| 16 Jun 2025 |
 emily | since arguably enabling a service changing your resolv.conf is a bit action-at-a-distance to begin with | 04:40:35 |
| emily | alternatively, lift useLocalResolver outside of networking.resolvconf, have services.resolved.enable either handle it or assert on it | 04:41:09 |
| 17 Jun 2025 |
|  jopejoe1 (4094@39c3) changed their display name from jopejoe1 (4094@eh22) to jopejoe1 (4094@GPN23). | 12:06:53 |
 Zhaofeng Li | by the way, has anyone tried one of those smart SFP optics? | 15:53:38 |
| Zhaofeng Li | not a new thing (might have even mentioned this in this channel), but never really got to give it a try | 15:53:58 |
| Zhaofeng Li | * | 15:54:20 |
 K900 | Why tho | 15:55:42 |
| K900 | Like in most cases they're absolutely evil | 15:55:51 |
| K900 | And don't actually do anything your router can't do | 15:55:59 |
| K900 | The one exception is PON modems which are just absolutely evil | 15:56:08 |
| Zhaofeng Li | well, they are cool and you can probably do some fancy filtering/rewriting even with a dumb switch | 15:57:03 |
| emily | I just don't know why you'd want mystery Linux running on a tiny little metal thing when you can run Linux on the thing it plugs into instead | 16:01:11 |
|  Autiboy joined the room. | 16:07:47 |
| Zhaofeng Li | so you can add some latency that mysteriously appears every other Saturday at 1am? 😈 apart from that, one actually useful thing I can think of is running tailscale on it to provide resilient OOB access to the switches/server IPMI/etc | 16:10:55 |
| Zhaofeng Li | there are some more ideas: https://blog.benjojo.co.uk/post/smart-sfp-linux-inside | 16:11:08 |
| emily | it's an additional point of failure, right? I don't see how it's necessarily more resilient than what you'd run on the switch | 16:16:20 |
| Zhaofeng Li | well, not everyone has the luxury of having a Linux-capable (or Linux-accessible) switch | 16:19:32 |
| emily | a Linux-capable SFP+ is also its own even rarer luxury, right? :P | 16:20:30 |
| Zhaofeng Li | and the power situation is presumably better than a device plugged in separately? | 16:20:33 |
| Zhaofeng Li | well, rarer yes, but less expensive and disruptive to the existing infrastructure | 16:21:27 |
 raitobezarius | In reply to @emilazy:matrix.org
I just don't know why you'd want mystery Linux running on a tiny little metal thing when you can run Linux on the thing it plugs into instead coughs nefarious purposes | 16:35:17 |
 Charles | i'm reminded of this article i just saw like 10 minutes ago https://hackaday.com/2025/06/16/an-open-source-justification-for-usb-cable-paranoia/ | 17:07:14 |
| raitobezarius | In reply to @charles:computer.surgery
i'm reminded of this article i just saw like 10 minutes ago https://hackaday.com/2025/06/16/an-open-source-justification-for-usb-cable-paranoia/ https://shop.hak5.org/ | 18:02:30 |
| Autiboy | Has anyone used NixOS to provision mikrotik routers? | 18:04:09 |
 zenware | In reply to @zhaofeng:zhaofeng.li
so you can add some latency that mysteriously appears every other Saturday at 1am? 😈 apart from that, one actually useful thing I can think of is running tailscale on it to provide resilient OOB access to the switches/server IPMI/etc At best it provides side-band access, out-of-band requires different communication infrastructure. e.g. Wireline/POTS, Radio, ... Such that if your SFP failed, you would still be able to access that system. While, it is kind of cool, by running inside the SFP you're practically more "in-band" than just a cable itself. | 19:39:01 |
|  plantfan27 joined the room. | 21:38:05 |
| 18 Jun 2025 |
|  @zeromute:matrix.org joined the room. | 00:52:32 |
 hexa | diff --git a/nixos/modules/config/resolvconf.nix b/nixos/modules/config/resolvconf.nix
index f9c9d04b3fbe..79d3b2043148 100644
--- a/nixos/modules/config/resolvconf.nix
+++ b/nixos/modules/config/resolvconf.nix
@@ -158,6 +158,10 @@ in
config = lib.mkMerge [
{
+ warnings = lib.optionals (!cfg.enable && cfg.useLocalResolver) ''
+ The resolvconf module was instructed to configure the local resolver (127.0.0.1, ::1) in /etc/resolv.conf, but resolvconf was disabled.
+ '';
+
environment.etc."resolvconf.conf".text =
if !cfg.enable then
# Force-stop any attempts to use resolvconf
| 06:40:23 |
| hexa | emily: roast me | 06:40:27 |
| hexa | (while I take a nap) | 06:40:32 |
