| 23 Sep 2025 |
 hexa | that's a rather profound regression for stable users | 01:45:29 |
| hexa | zowoq: petition to keep the cuda-stable jobset around until 25.05 eol | 01:46:55 |
| hexa | so they seem to be building cuda for all the branches they track, but stable is currently a month old 25.05 commit | 02:40:22 |
|  sinan changed their profile picture. | 02:47:54 |
 zowoq | that's fair, I've restored the jobset. | 02:59:15 |
|  apyh joined the room. | 09:03:12 |
|  Chris P Bacon joined the room. | 09:46:48 |
|  kenji changed their display name from a-kenji to kenji. | 10:39:36 |
| hexa | thanks! | 13:31:50 |
|  pinkybrain joined the room. | 23:13:05 |
| 24 Sep 2025 |
|  waltmck joined the room. | 18:41:00 |
| waltmck | Hey everyone! nixos-apple-silicon is looking to move to a full kernel, which would simplify things and solve many open bugs but brings the build time from about 20 minutes to 2 hours on my MacBook Air. nixpkgs does not allow vendor kernels, so we are looking for an alternative cache.
Unfortunately, it looks like the nix-communitybuilder builds arbitrary untrusted derivations from PRs, which most of the nixos-apple-silicon maintainers find unacceptable in light of the recent Nix CVE's. How are other projects handling this? Are you just using the nix-community cache or self-hosting your own builders, or something else?
| 18:54:29 |
| waltmck | * Hey everyone! nixos-apple-silicon is looking to move to a full kernel, which would simplify things and solve many open bugs but brings the build time from about 20 minutes to 2 hours on my MacBook Air. nixpkgs does not allow vendor kernels, so we are looking for an alternative cache.
Unfortunately, it looks like the nix-community builder builds arbitrary untrusted derivations from PRs, which most of the nixos-apple-silicon maintainers find unacceptable in light of the recent Nix CVE's. How are other projects handling this? Are you just using the nix-community cache or self-hosting your own builders, or something else?
| 18:54:53 |
 Jonas Chevalier | The best I can think of is to use the namespace.so GitHub Action builders they are gracefully providing to nix-community, and then push to your own Cachix cache. Hopefully it takes less than 2h to build on their hardware but worth trying out to find out. | 21:12:43 |
| Jonas Chevalier | Otherwise, help us secure and bring the Nix builders up to a level that makes you happy, that would be pretty awesome too. | 21:13:44 |
| 25 Sep 2025 |
|  nyanbinary 🏳️⚧️ removed their profile picture. | 16:30:49 |
| nyanbinary 🏳️⚧️ set a profile picture. | 16:35:19 |
 SomeoneSerge (back on matrix) | Hydra question: when using services.hydra.buildMachinesFiles, does one need to explicitly specify localhost as a builder for hydra to scedule some builds on it? | 22:57:39 |
|  pluie (leah c.) joined the room. | 23:14:21 |
| 26 Sep 2025 |
| waltmck | Thanks! | 01:21:57 |
|  teanyth joined the room. | 09:07:54 |
|  Yureka (she/her) joined the room. | 09:58:09 |
| Yureka (she/her) | Do we have any custom profiles on the namespace.so plan? I'm thinking of adding the ~/.cache/nix to their caching solution to speed up no-rebuild runs | 12:40:04 |
| Jonas Chevalier | Not sure. We have a the equivalent of the "Team" plan (see https://namespace.so/pricing ) | 13:48:23 |
| Yureka (she/her) | The profiles need to be configured in the namespace.so dashboard: https://namespace.so/docs/solutions/github-actions#configure-your-runners | 13:54:26 |
 Mic92 | we did this in nix-eval-jobs for a while until I switched it back to nix-eval-jobs | 14:41:15 |
| Mic92 | but you might be still able to see this in the history | 14:41:23 |
| Mic92 | yes, localhost is not included by default. | 14:41:52 |
| Mic92 | zowoq: I hope my latest PR no longer reveal any surprises, tested it in two buildbot servers: https://github.com/nix-community/buildbot-nix/pull/515#event-19945865657 should make restarting failed builds way faster. | 14:45:38 |
| Mic92 | I would do another release after that. | 14:45:50 |
