| 15 Oct 2021 |
 @timdeh:matrix.org | But it's difficult enough at least that nobody has yet to bother trying | 20:51:20 |
 David Arnold (blaggacao) | Afaik oci-compliance is a tar that specifies a runnable entrypoint. | 20:51:39 |
| David Arnold (blaggacao) | (through a json manifest) | 20:51:55 |
| @timdeh:matrix.org | Yeah, I don't think the compliance part is the difficult part, its the "actually get systemd working" part that will be rough seas | 20:52:20 |
| David Arnold (blaggacao) | Why? If it's PID1? | 20:52:52 |
| @timdeh:matrix.org | unless we just go for inception and put an nspawn container inside an OCI container 😛 | 20:52:57 |
| @timdeh:matrix.org | Give it a try and you tell me | 20:53:07 |
| @timdeh:matrix.org | I mean, if nobody else does, I intend to try it someday as well | 20:53:33 |
| David Arnold (blaggacao) | Seems to work with appropriate privilidges. | 20:53:45 |
| David Arnold (blaggacao) | And redhat ses to have a wrapper that make it work without privilidges. | 20:54:10 |
| @timdeh:matrix.org | did you find some example already? | 20:54:33 |
| David Arnold (blaggacao) | Redacted or Malformed Event | 20:54:44 |
| David Arnold (blaggacao) | https://github.com/projectatomic/oci-systemd-hook | 20:54:46 |
| @timdeh:matrix.org | oh wow, I don't know how I didn't find that when I looked 😅 | 20:55:19 |
| David Arnold (blaggacao) | So it seems actually pretty feasible in practice. Which really presses the question why the nixos ecosystem seems incapable of embracing it. | 20:55:43 |
| @timdeh:matrix.org | It is at risk of being horribly outdated though it seems | 20:55:46 |
| David Arnold (blaggacao) | I think the only real answer is: bias | 20:55:54 |
| @timdeh:matrix.org | Maybe, or maybe this project was abandoned 3 years ago for a reason? 😅 | 20:56:15 |
| David Arnold (blaggacao) | In reply to @timdeh:matrix.org
It is at risk of being horribly outdated though it seems I assume because a better solution exists, already. | 20:56:21 |
| @timdeh:matrix.org | I hope you are right | 20:56:31 |
| @timdeh:matrix.org | 🤞 | 20:56:35 |
| David Arnold (blaggacao) | In reply to @timdeh:matrix.org
Maybe, or maybe this project was abandoned 3 years ago for a reason? 😅 I think it was attempted for a reason. :sm | 20:57:21 |
| David Arnold (blaggacao) | In reply to @timdeh:matrix.org
Maybe, or maybe this project was abandoned 3 years ago for a reason? 😅 * I think it was attempted for a reason. :smile: | 20:57:27 |
| @timdeh:matrix.org | Oh yeah definitely | 20:57:43 |
| @timdeh:matrix.org | I would love it if NixOS containers were OCI compliant, for obvious, work reasons 😛
And I'm sure I'm not the only one. | 20:58:11 |
| David Arnold (blaggacao) | Doesn't seem too outdated: https://github.com/projectatomic/oci-systemd-hook/releases/tag/v0.2.0 | 21:00:16 |
| @timdeh:matrix.org | There have been 6 or 7 systemd releases since then though, and given how little they seem to care for backwards compat at times, that may be an issue | 21:02:52 |
| David Arnold (blaggacao) | What's the benefit of using nixos containers then, at all? | 21:03:27 |
| @timdeh:matrix.org | isolation I guess? | 21:03:42 |
| @timdeh:matrix.org | false sense of security maybe 😛 | 21:03:51 |
