{he/him, they/them, that monster} // {remmy, demize, SA0DEM} // {pansexual, polyamorous, demi/agender} // collectible
TOP SECRET//FOUO//ORCON//PROPIN
I manually approve follow requests but unless you appear to be abusive or on one of Gargron's instances then I'll probably accept it.
////\\\\/////\\\\
I bite.
| gallery | https://www.flickr.com/photos/remmyfoo/ |
| bookwyrm | @[email protected] |
Just ran into the first instance of something not working because GrapheneOS doesn't get the highest level of app attestation certificates.
All bank and related stuff has been working just fine all along.
What fails? Logging into the app of a fucking gas station.
Although a curious programmer may want to know how associations are represented in a dictionary, this internal implementation information is unnecessary for successful use of a dictionary. Knowledge of a dictionary's implementation is of interest only to the programmer who works on the definition of the dictionary object itself.
On the one hand, yes. On the other hand, "HashDoS says hi."
#NixOS declarative containers are super slick in theory, but in practice... eh.
For Reasons™ it stops and starts the container whenever any changes to it are detected instead of just switching to the new generation, which for some reason is Super Fucking Slow. (Apparently the reasons it does this have to do with how it does the network setup, but it does it unconditionally instead of if only networking-related things on the host changed.)
And apparently apparently the networking-related reasons were supposed to go away in conjunction with the networking parts being rewritten to be based on networkd instead of using custom scripts. Except... apparently that work died out years ago after the person working on it decided that declarative containers were the wrong solution and instead pivoted to only working on the imperative container support. :s
But apparently apparently apparently someone else is working on a from-scratch implementation of declarative containers out-of-tree (for now), nixos-nspawn, except... it's apparently broken if you use nftables instead of iptables because of the differing wildcard characters, and while someone filed a PR to fix it on December 1 there hasn't been any response to it yet.
sigh.
Kinda wondering whether to switch to imperative containers after all, even though these things are really system services that I want declarative management for, they just happen to want to run in separate network namespaces for routing reasons and I need to run multiple instances of some of the services so nspawn containers are very convenient here.
Alternatively maybe micro VMs, but that's kinda heavy-weight and I don't know if the Nix integration supports switch-to-configuration there either.
Dear to whom it may concern,
My name is Dr. Bernadette “bird” Bowen and I was fired for telling the truth about Charlie Kirk in September. If someone could hire me before I potentially become homeless in a month or two, that would be great LOL
In virtual solidarity,
Dr. bird
mcc
Aaron J. Waltke
Lady Laura 
Dr. bird 🌻 | Inspiring Change