<abathur>
integration lowers the risk of any given outage, but seems to up the consequences when done does finally occur
<samueldr>
I'm not sure, I think it really only deals with capacity and *overall* stability
<samueldr>
outage is also a term to define :)
<clever>
i believe the rolling blackouts in TX are due to a lack of capacity, so they are time-sharing the capacity
<clever>
in an attempt to ensure you dont have power for too long (and failing)
<gchristensen>
it is definitely lucky they did not have a completely failed grid
<samueldr>
yeah, there are also different kind of failures
<abathur>
part of the issue also seems to be that "circuit" is broadly-defined enough that, by the time they had tried to shed enough load, they were roughly ~out of circuits that didn't have critical services on them
<samueldr>
being all connected together won't change a dime if the electric lines snap
<gchristensen>
re quebec in the ...80's?
<samueldr>
part of the network will be disconnected, whether other states were in or not
<abathur>
so the blackouts really weren't rolling much after we went down
<samueldr>
and mostly the "old" infrastructure that hadn't been replaced yet
<samueldr>
let's say it got replaced
<abathur>
for example, we stayed up until tuesday night, when I assume they finally had enough spare capacity to rotate us and we were blacked out for ~23h
<samueldr>
oh, abathur, hadn't realized you where abaTXur
<abathur>
lived it
<abathur>
fared much better than some, though
<abathur>
amusingly, we're on the wholesale/market-rate energy provider that's in the news for outrageous bills
<samueldr>
so yeah, 1998 that ice storm was only an issue locally, nothing interconnects or lack thereof could have changed :)
<clever>
i dont remember which year, but i had a 48h outage a few years back, i think it was high winds?
<abathur>
so we were roughly living like we were blacked out for 2-3 days before anyone else was
<clever>
and at one point, i think i had a 12h outage in the winter
<clever>
those 3 big fat pipes labeled A/B/C, those are the wires coming out of a generator at a power station
<samueldr>
imagine if it was a single strand of copper :)
<gchristensen>
that is reallly cool clever
<clever>
i think that generator was putting out 3 phase at over both 20kv and 20kA, i think it was 800 MW?
<lunc>
did you guys get spam?
<clever>
everybody did
<samueldr>
you can use /mode $yournick +R to forbig unregistered users from messaging you
<clever>
2021-02-23 20:57:59 [freenode] -glguy_(x@freenode/staff/haskell.developer.glguy)- [global notice] Due to today's high wave of spam, you might want to set yourself +R to block PMs from unidentified users. In many clients this is "/mode YourNickHere +R" and we've enabled this as a default mode for the duration.
<lunc>
damn strange messages
<clever>
gchristensen: 15:07, the nameplate on the generator, 820,000kW, 26,000 volts
bqv has quit [Ping timeout: 272 seconds]
bqv has joined #nixos-chat
<lovesegfault>
Hm, are there any pretty versions of nix-top?
<samueldr>
hey now
<samueldr>
nix-top is my pretty child, and I love it just like it is
<samueldr>
;)
<lovesegfault>
:D
<lovesegfault>
I mean, it's super handy
<samueldr>
AFAIK no one ended up making an actually better tool
<lovesegfault>
but I wish it had some colors and eye candy :P
<samueldr>
ashkitten I think started looking into the feasability of something better
<lovesegfault>
I love it when Nix randomly decides it can't write to my store :P
<ldlework>
yo what is with some of those spam messages
<ldlework>
is the goal to get random people in trouble with the government, wtf
Dotz0cat has joined #nixos-chat
<samueldr>
probably no goal other than "poisoning the well" of freenode
<samueldr>
you could `/mode ldlework +R` to forbid anyone not registered with nickserv to PM you
<ldlework>
the messages almost look like they were crafted by one AI to trigger other government AI looking for keyword patterns for crimes
<ldlework>
that's totally something a scifi author should steal
BaughnLogBot has quit [Ping timeout: 256 seconds]
BaughnLogBot has joined #nixos-chat
<ashkitten>
samueldr: yeah but i got stuck on there being no way to get logs during a build, which is a feature i really want in any new iteration of nix-top
<samueldr>
n/p I didn't want to pressure you :)
<evanjs>
samueldr: I got curious and started playing with things in rust but gave up/got lost with all the system stuff and haven't looked at it in a while. Was really only looking at a RiiR approach to start anyway lol
<evanjs>
I think my biggest irk is needing to reset the terminal every time I interrupt it but otherwise it tells me what I need to know
<samueldr>
yeah
<evanjs>
Also, re the spam today: wow that sorta surprised me. Most of the messages I've gotten are like "GPT-3 poop" or something haha
<samueldr>
basically, it's just good enough that getting something better starts being a chore :)
<samueldr>
especially if you want something more proper to talk with the daemon
<samueldr>
right now there is no daemon talk... it's basically peeping through temp files
<evanjs>
Yeah and that's all I was trying at first. I think 80% of what needed to be done was basic term and parsing stuff that I just couldn't get around to when I looked at it
<evanjs>
I wonder what something like rnix or whatnot would let us do (replace with whatever the right libs or such are)
<samueldr>
I think rnix only does nix source parsing, no?
