#nixos-dev on 2018-04-01

2018-03-19 13:15 gchristensen changed the topic of #nixos-dev to: NixOS Development (#nixos for questions) | https://hydra.nixos.org/jobset/nixos/trunk-combined https://channels.nix.gsc.io/graph.html | 18.03 release managers: fpletz and vcunat

00:26 <shlevy> thoughtpolice: uploading tarballs now

00:26 <shlevy> Will be a bit of up front work to fix the default ACLs in the copy-tarballs script first

00:38 <shlevy> niksnut: Around?

00:39 <shlevy> thoughtpolice: First upload going :)

00:41 <shlevy> Hmm I wonder if we actually need the 64-bit bootstraps

00:41 <shlevy> Would be nice if we could bootstrap 64-bit witha 32-bit bootstrap...

00:41 <shlevy> (also someone should figure out openjdk cross-compiling)

00:49 pxc has joined #nixos-dev

00:54 pxc has quit [Ping timeout: 240 seconds]

01:17 mbrgm has quit [Ping timeout: 260 seconds]

01:18 mbrgm has joined #nixos-dev

01:36 <gchristensen> clever: not sure why we'd need a new builtin, seems like adding it to the NIX_PATH is just as good, and requires no language changs

01:46 zybell_ has quit [Ping timeout: 265 seconds]

02:31 <clever> gchristensen: more that it generates an attrset, and you cant really add a set to NIX_PATH

02:47 {`-`} has joined #nixos-dev

02:51 Lisanna has quit [Quit: Lisanna]

03:03 jtojnar has joined #nixos-dev

03:08 orivej has joined #nixos-dev

04:06 orivej has quit [Ping timeout: 248 seconds]

05:49 pxc has joined #nixos-dev

05:54 pxc has quit [Ping timeout: 268 seconds]

05:57 vcunat has joined #nixos-dev

06:01 <Mic92> globin: I had problems running the tests in with sandbox enabled. Did you had the same problems

06:01 <Mic92> ?

06:01 <Mic92> globin: our udev rules for interface renaming diverge from upstream.

06:02 <Mic92> I tried to align them in the past, but broke something.

06:02 <Mic92> globin: https://github.com/NixOS/nixpkgs/pull/33617 https://github.com/NixOS/nixpkgs/pull/29768

06:03 <Mic92> I am not sure if that is the problem here.

06:04 <Mic92> globin: I am currently on holiday. Maybe I can look again in the evening.

06:33 Bogdacutu has joined #nixos-dev

07:07 phreedom has quit [Ping timeout: 268 seconds]

07:29 ma27 has joined #nixos-dev

07:34 ma27 has quit [Ping timeout: 256 seconds]

07:46 davidlt__ has joined #nixos-dev

07:49 davidlt__ is now known as davidlt

08:17 orivej has joined #nixos-dev

08:23 <vcunat> I wanted to try bisecting over systemd commits, but I'm running into problems that I can't solve (quicky)

08:23 <vcunat> last one: PermissionError: [Errno 13] Permission denied: '/etc/systemd'

08:23 <vcunat> (during build of systemd)

08:24 <vcunat> Bisection is likely not good approach anyway, due to us requiring patches atop upstream releases.

08:25 Bogdacutu has quit [Ping timeout: 240 seconds]

08:44 LnL has quit [Quit: exit 1]

08:49 LnL has joined #nixos-dev

08:55 JosW has joined #nixos-dev

09:17 goibhniu has joined #nixos-dev

10:20 davidlt has quit [Remote host closed the connection]

10:21 FRidh has joined #nixos-dev

10:21 FRidh has quit [Client Quit]

10:24 davidlt has joined #nixos-dev

10:33 orivej has quit [Ping timeout: 276 seconds]

10:40 ma27 has joined #nixos-dev

10:40 ma27 has quit [Client Quit]

10:40 ma27 has joined #nixos-dev

10:53 orivej has joined #nixos-dev

10:54 ma27 has quit [Ping timeout: 256 seconds]

11:02 ma27 has joined #nixos-dev

11:09 ma27 has quit [Remote host closed the connection]

11:10 ma27 has joined #nixos-dev

11:37 <gchristensen> clever: how so?

