waleee-cl has quit [Quit: Connection closed for inactivity]
skrzyp has quit [Ping timeout: 250 seconds]
l1near_cannon has joined #nixos-chat
linear_cannon has quit [Read error: Connection reset by peer]
<Ke>
samueldr: what would such switching mean, it's not like EFI would not just work?
<samueldr>
I'm confused by the double negation
<samueldr>
for users with an installation already: they don't need to do anything
<samueldr>
the extlinux.conf method is not going away
<samueldr>
for users preferring it, it's not going away!
<samueldr>
the goal is to make the installation guide almost as simple as on your x86_64 computer
<samueldr>
the main difference will be an added "download a bios" step, first
<Ke>
sure, I just am not sure what needs to be done
<samueldr>
documentation, and making it the happy path
<samueldr>
a lot of papercuts
<Ke>
hmm, I do remember not finding EFI installation media and doing a painful install from debian due to that
<Ke>
I guess I would have liked a lot a download button
<samueldr>
the main issue right now, with resolution being worked on, is: "download a bios"
<Ke>
I searched through for downloads, not docs, because I knew how to install nixos, so I did not need docs
<samueldr>
or what I've started calling it: initial boot firmware
<Ke>
yup
<samueldr>
because "bootlaoder" for U-Boot is half-wrong, but totally right!
<samueldr>
uh
<samueldr>
it's more wrong when there's a typo
<samueldr>
and I prefer ensuring people start seeing it as "the bios" and not "the grub"
<Ke>
Wittgenstein tells us that it's not a typo, if you keep writing it that way!!
<samueldr>
even though it's a pretty good and perfectly fine option, to use U-Boot as abootloader _too
<Ke>
too late to back down now ;o)
<samueldr>
'twas just a typo
<samueldr>
though something neat I've just fixed: the uefi iso on AArch64 wasn't showing the graphical boot menu
<samueldr>
now it will be
<samueldr>
bonus: it draws faster than the "console" grub menu because of... reasons I guess?
<samueldr>
I'm not 100% sure, but I believe U-Boot was tasked with drawing it, and it feels like it's doing it one character at a time
<Ke>
maybe text menu is being fed to serial and serial is actually slow
<Ke>
I don't strictly know, what you mean, but at work we have had real time timing issues with serial debug printing that to a 2020 software engineer looks like only a small amount of text
<samueldr>
with my testing, 99% sure it's not because of serial
<samueldr>
serial is quick enough for this
<samueldr>
I'm pretty sure it's something with the text writing in the UEFI bindings in U-boot
<samueldr>
or how GRUB uses them
<Ke>
we actually have some systems at work that take like 3 mins of boot time with serial console on
<samueldr>
U-Boot itself can send the same characters quickly to the display without issues
<Ke>
but I guess there is a slight issue that maybe the serial on was indeed 9600 bps
<Ke>
which was fine on qemu
endformationage has quit [Quit: WeeChat 2.9]
<Mic92>
lovesegfault: sometimes
<lovesegfault>
Mic92: I keep getting an annoying warning with sops-nix: [PGP] WARN[0000] Deprecation Warning: GPG key fetching from a keyserver within sops will be removed in a future version of sops. See https://github.com/mozilla/sops/issues/727 for more information.
<{^_^}>
mozilla/sops#727 (by ajvb, 32 weeks ago, open): gpg.mozilla.org is broken (probably for good)
<lovesegfault>
do you know any way to disable it?
<Mic92>
lovesegfault: I did not had this issue yet but they recommend to use SOPS_GPG_KEYSERVER...
<Mic92>
as an environment variable
<lovesegfault>
Even when you set that it still complains :/
<Mic92>
lovesegfault: don't they support age these days? Maybe this is the way to go.
<lovesegfault>
Maybe, PGP is going the way of the dodo
cole-h has quit [Ping timeout: 240 seconds]
<LinuxHackerman>
Yeah. On the one hand, good, because as far as I've seen it's not a codebase you'd really want to trust with anything nor is it particularly usable. On the other hand, a shame, because I don't see an established substitute for the web-of-trust part.
