| 23 Aug 2021 |
 nix-community-bot | [firing] systemd_service_failed: nix-community-build02 failed to (re)start service cachix-watch-store.service.
| 03:24:33 |
| nix-community-bot | [firing] systemd_service_failed: nix-community-build02 failed to (re)start service cachix-watch-store.service.
| 07:29:33 |
 Domen Kožar | Mic92 ^^ do you have logs for this? | 07:30:53 |
 Mic92 | It's the invalid path thing. However I have to check again if we deployed your fixed cachix version. I think we did | 07:38:55 |
| Mic92 | Maybe ping me back later. I don't have time right now to check | 07:41:49 |
| Mic92 | I think the bot should be stopped before doing nix-gc | 07:42:23 |
| nix-community-bot | [resolved] systemd_service_failed: nix-community-build02 failed to (re)start service cachix-watch-store.service.
| 07:44:33 |
| 24 Aug 2021 |
|  Tejas Agarwal set a profile picture. | 16:59:55 |
| Tejas Agarwal left the room. | 17:06:30 |
| 26 Aug 2021 |
| nix-community-bot | [nix-community/infra] ryantm pushed to master: update nixpkgs-update
* when using updateScript, ensure update doesn't already exist - https://github.com/nix-community/infra/commit/3195b9c00b6a1b3b3ff76605b80240d6f5abc007 | 01:41:31 |
 ryantm | deploying to build02 | 01:42:52 |
 Sandro | Are you done yet ryantm ? | 09:32:59 |
| Mic92 | I guess so | 09:36:12 |
| ryantm | Oh yes sorry. | 13:33:46 |
 Jonas Chevalier | Mic92: why don't we switch to using sops-nix for the infra? | 14:21:15 |
| Mic92 | @zimbatm: I guess nothing speaks against it. | 14:21:42 |
| Jonas Chevalier | might as well exercise it | 14:21:57 |
| Mic92 | Does terraform need any secrets? | 14:22:37 |
| Jonas Chevalier | even if that's the case, terraform-sops is also a thing | 14:23:12 |
| Mic92 | Right. I was pretty sure there was something | 14:23:24 |
| Mic92 | Than it's uniform | 14:23:35 |
| Mic92 | In october I plan to add support for age but the current ssh rsa key support will stay as well. Right now we have our gpg keys anyway so this is probably the easiest option to switch to. | 14:25:04 |
| Jonas Chevalier | agreed. | 14:36:00 |
| Jonas Chevalier | maybe one day we can get rid of GPG, that would be nice | 14:36:14 |
| Mic92 | Yeah. I definitly will add this because I want to migrate some servers in university to it as well. | 14:58:05 |
| Mic92 | It also makes sops-nix nicer because you no longer need the ssh private host server key for bootstrapping. | 14:58:33 |
| Mic92 | Age only needs public keys whereas gpg needs public keys signed by the private key. | 14:59:11 |
| Jonas Chevalier | do you thing sops is still worth it if we use age, or should we just use age without the indirection? | 15:16:00 |
| Mic92 | Personally I like the sops editor over having one file per secret | 15:20:52 |
| Jonas Chevalier | ok, you convinced me :D | 15:23:39 |