<samueldr>
but yeah, maybe there are facilities in nix bindings that could help
<eyJhb>
I thought that shit was over, I get a LOT of spam
cole-h has quit [Ping timeout: 240 seconds]
* etu
has gotten lots (at least 20) of private messages on freenode during the night and today
* etu
just did /mode etu +R
<etu>
So if others have problems with this same thing, that should block unidentified users from writing private messages.
<patagonicus>
I'm wondering what the goal is. I haven't really looked at the messages, but they just looked random text. I would have expected at least something to try to either get people to send money somewhere or to download a virus or something.
<etu>
I have no idea, it's... barely consistent and just a single message
<patagonicus>
And if you just want to see if you can get around Freenode's spam protetions, you wouldn't need to send that many messages - that just makes Freenode look into how to block it, making it harder once you do want to spam stuff that might make you money.
<etu>
FireFly ^
<sphalerite>
etu: some people aren't after anything logical, like money.
<eyJhb>
etu: Same.. +R got a lot of messages. Just "fun" that one of them was joepie91, but with a 7 afterwards.
<FireFly>
yeah, every now and then things like that happens, although this was a weird one indeed, not really sure what the goal was..
<FireFly>
happen*
<eyJhb>
Anyone that has some good reads on managing permissions with unix socket? ie. who has access to what, and what does it run as?
<eyJhb>
An example is, that I run php-fpm that has a socket, the socket in owned by nginx/nginx, but the code is run using a php/nobody user. Not sure how that works.
LnL has quit [Quit: exit 1]
<f0x>
eyJhb: hmm i'd guess it's just the file permissions for r/w ?
<eyJhb>
Anybody that needs contact to it, needs rw, but how come I eg. start a socket as my user, then chown it to root/root has rw, no one else, and then the process that started the socket can still relay information using it?
<eyJhb>
Just the concept/how it works in that regard seems weird to me f0x
<f0x>
that is kinda odd yeah
<f0x>
i guess your process just always has access to the socket it created
<eyJhb>
But it is the same with e.g. the nginx+php-fpm thing. Ie. the php-fpm socket is owned by nginx, but the php-fpm runs as nobody
<eyJhb>
Guess so, or it started read/write before the permissions were changed
<f0x>
so what are the permissions on the socket in that case?
<eyJhb>
`srw-rw---- 1 nginx nginx 0 Feb 24 10:34 run/php/php7.0-fpm.sock`
<f0x>
huh
<eyJhb>
And php runs as `nobody` :D
<eyJhb>
It is a nice way to handle security, but just weird how it works
<srk>
was wondering about that as well recently
<f0x>
isn't there a php-fpm process in between that does run as something within the nginx group?
<eyJhb>
Let me check
<f0x>
should say in something like /etc/php5/fpm/pool.d/www.conf
<eyJhb>
Doing ps aux, the config states the above
<f0x>
which would be www-data/www-data or nginx/nginx then i think
<eyJhb>
Sweet! So guess I will switch to podman now
<srk>
works pretty well but it managed to mangle my iptables when there were too many restarts of podman-xyz.services. for some reason few ports weren't reachable
<tilpner>
iptable races sound fun, from very far away D:
<srk>
eeeh
<srk>
when I was playing with oci-containers.backend = docker I've managed to crash userland proxy when loading the system with ab..
<srk>
tilpner: and this is a bit sad, since docker or podman can block firewall.service from starting
<eyJhb>
srk: How.. How did you do that?
<srk>
eyJhb: easily, start like nginx in container in qemu vm, try ab from host
<srk>
it works fine when you set virtualisation.docker.extraOptions = "--userland-proxy=false"; but you loose ipv6 support
<srk>
tradeoffs everywhere
<srk>
I've only recently realized that docker and podman automagically configure NAT as well so containers can reach internetz
__monty__ has joined #nixos-chat
Jackneill has quit [Read error: Connection reset by peer]
b42 has joined #nixos-chat
Jackneill has joined #nixos-chat
BaughnLogBot has joined #nixos-chat
<talyz>
patagonicus etu FireFly: i'm still seeing traces of the defamation campaign against kloeri / exherbo in my messeges, but also lots of other stuff 🤷
<philipp[m]1>
exherbo defamation? Is there still drama between them and gentoo?
<etu>
Yeah, I've also seen mentions of exherbo
<etu>
Long time since I've heard that name :D
<gchristensen>
trolls will be trolls
<gchristensen>
don't need to actually have anything to do with it to decide to spam about it
<hexa->
yeah, it's quite difficult to come up with innovative spam
<eyJhb>
I love that he publicshes his phone number online
<eyJhb>
*mine is also on there, don't search for it*
<gchristensen>
mine is too at the bottom of my website
<__monty__>
I've regretted having my email in the nixpkgs maintainer information. And it's too late to change now since spammers already have it : /
<gchristensen>
it was hopeless anyway
<__monty__>
I hardly ever got spam before nixpkgs.