<sphalerite>
holy crap, SSH now says "This host key is known by the following other names/addresses:" when a new host key is encountered
<sphalerite>
finally!
<sphalerite>
I love it.
tomberek has quit [Quit: Connection closed]
addcninblue has quit [Ping timeout: 240 seconds]
kraem[m] has quit [Quit: Idle for 30+ days]
ece3 has joined #nixos-chat
Synthetica has joined #nixos-chat
ece has quit [Ping timeout: 240 seconds]
ece3 is now known as ece
<colemickens>
I really, really don't appreciate things like ssh making it needlessly impossible to use a symlinked id_rsa file, for example.
<colemickens>
great, you made me write an extra bit of shell script to move some extra files around, great, you really saved me openssh thanks.
<colemickens>
I am not at all convinced that age is meaningfully replacing gpg right now
<colemickens>
is there any evidence of that?
<sterni>
well depends on what you are trying to do
<sterni>
part of the problem is that gpg implements PGP and virtually every other encryption method as well
__monty__ has joined #nixos-chat
<pie_>
a crypto guy i know complains that the go stdlib encryption libs are still vuln to sidechannels
<eyJhb>
pie_: Ehm
<eyJhb>
Which sidechannels are we talking about?
<eyJhb>
Timing attacks?
<pie_>
probably
<thibm>
All crypto libs are vulnerable to side channels (but some of them more than others). So he can't be wrong ;)
<eyJhb>
If you have anything _very_ criticial, that doesn't have any other meassures to stop a timing attack?
<eyJhb>
Ie. website would most likely block you after 4 attempts :p
<eyJhb>
And that will be a very slow attack.
<eyJhb>
pie_: Get them into the channel! I want to hear :D
<pie_>
unlikely
<eyJhb>
Get.. Get them on the phone
<eyJhb>
:p
<philipp[m]>
Go and side channels in crypto. Pinging adisbladis
<infinisil>
Regarding timing attacks, wouldn't it be possible to just sleep for a bit until always e.g. 1ms has passed?
<philipp[m]>
infinisil: Nooooooo!
<f0x>
infinisil: i think you'd be able to tell how long the sleeping part lasts still
<philipp[m]>
Then you have to sleep a random amount of time. Now you have an entropy problem and a side channel problem :D
<infinisil>
Oh no I don't mean that
<philipp[m]>
The problem with go was at least a few years ago that they were using optimized math functions and not constant time crypto functions for a lot of operations.
<infinisil>
I mean, something like `end=now()+1ms; myfunction(); sleep_until(end)`
<infinisil>
Then there's no randomness involved, and as long as the function takes less than 1ms in general it should be fine
<pie_>
seems too complicated
<philipp[m]>
No, it won't
<thibm>
you can tell (quite easily) when the process is sleeping, like f0x said
<infinisil>
I mean it' pretty hacky yeah, but wouldn't that work?
<infinisil>
Oh I see
<pie_>
youd also have to calculate how long you have to wait
<pie_>
a constant offset doesnt help
<philipp[m]>
Even a random offset doesn't help.
<thibm>
infinisil: even if you do a "active waiting"
<pie_>
(well, if you have enough noise it might? but idk)
<pie_>
philipp[m]: statistics?
<infinisil>
thibm: How so?
<pie_>
philipp[m]: moves the center of the distribution?
<philipp[m]>
pie_: Yep
<philipp[m]>
pie_: Yes, that's what will happen in most cases.
<infinisil>
thibm: I guess it would be possible to figure out when the active waiting starts
<infinisil>
With memory activity or so
<thibm>
yes
ece has quit [Read error: Connection reset by peer]
<__monty__>
In theory it works. But side-channels are all about practice. If clock polling is observable or something you're hosed.
