gomp

joined 1 year ago
sorted by: new top controversial old
30
Selfhosters, how do you run your services? (lemmy.ml)
 

I experimented with several ways to run my services:

  1. "regular" systemd services (services.glance = { ... };)
  2. nix containers (containers.glance = { ... };)
  3. podman containers (virtualisation.oci-containers.containers.glance = { ... })

and I must say I'm starting to appreciate the last option (the least nixos-y) more and more.

Specifically, I appreciate that:

  • I just have to learn the app/container configuration, instead of also backwards-translating from their config into the various nixos options (of course the .yaml or whatever configuration files are still generated from my nixos config, I just do that in a derivation instead on relying on a module doing it for me)
  • Services are sometimes outdated in nixpks (even in unstable - and juggling packages between stable and unstable is yet another complication)
  • I feel like it's more secure (very arguable and also of very little consequence since everything is on my homelab... it's mainly for the warm fuzzies)

Do you guys use one of the options above? Something different?

[resolved] Network access while building a derivation? in c/nix@programming.dev
[–] gomp@lemmy.ml 1 points 6 days ago (3 children)

Given that it downloads random shit from the internet

You seem to trust the javascript ecosystem just as much as I do :)

Jokes aside, the repo has a lock file so it should actually be fine (time will tell)

[resolved] Network access while building a derivation? in c/nix@programming.dev
[–] gomp@lemmy.ml 1 points 6 days ago (5 children)

Found the solution (I think): basically it should just work as expected if you just add outputHashAlgo, outputHashMode and outputHash to your derivation.

documentation
article

Best "just works" mesh router for open wrt? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 21 points 1 week ago* (last edited 1 week ago) (10 children)

"mesh" is a buzzword that doesn't make much sense (to me at least) if we are talking about wired and routers... what do you mean by it? can you describe your setup?

edit:

Let me clarify :)

Unless I'm mistaken, mesh means that one a bunch of devices, usually wireless access points, connected with each other (in a mesh) with possibly low-quality connections that automatically switch traffic for each other.

If you have ethernet running from the router to the APs, you always want to use that and so you don't want a mesh at all.

5
[resolved] Network access while building a derivation? (lemmy.ml)
submitted 1 week ago* (last edited 6 days ago) by gomp@lemmy.ml to c/nix@programming.dev
7 comments fedilink
 

edit: for the solution, see my comment below

I'm trying to package a go application (beszel) that bundles a bunch of html stuff built with bun (think, npm).

The html is generated by running bun install and bun run and then embedded in the go binary with //go:embed.

Being completely ignorant of the javascript ecosystem, my first idea was to just replicate what they do in the Makefile

postConfigure = ''
bun install --cwd ./site
bun run     --cwd ./site build
''

but, since bun install downloads dependencies from the net, that fails.

I guess the "clean" solution would be to look for buildNpmPackage or similar (assuming that exists) and let nix manage all the dependencies, but... it's some 800+ dependencies (at least, bun install ... --dry-run lists 800+ things) so that's a hard pass.

I then tried to look at how buildGoPackage handles the vendoring of dependencies, with the idea of replicating that (it dowloads what's needed and then compare a hash of what was downloaded with a hash provided in the nix package definition), but... I can't for the life of me decipher how nixpkgs' pkgs/build-support/go/module.nix works.

Do you know how to implement this kind of vendoring in a nix derivation?

Virtualization: How do I share a cloud drive mounted inside the guest with the host? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 1 points 1 week ago (1 children)

The best option would be to have a "regular" client that keeps a local copy in sync with the cloud instead of a mount.

BTW: IDK what cloud storage you are using, but IIRC some show files that are not available locally (ie. only the most recent files are downloaded locally - the older stuff is downloaded on request).

Alternatively, you could hack something together running unison locally in the guest to sync the cloud folder to a shared one... you'll have two copies of the data though.

for those worried about the impact of sanctions on linux, is any of the bsds a better alternative? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 6 points 2 weeks ago* (last edited 2 weeks ago)

This quote from your article does nail the problem on the head though.

