* colemickens
pours kerosene on pcscd, light 'er up boys
<colemickens>
looking for GitHub Action advice - have others moved their personal repos into an organization in order to leverage self-hosted builders for the org? Otherwise self-hosted builders are tied to a single project...
<samueldr>
I'm thinking "personal projects" probably should always be under an org
<samueldr>
unless it's "for personal use only for real"
<supersandro2000>
colemickens: can't you tie them to multiple projects like gitlab-runners?
<colemickens>
samueldr: not sure I catch your drift? In this case it's things like my nixcfg and nixpkgs fork
<colemickens>
supersandro2000: nope!
<colemickens>
supersandro2000: specifically tied to a single project unless it's an org/org-runner.
<colemickens>
seems very odd to me, but they didn't ask me
lunc has quit [Read error: Connection reset by peer]
<supersandro2000>
there isn't a big difference between users and orgs on github I thihnk
<supersandro2000>
if you transfer the project the old path redirects
<supersandro2000>
IIRC
<samueldr>
colemickens: any project used by someone else, that you "name"
<samueldr>
probably is an antipattern to keep it on someone's personal account
<supersandro2000>
tbh this is whatever
lunc has joined #nixos-chat
<supersandro2000>
if you don't have a team working on it
<samueldr>
the old path redirects, but then you won't be able to have your own personal clone to work on it
<samueldr>
without breaking the redirect
<samueldr>
clone as in github parlance
<samueldr>
having a "project" as early as possible in its own org reduces inevitable headaches along the way once it gets bigger
rj has quit [Ping timeout: 240 seconds]
<abathur>
but you can still make your own meta-org and clone it there
<abathur>
@metabathur
<abathur>
idk
<samueldr>
yeah, that's what I did
<samueldr>
but that's... not great in the end
<samueldr>
since orgs and users are treated just differently enough
<abathur>
yeah
<abathur>
certainly a bit of a sharp edge
rajivr has joined #nixos-chat
h0m1 has quit [Ping timeout: 250 seconds]
h0m1 has joined #nixos-chat
<elvishjerricco>
Tailscale question: I've got a slightly odd home network. The router that's connected to the internet has two clients: A server, and another router to which all the devices in the home are connected (don't ask why, I know it's dumb). Will tailscale route traffic directly between that server on the outer network and the devices on the inner network? Or will it bounce out into the internet and come right back?
<gchristensen>
probably haveto try and see
<elvishjerricco>
I'm not sure how to see which way it works
<hexa->
check the latency
<gchristensen>
tailscale ping othernode tells you how
<hexa->
if it stays local it should be below 2ms
<gchristensen>
[grahamc@hyperchicken:~]$ tailscale ping kif
<gchristensen>
pong from kif (100.72.226.29) via 10.5.3.16:41641 in 6ms
<elvishjerricco>
hexa-: Even if the device on the inner network is on wifi?
<elvishjerricco>
I get about 60ms
<elvishjerricco>
`pong from wrenn (100.126.95.111) via DERP(dfw) in 58ms`
<elvishjerricco>
Not sure what DERP(dfw) means
<hexa->
60ms is very certainly an internet round-trip
<gchristensen>
ping again, DERP is using their middling proxiy
<gchristensen>
DERP is used for wakeup and initialization, the next ping should be direct
<hexa->
pinging an esp on wifi routed over my … well … router takes around 2ms
<hexa->
rtt min/avg/max/mdev = 1.730/2.244/4.401/0.498 ms
<elvishjerricco>
gchristensen: Nope, ping continues to say `via DERP(dfw) in 59ms`
<hexa->
gchristensen: stuff can get meh if he nats twice :)
<gchristensen>
I wonder if it can't figure out another way to connect you two, something something hairpin
<matthewcroughan>
colemickens: Are you going to be a mentor in the Summer of Nix?
<elvishjerricco>
gchristensen: Maybe tailscale gets confused that they both have the same public IP address but one of them can't see the other
<elvishjerricco>
Really I should just fix my silly network so that they're on the same network though
<matthewcroughan>
Tailscale is great and I haven't yet had any issues with it.
<matthewcroughan>
Well, apart from those times where things randomly fail to resolve.
<matthewcroughan>
But we'll ignore that.
<elvishjerricco>
matthewcroughan: Yea, this is the first "issue" I've had with that
<elvishjerricco>
s/that/it/
<matthewcroughan>
oh okay, you have a double nat.
<matthewcroughan>
is ipv6 enabled at any level?
<matthewcroughan>
And are the machines in question NixOS machines? And are there firewalls anywhere?
<matthewcroughan>
Tailscale will try to facilitate direct connections via UDP hole punching like lots of things.
