| 17 Mar 2025 |
 antifuchs | could this be a Restart="on-failure"; type thing? huh | 18:10:17 |
 ElvishJerricco | antifuchs: I'm still not quite following. What unit is failing? | 18:26:39 |
| antifuchs | that was my initrd ssh server, due to that network misconfiguration on my part. The ssh server has Restart="on-failure", which is what I suspect causes the password prompt to also restart | 18:27:59 |
| antifuchs | (restart without a rate limit, critically) | 18:28:40 |
| ElvishJerricco | That doesn't sound like what ought to be happening, huh | 18:28:40 |
| antifuchs | yea, it's not amazing ((: | 18:29:10 |
| ElvishJerricco | well I mean I'm trying to figure out why that would be what's happening | 18:30:51 |
| antifuchs | I think I still have the broken initrd on my boot menu, let me take a screenshot rq | 18:34:31 |
| ElvishJerricco | like sshd failing again shouldn't cause emergency mode to restart | 18:34:41 |
| antifuchs | sorry, "ssh server" is a shorthand for https://github.com/boinkor-net/hoopsnake; it's me on my very own bullshit. service config is this: https://github.com/boinkor-net/hoopsnake/blob/main/nixos/module.nix#L191 | 18:35:56 |
| antifuchs | * sorry, "ssh server" is shorthand for https://github.com/boinkor-net/hoopsnake; it's me on my very own bullshit. service config is this: https://github.com/boinkor-net/hoopsnake/blob/main/nixos/module.nix#L191 | 18:36:50 |
| antifuchs | rebooting now to capture that behavior | 18:39:01 |
 emily | how do you get your tailscale keys in initrd btw? | 18:42:20 |
| antifuchs | using tpm-encrypted systemd credentials (: | 18:43:16 |
| antifuchs | LoadCredential is really pretty sweet | 18:43:25 |
| antifuchs | got a screen recording that hopefully doesn't have passwords in it. just need to upload it somewhere | 18:43:51 |
| antifuchs | https://vimeo.com/1066686462?share=copy#t=0 is the screencap | 18:45:51 |
| antifuchs | at minute 1:00 or so you can see it popping up the emergency password prompt after I started the unit | 18:46:43 |
| antifuchs | then I entered the first 10c of the password and didn't press enter, but it popped up another prompt | 18:47:02 |
| antifuchs | (you can also see some multiple zfs password prompts that might stem from the same issue tbh) | 18:49:53 |
 gdamjan | why not use TPM credentials for the ZFS pool too? | 19:58:35 |
| antifuchs | mainly because I prefer to have a human in the loop knowing that this system was booted (: | 20:03:48 |
| antifuchs | (and confirming that it should boot) | 20:03:56 |
| 18 Mar 2025 |
 @rosscomputerguy:matrix.org | I heard something changed with QuickAck in networkd that needs to change. Someone told me about it but I don't understand what's not working with it so maybe someone here could fix it? I was told something needs to be duplicated. | 16:53:01 |
| ElvishJerricco | Is this a good idea? https://github.com/NixOS/nixpkgs/pull/375975 I've certainly needed it quite a few times. But you wouldn't want people just blindly enabling it because they got an error without understanding it | 21:38:37 |
 @adam:robins.wtf | Maybe give a stern warning with it? | 21:39:42 |
| ElvishJerricco | adamcstephens: like an actual warnings = ... type warning? Or just in the description? | 21:42:39 |
| @adam:robins.wtf | just the description. | 21:43:20 |
| ElvishJerricco | I just realized... we ought to give the kernelModules / availableKernelModules options the same treatment as supportedFilesystems | 21:44:37 |
| ElvishJerricco | i.e. kernelModules.foo = true; rather than kernelModules = [ "foo" ]; | 21:44:53 |
