gchristensen changed the topic of #nixos-dev to: NixOS Development (#nixos for questions) | https://hydra.nixos.org/jobset/nixos/trunk-combined https://channels.nix.gsc.io/graph.html | 18.03 release managers: fpletz and vcunat
<shlevy> thoughtpolice: uploading tarballs now
<shlevy> Will be a bit of up front work to fix the default ACLs in the copy-tarballs script first
<shlevy> niksnut: Around?
<shlevy> thoughtpolice: First upload going :)
<shlevy> Hmm I wonder if we actually need the 64-bit bootstraps
<shlevy> Would be nice if we could bootstrap 64-bit witha 32-bit bootstrap...
<shlevy> (also someone should figure out openjdk cross-compiling)
pxc has joined #nixos-dev
pxc has quit [Ping timeout: 240 seconds]
mbrgm has quit [Ping timeout: 260 seconds]
mbrgm has joined #nixos-dev
<gchristensen> clever: not sure why we'd need a new builtin, seems like adding it to the NIX_PATH is just as good, and requires no language changs
zybell_ has quit [Ping timeout: 265 seconds]
<clever> gchristensen: more that it generates an attrset, and you cant really add a set to NIX_PATH
{`-`} has joined #nixos-dev
Lisanna has quit [Quit: Lisanna]
jtojnar has joined #nixos-dev
orivej has joined #nixos-dev
orivej has quit [Ping timeout: 248 seconds]
pxc has joined #nixos-dev
pxc has quit [Ping timeout: 268 seconds]
vcunat has joined #nixos-dev
<Mic92> globin: I had problems running the tests in with sandbox enabled. Did you had the same problems
<Mic92> ?
<Mic92> globin: our udev rules for interface renaming diverge from upstream.
<Mic92> I tried to align them in the past, but broke something.
<Mic92> I am not sure if that is the problem here.
<Mic92> globin: I am currently on holiday. Maybe I can look again in the evening.
Bogdacutu has joined #nixos-dev
phreedom has quit [Ping timeout: 268 seconds]
ma27 has joined #nixos-dev
ma27 has quit [Ping timeout: 256 seconds]
davidlt__ has joined #nixos-dev
davidlt__ is now known as davidlt
orivej has joined #nixos-dev
<vcunat> I wanted to try bisecting over systemd commits, but I'm running into problems that I can't solve (quicky)
<vcunat> last one: PermissionError: [Errno 13] Permission denied: '/etc/systemd'
<vcunat> (during build of systemd)
<vcunat> Bisection is likely not good approach anyway, due to us requiring patches atop upstream releases.
Bogdacutu has quit [Ping timeout: 240 seconds]
LnL has quit [Quit: exit 1]
LnL has joined #nixos-dev
JosW has joined #nixos-dev
goibhniu has joined #nixos-dev
davidlt has quit [Remote host closed the connection]
FRidh has joined #nixos-dev
FRidh has quit [Client Quit]
davidlt has joined #nixos-dev
orivej has quit [Ping timeout: 276 seconds]
ma27 has joined #nixos-dev
ma27 has quit [Client Quit]
ma27 has joined #nixos-dev
orivej has joined #nixos-dev
ma27 has quit [Ping timeout: 256 seconds]
ma27 has joined #nixos-dev
ma27 has quit [Remote host closed the connection]
ma27 has joined #nixos-dev
<gchristensen> clever: how so?
