worldofpeace_ changed the topic of #nixos-dev to: #nixos-dev NixOS Development (#nixos for questions) | NixOS 20.03 BETA Announced https://discourse.nixos.org/t/nixos-20-03-beta/5935 | https://hydra.nixos.org/jobset/nixos/trunk-combined https://channels.nix.gsc.io/graph.html | https://r13y.com | 19.09 RMs: disasm, sphalerite; 20.03: worldofpeace, disasm | https://logs.nix.samueldr.com/nixos-dev
<garbas> worldofpeace: i was hoping to have a new downloads page. but i wouldnt like to block release because of it.
<garbas> worldofpeace: but, it would be great to bring marketing team to help release team with announcement and highlights for 20.09.
<gchristensen> +1
<garbas> worldofpeace: will there be any postmostem meeting for the release?
<garbas> usually it is good to have postmortem as soon as possible to keep the ideas fresh. but i'm not sure how would everybody react on yet another meeting.
<worldofpeace> We were going to have another go/no-go on wednesday. that's in 5 days. Not sure about postmortem
<worldofpeace> (I find postmortem a weird word because it's like after death, even if used as after)
<worldofpeace> garbas: though I think more regular things are actually more important than the big ones. those are only productive after
<garbas> postmostem, i wonder why we use such terms :) i like the story for "canary deployments"
<garbas> a more regular meeting would be even better
<garbas> meetings*
<abathur> "process review"? :)
<flokli> garbas: we can do a 20.03 postmortem once 20.09 has been released and is a month out ;-)
<samueldr> flokli: I understand that you're volounteering for releasing 20.09?
<samueldr> ;)
<gchristensen> w00t
<samueldr> (btw I'm not being honest here)
<flokli> uff, no. Already spending wayy too much of my evenings on nixpkgs stuff
<flokli> I need to get my todo count to 0
<samueldr> that number can decrease?
<gchristensen> last I popped 1 off 3 went on
<flokli> I managed to get from Inbox 300 to Inbox 100 while staying at home.
<samueldr> that doesn't sound healthy
<flokli> I wouldn't consider "amount of unactioned mails in mailbox" a proper metric for todos
<flokli> But it's one part of the equation ;-)
<gchristensen> 12368...
<flokli> gchristensen: that's your email count?
<gchristensen> yea
<flokli> unread?
<samueldr> 1196 unread, but anything github is sent to a label
<samueldr> 2157 :o
<flokli> I was just gonna ask, did you enable ALL the github notifications?
<flokli> :-D
<gchristensen> unread
<flokli> dude
<gchristensen> want some/
<flokli> nah, you can keep them
<gchristensen> okay, I'm good at that
<flokli> :-)
<gchristensen> they lose their value if you open them. mint condition!
<flokli> I can "unread" them again
nh2 has quit [Ping timeout: 246 seconds]
nh2 has joined #nixos-dev
elvishjerricco has quit [Ping timeout: 272 seconds]
elvishjerricco has joined #nixos-dev
<jtojnar> ugh, planned to be here for the meeting but encountered some snow when cycling, which made the trip two hours longer
<gchristensen> ouch!
<cole-h> Suuuure, that's what they all say... :P
<cole-h> At least you got back safely (or so I assume)
<jtojnar> yeah, it was cool, trying to ride few kms in the snow, just tiring, skidding all the time
<jtojnar> worldofpeace: I am not aware of any critical GNOME issues
<jtojnar> but the flatpak TLS issue is worrying
<jtojnar> and I have no idea how to fix it
<{^_^}> #82422 (by piotr-szegda, 3 weeks ago, open): Flatpak SSL Certificate problem
bhipple has joined #nixos-dev
Emantor has quit [Quit: ZNC - http://znc.in]
Emantor has joined #nixos-dev
<abathur> gchristensen floki samueldr: I used to give an inbox-zero student in my grad program anxiety whenever I left my gmail tab open for a bit during a presentation or meeting :]
<abathur> at the time it was only like 14k unopened
<abathur> the total used to be more obvious before the inbox/social/promotions/updates/forums split
<abathur> I guess I've got 41618 unopened messages across all 5 bins, now?
<abathur> every few years I'll go dump several thousand messages with a search for facebook/twitter/groupon/etc.
