gchristensen changed the topic of #nixos-chat to: NixOS but much less topical || https://logs.nix.samueldr.com/nixos-chat
<colemickens> I actually was wondering earlier today if jq had a magical ability to just do env var replacement for me :P
<V> gchristensen: echo '[{"x": 56}, {"y": 78}]' | jq add
<V> JJJollyjim: ^ as well
<gchristensen> oh neat...
supersandro2000 has quit [Disconnected by services]
supersandro2000 has joined #nixos-chat
<infinisil> :o
<V> what can I say, I appreciate brevity :p
karolus has quit [Read error: Connection reset by peer]
red[evilred] has joined #nixos-chat
<red[evilred]> If any of y'all use Solarwinds Orion at the day-job. Buckle up.
supersandro2000 has quit [Quit: The Lounge - https://thelounge.chat]
supersandro2000 has joined #nixos-chat
cole-h has joined #nixos-chat
LnL has quit [Quit: exit 1]
LnL has joined #nixos-chat
<colemickens> how tf do we not have alsa-utils aliased to alsaUtils
<colemickens> or maybe please-just-give-me-alsamixer that installs alsaUtils and alsaTools
LnL has quit [Quit: exit 1]
LnL has joined #nixos-chat
<lovesegfault> The fact that nix uses camelCase for a bunch of stuff, but then multi-word package names is a free-for-all drives me absolutely insane
<drakonis> clean slate nix when
<samueldr> that's not even nix
<samueldr> :)
<lovesegfault> s/nix/nixpkgs/
<drakonis> nixpkgs yes
<lovesegfault> y'all know what I mean
<drakonis> yes
<drakonis> same
<samueldr> yeah
<samueldr> no need to, we can make aliases and fix it
<lovesegfault> ^^^
<drakonis> alias all the things?
<samueldr> what happens, in part, is that at some point in the long history of Nix there was no dashed-variable-names
<drakonis> hmm, i see.
<drakonis> but which one should be the main one then? dashed variable names?
<samueldr> I think the answer is whatever the manual states :)
<drakonis> hmm
<drakonis> aight
<lovesegfault> the manual: the correct thing is what the manual states
* samueldr waits on it to load
<samueldr> IIRC it states to name things as dashed-names
<lovesegfault> Oh, TIL that that's recommended over camelCase
<samueldr> *for packages*
<drakonis> huh.
<lovesegfault> also, it's called kebab-case :P
<samueldr> thanks, it completely escaped me
<lovesegfault> I had to search to remember
<samueldr> >> The name attribute should be identical to the upstream package name.
<samueldr> heh
<samueldr> >> Dashes in the package name should be preserved in new variable names, rather than converted to underscores or camel cased — e.g., http-parser instead of http_parser or httpParser. The hyphenated style is preferred in all three package names.
<samueldr> it's written a bit oddly
<samueldr> but yeah, newly introduced packages attribute names should follow the name attribute, which in turn is kebab-case'd
<infinisil> What if programming languages treated all different casings the same
<samueldr> hmm
<samueldr> somehow for letter-casing it seems familiar
<samueldr> but not for symbols between letters
<infinisil> I guess there are languages that are case-insensitive
<samueldr> >> Historically, Nim was fully case-insensitive (meaning that capitalization and underscores of the identifiers were fully ignored)
<infinisil> Oh neat
<infinisil> Probably could also ignore -
<samueldr> most programming languages I know don't allow -
<samueldr> a-b is a - b
<infinisil> Oh yeah
<samueldr> I would assume the same for Nim
<infinisil> > let a-b = 10; in a-b
<{^_^}> 10
<infinisil> Well!
<infinisil> The identifier regex for Nix is [a-zA-Z\_][a-zA-Z0-9\_\'\-]* (source lexel.l in nix's source)
<infinisil> > _'-''-'--__'-_ = 10
<{^_^}> _'-''-'--__'-_ defined
<infinisil> Lol
* samueldr calls the police
<samueldr> that's clearly not how it's meant to be used
<samueldr> :)
<infinisil> > _-'-_ = "weee"
<{^_^}> _-'-_ defined
<infinisil> I think I found a new favorite variable name
<gchristensen> let's encode morse code in to nix using _ and '
<infinisil> ]
<infinisil> !
