| 4 Apr 2022 |
 cole-h | Interesting, may be worth to investigate replacing it with that | 15:09:12 |
| cole-h | Though we don't need anything special re: tty handling and stdin usage, if we can avoid this issue in the future, may be a decent enough idea | 15:10:06 |
 Rick (Mindavi) | In reply to @cole-h:matrix.org
https://github.com/NixOS/nixpkgs/pull/140391 Only applies to release-21.05? | 16:10:23 |
| Rick (Mindavi) | * Only applied to release-21.05? | 16:10:36 |
| cole-h | Yep. But that shouldn't matter, since Nix itself is pinned to 21.05 at the moment (just, an older revision than that, it appears): https://github.com/NixOS/nix/blob/a4a1de69dcc3c6e0c40a093d67b5f20568a5f31e/flake.nix#L4 | 16:37:18 |
|  cjbayliss (they/them) changed their display name from cjbayliss (they/them) to cjb. | 21:02:38 |
| 5 Apr 2022 |
 niksnut | @cole-h Thanks, I'm updating nixpkgs in Nix (https://github.com/NixOS/nix/pull/6365) | 14:43:37 |
|  Bryan Honof changed their profile picture. | 17:47:06 |
|  h7x4 joined the room. | 20:11:50 |
| 7 Apr 2022 |
| h7x4 | 00:24:23 |
 @grahamc:nixos.org | rfr: https://github.com/NixOS/hydra/pull/1173 | 00:41:20 |
 ajs124 | skimmed the code and it looks minimal, but alright. didn't run the tests or look at it too closely though. we still run the python exporter that scrapes the queue runner status json or however that works. | 11:15:55 |
| @grahamc:nixos.org | we do too, this doesn’t export nearly all those metrics yet | 11:48:27 |
| @grahamc:nixos.org | But I don’t want to do all that work if it doesn’t look like a good approach | 11:48:38 |
| ajs124 | I'm not sure I'm qualified judge that, tbh | 11:53:21 |
| @grahamc:nixos.org | well, I merged & deployed it. We can revert it if we need to :P | 20:31:01 |
| @grahamc:nixos.org | ~unreleased software~ | 20:31:06 |
| 8 Apr 2022 |
|  bitmapper joined the room. | 01:04:03 |
| bitmapper | is there any way to make hydra inaccessible except when you are logged in? | 01:11:52 |
| bitmapper | like, so the projects aren't publicly visible | 05:07:08 |
| ajs124 | I think hidden jobsets work like that? But those are not very convenient.
Why can't you just put it behind basic auth? | 08:45:27 |
 hexa | or on a VPN | 11:47:44 |
|  tilpner joined the room. | 20:15:37 |
| tilpner | In reply to @bitmapper:amber.tel
like, so the projects aren't publicly visible I have private = true in my config, and it seems to return a 403 unless signed in for every page | 20:24:38 |
| tilpner | Hi ma27, which plugin did you write https://github.com/NixOS/hydra/pull/922 for? You mention e.g. the gitea status plugin, which (as you pointed out) requires a git input, and then to set gitea_status_repo to the name of that input. Is there some hidden flake input, or is that still incompatible with the flakes mode? | 20:29:06 |
 cransom | huh. i've had mine behind basic auth. perhaps i'm going to migrate it over to private. | 20:59:17 |
| tilpner | cransom: basic auth is simpler to get right, than expecting every application to implement their own access control. I'm not overly reliant on hydra's private mode, as it's only served on a private network anyway (or supposed to be, thus the precaution) | 21:01:13 |
| cransom | most of the pain of basic auth is that password managers (at least the ones i've got) aren't basic auth friendly. | 21:04:21 |
| cransom | tried it in dev now, seems ok. it's low stakes for me to roll it out anyway. | 21:06:10 |
| tilpner | yeah, that's fair :) | 21:06:32 |