It nails a different problem on the head.

You don't have to convince the US government to allow you access to classified information, you just have to convince a lawyer that their (possibly non-US) client won't be liable in case you are lying.

Russia Mulls Forking Linux in Response to Developer Exclusions in c/linux@lemmy.ml
[–] gomp@lemmy.ml 0 points 2 weeks ago

First of all, saying "based on their country of residence" is either grossly uninformed or (most probably) plain dishonest.

Ignoring that, the GPL-freedoms of companies subject to sanctions are still preserved, so.... having established that your "free" is not the same "free" as in "free and open source software", what the hell are you talking about?

Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted - Phoronix in c/linux@lemmy.ml
Linus Torvalds Comments On The Russian Linux Maintainers Being Delisted - Phoronix in c/linux@lemmy.ml
[–] gomp@lemmy.ml -2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Finland was invaded by Russia before WWII, then participated in a campaign against Russia with the Axis powers and finally signed the Moscow Treaty with Russia and the UK and joined them against Germany.... I fear history is more complex than what may serve your simplistic view (I'd go to far as to say that, most probably, reality is too).

Also, if I may, that happened some 80 years ago... do you think current Finns should be ashamed of that when they were not even alive back then? Can you name a nation that didn't do anything shameful in the last century?

[resolved] Help with haskell package that lives in a subdirectory of `src` in c/nix@programming.dev
[–] gomp@lemmy.ml 1 points 3 weeks ago

In case anyone comes here with the same problem, the solution is:

attoparsec-aeson = haskellPackages.mkDerivation {
  ...
  postUnpack = ''
    mv source source-aeson
    cp -rL source-aeson/attoparsec-aeson source
    rm -fr source-aeson
  '';
  ...
};
```*___*
[Solved] This maybe a strange question but can I run a Linux app in a separate container/sandbox? Without its dependencies bloating my host OS? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 8 points 1 month ago

One way or another, if you want to run an application you are gonna need its dependencies (the key is the name)... they may be bundled into an appimage or come as part of flatpak ruintime, or be confined inside a container, or live in the nix store, but they will "bloat" your system anyway.

Learn how to cleanup your system (ie. uninstall all packages that are not needed by others that have been requested explicitly) and live a happy life. Only bother with other solutions if the software (or version) you need isn't available for your distro.

[Solved] This maybe a strange question but can I run a Linux app in a separate container/sandbox? Without its dependencies bloating my host OS? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 9 points 1 month ago (1 children)

Because podman :)

Alternative to syncthing for large music collection? in c/linux@lemmy.ml
[–] gomp@lemmy.ml 1 points 1 month ago (1 children)

The main difference is probably that I have a desktop PC rather than a laptop (plus, a few old hard disks lying around).

I think I'll keep the local replica even when I'm finished reorganizing the library: the local copy doubles as a backup and I must say I am enjoying the faster access times.

88
Alternative to syncthing for large music collection? (lemmy.ml)
 

Over the years I have accumulated a sizable music library (mostly flacs, adding up to a bit less than 1TB) that I now want to reorganize (ie. gradually process with Musicbrainz Picard).

Since the music lives in my NAS, flacs are relatively big and my network speed is 1GB, I insalled on my computer a hdd I had laying around and replicated the whole library there; the idea being to work on local files and the sync them to the NAS.

I setup Syncthing for replication and... everything works, in theory.

In practice, Syncthing loves to rescan the whole library (given how long it takes, it must be reading all the data and computing checksums rather than just scanning the filesystem metadata - why on earth?) and that means my under-powered NAS (Celeron N3150) does nothing but rescanning the same files over and over.

Syncthing by default rescans directories every hour (again, why on earth?), but it still seem to rescan a whole lot even after I have set rescanIntervalS to 90 days (maybe it rescans once regardless when restarted?).

Anyway, I am looking into alternatives.
Are there any you would recommend? (FOSS please)

Notes:

  • I know I could just schedule a periodic rsync from my PC to the NAS, but I would prefer a bidirectional solution if possible (rsync is gonna be the last resort)
  • I read about unison, but I also read that it's not great with big jobs and that it too scans a lot
  • The disks on my NAS go to sleep after 10 minutes idle time and if possible I would prefer not waking them up all the time (which would most probably happen if I scheduled a periodic rsync job - the NAS has RAM to spare, but there's no guarantee it'll keep in cache all the data rsync needs)
7
[resolved] Help with haskell package that lives in a subdirectory of src (lemmy.ml)
submitted 1 month ago* (last edited 3 weeks ago) by gomp@lemmy.ml to c/nix@programming.dev
3 comments fedilink
 

edit: for the solution, see my comment below

I need/want to build aeson and its subproject attoparsec-aeson from source (it's a fork of the "official" aeson), but I'm stuck... can you help out?

The sources of attoparsec-aeson live in a subdirectory of the aeson ones, so I have the sources:

aeson-src = fetchFromGitHub {
  ...
};

and the "main" aeson library:

aeson = haskellPackages.mkDerivation {
  pname = "aeson";
  src = aeson-src;
  ...
};

When I get to attoparsec-aeson however I run into a wall: I tried to follow the documentation about sourceRoot:

attoparsec-aeson = haskellPackages.mkDerivation {
  pname = "attoparsec-aeson";
  src = aeson-src;
  sourceRoot = "./attoparsec-aeson"; # maybe this should be "${aeson-src}/attoparsec-aeson"?
                                     # (it doesn't work either way)
  ...
};

but I get

 error: function 'anonymous lambda' called with unexpected argument 'sourceRoot'

Did I fail to spot some major blunder (I am nowhere near an expert)? Does sourceRoot not apply to haskellPackages.mkDerivation? What should I do to make it work?

BTW:

IDK if this may cause issues, but the attoparsec-aeson sources include symlinks to files in the "main" attoparsec sources:

~/git-clone-of-attoparsec-sources $ tree attoparsec-aeson/
attoparsec-aeson/
├── src
│   └── Data
│       └── Aeson
│           ├── Internal
│           │   ├── ByteString.hs -> ../../../../../src/Data/Aeson/Internal/ByteString.hs
