| 11 Oct 2024 |
 emily | (btw I never realized that the cache signing key is on the machine that hosts the hydra.nixos.org site) | 08:00:49 |
| emily | (that terrifies me) | 08:00:52 |
| emily | (strong support for any plan that fixes that) | 08:01:35 |
 fricklerhandwerk | In reply to @joerg:thalheim.io
ok. Seems to be down just now. Yeah we're debugging it, there's some weird Django issues where some stupid script hangs itself to death | 08:04:49 |
 dgrig | In reply to @joerg:thalheim.io
@fricklerhandwerk:matrix.org: where is this security tracker deployed just now? I think it would help if Erethon would have a chat with us, so we can make sure it get integrated with the rest of the infra to some extent. I'm catching up with the channel now, for some reason Element didn't ping me about this mention (maybe because it was capitalized). Just want to point out that what fricklerhandwerk linked too is also Raito's work, don't want to take credit for it. At this point I'm not sure what's the best way to move forward, since it seems that Raito has already done a lot of the work needed to deploy this properly? | 08:05:26 |
| fricklerhandwerk | Mic92: back online | 08:06:32 |
 Mic92 | What is your expected update cadence? | 08:06:41 |
| Mic92 | dgrig: what is blocking you specifically? | 08:07:55 |
| dgrig | In reply to @joerg:thalheim.io
dgrig: what is blocking you specifically? I don't have a "blocker" per se from the nixos infra team. I've been experimenting locally with the security tracker and some other software that fricklerhandwerk wants deployed in an official namespace and manner. On the security tracker front I have some thing to figure out still, but for others (say Odoo if it's ok for us in the end) I want to sync with someone at some point on how we best want it deployed (i.e. does it belong on the non-critical infra, how do we want to backup the database, etc). | 08:21:11 |
| Mic92 | Sure. Do Thursday, 18:00 CEST the next week work for you? | 08:23:58 |
| Mic92 | * Sure. Does Thursday, 18:00 CEST the next week work for you? | 08:24:09 |
| dgrig | In reply to @joerg:thalheim.io
Sure. Does Thursday, 18:00 CEST the next week work for you? Yes, I've blocked all the nixos infra meetings in my calendar so I can attend them. | 08:24:39 |
| fricklerhandwerk | In reply to @joerg:thalheim.io
What is your expected update cadence? Hm, good question. That will depend on whether we get follow-up funding and how much, but say something between 1 week and 1 month | 08:25:23 |
| fricklerhandwerk | In reply to @fricklerhandwerk:matrix.org
Hm, good question. That will depend on whether we get follow-up funding and how much, but say something between 1 week and 1 month There is already automation in place to do continuous deployment to staging, and we'll re-use that for production. | 08:26:14 |
| Mic92 | What is s3 used for? | 08:29:56 |
| Mic92 | Just seems to be backup as far as I can see | 08:30:55 |
 Tristan Ross | In reply to @emilazy:matrix.org
wouldn't that run into the atomics and platform purity problems wrt the evaluator? @tomberek:matrix.org: and I were discussing this a bit last night and we're not entirely sure atomics is an actual problem. How does it affect Hydra? Wouldn't this be an issue with a C++ compiler. Hydra appears to run fine from what I've heard when running on aarch64-linux. The purity thing though, as long as the system is passed through and things are expected right, shouldn't be a concern? | 13:40:41 |
 vcunat | Tristan Ross: I believe the point was around x86 being strict around reordering of instructions while ARM is not. On language level you then need to be careful around https://en.cppreference.com/w/cpp/atomic/memory_order | 14:02:11 |
| Tristan Ross | In reply to @vcunat:matrix.org
Tristan Ross: I believe the point was around x86 being strict around reordering of instructions while ARM is not. On language level you then need to be careful around https://en.cppreference.com/w/cpp/atomic/memory_order Wouldn't this affect the nix cli itself and literally everything? | 14:08:29 |
 K900 | No | 14:08:42 |
| K900 | hydra-queue-runner is like 3k lines of C++ | 14:09:00 |
| K900 | On top of the normal Nix things | 14:09:06 |
| K900 | It's those bits I'm worried about, not Nix | 14:09:15 |
| Tristan Ross | Oh, is there a way to test the queue runner in a way to trigger it breaking because of this on aarch64? | 14:10:29 |
| K900 | Not really without just running it | 14:10:49 |
| K900 | Realistically this is not a big problem | 14:11:00 |
| K900 | It can be tested and fixed | 14:11:03 |
| K900 | Probably in a reasonable amount of time | 14:11:09 |
| K900 | It's just another thing to be aware of if migrating to aarch64 | 14:11:29 |
| K900 | And I genuinely don't see why we need to go aarch64 instead of just upgrading to a beefier and/or better cooled x86 | 14:12:13 |
