| 10 Apr 2025 |
|  Simon Hauser joined the room. | 08:25:58 |
| 11 Apr 2025 |
 aftix | In reply to @aftix:matrix.org
what's the magic to get LDAP auth to work on hydra? looking at the debug logs, my hydra can bind, correctly find the LDAP user, correctly find the LDAP groups, and then send the correct password to re-bind as the LDAP user (which works with ldapwhoami), but logging into my admin account gives "bad username or password" and my user account gives "no attribute cn for User" (there is a CN attribute according to ldapsearch and my hydra configuration doesn't mention CN anyway, just name) The magic was that I needed to configure the LDAP backend to always grab the attributes listed here https://github.com/NixOS/hydra/blob/d5ad16abc294b654d6a6922e5d371c366b7da71a/t/lib/LDAPContext.pm#L84 | 04:20:09 |
| aftix | In reply to @aftix:matrix.org
what's the magic to get LDAP auth to work on hydra? looking at the debug logs, my hydra can bind, correctly find the LDAP user, correctly find the LDAP groups, and then send the correct password to re-bind as the LDAP user (which works with ldapwhoami), but logging into my admin account gives "bad username or password" and my user account gives "no attribute cn for User" (there is a CN attribute according to ldapsearch and my hydra configuration doesn't mention CN anyway, just name) * The magic was that I needed to configure the LDAP backend to always grab the attributes listed here https://github.com/NixOS/hydra/blob/d5ad16abc294b654d6a6922e5d371c366b7da71a/t/lib/LDAPContext.pm#L84 with <[user/role]_search_options> | 04:21:02 |
 wucke13 | Redacted or Malformed Event | 22:42:17 |
|  @meep_bleep:matrix.org left the room. | 23:53:34 |
| 12 Apr 2025 |
|  @yuri:nekover.se left the room. | 00:04:27 |
 hexa | Redacted or Malformed Event | 01:57:38 |
|  matejc joined the room. | 06:07:44 |
| matejc | Hey, I remember some years ago, I could download output files via download link on my Hydra job page. It seems that that is no longer possible... Or I am unable to reproduce the same output as at that time....? | 06:10:59 |
| matejc | * Hey, I remember some years ago, I could download output files via download link on my Hydra job page. It seems that that is no longer possible... Or I am unable to reproduce the same output as at that time....? Basically, my question is, how to download files from Hydra without having Nix on the target machine | 06:12:01 |
| matejc | * Hey, I remember some years ago, I could download output files via download link on my Hydra job's build summary page. It seems that that is no longer possible... Or I am unable to reproduce the same output as at that time....? Basically, my question is, how to download files from Hydra without having Nix on the target machine | 06:26:33 |
 dramforever | it's package-specific, you need to write a file to $out/nix-support/hydra-build-products to declare the files | 10:27:06 |
| dramforever | unfortunately i do not remember how it works | 10:27:20 |
| matejc | @dramforever Thanks, yes, I figured it out https://github.com/matejc/helper_scripts/blob/5cc4adf26829844700fcedf2ae83b2ad12397b99/nixes/openvpn-custom.nix and the Hydra then showed this: https://hydra.matejc.com/build/76140 | 10:30:46 |
| dramforever | woohoo | 10:31:04 |
| dramforever | congrats | 10:31:08 |
| matejc | Thanks | 10:31:43 |
| 13 Apr 2025 |
|  Katalin 🔪 joined the room. | 00:46:28 |
|  @2xsaiko:tchncs.de left the room. | 00:46:33 |
| 14 Apr 2025 |
| aftix | My hydra isn't uploading to my s3 cache. I have Include /run/secrets/rendered/hydraConfig in /var/lib/hydra/hydra.conf, and the secret file and /var/lib/hydra are readable by the hydra group. the included file sets store_uri to an s3 store which works with nix copy and which has secret-key set to a file which is readable by the hydra group. I have a environment file that is readable by the hydra group which sets AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY . The nix-daemon, hydra-queue-runner, and hydra-evaluator services have been edited to specify the environment file. it seems the hydra queue runner is using the s3 store as a substituter (as i set in nix.conf), but it isn't uploading to it | 02:53:47 |
| 15 Apr 2025 |
| hexa | FYI: | 12:34:40 |
| hexa | copy buffer fail | 12:35:05 |
| hexa | We published a security advisory for hydra earlier today. | 12:35:34 |
| hexa | https://github.com/NixOS/hydra/security/advisories/GHSA-j7w7-965w-vjxw | 12:36:21 |
| hexa | here wego | 12:36:23 |
| hexa | das_j: maybe room ping 🙂 | 12:36:44 |
 Sandro | hydra has releases? | 12:41:19 |
| Sandro | or is that the nix version used? | 12:41:24 |
| Sandro | also 2.6 seems rather low 😅 | 12:42:14 |
| hexa | it does not, we mention the nix-eval-jobs release | 12:42:37 |
