640: Duece Configalo: Desktop Gigolo

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:11):
Hello, friends, and welcome back to your weekly Linux talk show. My name is Chris.
My name is Wes.
And my name is Brent.
Hello, gentlemen. Coming up on the show today, it's the sequel to the summer
blockbuster, Config Confessions.
We'll dive into your configs, call out the genius moves, the blunders,
and everything in between.

(00:32):
And then we'll round it out with some shout outs, some picks, and a lot more.
There's so much to get into, lots of cool configs. So before we do all of that,
let's say time-appropriate greetings to our virtual lug. Hello, Mumble Room.
Hello. Hello. Hey, Chris. Hey, good morning. Good morning, everybody.
Hello. Thank you for joining us. That is a rockin' Mumble Room,

(00:52):
and hello up there to the quiet listening, too.
And a big good morning to our friends at defined.net slash unplugged.
Go meet Manage Nebula from Defined Networking.
It's a decentralized VPN built on the Nebula platform.
This is a project that we love. We've been following it from the very early days.
It's optimized for speed, simplicity, and if you want, self-hosting.

(01:14):
It's great for a home lab. It's also great for an enterprise.
It started in 2017 right there in the thick of it to connect all of Slack's
global infrastructure. You can imagine the back end Slack must have.
Wow. And they needed a way to securely connect all the global infrastructure.
And Nebula was engineered for scale and performance from day one.
But the thing that I have really learned to appreciate is I've built out and

(01:36):
used all of these different types of mesh and decentralized VPNs,
including standard VPNs like WireGuard and way back in the day, OpenVPN and others.
There's always a tradeoff when it comes to hosted infrastructure, except with Nebula.
Nebula lets you control the entire thing. They offer a managed platform and
you can go to a self-hosted platform and you can use a managed platform.

(01:58):
Everything. It's not like a thing that they're resisting. It's how the product was built.
And when you are creating your infrastructure, you're building out your infrastructure,
you want something to last for years.
I think that really matters, even for an enterprise or a home lab.
So they align with the way I think about things and the way I want my infrastructure to be built.
You know, there's other ways you can do it, of course, but I really like the

(02:19):
way they're building up both the company and the project and the product.
So check it out at define.net slash unplugged. Redefine your VPN experience.
Get it for 100 hosts absolutely free and support the show. And if you get to
the point where it's like, OK, it's time to self-host.
Nebula is killer. Nobody beats Nebula at that. The resiliency, the robustness.
And I'm talking mobile device, battery life, all that kind of stuff.

(02:42):
Nobody beats Nebula. Check it out at defined.net slash unplugged.
And a big thank you to defined.net for sponsoring this here unplugged program.

(03:05):
All right. This time it's config confessions in space, the linting.
And we're back for another round. We asked you to send in your configs, and you've done it.
And there's a nice batch this week. And if you want to catch the first version, it's episode 634.
You can find that at linuxunplugged.com slash 634. So here we are.

(03:27):
Now it's the fall time, and we're back for round two. And I got to start with
the hardest one, I think, to pronounce here. I'm going to give it a shot.
Wait, wait. I think before we dive right into the first one, which...
Okay.
Impressive. I mean...
Shouldn't we all confess a little bit? Like, how much have we looked at this stuff?
Because, you know, people have been sending them in, and then you did the hard

(03:51):
work to, like, you know, gather them all up and try to find them.
Brent's been doing the hard work at driving, so I think there might be a little
confessing around, like, are we looking at these for the first time?
Do we, you know, let's just be transparent.
Okay, that's good, that's good. Some of us might be coming in cold,
like in the snow, you might say, on this.

(04:12):
Yeah, I did have a chance. I went through, you know, I took in the flavor of
it, of each one, sort of got in their headspace the best I could and made some
notes for us to chew through.
So I think we're going to have a nice combination of clean cold takes and fully
immersed takes. How do you feel? Does that work?

(04:32):
That's perfect, yeah. I'm down with that.
And it's not all Nix. We had some people send in their Ansible configs.
We had a GUX config sent in. We had some Mac systems sent in.
So we have some interesting ones.
And I'm going to say, do you think it's Yeechul? Yeechul is perhaps how you say their name.
They say, please roast my NixOS config. It's an opinionated Hyperland-based

(04:54):
config with the same design and productivity-based setup.
Oh, that's why it got first billing. Yeah, I see this now.
No, it was chronological.
It was chronological.
Cool um so i noticed that uh
first of all it's it's you know everybody has a
bit of their own design style uh for

(05:16):
their repo and each one here starts with a nice
screenshot of course of fast fetch you got to get the fast fetch screenshot
in there so that's a classic and then he breaks it all down uh the kernels cache
eos has support for tpm and uh waybar is in there you got sway sink in there
kitty neo vim uh and then one of the things that i always like to see,

(05:40):
Is a get started real quick. And even if it's just for yourself.
For future you. And they have that right here. A get started real quick script.
And then a post installation couple of tasks to run.
So those are my initial. That was my initial impression. I like this screenshot.
Get started real quick approach. I think it's really good for restoring a system.

(06:01):
On the quick and things like that.
And they're actively committing. They got 444 commits. And as just a couple
of days ago. They were updating their flake.
How are you missing that? Four days ago was last updated, and there's 444 commits.
What's going on with four here? I don't know.
Yeah, you're right.
But, I mean, you called it out there, but cache EOS kernel. Are you picking up that?

(06:24):
I'm liking that. I'm liking that.
So if you go in and take a look at dots slash nix slash boot dot nix,
you'll see packages.linuxpackages testing commented out.
Packages.linuxpackages zen, what we're both using, commented out.
This is telling a story to me because what is left uncommented is linux packages
underscore cache EOS which I did not realize was just an option that we could

(06:46):
do so I think we have to try that.
I do like that programs.nix is an interesting file I think he's turning on some app images I see zoom,
I'm not quite sure what really threw me for a loop and I kind of wanted to get
your eyes on this one was I made a note in our notes here,

(07:07):
Yeah, okay. I think he's installing Pinchflat on his desktop system,
if I'm understanding this correctly.
Because in this config, he's also defining his power management,
his system DNS, and all of the keyboard layout stuff, turning on pipewire.
So it's kind of like a system configuration, but then he has Pinchflat installed there.

(07:30):
I love Pinchflat, but on the desktop?
Well, I see it in services.nix, So it might depend on where that's all sourced.
Yeah, that's why I couldn't tell for sure. I do think it's a very solid layout.
A lot of Lua, 40% Lua in there.
I was like, okay. Some host modules in here too, I'm seeing.
And it uses a settings.nix file to set the username, the system description,

(07:53):
and the system type. So like x86 or ARM.
So he's got one file where he can go in there and just...
Set that. Sort of as an override.
I think you're also missing... Did you see the contributor count on this thing?
Yeah, I know.
59 people have worked on this.
It's insane.
How's he getting 59...

(08:13):
Like, this is more serious of a Nix config than any of us have put together.
I know. How's he getting 59 people? That's awesome.
That's a great question.
There's a lot to look here in, you know, because you can tell it's, like, really well used.
I don't know if you noticed, but there's, like, separate Home Manager configs
for like if you're going with a window manager environment or if you're going

(08:34):
in a TUI environment, I guess, or there's modules for both anyway. So love to see that.
Yeah.
And quite the flake, you know, like there's all kinds of inputs going on. There's fanciness.
I don't know what Nick's cats is, but I assume it's a category theory thing
or just cute cat pictures. Either way, I like it.
Yeah.
Oh, maybe it's for NeoVim. I see. Yeah, a lot of NeoVim stuff too, which is great.

(08:57):
I see in the config folder here, linux-enable-ir-emitter.
Any guesses on what that's being used for?
Sounds like something Wes should look at.
You're right.
It looks like he's defining a PCI device, right? Is that what he's doing? Interesting.
Yeah, this is great. This kind of stuff, if you can have this just redeployed

(09:20):
when you set up your system and these kinds of devices so your IR blaster just
works, that's getting it dialed in, buddy.
I'm not sure if we wanted to score these but I'm kind of feeling like this is
a 4 out of 5 I just have a couple of gripes,
In my opinion, it's a little sprawly, just a little bit, but not bad, not bad.

(09:40):
So I can't give it a full five out of five, but I do want to give it a four
out of four or a four out of five, I think.
I don't know. How do you feel? Is that a fair? Should we adjust?
I'm, I'm open to the committee.
Are there not enough like initialization scripts for you? Is that your problem?
You bastard.
Yeah. The activation script, seriously underdeveloped in this one.

(10:00):
I just can't get five out of five if you don't get that.
Look, if you're not creating a tilde directory, I don't want to.
Oh, wait, I'm roasting the wrong person.
Yeah, yeah, we're roasting their config.
Ooh, sorry.
I think, I just don't know if it's a five out of five, but I think it's really close.
I could be argued up or down if anybody wants to make the case.

(10:22):
I mean, I think the contributor count, like, okay, maybe it's a little sprawling
or maybe it's a lot if you're just trying to use it for like one or two systems.
But I feel like that contributor count says that a lot of the functionality
in here is probably being used, imported, like, more than just,
you know, this is not just a single person's config for their, like, laptop at home.
There's a lot more work and polish in here.

(10:43):
Okay. All right. So you've got the contributors. Also, I'm talking myself into
making it a 5 out of 5 because, like, as we'll see as we go along,
some of these, they kind of go too far. Right? This is a nice balance.
A lot of things that are solved, problems like those PCI devices, things that are solved.
But we're not going like nutso with it. You know, you can take it too far.
So I'm kind of talking myself into a five out of five now.

(11:06):
Lock it in.
All right. Okay, so that, hopefully I got anywhere close to your name,
Ichil, but thank you for sending that in.
Nice to see the Hyperland setup. Love seeing those.
And I like seeing Lanzibu, TPM stuff. There's just a lot to like, so thank you.
Yes, the Lanzibu was cool. All right, our next one is Shane's budget config.

(11:27):
He says, I've attached a Nix config for you guys to analyze.
Don't hold back. Tell me how bad it is. My goal with this config is to make
a working config that uses flakes, although I don't really know what they are
still, and allows me to add programs from either stable or unstable by choice.
So after many hours of back and forth with failed configs and hallucinations
at times, insults towards the stupid bot, we have a working config.