<infinisil> Although, can only start with _
<infinisil> RFC: Allow "'" as the start of variable names. Motivation: Declaring morse code variables
<samueldr> infinisil: ''
<samueldr> string delimiter or variable name?
<infinisil> Implementation details: Remove multiline strings
<pie_> If this passes I want my named ... RFC passed too <infinisil> RFC: Allow "'" as the start of variable names. Motivation: Declaring morse code variables
Taneb has quit [Quit: I seem to have stopped.]
Taneb has joined #nixos-chat
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
waleee-cl has quit [Quit: Connection closed for inactivity]
endformationage has quit [Quit: WeeChat 2.9]
Dotz0cat_ has joined #nixos-chat
Dotz0cat has quit [Ping timeout: 264 seconds]
lopsided98 has quit [Ping timeout: 264 seconds]
lopsided98 has joined #nixos-chat
Jackneill has quit [Read error: Connection reset by peer]
Jackneill has joined #nixos-chat
lopsided98 has quit [Ping timeout: 260 seconds]
rajivr has quit [Ping timeout: 260 seconds]
LnL has quit [Ping timeout: 260 seconds]
LnL- has joined #nixos-chat
rajivr has joined #nixos-chat
immae has quit [Ping timeout: 260 seconds]
arcnmx has quit [Ping timeout: 260 seconds]
LinuxHackerman has quit [Ping timeout: 260 seconds]
bbigras has quit [Ping timeout: 260 seconds]
LinuxHackerman has joined #nixos-chat
Jackneill has quit [*.net *.split]
abathur has quit [*.net *.split]
evalexpr has quit [*.net *.split]
aleph- has quit [*.net *.split]
monsieurp has quit [*.net *.split]
pinpox has quit [*.net *.split]
arcnmx has joined #nixos-chat
immae has joined #nixos-chat
bbigras has joined #nixos-chat
pinpox has joined #nixos-chat
monsieurp has joined #nixos-chat
aleph- has joined #nixos-chat
evalexpr has joined #nixos-chat
abathur has joined #nixos-chat
Jackneill has joined #nixos-chat
thibm has joined #nixos-chat
lopsided98 has joined #nixos-chat
cole-h has quit [Quit: Goodbye]
__monty__ has joined #nixos-chat
supersandro2000 has quit [Quit: Ping timeout (120 seconds)]
supersandro2000 has joined #nixos-chat
edef has quit [Ping timeout: 260 seconds]
lunc has joined #nixos-chat
ekleog has quit [Ping timeout: 265 seconds]
<leonardp> ' '' '' ' ''' ''' ' ' _ / '' '' ' ' ''_
<leonardp> `' _''_ _'_' ' '_'' '_'' ' _' _ / '' _'' ' '_ _'_'__`
<__monty__> Ah, someone who's trying to communicate in morse code because most of their keyboard's dead.
<viric> mh nix-store --repair-path is not there anymore... but it's in "man nix-store"
<viric> ah no, outdated man. grmbl
<viric> I'm confused.
<AMG> I want to decapitate people who use @here in slack channels with 300+ people...
<lunc> oh interesting... now there's an gsuite outage
<srk> hn on clicking on google outage.. 'We're having some trouble serving your request. Sorry! '
<srk> I can still play videos with youtube-dl but not via web.. :D
<siraben> there was that one time this year in the FP Slack channel where 16K people were pinged with a @all
<siraben> @everyone, rather.
Jackneill has quit [Ping timeout: 260 seconds]
clever has quit [Ping timeout: 256 seconds]
<eyJhb> gchristensen: you cannot be everywhere, ##aws !
clever has joined #nixos-chat
clever has joined #nixos-chat
clever has quit [Changing host]
Jackneill has joined #nixos-chat
clever has quit [Ping timeout: 240 seconds]
clever has joined #nixos-chat
clever has joined #nixos-chat
clever has quit [Changing host]
<gchristensen> eyJhb: I'm not in ##aws!
<eyJhb> You are the topic setter and contact person, that is enough for you to be there by spirit! :D
<gchristensen> :D
<eyJhb> Also, all the different ways that providers calculate the fingerprint for SSH Keys.... DO and AWS are not compatible with those... :(
<eyJhb> But then again, you have used a lot of time with AWS, I shouldn't be that suprised :p
<gchristensen> wat, really?
