| 4 Oct 2025 |
 flokli | So no more custom hacks needed for fixed regulator stuff to get it not to oops? | 06:31:47 |
 K900 | The regulator stuff is not a hack | 06:31:54 |
| K900 | I've verified with the schematics | 06:32:07 |
| flokli | Ok, but then the device tree is incomplete? | 06:32:44 |
| K900 | Well, one line of it, yes | 06:33:03 |
| K900 | I'm not counting all the tiny fixes all over | 06:33:32 |
| K900 | The only big missing bit that will be hard to get merged is the Ethernet | 06:33:43 |
| K900 | Because the netdev people can't agree on shit | 06:35:22 |
| flokli | Ack | 06:47:11 |
 elisaado | hm yeah fair enough | 07:21:43 |
 ElvishJerricco | (I have more patches because I use mine just as a switch, and mainline doesn't have hardware fastpath support for bridges yet) | 07:28:48 |
| ElvishJerricco | (i.e. if you bridge the two 10Gbps ports you'll only get like ~3.5Gbps through them) | 07:29:34 |
 aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) | In reply to @elvishjerricco:matrix.org
(I have more patches because I use mine just as a switch, and mainline doesn't have hardware fastpath support for bridges yet) Thanks, I'll ask you after I buy it | 07:29:46 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) changed their profile picture. | 08:41:07 |
| aleksana 🏳️⚧️ (force me to bed after 18:00 UTC) changed their profile picture. | 08:41:29 |
| 5 Oct 2025 |
|  @rouven:rfive.de left the room. | 19:27:33 |
| 6 Oct 2025 |
|  Frédéric Christ changed their display name from Frédéric Christ (🚄 15.09. - 29.09.) to Frédéric Christ. | 09:24:51 |
| 7 Oct 2025 |
 x10an14 | How can I add an interface to networking.firewall.interfaces? My Nebula VPN interface does not show up there =S | 13:27:45 |
| x10an14 | This might be an XY questien, becaulse I'm trying to debug why my Nebula VPN doesn't seem to work once a connection relies on a port (pings to/from lighthouse work, but nothing else, nor pings between non-lighthouses) | 13:29:10 |
 jappie | is `networking.firewall.trustedInterfaces` what you're looking for? | 13:35:25 |
| x10an14 | It is not set by the module authors/maintainers (https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/services/networking/nebula.nix#L317), so I doubt it, but I'll give it a try! | 13:37:24 |
| x10an14 | This change allows dig dns queries to a (non-lighthouse) node to work again, but so far seems only from lighthouse itself (where ping worked already in both directions) | 13:41:34 |
| x10an14 | Lemme double-check whether or not trustedInterfaces made the difference | 13:41:53 |
| x10an14 | Yup, adding the Nebula Interface's name to networking.firewall.trustedInterfaces made it so that the dig command now works from the lighthouse to the non-lighthouse node | 13:45:11 |
| 8 Oct 2025 |
| x10an14 | Is this maybe a better channel?
Should `nixos-rebuild switch && { nmcli dev show | grep DNS; }` not show the added `networking.networkmanager.insertNameserver` given in this git commit?
```diff
diff --git a/nixos/x10an14_at_lighthouse/config.nix b/nixos/x10an14_at_lighthouse/config.nix
index f19300c..3f87bc8 100644
--- a/nixos/x10an14_at_lighthouse/config.nix
+++ b/nixos/x10an14_at_lighthouse/config.nix
@@ -1,17 +1,32 @@
-toplevel: {
+{ lib, ... }@toplevel:
+{
_file = ./config.nix;
- flake.modules.nixos.lighthouse = {
- imports = [
- (toplevel.config.flake.modules.nixos.non-work or { })
- toplevel.inputs.nixos-facter.nixosModules.facter
+ flake.modules.nixos.lighthouse =
+ nixos:
+ let
+ nebulaCfg = nixos.config.services.nebula.networks.x10an14;
+ in
+ {
+ imports = [
+ (toplevel.config.flake.modules.nixos.non-work or { })
+ toplevel.inputs.nixos-facter.nixosModules.facter
+ ];
+ }
+ // lib.mkMerge [
+ {
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+ facter.reportPath = ./facter.json;
+ system.stateVersion = "25.11";
+ system.autoUpgrade.enable = true;
+ }
+ (lib.mkIf nebulaCfg.enable {
+ networking.networkmanager = {
+ enable = true;
+ insertNameservers = [ "192.168.117.8" ];
+ };
+ })
];
- boot.loader.grub = {
- efiSupport = true;
- efiInstallAsRemovable = true;
- };
- networking.useDHCP = true;
- facter.reportPath = ./facter.json;
- system.stateVersion = "25.11";
- system.autoUpgrade.enable = true;
- };
}
``` | 07:48:50 |
| x10an14 | * Is this maybe a better channel?
Should `nixos-rebuild switch && { nmcli dev show | grep DNS; }` not show the added `networking.networkmanager.insertNameserver` given in this git commit?
```diff
diff --git a/nixos/x10an14_at_lighthouse/config.nix b/nixos/x10an14_at_lighthouse/config.nix
index f19300c..3f87bc8 100644
--- a/nixos/x10an14_at_lighthouse/config.nix
+++ b/nixos/x10an14_at_lighthouse/config.nix
@@ -1,17 +1,32 @@
-toplevel: {
+{ lib, ... }@toplevel:
+{
_file = ./config.nix;
- flake.modules.nixos.lighthouse = {
- imports = [
- (toplevel.config.flake.modules.nixos.non-work or { })
- toplevel.inputs.nixos-facter.nixosModules.facter
+ flake.modules.nixos.lighthouse =
+ nixos:
+ let
+ nebulaCfg = nixos.config.services.nebula.networks.x10an14;
+ in
+ {
+ imports = [
+ (toplevel.config.flake.modules.nixos.non-work or { })
+ toplevel.inputs.nixos-facter.nixosModules.facter
+ ];
+ }
+ // lib.mkMerge [
+ {
+ boot.loader.grub = {
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+ facter.reportPath = ./facter.json;
+ system.stateVersion = "25.11";
+ system.autoUpgrade.enable = true;
+ }
+ (lib.mkIf nebulaCfg.enable {
+ networking.networkmanager = {
+ enable = true;
+ insertNameservers = [ "192.168.117.8" ];
+ };
+ })
];
- boot.loader.grub = {
- efiSupport = true;
- efiInstallAsRemovable = true;
- };
- networking.useDHCP = true;
- facter.reportPath = ./facter.json;
- system.stateVersion = "25.11";
- system.autoUpgrade.enable = true;
- };
}
``` | 07:49:21 |
| K900 | No | 07:49:46 |
| K900 | It's a horrible hack and you should not use it | 07:49:50 |
| K900 | Just use resolved | 07:49:58 |
| ElvishJerricco | x10an14: { imports = ...; } // lib.mkMerge [ ... ] seems busted | 07:55:46 |
