fsebugoutzone.org:9999

       Posts by raito@nixos.paris
 (DIR) Post #AxjTKK2jlhRbIPoPXU by raito@nixos.paris
       2025-08-31T13:55:27Z
       
       0 likes, 0 repeats
       
       @agowa338 the &quot;non default format&quot; is literally a W3C spec: https://www.w3.org/TR/sri/ FYI.Well, there&#39;s as many as possible usecases. :)
       
 (DIR) Post #AxjTKLMypvENPUI5jM by raito@nixos.paris
       2025-08-31T14:07:09Z
       
       0 likes, 0 repeats
       
       @agowa338 I mean sure, I never heard about sha256sum being more a default than anything else, but I&#39;m not going to debate that. I just thought it made sense to make a remark about the fact that it is a standard.(I totally agree.)
       
 (DIR) Post #AxjTKMlpd0hhkqvS6a by raito@nixos.paris
       2025-08-31T14:14:27Z
       
       0 likes, 0 repeats
       
       @agowa338 Right, I think none of these things attempts to solve the same problem as Nixpkgs though.Put it in another way, I am aware that downloading an ISO or a tarball package will get you a SHA256SUMS with a GPG signature from time to time, but it&#39;s not a scaled solution for the problem that Nixpkgs solves, therefore, I usually encounter NAR-style solutions in these areas as well.(This is true of many things in the NixOS ecosystem, FWIW.)
       
 (DIR) Post #AxjTKNbaWa6WLN8mmG by raito@nixos.paris
       2025-08-31T14:14:40Z
       
       0 likes, 0 repeats
       
       @agowa338 (anyway, won&#39;t take much more of your time, YMMV!)
       
 (DIR) Post #AxjTKP2ZBlHKnKlqT2 by raito@nixos.paris
       2025-08-31T14:18:30Z
       
       0 likes, 0 repeats
       
       @agowa338 Ah, right, let me explain then.Nix supports two hashing mode:- flat → sha256 of the file- recursive → sha256 of the NAR serializationThe reason for why Nix doesn&#39;t apply flat hashing to lets say GitHub release tarballs is that GitHub release tarballs or any generic tarball does not offer sha256 stability guarantees.For example, in the past, GitHub changed ALL the hashes of ALL their tarballs. Imagine the impact this would had on nixpkgs if it had used flat hashing.
       
 (DIR) Post #AxjTKQOw84lb10FDyS by raito@nixos.paris
       2025-08-31T14:23:08Z
       
       0 likes, 0 repeats
       
       @agowa338 Yes, this sucks.Fortunately, with Nix, you don&#39;t care: fetchurl is allowed to use network temporarily to download anything as long as it writes only what it declared in the parameters.So you can DL the GitHub new shite, unpack it and Nix will check: yep, that&#39;s the contents I expected.So GitHub changes that DO NOT tamper the tarball went unnoticed WHILE being still verified.
       
 (DIR) Post #AxjTKRfzOA08yBEMC0 by raito@nixos.paris
       2025-08-31T14:28:30Z
       
       0 likes, 0 repeats
       
       @agowa338 You do not need to tell Nix &quot;not to use the network&quot; to use it in airgapped controlled environment.Cut the network, put a `cache.myairgapped.network.com`.Nix will download all artifacts from there only.If you want to have the &quot;local rebuild capability&quot;, mirror all the source code too and your system will act as if it was a parallel universe.You are responsible for two things:(a) updating the sources bucket(b) updating the cache (if you want to avoid client rebuilds)
       
 (DIR) Post #AxjTKT9Ru7A1Xq1Oka by raito@nixos.paris
       2025-08-31T14:34:25Z
       
       0 likes, 0 repeats
       
       @agowa338 I&#39;d strongly recommend to keep it simple, e.g. an HTTP server, you put all the files there (or a S3 bucket, you put all the files there).Nix is low technology on the caching mechanisms, it&#39;s *dumb* (a blessing and a curse).
       
 (DIR) Post #AxjTKUpfecWol4mdCS by raito@nixos.paris
       2025-08-31T14:38:49Z
       
       0 likes, 0 repeats
       
       @agowa338 I don&#39;t know what is your operational experience of IPFS but I know that I am unhappy with it personally.Again, here, your mileage may vary.
       
