| 30 Jun 2023 |
 hexa | probably mentioned somewhere in dmesg | grep renamed | 18:07:19 |
 Zhaofeng Li | (apparently I missed the whole conversation) I pin against MAC addresses as well | 18:16:38 |
| Zhaofeng Li | ... and I go one step further and rename the interfaces to wan/lan/bedroom etc | 18:17:05 |
 @sumner:nevarro.space | thanks for your help, I went ahead and pinned to mac address and it seems to be working. I'll just have to wait and see if I get pinged in the middle of the night again because my server is down due to forgetting how to connect to the internet. I guess networkd is probably more reliable than using dhcpcd? | 19:10:37 |
| 2 Jul 2023 |
|  @duponin:alternativebit.fr left the room. | 20:23:43 |
| 4 Jul 2023 |
|  jlesquembre joined the room. | 09:14:55 |
| 10 Jul 2023 |
 @julian:nekover.se | Hi, why is StrictHostKeyChecking=accept-new enabled per default and is there an option to disable it? | 01:28:01 |
| @julian:nekover.se | Also I'm not sure, if it's great to that option enabled per default. While it's certainly fine for most use cases - depending on where your remote hosts are and what your threat model is - I think such an option should be opt in and not opt out.
I certainly wouldn't expect software to auto-accept remote SSH keys for me, so I was also kinda bamboozled finding out colmena did. | 01:44:40 |
| 11 Jul 2023 |
|  @beect:matrix.org joined the room. | 10:52:41 |
| 12 Jul 2023 |
|  @aktaboot:tchncs.de joined the room. | 22:21:10 |
| @aktaboot:tchncs.de | hello,
Is it possible to (re)use lib.nixosSystem definitions with colmena directly ? | 22:22:39 |
| @aktaboot:tchncs.de | Since I already have each host defined as a lib.nixosSystem attrset | 22:23:46 |
| 13 Jul 2023 |
| Zhaofeng Li | In reply to @julian:nekover.se
Hi, why is StrictHostKeyChecking=accept-new enabled per default and is there an option to disable it? (oof, somehow missed the notification)
It's enabled by default since there isn't a good way to manually accept the keys when deploying to multiple hosts in parallel yet. There isn't an option to disable it right now, but perhaps it can be overridden by SSH_CONFIG_FILE (not sure - need to test)
| 02:31:05 |
| Zhaofeng Li | I think it makes sense to have a flag to opt-out | 02:31:34 |
| Zhaofeng Li | In reply to @aktaboot:tchncs.de
hello,
Is it possible to (re)use lib.nixosSystem definitions with colmena directly ? Not directly but there are multiple converters in https://github.com/zhaofengli/colmena/issues/60 | 02:33:26 |
| @julian:nekover.se | (oof, somehow missed the notification)
No worries! It's enabled by default since there isn't a good way to manually accept the keys when deploying to multiple hosts in parallel yet. There isn't an option to disable it right now, but perhaps it can be overridden by SSH_CONFIG_FILE (not sure - need to test)
Ahh okay, that’s a fair reason. I guess it could still be made more clear tho, but whatever. I might test that env var as well, since I also have some other use cases for different SSH configs. If I knew Rust, I would also just attempt to work on an option for configuring Colmena SSH, but sadly I don’t. However in the end I can still easily enough patch Colmena to get it to do what I need. | 06:43:38 |
| @aktaboot:tchncs.de changed their profile picture. | 06:56:37 |
 @linus:schreibt.jetzt | Is there a matrix channel for attic? | 21:14:04 |
| hexa | (he found #nixos-selfhosted-binary-cache:matrix.org btw) | 23:16:33 |
| 14 Jul 2023 |
|  @lehmanator:gnulinux.club joined the room. | 18:42:10 |
| 16 Jul 2023 |
 Shyim | How do I get the complete log when a apply fails? | 10:23:14 |
| hexa | colmena -v? | 11:20:33 |
| hexa | * colmena build -v? | 11:21:01 |
|  lemmalamma set a profile picture. | 20:36:39 |
| 20 Jul 2023 |
|  fpletz changed their profile picture. | 03:30:26 |
|  @cathalmullan:matrix.org joined the room. | 14:33:00 |
| 21 Jul 2023 |
| lemmalamma | Hey folks! Happy Friday. Colmena's README says it's:
a thin wrapper over Nix commands like nix-instantiate and nix-copy-closure
What does the manual process with nix-instantiate and nix-copy-closure look like? What else is Colmena automating for me?
| 22:16:12 |
| lemmalamma | * Hey folks! Happy Friday. Colmena's README says it's:
a thin wrapper over Nix commands like nix-instantiate and nix-copy-closure
What does the manual process with nix-instantiate and nix-copy-closure look like? What else is Colmena automating for me?
| 22:16:17 |
| Zhaofeng Li | It's basically nix-build '<nixpkgs/nixos>' --argstr configuration ..., nix-copy-closure --to root@remote /nix/store/...-nixos-system-remote and then running the activation script. In addition to those, Colmena provides a framework for accessing configurations of other nodes, out-of-band secrets deployment, and some other features | 22:19:10 |
| 23 Jul 2023 |
| lemmalamma | In reply to @zhaofeng:zhaofeng.li
It's basically nix-build '<nixpkgs/nixos>' --argstr configuration ..., nix-copy-closure --to root@remote /nix/store/...-nixos-system-remote and then running the activation script. In addition to those, Colmena provides a framework for accessing configurations of other nodes, out-of-band secrets deployment, and some other features Thanks! I asked because I want to try to hand-deploy a few times so I can understand what's involved. | 03:10:41 |
