<{^_^}>
tweag/nickel#93 (by yannham, 45 weeks ago, open): Figure out an adoption plan
<drakonis>
i had tried to track this down the last time we talked about nickel
<drakonis>
in particular the upgrade path to nickel
<samueldr>
though that's not a plan from NixOS's (the org) point of view
<samueldr>
it's more of a wishlist from the developers
<drakonis>
sure.
<drakonis>
it will eventually come up again
<drakonis>
it'll make a comeback sooner or later
<samueldr>
I don't follow
<drakonis>
it depends on how nickel pans out, if the developers actually succeed in building a reasonable migration path, it'll almost certainly be referenced again
<drakonis>
but this hinges entirely on the notion that it would happen
<drakonis>
who knows what the future reserves
h0m1 has quit [Ping timeout: 260 seconds]
h0m1 has joined #nixos-chat
mcint has joined #nixos-chat
abathur has joined #nixos-chat
neeasade has quit [Ping timeout: 252 seconds]
hexa- has quit [Read error: Connection reset by peer]
hexa- has joined #nixos-chat
hexa- has quit [Quit: WeeChat 2.9]
hexa- has joined #nixos-chat
waleee-cl has quit [Quit: Connection closed for inactivity]
<elvishjerricco>
Wow. The iPadOS reports that the tailscale app consumed eight and a half hours of "activity" in the last 24 hours (whatever "activity" means). It also reports only a few minutes more total screen-off activity (i.e. when I wasn't actively using the device). And the battery went from about 20% when I stopped using it yesterday to 1% when I picked it back up today.
<elvishjerricco>
So clearly tailscale is running up activity while my iPad isn't in use.
<elvishjerricco>
Meanwhile my iPhone doesn't have the same problem at all
<Synthetica>
(just setup convos, very much what I'm looking for)
ixxie has joined #nixos-chat
<__monty__>
The only thing worse than waiting for LLVM builds is waiting for LLVM builds when you've checked out the wrong commit >.<
* hodapp
slips a subtle Boost compile-time error into __monty__'s project
<f0x>
how devious!
Synthetica has quit [Remote host closed the connection]
<hodapp>
hmmm... a stray comma deep in a template in a header file that is included usually 9-10 levels deep ought to do it
Synthetica has joined #nixos-chat
Batty is now known as Church-
waleee-cl has joined #nixos-chat
ixxie has quit [Ping timeout: 252 seconds]
<__monty__>
Talking about header files, can anyone tell me why you might include macros after a prototype? I'm guessing these are macros but they look like this `__printflike(2, 3) __not_tail_called`.
<samueldr>
and, I could be wrong, but I believe attributes differ per compiler?
jess has quit []
<__monty__>
samueldr: Maybe your google-fu is strong enough. But the compiler complains about expecting a function body after a function declarator rather than one of these attributes.
<samueldr>
I can't tell you more :)
<samueldr>
my googling was for confirming what I assumed
<samueldr>
I see those kind of attributes peppered around in firmware code and linux codebase
<__monty__>
Darn, failed the bait and switch.
<samueldr>
you're going to have to fix your own issue yourself :]
ixxie has joined #nixos-chat
<__monty__>
Hmm, re guix grafts. Build-time dependencies getting a "replacement" means dependents don't need to get grafted because they don't depend on the package at run time. But that means the problem grafts intend to fix, i.e., security updates without rebuilding the world, is only half-solved?
ixxie has quit [Ping timeout: 246 seconds]
tomberek has joined #nixos-chat
<adisbladis>
__monty__: I came to the same conclusion
<adisbladis>
The grafted package must have a different hash than the non-grafted one afaict
<__monty__>
Afaiu, yes.
rajivr has quit [Quit: Connection closed for inactivity]
ixxie has joined #nixos-chat
<__monty__>
If you could replace a package with something with the same hash you wouldn't even need grafts in the first place.
<__monty__>
It's not so much a criticism as an observation, btw. Grafts seem to be "marketed" for important updates like security patches but it seems important to realize they only fix part of the problem and you shouldn't, in general, conclude rebuilds aren't necessary because you can graft.
<colemickens>
finally! I have a GHA that will auto-advance my flake inputs and push to a branch, and then a build job that runs regularly building "main" and "auto-update". Looking forward to waiting on builds significantly less!
<colemickens>
GHA is so flexible in some ways, and so not in others
<Church->
adisbladis: Hey while you're here, are there docs on using nixops with flakes? I saw flake support was merged a while ago.
<Church->
colemickens: GHA?
<adisbladis>
Church-: Nope
<drakonis>
__monty__: you can as well use it to do things like swapping dependencies
<cole-h>
Church-: GitHub Actions :P
<Church->
Ah
<drakonis>
its used for doing package transformations on guix
<Church->
Heh
<colemickens>
Church-: my bad, "GitHub Actions"
* colemickens
can delete the sourcehut integrations now, weeee
<Church->
adisbladis: Hmm got it. Can I assume then that for a specific machine def I can just have a regular style flake.nix with inputs, and the machines config as the outputs?
<Church->
And then I know I need that specific flag for nixops
<drakonis>
security updates is merely a single facet of the concept
<adisbladis>
Church-: My memory is very fuzzy on this topic
<adisbladis>
And I believe the flakes support merged is a bit half baked
<Church->
Got it, fair enough
<Church->
Ah heh
<adisbladis>
drakonis: But as I understand grafts it's fairly useless for security updates
<adisbladis>
Since you still can't override something deep in the tree and have that propagate without hashes changing and rebuilds happening
<__monty__>
adisbladis: Well, you can, but only for run time dependencies.
<drakonis>
as far as i'm concerned, it has worked in practice
<drakonis>
but there's a paper on its original implementation
<__monty__>
Not sure whether shared libraries count as build or run time though.