<gchristensen> also, it is upsetting that AWS doesn't support ed25519 keys
<eyJhb> Yeah, I have the same SSH key I have added to DO and AWS, and the fingerprint is different... So I have to do them by "name" and make extra API calls now...
<eyJhb> What, don't they??
<eyJhb> `Key is not in valid OpenSSH public key format` guess not
<eyJhb> Also weird coming from DO to AWS, where the SSH key you specify in the config, will be added with whatever you have in you cloud-config. But AWS will then not add the SSH Key specified in creation, but just run the stuff from the cloud-config (at least that is what I learned from it)
<gchristensen> ah I think that is just what cloud-init does
<eyJhb> DigitalOcean uses cloud-init as well :D So it might be more on the config side
<eyJhb> Maybe just the AMI I am using
<gchristensen> yea
<gchristensen> and actually
<gchristensen> DO probably pokes itself in to the disk and modifies it underneath you before boot
<gchristensen> and AWS doesn't do that
<eyJhb> Well, I got a nice/weird bug... So if I specify a securityGroupId that does not exists, then it will specify a empty groupId, and complain that groupId is invalid
<__monty__> Is the fingerprint thing an md5 v. sha2 thing?
<eyJhb> Might be? `9c:b7:73:64:b9:e3:11:d7:3f:b5:76:02:6d:59:a4:1f` vs. `09:01:70:55:28:4a:32:4f:4d:6a:a7:b6:51:3e:d2:1e`
edef has joined #nixos-chat
<__monty__> Hmm, sha256 is quite a bit longer I think? Are ssh fingerprints truncated?
clever has quit [Ping timeout: 246 seconds]
clever has joined #nixos-chat
clever has joined #nixos-chat
clever has quit [Changing host]
ekleog has joined #nixos-chat
<adisbladis> I think it's md5
<adisbladis> eyJhb: ^
<adisbladis> I think both of those are md5?
<__monty__> If it's the same fingerprint algorithm I wonder why the fingerprints differ.
<__monty__> Do they salt on purpose or something?
<__monty__> Or even some non-random string?
<eyJhb> I am guessing that DO does something weird
<eyJhb> Because, that is how they tend to do things
<eyJhb> gchristensen: I have to rewrite stuff and things now because of how AWS works :p Good to have another provider, so that the flaws are shown
neeasade has quit [Read error: Connection reset by peer]
<gchristensen> multicloud is hard and expensive and usually not worth it, but yeah
<eyJhb> The interface is super simple, so it should be OK - https://termbin.com/fxdz
red[evilred] has joined #nixos-chat
<red[evilred]> Honestly, the main reason for doing multi-cloud from my PoV isn't technical. It's "The cloud provider just termed our account and we've now lost all our infrastructure"
<joepie91> red[evilred]: people are amazingly unreceptive to "what if your cloud provider actively screws you" arguments, IME
<joepie91> it just isn't part of people's threat model somehow
waleee-cl has joined #nixos-chat
<hexa-> well, it becomes more unlikely since you are actually paying for their service
<eyJhb> Ehmmm...
<hexa-> and the board experience on the web is that you are primarily getting screwed on free services
<eyJhb> We've had DigitalOcean freeze our accounts multiple times with under 10 hours until our event goes live.. :p
<hexa-> make a fuss and jump ship
<eyJhb> And with premium support, the answered us 4 days after or something...
<adisbladis> hexa-: Does it?
<gchristensen> yeah digitalocean isn't for serious businesses like AWS is
<hexa-> especially then :p
<hexa-> adisbladis: somewhat
<gchristensen> DO is "the developer cloud"
<adisbladis> Like... GCP is great but I wouldn't trust Google to provide any kind of customer support
<adisbladis> If I get locked out of GCP I fully expect to have to bootstrap everything from scratch again
<eyJhb> gchristensen: True, I however count on them not to lock my account when I get the manually increased number of Droplets..
<gchristensen> yeah well
<gchristensen> heh
<gchristensen> it sucks
<gchristensen> no doubt
<eyJhb> But yeah, now I have AWS running as well :p So hopefully I don't get blocked multiple places
<hexa-> adisbladis: pretty sure Google in general is known for lack of customer support, except maybe ads and pixel phones?
<eyJhb> I just want to integrate with their spot instances now :D
<adisbladis> eyJhb: Is this for personal use or business?
