| 29 Jun 2025 |
 hexa | depending on systemd is not adding anything 😄 | 16:48:18 |
 emily | like, look at that _firewall_backend_detect patch | 16:48:26 |
| emily | totally not worth it | 16:48:29 |
| hexa | nm uses its internal dhcp client by default | 16:49:34 |
| hexa | so dhcpcd can be made optional | 16:49:43 |
| emily | hmm | 16:50:13 |
| emily | fair enough | 16:50:15 |
| emily | that one does not need special patching | 16:50:42 |
| hexa | but in general more stuff should be looked up from the path | 16:50:45 |
| emily | it seems like most of it comes for free just by patching their main function | 16:50:47 |
| hexa | * but in general more stuff should be looked up from the path at runtime | 16:50:52 |
| emily | but the firewall stuff, no | 16:50:56 |
| hexa | like … when firewalling is enabled you have the ipt or nft executables in the path already | 16:51:43 |
| hexa | so just pick those | 16:51:45 |
| emily | I agree that late-binding is not the devil fwiw | 16:52:36 |
| emily | but that's an argument to have with upstream re: NFT_PATH | 16:53:00 |
| emily | and in the meantime it doesn't matter | 16:53:10 |
| emily | (but I think we agree on this) | 16:53:12 |
| hexa |
nmcli or nmtui tools pull in the NetworkManager library and use those functions to search for binaries. If you then, for example, add an openconnect VPN and try to connect, they will search for the openconnect binary in their PATH as well.
| 16:54:03 |
| hexa | I added openconnect as a system package because of that remark | 16:54:16 |
| emily | tbh, the OpenConnect thing probably should actually be a separate option at that point | 16:54:54 |
| emily | since it is doing more system integration than… adding an item to a list | 16:55:11 |
| hexa | nah, nm is just instrumenting the vpn binary | 16:55:39 |
| hexa | I think that's fine | 16:55:46 |
| emily | well I mean vs. pname conditionals | 16:55:55 |
| hexa | install the plugin and you get the executable for free | 16:55:56 |
| emily | "system package gets added based on pname of something in the plugins option of another package's module" is not within expected behaviour for me | 16:56:28 |
| emily | well | 16:56:30 |
| hexa | yeah, this is a minimal approach to make it work | 16:56:32 |
| emily | ok I expect NixOS modules to do arbitrarily horrible things | 16:56:35 |