<thibm>
I think there would be a lot of indicators, like cache miss rate, branch prediction rate, etc
<pie_>
is there any way to still get a single page manual
<pie_>
__monty__: "depends on your threat model" but yeah might as well just use constant time ops
<thibm>
infinisil: and if you're going to "make your active waiting looks like crypto code", you'd better try to make time-constant crypto. Back to square one
ece has joined #nixos-chat
<eyJhb>
pie_: Well, not always as stated above
ece has quit [Read error: Connection reset by peer]
<infinisil>
I'm now wondering how a type system could ensure functions being secure against timing attacks
<eyJhb>
I don't want to wait constant time when doing authentication for a remote client, where there are other mechanisms to aid me
<thibm>
infinisil: I know a guy who worked on something like that, wait a minute
ece has joined #nixos-chat
ece has quit [Read error: Connection reset by peer]
<philipp[m]>
My point still stands: It's incredibly hard to actually hide your timings in random noise to somebody that is really trying it with the proper statistical methods.
<infinisil>
I have seen some type system for asymptotic complexity, like big O notation, but I don't think that's representative of what makes timing attacks work
waleee-cl has joined #nixos-chat
<infinisil>
philipp[m]: Yeah, noted :D
<philipp[m]>
infinisil: Thank you :D
ece has joined #nixos-chat
<__monty__>
Noise on top of samples just means you need more samples. If it becomes infeasible to collect so many samples it can still be effective of course.
<pie_>
you could go part way and wrap things in a constant time op newtype <infinisil> I'm now wondering how a type system could ensure functions being secure against timing attacks
<infinisil>
pie_: How would it ensure it's constant time though
<pie_>
it wouldnt but it would ensure you use constant time ops
<infinisil>
Oh but yeah that doesn't have to be done with a newtype
<infinisil>
It needs some special annotation telling the compiler that it should ensure this function is constant time
<infinisil>
But yeah, just using only constant time operations might be a way
<infinisil>
(as in, the compiler ensuring that)
<thibm>
infinisil: hm, I can't find this work :(
<philipp[m]>
And a "please actually overwrite this part of memory! I know I'll never use it again but I kind of don't want the next process to see it" flag.
<philipp[m]>
crypto people and compiler people are seldom good friends :D
<gchristensen>
it is fairly trivial to do constant time comparisons, and this is typically the place you want to be constant time
<infinisil>
philipp[m]: In a higher-level language I'd want to say something like "this function's implementation should not be observable from outside in any way", which would then ensure stuff like constant time, constant memory, zero memory afterwards
<philipp[m]>
infinisil: I think you probably want to write your actual crypto functions in a low level language.
<infinisil>
Or actually, maybe you would want to express time and memory usage as a function of input size. So e.g. a function needs about 1024 times longer for encoding 1GB input than 1MB
<gchristensen>
yeah
<__monty__>
Now you're straying towards time complexity again.
<gchristensen>
input size is an important part of constant time: you don't want it to be a significant influence
<infinisil>
philipp[m]: Hmm I don't really agree
<infinisil>
Note that I'm not talking about Haskell here where it's hard to predict performance
<__monty__>
Maybe Cryptol has something re side-channels/timing-attack resistance?
<infinisil>
I'm talking about a language that has built-in support for this kind of stuff, which then of course needs predictable performance, and it being higher-level it would ensure there's no buffer overflows and stuff like that
<thibm>
oh, he may be the guy I thought was working on type system+crypto. The profile matches and we worked at the same place. I had searched in its former team publications but did not find what I was looking for. It may have been just an oral presentation
<hodapp>
"This attempt failed since vendors only offered cloud operated services - no vendor was able to quote an actually independent network." of course it did. CLOUD CLOUD CLOUD CLOUD
<gchristensen>
you ignore the part where the customers of those vendors don't want an independent network
<gchristensen>
"most service providers have not been operating on this model for decades. [...] providers have been highly incentivised to outsource anything that could possibly be outsourced, and then some."
<gchristensen>
the repos are often not valid, don't pass internal consistency checks
<pie_>
huh.
<MichaelRaskin>
gchristensen: now I wonder if a fresh clone of Nixpkgs from GitHub would pass a consistency check anyway
<gchristensen>
it does
<MichaelRaskin>
Ah, at least. Even if it is obtained by shallow-cloning then fetching the backlog? (I remember GitHub having some interesting differences in code paths of full-clone and shallow-clone and fetching into shallow-clone)
<gchristensen>
pretty sure, but not sure
dingenskirchen has quit [Quit: ZNC 1.8.1 - https://znc.in]
cole-h has joined #nixos-chat
dingenskirchen has joined #nixos-chat
rj has joined #nixos-chat
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
waleee-cl has quit [Quit: Connection closed for inactivity]
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
rj has quit [Client Quit]
rj has joined #nixos-chat
waleee-cl has joined #nixos-chat
addcninblue has joined #nixos-chat
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
<__monty__>
gchristensen: : O How'd you know it was my alt?