12:13 lassulus has quit [Changing host]

12:13 lassulus has joined #nixos-dev

12:21 <globin> vcunat: I'm currently bisecting with our patches applied

12:33 orivej has quit [Ping timeout: 255 seconds]

12:37 vcunat has quit [Ping timeout: 264 seconds]

12:43 <gchristensen> I made an issue about my NIX_PATH and user channel question: https://github.com/NixOS/nix/issues/2033 please leave your thoughts :)

12:47 <gchristensen> LnL, shlevy ^

12:48 ma27 has quit [Ping timeout: 256 seconds]

13:00 ma27 has joined #nixos-dev

13:08 ma27 has quit [Ping timeout: 256 seconds]

13:17 ma27 has joined #nixos-dev

13:22 phreedom has joined #nixos-dev

13:32 ma27 has quit [Ping timeout: 246 seconds]

13:39 ma27 has joined #nixos-dev

13:49 the has joined #nixos-dev

13:49 the has quit [Changing host]

13:49 the has joined #nixos-dev

13:50 the has quit [Remote host closed the connection]

13:50 the has joined #nixos-dev

13:50 the has quit [Changing host]

13:50 the has joined #nixos-dev

13:50 ma27 has quit [Ping timeout: 276 seconds]

13:51 <gchristensen> `the` is +o'd to handle spam waves fyi

13:53 the has quit [Remote host closed the connection]

13:54 the has joined #nixos-dev

13:54 the has quit [Changing host]

13:54 the has joined #nixos-dev

14:37 taktoa has quit [Remote host closed the connection]

14:39 lassulus has quit [Read error: Connection reset by peer]

14:39 lassulus has joined #nixos-dev

15:07 ma27 has joined #nixos-dev

15:09 zybell has joined #nixos-dev

15:18 jtojnar has quit [Read error: Connection reset by peer]

15:19 jtojnar has joined #nixos-dev

15:31 ma27 has quit [Ping timeout: 256 seconds]

15:45 <Mic92> globin: fpletz: I am on Tuesday in Munich at 11:00 and flight goes at 17:00. Do we want to meet for lunch/coffee break?

15:53 <globin> Mic92: you can just drop by at our office anytime and hack from there too if you want to

15:55 <globin> Mic92: I'll try to be in the office at ~11 then :)

15:56 <Mic92> globin: no hurry, I will have to take the tram to the city centre.

15:57 mbrgm has quit [Read error: Connection reset by peer]

15:58 <globin> Mic92: will be up rather early anyway so it's not a problem

15:58 mbrgm has joined #nixos-dev

16:00 JosW has quit [Ping timeout: 256 seconds]

16:36 orivej has joined #nixos-dev

16:37 s33se has joined #nixos-dev

16:41 txp284 has joined #nixos-dev

16:48 zybell has quit [Ping timeout: 240 seconds]

17:01 txp284 has quit [Quit: Yaaic - Yet another Android IRC client - http://www.yaaic.org]

17:10 lassulus has quit [Changing host]

17:10 lassulus has joined #nixos-dev

17:14 lassulus has quit [Quit: WeeChat 2.0]

17:15 lassulus has joined #nixos-dev

17:24 zybell_ has joined #nixos-dev

17:31 the has quit [Ping timeout: 276 seconds]

18:18 lassulus has quit [Quit: WeeChat 2.0]

18:20 lassulus has joined #nixos-dev

18:20 <globin> niksnut: ping, some channels have not been updating for ~4 days

18:33 zybell_ has quit [Ping timeout: 248 seconds]

18:45 zybell_ has joined #nixos-dev

19:38 JosW has joined #nixos-dev

19:39 lassulus has quit [Quit: WeeChat 2.0]

19:40 lassulus has joined #nixos-dev

19:46 pie___ has joined #nixos-dev

19:50 pie__ has quit [Ping timeout: 264 seconds]

19:51 JosW has quit [Ping timeout: 264 seconds]

20:03 vcunat has joined #nixos-dev

20:03 <Mic92> vcunat: my build patch is required (This message has been postponed on 2018-04-01 15:03:29.)

20:22 <thoughtpolice> JDK updates pushed to `master`, 18.03 ports coming soon hopefully... I rebuilt locally with Nox and everything seemed OK, I'll monitor Hydra in the next few hours as well.

20:29 <vcunat> sounds great

20:35 orivej has quit [Ping timeout: 256 seconds]

20:42 <gchristensen> way to go vcunat, on cloudflare using knot

20:43 <vcunat> Yes, I know :-D

20:43 <clever> gchristensen: have you had a chance to look at my make-system-tarball PR again lately?

20:43 <vcunat> The downside is that it's more work for me.

20:45 <gchristensen> well I hear NixOS is the best way to run Knot *looks at cloudflare ;))

20:45 <gchristensen> clever: I haven't ... link?

20:45 <gchristensen> actually, I'm quite tired -- perhaps tomorrow?

20:45 <clever> kk

20:45 <vcunat> :-D I haven't tried to suggest NixOS to them. Perhaps it's too late now when it's running. (Well I didn't really know in advance about the public resolver.)

