| 25 Mar 2025 |
|  @danish:pacmans.net joined the room. | 23:10:00 |
| 26 Mar 2025 |
|  @raboof:matrix.org left the room. | 02:22:28 |
| 28 Mar 2025 |
|  ester 🐇 changed their display name from uakci to ester 🐇. | 08:07:39 |
|  scottytheengineer joined the room. | 18:15:51 |
| 31 Mar 2025 |
|  evolve joined the room. | 08:38:52 |
|  Hemant Baviskar joined the room. | 19:53:33 |
| Hemant Baviskar removed their profile picture. | 20:14:12 |
| 1 Apr 2025 |
| Hemant Baviskar set a profile picture. | 09:30:44 |
|  zapotecorum joined the room. | 10:00:44 |
|  Adam Neverwas set a profile picture. | 23:15:44 |
| 2 Apr 2025 |
|  Fabian Affolter left the room. | 07:31:21 |
| Fabian Affolter joined the room. | 07:32:04 |
| 3 Apr 2025 |
|  diamond (it/its) changed their display name from Diamond (it/she) to diamond (it/its). | 01:06:26 |
|  Andrew Morgan (anoa) {he/him} changed their display name from Andrew Morgan (anoa) {he/him} [away; til 27th] to Andrew Morgan (anoa) {he/him} [back Apr 14]. | 05:48:53 |
| Andrew Morgan (anoa) {he/him} changed their display name from Andrew Morgan (anoa) {he/him} [back Apr 14] to Andrew Morgan (anoa) {he/him} [back Apr 14]. | 06:35:10 |
|  mjolnir banned  @cafkafk:fem.gg (<no reason supplied>). | 11:41:53 |
| 4 Apr 2025 |
| mjolnir unbanned @cafkafk:fem.gg. | 06:13:17 |
| 5 Apr 2025 |
|  zexu joined the room. | 13:06:53 |
|  @tinybronca:sibnsk.net left the room. | 15:36:30 |
| 6 Apr 2025 |
|  @bashfulrobot.:matrix.org changed their profile picture. | 23:26:44 |
| 8 Apr 2025 |
|  kalessin joined the room. | 01:21:12 |
|  @delatorre:matrix.org joined the room. | 01:59:11 |
| kalessin | Hello @roberth, I am working with #clan:clan.lol on trying to decouple the vars proposal by @lassulus:lassul.us from clan, and I have been trying to think about how vars could be implemented in NixOps4. The part about the CRUD operations on some kind of vars (secrets) storage provider feels straightforward. OTOH, the part about interacting with the user for input (the prompts part of the vars interface), and then feeding this input (with maybe previously generated values, see dependencies in the vars interface), into a script which outputs feed into some vars/secrets storage provider, is less straightforward, could you help me understand how that could fit in the NixOps4 architecture? FWIW in point 3.2 of the document linked in this clan PR, I go over how this is currently implemented in clan. PS: I am happy to move this conversation in e.g. discourse. | 02:56:10 |
| kalessin | * Hello Robert Hensing (roberth), I am working with #clan:clan.lol on trying to decouple the vars proposal by @lassulus:lassul.us from clan, and I have been trying to think about how vars could be implemented in NixOps4. The part about the CRUD operations on some kind of vars (secrets) storage provider feels straightforward. OTOH, the part about interacting with the user for input (the prompts part of the vars interface), and then feeding this input (with maybe previously generated values, see dependencies in the vars interface), into a script which outputs feed into some vars/secrets storage provider, is less straightforward, could you help me understand how that could fit in the NixOps4 architecture? FWIW in point 3.2 of the document linked in this clan PR, I go over how this is currently implemented in clan. PS: I am happy to move this conversation in e.g. discourse. | 02:56:22 |
|  emin017 joined the room. | 06:14:37 |
 Robert Hensing (roberth) | Hi kalessin, thanks for reaching out. If I understand correctly, the vars proposal focuses on wiring up the data flow between scripts inside a NixOS machine, whereas NixOps4 does something similar for expressions while evaluating a whole deployment. It seems that these can indeed be connected. nixops4-nixos is implemented by generating a script that copies the toplevel and switches to it over SSH. This could be extended to write a few files based on the values that are available in the NixOps4 evaluation, such as identifiers and credentials that are generated by other resources. User input isn't part of the design yet, but could be added. I can also imagine that these prompts would be completed with NixOps4 resource data instead of actual interactive user input. | 09:58:47 |
| Robert Hensing (roberth) | Maybe I'm a bit off here. I'd have to play around with the PR a bit to get a feel for it. Maybe there's something I'm missing. For now my focus is on making stateful, Terraform-style resources work (i.e. making it remember what previous outputs were so that it can actually let resource providers talk to APIs in a sensible way). So Terraform is a pretty good analog for now, in terms of what it will be able to do - just imagine it's Nix instead of HCL so it's easier to transfer info into a NixOS configuration, and unlike in Terranix, you can also refer to real resource values in the Nix language. | 10:05:58 |
| Robert Hensing (roberth) |
1. The NixOS configuration [specifies] which vars backend to use;
1. The vars definitions are [exported] to [JSON];
This might be somewhat expensive, as you're loading a whole NixOS configuration just to access the vars definitions
| 10:09:29 |
| Robert Hensing (roberth) | (broad adoption of modular services could drive down that evaluation cost, 2-4× for system.build.toplevel, maybe more for evaluating a small part of a config?) | 10:12:59 |
|  lassulus joined the room. | 17:43:33 |