<gchristensen>
lol
<gchristensen>
15:16 -- Mode #nixos [+b *!*@unaffiliated/toonn] by gchristensen
<gchristensen>
15:16 -- Mode #nixos [+b *!1fad640c@31.173.100.12] by gchristensen
<gchristensen>
15:16 -- Mode #nixos [-b *!*@unaffiliated/toonn] by gchristensen
<__monty__>
gchristensen: Ah, no worries. I probably filter those out.
<eyJhb>
I should update. But I should also work...
<pie_>
did we finally reach zero hydra failures or is that something else
<sterni>
eyJhb: yeah I think that's the first time that happened when I opened the website :p
<sterni>
pie_: that's something else
<eyJhb>
I am just saying
<eyJhb>
If we get 0 hydra failures + 0 PRs! That would be... awesome
<eyJhb>
Or,, A sub 100-200 PRs
<sterni>
0 Hydra Failures is impossible virtually
<eyJhb>
It actually hurts watching that livestream?
<sterni>
0 hydra failures is our assymptote I guess
<MichaelRaskin>
I remember the times where any Hydra failure meant nobody got any binaries for that branch
<eyJhb>
"When I was a kid" ^ :D
<eyJhb>
How long ago was that?
<MichaelRaskin>
I don't actually remember if it changed more or less than ten years ago
<eyJhb>
Veteran user
<MichaelRaskin>
Good old times, where being a user and not having commit access to Nixpkgs did not work well
<eyJhb>
Do you have commit access now MichaelRaskin ?
<MichaelRaskin>
Yes. And there are some parts that apparently nobody else dares to change much…
<MichaelRaskin>
(I am not even the author of the current Quicklisp-to-Nix converter, but the author seems to have deleted the GitHub account)
<eyJhb>
I can continue, so. Which ones?
<eyJhb>
Ah
<eyJhb>
Once again!
<eyJhb>
*veteran*
<MichaelRaskin>
My whining might have been the reason Nyxt has been finally indexed in Quicklisp (in the sense of the author finally submitting the request)
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
<lukegb>
sterni: yes, I've been pressing retry repeatedly whenever any of the jobsets fails
<lukegb>
I need to actually fix the flaky tests though
<lukegb>
I should ask for cancel-job as well because the hibernate test keeps hanging
<sterni>
lukegb: you're an angel
<sterni>
flaky tests really do seem to be the curse of nixos-unstable
Ke has quit [Ping timeout: 245 seconds]
emily has quit [Ping timeout: 245 seconds]
manveru[m] has quit [Ping timeout: 245 seconds]
rj has quit [Ping timeout: 240 seconds]
ma27[m] has quit [Ping timeout: 260 seconds]
emily has joined #nixos-chat
ma27[m] has joined #nixos-chat
rj has joined #nixos-chat
Ke has joined #nixos-chat
manveru[m] has joined #nixos-chat
<lukegb>
Oh, right :P
<lukegb>
dev ->
<lukegb>
(Grafana And Friends moving to AGPL from ASL2)
<gchristensen>
it seems like grafana is pretty good software to be agpl
<gchristensen>
I feel it fits the use case pretty well
<f0x>
lukegb: ooh nice
<lukegb>
I'm mostly curious about the plugins thing, to be honest
<das_j>
gchristensen: I'm not really a license expert but from some googling I couldn't really find any real AGPL downsides
<das_j>
So why the concerns?
<lukegb>
Writing a grafana plugin usually involves importing some bits of the grafana tree, which to me would imply that it should need to be licensed under AGPL3 too. Although, to be honest, I'm not against that either.
