| 8 Aug 2025 |
 emily | so we don't need a separate .network for it | 17:14:16 |
| emily | ah I guess the kernel preference is per-interface | 17:15:41 |
| emily | systemd.network.config.networkConfig.IPv6PrivacyExtensions = lib.mkDefault true; should do it, though | 17:15:50 |
| emily | btw (sorry for doing this on Matrix rather than leaving reviews, I haven't had the time to do a proper substantive review) is there a reason you got bash out of the iptables closure rather than just disabling iptables? it's pretty legacy itself at this point, and systemd is dropping support for it in 259 | 17:17:02 |
| emily | * The legacy iptables support through libiptc will be removed in v259.
Only nftables backend will be supported by systemd-networkd and
systemd-nspawn since v259.
| 17:17:10 |
 ElvishJerricco | I'm pretty sure this doesn't actually work. Have you checked that the expected things actually get set with interfaces that are actually configured with networkd? With networkd, an interface only ever applies a single .network file, and drop-ins for that file; the first one whose Match section matches it. So if I've got a 40-eth0.network, this 99-default-ipv6-privacy-extensions.network won't apply to my eth0 it at all. | 19:29:40 |
| ElvishJerricco | emily's idea of just adding a default value for that directive in the networkConfig option would fix that. | 19:30:48 |
| emily | (we should have a test for this if we don't) | 19:31:13 |
 nikstur | Until we have 259, I don't see a way to get it out of the systemd closure. That's why I removed bash from it. I think that's fine for now. | 19:46:41 |
| nikstur | Sounds good, I'll apply that | 19:46:52 |
| emily | huh I thought it was optional already | 19:46:58 |
| emily | but I guess not? | 19:47:00 |
| ElvishJerricco | if they're removing support for it altogether in 259, it would be very unusual for them to not already have it being optional for quite a while | 19:48:12 |
| nikstur | Fair enough I'll look into it | 19:51:24 |
| ElvishJerricco | maybe check their NEWS file for any mentions of iptables and how to get rid of it | 19:52:10 |
| nikstur | ElvishJerricco: emily thanks for the pointers" | 19:54:43 |
| nikstur | * ElvishJerricco: emily thanks for the pointers! | 19:54:47 |
 Marcel | IfState V2 just got officaly released:
https://github.com/NixOS/nixpkgs/pull/431047
Changelog: https://codeberg.org/liske/ifstate/releases/tag/2.0.0
And it also got a new website theme: https://ifstate.net
| 21:30:59 |
| Marcel | * IfState V2 just got officialy released:
https://github.com/NixOS/nixpkgs/pull/431047
Changelog: https://codeberg.org/liske/ifstate/releases/tag/2.0.0
And it also got a new website theme: https://ifstate.net
| 21:32:19 |