<eyJhb> Business stuff, but atm. I don't run anything business as such on it
<eyJhb> The CTF platform as usual adisbladis :p
<hexa-> and yeah, there is the general scheme of "You did *that*, there is no recourse. Goodbye"
<red[evilred]> Reality Check. My company pays millions for cloud services to AWS. I still think AWS wouldn't give a shit and lock us out,.
<red[evilred]> because even millions is a rounding error to companies of that size
<gchristensen> AWS doesn't have the reputation of doing that
<gchristensen> Google doesn't (for GCP afaik, "just" for gmail), DO definitely does
<eyJhb> DO has a reputation of kicking people off?
<gchristensen> absolutely
<gchristensen> https://twitter.com/w3Nicolas/status/1134529316904153089 here is one such story
<hodapp> this is one of the big asterisks that anything 'cloud' always has for me
<eyJhb> Might get my friend NOT to use DO
<eyJhb> He is currently planning on taking his web hosting company onto DO
<joepie91> <hexa-> well, it becomes more unlikely since you are actually paying for their service
<joepie91> I don't think anyone who has followed the hosting industry in the past decade would agree with you there :D
<thibm> gchristensen: the tweet's company website said it's "trusted by amazon, (…) OVH". That's fun
<lovesegfault> gchristensen: do you have a blog post on running everything on its own cgroup yet?
<gchristensen> no
<hodapp> I have been curious on the open-source systems, e.g. Triton, that let a person run their own 'cloud' services if so desired at a local scale
<lovesegfault> gchristensen: were you thinking of writing one? I want to try it out :D
LnL- is now known as LnL
<tilpner> (I asked about how it was done before, remembered it was done from i3config with systemd-run: https://github.com/grahamc/nixos-config/search?q=systemd-run )
<red[evilred]> speaking of separation -=- I'm really interested in seeing NixOS on a microkernel
<lovesegfault> Oh nice tilpner
<lovesegfault> let's see if I can incorporate that into my config today :D
<Taneb> People who use lorri: do you make common shell.nixs that you import and extend?
<tilpner> direnv, but no, I copy from the last project with a similar toolchain
<lovesegfault> I had an idea for a project like that Taneb, https://github.com/lovesegfault/lange
<lovesegfault> but I got lazy
<__monty__> I do, Taneb.
<__monty__> But my projects all use pretty much the same environment.
kalbasit has joined #nixos-chat
<red[evilred]> It's days like this I wish I were German
<Taneb> ?
<joepie91> reason for the near-total Google outage this morning
<joepie91> "disk was full"
<gchristensen> lol
<__monty__> Maybe a freight train full of HDDs wasn't on time for once.
<__monty__> I didn't actually notice the outage because I rarely authenticate to google services >.<
<red[evilred]> German has the wonderful ability to make compound words on demand
<red[evilred]> the way my day is going, I would make heavy use of that linguistic technique
<joepie91> it seems that everyone is having a shit day today
<lovesegfault> infinisil: what is a thunk
<gchristensen> a thought you haven't thought yet
<lovesegfault> gchristensen++
<{^_^}> gchristensen's karma got increased to 386
<lovesegfault> i thunk therefore I'm not
<infinisil> lovesegfault: An unevaluated expression
<lovesegfault> infinisil: Not too far from gchristensen's answer :P
<lovesegfault> why call it a thunk and not `expr`? or `expression`?
<infinisil> E.g. if you do `let a = 1 + 2; in a + a`, as a first step, nix creates a thunk for `1 + 2`, which is then evaluated once a is accessed, at which point the thunk becomes an evaluated value
<gchristensen> expression is syntax
<infinisil> So the second time a is used, it doesn't need to compute it again
<lovesegfault> How do you make sure two thunks are equivalent? Is there a thunk ID?
<__monty__> Hmm, that example doesn't actually rely on thunks though. In a strict language it wouldn't have to be reevaluate a either.
<srhb> lovesegfault: It's not a term invented by Nix, by the way, it's quite common when talking about evaluation strategies, especially in functional languages.
<__monty__> Particularly lazy languages.
<srhb> Indeed.
<__monty__> lovesegfault: Thunks are similar to references. There's on way to determine two different thunks are equal than evaluating them and comparing the values.
<__monty__> *no
<__monty__> In a strict language the `a` in the let would be computed and stored in a reference, and every usage of `a` in the body would dereference said reference.