lassulus has quit [Changing host]
lassulus has joined #nixos-dev
<globin> vcunat: I'm currently bisecting with our patches applied
orivej has quit [Ping timeout: 255 seconds]
vcunat has quit [Ping timeout: 264 seconds]
<gchristensen> I made an issue about my NIX_PATH and user channel question: https://github.com/NixOS/nix/issues/2033 please leave your thoughts :)
<gchristensen> LnL, shlevy ^
ma27 has quit [Ping timeout: 256 seconds]
ma27 has joined #nixos-dev
ma27 has quit [Ping timeout: 256 seconds]
ma27 has joined #nixos-dev
phreedom has joined #nixos-dev
ma27 has quit [Ping timeout: 246 seconds]
ma27 has joined #nixos-dev
the has joined #nixos-dev
the has quit [Changing host]
the has joined #nixos-dev
the has quit [Remote host closed the connection]
the has joined #nixos-dev
the has quit [Changing host]
the has joined #nixos-dev
ma27 has quit [Ping timeout: 276 seconds]
<gchristensen> `the` is +o'd to handle spam waves fyi
the has quit [Remote host closed the connection]
the has joined #nixos-dev
the has quit [Changing host]
the has joined #nixos-dev
taktoa has quit [Remote host closed the connection]
lassulus has quit [Read error: Connection reset by peer]
lassulus has joined #nixos-dev
ma27 has joined #nixos-dev
zybell has joined #nixos-dev
jtojnar has quit [Read error: Connection reset by peer]
jtojnar has joined #nixos-dev
ma27 has quit [Ping timeout: 256 seconds]
<Mic92> globin: fpletz: I am on Tuesday in Munich at 11:00 and flight goes at 17:00. Do we want to meet for lunch/coffee break?
<globin> Mic92: you can just drop by at our office anytime and hack from there too if you want to
<globin> Mic92: I'll try to be in the office at ~11 then :)
<Mic92> globin: no hurry, I will have to take the tram to the city centre.
mbrgm has quit [Read error: Connection reset by peer]
<globin> Mic92: will be up rather early anyway so it's not a problem
mbrgm has joined #nixos-dev
JosW has quit [Ping timeout: 256 seconds]
orivej has joined #nixos-dev
s33se has joined #nixos-dev
txp284 has joined #nixos-dev
zybell has quit [Ping timeout: 240 seconds]
txp284 has quit [Quit: Yaaic - Yet another Android IRC client - http://www.yaaic.org]
lassulus has quit [Changing host]
lassulus has joined #nixos-dev
lassulus has quit [Quit: WeeChat 2.0]
lassulus has joined #nixos-dev
zybell_ has joined #nixos-dev
the has quit [Ping timeout: 276 seconds]
lassulus has quit [Quit: WeeChat 2.0]
lassulus has joined #nixos-dev
<globin> niksnut: ping, some channels have not been updating for ~4 days
zybell_ has quit [Ping timeout: 248 seconds]
zybell_ has joined #nixos-dev
JosW has joined #nixos-dev
lassulus has quit [Quit: WeeChat 2.0]
lassulus has joined #nixos-dev
pie___ has joined #nixos-dev
pie__ has quit [Ping timeout: 264 seconds]
JosW has quit [Ping timeout: 264 seconds]
vcunat has joined #nixos-dev
<Mic92> vcunat: my build patch is required (This message has been postponed on 2018-04-01 15:03:29.)
<thoughtpolice> JDK updates pushed to `master`, 18.03 ports coming soon hopefully... I rebuilt locally with Nox and everything seemed OK, I'll monitor Hydra in the next few hours as well.
<vcunat> sounds great
orivej has quit [Ping timeout: 256 seconds]
<gchristensen> way to go vcunat, on cloudflare using knot
<vcunat> Yes, I know :-D
<clever> gchristensen: have you had a chance to look at my make-system-tarball PR again lately?
<vcunat> The downside is that it's more work for me.
<gchristensen> well I hear NixOS is the best way to run Knot *looks at cloudflare ;))
<gchristensen> clever: I haven't ... link?
<gchristensen> actually, I'm quite tired -- perhaps tomorrow?
<clever> kk
<vcunat> :-D I haven't tried to suggest NixOS to them. Perhaps it's too late now when it's running. (Well I didn't really know in advance about the public resolver.)
<vcunat> Conquest for world domination continues, both on Nix* and Knot* front.
