| 28 Aug 2021 |
 andi- | In reply to @domenkozar:matrix.org
I've cancelled the trunk mass rebuild as the latest trunk eval seems to not be affected anymore That is probably related to someone reverting an OpenSSL fix... | 14:31:37 |
 Domen Kožar | right | 14:34:04 |
 hexa | hm | 14:52:13 |
| hexa | so we are fine with openssl going through staging-next? | 14:52:49 |
| hexa | because I asked on #security:nixos.org and it felt like people were fine with master | 14:53:32 |
| hexa | https://github.com/NixOS/nixpkgs/pull/135611 | 14:54:17 |
 Alyssa Ross | I vote master | 14:54:21 |
| hexa | https://github.com/NixOS/nixpkgs/pull/136035 | 14:59:29 |
 @grahamc:nixos.org | +1 on master | 15:38:10 |
| @grahamc:nixos.org | gonna try to get those macs going | 21:09:19 |
| @grahamc:nixos.org | ordering pizza to skip making dinner | 21:09:24 |
 sterni | In reply to @vcunat:matrix.org
(I've never used a Mac.) By the way, M1 seems the least overloaded platform on Hydra over long-term, so adding one to OfBorg would be my next preferable step. I wonder if this will change now that GHC has aarch64-darwin support which adds around 6000 jobs, I think | 21:10:28 |
| @grahamc:nixos.org | good stuff | 21:10:46 |
| 30 Aug 2021 |
 Jonas Chevalier | cache.nixos.org is now configured entirely with terraform | 08:19:53 |
| Jonas Chevalier | I'm going to switch tarballs.nixos.org from CloudFront to Fastly with terraform next | 08:20:21 |
| Jonas Chevalier | tarballs.nixos.org is now pointing to Fastly. It might take a while before Fastly generates the TLS certs | 08:58:46 |
 Sandro | Don't forget to update the diagnostics script linked on the page | 09:00:41 |
| Jonas Chevalier | switching back, Faslty doesn't auto-generate the TLS certs as I expected | 09:30:16 |
 Vladimír Čunát | BTW, mac?-guest builders seem often in a bad shape on Hydra. 1, 2 and 5 haven't managed (almost) any build steps. (link1, link2) | 10:56:17 |
| andi- | In reply to @zimbatm:numtide.com
switching back, Faslty doesn't auto-generate the TLS certs as I expected tarballs.nixos.org points to a cloudfront CNAME that doesn't exist. Is that expected? | 12:32:50 |
| Jonas Chevalier | fixed | 13:09:15 |
| Jonas Chevalier | that's the problem of having to clickety-click. one character was missing | 13:09:34 |
| Jonas Chevalier | I mapped all the index.html files we have in the sub-domains. Eg: https://github.com/NixOS/nixos-org-configurations/tree/master/terraform/cache | 13:11:48 |
 lukegb (he/him) | 👍 | 13:15:54 |
 baloo | In reply to @zimbatm:numtide.com
switching back, Faslty doesn't auto-generate the TLS certs as I expected this needs to be activated in the webinterface | 16:20:47 |
| baloo | not sure if it's available in the API | 16:20:58 |
| Jonas Chevalier | there is a subscriptions API: https://registry.terraform.io/providers/fastly/fastly/latest/docs/resources/tls_subscription
| 16:25:32 |
| baloo | yeah, they had a couple options over the years for managing TLS. The one you're looking for is the one backed by letsencrypt I guess. But I'm not sure which one that is :D | 16:26:19 |
| Jonas Chevalier | it's only available to the superadmin account by default so I'm waiting on Rob Vermaas (he/him) | 16:26:21 |
| Jonas Chevalier | * it's only available to the superadmin account by default so I'm waiting on Rob Vermaas (he/him) to give me access | 16:26:25 |