<abathur> though generally gmail storage growth seems to outpace my accumulation rate
lovesegfault has quit [Ping timeout: 260 seconds]
lovesegfault has joined #nixos-dev
teto has quit [Ping timeout: 252 seconds]
bhipple has quit [Ping timeout: 264 seconds]
bhipple has joined #nixos-dev
bhipple has quit [Ping timeout: 250 seconds]
bhipple has joined #nixos-dev
lovesegfault has quit [Ping timeout: 272 seconds]
lovesegfault has joined #nixos-dev
lovesegfault has quit [Quit: WeeChat 2.8]
cole-h has quit [Quit: Goodbye]
drakonis has quit [Quit: WeeChat 2.7.1]
FRidh has joined #nixos-dev
puck has quit [Quit: nya]
puck has joined #nixos-dev
orivej has quit [Ping timeout: 260 seconds]
ixxie has joined #nixos-dev
erictapen has quit [Ping timeout: 256 seconds]
tilpner_ has joined #nixos-dev
tilpner has quit [Ping timeout: 256 seconds]
tilpner_ is now known as tilpner
__monty__ has joined #nixos-dev
<zimbatm> worldofpeace: disasm: created https://discourse.nixos.org/c/announcements/nixos-releases/29 per request from garbas
<zimbatm> you are also part of this team: https://discourse.nixos.org/g/nixos-release
<zimbatm> and only that team is allowed to post new release annoucements
ixxie has quit [Ping timeout: 265 seconds]
ixxie has joined #nixos-dev
erictapen has joined #nixos-dev
<pie_[bnc]> a small note on haskell2020 not happening and why the ghc steering comittee works https://reasonablypolymorphic.com/blog/haskell202x/
erictapen has quit [Ping timeout: 256 seconds]
erictapen has joined #nixos-dev
erictapen has quit [Ping timeout: 265 seconds]
teto has joined #nixos-dev
FRidh has quit [Quit: Konversation terminated!]
Jackneill has quit [Ping timeout: 250 seconds]
ehmry[m] is now known as ehmry
<aanderse> oh my watch out for some fradulent github emails
<aanderse> had me click on gLthub, which if you don't look carefully... glthub
<qyliss> I've been getting a few recently too
<qyliss> the ones I've had so far have been pretty blatant, fortunately
orivej has joined #nixos-dev
<gchristensen> this is why u2f is so good.
<gchristensen> effectively unphishable, unlike totp
<aanderse> good to know
<aanderse> ps. gchristensen is something going on with bot? i pinged you on a PR
<gchristensen> link?
<gchristensen> github has been breaking their API
<gchristensen> if anyone sees an ofborg-internal-error, please ping me as quickly as possible -- I can't keep many logs due to how much logging happens, but it usually indicates breakage in the github api
teto has quit [Ping timeout: 272 seconds]
<gchristensen> huh
<gchristensen> I don't suppose anyone has easy recommendations on setting up centralized logging for nixos in like, a few hours
<gchristensen> without a ton of components
<hexa-> thinking loki is the smallest scalable solution
<hexa-> that might be fun to use :)
<hexa-> depends on what you expect from such a service
FRidh has joined #nixos-dev
<gchristensen> I'd like to be able to ideally some primitive amount of search over 12 hours of data across like 10 machines. push or pull is fine. integration with journald would be ideal
teto has joined #nixos-dev
<gchristensen> hexa-: do you have a favorite quick-start or reading material for loki to start with?
<hexa-> hmm
<hexa-> lemme check
<hexa-> i have some config lying around for that
<hexa-> with syslog forwarding
<MichaelRaskin> Finally I get this quasi-GitHub fishing too
<gchristensen> MichaelRaskin: congratulations!
<gchristensen> hexa-: anything you could share would be great :)
<MichaelRaskin> RV:BV: topic, though… WAT
<hexa-> gchristensen: wormhole receive 7-exodus-adult
<gchristensen> got it!
<MichaelRaskin> (also, HTML-only from GitHub? Really? also, what the hell with the COVID text? I know, I know, trying to throw spamfilters off the trail — and should be fine print, but I view in terminal…)
<hexa-> we tried collecting openwrt router logs with that
<gchristensen> hexa-: so rsyslogd is forwarding to promtail, promtail is slurping up /var/log and journald and syslog on 1514, and forwarding to loki?