<gchristensen> I should probably run my own DNS
<vcunat> gchristensen: you can also buy our routers that have knot-resolver inside ;-)
<vcunat> (and they self-update!)
<gchristensen> :) I already have my router running nixos, though if I were in the market I'd be interested
<vcunat> Yeah, you will probably be better off with NixOS.
<gchristensen> I don't quite know why cloudflare is doing this, though
<vcunat> It could be just publicity.
<vcunat> Funny how 9.9.9.9 and 1.1.1.1 started soon after each other.
<gchristensen> isn't 9.9.9.9 a surveilance thing?
<vcunat> Offering a free service to monitor its users? I've heard no such news about them.
<MichaelRaskin> Isn't 1.1.1.1 also?
<gchristensen> MichaelRaskin: who do you like for DNS?
<MichaelRaskin> Recursive caching on localhost…
<vcunat> (iterating directly and not forwarding anywhere, I assume)
<MichaelRaskin> Yes. Ideally it should also cross-correlate with VPS, of course, but I am lazy.
<vcunat> I understand that for people with bad connections that way is slower, but otherwise it feels good to have this more under control.
<MichaelRaskin> Well, for bad connections I guess recursive + aggressive caching is the way to go…
<vcunat> By aggressive you mean rfc8198, going over TTL when unable to contact upstream, or something else?
<MichaelRaskin> Try to connect first, check TTL later.
<vcunat> Right.
<vcunat> Like https://tools.ietf.org/html/draft-ietf-dnsop-serve-stale-00 and the like. These topics are popular now.
<vcunat> We've been just now hurrying with exactly your approach for 1.1.1.1
<zybell_> as long as TLS is used, no damage. But when you connect to another host unencrypted because of that damage is possible,example revealing password or handing e-mail over.
<MichaelRaskin> _passwords_ without encryption has been a horrible practice for quite long time now…
<MichaelRaskin> HTTP header leak — yes, that's a risk
<zybell_> even simple SMTP :mail A thinks delivered :mail B thinks SPAM
* gchristensen updates dhcp to broadcast a local kresd for dns
* vcunat looks forward to bug reports
<MichaelRaskin> If you have a flaky local connection, ideally you TLS-deliver the mail to a reasonably-connected mail server (which obviously authenticates you)
davidlt_ has joined #nixos-dev
<gchristensen> "One example is statistics module that can stream live metrics on the website, or publish metrics on request for Prometheus scraper" :o
davidlt has quit [Ping timeout: 256 seconds]
<zybell_> Yeah, says I:Use TLS whenever you aggressively cache DNS, or you *will* encounter bugs!
<shlevy> thoughtpolice: This is more preference than policy, but IMO it's better to rebase than add a fixup for stuff like the tarball URL... Kind of academic in the status quo but ideally all commits on master would be valid individually
<vcunat> Uh, well, I wouldn't cache longer than day(s) over TTL. And in that case it (IMHO) seems unlikely to run into real problems.
<vcunat> (that you wouldn't hit without the caching)
<thoughtpolice> shlevy: Ah yeah, I normally do so but just didn't think about it -- sorry
<shlevy> No worries :)
<shlevy> Thanks for bumping jdk!
JosW has joined #nixos-dev
goibhniu has quit [Ping timeout: 260 seconds]
vcunat has quit [Quit: Leaving.]
JosW has quit [Quit: Konversation terminated!]
<zybell_> vcunat: If a sysadmin changes IP, a carefully orchestrated dance of TTL begins in preparation of a carefully planned point in time when the actual switch is done and *sametime* the DNS delivers the new data. Usually the tolerance is 2 minutes the timeout of a TCP-Sync.
<Profpatsch> gchristensen: Can I interest you in a meta-checker example?
<Profpatsch> nix-build -A hello
<Profpatsch> I’ve hidden a few errors, can you find them all? :P
davidlt_ has quit [Ping timeout: 264 seconds]