<elvishjerricco>
They are nixos, and there's probably some firewall stuff involved
<matthewcroughan>
On a double nat, I would expect issues with firewalls and UDP hole punching. If you're in full control, you can just open the ports for tailscale and expect no issues.
<matthewcroughan>
So you could have a tailscale.nix that opens this port inside.
<elvishjerricco>
Well, just plugging them into the same network has gotten ping down to 1ms
<matthewcroughan>
That's if the NixOS firewal defaults are causing issues at all, which is speculation.
<elvishjerricco>
So now I just gotta reconfigure a couple things to account for that
<matthewcroughan>
If IPv6 was enabled on both networks, this would of course help matters :P
<matthewcroughan>
if your ISP had a /64 block and your second nat-gateway (router) was configured to grab some ipv6 love from the first one.
<matthewcroughan>
via router advertisement, running radvd on both routers
<Church->
Was thinking of getting a /48 v6 prefix
<Church->
But that's really hard now heh
<matthewcroughan>
Oh, sorry, yeah it is that way around isn't it..
<matthewcroughan>
You need a /48, not a /64, my bad.
<colemickens>
matthewcroughan: I hadn't really planned on it or looked into it. I'm sort of back into the swing of having multiple projects consuming all of my energy, and then nixpkgs stuff soaks up the rest.
<matthewcroughan>
colemickens: on the topic of armv7l, this is the latest commit that has the most working pkgs
<elvishjerricco>
Is the tailscale IP of a device permanent?
<matthewcroughan>
It returns error: flake 'github:nixos/nixpkgs/6a627c416fe663ac16064f7a155afba9522910e4' has an unsupported attribute 'edition', at /nix/store/czw20bmv5ysgr4w80kjlgif0lc3d0blx-source/flake.nix:4:3
<matthewcroughan>
so crap :P
<matthewcroughan>
elvishjerricco: I was under the impression it is derived from the macaddr of the hardware
<gchristensen>
yeah just not sure why starlink would use cgnat
<matthewcroughan>
Yeah I would have wanted it to use modern tech, but they're not going to be using ipv6
<matthewcroughan>
and it's confirmed that they're gonna be using cgnat and ipv4, so tailscale will probably have some issues, at least a friend of mine has suggested this humorous future
<Church->
Huh well that's humorous
<matthewcroughan>
We're so great with our layer 3 vpns and stuff
<matthewcroughan>
but then we get slapped by the cold harsh reality of ipv4
<matthewcroughan>
ipv4 is like vga cables
<Church->
Heh
<Church->
I mean we can't get ipv6 either
<Church->
Basically business only to ask for a prefix.
<matthewcroughan>
I've used tailscale on my devices and they've worked fine over cellular, they also use cgnat.
<Church->
I'd be fine routing my own prefix upstream.
<matthewcroughan>
however, that's in 2020-04-25 and I get flake-compat errors that aren't worth fixing, and hydra hasn't built armv7l since 2020, therefore getting it to work is going to require me running hydra on my system :P
<matthewcroughan>
gonna have to fire it off and see the stats
AkechiShiro has quit [Quit: WeeChat 2.9]
AkechiShiro has joined #nixos-chat
<matthewcroughan>
Is there anything you can think of that will help me? Or am I on the right track?
<matthewcroughan>
mobile-nixos looks like the only thing that works with armv7l right now, that's why I'm interested in trying to run it.
<samueldr>
it won't help any more than NixOS, except for a limited subset of things
<matthewcroughan>
Yeah, I get that some things just won't compile. But mobile-nixos is verifiably better than nixpkgs according to hydra.
<matthewcroughan>
because hydra stopped producing builds in 2020 for armv7l, I cannot know without setting up my own hydra, whether any of the later builds are better, because I don't have a number that tells me how many packages work for a given hash of nixpkgs.
<matthewcroughan>
The only thing I want to run on this device is podman actually.
<matthewcroughan>
I want absolutely nothing in the image, ideally, other than podman.
<matthewcroughan>
It's gonna serve pihole :D
ece has quit [Read error: Connection reset by peer]
ece has joined #nixos-chat
<matthewcroughan>
colemickens: About your quip. I like buddhist philosophy a lot, and it would agree with the idea that our lives are reproducible set of events.
<Church->
matthewcroughan: There is a pihole package/module you can use.
<Church->
There's also an adguard home package with module (in pr) you can use as well
aaronjanse has quit [Quit: authenticating]
aaronjanse has joined #nixos-chat
endformationage has quit [Quit: WeeChat 2.9]
<matthewcroughan>
Church-: even better.
<matthewcroughan>
Church-: what's the package name?
