| 30 Jul 2021 |
 Robert Hensing (roberth) | I'd like to be able to fetch a specific file for a specific deployment | 14:40:03 |
| Robert Hensing (roberth) | and I'd like to do the same for locking, because it doesn't make sense to lock many deployments if you only need one | 14:40:51 |
| Robert Hensing (roberth) | or am I supposed to poke around in some global objects to figure out the intent? | 14:42:29 |
| Robert Hensing (roberth) | (I'm not too familiar yet) | 14:42:46 |
| 1 Aug 2021 |
|  Jamie joined the room. | 08:01:24 |
| 2 Aug 2021 |
 mvnetbiz |
Provisioning affects configuration management: for instance, if we instantiate an EC2 machine as part of a larger deployment, it may be necessary to put
the IP address or hostname of that machine in a configuration file on another machine. NixOps takes care of this
automatically.
Is there an already existing way of doing something like this but instead of IP address, refer to the contents of a file on another machine? Like a certificate generated by a systemd unit? What information besides IP address can be used? If public ssh host key was usable, I could configure a service on 1 machine to get the certificate from another.
| 23:39:55 |
| mvnetbiz | I'm referring to NixOps, but maybe there is something else capable of doing something like this. | 23:40:35 |
| 3 Aug 2021 |
| Robert Hensing (roberth) | a NixOps resource for generating an ssh key pair would be helpful for this | 13:02:30 |
 Amine Chikhaoui | roberth: https://github.com/NixOS/nixops/blob/master/nix/command-output.nix ? | 13:27:11 |
| Robert Hensing (roberth) | Amine Chikhaoui: cool. Does that save the output indefinitely or run every time? | 13:27:54 |
| Amine Chikhaoui | I think it does store the output here https://github.com/NixOS/nixops/blob/master/nixops/resources/commandOutput.py#L97 | 13:28:48 |
| Robert Hensing (roberth) | it also runs when the script changes. That might be a problem | 13:30:07 |
| Robert Hensing (roberth) | depends how tolerant the deployment is of the change | 13:30:26 |
| Amine Chikhaoui | hm well if you change the script, for me it makes sense that the resource output changes | 13:30:52 |
| Robert Hensing (roberth) | yeah it does seem like a good default | 13:31:10 |
| Robert Hensing (roberth) | it wouldn't be appropriate for something like NixOps' own ssh keys that it uses to deploy the machines | 13:32:32 |
| Amine Chikhaoui | ah right, those are handled by the machine resource I think | 13:33:18 |
| Robert Hensing (roberth) | yes, I'm just using it as a hypothetical example | 13:33:41 |
| Robert Hensing (roberth) | it's probably ok to just cycle keys instantly in most situations I guess | 13:34:48 |
| Robert Hensing (roberth) | and where it isn't you can work around it with a script on the host | 13:35:09 |
| Robert Hensing (roberth) | would be nice for network expressions to be expressed in the module system | 13:38:16 |
| Robert Hensing (roberth) | it'd provide opportunity to refine and document such applications of resources etc | 13:38:50 |
| 4 Aug 2021 |
|  ilkecan joined the room. | 12:34:00 |
| 5 Aug 2021 |
|  Mate Hajzso changed their display name from ajz229 to Mate Hajzso. | 11:44:14 |
| 6 Aug 2021 |
| Robert Hensing (roberth) | Amine Chikhaoui mvnetbiz we do have an ssh keypair resource: https://github.com/NixOS/nixops/blob/master/nixops/resources/ssh_keypair.py | 10:48:34 |
| Robert Hensing (roberth) | just no docs | 10:49:01 |
| Robert Hensing (roberth) | like what's the point then? | 10:49:11 |
|  cw (? days since last shower) changed their display name from continuouswave to cw (? days since last shower). | 18:10:42 |
| Robert Hensing (roberth) changed their display name from roberth to Robert Hensing (roberth). | 19:46:32 |
|  ash (it/its) changed their display name from ashkitten (it/its) 🏳️⚧️ to ash (it/its). | 21:03:11 |