<adisbladis>
drakonis: So let's say I patch curl
<adisbladis>
And I want to use the patched curl everywhere
<adisbladis>
How does grafts affect this?
<__monty__>
drakonis: Do you mean it's what guix bases their equivalent of overlays on?
<__monty__>
adisbladis: Imagine a script that depends on the curl binary at run time. After grafting it runs with the patched curl, without a rebuild.
<drakonis>
is that so?
<drakonis>
i dont think that's how it works
<adisbladis>
__monty__: Not without updating _every_ expression that references curl I think
<__monty__>
adisbladis: The curl expression is the only one that needs updating.
<drakonis>
the graft updates on rebuild
<__monty__>
Yes but the rebuild is far more limited. You're not actually compiling the thing depending on curl again. You just need to give it a different PATH.
<__monty__>
Terminology is lacking.
<__monty__>
The example in the blogpost is "Perl gets a replacement. Coreutils depends on curl at build time so it is unaffected. Inkscape depends on perl at run time, so it gets grafted." The important part being you don't actually need to recompile inkscape.
<drakonis>
yes, that's an advantage.
<drakonis>
so to say.
<drakonis>
because you can use it to do emergency replacements
<drakonis>
its not perfect, but for all purposes and intents, it is excellent for dealing with costly rebuilds
<drakonis>
but i think we're focusing too much on the security aspect of grafting and not the other things it enables
<__monty__>
Just because that's the main problem it is touted to solve though.
<drakonis>
it is an application of another mechanism
<colemickens>
the dedication of those folks is inspiring. It'd be hard to start "another" knowing the community would be so hard to grow beyond what nix/guix already have in motion, etc.
<colemickens>
hard for me, that is.
<hyperfekt>
it might be difficult to grow as a general competitor but much easier to grow in the racket community
<__monty__>
So far Xides seems like Guix:s/Guile/Racket/, what sets it apart?
<drakonis>
racket's entire ecosystem i'd say
<drakonis>
its a bit early in its lifecycle right now
<__monty__>
*Xiden
<drakonis>
but it is more portable than guix
<drakonis>
also no gnu association i'd say
<drakonis>
current day xiden is still racket based it seems
<drakonis>
it tries explain why would someone want to use it over other options
<drakonis>
zero trust seems to be the primary guiding focus
<drakonis>
it is... hmm, an interesting take
<__monty__>
What does it mean though? Does each package declare which capabilities it needs and you configure which capabilities to grant or something?
<drakonis>
the docs explain that in more detail
<drakonis>
gonna be back in a jiffy
<drakonis>
cooking up food
<__monty__>
Executive summary? I like to pretend I'm people's boss ; )
<drakonis>
let me take care of my food then we'll talk more
<drakonis>
but the focus seems to be to grant far greater control on how to deliver things
<drakonis>
and it has a far more fine grained notion of versions and editions
<drakonis>
so you could theoretically offer variants of a package and multiple versions of those variants
<drakonis>
i'll go take care of my pasta now, cant have it boil too much
<drakonis>
i aint no soggy pasta lover
<drakonis>
this is my understanding of xiden, mind you.
Taneb has quit [Read error: Connection reset by peer]
Taneb has joined #nixos-chat
<gchristensen>
what is the common alternative to prometheus, which is push based instead of pull based?
<Taneb>
All I can think of is Graphite
<gchristensen>
mm...
<gchristensen>
influxdb I think
<MichaelRaskin>
Who told Discourse that showing two adjacent fields in the Tab order, then adding an entry between them once the first one becomes non-empty (and removing it back when if the field is cleared!) is a great idea?
<ashkitten>
why is there so little info about vulkan memory management
rj has joined #nixos-chat
<__monty__>
Because Vulkans are logical beings so you can just infer it from foundational principles.
<MichaelRaskin>
Vulkans are but GPUs aren't
<Church->
colemickens: So wordpress-nix looks complete. Would be nice if it was..
<Church->
cleaner.*
rj has quit [Ping timeout: 240 seconds]
ixxie has quit [Quit: Lost terminal]
lunc has quit [Ping timeout: 246 seconds]
__monty__ has quit [Quit: leaving]
lunc has joined #nixos-chat
tomberek has quit [Quit: Connection closed]
tomberek has joined #nixos-chat
supersandro2000 is now known as Guest83516
Guest83516 has quit [Killed (card.freenode.net (Nickname regained by services))]
supersandro2000 has joined #nixos-chat
neeasade has joined #nixos-chat
<samueldr>
hmm... any idea why a process started from PID1, a busybox sh script, in stage-1 wouldn't be able to `mkdir` and `mount` things when started in the background (`thing &`), but can when started in the foreground?
<samueldr>
basically the second userland process started in the background
<gchristensen>
is the literal only difference -& ?
<samueldr>
yes
<samueldr>
added a sleep to check
<samueldr>
but time-ing it when in foreground it exits basically instantly
<gchristensen>
with the &, you added sleep 5 after?
<samueldr>
yes
<gchristensen>
what happens when bg'd?
<samueldr>
I don't know!
<gchristensen>
hah!
<samueldr>
but it won't mkdir(3) and mount(3)
<gchristensen>
symptoms?
<samueldr>
/init: line 0: can't open '/dev/null': No such file or directory
<samueldr>
there's also that
<gchristensen>
ooh
* samueldr
checks if it's any backgrounded executable
<gchristensen>
is busybox opening /dev/null to disconnect stdin from the subprocess?
* samueldr
doesn't know what else there is as actual executables
<samueldr>
I guess busybox
<samueldr>
plausible
<gchristensen>
what if you did true | ( mkdir and stuff )&
<gchristensen>
does that even work? I have no idea