<hexa-> gchristensen: yep
teto has quit [Ping timeout: 272 seconds]
<hexa-> very interested in the systemd journal compat part
<hexa-> haven't looked into that yet
<gchristensen> cool
<gchristensen> thanks! this looks pretty easy!
teto has joined #nixos-dev
<qyliss> HTML-only is usually my first sign that something is wrong too
<qyliss> make it stick out like a sore thumb
<gchristensen> also, seriously, if you can, get a U2F key and use it instead of TOTP when possible
<hexa-> gchristensen: how do you backup your u2f key?
<gchristensen> I don't, I have the emergency tokens saved in pass
<hexa-> obviously a trick question :p
<gchristensen> :)
<MichaelRaskin> gchristensen: I think it is _more_ useful to automate password manager actually using the URL domain from the browser window
<gchristensen> yes that helps, but U2F doesn't depend on users doing that, and doesn't fall for the "oh my password manager is buggy" problem
<MichaelRaskin> Because that also breaks phishing on the websites not supporting all the buzzword bingo
<gchristensen> U2F isn't only buzzword-security
<gchristensen> it is seriously effective
<gchristensen> for example, it has no shared secret, and is bound to the domain origin. you get the domain origin but you have the shared secret. TOTP has a shared secret too
<MichaelRaskin> At that point I want to observe that telling a browser to authenticate with U2F permits the browser to authenticate with U2F to anything (which is pretty likely to be exploitable in terms of iframe-based user identification). Is there a software U2F implementation for Linux with proper filtering?
<sphalerite> o/ people of #nixos-dev but particularly niksnut: I'm thinking of submitting an NGI Zero project to improve nix's distributed build support. My main question is if anyone's interested and would support upstreaming an effort along these lines or if anyone has any further input :)
<gchristensen> sphalerite: niksnut is only highlighted if your message begins with "niksnut: "
<gchristensen> U2F doesn't work requires user interaction and doesn't work with cross-domain iframes
<MichaelRaskin> Requires — as implemented by browsers? I mean, by now Web is too much of a garbage pile to believe in proper implementations on any side.
<gchristensen> no, implemented in the hardware token
<MichaelRaskin> Ah, that's better
<MichaelRaskin> But I won't bother with HW tokens unless employed by something that already employs people making sure access tokens work perfectly.
<gchristensen> ie: an appeal to authority?
<MichaelRaskin> gchristensen: no, unless _I_ am employed by entity already paying people to make sure that tokens work ideally
<gchristensen> ah :)
<MichaelRaskin> Google using something is a complicated signal from my point of view, actually
<MichaelRaskin> Not purely positive
<gchristensen> hehe, yeah same
<gchristensen> "Facebook uses btrfs" good signal: they use it, less good signal: at massive scale you can afford more failures in the face of certain benefits
<MichaelRaskin> True signal: your HDDs will fail, sooooo when did you manually look up the status of backup cronjob?
<MichaelRaskin> Also, Google is just a huge bunch of «doing things not _quite_ correctly»
<sphalerite> niksnut: (and others) I'm thinking of submitting an NGI Zero project to improve nix's distributed build support. My main question is if anyone's interested and would support upstreaming an effort along these lines or if anyone has any further input :)
<sphalerite> gchristensen: thanks!
<tilpner> sphalerite: Perhaps it would make sense to name a few specific things you would like to improve? (Or maybe it's just me who has no idea what you mean specifically)
<MichaelRaskin> I also have some stuff (which is maybe not so much about distrivuted builds as about general scheduling), not written down mostly (but could sketch down if useful)
<MichaelRaskin> And happy to read for consistency/orthogonality
johnny101m has joined #nixos-dev
teto has quit [Ping timeout: 260 seconds]
teto has joined #nixos-dev
<Profpatsch> sphalerite: improving the build scheduler?
teto has quit [Ping timeout: 272 seconds]
cole-h has joined #nixos-dev
justanotheruser has quit [Ping timeout: 260 seconds]
drakonis has joined #nixos-dev
justanotheruser has joined #nixos-dev
bgamari has quit [Quit: ZNC 1.7.5 - https://znc.in]
erictapen has joined #nixos-dev
bgamari has joined #nixos-dev
<sphalerite> tilpner: a number of things around how remote builds are performed, to improve both performance and usability
<sphalerite> gchristensen: yes, I have those on my list of things to consider already because I was very intrigued the last time I saw you sharing it :D
<sphalerite> gchristensen: thanks for those!
<sphalerite> Profpatsch: the build scheduler and its configuration
<colemickens> !!
<colemickens> I have been writing my own scripts wrapping nix and nix-build in hte last few days dealing with remote builds.
