| 12 Jul 2021 |
 Alex Zero | I built a mechanism for configuring and deploying Vault keys that is currently in the process of being upstreamed - but the repo provides additional tools to actually deploy the approles to the nodes | 20:09:24 |
 David Arnold (blaggacao) | I've been bulding something with SPIFFE/Spire for workload attestation and full mTLS with rotating certificates every 5 mins. It will be seom work to put all the puzzles in place, though. I think we have some sort of consensus that we need to stabilize devos in the short term, maybe produce a 1.0 and then take on form there. | 20:11:27 |
| David Arnold (blaggacao) | Thank you for your work on the follows issue! I very much appreciate it! | 20:12:20 |
| David Arnold (blaggacao) | * I've been bulding something with SPIFFE/Spire for workload attestation and full mTLS with rotating certificates every 5 mins. It will be some work to put all the puzzles in place, though. I think we have some sort of consensus that we need to stabilize devos in the short term, maybe produce a 1.0 and then take on form there. | 20:12:46 |
| Alex Zero | No problem! It was pretty much a necessity in order to get my flake setup working, lol. | 20:13:04 |
| David Arnold (blaggacao) | This PR was my secret ally 🤣 | 20:14:03 |
| David Arnold (blaggacao) | * This PR was my secret ally for testing your branch 🤣 | 20:14:22 |
| Alex Zero | Hahaha, can definitely see that | 20:15:10 |
| Alex Zero | Right know with kubernetes I'm just working on stabilising the configuration with a single-node cluster (with Calico). Next step after that will be a 6-node with 3 Ceph storage servers, so it's gonna get interesting | 20:17:38 |
| Alex Zero | * Right now with kubernetes I'm just working on stabilising the configuration with a single-node cluster (with Calico). Next step after that will be a 6-node with 3 Ceph storage servers, so it's gonna get interesting | 20:17:47 |
| David Arnold (blaggacao) | In reply to @citadelcore:nixos.dev
Right now with kubernetes I'm just working on stabilising the configuration with a single-node cluster (with Calico). Next step after that will be a 6-node with 3 Ceph storage servers, so it's gonna get interesting Have a look at https://longhorn.io/ | 20:18:18 |
| David Arnold (blaggacao) | In reply to @citadelcore:nixos.dev
Right now with kubernetes I'm just working on stabilising the configuration with a single-node cluster (with Calico). Next step after that will be a 6-node with 3 Ceph storage servers, so it's gonna get interesting * Have a look at https://longhorn.io/ -- I came to the conclusion it's probably the best persistence layer available right now. And I also trust the Rancher guys for their snout for innovation. | 20:19:09 |
| Alex Zero | Huh interesting, I will be sure to check it out! | 20:19:27 |
| David Arnold (blaggacao) | I'm planning to do a k3os based on nix on the basis of not-os if I have time. | 20:19:59 |
| Alex Zero | Never heard of k3os before but looking at it now it certainly seems nice | 20:21:09 |
| David Arnold (blaggacao) | But first, let's make devos /kuiseros stable 🤣🚀 | 20:21:34 |
| Alex Zero | Yeah, lol. Definitely an important task :) | 20:22:05 |
| David Arnold (blaggacao) | Make sure to check out https://github.com/divnix/digga/ & https://github.com/divnix/bud/ which are kind of the new powerhouses behind devos | 20:23:05 |
| Alex Zero | Will do! I'll be honest, when I first started my project it was back in the nixflk days, lol | 20:24:22 |
| Alex Zero | A lot has changed since then | 20:24:33 |
| David Arnold (blaggacao) | I think what happened thereafter was pure telepathy 😄 | 20:24:52 |
| David Arnold (blaggacao) | * I think what happened thereafter was pure telepathy 😄 (we end up with the same follows issue) | 20:25:39 |
| Alex Zero | Yep, lol. I'm kind of a perfectionist and didn't want to use any kind of hacky solution, so naturally I just went, and fixed it | 20:26:17 |
| Alex Zero | I will say the code is very confusing, many sleepless nights were spent on understanding how flake.cc actually worked | 20:26:45 |
 @timdeh:matrix.org | Nix's codebase is a bit intractable 😅 | 21:30:34 |
 @gtrunsec:matrix.org | David Arnold: what do you think about this https://github.com/pogobanane/lambda-pirate? | 21:45:37 |
| @gtrunsec:matrix.org | * David Arnold: what do you think about this https://github.com/pogobanane/lambda-pirate? even https://github.com/Mic92/vmsh is it possible to increase our testing experience? | 21:49:29 |
| David Arnold (blaggacao) | I don't entirely understand the most prominent use case for vmsh (yet). | 22:01:10 |
| David Arnold (blaggacao) | I'd be greateful for some preliminary feedback on:
- https://github.com/divnix/devos/pull/338/commits/fb67fc51cc44ce685f99cbdc40d359cc501d427d
| 22:32:47 |
| David Arnold (blaggacao) | * I'd be greateful for some preliminary feedback on:
- https://github.com/divnix/devos/pull/338/commits/fb67fc51cc44ce685f99cbdc40d359cc501d427d
- https://github.com/divnix/digga/pull/84/commits/e2c862ddbec87fe7c2e675ab06c4d50d8800abe0
before I (hopefully) finish those PRs off tonight.
| 22:33:28 |