│           │   ├── Text.hs -> ../../../../../src/Data/Aeson/Internal/Text.hs
│           │   └── Word8.hs -> ../../../../../src/Data/Aeson/Internal/Word8.hs
│           ├── Parser
│           │   └── Internal.hs
│           └── Parser.hs
├── attoparsec-aeson.cabal
└── LICENSE
39
ssh won't ask for password unless i force PubkeyAuthentication=no (lemmy.ml)
submitted 1 month ago* (last edited 1 month ago) by gomp@lemmy.ml to c/linux@lemmy.ml
16 comments fedilink
 

Lately I noticed that when I want to ssh to a server using a password I need to specify -o PubkeyAuthentication=no or I won't be asked for a password and the authentication will fail (well, for all I know, setting some other option may work too).

I use password authentication only once on freshly installed servers/vms, so it's not a huge deal, but... it still bothers me (mainly because I don't remember which option to set).

Do you guys have any idea what it may be?

client's ~/.ssh/config

Host 127.*.*.* 192.168.*.* 10.*.*.* 172.16.*.* 172.17.*.* 172.18.*.* 172.19.*.* 172.2?.*.* 172.30.*.* 172.31.*.*
  LogLevel quiet
  Stricthostkeychecking no
  Userknownhostsfile /dev/null

Host *
  ForwardAgent no
  AddKeysToAgent no
  Compression yes
  ServerAliveInterval 10
  ServerAliveCountMax 3
  HashKnownHosts no
  UserKnownHostsFile ~/.ssh/known_hosts
  ControlMaster no
  ControlPath ~/.ssh/master-%r@%n:%p
  ControlPersist no

server's /etc/ssh/sshd_config (it's from the nixos install iso)

AuthorizedPrincipalsFile none
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
GatewayPorts no
KbdInteractiveAuthentication yes
KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
LogLevel INFO
Macs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com
PasswordAuthentication yes
PermitRootLogin yes
PrintMotd no
StrictModes yes
UseDns no
UsePAM yes
X11Forwarding no
Banner none
AddressFamily any
Port 22
Subsystem sftp /nix/store/78mv13w9mgh0s0rd7rnr6ff4d7a39bpd-openssh-9.7p1/libexec/sftp-server 
AuthorizedKeysFile %h/.ssh/authorized_keys /etc/ssh/authorized_keys.d/%u
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

33
[SOLVED] Cronjob with hdparm -y to spin down hard disks? (lemmy.ml)
submitted 1 month ago* (last edited 1 month ago) by gomp@lemmy.ml to c/linux@lemmy.ml
12 comments fedilink
 

Solution:
hd-idle is the way to go (if you read their README, they explain that most drives don't support idle timers)

I've been looking into spinning down the drives of my NAS, as I use it infrequently and that brings power drain down from ~30W to ~17W.

Problem is, hdparm -S doesn't seem to do anything for these particular drives: if I set it and wait for the appropriate amount of time (eg. 5 seconds if set to 1) the drives are still reported as "active/idle" and power drain doesn't go down.

Both hdparm -y and hdparm -Y work fine, but I don't seem to be able to find settings for them in tlp (probably because they are commands rather than settings?).

Besides the caveats about disks living longer if they are kept spinning, are there reasons why I shouldn't setup a cron job (well, a systemd timer) that runs hdparm -Y every 10 minutes? (for example, could hdparm -y cause errors if run while the drive is being backed up?)

PS: According to hdparm's manpage, -y puts the drive standby mode while -Y puts it into sleep mode. Considering that in my case power drain seems the same either way, should I prefer one or the other?

52
Can I do this in hyprland? In sway? In any other WM? (lemmy.ml)
 

I want to have my screen (the "dev" workspace) split in three "zones":

  • on the left side, a tabbed group with all the text editors I start (ie. if I start a new one, it goes there in a new tab)
  • on the top-right, a tabbed group of whatever many terminal I feel like launching
  • on the bottom-right, my browsers (and possibly other stuff), in a group without tabs
  • a key combination to cycle between: all three "zones" visible, text editors on the left - terminal on the right, text editors on the left - browser on the right, fullscreen browser

So far I've been looking at hyprland (for no particular reason except the hype) and I don't think I can do the above with it (I am by no means an expert, so... maybe it can actually be done?).

Do you know of any WM where it would be possible? (possibly, one with automatic splitting a-la bspwm, that I would use for the other workspaces)

112
Recommend me a scripting language (lemmy.ml)
 

I've been looking around for a scripting language that:

  • has a cli interpreter
  • is a "general purpose" language (yes, awk is touring complete but no way I'm using that except for manipulating text)
  • allows to write in a functional style (ie. it has functions like map, fold, etc and allows to pass functions around as arguments)
  • has a small disk footprint
  • has decent documentation (doesn't need to be great: I can figure out most things, but I don't want to have to look at the interpter source code to do so)
  • has a simple/straightforward setup (ideally, it should be a single executable that I can just copy to a remote system, use to run a script and then delete)