<lukegb>
I guess the _combined work_ is AGPL3
<sterni>
well it's terrible for your business model if you rely on running stuff as a service
<lukegb>
sterni: for AGPL3, only if you have to patch grafana to run it as a service, though
<sterni>
yes
<gchristensen>
only the stuff that talks to the grafana as an API I think?
<lukegb>
unlike e.g. BSL or other flavour-of-the-month-license-that-elastic-is-using
<f0x>
sterni: not really? your added value is the running, not the code?
<sterni>
yeah it's more nuanced than that
<MichaelRaskin>
For _some_ kinds of software there is that problem that nobody is sure how code/config separation would work with AGPL
<das_j>
So I'm only allowed to make money with Grafana when I actually add value to it?
<sterni>
tbh AGPL is a bit hard to judge sometimes since it's an extremely contentious topic
<f0x>
das_j: no?
<gchristensen>
you can sell grafana, the gpl even says so
<sterni>
mainly because famous search engine forbids to use AGPL internally and they have like one or two articles about why it's bad
<das_j>
f0x: Good because the would be a weird license :D
<f0x>
das_j: you can monetize AGPL just fine, you just have to publish your patches if you make any
<sterni>
and then there are others who claim that everything google says about agpl is untrue
<das_j>
oohhh alright
<sterni>
etc
<gchristensen>
famous search engine can make their own grafana then I guess :P
<lukegb>
sterni: yeah, but they have, well, a monorepo which makes it hard to separate AGPL things from non-AGPL things
<lukegb>
so they're inherently invested in trying to not have infectious licenses in their codebase :P
<f0x>
das_j: where with GPL you'd only need to provide the patches if you provide the software to endusers, with AGPL this counts for backends too
<lukegb>
I'd be more interested in seeing an AGPL3-only fork of Grafana (i.e. Grafana cannot import the changes from it into Grafana Cloud)
<lukegb>
without opensourcing any special sauce in Grafana Cloud
<sterni>
I mean if you want to catch up on the controversy you need to read drew devaults blog article and google's article on AGPL lol
<sterni>
lukegb: well google also writes „Using AGPL software requires that anything it links to must also be licensed under the AGPL“
<lukegb>
sterni: isn't that what the FSF says too
<sterni>
lukegb: so the insinuation is that even if your code is separated, as long as your services aren't, it's an issue for you as a company
<sterni>
i. e. if your grafana instance is somehow interlinked with the rest of your service from an user's perspective
<sterni>
lukegb: idk I kind of stopped trying to figure that out because ddvault claims the actual opposite of that is true lol and it doesn't really matter to me personally
<lukegb>
yeah, I'm more likely to believe Google (who have lawyers) and gnu.org (which originated the license) than Drew DeVault (a random person who spews controversial bullshit onto his blog at periodic intervals)
<lukegb>
<- is a Google employee, so bear that in mind
<lukegb>
I mean, the doc mentioned isn't really intended to be a PR thing in and of itself; it's really just an exported version of the internal guidance that's been hanging around for years
<MichaelRaskin>
Ah, OK. It surely makes sense for you to know better which Google statements come from there.
<lukegb>
bear in mind that Drew made up the whole PostGIS-used-as-a-backend-datastore thing
<lukegb>
it's not mentioned anywhere on the page he links to
<lukegb>
if you interpreted it differently, say "literally imagine if YouTube.exe linked in libthisisagpl3.so wouldn't that be bad", yes, that's probably true that that would be unfortunate
<MichaelRaskin>
I mean, I also do not believe DeVault, but that comes from other reasons
<lukegb>
My personal stance is that if Google (or other cloud companies) are selling e.g. Grafana As A Cloud Product, they should absolutely be paying Grafana Labs for it
<lukegb>
(similarly with e.g. MongoDB/ElasticSearch/etc.)
<MichaelRaskin>
Which is also not fully achieved with AGPL, but oh well
<gchristensen>
"This page is intended as humour. If you have been sent here by another user after creating an article that might qualify on the following list, you may safely tell them that they sent you to the wrong place." glad to see it has the notice
<gchristensen>
"Any article about a particular millisecond in history. With a few exceptions."
rj has joined #nixos-chat
<supersandro2000>
lukegb: you have an exception to contribute to other open source projects?