(11:48):
Now it's probably jank. I don't know.
But it does seem to work. And so he supplied us with a flake,
a package.nix, and a configuration.nix.
And I wanted to get your eyes on that flake there, Wes, and see if you had any
editor's notes for Shane's budget flake.
Yeah i mean i think you're you're doing well shane you're well

(12:09):
on your way to getting a flake system right like going from
the first sort of configuration.nix setup with channels getting
into the flake mindset that's a that's a lot to do um
so we kind of see a pretty clean flake here we've got nix packages and right
as shane was alluding to also nix packages unstable the first one's pinned to
a regular release and unstable and then you can see here they have they have

(12:31):
a let block where they're setting up both unstable and regular packages and then,
Let's see here. Ah, so then they're using a Nix module that they can feed in
both manually as a, so they do like an import call to load in their packages.nix file.
That gets them all the packages they want from either collection of upstream Nix packages.

(12:53):
And then they use an in-place module in the flake to inject that into the config.
That's pretty, that's pretty clever. There might be easier ways ultimately depending
on how you want to do it, but I mean, it definitely works.
Okay so it's got the west pane approval i wasn't sure i did wonder if there
was some redundant package assignments in there but that's a pretty minor quibble

(13:14):
i think uh i think that got a that got a more resounding west pane approval
than i expected so i'm not gonna argue with that,
the packages.nix is interesting here it's a it's a pretty well laid out here
i'll pull it up i hosted these by the way these will be linked in the show notes
if people listening want to look at these as we're talking about them.
They are linked over at linuxunplugged.com slash 640 if you'd like to check them out.

(13:38):
And he has, you know, I think he has a couple of apps that are like his staples,
that he's pulling from the Nix stable repository.
And if you're looking, if you look at the packages.nix, and then he's got a
handful of like, you know, rock and roll apps that he pulls from Unstable,
like Waybar, WL Roots, those types of things Shane's pulling from Unstable.
And I think that is, listen to me now, audience,

(14:03):
other distros can do it nobody does it like NICS right so if you never want
your NeoVim to get changed out from underneath you you pull that from Staple,
or your Android tools is another example in here or you know Romania,
Your launcher, WoFi, your Waybar, why not?
Why not? Those are pretty rapidly developed. Why not pull those from unstable

(14:24):
if it works for you? And you could do both.
Well, and, right, you can swap them, right? So in this case,
because Shane's got this single file, it's pretty easy to just,
you know, remove Waybar from unstable and move it back up to stable if that's
where you want to get it from.
So I think that is one aspect that this works really well.
Like, it can be tricky figuring out how you inject both.

(14:44):
Like, everything's kind of set up. If you do it the normal way,
like you get your one version of Nix packages and you give that to your module
and like you just kind of inherit that as packages inside your module.
It's all easy to access there.
And then there's multiple different mechanisms for like how do you actually
thread unstable packages or, you know, how do you thread an additional set of
Nix packages through your entire config?

(15:05):
A lot of people use like special args, which can totally work.
Shane's using a clever, I think, Nix forward approach here. And you can also
use, which is, this is like halfway to, I think, like using the module interface
to pass that through as well.
But I like that, especially for a small config like this, it's really easy to
switch where you're pulling stuff. So that's great.

(15:26):
Now, Brent, can I call upon you to give Shane just a quick elevator GitHub talk here?
Because he sent these as attachments to email because he's not using Git to manage these.
Seems like that could be an area maybe he could improve on.
Well, you're assuming he's not using Git to manage these.
Maybe he's just doing a local Git and doesn't have these necessarily publicly

(15:46):
available, which I am a big fan of.
I don't know. I think he said he wasn't, but in the email, I just didn't put
that in the doc. But I might be wrong. All right. All right.
Well, if not, I would say, come on, history is great because it keeps track
of every single mistake or fix that you ever made to your configs.
And you can go back and look at them or have at least some peace of mind for rollbacks.

(16:07):
There's really little downside. You should use Git.
There you go.
Only took Chris, what, eight months to be convinced? But we're trying.
You had, again, again, I'm not the one you're, I'm not the one. I'm not.
If you bother to go with flakes and you don't go with gate, you're just like
totally losing out on half of the value proposition.
Oh, yeah.
There you go. Yeah, yeah, there you go. There you go. I do dig that on his systems,

(16:31):
he's using systemd boot. Didn't see that across all of the configs.
And, you know, I say have systemd do all the things, including boot the system.
So, well done, sir. You thought we'd be mean, but we were pretty impressed.
Yeah, well, you're going to want SystemD to do apps next, huh?
Yeah, SystemD app to you, buddy.
Looks like Shane is from Australia, too, so kudos.

(16:54):
Ephraim came in. He says, I'm not a Nix user, but I'm a GUX user.
I figured I'd send you my GUX config, which he did.
I've been a GUX user and contributor for about 10 years now.
And I have a small build farm at home, three RISC64 machines,
three ARCH64, AA ARCH64, so ARM64 machines, two iBook G4s.

(17:16):
Oh, that's fun. Those iBook G4s were fun.
And about an even mix of systems running GUX or GUX on top of Debian.
This this was in this i've seen basic guics examples before but this was some
guics wizardry and i really really appreciate the eframe sent this in because this gave me exposure,

(17:39):
to like somebody who knows what the hell they're doing with guics you know it
really helped me kind of understand it a bit better i.
Believe it's pronounced geeks um.
Yeah you're right you're right it is i'm sorry that's an old habit it is pronounced
geeks but you're right like.
We've I've seen it. I've been curious about it. I've tried a little bit, because it's like Nix.
They share a lot, except Nix rolled its own... Nix makes it super confusing

(18:03):
because you get Nix OS the OS. You get Nix packages the packages.
You get Nix as a build tool. And, of course, that build tool also decided that
they would ship with their own programming language the Nix language, or Nixlang.
Whereas Geeks used Scheme, which is a type of Lisp, as their language,
along with their own tooling and libraries and standard lib and all that kind

(18:24):
of stuff on top of it. So it's sort of like a...
A sibling in the Knicks family, if you will. But yeah, you're right.
Like I've never, I've not yet had the chance to really appreciate a fully used
Geeks config that wasn't just managing some packages.
Yeah. Yeah. And also across multiple architectures too. The,
you know, the Pine 64 is in here. The ARM system's in here.

(18:46):
Rock 64, I think. It's so cool. And I saw like he had a system in there for his kids.
It hasn't been updated for a
little bit, but he can pull in like these profiles and that's a neat idea.
Profiles for different systems there's.
Also i don't know if you noticed vm config that's kind of neat.
Yeah you.
Can see like there's some stuff in here to define an operating system with the
host name time zone like it looks the bootloader config a lot of this even though

(19:09):
the syntax is a little different it looks a lot like a nick system it's kind
of it's it's like living in a different parallel universe.
I was checking out his commit history and three weeks ago he had a really
interesting commit and uh it was
adapting mpv to always include
sponsor block so it's like pre-bundled into

(19:32):
mvv to have i maybe he's pulling down youtube streams
or something i don't know but it's an
interesting application of geeks here where you can sort of build this like
this and so looking through his commit history here it was pretty fascinating
to see that and also just like a great idea i just love that and it's pretty

(19:53):
powerful stuff lots of little things in there don't i mean he's managing some
of the stuff at a pretty intricate level,
Which seems like a little tedious to me, but the results seem to speak for themselves.
Well, it seems neat, too, because I don't know if there is a Home Manager quite
equivalent, but you can see, right, that came from the home.scm file.
And maybe I guess that's stuff that's built in. I see, like,

(20:15):
use module, GNU, home services.
Yeah.
But it kind of shows, like, clearly Geeks is pretty darn flexible,
because without, at least as far as I can tell, a giant system activation script,
you know they're they're managing like mpv's conf like all kinds of different,
conf files that probably you would have to use something like home manager or

(20:35):
a dot file manager or something on another system.
I see you two have decided that i'm the villain of this uh of this sequel it's.
Just good storytelling.
This is why you want to put your stuff up on github that way your buddies can
make funny all the time this is why you want to do it okay all right but very
well very well done very very thought out thank you for sending that in i don't

(20:57):
have a lot of comments um i do think it's interesting to kind of i have more
questions than i like i yeah.
Homework more to do really.
Yeah yeah yeah absolutely all right our next config confession comes from distro
stew and he says every time i have uh every time i have an alias you that updates
everything oh okay regardless of my package manager and i did it this way in

(21:17):
nix for a long time eventually started causing issues so now i've broken into
more granular aliases, check it out.
And he provides his config.
Distro Stu, look at you.
Yeah, look at his management commands here. He's got, and you know,
if you're going to do this, document it, which he has done.
So u-nixos pulls updates and applies to nixos configs. u-home pulls updates

(21:38):
for the home manager and applies to nix configs.
U-flatpack command updates the flatpacks on my desktop.
That's pretty great.
I've never done this. In all my years of Linux, I've never really got into aliasing.
I always hesitate because it's...
It's super convenient, obviously, for things that you run all the time.
But then if you're moving to a new system that doesn't have your aliases for

(22:01):
any reason, then will you forget how to do it the native way?
It's always a fear of mine, right? How do I update NixOS again? I forget.
That's why I don't do it. Okay, I got to give brownie points when I seize it.
We didn't rate the last one. I think the last one was probably a five. It was hard to rate.
But this always brings it up on my list. This is how you get a win with me.

(22:21):
And it's how to get started right here in the ReadMe.
A fresh system, copy these commands, run these commands, pull this in,
whatever it is, just go from blank system to my full setup.
When people have that and they've documented it, I'm giving it a W.
I mean, so you guys got to talk me out of this, but DistressDrew here, he got a lot of points.

(22:46):
I mean, that makes it at least a three and a half right there because he's got that.
I do like it. And he's got his own commands. He's got a flake system pulling
in some unstable goodness.
What do you think of the nesting? You know, like, Stu pointed us at the NixOS
stuff, but that's kind of only one subdir in this whole repo.
I mean, it does have its own readme. So I'm not trying to take away from that.