<infinisil> lovesegfault: In this case, it's the same thunk because Nix builds an "environment" that maps variables to values
<infinisil> So when it looks up "a", it finds the same value both times
<lovesegfault> I see, but it won't do the same for ad-hoc closures?
<lovesegfault> Like I have (1 + 10) in a bunch of places it will compute it each time
<lovesegfault> or (_: 1 + 10)
<__monty__> Indeed.
<gchristensen> it could, though
<infinisil> I don't think it can
<gchristensen> for example Unison would determine those are identical
<__monty__> Yeah, it's possible.
<infinisil> Ah
<gchristensen> unison renames all the variables and makes the AST standardized to prevent re-evaluation
<__monty__> Most compilers/interpreters need a little help though.
rajivr has quit [Quit: Connection closed for inactivity]
endformationage has joined #nixos-chat
cole-h has joined #nixos-chat
<lovesegfault> What is better:
<lovesegfault> a) a problem that is solved automatically, but triggers every 10h
<lovesegfault> b) a problem that needs manual intervention, but triggers every 2 weeks
<gchristensen> tautomatic
<gchristensen> manual fixes every 2 weeks is donkey work
<lovesegfault> cc. ekleog :P
<lovesegfault> gchristensen: I agree
cosimone has joined #nixos-chat
<__monty__> A problem that is automatically solved doesn't sound like a problem at all : )
<gchristensen> the modern idea behind monitoring and alerting is only alert on customer pain
<gchristensen> database down -> no alert
<gchristensen> failed queries -> alert
<gchristensen> the idea is your automation could handle the down database (it is a known scenario with a possible resolution) but failed queries is not a machine-resolvable problem
<ekleog> lovesegfault: I see what you did there :p
<ekleog> (and yes I'm of this opinion too, automatically solving issues is good)
<ashkitten> <3 pulling nixos-unstable and adding 3 patches that were merged after the last channel update to fix various builds
Guest88372 has quit [Read error: Connection reset by peer]
sorear has quit [Read error: Connection reset by peer]
jared-w has quit [Read error: Connection reset by peer]
jared-w has joined #nixos-chat
Guest88372 has joined #nixos-chat
sorear has joined #nixos-chat
red[evilred] has quit [Quit: Idle timeout reached: 10800s]
<eyJhb> If anyone uses displaylink, you could test this PR https://github.com/NixOS/nixpkgs/pull/106728 :)
<{^_^}> #106728 (by eyJhb, 2 days ago, open): evdi: unstable-20200416 -> v1.7.1
<eyJhb> ashkitten: I have started to run nixos-unstable-small, as it propagates faster :D And if it fails to build one day, it will build the next day
<ashkitten> eh, i don't mind too much
<ashkitten> hmm might try running pipewire master, see if that fixes the weird audio issues i've been having
<gchristensen> I think I won the ssh key lottery, this key's fingerprint ends in fuck
<lukegb> ding ding ding
<eyJhb> gchristensen: Pictures or it didn't happen
<eyJhb> And in less than 10 minutes! Else you're just GIMPing stuff ;) :p
<eyJhb> ashkitten: I only started doing it, after someone said it is the same, just with less caches things I guess...
<__monty__> eyJhb: That's a good way to end up building things like libreoffice.
<eyJhb> gchristensen: Even better, it is the Filesystem Fuck!
<eyJhb> __monty__: I have not tried that yet, and I have it installed :p But then again, I am used to VBox.......
ashkitten has quit [Quit: WeeChat 3.0]
<samueldr> gchristensen: is this what bitcoin is all about? billion upon billion of cpu cycles trying to get to a specific hash? but yours is more useful?
<gchristensen> "useful"
<samueldr> gets you into an ssh server
ashkitten has joined #nixos-chat
<samueldr> how many ssh server can you get into with one bitcoin?
<gchristensen> haha
<gchristensen> one whole bitcoin? probably quite a few
<ashkitten> excited for wine 6.0 release soon
<ashkitten> there's been a lot of good stuff in dev since the last stable release
<lovesegfault> Interesting, gchristensen do you not use `swaymsg -t command "exec $myCommand"` on your launcher?
<lovesegfault> I thought it was the recommended way of doing things
<gchristensen> never heard of doing that
<andi-> lovesegfault: why would I do that if I already launch my launcher that way and that one exec's into the selected program?
