| 26 Jun 2022 |
 dantefromhell | phaer: Yeah I've seen your `nixos-zfs-installer` repo before. Looked promising but I havent tested it. I ran into the same issue w/ RAM size & kexec.
I stumbled over https://netboot.xyz and it seems to support NixOS - I guess a custom NixOS image is not too hard. Their PXE images are very small so kexec shouldnt be a problem. But than self-hosting another component increases overall tech-stack complexity.
| 17:59:52 |
| dantefromhell | Your approach to `nix-dabei` seems fairly similar to what I pondered a minimal `netboot` could look like 🤔
What would it take to get the zfs & raspberry features working (not necessarily both at the same time)? Those are hard requirements for a good solution in my environment | 18:02:41 |
 bl1nk | I am currently facing an issue when installing paperless on a host with colmena. I wonder if I am pinning nixpkgs correctly, anybody able to help me out with this? My hive.nix looks like this: https://gist.github.com/bl1nk/e8f4fe66b036a660166d69fac1af30fe
The underlying issue is: https://discourse.nixos.org/t/unable-to-install-paperless-ngx/19962 | 18:11:15 |
| bl1nk | My issue was unrelated to Colmena. Thanks and sorry for the noise. 🙂 | 22:09:17 |
| 27 Jun 2022 |
 phaer | In reply to @dantefromhell:matrix.org
Your approach to `nix-dabei` seems fairly similar to what I pondered a minimal `netboot` could look like 🤔
What would it take to get the zfs & raspberry features working (not necessarily both at the same time)? Those are hard requirements for a good solution in my environment Not much i think, I just havent found time for it yet. ZFS is a minimal requirement for me too, so i'll probably start working on it soon. Don't expect any hiccups, might work on first try. | 09:23:28 |
| phaer | dantefromhell: For the raspberry, i think the right kernel and bootloader should be enough but i don't own any raspberries anymore | 09:24:13 |
| phaer | dantefromhell: Needless to say, I'd be happy to support if you want to give it a shot and implement either ZFS or raspberry support into nix-dabei | 09:24:48 |
| 28 Jun 2022 |
|  ma27 changed their profile picture. | 11:37:46 |
 Taeer Bar-Yam | Is there a way to have colmena stop trying and exit once any one build has failed? | 13:28:08 |
| 29 Jun 2022 |
 lemmalamma | Does Colmena support deploying through a bastion host via SSH tunnel? I'm trying to avoid having to edit ~/.ssh/config
| 05:01:03 |
 Buckley | Colmena can be given an environment variable too as an additional ssh config file. Is that acceptable? | 13:00:38 |
| Buckley | $SSH_CONFIG_FILE | 13:01:27 |
| 30 Jun 2022 |
| lemmalamma | I ended up writing a script to generate a ssh config and Includeing that file from ~/.ssh/config which is ok for now | 08:37:24 |
| 2 Jul 2022 |
|  @kritnich:kritni.ch joined the room. | 13:40:13 |
| @kritnich:kritni.ch | I saw there is a way to make services dependent on certain keys. Is there a way to make services restart/reload once a key has been changed? | 13:50:23 |
| lemmalamma | In reply to @kritnich:kritni.ch
I saw there is a way to make services dependent on certain keys. Is there a way to make services restart/reload once a key has been changed?
For each secret file deployed using deployment.keys, a systemd service with the name of ${name}-key.service is created
So you can do something like:
systemd.services.<name>.partOf = ["secret-key.service"];
| 18:03:44 |
| lemmalamma | In reply to @buckley310:matrix.org
$SSH_CONFIG_FILE This is not documented yet right? I'm happy to open a quick PR to include this info | 18:05:15 |
| Buckley | I seem to recall finding it in some documentation somewhere, but I’m not totally sure | 18:08:02 |
| Buckley | I’ve been in the codebase so can’t say for sure | 18:08:18 |
| lemmalamma | In reply to @buckley310:matrix.org
I seem to recall finding it in some documentation somewhere, but I’m not totally sure OK. I'll check. Thanks | 18:08:43 |
| 4 Jul 2022 |
| @kritnich:kritni.ch | In reply to @huyage:matrix.org
For each secret file deployed using deployment.keys, a systemd service with the name of ${name}-key.service is created
So you can do something like:
systemd.services.<name>.partOf = ["secret-key.service"];
Thanks for the pointer, I'm not sure if that will work because I don't think the service restarts since it only checks for existence and not modification in ${secret}-key.path but I'll test around a little | 10:14:04 |
 CRTified | In reply to @kritnich:kritni.ch
Thanks for the pointer, I'm not sure if that will work because I don't think the service restarts since it only checks for existence and not modification in ${secret}-key.path but I'll test around a little Wasn't the reason for having a service unit instead of a path unit to be explicitly able to monitor for changes? | 11:37:34 |
| CRTified | Oh no, it only monitors for deletion https://github.com/zhaofengli/colmena/blob/main/src/nix/hive/modules.nix#L85-L93 | 11:39:09 |
| lemmalamma | In reply to @kritnich:kritni.ch
Thanks for the pointer, I'm not sure if that will work because I don't think the service restarts since it only checks for existence and not modification in ${secret}-key.path but I'll test around a little Oh you meant edit to the key after it has been deployed. My problem was the service would not restart after colmena apply with a new key. Systemd PartOf is how I solved that. | 16:22:11 |
| 5 Jul 2022 |
|  Reventlov changed their display name from Reventlov to Rémy Grünblatt. | 12:36:39 |
|  @garionion:entr0py.de joined the room. | 16:49:40 |
|  @silvio:booq.org joined the room. | 17:59:33 |
| 9 Jul 2022 |
 David Arnold (blaggacao) | Zhaofeng Li: std, which - as you know & even if one might disagree - doesn't really tolerate non-std flake schemata is gaining traction. A native colmena deployment clade is increasingly a topic among its users. I rebased the eval.nix "simplification", which is indeed pure cosmetics, but might be a stepping stone in agreeing in a semi-public interface to decouple the value added of colmena from it's flake-frameworkish part. | 20:52:32 |
| David Arnold (blaggacao) | * Zhaofeng Li: `std`, which - as you know & even if one might disagree - doesn't really tolerate non-std flake schemata is gaining traction. A native colmena deployment clade is increasingly a topic among its users. I rebased the eval.nix "simplification", which is indeed pure cosmetics, but might be a stepping stone in agreeing in a semi-public interface to decouple the value added of colmena from it's incompatible flake-frameworkish part. | 20:53:02 |
|  devusb joined the room. | 20:55:58 |
