| 22 Sep 2024 |
 cafkafk | Like, does ofborg just use a list of remote builders, or do the hosts actually need to be dedicated | 09:45:21 |
| cafkafk | * Like, does ofborg just use a list of e.g. remote builders, or do the hosts actually need to be dedicated solely to ofborg | 09:45:37 |
 7c6f434c | It still doesn't use cachix uploads, right? | 09:47:27 |
| 7c6f434c | If so, it's basically add a bunch of identifiers into the config, build a package, run the binary in it with that config | 09:48:18 |
| 7c6f434c | During a build it might consume all the CPU you let it (not sure how you limit that on macOS) | 09:49:00 |
| 7c6f434c | But like any heavy Nix build | 09:49:11 |
| 7c6f434c | The system is pretty OK with intermittent availability | 09:49:54 |
| cafkafk | Also there is the issue of limited sandboxing on darwin I guess | 09:50:20 |
| 7c6f434c | Back in the day, the move to internally controlled builders was partially motivated by the complexity of tracking ofBorg versions across the fleet | 09:50:57 |
| 7c6f434c | If the things are more stable today, this issue might no longer be relevant | 09:51:14 |
| 7c6f434c | Darwin sandboxing is an issue, probably | 09:51:26 |
| cafkafk | Is there a place to see what hosts are in the fleet (are all the darwin builders still just in grahamc's basement >_>) | 09:51:58 |
 Find me at aleksana:qaq.li | I was thinking of only activating ofBorg during owner's sleep time and maybe dual boot two macOS to avoid pollution | 09:52:43 |
| 7c6f434c | Two macOS with different disk encryption passphrases sound like enough isolation (if it is easy on macOS side) | 09:53:31 |
| Find me at aleksana:qaq.li | Although they still have to face the risk of data loss to some degree | 09:53:40 |
| 7c6f434c | The polution will be kind of only in the store … unless the sandbox leaks something | 09:53:51 |
| cafkafk | ## Mac Minis
owner: the NixOS Foundation
access: Dan, Eelco, Rob, Graham
role: build machines
Running at the Utrechs Infor office on a shelf somewhere
## Mac Stadium
owner: MacStadium and rented to daniel peebles or the foundation?
role: build machines
Eelco had a root password
wonder if this is up to date still
| 09:54:36 |
| Find me at aleksana:qaq.li | Oh and another problem is the owner may be subject to action by the operator if the operator considers the traffic to be abnormal or illegal content has been accessed | 09:54:55 |