<gchristensen>
yeah but it would have happened anyway
* etu
get's one spam email like every 3rd day and it's filtered out automatically
<etu>
Didn't increase since nixos involvement
<__monty__>
I use aliases everywhere so I can track pretty accurately where the spammers got my addresses.
Dotz0cat has quit [Ping timeout: 260 seconds]
<etu>
I've had plans to do that once, then I realized that I would have had to remember which email used in different places so meh :D
<srk>
can systemd-boot revert to older generation automatically when boot fails?
<pie_>
das_j: lol sigh i dont know what changed but even version 12 now crashes even with a clean wineprefix
<pie_>
its probably fine, i dont know what im doing anyway, the problem is probably orthogonal
Mic92 has quit [Quit: WeeChat 3.0.1]
Mic92 has joined #nixos-chat
evanjs has quit [Ping timeout: 240 seconds]
evanjs has joined #nixos-chat
rj_ has joined #nixos-chat
endformationage has joined #nixos-chat
rj_ is now known as rj
rj has quit [Quit: rj]
rj_ has joined #nixos-chat
rj_ has quit [Remote host closed the connection]
rj_ has joined #nixos-chat
rj_ is now known as rj
rajivr has quit [Quit: Connection closed for inactivity]
tilpner has quit [Ping timeout: 246 seconds]
<gchristensen>
cransom: you use RunCommand right?
cole-h has joined #nixos-chat
<cransom>
for hydra? i do not.
<gchristensen>
ah I thought it was part of your deployment
tilpner has joined #nixos-chat
tilpner has quit [Ping timeout: 256 seconds]
tilpner has joined #nixos-chat
tilpner_ has joined #nixos-chat
tilpner has quit [Ping timeout: 240 seconds]
tilpner_ is now known as tilpner
<cransom>
gchristensen: oh, er, i lied. it does get used but not super interestingly. it emits some statsd stuff on the hydra json. I was thinking of before when i was going to push some build artifacts up to s3 for archival, but iirc it didn't run asychronously and was holding back the other jobs.
<crazazy[m]>
so im now one of those people who runs their nixos on a tmpfs root
<crazazy[m]>
and i managed to do it all without having to format my drive
<cole-h>
Next time I reinstall NixOS, I'm gonna attempt the same (or similar). I made a few oversights when I set up my zpool that would be non-trivial to fix
tilpner_ has joined #nixos-chat
tilpner has quit [Ping timeout: 240 seconds]
tilpner_ is now known as tilpner
<gchristensen>
nice
<LinuxHackerman>
\o/
<LinuxHackerman>
I'm happy with the setup as well, and will be using it for my future installations too :)
<crazazy[m]>
but im amazed that nothing broke in the "moving root directories" part of my installation
<crazazy[m]>
ssh keys work, wine works (though wine programs dont show up in albert) everything just works
<crazazy[m]>
and if i've set it up correctly, my CI should also still work
tilpner has quit [Ping timeout: 240 seconds]
tilpner has joined #nixos-chat
<gchristensen>
anyone have that article about how you do actually want swap?
<crazazy[m]>
wdym? like file vs partition?
<eyJhb>
LinuxHackerman: I just need to convert my servers to using it now...
<eyJhb>
But the ZFS method and tmpfs does not really work that well, when you only have 500 MB of RAM
<samueldr>
but no, not the ol' cargo cult of half your ram
<cransom>
does zram count? i've been enabling it on a few machines that do have memory to spare, just to see what gets paged out
<samueldr>
(well, it could be...)
<samueldr>
an actually good question on that topic
<samueldr>
I guess it depends on if it for reclaiming memory pages... since zram is in memory, my instinct tells me it won't?
* cole-h
has swap set to amount of memory, just cuz
<cransom>
it may reclaim some? the data is comrpessed. but yes, it doesn't magically disappear or doubleyourram.
tilpner_ has joined #nixos-chat
<samueldr>
I literally have no idea about the process for that, so maybe it's not an issue, but if it wants to clear some memory to re-organize things, isn't it easier if swap isn't also in the memory?
<samueldr>
[16:56:38] [tomaw] [Global Notice] Today we have become aware of a spate of password reuse attacks targeting freenode accounts and urge you to be vigilant in your communities and ensure you use modern password practices, don't reuse them between different services and never use your dogs name. If you feel you might be a potential target please change your password now. /msg NickServ HELP SET PASSWORD will tell you how.
<ashkitten>
hmm idk ******* doesn't seem like a particularly good password
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-chat
<arahael>
ashkitten: indeed. too short.
<samueldr>
y'all terrible at taking the hint of saying "*******" is a weird dog name