(23:09):
But there's a lot of others. I got, when I was looking through,
I kind of got lost just because there's a lot of other interesting stuff in this total config repo.
So props to you for that. Like, there's stuff here for devenv and for flocks
and like flatpack scripts.
So even outside of the Nix configs, Stu clearly has a lot of his computing life
automated and documented, which is pretty great.

(23:31):
Okay. I feel like that brings it up to a four.
Can we get distro Stu up to a five? Brent, do you have any thoughts on how we can do that?
Well, I'm seeing a couple things here. I'm seeing Disco being used.
I think that gets extra points. Setting up systems using Disco is...
On the expert side of things and definitely where things are going.

(23:52):
Also successfully navigated uh
there was there was a minute where some of the like the newer linux
kernel latest kernel kind of broke a small test
inside tailscale if you're building it anyway it
caused problems that you kind of had to do an override if you're on unstable uh
in nix i see that override which i think can now be removed so no there but

(24:14):
as a positive because you know you had to go find the issue and like copy the
code into an overlay and figure out where that goes in the config and like make
it work so sort of a good you know nicks in practice paper cuts edition and.
Like wes was saying you know stew has folders for hosts and modules and then
there's a folder a directory just for files and if you go into this files directory

(24:36):
it has just one thing and it's a sync thing ignore.txt and that's it he's like
he solved that problem once,
nicely done yeah and that's good you know like it for the max it doesn't sync
the .ds store crap and whatnot i did see speaking of max i did see that uh distro
stew has a nix config for an m series macbook which i'll link in the show notes

(24:58):
specifically if you out there are trying to get that working nice to see did.
You check more into sync thing.nix because there's i mean it's not just that
ignores thing like there's a lot going on.
No i should huh no i was just impressed with the ignores.
Yeah, go under configs, nixOS modules, syncthing.nix.
Yeah, I'm also seeing configs here for, well, it depends where you look.

(25:19):
If you look in the hosts folder, it's a little bit less, but I saw configs for
at least eight different hosts.
So that's really nice to see.
DistroStrew's getting himself a little mini fleet going.
Mm-hmm. A couple different architectures too, so nicely done.
Oh, yeah, and he's got, okay, this is a really cool syncthing.nix.

(25:40):
Fig he's got the different systems in here and their sync thing ids oh man this
is we should we should add that to the show notes that's a slick sync thing setup.
I thought you'd like that.
I think that brings it to a five.
Whoa.
Right?
So we're just doing like the DoorDash rating system today.

(26:00):
Yeah, I guess so.
He's also using HomeManager. Maybe you can get inspired here.
Bring it, Brent. I was actually hoping to see less HomeManager usage here.
Well, maybe we can like VibeCode something that converts HomeManager configs
into activation scripts or something.
Okay.

(26:21):
I just, you know what I want, really honestly would work for me,
if we could somehow have Markdown converted into Home Manager.
That, now we're talking, if I could just write the whole thing in Markdown.
You record a voice note on your phone and then that becomes your Home Manager config.
Even better, even better. Can we do that? I think, you know,
DistroStu, I think you did pretty well here.

(26:42):
Like Wes said, there is that tailscale overlay thing that you could probably fix now.
But that was a good catch on your part. so i guess that makes all of these five
out of fives it's the summer of it's the it's the fall i think the geeks.
One we technically have to use imaginary numbers it's like a whole separate axis definitely.
Negative four um 22 i don't know but yeah these are some pretty solid configs

(27:08):
minor stuff in there real minor stuff nice to see well done everyone now we're
gonna get into some tricky ones.
1password.com slash unplugged. Take the first steps to better security for your
team by securing credentials and protecting every application,

(27:30):
even the ones you don't know about.
Learn more at 1password.com slash unplugged. That's the number one password
and it's all lowercase unplugged right there.
You just go there and learn more because this is something that would have changed
the game for me when I was in IT.
If you're in IT, if maybe you're in security as well, Well, you know what a
mountain of different assets.
There's physical hardware. There's user identities. There's applications.

(27:53):
And it's a lot, and it's always growing. Well, you can conquer this continuously
growing mountain of security risk with 1Password extended access management.
This is a huge issue. You're not alone. This has been identified as a major problem out there.
And this is where 1Password is trying to make life better for both users, IT, and security.

(28:13):
And they have Trellica. This is something that can discover and secure access
to all of your apps, managed or unmanaged.
Trellica by 1Password inventories every app and usage of your company.
It has pre-populated app profiles so it can assess the different SaaS risks.
It'll let you know who has access to what. You can manage that.
You can optimize the spend. You can even enforce security best practices across

(28:35):
every applications your employees use.
And now you're going to know which ones they're using, even the shadow IT.
I also really appreciate this because I know so many companies struggle with
onboarding and offboarding employees.
You have a process that lasts for a little while.
This needs to be better. And this is an area where 1Password can help.
It can help you meet compliance goals.

(28:57):
It provides a complete solution for SaaS access governance. Trelica by 1Password
is just one of the ways that extended access management as an entire suite helps
teams strengthen compliance and security.
You know about their award-winning password manager. I use it. Family members use it.
It's trusted by millions of people. I was really thrilled when they came to Linux.
Businesses all over the world use it. This goes way beyond that.

(29:20):
They're securing more than just passwords with 1Password extended access management.
This is something that would make life easier for me, and I think it'll make life easier for you.
So take the first steps to better security for your team by securing credentials
and protecting every application, even the unmanaged ones.
You can learn more by supporting the show and going to 1password.com slash unplugged.

(29:40):
They have a video there you could watch.
That's the number 1password.com slash unplugged. All lowercase. Go learn more.
1password.com slash unplugged.
Join crowdhealth.com and use the promo code unplugged.
This is something that has changed my life and my wife's life.

(30:04):
As small business owners, both of us, we own our own business.
We have really struggled with
medical insurance and we just needed something that was a better deal.
And honestly, something that gave us some peace of mind. And it's open enrollment right now.
The season where all the health insurance companies will hope that you'll just
sign on the dotted line once again for what is just ridiculously priced premiums

(30:24):
and lots of confusing fine print where they're going to try to wiggle out of
helping you. That's what I've noticed at least.
You don't even take my word for it. Go trust yourself. Take control of your
future with CrowdHealth. It's a health care alternative for people who make their own decisions.
Don't play the insurance company's game. Go join CrowdHealth.
It's a community of people funding each other's medical bills directly.

(30:44):
No middlemen, no networks, no nonsense.
It's like you have a team of people that will negotiate with the hospital on your behalf.
And the process goes from feeling like you're just a number in a machine that's
just getting an output probably from, I would doubt, no day in LLM.
CrowdHealth makes it feel personal, direct, and like actions actually happening.

(31:07):
And they have a great app to walk through from the very beginning of the process
all the way to the end, both as you the contributor or somebody asking for a contribution.
This is CrowdHealth, the health insurance alternative, healthcare for under $100.
You get access to a team of health bill negotiators, low-cost prescriptions,
lab testing tools, as well as a database of low-cost, high-quality doctors that

(31:29):
have been vetted by the crowd health community.
And if something major happens, you pay the first $500 and then the crowd steps in to fund the rest.
This has been a mess. Health insurance has, it's just been years of a mess.
And the only way we're going to change it is in the market.
That's the only thing these people are going to pay attention to.
And crowd health is a group of people taking care of each other.

(31:50):
Don't stay stuck in the same overpriced, overcomplicated mess.
If it's not working for you, go somewhere else.
CrowdHealth members have saved over $40 million in healthcare expenses because
they refuse to overpay for healthcare.
Now's the time. Take your power back. Join CrowdHealth to get started for $99
for the first three months.
Use the promo code UNPLUGGED at joincrowdhealth.com. See why I've been using

(32:14):
it for over three years. Join crowdhealth.com promo code unplugged.
CrowdHealth is not insurance. Opt out and take your power back.
This is how we win. Join crowdhealth.com and promo code unplugged.
Last episode, we got a boost from our dear Olympia Mike sending in his Nixbook config.

(32:39):
He says here, hey guys, I'd love to get in on the roast my Nixconfig action.
This isn't my personal config, but the main Nix module for the Nixbook project
that I've been working on for nearly a year now.
Yeah, we have Nixbooks. Mike was very generous and gave us each a Nixbook,
which he has essentially taken on this role of refurbishing abandoned machines

(33:02):
and putting a Chrome OS-like experience based on NixOS onto these, hence the name Nixbook.
And he's actually getting quite a fleet, and he's become known in our local area for doing this.
And we call him Olympia Mike because he's from Olympia, Washington.
And so what he sent us in is the configuration he's deploying to all of these people out there.

(33:24):
And I don't know the exact number, but I know it's probably in the low hundreds.
So it's quite a bit of people and it's growing all the time.
When I check in with them, I always hear about more people that are deploying
it or I see something on his social.
So I was really looking forward to digging through Ollie Mike's next book set up.
I'll start with what I liked and I'd like to hear from you gentlemen.
I do have a few ideas, but I'll start with what I liked.

(33:48):
He's got an auto update system in here and I'm a big fan of if you're deploying
these systems in a way where you can roll back if something goes wrong,
build them to update take some precautions which I'll get into later but I love
that he has that forward thinking kind of approach to managing these systems now.
I think if I would just add to that some sort of more air catching,

(34:12):
maybe an auto stop or rollback, you know, like if somebody, for example,
would be because I've had this happen to me.
If I'm doing an update and I lose my internet connection, it kind of just gets
stuck in like this no man's own loop, right?
So some stuff around that kind of catching errors with the updates or maybe
like the checkout didn't work completely or something like that,

(34:32):
I think would make that even a little bit better of a system just from the short
experience I had with it. but I like it a lot.
One thing I always hesitate with,
With auto-updating systems is, considering my crazy lifestyle,
I'm often on a network that I don't necessarily want to pull down a ton of data.
Yeah.
So a little notification, I don't know, five minutes before saying,

(34:53):
hey, five minutes from now we're going to do this. And a little,
like, please no button would be really nice for my lifestyle.
I don't know how easy or hard that is, but I'll just throw that out as a feature request.
You know, what's funny is in my initial notes, I had like a little on-screen
display that says your system's going to get updated.
And I thought, I put myself in Mike's shoes for a second, and I thought,

(35:15):
I bet he doesn't even want them thinking about it.
He just wants it like a Chromebook, just all updating in the background.
That's a great point.
I don't know, Brent. What do you think about switching to a Knicks book for a while?
Because just given the bug field and exactly what you were just saying,
this might be the fastest way to get some great feedback possible.