<Synthetica>
V: but my university residence has a wikipedia page :(
<gchristensen>
is it a heritage listed building? :)
<Synthetica>
Actually yes
<gchristensen>
there you go
<V>
lukegb: I don't think that either google or devault are wrong here, but also devault isn't running a company worth hundreds of billions of dollars, with teams of lawyers who are very mindful of tail risk
<lukegb>
V: absolutely
<lukegb>
I don't think his post was written in good faith, because he seems to be deliberately misunderstanding things to make his point sound stronger but also *shrug* whatever
<V>
and if google can pay a team of engineers to reimplement something that's AGPL-licensed, or convince the wider software community not to use it, it absolutely makes sense for them to do that, even though it's less beneficial for the public
<lukegb>
Google already pays for commercial licenses for some AGPL licensed software though (as mentioned in the OSPO page); I think that's absolutely a good thing
<V>
certainly, supporting the developers is far better than pulling the rug fromunder their feet
<lukegb>
This, err, discussion shifted a bit, sorry :p
<samueldr>
it's debug print from 15 years ago being left in place
<samueldr>
and the feature doesn't seem to work "from cd"
rj has joined #nixos-chat
<samueldr>
that explains everything
<samueldr>
that's also quite problematic
tomberek has joined #nixos-chat
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
<ldlework>
chauvin guilty all counts
<hodapp>
which is good for a few reasons, but at a personal level, because my brother lives in downtown Minneapolis
<__monty__>
What I worry is it looks a bit like they're using him as a scapegoat. "Oh, yes, look at this big bad man. (Nothing wrong with our system, no need to look any closer.)"
<hodapp>
they're going to do that regardless
<hodapp>
that is always what they do when anyone tries to raise a systemic or cultural concern: they turn it to a personal attack on individual cops so that they can shout someone down for insulting an individual cop
<supersandro2000>
if google wants to reimplement it we can't stop them and if its better then the original then thats nice but most people will not change overnight and the community around it will also stick
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
rj has quit [Remote host closed the connection]
rj has joined #nixos-chat
<colemickens>
I think I might already be more functional wiht zellij already than I am with tmux.
<colemickens>
thank god for new tools built with usability/discoverability built in mind
<colemickens>
and I'd hope/guess you could hide the bar after acclimation
<__monty__>
Can you attach from different terminals with different sizes?
<__monty__>
Without being limited to the smallest width/height?
<samueldr>
recent tmux is nice for that
<pie_>
moar patches
<pie_>
@ samueldr
<pie_>
accidentally got stuck up in scroll
<__monty__>
samueldr: It is?
<samueldr>
__monty__: I'd say so
<samueldr>
in mixed-sizes it will take the size of whichever sent the most recent input
<samueldr>
while keeping the area around the cursor visible in the other views
<MichaelRaskin>
By now I am pretty sure tmux is better than screen (and zellij is just not for me and might take a long time to reach any interesting level of features), but not yet sure it is better enough to warrant porting a ton of scripts
<samueldr>
to be fair I never dug into screen
<samueldr>
so I cannot say anything non-default for anything other than tmux
<samueldr>
and even then, it's been years since I have used anything else than tmux
<samueldr>
but that recent update to tmux, like last year, was a total game changer for me
<samueldr>
working from two computers at once on the same tmux session is working fine
<samueldr>
I have a standing desk, and a distinct sitting desk
<__monty__>
samueldr: Is that per-window? I.e., can I have two terminals viewing different tmux windows at their own size?
<samueldr>
if things a building for a while, I can go sit and do something at the other desk, with a terminal tracking progress
<samueldr>
__monty__: I'm not familiar enough with tmux terminology
<__monty__>
Ok, sounds like we're halfway where I'd like to go then : )
<pie_>
I dont know what TPM (tmux plugin manager) does but i get the feeling a large part of it just got obsoleted by that fix
<pie_>
feature
<infinisil>
Oh great, youtube is now forcing its own scroll bar upon us
<pie_>
(or not)
<infinisil>
Why.. just whyy
<pie_>
infinisil: oh no
<MichaelRaskin>
I think by now the only thing I actually dislike about screen is that I do not understand how to get window list of a specific session in a script
<MichaelRaskin>
infinisil: do dispel any remaining doubts that youtube-dl is the only way to interact with that site?
