| 3 Jan 2022 |
 Paul Haerle | Arian: Oh right, i remember seeing your project before - thanks! | 09:11:33 |
| Paul Haerle | Arian: Are you running your initrd code in production already? I have a remote-nixos-on-zfs-root-installer laying around, but one of it's practical problems atm is that the initrd gets pretty big and thats painful to improve as the moment as https://github.com/NixOS/nixpkgs/commit/776a5e6ebfacc6831527bc6c3c1a58ef2087c819 was reverted and nixpkgs initrd still uses ./paths-from-graph.pl which seems to confuse nix-tree, store-path info, etc. | 09:14:12 |
 Arian | I have my own impl of makeInitrd in that repo | 09:48:27 |
| Arian | That uses closureInfo | 09:48:32 |
 @janne.hess:helsinki-systems.de | In reply to @arianvp:matrix.org
That uses closureInfo I'm still looking into the code, but why are you using closeInfo? Doesn't that add a lot of unused weight into stage-1? | 10:29:25 |
| Arian | Mostly because I didn't care and it was the simplest. I haven't dabbled into optimising the initrd size yet | 10:40:47 |
| Arian | Wanted to get working initrd as simply as possible. | 10:41:03 |
| @janne.hess:helsinki-systems.de | I do like the simplicity of it. No weird tooling involved, just basic tools. Currently looking at the source of mkinitcpio which seems to follow pretty similar ideas | 10:45:51 |
|  colemickens joined the room. | 17:23:20 |
| 4 Jan 2022 |
 @andi:kack.it | The issue with the current initrd approach in nixpkgs is that it really causes unfortunate library confusions if you have two (or more) packages providing the same libraries. I've had an issue with pulling in systemd into the closure as that also pulled in systemdMinimal and then the features wouldn't be available as it always dlopen'ed the minimal library :'( | 13:37:04 |
| @andi:kack.it | We need a better approach for that initrd (and should also rip out that systemdMinimal ASAP) | 13:37:21 |
| Arian | This is also an argument for my approach even though it's not optimised yet. It's 'just' a nix store. So no confusion among libraries | 13:45:07 |
| colemickens | In reply to @phaer:matrix.org
Arian: Are you running your initrd code in production already? I have a remote-nixos-on-zfs-root-installer laying around, but one of it's practical problems atm is that the initrd gets pretty big and thats painful to improve as the moment as https://github.com/NixOS/nixpkgs/commit/776a5e6ebfacc6831527bc6c3c1a58ef2087c819 was reverted and nixpkgs initrd still uses ./paths-from-graph.pl which seems to confuse nix-tree, store-path info, etc. That installer is something I was considering hacking together for netboot oracle instances. Id love to take a peek | 15:56:48 |
| Paul Haerle | colemickens 🏳️🌈: It's not really in a state to be published yet. I have some local branches, but what's there in main should work at least on hetzners hcloud and you might get an idea or two for your oracle instances from there. Be aware that the resulting initrd is currently gigantic (1.3GB uncompressed at last count) | 17:11:43 |
| Paul Haerle | colemickens 🏳️🌈: Ah, forgot the link which i just made public https://github.com/dep-sys/nixos-zfs-installer | 17:12:22 |
| Paul Haerle | I think it should in theory be doable to maintain a generic flake which provides nix functions and nixosModules to bundle parameterized install scripts with a somewhat minimal kernel configuration + initrd for kexec, netbooting and vms all together. Making them unattended and seed thinks such as the host name, network config, etc to the installer in a generic way seems challenging to me. Same as flexible partitioning. e.g. EFI & zfs mirroing support would be awesome | 17:28:23 |
| colemickens | I think maybe this is OT and maybe I should throw up a repo even just so we can spitball ideas, but I am thinking along the same lines. In many cases, disk layout will be known ahead of time and I'm thinking a heuristic for "matching" to a selected disk layout to a booted machine, it notices the disks are not zpool members and kicks in. | 18:56:02 |
| colemickens | I am also thinking this initrd could be smart enough to consume VM userdata via cloud api, libvirtd, etc for last mile provisioning. | 18:56:42 |
| colemickens | With sops-nix having support for cloud KVM, and a scheme I've found for supporting multiple user zfs keys... I think some somewhat interesting things could be built that would be highly appealing to certain types of orgs. | 18:57:32 |
| colemickens | phaer: ^^ | 18:57:50 |
| @janne.hess:helsinki-systems.de | In reply to @colemickens:matrix.org
With sops-nix having support for cloud KVM, and a scheme I've found for supporting multiple user zfs keys... I think some somewhat interesting things could be built that would be highly appealing to certain types of orgs. We don't have stage-1 support in sops-nix yet though. But it's one of my next projects apart from the stc stuff | 19:13:26 |
| 5 Jan 2022 |
| Paul Haerle | In reply to @colemickens:matrix.org
I think maybe this is OT and maybe I should throw up a repo even just so we can spitball ideas, but I am thinking along the same lines. In many cases, disk layout will be known ahead of time and I'm thinking a heuristic for "matching" to a selected disk layout to a booted machine, it notices the disks are not zpool members and kicks in. A place to collect ideas would be most welcome, I learned a lot since and would have a few ideas to improve my current playground. Also quite interested in the vm data via cloud api thing! :) | 01:01:25 |
| 6 Jan 2022 |
|  Spencer Janssen joined the room. | 05:15:42 |
| 14 Jan 2022 |
| colemickens | phaer: finally circling back to look at this and I noticed that your zfs sets "encryption=off". why is that? | 02:28:12 |
| colemickens | I was all into my idea of iPXE booting Oracle VMs into some sort of installer like that, but I'm not sure it gets me a whole lot over your kexec approach, since kexec seems to work even on OCI aarch64 VMs. | 02:31:21 |
| Paul Haerle | In reply to @colemickens:matrix.org
phaer: finally circling back to look at this and I noticed that your zfs sets "encryption=off". why is that? Where is that? There's encryption=on in https://github.com/dep-sys/nixos-zfs-installer/blob/main/installer/scripts/nuke-disk.sh#L35 | 08:32:23 |
| Paul Haerle | In reply to @colemickens:matrix.org
I was all into my idea of iPXE booting Oracle VMs into some sort of installer like that, but I'm not sure it gets me a whole lot over your kexec approach, since kexec seems to work even on OCI aarch64 VMs. My main problem with it is that the installer image is so huge, next time i have time for this project, I'd like to work on that. Which is also one of the reasons i became interested in systemd in stage one.
But as we are a bit off-topic here. Shall we discuss in a repo, new channel or dms? | 09:06:11 |
| colemickens | weird, maybe I was just really tired. I'll make a room or something soon | 23:57:00 |
| 3 Feb 2022 |
|  kirelagin joined the room. | 01:58:33 |
| 2 Mar 2022 |
| Paul Haerle set a profile picture. | 13:09:04 |