(35:35):
There you go i like that.
Idea you know when mike gave us these he specifically said hey
brent please try to break this and give me some feedback so
i do have one of these nick's books on some
refurbished hardware that he provided us um right
above my head here in the van in the cupboard it's been the dedicated like
van laptop of course when

(35:56):
i do podcasting in here i actually have my main system but
as like a pull it out and just use it for a quick thing
i have been using index book for i guess
it's like four or five months now i don't use it that
often but it's been doing what it
needs to every once in a while when i pull it out but i am going for the long
term review so i think so far been okay haven't run into any huge massive bugs

(36:21):
there is that hesitation i mentioned about the auto updating when i'm on like
sketchy networks so i tend to I only want to do that when I'm connected to, like,
a grid network or something like that. But otherwise, it's been okay.
I got an idea about this. And I don't know, Wes, if this is...
I think this is possible. So when I set up auto-update for my kids' systems

(36:41):
for, like, five minutes, I considered...
Like a bandwidth limiter of some kind, like a way to say, don't use more than
X, you know, megabits or, or whatever.
I don't know if it was possible because I never, like I said,
I just looked into it for five minutes.
Could that be something that would be achievable? Would that have to be its
own separate update script?

(37:02):
Yeah i mean you'd have to make sure that you like you
could definitely apply that kind of stuff with traffic control or other
setups on linux you just i think the sandboxing be would be what you need to
make sure because if you're using like multi-user nix then you're actually just
talking to a demon that wouldn't be running under your sandbox unless you specifically
config you know or like so i think it might be kind of tricky if you didn't
want to apply that rate limiting globally there.

(37:26):
Is a way to indicate networks.
True yeah you could like not do it if you can sort of detect the metadata from the system.
Am I on Wi-Fi or do I do a speed test or check what ISP you're on or the actual
system metadata, depending on how good that is.
Okay, I have a couple of suggestions. I want to bounce off you guys.

(37:50):
I don't know if this is creepy, but let's say Olly Mike has a fleet size of 200.
And these are, I'm just guessing on numbers, but these are almost exclusively
people that are using it for word processing, web browsing, email,
you know, tasks that are refurbished like Dell would be perfect for.

(38:11):
And I wonder, is it creepy? I think you'd have to get user permission.
But is there a space here for some kind of monitoring
like so you know which systems haven't been
updated in x amount of days or maybe monitor rollbacks in the log and see which
if anybody's having to roll back which would maybe indicate a problem is that

(38:32):
what do you think i just think when when you're at five systems ten systems
no big deal when you're at 200 systems,
and you're doing channel-based updates,
I don't know, it's like, feels like you might want some kind of observation on how that all is going.
What do you think? Is there a way to do that that isn't creepy?

(38:56):
Hmm. Yeah, I mean, as long as you're upfront about it, and maybe you provide a way to disable it.
I do like the idea, like, you get little pings home as auto-updates or reboots
or stuff become successful.
But that said, I don't know what the support, does that create more of,
like, an onus on support when you're kind of just like, look,

(39:16):
I'm doing my best and I'm putting these out there, but hey, don't call me.
I don't know what the.
Level of personal support mike wants to be putting out or would you just use
it as like development metrics for like oh boy that last one didn't go well
i might need to tell folks.
Yeah that's what i was wondering is
like does mike develop this into a business one day i mean
if you get enough users you could and then maybe

(39:38):
you do want observation you know you want some sort
of monitoring um and i
also think feature flags because as
you get more users you just you just collect all these edge cases
and so you might want a really simple way like one file somebody can go into
on their system and just disable certain features like maybe auto updates or

(40:00):
flat packs or whatever like some some simple way for them to go in and just
say on this system we don't want auto updates for some reason,
Um, cause you're always going to have these edge cases. So I think that could be useful.
Or, you know, you just accept that Mac and windows update whenever they want. So we get to, too.
Uh, maybe. Okay. But the elephant in the room and he said it when he wrote in,

(40:22):
uh, is that he's using channels, which means everything he's putting out there
is hard coded to a specific version of Nix OS.
In this case, 2505, which came out in May, obviously.
And those do have end of life dates. So the fleet has to be migrated to the next channel.
And that's kind of like doing a Fedora distro upgrade or a Debian distro upgrade in some senses.

(40:44):
It can be a larger set of changes than a standard update.
And I wonder, Wes, if this doesn't
call for a solution where is Mike maybe sitting in front of that stuff?
Like if he's not going to do a flake, how could he better handle a channel-based
system? Or is it just use Flakes?

(41:05):
Yeah, I'm not the person to ask. I don't use channels at all.
No, I mean, I think it does mean you have more, you know, imperative stuff to manage on the machine.
I do think you could get where you want to go eventually with Flakes and probably
ultimately have a better time.
I think you can kind of tell there's a lot here.
I mean, if you just look around in this repo, right, there's a lot of different.
There's update.sh, there's install.sh.

(41:28):
And within the config, there's a lot of different scripts kind of like keeping everything together.
But that you are going to do more of that composition locally
with the channel because it isn't as hermetically tied
together as a flake does probably mean you know
mike's got to make sure he's got plenty of good test machines ready to
go to like verify that everything that is possible and maybe it's more complicated

(41:49):
if you do have too many of those feature flags like make sure all versions of
your config are going to successfully be able to build with the updated channel
and then like how do you stage that rollout is it just one push that you do
do you some people get it before others all that kind of stuff.
Yeah, staged rollouts could be helpful, too. You know, if you have a particular group of savvy users.

(42:10):
But I don't know if there's any, like, plumbing in here for,
you know, that's a lot more stuff to...
I didn't see it. But I'm suggesting maybe it should be added.
One thing Mike could look at, there's a lot of, like I was mentioning, a lot of scripts in here.
You may or may not want this, but you're using packages.writeScript, which is great.
There is also write shell application, which kind of just does,

(42:33):
like, a little more stuff.
Like in particular, there's one of these scripts in here where Mike is manually
setting like a bunch of path stuff and exports and bash set dash EU.
And if you use write shell application, it kind of sets some decent bash stuff for you.
And it even runs shell check automatically to like make sure you're not doing
anything bad or half broken in a bash script for you.

(42:56):
Well, now you tell me.
It's not always what you want, right? Sometimes you want something more minimal
and that might be what's going on here. I'm not trying to say he's doing anything
wrong or anything, more just say, hey, this exists if it is more convenient for you.
I do like, though, like, I don't know if you noticed, like, okay,
we're installing some stuff, but we're even taking the time to make a extra
little desktop icon and desktop item for Zoom so that it,

(43:18):
like, it can, I guess it's installed by a flat pack, but this makes sure that
you get, like, a nice little Nix native integration for it, which is a nice touch.
You can actually declare that .desktop file. You don't actually have to have
a bash script creating that .desktop file.
Oh, it is. It's not a bash script. It's like a Nix native.
Oh, okay. Okay. All right. I thought you were saying it was a bash script.
All right. That's pretty good, then.
I'm feeling pretty good. Brent, how are you feeling going over this?

(43:41):
I mean, it looks great. It's evolved quite a bit since the last time I looked
at this quite several months ago.
One thing I'm noticing that I didn't notice before is another script,
of course, but this one's called Power Wash. Have you seen this one?
Yeah.
I think it does exactly what you probably think it does, which is just cleans
that system in every way you could think.
But he's making some, like, custom directories here and just kind of bringing

(44:05):
the system back to an original factory state.
And that might be nice for this kind of system because it could get passed from
one user to another as people are done with the system.
And they think, wow, this was great for me. I could give it to,
I don't know, my granddaughter or a friend, something like that. So good thinking there.
I'm sure he uses it when he's setting these things up quite a lot.

(44:28):
I would like Mike to write back in and tell us where this goes in two years.
Because if you think about maybe a little bit of metrics or observability and
if you were to build a sprinkle of flakes and you were to build a little bit
of support services around this,
a guy could have a pretty good second income stream. Yeah.

(44:52):
Obviously, they're a sponsor of the show, but I almost wonder if this wouldn't
be the perfect use case for Nebula to provide the back end securely in a way
that wouldn't be too hard to manage.
And you could provide through that all of the things I just talked about,
the observability, the monitoring, but you could also offer secure backups,
assuming you wanted to get into this.

(45:12):
You could offer more proactive monitoring if you wanted to get into that.
And you could even offer like a NextCloud quote unquote secure storage that
never touches the public Internet.
You know, it goes from their machine over Nebula to your hosted infrastructure.
I don't know if you ever want to take it that direction, but I feel like when
you're getting to this amount of systems, you're going to have people that their
work depends on this and they might actually be looking for that kind of support.

(45:36):
I'm a little concerned about the channel stuff. I will just be honest with you.
I just think that's going to be tricky. And then if you combine that without
kind of staged rollouts or the observability of failed updates,
that to me is hard to make it a five out of five, even though I love this idea,
a five out of five, I'm, I'm leaning for, but I could be talked out of it if

(46:00):
the committee has a different opinion.
No, I think four is reasonable. Also, we've got cinnamon, but there's no hyperland
option. So I don't think it's ready for you to use it. So that's probably where
some of your motivations coming from.
It's such a cool project, though.
Oh, it really is. And you can tell how scrappy and just, like,
how far Mike has gotten this to work, how reliable it seems to be.

