| 3 Jan 2025 |
 Grimmauld (moving to @grimmauld:grapevine.grimmauld.de) | I understand the community builder is there for community projects and build jobs too big to be feasible on local systems. What exactly are the typical requirements to get access? There have been a couple build jobs i ran so far that took a couple hours each on normal hardware, so far i decided to just build via github actions. But that can only go so far. And the documentation i could find all basically said "open a PR and see what happens", but that feels very spongy.
(For the record, i have other IRL obligations currently, so not relevant until maybe august, but figured i'd ask if the topic were community builders rn) | 21:42:56 |
 Gaétan Lepage | Well, according to me, you will be granted access if you show that you would use it to contribute to ...well, nix (community) projects.
Apart from this, I don't think like that there is hard requirements. | 21:45:14 |
| Gaétan Lepage | AFAIK, It's not really supposed to be used for personal stuff. | 21:45:36 |
| Grimmauld (moving to @grimmauld:grapevine.grimmauld.de) | specifically, i was compiling different linux kernels with different patches for various apparmor features. Those patches are a part of only ubuntu currently, but bringing them to nix would kinda require a builder for it to be any fun developing | 22:09:20 |
 emily | that seems plenty in-scope | 22:10:12 |
| emily | I think any builds you need to do in the course of contributing to Nixpkgs are fine (within the constraints of not hogging all the resources forever of course, but it's often pretty quiet on the boxes) | 22:10:42 |
| Grimmauld (moving to @grimmauld:grapevine.grimmauld.de) | alright thanks, thats reassuring. I will give a shout once i am there. Currently working on my bachelors thesis and systemd hardening while i wait for apparmor upstream to make some progress, so it'll be a bit, but do expect that request eventually | 22:13:12 |
 zowoq | x86 build box costs ~€50. | 23:42:16 |
| emily | ah, server auction? makes sense | 23:47:32 |
| zowoq | We're basically on budget now at €640. | 23:51:18 |
| Gaétan Lepage | You mean that we have right enough to handle our current monthly budget or that we have enough to get an ARM builder ? | 23:52:01 |
| zowoq | Sorry, the former. | 23:56:20 |
| 4 Jan 2025 |
| Gaétan Lepage | Ok I see | 00:13:18 |
| Gaétan Lepage | What is your opinion on the feasibility of adding third-party systems to nix-community/infra ? | 00:13:58 |
| Gaétan Lepage | For instance, if some people like liberodark want to "donate" their system to nix-community so that they can be used as builders while still physically keeping the hardware. Would this be feasible ? | 00:15:01 |
| zowoq | Maybe? Really depends on what we'd use it for. | 00:19:43 |
 purepani | In reply to @glepage:matrix.org
For instance, if some people like liberodark want to "donate" their system to nix-community so that they can be used as builders while still physically keeping the hardware. Would this be feasible ? What stops them from being a jia tan and replacing their builds with malicious packages? | 00:20:00 |
| emily | the community builders are not trusted for anything | 00:20:13 |
| emily | AIUI the offer is for a free x86 box comparable to the current x86 builder, which seems good if it would free up enough resources to pay for a replacement for the dead AArch64 community builder | 00:20:34 |
| emily | (but I guess €50 isn't quite enough for that) | 00:20:39 |
| Gaétan Lepage | In reply to @zowoq:matrix.org
Maybe? Really depends on what we'd use it for. I was thinking about using those as non-critical remote builders (not for CI) | 00:22:36 |
| Gaétan Lepage | In reply to @purepani:matrix.org
What stops them from being a jia tan and replacing their builds with malicious packages? Well, nothing I guess. But anyway, it is clearly stated that the nix-community builders should not be trusted, so it's not changing our threat model that much I guess. | 00:23:45 |
| zowoq | Downtime may be an issue if the box doesn't have out of band kvm/ipmi. | 00:24:50 |
 liberodark | Yep KVM & IPMI is not available. | 00:25:37 |
| liberodark | But this can be the case with HA.
But it is not the same service. | 00:26:43 |
| liberodark | In my case I propose to provide a machine and this for free to help.
The hosting cost is 25€ per server.
Since we have a dedicated 10 Gb line.
These are mainly costs for electricity more than anything else.
For my part I am only proposing if it can help. | 00:29:06 |
| liberodark | * In my case I propose to provide a machine and this for free to help.
The hosting cost is 25€ per server.
Since we have a dedicated 10 Gb lines.
These are mainly costs for electricity more than anything else.
For my part I am only proposing if it can help. | 00:29:46 |
| liberodark | For my part, it was during a discussion with Gaétan Lepage that I heard about a need for a builder.
Hence the fact that I came to offer my help on the subject. | 00:30:51 |
| liberodark | * Yep KVM & IPMI are not available. | 00:31:32 |
| liberodark | * But it can be the case with HA.
But it is not the same service. | 00:32:02 |
