| 3 Jan 2025 |
 Grimmauld (moving to @grimmauld:grapevine.grimmauld.de) | alright thanks, thats reassuring. I will give a shout once i am there. Currently working on my bachelors thesis and systemd hardening while i wait for apparmor upstream to make some progress, so it'll be a bit, but do expect that request eventually | 22:13:12 |
 zowoq | x86 build box costs ~€50. | 23:42:16 |
 emily | ah, server auction? makes sense | 23:47:32 |
| zowoq | We're basically on budget now at €640. | 23:51:18 |
 Gaétan Lepage | You mean that we have right enough to handle our current monthly budget or that we have enough to get an ARM builder ? | 23:52:01 |
| zowoq | Sorry, the former. | 23:56:20 |
| 4 Jan 2025 |
| Gaétan Lepage | Ok I see | 00:13:18 |
| Gaétan Lepage | What is your opinion on the feasibility of adding third-party systems to nix-community/infra ? | 00:13:58 |
| Gaétan Lepage | For instance, if some people like liberodark want to "donate" their system to nix-community so that they can be used as builders while still physically keeping the hardware. Would this be feasible ? | 00:15:01 |
| zowoq | Maybe? Really depends on what we'd use it for. | 00:19:43 |
 purepani | In reply to @glepage:matrix.org
For instance, if some people like liberodark want to "donate" their system to nix-community so that they can be used as builders while still physically keeping the hardware. Would this be feasible ? What stops them from being a jia tan and replacing their builds with malicious packages? | 00:20:00 |
| emily | the community builders are not trusted for anything | 00:20:13 |
| emily | AIUI the offer is for a free x86 box comparable to the current x86 builder, which seems good if it would free up enough resources to pay for a replacement for the dead AArch64 community builder | 00:20:34 |
| emily | (but I guess €50 isn't quite enough for that) | 00:20:39 |
| Gaétan Lepage | In reply to @zowoq:matrix.org
Maybe? Really depends on what we'd use it for. I was thinking about using those as non-critical remote builders (not for CI) | 00:22:36 |
| Gaétan Lepage | In reply to @purepani:matrix.org
What stops them from being a jia tan and replacing their builds with malicious packages? Well, nothing I guess. But anyway, it is clearly stated that the nix-community builders should not be trusted, so it's not changing our threat model that much I guess. | 00:23:45 |