(46:22):
I mean, like, and really, if you look at it, right, like, it's not even 300
lines of stuff in this file.
Like, it's not super complicated. It's not a crazy thing to try to maintain. I'm very impressed.
Well done. All right. So, Radek comes in with his configuration.
He says it's a complete production-ready Nix OS configuration for self-hosting
20-plus services with enterprise-grade security, automated backups,

(46:45):
and zero-trust networking.
Perfect for home lab enthusiasts, privacy-conscious users, and anyone wanting
to self-host their digital life with minimal maintenance.
Disclaimer, the entire project was Vibe-engineered.
Well, one way you can tell, I don't know if it's better or worse than the one you have in YouR Repo.

(47:06):
Oh, here we go.
Well, I don't know if you noticed, there's a file in here that almost looks like a command.
Yeah, I love that. That's a good sign.
Yeah.
That Udo one there, Udo-U Postgres.
I think it might have been sudo to start with, but...
Yeah.
Yeah.
Yeah. Yeah. That's good stuff. That was just yesterday, too.
So that's easily two stars just right there for that.

(47:26):
Oh, okay.
No, no, I don't. I mean, in a good way. I'm going like adding stars on,
right? That's the baseline.
All right. Okay. I mean, let's talk about what's going on here.
Holy crap. 20 plus services. He's not kidding.
And I see some of my favorites in there, my favorite RARs and my Jellyfin.
I love what I'm seeing there. He's got an architecture diagram.
Oh, yeah. He's pulling in Azure for backups and DNS management to handle all of that.

(47:52):
And I believe, I'm not positive, but I'd like your eyes on this, Wes.
I think instead of installing Postgres like 20 times and Redis 10 times,
he's got one instance of Postgres and one instance of Redis.
And then everything's configured to use...
Which is something you don't often see on people's Docker home labs.
You'll often see five copies of Postgres running on somebody's system,

(48:14):
and he solved that problem.
It does make it a central point of failure, obviously.
Yeah, pros and cons, but you don't actually need separate servers depending on what you're doing.
So my man, I like that.
Yeah, there's a lot of stuff in here.
He's got weekly automatic backups, which is really great.
I would challenge him to consider adding file system snapshots before his automatic

(48:40):
updates and, you know, just have an extra or maybe kick off his automatic because
he has automated backups.
Maybe run that job right before you do your automatic updates.
So that way you have a really nice, fresh point in time if something does go wrong.
I'm impressed. The integration with SOPs, especially for a vibe coded setup.
You know like getting i think getting secrets tying that together uh not leaking

(49:05):
secrets into your repo that's yeah that is all stuff that takes time and fiddling
and fuss to really validate he's.
So he's got the r stack broken out audio bookshelf you know every major service
like next cloud and jellyfin and image are all broken out into their own nix file.
A pretty pragmatic balancing here of native nix os services as well as a lot

(49:25):
of containers right so like here's um SearchXNG and OpenWebUI,
both running as OCI containers,
which is great because I think sometimes it's easy to forget that,
you know, you don't have to, you can pick and choose.
Like, use the Nix module if you want, run it in a container,
either, you know, imperatively or declaratively. It all works great. So do what works for you.

(49:46):
I may be aping some of this R stack. This is looking really good.
I do like to see all of this.
Like, I don't know if this was a deliberate choice or not, but,
for instance, image is being run as a container, not through the module.
Yeah. Yeah.
Yeah, I wonder, and I bet you that is. I wonder if there's any hardware acceleration issues there.
Probably not. I'm sure he's probably safe. Solve that.

(50:08):
I would say, like, if you wanted, like, to unlock, like, the next level of cool
for this setup would be automated restore testing into, like,
a, you know, a stupid container or a throwaway VM.
Because you're doing the automated backups.
How do you know they work? Wouldn't that be something if you could vibe that
up where once a month or something, you do a restore from your last backup?

(50:31):
Oh, that'd be killer.
And see if it actually works. Because that's, I love that you have all this.
I verified you're backing up your app data.
I'm pretty sure. I assume you're backing up your Postgres and your Redis.
I would imagine if you're running 20 databases on those things.
I didn't see you ever testing it. And that could be something you're doing manually, obviously.
But why not give a shot at automating that? You're so close.

(50:52):
You're so close with everything.
I don't want to do like grading on a curve, but for a vibe set up,
This is pretty top-notch for a vibe setup.
There's another one we're going to see in this category as we go on here.
And, you know, just with our recent episodes and everything else,
it does, boy, are we at a point for vibing with Nix OS.

(51:13):
It's really come a long way, which is great. I mean, it's just a superpower.
I will say you might consider getting your vibe tool to add an auto-formatter.
I notice nothing crazy, but just like in your flake, there's some stuff where
some of the indentation and stuff, which doesn't break anything because it's
nix not python or yaml or whatever but should be something easy for it to do
to be able to you know easily format and keep everything looking pretty for you and.

(51:36):
I also think this is why i'm not sure i want to give it a five out of five because
i think there might be some dock drift which is really easy when you're moving,
i do like your architecture diagram though oh this is a really tough one this is really.
Yeah that is one thing you kind of have to balance too is it's really easy to
get the llm to spew out a lot of the docs but.
Then they drift.
Keeping them keeping them up to date is a whole other challenge and so sort

(51:59):
of like which ones are essential for like i really do want this and this is
going to help me continue to build and which of these are like just dead weight
that i ultimately got to carry around and i could rediscover easily yeah.
I think he's got like some code examples that reference like old versions of
stuff in there i mean there's just a little bit of drift so i don't know if
it's a five out of five but i feel like it could be a four out of five again
i mean we're being pretty generous i i don't know i think some people would knock it down.

(52:24):
Yeah, we'll give Claude one star, and then the rest of the config gets four.
Okay. All right. There you go. There you go. But better than I would have thought.
I got to say, Reddick, better than I would have thought.
Well done. And nicely done on focusing on a home lab with all of the essential
great home lab services.

(52:44):
Somebody listening, even if you're not interested in deploying all of this,
you might want to just look through his config and get some ideas for some great home lab services.
They're really good. All right. We're about to round it out.
And one of our last ones comes from Brandon W.
He says, I've slowly been migrating my computing life to declarative configurations.
As part of that, I've switched my Mac to Nix Darwin, as well as my Homelab to

(53:07):
Docker Compose and Nix OS.
I just finished Nix OS this weekend on two of the four hosts and only locked
myself out of SSH three times.
Hey, under five. I've done. See? Star for that. Boom.
Star for that. All right. All right. I wanted to send in my infra repo and my
Nix Darwin configs for the config confessions.

(53:30):
I'm most proud of my HomeLab deployment system using Ansible playbooks,
1Password for secrets, Just, GitHub actions, and the Renovate bot for updates.
Any suggestions would be appreciated, and howdy's from Texas.
So yeah, he sent us two configs, the HomeLab and the Mac. So why don't we start
with looking at the old HomeLab?
I do like that. He's broken them out like that.

(53:52):
Also, he was committing as of this morning when I was checking in on this.
Inactive development. I love that.
He's got his hosts broken out here. He's got an explanation of his tail scale
and Ansible setup and secrets management.
I don't see a quick getting started, but this is pretty solid documentation.
You know, description of the home lab systems, the Linode. And I do like this.

(54:14):
So this is winning a point with me.
He's running a Linode exit node to forward certain critical,
as he puts it, mission critical data through this Linode exit node.
Love seeing that setup. That's worked really well for us too.
Yeah, you can tell there's a lot. i like seeing a polygot repo
like this right like there's a lot of stuff working together there's obviously
nick stuff that we'll be taking a look at but also as you mentioned right we've

(54:38):
got ansible playbooks and part of what that's doing is deploying a bunch of
composed yaml files that are also in here that look really nice i mean yeah
pretty well you know traffic uptemp kuma,
portainer uh we got bind running like there's just there's a lot of serious
networking thought that has gone into this, which is great.

(54:58):
I think you hear that, Brandon. I think he's impressed. I think he likes it.
I love seeing Image in there.
Docker with traffic and using tags, it looks like.
Did you notice that there's two separate domains that get routed with custom
split DNS servers? There's a personal services one and the family one.
He's got the split brain DNS.

(55:19):
Fancy.
But the good kind.
I have an observation and question here. In the NixOS folder,
I'm seeing a hardware configuration.nix.
It was under my impression that you generally didn't want to version track that
because it's being created.
On each system independently.
What are your thoughts on that, Wes?

(55:40):
I mean, you can recreate it. I think
if you do track it, there's nothing necessarily wrong with tracking it.
You just need to know that, like only deploy it to the ones that are relevant
and then it's on you to make sure that you update it if you are actually changing
something with your hardware.
Mm, fair enough.
All right, so where Brandon scores a W with me is on the Mac stuff, surprisingly.

(56:03):
He's got a command to get started right at the top of the readme.
You know, so you get a new Mac or you reinstall macOS, you're not spending 10
minutes, you're copying and pasting.
That's a W. I know this is how it works on macOS, but it's just funny to me
to see brew defined by Nix.
You know, it's funny. But then what was even crazier to me was to see the Mac apps.

(56:24):
I'm going to link this in the show notes specifically if people want to see
this because it's just bonkers to see Mac apps getting installed by Nix.
Chromium, Discord, Spark, Notion.
Spotify, Visual Studio Code, Xcode. Huh, you can install Xcode with Nix.
Would you even believe it? So that to me is the first time I've ever actually seen that.

(56:48):
I know people, like our buddy Alex does this, but I never really dug through the config.
It is pretty great what you can do.
You can disable the DS stores.
Yeah, right. It's one of those things where it's like, boy, I hope I don't need
to do this again, but it is probably exactly what I would end up doing where
I forced back onto that platform.
So it's great having these in our tool chest to pull from in the future also.

(57:09):
I'm amazed Mac OS lets you do some of this. You can set keybinds through Nix
in macOS. You can set macOS keybinds.
What a world. Talk about making the Mac way more manageable.
So that, to me, brought this up a couple of points right there because it's well done.
He's got the quick get started stuff. You know how I love that.

(57:32):
Overall, it's the most interesting in that it's x86, it's M-Series Mac,
it's Ansible, it's Nix, and it's Docker Compose.
In all in one, and yet it seemingly is working really well together,
and he's got not only individual workstations, but he's got a home lab setup out of it, too.

