18 Oct 2021 |
David Arnold (blaggacao) | (that is: leaves) | 23:54:01 |
David Arnold (blaggacao) | The module system, in comparison is not monotonistic. You can probably find harmless-looking ways to destroy the data spine. But also there is no clear direction of how a configuration evolves: it's just a single global state, no "checkpointing" on the way. Global values can conflict virtually everywhere on a flat horizon. | 23:56:40 |
David Arnold (blaggacao) | It's very much like cue 🤕😎😆 | 23:57:17 |
David Arnold (blaggacao) | To be able to have obviously hinted checkpoints for complex configuration is a very good strategy to reduce complexity of those nasy.global states. | 23:58:48 |
David Arnold (blaggacao) | * To be able to have obviously hinted checkpoints for complex configuration is a very good strategy to reduce complexity of those nasty wide-spanning states. | 23:59:03 |
David Arnold (blaggacao) | * To be able to have obviously hinted checkpoints for complex configuration on the other hand is a very good strategy to reduce complexity of those nasty wide-spanning states. | 23:59:25 |
19 Oct 2021 |
@timdeh:matrix.org | I wonder if we could do like a POC of a subset of nixpkgs with it 🤔 | 03:12:10 |
@timdeh:matrix.org | or maybe hm? | 03:12:19 |
David Arnold (blaggacao) | I haven't thought about it. Currently the entire thing is only meant / designed for data. But for example, if there is a jsonSchema for systemd jobs (like nomad / k8s), we could indeed generate the respective data structures directly. | 12:43:28 |
David Arnold (blaggacao) | But I guess the point of the nixos module system is to have a unified config abstraction layer, although that premise is gladfully partially reverted by RFC42, letting upstream config handles shine through a bit. | 12:44:59 |
David Arnold (blaggacao) | I think RFC42 is a good piece in the corpus of community knowledge to really understand the reach and boundaries of the module system. | 12:45:51 |
David Arnold (blaggacao) | Undoubtedly, there is a crossing point where the marginal benefit of a unified abstraction falls below the marginal benefit of immediate upstream config data structures. | 12:47:03 |
David Arnold (blaggacao) | * Undoubtedly, there is a crossing point where the marginal benefit of a unified abstraction falls below the marginal benefit of expressivity of immediate upstream config data structures. | 12:47:58 |
tomberek | got some examples? | 14:38:56 |
David Arnold (blaggacao) | ...
staging = let
lhs = import ./base/default.nix {
namespace = "staging";
selfRev = stableSelfRev;
domain = domain;
};
in data-merge.merge (enablePromtail lhs) {
backend.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA1.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA2.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA3.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
rabbitHA1.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
};
# External need a tcp route to the amqp
rabbitHA1.Job.TaskGroups = data-merge.update [ 0 ] [{
Services = data-merge.update [ 0 ] [{
Tags = data-merge.append [
"traefik.tcp.routers.erc20-testnet-stable-rabbit.rule=HostSNI(`*`)"
"traefik.tcp.routers.erc20-testnet-stable-rabbit.entrypoints=amqp"
];
}];
}];
| 14:48:58 |
David Arnold (blaggacao) | * ...
staging = let
lhs = import ./base/default.nix {
namespace = "staging";
selfRev = stableSelfRev;
domain = domain;
};
in data-merge.merge (enablePromtail lhs) {
backend.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA1.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA2.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
databaseHA3.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
rabbitHA1.Job.Constraints =
data-merge.append [ (constrainToAwsInstance "i-061eb00a6") ];
};
# External need a tcp route to the amqp
rabbitHA1.Job.TaskGroups = data-merge.update [ 0 ] [{
Services = data-merge.update [ 0 ] [{
Tags = data-merge.append [
"traefik.tcp.routers.erc20-testnet-stable-rabbit.rule=HostSNI(`*`)"
"traefik.tcp.routers.erc20-testnet-stable-rabbit.entrypoints=amqp"
];
}];
}];
...
| 14:49:08 |
David Arnold (blaggacao) | (nomad jobs but should look pretty analog for k8s manifests) | 14:49:43 |
David Arnold (blaggacao) | Ah you mean for the crossing point of marginal benefits? | 14:50:21 |
David Arnold (blaggacao) | It's an individual judgment but I'd say a distructive cross repo mkForce /mkOverride is relatively nasty. | 14:51:21 |
ultranix | finally trying out deploy-rs today | 16:09:38 |
ultranix | been using nixus for almost a year | 16:09:53 |
mars | I'm waiting for Nix to stop churning so I can try out the template. I noticed a few things:
-
The instructions on the devos website for getting started don't work because the example nix-shell invocation refers to the master branch, but devos has no master branch and its default branch is main
-
Even though I added nrdxp's cachix instance, I had to build Nix, deploy-rs, and nvfetcher from source, which is taking a long time (mostly just for Nix itself, I think)
| 16:16:36 |
@kraftnix:matrix.org | the need to build nix, deploy-rs and nvfetcher is definitely and issue that we should resolve if possible
its one of the reasons i dont build devos on my laptop anymore | 16:19:52 |
mars | yeah this is building on a Dell ultrabook, so the aluminum case is turning orange and the world's smallest fans are trying to put on an experimental harsh noise concert | 16:21:15 |
mars | lively and avant-garde, but not the smoothest OOTB experience ;) | 16:22:25 |
mars | why does devos include a custom build of Nix itself? | 16:22:43 |
ultranix | In reply to @kraftnix:matrix.org the need to build nix, deploy-rs and nvfetcher is definitely and issue that we should resolve if possible
its one of the reasons i dont build devos on my laptop anymore why do you need to build them? | 16:33:34 |
@kraftnix:matrix.org | good question, i haven't looked into _why_ i need to build them, but every so often i do need to do a full build of nix, dprs, and nvfetcher. | 16:36:27 |
mars | is the secrets mgmt stuff for devos just whatever is built into deploy-rs, or is it your own thing? | 16:39:53 |
@kraftnix:matrix.org | agenix is used for secretd management. | 16:40:42 |