| 22 Sep 2024 |
 7c6f434c | If so, it's basically add a bunch of identifiers into the config, build a package, run the binary in it with that config | 09:48:18 |
| 7c6f434c | During a build it might consume all the CPU you let it (not sure how you limit that on macOS) | 09:49:00 |
| 7c6f434c | But like any heavy Nix build | 09:49:11 |
| 7c6f434c | The system is pretty OK with intermittent availability | 09:49:54 |
 cafkafk | Also there is the issue of limited sandboxing on darwin I guess | 09:50:20 |
| 7c6f434c | Back in the day, the move to internally controlled builders was partially motivated by the complexity of tracking ofBorg versions across the fleet | 09:50:57 |
| 7c6f434c | If the things are more stable today, this issue might no longer be relevant | 09:51:14 |
| 7c6f434c | Darwin sandboxing is an issue, probably | 09:51:26 |
| cafkafk | Is there a place to see what hosts are in the fleet (are all the darwin builders still just in grahamc's basement >_>) | 09:51:58 |
 aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | I was thinking of only activating ofBorg during owner's sleep time and maybe dual boot two macOS to avoid pollution | 09:52:43 |
| 7c6f434c | Two macOS with different disk encryption passphrases sound like enough isolation (if it is easy on macOS side) | 09:53:31 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | Although they still have to face the risk of data loss to some degree | 09:53:40 |
| 7c6f434c | The polution will be kind of only in the store … unless the sandbox leaks something | 09:53:51 |
| cafkafk | ## Mac Minis
owner: the NixOS Foundation
access: Dan, Eelco, Rob, Graham
role: build machines
Running at the Utrechs Infor office on a shelf somewhere
## Mac Stadium
owner: MacStadium and rented to daniel peebles or the foundation?
role: build machines
Eelco had a root password
wonder if this is up to date still
| 09:54:36 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | Oh and another problem is the owner may be subject to action by the operator if the operator considers the traffic to be abnormal or illegal content has been accessed | 09:54:55 |
| 7c6f434c | Well, you need to publically burn zero days for data loss, but yeah | 09:55:07 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | There are also minor issues such as hard drive depreciation | 09:55:43 |
| 7c6f434c | I guess you could put the store on an old 1TB external HDD you no longer trust with durable storage of data? | 09:56:21 |
| 7c6f434c | (presumably the people donating compute are the people who can afford some wear and tear and electricity, and who have a hardware rotation process with different reliability expectation) | 09:57:29 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | Is it possible to ask e.g. Amazon for a free rental? | 09:58:50 |
| 7c6f434c | I am pretty sure that with the current queue length (and the retries in the current code) a frequently crashing/rebooting intermittently available ofBorg builder for Darwin will be better than not having it as long as it is not actively maliciously lying about the logs/outcomes | 09:58:57 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | * Is it possible to ask e.g. Amazon Cloud for a free rental? | 09:59:00 |
| 7c6f434c | I am pretty sure that currently all the Amazon goodwill is used for discounts on the binary cache (both Linux and Darwin) | 09:59:54 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | In reply to @7c6f434c:nitro.chat
I am pretty sure that currently all the Amazon goodwill is used for discounts on the binary cache (both Linux and Darwin) We'll not require that soonish btw | 10:00:20 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | And it's pretty expensive even with the discount lmao | 10:00:55 |
| 7c6f434c | I do hope so (and I know about the work being done) hence currently not for the foreseeable future | 10:01:08 |
| 7c6f434c | Yeah | 10:01:13 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | What about testing build on github workflows? It can be run in a repo set in someone’s GitHub account who don’t use workflow, not sure about ToS | 10:03:18 |
| 7c6f434c | Aren't free macOS workflows for open-source projects either very limited or absent? | 10:04:48 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | (Did we already discuss that | 10:04:56 |