<gchristensen> I'm just not clear at all on what sway does thatmakes it a recommendation
<lovesegfault> andi-: I do not know
<lovesegfault> I just have this in the back of my headf
ixxie has joined #nixos-chat
neeasade has joined #nixos-chat
<lovesegfault> is there some display manager that works with sway that is simpler than gdm but nicer than just the tty login prompt
<__monty__> Probably SLiM but it was axed : /
<samueldr> wild guess, but an X11-based DM from before wayland, I would be kind of surprised if it worked
<lovesegfault> gchristensen: ayooo got it working :D
<__monty__> samueldr: Forgive me, the wounds are still fresh.
<sphalerite> gchristensen: should have used nix's base32! :p
<gchristensen> nice, lovesegfault !
<sphalerite> gchristensen: lovesegfault: andi-: something like startup notification, iirc — the application will end up on the display you had focused if you used swaymsg exec, but on the one you have focused at the point where it opens the window otherwise.
<sphalerite> not entirely sure if that's correctly.
<lovesegfault> it was pretty easy overall
<sphalerite> s/correctly/correct/
<sphalerite> lovesegfault: what's the benefit of this?
hplar has quit [Ping timeout: 260 seconds]
<lovesegfault> sphalerite: I S O L A T I O N
<lovesegfault> I want to play with cgroups, in other words
<lovesegfault> like limiting CPU slack and discord can use
<andi-> lovesegfault: add -p DynamicUser=yes -p ProtectSystem=full to the launch line ;-)
<lovesegfault> andi-: explain
<lovesegfault> I don't want my terms running as not-my-user :P
<gchristensen> I do :(
<andi-> but you said isolation :(
<lovesegfault> gchristensen: Really? O.o
hplar has joined #nixos-chat
<gchristensen> yes!
<andi-> yes, why not?
<andi-> I also want that
<gchristensen> I want every terminal and GUI to have its own ~
<gchristensen> sharing minimally configured as needed
<lovesegfault> gchristensen: I segfaulted systemd
<lovesegfault> lol
<gchristensen> O.O
<lovesegfault> now I can't start any new things
<lovesegfault> or use coredumpctl to inspect
<andi-> And I thought X509 would be as hated as gpg..
<gchristensen> I'd rather x509 over gpg
<andi-> just create one sub-key per session - LOL
<andi-> what could possibly go wrong
<gchristensen> sort of
<lovesegfault> lol I need to reboot
<lovesegfault> this is funny
<andi-> I am kinda tempted to test what happens with a few thousand subkeys..
<andi-> Probably not supposed to crash..
<gchristensen> give it a go
<gchristensen> and then publish it to the keyserver
<andi-> /o\
<gchristensen> "Go's XML package is unfixably incorrect" https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/
<andi-> It just scrolled by in my chanmon buffer /o\
<gchristensen> oops
<gchristensen> With XML-DSig
<lovesegfault> Alright, back
<lovesegfault> > -.slice: Failed to migrate controller cgroups from /user.slice/user-8888.slice/user@8888.service, ignoring: Permission denied
<{^_^}> error: syntax error, unexpected '.', at (string):451:2
<lovesegfault> hmmm
<andi-> lovesegfault: how did you manage that?
<lovesegfault> andi-: that error?
<andi-> yeah
<gchristensen> are you on cgroupsv2?
<lovesegfault> gchristensen: how do I find out
<gchristensen> [grahamc@Petunia:~]$ mount | grep cgroup2
<gchristensen> cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
<lovesegfault> ❯ mount | grep cgroup2
<lovesegfault> cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
<lovesegfault> yup
<gchristensen> nope, unified
<lovesegfault> Oh
<lovesegfault> systemd.enableUnifiedCgroupHierarchy = false?
<gchristensen> for my freezer stuff I think you need cgroup2 but that breaks docker
<lovesegfault> I don't use docker
<sphalerite> gchristensen: have you implemented it yet? I want it.
<gchristensen> which freezer?
<gchristensen> I have a pause button for programs, I use that often
<sphalerite> no the fuse-on-home thing
<gchristensen> oh
<gchristensen> no, I keep getting caught up in wanting to use Rust but not wanting to suffer through its API :P
<sphalerite> :D
<gchristensen> and then go but its "examples" aren't examples atall
<lovesegfault> did you explicitly enable the non-unified hierarchy somehow gchristensen?