<colemickens> I have /lots/ of thoughts.
<colemickens> those notion's should be linked from any nix distributed builds wiki pages :/
<gchristensen> oh?
<colemickens> just skimming through it is showing me stuff I've painfully learned over the past few days about how remote builds behave, differences in ssh/ssh-ng, substitution, build option propagation
<gchristensen> it didn't occur to me I was writing documentation
<samueldr> colemickens: you probably should do it then :)
* colemickens bites his tongue about the wiki
<colemickens> fair enough, I'll do it now
bgamari has quit [Quit: ZNC 1.7.5 - https://znc.in]
ALLES_bennofs is now known as bennofs
ixxie has quit [Quit: Lost terminal]
bgamari has joined #nixos-dev
bgamari has quit [Quit: ZNC 1.7.5 - https://znc.in]
bgamari has joined #nixos-dev
teto has joined #nixos-dev
Valodim has joined #nixos-dev
<Profpatsch> sphalerite: great, I’d love to see improvements to the scheduler. Especially removing the property that it has to copy all intermediate store paths to the host machine after every step would be great
lovesegfault has joined #nixos-dev
<lovesegfault> The size of the hydra queue is giving me anxiety
<samueldr> ah, easily explanable, some user-specific evals
<samueldr> or use-specific
<samueldr> IIRC they have a lower share allocation, so it affects the main things less
<samueldr> and 36987 is on darwin, which would only hold up nixpkgs-unstable, nixos-unstable won't be held up by that
<lovesegfault> What's this structured-attrs jobset?
<samueldr> evaluating what I understand is an upcoming refactor of the way attrsets are given in derivations
<lovesegfault> what do you mean by "given"?
* lovesegfault reads
<lovesegfault> Also, I got kind of jelly looking at Guix yesterday
<lovesegfault> Their stuff is so nice, and guile is a cute lisp
<globin> lovesegfault: i also only trigger it by hand
<samueldr> oh, forgot to say those user-case specific evals are triggered by hand :)
<samueldr> staging-next is, too, I think
<samueldr> (or is it staging?)
<samueldr> staging-next is not manual, but it requires changes to staging-next, which is not all the time
<lovesegfault> I think staging-next triggers daily automatically
<lovesegfault> Oh?
<samueldr> well, sometimes it happens that there's no changes on staging-next, no?
<samueldr> looking at those sometimes a full week between evals https://hydra.nixos.org/jobset/nixpkgs/staging-next/evals
<lovesegfault> Then it must be on change, yeah
<samueldr> hydra doesn't re-queue an eval without changes
<samueldr> well, it evals, but doesn't queue builds
<samueldr> they're all already built, or failed!
<lovesegfault> Huh, apparently environment.noXlibs breaks NetworkManager's build
<lovesegfault> b/c of some networkmanager-fortissvpn pkg
<lovesegfault> I don't even use that, wonder where it's coming from
<cole-h> globin: So with structured attrs as they are now, are env vars supposed to go in `env = { ENV1 = "..."; ENV2 = "..."; };`? Just looking through your recent "fix" commit, it looks like that's the case
<lovesegfault> Eh wtaf? enabling the NeworkManager module brings in a bunch of garbage in a non-overridable way
<mjsir911> Hello all! Can I do anything to help with getting 72296 reviewed?
<mjsir911> #72296
<{^_^}> https://github.com/NixOS/nixpkgs/pull/72296 (by mjsir911, 22 weeks ago, open): softether: add vpnserver.settings option
<lovesegfault> Like, that even is this nonsense
* lovesegfault is super confused
mjsir911 has quit [Quit: Goodbye, World!]
<cole-h> Sounds like a question for worldofpeace, considering it was their commit that removed the customizability
<lovesegfault> It effectively breaks noXlibs if you want to use NetworkManager
mjsir911 has joined #nixos-dev
FRidh has quit [Quit: Konversation terminated!]
<worldofpeace> lovesegfault: that module is and has been super confusing
<lovesegfault> worldofpeace Yeah, I looked through the history just now and it's a bit mindbending
<worldofpeace> the uses I found in nixpkgs for, what I think you're talking about is basePackages, was to use gnome3's package set
<worldofpeace> but if you look in all-packages.nix...
<worldofpeace> the top level attrs were the gnome3 versions
<lovesegfault> Wait, why are we talking about gnone?