<{^_^}>
Starship SN15 is expected to do a testflight today in the Texas afternoon https://www.youtube.com/watch?v=rXG7W7skekw: Ping for space stuff (edit this command to add yourself, see ",help"): infinisil Taneb ldlework etu philipp[m] eyJhb gchristensen __red__ red red[evilred] risson aaronjanse
<samueldr>
>> We want to start and monitor services (daemons etc) in NixWRT and respond more quickly to changes in their state than by polling them every thirty seconds, as currently happens
<samueldr>
NixWRT lives!
ajs124 has quit [*.net *.split]
julm has quit [*.net *.split]
patagonicus has quit [*.net *.split]
hodapp has quit [*.net *.split]
dotlambda has quit [*.net *.split]
matthewcroughan has quit [*.net *.split]
julm has joined #nixos-chat
ajs124 has joined #nixos-chat
c4rc4s has joined #nixos-chat
matthewcroughan has joined #nixos-chat
hodapp has joined #nixos-chat
patagonicus has joined #nixos-chat
dotlambda has joined #nixos-chat
matthewcroughan has quit [Max SendQ exceeded]
matthewcroughan has joined #nixos-chat
rajivr has quit [Quit: Connection closed for inactivity]
rj has joined #nixos-chat
<philipp[m]>
Aaaand the flight is scrubbed.
<gchristensen>
that is okay I have cake to make up for it
<cole-h>
I'm assuming he made those typos live or something? ;P
<samueldr>
his username is telent
<samueldr>
I don't recall the details, but typoing things is his brand
<cole-h>
heeh
<cole-h>
hehe
<gchristensen>
his machine's hostname is loacllhost
<cole-h>
lmao
<cole-h>
why is it nixwrt and not nixwtr
<cole-h>
then it could be on-brand, but also "nix wouter"
<gchristensen>
his website is ww.telent.net/ ... he's got a great thing going here.
<samueldr>
ugh, forgot to reach out and tell him about robotnix
<pie_>
damn thats genius, i should have done this<samueldr> I don't recall the details, but typoing things is his brand
<Church->
matthewcroughan: Hey so both of the modules for adguard home and pihole are in PR right now. So just grab them, import and use.
<Church->
I personally do coreDNS forwarding to adguard home for anything that isn't under my domains.
<matthewcroughan>
Are they available via a flake?
<matthewcroughan>
nixosModules
<Church->
They are not.
<Church->
Tbh I've gotten used to just vendoring modules until they land in.
<__monty__>
It's still pretty much missing from the laptop class too imo. Chromebooks are a bit niche and other than those the macbooks are the first decent ARM-based ones afaik.
<__monty__>
Whoops.
<samueldr>
whoops?
<samueldr>
yeah, I should have stated it, but "desktop" is "operating system with a desktop and windows" more than "machine to put on a desktop"
<samueldr>
oh whoops because of that
<samueldr>
wrong channel
kcalvinalvin has quit [Ping timeout: 245 seconds]
kcalvinalvin has joined #nixos-chat
<samueldr>
[continuing from #nixos-dev] now I'm a bit angrannoyed that the laptop's not available here
<samueldr>
not even available on the reviled rainforest river seller's site
<samueldr>
oh uh... the chromeos wiki stated january... but reviews are all from... today... so I guess I didn't miss it, and the date is not the actual availability
<samueldr>
>> Right now, the Spin 513 is only available at Walmart, but it should be coming to more retailers — and more international markets — in the coming weeks and months.
<samueldr>
probably explains it
<samueldr>
and reviews seem to indicate it's a lower-end spec CPU (not too surprising)
<MichaelRaskin>
Argh. Please don't tell me that my rechecking of interesting charging behaviours after Cover Display firmware bump retriggered the reboot-persisten mystical audio brokenness.
<__monty__>
MichaelRaskin: Nah, it's just that Mercury is in Saturn's retrograde.
<MichaelRaskin>
A separately annoying part is that trying to play sound while sound level is 0% still produces full-volume shshshsh. Maybe I should just embrace sigstop to audioserver
<samueldr>
it's telling itself to be quiet
<MichaelRaskin>
No, that's a different kind of shshsh!
<MichaelRaskin>
(although why «a», it can produce multiple different shshshsh variations, but most don't count as «hush»)
<elvishjerricco>
Well dammit. Yesterday tailscale was doing direct connect just fine. Now it's doing relay again.
<MichaelRaskin>
Flaky tech day?
<__monty__>
LLVM builds still take a good hour so at least not all tech is out of whack rn : s
<__monty__>
nn, peeps
__monty__ has quit [Quit: leaving]
<elvishjerricco>
Ok it just takes like 15-20 seconds to realize it needs to switch to direct
<Church->
Yeah been having a few tailscale issues at work. Or well my coworkers have. Need to go open tickets.