(57:52):
So it sucks. I say one star.
Too much non-mix, negative points.
Right.
We're going to actually ask, we're going to flag this at GitHub so they can delete it for us.
Bro, was it even vibes? Bro, you know.
Yeah, thoughtful, long-term development and use.
Yeah, yeah. Yeah. Was committed. You were still working on it this morning as

(58:13):
we're prepping the show.
Okay. So I think when you think of it's a five out of five, I think this is a five out of five.
So this is our first five out of five for the second segment,
but I think, I think it's fair. It goes to Brandon.
It's really neat. It's really neat to see the home lab and the Mac all broken
out using, you know, some of our favorite apps, some of our favorite technology stacks.
Well done, sir. Five out of five.

(58:36):
All right, gentlemen, and our last config confession came in just last night
from Bearded Tech, and he has Vibe-coded a NixOS router.
He says it's a declarative NixOS configuration that transforms a standard PC
into a full-featured network router with integrated secrets management.
And it has multiple WAN types. It supports, obviously, being a DHCP server.

(58:58):
It can be a PPOE server if you need.
It also has PPTP support, LAN bridging to combine multiple Ethernet ports into
one network. It has a DNS server, DHCP, obviously a firewall with NAT support,
and then in their port 40, and like he said, secret management as well.
But the thing that is really impressive is Bearded Tech has made this so approachable

(59:20):
for anybody that just wants to take a PC and turn it into a NixOS router.
He did the right thing, and he just put a curl right into Pseudo Bash in the
quick start, and you can just get rocking. And you know how we,
you know, always suggest you do that. Of course, I'm being ironic.
But if you trust the person, he does actually tell you everything it's going to do in there.

(59:40):
But you boot from the NixOS installer and then you just run this command.
And it does everything else. And then the other thing he thought of,
because this is how it is in router life, is if you come back to one of these
boxes you've deployed two years down the road and it's all decrepit and out
of date, he's got a quick refresher command.
And you, again, slam that thing right into sudo bash and you've got a completely

(01:00:05):
refreshed router. Good to go again.
He's got documentation for the individual setup guide, router config,
secrets management, troubleshooting the development.
He tells you what you need. I mean, this is top notch.
This is really a great idea, especially because I want to run a Nix OS router here at the studio.
How do you feel about a vibe coded router though, Chris?

(01:00:27):
Yeah.
I don't love that idea. I mean, if it builds and it routes the packets,
well, it's not like he's going to vibe like a backdoor into it, right? I mean, it's how.
Do you know?
I mean, it is one of those things that you can test it, right?
Like, you know if you break it because your packets don't route anymore.

(01:00:50):
To the extent that you can easily test all the stuff that your router is doing,
I think it makes a pretty good use case in that sense.
I don't think I see any like crazy routing stuff in terms of like custom IP
tables or NF tables or anything like that.
But I do see like PPOE going on and some bridges being configured.

(01:01:10):
There's some nice stuff in here like router config.nix, which is just a declarative
file describing the networking. I like that a lot.
You might consider because if I've coded one, just impressive speed,
I think it started on the 7th with the initial commit.
It's the 9th as we record, and there's already been like 50-some commits or something.

(01:01:32):
Although, if you're getting Vibe commits, they're kind of verbose.
You might tweak your setup to follow conventional commit standards if you like that one,
or just at least have a quick summary single line and then put more of the detail
below just to sort of match what a lot of Git software thinks but that's like a minor minor nitpick.

(01:01:53):
I was it was one of mine too it was kind of annoying looking through the and
i know this problem you know they are very like just exactly what west said
so i kind of agree on that and it was sort of a bit much there.
It is nice so there's like a dev shell there's a formatter got sops going in
here for secrets which is very forward thinking.
I noticed that he recently swapped out Tectitium for Blocky DNS.

(01:02:18):
I'd be curious to know more about that.
Yeah, I would be curious to hear how that's working for you,
which things you like or don't like about either one of them.
I've looked at Blocky a little bit, although I've never actually really tried
it, except like briefly.
I do like that it has a lot of metrics built in, though.
Yeah, and I know it also has some ad blocking and malware built in and stuff like that, too.

(01:02:39):
So that's all pretty good. I don't love the way the commits.
The other thing that I would love to see is I don't know how you would not pick favorites here.
The VPN options are pretty 1997. You know, it's like this is,
I was doing PPOE connections literally like on NT4 boxes.

(01:03:01):
Not that people don't use them. I'm not saying they don't. I would also love
to see some more modern options built in, you know, tail scale or a Nebula or
what I would really love is some way for the user to pick.
And then you just get that. Like maybe you're a network person.
Maybe you're a Nebula person. And then you just go in and you say,
I'm a Nebula person. And then it sets up with Nebula or whatever.
Because the VPN options are, I'm never using that stuff in 2025 if I'm setting up a new router.

(01:03:27):
If I am going into an organization that has a historic setup,
maybe you might even call it tech debt, I can understand why they're doing it.
But if I'm installing a Vibe-coded Nix OS router on my PC at home,
I don't want to use PPPoE or PPTP, right? So that's just one thing I would add, maybe.

(01:03:49):
I'd love to see some backups built into this too i think backups could be really good,
um i mean but for like you said wes i going from zero to actual functional system
in a couple of days and to have the quick start on just a you know you boot
off of the nix os live system and run this script oh when you come back in a

(01:04:09):
couple of years run this script to refresh it assuming that works,
That's great. That's exactly what you want with this kind of stuff.
I do like that, too, as a, you know, oh, no, that box died. Well,
thankfully, I just run the script, clone things down.
I've got my router back in, you know, 10 minutes instead of a couple of hours.
All right, gentlemen, should we allow a last-minute contender in?

(01:04:30):
Let's do it.
Okay, all right. We've got to give Bearded Tech a score before we move on.
And I'm going for, can we do points? I feel like a 3.5 or a 4.
It's really close, though.
I think four because there's some fancy scripts in here.
All right. All right. All right, Brent, tell us about our last-minute contender

(01:04:53):
that came in live on the show.
Yes, we have someone in the Matrix chat, D-Drill, who said, oh,
I got a config. Maybe you guys can have a look at this one.
So this has been a totally fresh config for all of us. So I think we should dive in.
Coming in fresh. first thing I'm noticing just right off the top well we got

(01:05:16):
some systems here but I like the systems are broken into two categories do you
see this Wes? you see these two categories of systems here?
You got the Nix OS systems and then you have the systems that still need to
be Nix there's nothing else,
that's pretty good and you got the structure in here and all of that I'm also

(01:05:36):
noticing just a couple of things is pretty recent commits,
As of 29 minutes ago, actually, that's what are you are you listening to the show or not?
It's so organized.
I am.
He's in the mumble room. So you're in the mumble room.
Do you want to just tour us through here?
Yeah. Tell us about your system. Yeah. Why not?

(01:05:58):
Sure. So the most recent commits there, I made a quick read me update and flake lock action update.
So if you basically jump back to the root, I essentially have things broken out.
I attempted to recently do a major refactoring and make things a lot more modulized,

(01:06:22):
modularized, however you say it.
Right.
But basically, I got hosts. Right now, I'm purely running NixOS.
I don't have any Macs. But...
Basically, in the host, under NixOS, I have the different configs.
I have a couple special... Actually, if you want to look at the modules,
there is a host spec module that I have borrowed from someone else I found online

(01:06:48):
and then tweaked it to my own needs.
I want to say it's actually right in the root there.
Yeah, this host spec.nix there, huh?
Yeah, so basically that creates a host spec and then creates just a bunch of
variables that you can call throughout.
This file is actually imported within
each host so i can reuse a lot of the same variables without messing up any

(01:07:09):
other hosts itself but starts off just with some basic specifying primary username
a secondary username it's basically just myself and then a couple of the systems
are also used by my wife gotta.
Make sure you get a llama installed i see that.
You know i have a couple you know i break it down if it's a workstation it adds
a desktop interface to it if it's gaming it does another layer on top of that

(01:07:31):
um couple services specified there i.
Really like this i mean i'm coming in fresh but what i'm seeing i really like
the way you have the modules workstation laid out the audio.nix the bluetooth.nix
the fonts.nix nvidia.nix this is really well structured.
Quite a lot of helpers here in the just file too like it shows you're you're

(01:07:53):
definitely using this stuff and maintaining it and you've you've got commands
that you actually need to run and have helpfully stashed them away, which is nice.
Yeah, I borrowed that off from someone else. And honestly, I need to go through
it and use it a lot more because I really don't use just the way that I should.
I was curious about one of these here. I'm not sure if you're using it currently,
but you have a just command for creating an ISO.

(01:08:16):
It says build an ISO image for installing new systems and create a sim link
for QEMU usage. Is that something you're using actively? And if so, how'd it go?
I have not built that in yet. So that was actually a carryover.
I've got to give credit to Emergent Mind.
On that because that's part of what i had ripped off of him so it's an intention

(01:08:38):
that i plan on going uh basically building a minimal iso that i can use for spinning up new systems,
it'll already have some of the basic tools that i want in it rather than having
to use the customer installer all the time because realistically with the with
nyx if you have a config all you to do is get into a system that has nix on

(01:08:58):
it whether it be a minimal iso or whatever grab your flaco to github and let it build yeah.
Yeah exactly right well good the fact that you haven't used everything makes
this like a real person's config because before it was almost suspiciously good so yeah.
Yeah yeah okay and the raspberry pi that's on the to-do list for 2016 huh.

(01:09:20):
From 2016 yeah.
So I'm noticing. So not done?
Well, it's my Raspberry Pi 3. I have my 4 already Nixified.
So it's just a matter of actually going down in the basement,
grabbing it, and putting the image on the SD card, which sounds simple enough, but it's a timing.

(01:09:41):
No, no. I've got a couple from 2016. I'm going to get this running,
too, on my project list. So I totally understand.
But I feel like this is a top-tier setup. up even if it's not fully implemented
it's well done it's well thought out it's well structured i mean do we have
a reason not to give this a five
out of five i defer to the committee but that's the way i'm inclined i.

