not going to stay
<cole-h>
Better knock wood
<joepie91>
snow! gimme snow!
<samueldr>
scrape the sides of a freezer?
<cole-h>
haha
<samueldr>
it's the same stuff, different smell though
<joepie91>
samueldr: not the same :(
<samueldr>
I know, freezer snow at least doesn't overstay its welcome
<samueldr>
joepie91: so I gather it doesn't snow that much in NL? :)
<samueldr>
spend a whole year in Québec [not montréal] and maybe your opinion will change a bit
<joepie91>
samueldr: not anymore :(
<eyJhb>
-3~
<eyJhb>
Don't care if it is 40 minutes later, I was part of something great
<cole-h>
Yes you were
rnea has joined #nixos-chat
cole-h has quit [Quit: Goodbye]
cole-h has joined #nixos-chat
<steveeJ>
I'm trying to package something with `node2nix`. I have the project cloned and checked out locally. `npm install` works in it. generating with `node2nix -l package-lock.json` worked as well. but `nix-build -A package default.nix` gives an error that it can't find `(...)/dist/main.js` in the install step. I couldn't find any precedence for this issue.
<bqv>
drakonis: do i recall correctly that you had freebsd on a chromebook?
<__monty__>
steveeJ: #nixos is the on-topic channel, might get more eyeballs on it there.
<steveeJ>
thanks __monty__. will copy it there :-)
<drakonis>
bqv: never had
<bqv>
do you have a chromebook though? or do you use freebsd?
<bqv>
why do i remember that
hmpffff has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<drakonis>
neither
<drakonis>
i used freebsd for some time
<drakonis>
didnt jive with ne
<drakonis>
me
<bqv>
hm, fair
<crazazy[m]>
I found out how to turn my emacs config into a nix-build without specifying the dependencies
<bqv>
well, place your bets on how long i last before installing nixos on my laptop
<bqv>
because freebsd is a no-go, and debian's turning out to be a pretty spicy choice so far
<crazazy[m]>
what's wrong with nixos on the laptop? works for me as a daily driver
<crazazy[m]>
oh wait I'm dense
neeasade has quit []
<sphalerite>
-4~
<sphalerite>
later to the party than eyJhb
<sphalerite>
bqv: just install it now
<samueldr>
nah, get yourself properly spiced up with non-NixOS, so you'll recoil in terror next time you think about not NixOS ;)
<eyJhb>
crazazy[m]: How dense?
<crazazy[m]>
as in i thought bqv didn't like nixos or something
<eyJhb>
But, why did bqv not install NixOs instead of Debian?
<samueldr>
wanted some spice in their life?
<supersandro2000>
because on Debian I don't rebuild everything if libc gets an update
<eyJhb>
samueldr: For that run some Kali Linux as a daily driver ;)
<eyJhb>
supersandro2000: that is just wishful thinking!
<samueldr>
eyJhb: still running as root by default?
<samueldr>
well, *I* don't rebuild everything when libc updates either
<supersandro2000>
no, I never rebuild my entire Debian system
<supersandro2000>
it just works
<supersandro2000>
I just need to patch cctools and it builds since a while now
<supersandro2000>
I should probably wire up a server a hydra or something
<eyJhb>
"it just works" is until you make a tiny mistake in Debian, and you cannot remember what exactly you changed, or how it is configured etc. :P
<eyJhb>
And you sit in a rescue shell hating your life
<samueldr>
funny how "it just works" is how I think of NixOS compared to other distros ;)
<eyJhb>
Have run Ubuntu + Debian forever, yes it works most of the time. But the setup, maintaince, etc.
<supersandro2000>
eyJhb: I once deleted a crypto lib required to run dpkg and fixed it
<supersandro2000>
live CD can fix a lot
<supersandro2000>
samueldr: on other distros I don't have to patch things to work
<drakonis>
supersandro2000: containers, y'alls
<drakonis>
i dont have to butcher up the host machine
<eyJhb>
supersandro2000: I delete everything except /nix and /boot at reboot and stuff works? :p
<supersandro2000>
Why should anyone do that?
<supersandro2000>
If I delete your home in nix your current work is also gone
<eyJhb>
Manage your state
<eyJhb>
I have most in $HOME persistent, but it is basically one folder
<eyJhb>
Also, NOEXEC, NOSUID, etc. on everything except /nix/store, and a dir for building drvs
<eyJhb>
ANd some Dropbox nonesense
<supersandro2000>
you can't have your dev directory persistent
<drakonis>
watch me do it
<supersandro2000>
I would rather go away from Dropbox than worrying about anything you just mentioned
<eyJhb>
supersandro2000: Can't have your dev directory persistent? Didn't really mention /dev if that is what you mean
<eyJhb>
supersandro2000: Really super easy to have Dropbox have EXEC, I have it in a EXT4 volume in my ZFS pool
<supersandro2000>
not /dev, where you are doing your dev
<eyJhb>
As in, I am not allowed to have a persistent dev environment with the setup I described?