<__monty__>
infinisil: Three words, RSS, mpv and video search.
<infinisil>
MichaelRaskin: youtube-dl doesn't let you discover/browse stuff
<MichaelRaskin>
Well, for _searching_ you could use invidio.us
<MichaelRaskin>
Actually youtube-dl does allow some amount of searching
<MichaelRaskin>
But quite limited, sure
<supersandro2000>
__monty__: set setw -g aggressive-resize on
<__monty__>
Most any search engine has decent video search imo.
<__monty__>
supersandro2000: Yeah, that never did what I wanted it to.
<infinisil>
I actually have a PR open for packaging invidious for nixpkgs#67664, but there's some openssl crystal problems I've never been able to fix
<samueldr>
but at the very least it's not hijacking the scrolling behaviour
<__monty__>
Oof, please don't link that site.
<samueldr>
__monty__++
<{^_^}>
__monty__ was put on Santa's "nice" list
<infinisil>
samueldr: supersandro2000: Ah I see
<infinisil>
Yeah that's a lot better than a custom scrollbar implementation then
<supersandro2000>
and if you are using the normal web you should have noticed that lots of websites do that
<infinisil>
Very rarely I encounter a custom scrollbar
<supersandro2000>
__monty__: you can copy paste from it 🤷
<supersandro2000>
but wezterm has that on its roadmap
<supersandro2000>
if it can limit selects to the active pane then I am sold
<supersandro2000>
shellij does nothing right now my tmux does not do
<supersandro2000>
the IRC client I use has one
<supersandro2000>
and nextcloud and dark reader changes it, too
<samueldr>
since otherwise it's a chrome-mainly feature
<samueldr>
a lot of them actually go with DOM-based reimplementations when they "care" (wrongly)
rj has quit [Ping timeout: 240 seconds]
__monty__ has quit [Quit: leaving]
<abathur>
the only time I ever really feel the urge to muck with scrollbars is around individual overflow:scroll elements
rj has joined #nixos-chat
<samueldr>
that's a real issue
<samueldr>
scrollable areas inside the viewport
<samueldr>
just like form elements
<samueldr>
it's a place where the technology decided to just raise its arms in the air and give up
<colemickens>
I think those are the spots that always look particularly ... good when the designer only tests in safari on a mac
<abathur>
nod
<samueldr>
yeah
<abathur>
not sure why that's taken so long to button up behaviorally; macOS has a pretty good model here for handling scrollbars in a way that doesn't completely clash with the site if the site doesn't happen to match the OS UI color scheme
<samueldr>
there's a gitlab UI element with three scrollbars
<samueldr>
abathur: except you can force them to be shown and it breaks many sites
<samueldr>
(if it hasn't been fixed in the past few years)
<elvishjerricco>
Scratch that... made an error in the rebase somewhere :P
<samueldr>
elvishjerricco: is that intended as something for use in Nixpkgs or just a play thing?
<samueldr>
at a glance it looks like something that could be a starting point (if not complete) :)
<elvishjerricco>
samueldr: Maybe eventually. It's missing a lot right now (namely all the extra luks features, mdraid stuff, and networking stuff)
<samueldr>
I wasn't sure if that was your "custom initrd" thing you were talking about the other day
<samueldr>
which I'm unclear if it's another project, or it was with systemd
<elvishjerricco>
samueldr: That was this, yea
<samueldr>
neat!
<pie_>
whats this?
<gchristensen>
tw
<elvishjerricco>
pie_: Do you mean what's that branch I linked?
