| 6 Sep 2025 |
 raitobezarius (DECT: 7248) | taking down all CI operations | 13:00:43 |
 emily | raitobezarius: posted https://github.com/NixOS/nixpkgs/pull/426260#issuecomment-3262112732 with my belief on what the consensus bottom line is:
In other words, I’d expect our minimum expectations to be “the default version on any given supported Nixpkgs releases is supported for security and critical bug fixes when used in the context of that Nixpkgs releases”.
| 13:09:03 |
 aloisw | Is the systemd bug taking them down or did you take them down because they won't work anyway with the systemd bug? | 13:15:28 |
| raitobezarius (DECT: 7248) | https://github.com/systemd/systemd/issues/37843 | 13:15:47 |
| raitobezarius (DECT: 7248) | the bug is everytime systemctl reload systemd-resolved happens | 13:15:57 |
| raitobezarius (DECT: 7248) | all DNS resolution go down | 13:16:00 |
| raitobezarius (DECT: 7248) | because we have only a stub listener extra entry for IPv6 | 13:16:12 |
| raitobezarius (DECT: 7248) | and not any stub listener entry for IPv4 | 13:16:17 |
| raitobezarius (DECT: 7248) | (due to the pasta bug) | 13:16:19 |
| raitobezarius (DECT: 7248) | so everytime they gets redeployed for any reason, e.g. updates or anything, DNS resolution goes down | 13:16:42 |
| aloisw | Oh god systemd-resolved. I have removed that on all my systems due to being pretty garbage. (In my experience it would consistently SERVFAIL after a few hours though, instead of just stopping listening entirely.) | 13:17:06 |
| raitobezarius (DECT: 7248) | hah, i wish there would be a good well integrated replacement to it | 13:17:35 |
| raitobezarius (DECT: 7248) | (i don't feel like dnsmasq or kresd is that) | 13:17:48 |
 K900 | kresd is almost good tbh | 13:18:41 |
| K900 | Just impossible to debug | 13:18:45 |
| K900 | Supposedly fixed in v6 but I'm not going to find out | 13:18:55 |
| K900 | Possibly ever | 13:18:59 |
| aloisw | Well integrated in what sense? | 13:19:10 |
| raitobezarius (DECT: 7248) | in the sense of supporting multiple interfaces | 13:19:26 |
| aloisw | What do you mean by "supporting multiple interfaces"? | 13:20:13 |
| raitobezarius (DECT: 7248) | DNS server per link | 13:20:24 |
| aloisw | Also weird timeouts when the machine is offline. | 13:20:36 |
| aloisw | I'm not sure I understand what you would like to do there? | 13:22:59 |
| raitobezarius (DECT: 7248) | systemd-resolved supports answering to DNS queries which are meant for a specific link with a DNS server specific to that link | 13:23:25 |
| raitobezarius (DECT: 7248) | useful when you have a VPN with its own DNS server for internal zones | 13:23:37 |
| aloisw | So basically multiplexing between different upstreams, with both the zone and the upstream server assigned to the link in some way? | 13:29:06 |
| raitobezarius (DECT: 7248) | yep | 13:29:12 |
| aloisw | Yeah I'd not really expect unbound or knot-resolver to support that in a nice way indeed. Their expected use case seems more to let them do recursion themselves. | 13:31:00 |
| aloisw | I guess if the links are static, you could configure the forwarding manually. But it's going to be annoying if they can come and go dynamically. | 13:39:46 |
| 7 Sep 2025 |
| emily | raitobezarius: do you have an estimate for how soon you plan to amend the drop PR in Nixpkgs? | 02:35:38 |