Do you know of something that would fit the bill?

Here's a use case (the one I run into today, but this is a recurring thing for me).

For my homelab I need (well, want) to generate a luhn mod n check digit (it's for my provisioning scripts to generate synchting device ids from their certificates).

I couldn't find ready-made utilities for this and I might actually need might a variation of the "official" algorithm (IIUC syncthing had a bug in their initial implementation and decided to run with it).

I don't have python (or even bash) available in all my systems, and so my goto language for script is usually sh (yes, posix sh), which in all honestly is quite frustrating for manipulating data.

24
Launcher with integrated clock and tray? (lemmy.ml)
 

After years of my desktop environment (kde) being configured the same way, I tried enabling auto-hiding in my panel and I quite like the extra screen estate.

Now, the only reasons why I have a panel in the first place are the clock and the system tray (I don't use the ~~start~~ applications menu and I don't care for the task manager) so I've started wondering if I could completely dispose of the panel.

Do you know of any launcher (I use krunner but switching to something else is fine) that satisfies (or can be configured to satisfy) the following?

  1. shows the current date/time
  2. integrates a system tray
  3. launches applications
  4. does math, unit conversion and currency conversion
13
What depends on a specific package? (lemmy.ml)
 

While updating home-manager I got a notice that freeimage-unstable-2021-11-01 is marked as unsafe.

Since chances are it's used by something I never use, I'd like to know what I'm using that depends on it... any idea how to do it?

Also.. any idea why I have 4 copies of the freeimage stuff in my /nix/store? (I just run nix-collect-garbage -d and the 4 seem to be actually different):

❱ md5sum /nix/store/*freeimage*/lib/libfreeimage.a
67a0ce1cb5dd562473e27d7c88e8a9bd  /nix/store/6gi6hm57zngqnxb6p5dnxhjjcbr96lrk-freeimage-unstable-2021-11-01/lib/libfreeimage.a
5995e0affbfa28b63da7e997cb4dbe63  /nix/store/09nwykzzksc0zknflsyxyah5b67c2rsn-freeimage-unstable-2021-11-01/lib/libfreeimage.a
67a0ce1cb5dd562473e27d7c88e8a9bd  /nix/store/ikfiv4gpmcpyir7lsj45by653qcnvgyx-freeimage-unstable-2021-11-01/lib/libfreeimage.a
213a408e3c1fbb5dfa4491deebe05984  /nix/store/q2sc85f2hclgwl8m3qdw8rpbs44gzmah-freeimage-unstable-2021-11-01/lib/libfreeimage.a
58
Looking for FOSS android TV (or something like Kodi, but dumber) (lemmy.ml)
 

I've been looking for something to replace the google chromecast that is attached to our TV.

I've tried Kodi out, but the main use case for the TV set is a 70+ yo person watching netflix and there is just no way they will be better off with Kodi than with the stock netflix app.

Besides supporting netflix, being easy to use, and providing significantly better privacy than the chromecast does, the device would ideally:

  • support other mainstream streaming (amazon, disney, ...) for when my people get tired of netflix
  • support a DVB-T2 usb stick (directly, or through IPTV: I can put the stick in a different machine)
  • support youtube without ads (through an adblocker and possibly sponsorblock, or maybe using invidious)
  • possibly, support local public TV streaming (eg. BBC)

I have a PC set aside that should be more than capable enough (intel N100), but I'm open to getting new hardware if needed. Also, it doesn't matter if the system is not very user friendly to setup (eg. if it needs to be nixos), but once it's setup it should be easy to use and relatively straightforward to update/maintain.

I guess a FOSS android TV would be ideal, but.. is there any? (I see Lineage supports the Google ADT-3, but that is basically unobtanium, at least where I live).

15
Recommendations for workout/training tracker app? (lemmy.ml)
submitted 1 year ago* (last edited 1 year ago) by gomp@lemmy.ml to c/fdroid@lemmy.ml
5 comments fedilink
 

The app at my gym sucks: there is no checklist of what exercises you have done and no tracking of how much weight you used. Plus, for whatever reason, it wants access to my location.

I've found a number of alternatives on F-Droid, but each of the six or so I tried was completely unusable (some seemed unfinished alphas, others are probably too old for my android version).

Is there one app that you use and would recommend?

What I'm looking for is:

  • At home: I setup my programs (different ones for different days)
  • At the gym: I can select a program, check off the exercises while I do them (the order I do them on depends on where there is fewer people at the gym), and log things like if I managed all the sets/reps, how much weight I used, and how long I exercised for (for things like the tapis roulant).
  • Bonus points if I can also track my weight in the same app, and if the app can export/sync the data or produce some kind of graphs/statistics based on it.

Thanks!

view more: next ›