<pie_>
yeah whats the thing
<elvishjerricco>
It's an attempt to redo nixos's stage 1 using systemd
<pie_>
aha
<gchristensen>
yay
<elvishjerricco>
boot can be more parallel and more complex dependencies can be set up
<elvishjerricco>
I've got file systems and very basic luks support working
<elvishjerricco>
I think the big things left to do would be testing if lvm just works out of the box with the default rules, mdraid stuff, and networking stuff
<elvishjerricco>
plus perhaps compat code for all the `pre/postFooCommands` things
<elvishjerricco>
One nice feature is that initrd has a proper emergency shell now
lassulus has quit [Ping timeout: 245 seconds]
<elvishjerricco>
Locked by default but you can set a hashed password
<elvishjerricco>
I also added a couple module options for creating systemd units for initrd that I found tremendously helpful when debugging stuff
<elvishjerricco>
Like I can just configure a drop-in for one of the default units if it's being fucky
<samueldr>
elvishjerricco: I'll want to look more in depth, but e.g. `find-libs` being extracted could be a good thing for other users
<samueldr>
like Mobile NixOS and clever's not-os
<elvishjerricco>
samueldr: I had some weird stuff with find-libs so I made some changes that I dunno if they're good or not :P
<samueldr>
yeah, mine has changes too
<samueldr>
so it'd be good to look at them more closelier
lassulus has joined #nixos-chat
<ashkitten>
hmm it'd be cool to have debug symbols as a standard extra output for packages
<gchristensen>
yeah
<gchristensen>
expensive though
<gchristensen>
15% more expensive per evaluation
* colemickens
wants the systemd-cryptsetup godies
<elvishjerricco>
colemickens: That was honestly the thing that motivated me to try this out :P
<colemickens>
sweet! I recently saw someone else doc'd up how to run a hidden service in initrd, but I'm looking forward to that sort of thing being more trivial, hopefully.
<elvishjerricco>
colemickens: What do you mean by hidden service?
<colemickens>
Can boot that up, not have to worry about any firewalls, and then have another little service that sends the onion hostname to a Matrix room, then the admin can SSH over Tor and unlock LUKS.
<elvishjerricco>
I'd wager that'd be a bit easier with this stuff
<elvishjerricco>
systemd dependencies are very useful
<colemickens>
mic92 does something like this, I'm pretty sure, I think it's IRC and maybe not a HS, but similar approach
<colemickens>
or, something like tailscale, but with different subnets for semi-untrusted connections like from the initrd, so you could (mostly) guarantee external connectivity through NATs
<colemickens>
of course... I need to get networking working more reliably in initrd... (networkd in initrd might already help though!)
<elvishjerricco>
colemickens: Feel free to contribute networking to my branch :) I am not looking forward to that part...
rj has quit [Ping timeout: 240 seconds]
rj has joined #nixos-chat
<pie_>
colemickens: lonk post?
<pie_>
oh nevermind
abathur has quit [Quit: abathur]
supersandro2000 has quit [Remote host closed the connection]
supersandro2000 has joined #nixos-chat
<ashkitten>
gchristensen: i wonder if, utilizing the reproducibility of nix, we could on-demand generate debug symbols for any package by rebuilding it
<ashkitten>
i feel like the tradeoff of space savings to compile times is not worth it, but...
<gchristensen>
you'd have to lie to nix somehow
<ashkitten>
or build it into nix as a feature i guess
sdier has quit []
rj has quit [Ping timeout: 240 seconds]
supersandro2000 is now known as Guest17333
supersandro2000 has joined #nixos-chat
<samueldr>
I guess the CAS may help? if it's per-output
<samueldr>
let's say there's .out .lib and .debug, and that .out and .lib both are the same whether it's built with or without debug symbols
<samueldr>
but I don't know if it's per output
Guest17333 has quit [Ping timeout: 260 seconds]
<samueldr>
and *maybe* right now you can have part of it through system.replaceRuntimeDependencies
<samueldr>
or maybe it's possible to extract its logic?
<aaronjanse>
Slightly related, if anyone has thoughts on how incremental re-evaluation of Nix could work (partially re-evaluating based on changes to the source code), I'm looking for ideas
<gchristensen>
I think flakes does that
lunc has quit [Ping timeout: 268 seconds]
<aaronjanse>
Ah this is for sleeding up LSP autocomplete. I want finer-grained re-evaluation, such as re-evaluating only the `let` attributes that have changed (or things that depend on changed scope values)
<aaronjanse>
*speeding up
Synthetica has quit [Quit: Connection closed for inactivity]