20:46 <vcunat> Conquest for world domination continues, both on Nix* and Knot* front.

20:46 <gchristensen> I should probably run my own DNS

20:47 <vcunat> gchristensen: you can also buy our routers that have knot-resolver inside ;-)

20:47 <vcunat> (and they self-update!)

20:48 <gchristensen> :) I already have my router running nixos, though if I were in the market I'd be interested

20:49 <vcunat> Yeah, you will probably be better off with NixOS.

20:50 <gchristensen> I don't quite know why cloudflare is doing this, though

20:53 <vcunat> It could be just publicity.

20:53 <vcunat> Funny how 9.9.9.9 and 1.1.1.1 started soon after each other.

20:55 <gchristensen> isn't 9.9.9.9 a surveilance thing?

20:56 <vcunat> Offering a free service to monitor its users? I've heard no such news about them.

20:56 <MichaelRaskin> Isn't 1.1.1.1 also?

20:57 <gchristensen> MichaelRaskin: who do you like for DNS?

20:57 <MichaelRaskin> Recursive caching on localhost…

20:59 <vcunat> (iterating directly and not forwarding anywhere, I assume)

21:00 <MichaelRaskin> Yes. Ideally it should also cross-correlate with VPS, of course, but I am lazy.

21:00 <vcunat> I understand that for people with bad connections that way is slower, but otherwise it feels good to have this more under control.

21:02 <MichaelRaskin> Well, for bad connections I guess recursive + aggressive caching is the way to go…

21:03 <vcunat> By aggressive you mean rfc8198, going over TTL when unable to contact upstream, or something else?

21:05 <MichaelRaskin> Try to connect first, check TTL later.

21:05 <vcunat> Right.

21:06 <vcunat> Like https://tools.ietf.org/html/draft-ietf-dnsop-serve-stale-00 and the like. These topics are popular now.

21:07 <vcunat> We've been just now hurrying with exactly your approach for 1.1.1.1

21:11 <zybell_> as long as TLS is used, no damage. But when you connect to another host unencrypted because of that damage is possible,example revealing password or handing e-mail over.

21:12 <MichaelRaskin> _passwords_ without encryption has been a horrible practice for quite long time now…

21:13 <MichaelRaskin> HTTP header leak — yes, that's a risk

21:15 <zybell_> even simple SMTP :mail A thinks delivered :mail B thinks SPAM

21:15 * gchristensen updates dhcp to broadcast a local kresd for dns

21:16 * vcunat looks forward to bug reports

21:16 <MichaelRaskin> If you have a flaky local connection, ideally you TLS-deliver the mail to a reasonably-connected mail server (which obviously authenticates you)

21:18 davidlt_ has joined #nixos-dev

21:20 <gchristensen> "One example is statistics module that can stream live metrics on the website, or publish metrics on request for Prometheus scraper" :o

21:20 davidlt has quit [Ping timeout: 256 seconds]

21:22 <zybell_> Yeah, says I:Use TLS whenever you aggressively cache DNS, or you *will* encounter bugs!

21:24 <shlevy> thoughtpolice: This is more preference than policy, but IMO it's better to rebase than add a fixup for stuff like the tarball URL... Kind of academic in the status quo but ideally all commits on master would be valid individually

21:24 <vcunat> Uh, well, I wouldn't cache longer than day(s) over TTL. And in that case it (IMHO) seems unlikely to run into real problems.

21:24 <vcunat> (that you wouldn't hit without the caching)

21:25 <thoughtpolice> shlevy: Ah yeah, I normally do so but just didn't think about it -- sorry

21:25 <shlevy> No worries :)

21:25 <shlevy> Thanks for bumping jdk!

21:45 JosW has joined #nixos-dev

21:45 goibhniu has quit [Ping timeout: 260 seconds]

21:49 vcunat has quit [Quit: Leaving.]

21:54 JosW has quit [Quit: Konversation terminated!]

22:03 <zybell_> vcunat: If a sysadmin changes IP, a carefully orchestrated dance of TTL begins in preparation of a carefully planned point in time when the actual switch is done and *sametime* the DNS delivers the new data. Usually the tolerance is 2 minutes the timeout of a TCP-Sync.

22:08 <Profpatsch> gchristensen: Can I interest you in a meta-checker example?

22:08 <Profpatsch> https://github.com/Profpatsch/nixpkgs/tree/types-simple-WIP

22:08 <Profpatsch> nix-build -A hello

22:08 <Profpatsch> I’ve hidden a few errors, can you find them all? :P

23:15 davidlt_ has quit [Ping timeout: 264 seconds]