<lovesegfault> aha
<{^_^}> #104094 (by flokli, 3 weeks ago, merged): systemd: switch to unified cgroup hierarchy by default
<lovesegfault> I had docker enabled
<lovesegfault> so It was forcing the config
<lovesegfault> brb rebooting
<lovesegfault> cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
<lovesegfault> bingo bango bongo
<cole-h> bish bash bosh
ixxie has quit [Remote host closed the connection]
<colemickens> So strange, I've been continuing to have problems with GPG when moving my yubikey between machines. I wrote a `gpg-fix` script, that now works 100% of the time.
<colemickens> The thing that finally got it working, was after restarting pcscd and gpg-agent{-*} was manually calling `gpg --card-status`. If I don't do that before git tries to use it, it just gets jammed up.
<gchristensen> :/
<andi-> I currently have like 3 smartcards on my computer and pcscd is not liking it :/
<andi-> s/smartcards/smartcard readers/
<andi-> I can't SSH anymore without randomly disconnecting a few
<__monty__> Why so many smartcards?
<andi-> I have 1 yubikey, 1 generic reader and one for banking.
<andi-> The banking one has a bunch of weird extra requirements.
<andi-> and obviously I do not want to disconnect the yubikey all the time
<andi-> worst case is when two of the readers do not have cards in them as depending on the driver they'll just block SSH forever and even -vvvvvvvvvv doesn't help you.
* colemickens f5's this page again https://github.com/str4d/rage/issues/16
<{^_^}> str4d/rage#16 (by str4d, 1 year ago, closed): Yubikey support
<lovesegfault> Mic92: trying out sops-nix today
<colemickens> is the systemd change merged yet ?
<lovesegfault> which one
<lovesegfault> the cgroups one?
<colemickens> sops-nix was using an activation script for a while, rahter than a systemd unit
<colemickens> but that makes it very hard to use in certain scenarios
<colemickens> there was indication that the systemd pr would be merged but last I'd checked it was still pending. Maybe I should just test it and provide feedback.
<lovesegfault> Oh, apparently no: https://github.com/Mic92/sops-nix/pull/39
<{^_^}> Mic92/sops-nix#39 (by zaninime, 7 weeks ago, open): Add option for choosing which activation method to use
<lovesegfault> What are the scenarios?
<lovesegfault> the requirement PRs got merged into systemd though
<colemickens> cloud servers
<colemickens> I have a nixos-azure demo that uses sops-nix and Azure keyvault for automatic secure provisioning.
<colemickens> But the network isn't up yet, or if it is, there isn't DNS available due to how stage-1/stage-2 work right now.
<lovesegfault> it's in the latest systemd release too
<lovesegfault> so that PR's path ahead is all clear, it seems
<colemickens> I mean, sops-nix doesn't use that
<colemickens> at least not yet
<colemickens> it requires you to configure your service to load the secret from a path, I'm not sure the systemd feature adds much other than I guess systemd would take charge of making sure permissions for the key material is locked down. But you still gotta get it there through the nix store anyway
<colemickens> weird, I don't really grok all of the socket activation pieces, but anyway mic92 I'm interested in helping with it if I can in anyway.
<lovesegfault> hmm, seems like direnv isn't running the sops-pgp-hook
<lovesegfault> grrr
<lovesegfault> why is this happening
<colemickens> " You don’t have any verified emails. We recommend verifying at least one email. " lmao, Github marked my email as down from the gmail outage.
<cole-h> I should really set something up to notify me when my disk space is low
<cole-h> where low == 0B available
<ldlework> cole-h: hehe, every few weeks "hmm why is suddenly everything acting very strangely..."
<cole-h> Twice in recent memory have tools broken because I had no space lol
<cole-h> Only reason I noticed was because the tool this time suggested me to run a provided test tool which failed with "Could not get temporary filename: No space left on device"
dingenskirchen has quit [Quit: ZNC 1.8.1 - https://znc.in]
dingenskirchen has joined #nixos-chat
rajivr has joined #nixos-chat
__monty__ has quit [Quit: leaving]
<samueldr> and some people make fun of people running conky or gkrellm
<samueldr> (not really serious)
<cole-h> I don't see enough of my desktop for conky to make a difference :P
tokudan has quit [Remote host closed the connection]
tokudan has joined #nixos-chat