| 29 Jul 2025 |
 emily | it's just more convenient to have a small thing | 14:32:32 |
 Sandro 🐧 | I don't see where it is used in hooks | 14:33:33 |
| Sandro 🐧 | it is only used in bootstrapping things where using python3 is not really possible | 14:33:46 |
| emily | that is the plan | 14:34:27 |
| emily | https://github.com/NixOS/nixpkgs/pull/417581 | 14:34:35 |
| emily | to do less bash | 14:34:37 |
| Sandro 🐧 | that's mainly cleaning up the horrible null override hacks which we stopped doing in packages some time ago | 14:36:42 |
| emily | looks like IfState needs jsonschema, pyroute2, pyyaml, setproctitle, and pyroute2 has no further deps… I think plausible it'll work with python3Minimal since it is systems programmy and presumably has no use for a TLS library or such | 14:36:43 |
| emily | please, this PR exists because of a conversation I had with DavHau and mweinelt in the staging room about using python3Minimal for stdenv hooks… | 14:37:09 |
| emily | and it says that's the motivation in the description | 14:37:12 |
| emily | I'm not just making up that being the plan :P | 14:37:34 |
| Sandro 🐧 | as long as you don't leak them in nix-shell | 14:37:40 |
| Sandro 🐧 | * as long as you don't leak it in nix-shell | 14:37:46 |
| emily | we had regressions from overfancy Bash optimizations and agreed that slimming down Python to allow its use in hooks would be better | 14:37:52 |
| emily | the hooks can just be Bash stubs that call out to a wrapped Python | 14:38:02 |
| emily | (and that can be abstracted) | 14:38:10 |
| emily | shouldn't be any leak | 14:38:11 |
| emily | I wouldn't want to use python3Minimal for a random stage 2 application but I think "not bloating initrd by 100 MiB" is a fair use case if it works | 14:38:35 |
| Sandro 🐧 | lucky, those deps are pretty minimal and don't do import * | 14:39:04 |
| Sandro 🐧 | yeah, exactly | 14:39:27 |
| emily | (looks like pyroute2 does have Netlink-over-TLS support but uh, I hope IfState isn't using that) | 14:39:40 |
| emily | (it would need an import ssl making conditional I suppose, so not zero effort) | 14:39:53 |
 hexa | when would you use Netlink-over-TLS? | 14:40:13 |
| emily | 0.1.4
netlink: remote netlink access
netlink: SSL/TLS server/client auth support
netlink: tcp and unix transports
| 14:40:24 |
| hexa | that sounds like exposing it cross host or something weird | 14:40:25 |
| emily | I mean I guess it's just a protocol… | 14:40:27 |
| emily | nothing's stopping you | 14:40:30 |
| emily | if you're nuts | 14:40:32 |
| emily | I bet some HPC cluster is doing crimes like that | 14:40:48 |
| Sandro 🐧 | but do you then want to run the normal ifstate also with python3Minimal? You kinda want to do that as otherwise you have bugs that only exist in initrd and then we have a random application in userland running python3Minimal which we don't really want to 😅 | 14:40:52 |