(01:10:03):
Thought we were going six.
Oh whoa can we do that.
For you know for the very last one i think we have to.
Brent you'd have to co-sign i.
Mean are there even rules at this contest i say go for it.
All right there we go six out of five i don't know how that's possible.
If you want to take a look at that lib, one of the cool things that I saw on

(01:10:27):
someone else's config and borrowed is actually an importing method for those files.
Okay.
So without being able to rip through it often enough.
So I actually have in there, I have a relative to root, I have a scan paths
and a recursively import that I just recently did.
I haven't built that out yet to actually utilize it in many places.

(01:10:50):
But the scan paths or the relative to root is realistically kind of one of the key pieces I use.
So if you actually go back into the modules and look at any of those default
files, I'm sorry, those actually all use the scan path.
So I'm not actually specifying all of those files by default. I'm specifying.

(01:11:11):
So, I mean, even that default nix there, I'm pretty sure has it in.
But when I'm importing, I'm basically doing a one line importer.
Yeah third line or line 11
out of there scan paths dot so and then that function has built into it filtering
out to directories and dot nix files and then within each directory has a default

(01:11:31):
dot nix that would run the same scan paths file again or line again and it would
import all of the files that are adjacent to that that.
Is great so you've got custom nix lib that see i stand by my six out of five for sure.
All right.
I mean, I figured if you were going to give me a six, I had to,
you know, throw some extra little.

(01:11:52):
You know. Well, and you know what? You didn't even, because we were impressed
so much, you didn't even get docked for missing the deadline,
which we didn't really set a deadline.
I was going to say, I sent it, I technically sent it in Friday night.
Oh, okay. Oh, okay.
All right. Through the Linux Unplugged website.
I see. I see how it is. All right. Well done. And we will link to these configs
in the show notes if you want to get some ideas for yourself.

(01:12:19):
Unraid.net slash unplugged. You want to build your dream server?
Well, Unraid 7.2 makes it easier than ever. The new 7.2.0 stable is here.
I've been telling you it's going to be a good one.
Fully responsive web GUI, and Unraid now works beautifully across all your devices.
You got your phones, you got your tablets, you got your desktop.
Picture it. You're sitting there with your tablet on your couch managing your ZFS RAID, right?

(01:12:43):
Like, I love that they're working on this stuff. And they didn't ask me to say this.
So, so thrilled to see them roll out this open API.
It's officially here. It's open source. It's fully integrated,
secure, programmable access to your Unraid box.
People are already using this in the community to build dashboards and automation.

(01:13:06):
External apps are going to be able to use this. And there's even going to be
ways to pipe into external authentication, like OIDC and stuff like that.
You know, you're O-Dykes. That's not how you say it. Don't say it like that.
Also, I believe in 7.20, checking my notes here, it looks like ZFS RAID Z expansion
support, boom, is here. That's great to see.
You can now grow your ZFS, or some say ZFS, pools without having to start over.

(01:13:32):
Unraid 7.2 also introduces support for extended 2, 3, 4, and your NTFS and extended FAT.
You know, the NTFS thing is nice, right? You got an old disk laying around with
some family data on it. I do, actually.
Grandpa's photos. Grandpa's photos are on NTFS. So I'm really happy to see Unraid support that.
This is what's so nice is they just keep iterating on this.

(01:13:53):
They've already had 25,000 downloads of Unraid 7.2. So that's the other thing
is people are trying this, testing this, building on this. It's a really great community.
Go unleash your hardware. Use what you've got today. Build your dream system.
Take advantage of the applications we talk about. Their community store is packed.
And get a free 30-day trial at unraid.net slash unplugged. It's the OS that grows with your skills.

(01:14:17):
Unraid 7.2 with that new API, new responsive web UI. And now we can get Grampus photos.
Unraid.net slash unplugged.
Well we have a boost here it is a live boost and it is also a live baller boost,

(01:14:42):
now derivation dingus sent in a live boost for 100 000 sats oh.
Are you serious,
all right thank.
You that's great derivation says here i boosted in asking for this episode last

(01:15:03):
time but um episode two landed on my anniversary weekend and while i've been
making big changes to my configs i just ran out of time to send my config in
this time so i'm listening live and loving it while doing my Sunday chores.
And please consider this boost a request for Config Convessions episode three.

(01:15:24):
Okay. Well, we'll have to get a few plus ones on that because,
you know, we have to space it out too, but sorry you couldn't make it.
That's great. Really appreciate the boost.
But, uh, you know, you get at least a one or two stars for having your,
your life priorities, uh, properly in order.
Listen to live and boosting really brought up the average for this episode because
we were kind of lagging for this episode too. So it made a big difference.
Yes, happy anniversary.

(01:15:44):
I meant being able to resist just messing with their next config and paying
attention to their spouse and chores. Like, that's pretty impressive.
Oh, okay. All right. I thought you meant he was listening to us, which is...
Ah, that too, though. Yeah, you're right.
That too. Thank you for that baller boost. Nykoff comes in with 22,222 sats. That's a big old McDuck.

(01:16:05):
No message, just value, though, which we appreciate. Thank you very much, Nykoff.
Turd Ferguson comes in with 21,000 sats.
I have no config to send in. You see, boys, where I'm going,
you don't need a config file. It's the future!

(01:16:28):
Yeah, okay.
All right, Doc Brown. Okay.
Is this just, like, so post-vibe that, you know, you don't even really need to keep a static config?
You just constantly revive on demand for whatever you need at any moment? I don't know.
Yeah, clearly the future is dynamically vibed configs as the system boots. what can go wrong?
It's like a SaaS and you pay per minute because you're live streaming your config from a cloud server.

(01:16:51):
Well, you need to pre-render, right? And you want to have it globally available.
That's true. Yeah, you want to fail over it.
That's probably 90 bucks a month, I would imagine.
Easy. But you got to pay with some sort of zero trust ERC-20.
CK roll-up ERC-20 token. That'd be great. Thank you, Turd. appreciate that boost.

(01:17:14):
Of course you're gonna like this next booster 4590 sats from BTC is my 401k.
All right. All right. Okay.
This one comes from Cast-O-Matic. Elevation boost, boosting from my mountain
home. The sad amount is my current elevation.

(01:17:34):
Wow.
Love it.
Also plus one for config confessions. I've yet to truly commit to NixOS,
and these confessions help set us Nix noobs on the right path.
I like hearing that.
Oh, good. There's also some Ansible and geeks in there.
Yes, because it can also be a little intimidating, I think, right?
You see these complicated, big, well-set-up configs and be like,

(01:17:56):
how am I ever going to get there? But I like that attitude.
I like the like, oh, look, there's all this stuff I can copy from.
And you don't have to go from zero to vibed giant config. There's lots of nice
little middle grounds in the way.
Also, BTC, I have a question. Your elevation boost there, is that feet or meters or furlongs?
What do we got here? Four, five, nine, zero. Let us know.

(01:18:16):
Yeah. And is it snowing already? I imagine at 4,000, it probably is snowing
already. Because I've got friends that live at like 7,000 in Arizona,
and it is already fall-on snowing for them. So I bet you're-
I like this idea of an elevation boost and seeing how high can we go, right?
Yeah, but some of them are like mine. Mine's like 180.

(01:18:37):
Yeah, us, the C-level folks are not going to do well here.
Plus or minus the error bar too, right?
I guess. Oh, yeah, right? Yeah. It's got to get above 2,000 stats to get right
on the air, I suppose. But thank you for that boost. That's a great idea.
Sohang's here with 3,333 SATs.
I bet you that's a reference. Sohang says, I'm kind of getting a bit tired of

(01:19:00):
using Nix. The documentation problem doesn't seem to be making any progress.
And a side effect of the drama has been that a lot of work, both around flakes
and the general stuff, is stalled.
I just had a situation come up where I couldn't reason about my config and there's
no documentation I can look up.
My three-way brain split of Nix, NixOS, and Nix packages is getting untenable.
Not to mention the whole deal is a tangle of shell and Perl scripts.

(01:19:24):
But alas, what alternatives do I have?
Geeks is still a bit obscure, and I'm unsure of the reliability there.
Getting a gosh darn PhD in comp science and Nick documentation is still too much.
And I just spent a hot minute finding the non-existent boost button on the member
feed. Yeah, I know. I'm sorry about that.
It's a problem with private feeds versus public feeds. He says maybe we could vibe code effect.

(01:19:49):
The issue is, right, it's like per app, so we have to make some PRs for a bunch of these apps.
You know i do hear the complaint about the nix documentation a lot.
I would be curious because you sound like
you're using nix at a fairly sophisticated level
and it's true that like there could be
better docs or more docs but i sort of find like once i

(01:20:11):
know a system to like that point i'm sort
of just kind of in the code anyway so for me
like the docs problem hasn't been as bad because i just
assume for anything i'm going to use i'm probably going to go read at
the module code maybe gets more tangled if
you're like into like nix packages build time
helper frameworks for dot net packages or

(01:20:33):
something so i'd be curious to know like which particular areas are really
falling down i do sympathize i've seen a lot of stuff on the nix os subreddit
like i hate nix os but i hate it less than everything else wow that's rough
i don't feel that way but like i think i can get the you know there are definitely
paper cuts frustrations uh but it's also it's hard to quit once you're there.

(01:20:54):
That's true that's true okay good luck keep us posted sir.
Doornail 7887 comes in with a row of ducks.
Albi Hub deep dive question.
Oh, here we go.
And it's a suggestion, actually.
All right, I'm going to get my notepad out, Wes.
Albi Hub deep dive suggestion. After setting it up myself, the channels thing

(01:21:18):
is really still confusing to me.
I was surprised to find out I had to type 150k sats just to open a channel to send a small amount.
Forget the tech barrier to entry, the upfront cost seems like it might be a bigger barrier.
Any advice to reduce that barrier? Maybe the JB node would be open to supporting
small channels for newbies?

