| 29 Jun 2025 |
 emily | if adding a package with a certain name disabled the firewall I'd probably just shrug :) | 16:56:51 |
| emily | yeah, but then you switch to your own packaging of networkmanager-openconnect-neo-fork and it stops working suddenly and it's spooky at a distance to find out why | 16:57:18 |
 hexa | we could add a withOpenConnect option to more clearly state what we're doing | 16:57:22 |
| emily | which services.networkmanager.openconnect.enable wouldn't cause because you'd know there's integration going on | 16:57:34 |
| hexa | but I'm not a fan of having too many options for stuff like that | 16:57:44 |
| hexa | hence removing the enableStrongSwan option … that among other things puts the plugin into the plugin list | 16:57:57 |
| emily | options are bad when they don't do actual system integration | 16:57:57 |
| emily | but they're good when they actually are integrating things | 16:58:04 |
| emily | imo | 16:58:08 |
| emily | coordinating setting up multiple things that need to work together is why we define options at all | 16:58:30 |
| hexa | so you are opposed to https://github.com/NixOS/nixpkgs/pull/421042/commits/3705a24271108f54e414e629861883d8b2aa7116? | 17:00:45 |
| hexa | 
Download image.png | 17:01:49 |
| hexa | this is probably the crucial part | 17:01:56 |
| hexa | where you think the package being in the list does too much? | 17:02:04 |
| emily | yeah, though to be clear I don't want to hard block this | 17:03:24 |
| emily | but how about pkgs.networkmanager_strongswan.passthru.thingsNetworkManagerNeedsInPathAtRuntime | 17:03:51 |
| emily | which can then be collected in a generic way | 17:03:56 |
| emily | er, nix the .passthru from the access path of course | 17:04:08 |
| hexa | yeah, ideally | 17:04:13 |
| hexa | nmRuntimeDeps | 17:04:20 |
| emily | yes | 17:04:28 |
| emily | I like to use terrible names so everyone else can bikeshed them :) | 17:04:35 |
| hexa | done | 17:04:40 |
| hexa | (the bikeshedding part) | 17:04:49 |
| emily | and I suppose we could have nmSystemDeps or something for openconnect | 17:05:03 |
| emily | though it seems like OpenConnect is just bespokely cursed | 17:05:08 |
| hexa | it's a little bit more complicated, since strongswan requires a dbus package 😄 | 17:05:20 |
| hexa | but the point is clear | 17:05:37 |
| emily | right. well the more bespoke stuff that isn't a common need for these plugins the more I feel like it should just be services.networkmanager.plugins.strongswan or whatever, but also meh | 17:06:16 |
| emily | good to abstract things when there's actually commonality | 17:06:29 |
