| 5 Oct 2022 |
 Arian | Seems the cryptsetup test suite is not building on x86_64 for some reason https://logs.nix.ci/?key=nixos/nixpkgs.189676&attempt_id=dca5d82a-d384-48ab-b255-4cd435191024 | 07:06:44 |
 Zhaofeng Li | In reply to @arianvp:matrix.org
Seems the cryptsetup test suite is not building on x86_64 for some reason https://logs.nix.ci/?key=nixos/nixpkgs.189676&attempt_id=dca5d82a-d384-48ab-b255-4cd435191024 Seems to be unrelated | 14:31:32 |
 K900 | Hey systemd nerds | 16:14:22 |
| K900 | Anyone know how XDG_RUNTIME_DIR gets set for user sessions? | 16:14:30 |
| K900 | WSL really wants it to be in a different spot | 16:14:35 |
| K900 | OK I can just set it in environment.variables and it kinda gets picked up | 16:35:20 |
|  @kn:envs.net changed their profile picture. | 18:01:28 |
|  Rosuavio joined the room. | 19:06:25 |
 colemickens | K900 btw dont ask why I know this, but: https://www.freedesktop.org/software/systemd/man/pam_systemd.html | 22:44:08 |
| 6 Oct 2022 |
| colemickens | re #169116 is openvpn in stage-1 something explicitly supported now? | 00:10:29 |
 @elvishjerricco:matrix.org | colemickens: There's nixos tests for it at least | 00:11:05 |
| colemickens | hm I see | 00:11:21 |
| @elvishjerricco:matrix.org | and options for it in man configuration.nix | 00:11:22 |
| colemickens | huh yeah, okay, I guess I've just glossed over it | 00:11:47 |
| K900 | In reply to @colemickens:matrix.org
K900 btw dont ask why I know this, but: https://www.freedesktop.org/software/systemd/man/pam_systemd.html I also know that, the problem is WSL bypasses PAM entirely | 06:56:58 |
| K900 | Anyway I gave up | 06:57:10 |
| K900 | Let upstream figure it out | 06:57:24 |
| 10 Oct 2022 |
|  @raphi:tapesoftware.net joined the room. | 12:43:41 |
 Paul Haerle | I've been hacking around with network-related functionality from https://github.com/NixOS/nixpkgs/pull/169116
and needed to add the following files for outgoing https to work:
boot.initrd.environment.etc = {
"resolv.conf".text = "nameserver 1.1.1.1";
"ssl/certs/ca-certificates.crt".source = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
boot.initrd.systemd.storePaths = [
# so nix can look up dns entries
"${pkgs.glibc}/lib/libnss_dns.so.2"
];
Size increase is imho neglectable, so is this something you'd want to add to the PR ElvishJerricco ? (using network.namservers instead of 1.1.1.1 ofc)
| 22:31:22 |
| Paul Haerle | * I've been hacking around with network-related functionality from https://github.com/NixOS/nixpkgs/pull/169116
and needed to add the following files for outgoing https to work:
boot.initrd.environment.etc = {
"resolv.conf".text = "nameserver 1.1.1.1";
"ssl/certs/ca-certificates.crt".source = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
boot.initrd.systemd.storePaths = [
# so nix can look up dns entries
"${pkgs.glibc}/lib/libnss_dns.so.2"
];
Size increase is imho neglectable, so is this something you'd consider for the PR ElvishJerricco ? (using network.namservers instead of 1.1.1.1 ofc)
| 22:31:34 |
| Paul Haerle | I think it's useful, because it enables me to run tools like nix and curl in my initrd :) | 22:32:46 |
| Paul Haerle | * I think it's useful, because it enables me to run tools like nix with remote flakes and curl in my initrd :) | 22:32:58 |
| @elvishjerricco:matrix.org | Interesting... | 22:32:59 |
| @elvishjerricco:matrix.org | I dunno if we want that by default but I could see a configurable option for it | 22:33:24 |
| Paul Haerle | In reply to @elvishjerricco:matrix.org
I dunno if we want that by default but I could see a configurable option for it I think an option would work fine as well. Just see little harm besides a few kb. But i guess outgoing tls connections from your initrd are a fringe use case to begin with :D | 22:34:31 |
| 11 Oct 2022 |
 @oxalica:matrix.org | In reply to @phaer:matrix.org
I've been hacking around with network-related functionality from https://github.com/NixOS/nixpkgs/pull/169116
and needed to add the following files for outgoing https to work:
boot.initrd.environment.etc = {
"resolv.conf".text = "nameserver 1.1.1.1";
"ssl/certs/ca-certificates.crt".source = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
boot.initrd.systemd.storePaths = [
# so nix can look up dns entries
"${pkgs.glibc}/lib/libnss_dns.so.2"
];
Size increase is imho neglectable, so is this something you'd consider for the PR ElvishJerricco ? (using network.namservers instead of 1.1.1.1 ofc)
In stage 2, resolv.conf is managed by systemd-resolved. Should we just enable it in stage 1? | 06:52:28 |
| @elvishjerricco:matrix.org | that's an interesting option. | 06:54:35 |
| Paul Haerle | In reply to @oxalica:matrix.org
In stage 2, resolv.conf is managed by systemd-resolved. Should we just enable it in stage 1? Sounds reasonable to me? At least if networking is enabled? | 09:01:49 |
| Paul Haerle | In reply to @oxalica:matrix.org
In stage 2, resolv.conf is managed by systemd-resolved. Should we just enable it in stage 1? * Sounds reasonable to me? At least if networking is enabled. | 09:01:55 |
| Zhaofeng Li | What should we do to push https://github.com/NixOS/nixpkgs/pull/189676 forward? | 20:18:30 |