<eyJhb>
Not sure I follow
cjpbirkbeck has joined #nixos-chat
<eyJhb>
drakonis: Please make /dev static and then watch as nothing happens :p
<samueldr>
eeeeh, apparently github was having issues earlier today?
<samueldr>
I wonder if it coincides with when my exported/dumper script was
<samueldr>
and if it's correlation or causation
<samueldr>
but right now it's 502ing quite heavily :(
hmpffff has joined #nixos-chat
<joepie91>
samueldr: might just as well be the youtube-dl troll which has been unicorning for a day or two now
<samueldr>
I don't think so
<samueldr>
I think github simply can't handle the scale of Nixpkgs
<samueldr>
Uuuh... github is having a bad time :( 502
<samueldr>
there is a lack of emojis in that error reporting (from my script)
<elvishjerricco>
There was a post on either /r/nixos or discourse.nixos.org that explained how they set up an encrypted home that only gets decrypted when you login. But I can't find the post anymore. Anyone remember that?
<samueldr>
>> Uuuh... github is having a bad time 🤢 502
<eyJhb>
systmed-home w/ NixOS?
<samueldr>
there I fixed it
<elvishjerricco>
eyJhb: That's not what they used, but that's an option if one is using LUKS. I will be using ZFS encryption however, and I believe this post did as well.
<eyJhb>
elvishjerricco: damn.. Hoping someone else can find it then, ping me if you do as well
aanderse has quit [*.net *.split]
CRTified[m] has quit [*.net *.split]
taktoa[c] has quit [*.net *.split]
taktoa[c] has joined #nixos-chat
CRTified[m] has joined #nixos-chat
aanderse has joined #nixos-chat
<supersandro2000>
joepie91: yeah that unicorned also for me
<elvishjerricco>
eyJhb: No, I believe they were using zfs encryption. But the issue is more about how you turn logging in into running the proper decryption command
<bqv>
sphalerite: eyJhb: because nixos is possibly the least space-efficient and cpu-efficient distribution of them all, and I only have a 32G disk and 2GB ram
<bqv>
heck, even with that debian set up fully i only have 2G free
<bqv>
i'm on a quest to find the most space-efficient mostly-binary-based distro
<abathur>
anyone have a sense of whether generating a volume encryption password and passing it as a command-line argument is a problem from policy/compliance perspectives?
<lassulus>
shell history would be the biggest issue
<lassulus>
or someone looking at your screen :)
<abathur>
this would be scripted
<gchristensen>
commandline arguments being visible in `ps` is a bit shady
<abathur>
as an alternative to using an expect script to pass them
<abathur>
nod
<eyJhb>
What gchristensen said, it is a really nice way to lure scerets
<eyJhb>
Great tactic on e.g. Hackthebox
hmpffff has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<abathur>
the current implementation uses expect, though I personally feel like, if the system's compromised enough for someone to read the password at the time you created the volume, you probably have bigger problems; but I guess there are other reasons ps output could end up persisted
<lassulus>
you can pipe it into cryptsetup luksFormat
<lassulus>
cryptsetup luksFormat "$luksdev" -
<abathur>
I suppose the important question isn't whether I would feel okay making the tradeoff in exchange for not having to worry about an expect script--but whether doing so would be a showstopper for a significant group of people :)
<samueldr>
cryptsetup on macOS? fancy lassulus ;)
<abathur>
:P
<eyJhb>
Wouldn't just generating a file with the password, which only a single user can read, and then there must be some option to read from file?
<samueldr>
[it's information you didn't have on hand, I'm pulling your leg]
<lassulus>
oh it was about macOS? dunno anything about that
<abathur>
eyJhb: I wonder this as well. I'm not sure. I did an early test that worked this way. I suspect not, because I've gotten more than one comment about storing it in Keychain in such away that the system can also automagically use it, and passing it in to keychain *is* the step at question here
<abathur>
eyJhb: in my imagination, it works that way and is up to the user to decide if they want to give it to Keychain and how; I'm afraid reality will be more like: get nagged until we put it in keychain? :)
<eyJhb>
Sounds weird.. What is the actual goal of this? What is it being used for?
<eyJhb>
ANd yes, it does sound like the apple way.