<lovesegfault> lol, * gnome
<lovesegfault> Oh, yeah
<lovesegfault> which made it impossible to have networkmanager without all those addons
<lovesegfault> which in turn makes it impossible to use nm in a system with noXlibs = true
<worldofpeace> lovesegfault: I wasn't considering that. It was a bad issue because you couldn't evaluate those desktops together, and I wasn't considering testing that because there's no whispers of it in the module. We could add it back, with the suggestions infinisil made so it actually works
<lovesegfault> worldofpeace: I'll try and get that done this weekend if I have some time :)
<lovesegfault> Thanks for helping trace the reasoning :D
<worldofpeace> lovesegfault: no problem. I'm surprised I remember in such detail :)
<infinisil> gchristensen: If you have time it would be nice to get your approval for #82461
<{^_^}> https://github.com/NixOS/nixpkgs/pull/82461 (by Infinisil, 3 weeks ago, open): Checked maintainers
__monty__ has quit [Quit: leaving]
infinisil has quit [Quit: Configuring ZNC, sorry for the joins/quits!]
infinisil has joined #nixos-dev
<jtojnar> gchristensen ofborg-internal-error on staging-next PR https://github.com/NixOS/nixpkgs/pull/83618
<{^_^}> #83618 (by FRidh, 1 week ago, open): Staging next
justanotheruser has quit [Ping timeout: 256 seconds]
<gchristensen> these are very annoying :( I cannot believe github has broken their api so much. jtojnar: if they are more than 5-6h old, simply remove them and re-evaluate. I'm working on collecting the logs better so I Can go further back
<jtojnar> thanks
<domenkozar[m]> vscode is going to ship extension api in next version that allows extensions to modify shell environment and propagate that to all the editor bits
<domenkozar[m]> quite exciting for nix-shell :)
<{^_^}> microsoft/vscode#46696 (by DanTup, 2 years ago, open): Allow extensions to modify terminal environment variables
<cole-h> Someone wanna remove the ofborg-internal-error tag on this? https://github.com/NixOS/nixpkgs/pull/84136
<{^_^}> #84136 (by Izorkin, 2 days ago, open): nixos/tests: add check mariadb galera cluster
<cole-h> CI is happy with it now
<cole-h> (Ping gchristensen, sorry)
<lovesegfault> That attrVals and attrValues both exist and do significantly different things is kind of evil :P
<pie_[bnc]> domenkozar[m]: damn i don think even emacs has that :P
<pie_[bnc]> not that i know much about emacs
<pie_[bnc]> so maybe it does
<cole-h> It has direnv-mode
<sphalerite> Profpatsch: yes, that's the kind of thing I want to improve :)
justanotheruser has joined #nixos-dev
<gchristensen> sometimes I wish I wasn't so good at finding yaks
<pie_[bnc]> gchristensen: it might just be that they are literally everywhere and you can see without glasses
<abathur> it's yaks all the way down
<abathur> every once in a while I try to remember how many yaks down I am at the moment
* gchristensen is about 30 minutes in to a nixops-wireguard plugin
<jtojnar> worldofpeace do you recall if you PRd the pygobject patch to libmodulemd?
<jtojnar> I cannot find a PR
<worldofpeace> Jan Tojnar: Hmm, I doesn't look like I have. I think it might have been another patch (just like that) PR'd to a fedora project
<worldofpeace> yeah, the commit said "Pending upstream submission.", which I guess means I never PR'd it
<jtojnar> I can rebase it and submit it
<worldofpeace> Thanks, I think I just did the patch real quick, since I don't even have it forked.
<worldofpeace> jtojnar++
<{^_^}> jtojnar's karma got increased to 36
<worldofpeace> jtojnar++
<{^_^}> jtojnar's karma got increased to 37
<jtojnar> worldofpeace what do we do about the flatpak on stable? https://logs.nix.samueldr.com/nixos-dev/2020-04-04#1585962169-1585962307;
<jtojnar> in the worst case we could downgrade to 1.4 branch?
<jtojnar> but I am still not sure if the issue is with flatpak or p11-kit
<worldofpeace> Jan Tojnar: just looked at the issue again. It's pretty confusing, this just reads arcane to me https://github.com/NixOS/nixpkgs/issues/82422#issuecomment-604474592.
erictapen has quit [Ping timeout: 265 seconds]
<jtojnar> worldofpeace this is the simplest explanation I found https://github.com/p11-glue/p11-kit/issues/275#issue-556837079