| 3 Jun 2022 |
 Linux Hackerman | Last I checked, colmena didn't actually set the host name and forgetting it resulted in all my hosts being called nixos x) | 07:28:54 |
 dantefromhell | In reply to @buckley310:matrix.org
also, /dev/disk/by-id/ stays consistent across reinstalls if you can use GPT partition table you can label each partition.
that allows me to generalize the nix expressions for partitions.
still working on automation of the partitioning itself. | 11:19:41 |
| dantefromhell | In reply to @buckley310:matrix.org
outside of colmena, i believe networking.hostName sets the machine name, and you can set the nixosConfigurations. to whatever you want e.g. the hardware serial number... | 11:21:59 |
| 6 Jun 2022 |
|  kraem changed their profile picture. | 14:48:10 |
 Buckley | When i try to use a targetUser other than root, i get errors pushing content to servers
error: cannot add path '/nix/store/phfygaw0iga0dkdgm7qcj2rhq49viwmj-foo' because it lacks a valid signature
should not privilegeEscalationCommand be used while pushing content, as well as activating it, or is there a reason for this? | 16:08:42 |
| Linux Hackerman | Buckley: I guess it would work if the user were in Nix's trusted-users | 22:48:47 |
| Linux Hackerman | So it's not strictly necessary | 22:49:08 |
| Linux Hackerman | But I don't know if that's why it was implemented this way, nor if it makes sense to do it that way | 22:49:40 |
| Buckley | I’ll have a peek later, but I’m guessing colmena just uses the nix copy tool (which probably doesn’t support sudo). If I’m wrong and it’s a two line patch I’ll totally PR that :o | 23:00:00 |
| 7 Jun 2022 |
 Chinchilla Washington | How can I get more of the error log from colmena? I'm getting an 'insecure package' error and would like to trace down what's using this old ass version of nodejs | 04:54:20 |
| Linux Hackerman | In reply to @cw:kernelpanic.cafe
How can I get more of the error log from colmena? I'm getting an 'insecure package' error and would like to trace down what's using this old ass version of nodejs Pass -v | 07:49:45 |
| Linux Hackerman | In reply to @buckley310:matrix.org
I’ll have a peek later, but I’m guessing colmena just uses the nix copy tool (which probably doesn’t support sudo). If I’m wrong and it’s a two line patch I’ll totally PR that :o Oh right, yeah, that's possible | 07:50:28 |
| Linux Hackerman | What's actually the point in not sshing in as root and using sudo instead? That's perplexed me for a while... | 07:52:29 |
 CRTified | One point might be that sudo allows somewhat fine-grained restriction on executed commands | 07:53:07 |
| CRTified | And in a sense, it allows for crude 2FA (SSH with pubkey, sudo with pw) | 07:53:48 |
| CRTified | * One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run) | 07:54:10 |
| CRTified | * One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run - adding a shell is nonsense if you want this) | 07:54:20 |
| Linux Hackerman | In reply to @schnecfk:ruhr-uni-bochum.de
One point might be that sudo allows somewhat fine-grained restriction on executed commands (But that requires you to know what you'll run) But if you're running something you just copied over... | 07:54:43 |
| Linux Hackerman | (Which is necessarily the case with a nixos configuration) | 07:55:22 |
| CRTified | True 🤔 | 08:22:37 |
| Linux Hackerman | In reply to @schnecfk:ruhr-uni-bochum.de
And in a sense, it allows for crude 2FA (SSH with pubkey, sudo with pw) Are people doing that? | 08:49:23 |
| CRTified | I don't know, but I've seen that reason a few times (not limited to colmena), always with the advice to make root as inaccessible as possible | 09:11:53 |
| 8 Jun 2022 |
 Wanja Hentze | How do you folks feel about adding a --interactive or --confirm (actual name can be bikeshed) option to colmena that makes it prints the list of target hosts and asks you to confirm before proceeding? | 16:56:51 |
| 9 Jun 2022 |
 Zhaofeng Li | That sounds like a reasonable feature to add | 03:42:09 |
|  Taeer Bar-Yam joined the room. | 13:25:40 |
| Taeer Bar-Yam | I'm hoping someone here can help me out. If not, I'll open an issue on the github. I can't get --keep-result to do anything. I'm running colmena build --keep-result, and it doesn't create any .gcroots directory. I've tried it with and without flakes. | 16:39:06 |
| Zhaofeng Li | In reply to @shine:proqqul.net
I'm hoping someone here can help me out. If not, I'll open an issue on the github. I can't get --keep-result to do anything. I'm running colmena build --keep-result, and it doesn't create any .gcroots directory. I've tried it with and without flakes. The current implementation only creates GC roots as one of the last steps after a successful activation (not build). It should probably be moved to after the build. | 16:56:15 |
| Zhaofeng Li | (done) | 18:33:07 |
| Taeer Bar-Yam | Thank you! <3 I was trying to make that change myself and getting bogged down in where exactly mut should and shouldn't go (not a rust programmer) | 18:46:49 |
| Taeer Bar-Yam | Oh. Hm... I'm still having the same behaviour (nothing being produced with --keep-result) | 18:47:14 |