 (DIR) Post #AxjTKW9YkA20r361q4 by raito@nixos.paris
       2025-08-31T14:42:57Z
       
       0 likes, 0 repeats
       
       @agowa338 That&#39;s very fair, I prefer much more https://snix.dev/ which possess the same IPFS properties but better for data storage.Obviously, it doesn&#39;t have all the discoverability, P2P, stuff. Arguably, very easy to add on the top of it with libtorrent or anything.
       
 (DIR) Post #AxjTKWUpT52rv130zY by raito@nixos.paris
       2025-08-31T14:19:17Z
       
       0 likes, 0 repeats
       
       @agowa338 Instead of that, in many places, it&#39;s preferred to use recursive hashing and let Nix hash the actual contents through the container tarball or anything because NAR *is* guaranteed to hash the same *ALL THE TIME*.Therefore, it doesn&#39;t matter that the container you get from Internet itself changes, the actual contents will be the same.And the hash will remain the same.
       
 (DIR) Post #AxjTKXVvgTWH4iZPLU by raito@nixos.paris
       2025-08-31T14:47:41Z
       
       0 likes, 0 repeats
       
       @agowa338 snix has something called snix-store and it has a much better story than the classical Nix store for storage
       
 (DIR) Post #AxjTKYJugdVBZjxKFs by raito@nixos.paris
       2025-08-31T14:48:00Z
       
       0 likes, 0 repeats
       
       @agowa338 you can mix&#39;n&#39;match pieces of Nix implementations to achieve a stack, here, why it&#39;s interesting even if you keep using Lix or CppNix
       
 (DIR) Post #AyfPJvf2EypefmRHwe by raito@nixos.paris
       2025-09-27T21:26:18Z
       
       0 likes, 0 repeats
       
       Volé honteusement d&#39;Instagram
       
 (DIR) Post #Az0PsJJOtRBwBss9po by raito@nixos.paris
       2025-10-08T16:22:16Z
       
       1 likes, 0 repeats
       
       @Foxboron at this point, i think US companies are going to start to be more and more like this
       
 (DIR) Post #Az1tl5a0k3jnMD4gAy by raito@nixos.paris
       2025-10-09T10:14:09Z
       
       0 likes, 1 repeats
       
       To those who are disgusted of @frameworkcomputer but still need a Linux-friendy laptop.Look on the side of https://www.tpart.net/the-latest-prices-of-x210ai/.It should have an equal amount of bugs as the Framework in terms of suspend and firmware. Perhaps, easier to fix though!No AMD CPU, but it&#39;s relatively modern, and it doesn&#39;t involve backing a disappointing company.Furthermore: it&#39;s artisanship, so, cooler!Finally: who has 3000*2000 on the market except them? 🙂 #framework #laptop
       
 (DIR) Post #B0AUz5cV8mJlmlhkh6 by raito@nixos.paris
       2025-11-12T11:23:56Z
       
       0 likes, 0 repeats
       
       @picnoir but wireguard-go can literally go toes to toes with the kernel wg impl afaik?
       
 (DIR) Post #B0JKcfx2QkFiN6vDpw by raito@nixos.paris
       2025-11-16T18:03:31Z
       
       0 likes, 0 repeats
       
       @nobody i just grepped for nix and this paper is well, not to be mean on the authors, really bad?
       
 (DIR) Post #B0N8qdjtP0Q3IqBPc0 by raito@nixos.paris
       2025-11-18T13:01:24Z
       
       0 likes, 0 repeats
       
       (Too?) many months of work, one of the release I&#39;m the most proud of.#Lix 2.94.0 is now officially available.https://lix.systems/blog/2025-11-18-lix-2.94-release/#Lix 2.95.0 will be even better.#Nix #NixOS
       
 (DIR) Post #B0fdJvZyCkmPGQlHcW by raito@nixos.paris
       2025-11-27T11:27:38Z
       
       0 likes, 0 repeats
       
       @arianvp just drop it in nixpkgs