(01:21:39):
So this is, I think, the tricky part of setting up your own node and why services
like Fountain just do all of this for you, right?
Is the way Lightning works is it's an open source protocol and it's a peer-to-peer
system and the peers are these channels between nodes.
And the reason why the liquidity gets
locked up the 150k in your case is that way

(01:22:01):
it's a guarantee that the amounts can be sent across those channels
instantly the funds are essentially guaranteed in there so that is tricky and
i agree with you and so i don't think it's for everybody i think it's for people
that like to mess with computers and i think it's also for people that might
use it with multiple applications if your only application is boosting i just

(01:22:21):
don't know if it's worth it.
It's a lot yeah it's a lot to invest both time operations in terms of all the
software and running it and then yeah as you're finding out and it's very true
it is like if you especially if you don't already have like a pile of bitcoin
hanging around you definitely need some capital to fully fund a node's liquidity
and it's worth calling that out.

(01:22:42):
There are ways to buy channel liquidity for pretty cheap like you don't have
to spend the entire month there are,
liquidity providers and there's some included in albi that you can commit you
know 15 dollars and you get 150k channel or something like that so it.
Is worth noting that a lot of those some of them are single payment some are
like a monthly payment and then

(01:23:04):
if you do a single payment often they'll keep them open but they might.
Close them if you don't use them so yeah yeah and then about the node our node
uh that would not be a huge help because our node isn't particularly well established
or well-connected, you really want to be connected to nodes that have a good network graph.
And there's like Ambrosia and something, there's sites that help you find that network graph.

(01:23:27):
The AlbiHub ecosystem is growing because Albi supports something called Nostra Wallet Connect.
And it's an unfortunate name because it invokes Nostra, but what it really is
is a secure way to connect into these things.
And you're going to find more apps in the next couple of months that you never
expected are about to announce support for that. and it's going to make Albi even more useful.
So it could be worth it there. But it's a great question.

(01:23:49):
And channels is, I think, one of the things we have to spend some time on for
sure. Appreciate that boost.
Well, we have a boost here from Mick ZP for 10,000 sats.
They say, I couldn't agree more with you on AI and LLMs from last episode.
I work primarily as a sysadmin at an R1 university, and I'm heavily using Claude

(01:24:13):
for projects with software. I'm just not familiar with what researchers want.
I also have the exact same experience regarding a NIC card that Claude was able to solve.
The biggest problem in this space is its explosive growth and the fantasy money
flowing between companies.
Ah, the circular deals. Yeah. Yeah, I mean, I think it's pretty reasonable to

(01:24:35):
expect some of that's going to fade out, maybe a lot of it.
But things like the functionality you just covered will probably still stand.
And I don't think we'll have to have big tech frontier models for a lot of that,
which I'm really excited about.
Some of the stuff you will, but that particular use case, I don't think so so much.
Thanks for the field report, Nick Zip. Give us some updates on how it goes. Appreciate that.

(01:24:58):
All right. Next boost comes from the Muso with 5,000 SATs.
I previously had printing problems on Nix as well, and it took me ages to work it out.
I could find the printer on the network, but the driver just couldn't be determined,
so I couldn't print, even if I chose the driver in the UI.
I solved my problem by making sure services.avahi.nsmdns4, as well as Avahi itself, was enabled.

(01:25:23):
You may also need nsmdns6 if your printer uses or requires IPv6,
and your network also has IPv6.
Ah, yes, the old Avahi.
Vahi a v a h
i is what apple used to call bonjour sort of auto dns discovery where things

(01:25:43):
find each other and a lot of devices use it now so you should probably have
that on all your desktops if you're working with things like printers but uh
thank you muso for letting us know that could be helpful for other people out there.
Yeah this is one of those the i love it yeah even
without a linked config you're getting next tips and then this is exactly one
of those things we're like okay there's probably stuff right maybe other distros

(01:26:03):
automatically enable this because they just turn printing on for you no matter
what next you're gonna have to figure out that you need it but then the plus
side is once you do it sticks in your config forever so you don't have to re
figure that out so pros and cons yeah.
Yeah that's a good one and i guarantee you like ubuntu they're just probably
installing that they're just installing that just taking care of it.
Fuzzy misborn comes in with a row of ducks,

(01:26:27):
An Ansible repo for config confessions. I should probably go back and do some
streamlining, but overall, it served me well.
Ah, we didn't get this in. We did check the boost, but I checked them on Thursday.
I checked them on Thursday. So, all right, we'll put this in if we do version 3.
Yeah, stick it on the pile. Thank you, Fuzzy.

(01:26:50):
Thank you, Fuzzy. We'll take a look at that after the show.
Well, WRT54G boosted in a row of ducks.
I'm sending in some of my very first sats to the show that helped me stay up
to date and interested in Linux as I started my IT career. So thank you.
Oh, wow. That's amazing.
Oh, thank you.

(01:27:11):
That's fantastic. Thank you, WRT. And yeah, stick with Fountain.
You're going to see some impressive stuff coming soon. Appreciate the boost.
User75 came in with 2,099 sats. Long time listener.
Love the show. this is my next config oh no uh to be to be uh considered on

(01:27:32):
the show also i don't want to give you my real postal code so here's one that's
nearby uh-oh wes oh postal code hope you got the map hope you got the map westpain
here it is the postal code nearby four one eight three zero,
Dash 050 if you need it. That should be pretty easy to find on your map there,

(01:27:53):
Westpain. You did bring it, right?
Oh, good. I thought you didn't have it there for a second.
Well, of course. I keep it in my back pocket.
I have a zip code question here.
Yeah, sure.
I'm used to those first numbers, but what's with the dash numbers? Dash 050 is...
Sometimes you need a little more accuracy sometimes.
What? Was this like some kind of add-on or 2.0 or something?

(01:28:16):
You don't have that up in the Canucks? Because you don't have a little extra
sometimes when you're shipping?
No, no. We use alphanumeric so you have enough precision.
Why would you want to go mixing letters and numbers when you could just have nice clean numbers?
It's actually really annoying to type into fields whenever you need to fill
in your address, I've got to say.
I can bang that out on a 10 key in two seconds. Boom, boom, boom, boom. Right?

(01:28:40):
Okay, well, I'm going to guess here. And I did have to pull out my unfortunately
little used uh southern map module okay but i believe this is a brazilian postal
code uh located in the patuba neighborhood of salvador in the state of bahia eh.
Really wow that's i hope that's right because that's super neat thank you user 75.

(01:29:05):
Where it's currently 81 degrees um with the wind from the east 16 miles per hour.
Oh man that map of yours A nice little breeze. Yeah.
That's got features.
That's a good point. That's really impressive. Very impressive.
Can we get a little map check for you there, Brent?
Oh, where am I? Let me just pull out my map here and try to locate myself.

(01:29:31):
Can we get, do you hear my map? I don't know if you can hear my map.
I don't, I don't hear it. You put up. Yeah, there you go. Get it closer to the mic.
Oh yeah. It might take a little bit.
Is that like a Mylar map? What is that made out of?
Yeah. It's like what they make their money out of.
It's colored.
Yeah, it is pretty colors. That's for sure. It just doesn't feel real in the hands.
What? How can you feel that? I'm way over here.

(01:30:01):
Okay all right okay okay i don't have an exact postal code but i have a near-ish
leave postal code for you if that works so are you all right do you have more than just a 10 key.
Just no just tell us your weather brent for.
God's sakes oh i thought you wanted,
So angry.
All right. GLA comes in with 3,600 sats.

(01:30:24):
Wait, it's snowing.
Hello, everyone. Long time listener here. It's snowing. There you go.
Love all the JB shows. Although I'm boosting for my Albi Hub.
I can't wait for that Albi Hub special.
Cheers from Mexico to my known postal code multiply by 10. Oh,
my gosh. Another postal code.
Whoa. I'm going to have to get out the analog mechanical calculator for my men.
You take the 3,600 and then you multiply it by the 10 and you have well it would

(01:30:47):
have been a really great boost but you also have his zip code I don't know if you've got oh okay good,
There you go. Careful. God, careful, please.
I know, sharp edges.
I don't get workers' comp. Could you imagine trying to explain that?

(01:31:08):
Yeah. Telling the doctor, how'd you get this injury? Well, you see,
my buddy Wes was unfolding this map because somebody boosted in their zip code. Yeah, that, yeah.
Yeah. Okay, I believe I have located, I had to do some scanning.
I got my paper cut myself here on the, on the stupid meat slicing module.
But this would be a postal code in Guanajuato where it is in Mexico where it's

(01:31:34):
a pleasant 77 degrees with less wind at 11 miles per hour.
That is great.
Also from the east though. We're getting a lot of east wind today.
Thank you. Thank you and it's nice to hear from you out there.
I love it. We're getting some around the world boosts.
Thank you for listening. It really makes us feel special.
Yes and taking the time to get the boost stuff set up. I know it can be a bit
of a journey and I'd love to see how many of you are taking on the LB Hub Challenge

(01:31:57):
because you really get a sense.
You get a sense of what the challenges are, but then it starts to click too
the more you use it. And then, of course, thank you everybody who streamed sats
or boosted under our 2,000 sat cutoff.
We did have 28 of you stream sats as you listened, and you collectively all
together stacked 23,876 sats for the show.
When you combine it with our boosters, and of course we had that baller boost

(01:32:18):
that brought up our average, our total stats for this episode,
episode 640 of your Unplugged program, stacked 203, $1,639.
Thank you, everybody.
If you would like to support the show with a boost, Fountain FM makes it easier,
and it's going to get even easier really soon. Not that I know, but I'm just saying.

(01:32:38):
Also, you can set up an Albi Hub, and then there's a whole ecosystem of applications
you can plug it in and boost the show with open source money.
A huge thank you to our members, our Jupyter Party, and our core contributors

(01:33:01):
who put that support on Autopilot and support us every episode.
You are our foundation, and we appreciate you.
Details at linuxunplugged.com slash membership.
All right, gentlemen, we do have some picks before we go. And one of our first
picks is from the community.
Sultros now has Sultros OS and a website. His Immutable Linux is designed for

(01:33:25):
gaming and development.
He's got a couple of release tracks now, an LTS that follows Fedora's stable
releases, and then an unstable that tracks upcoming features,
you know, beta, alpha channel stuff, with still some guardrails in place.
And it has a beautiful website. Now, he's really, I think, really knocked it out of the park.

(01:33:45):
And I tried this for a little bit on my Knicks book and loved it.
He's got a cosmic version, plasma version, Gnome, and a hyper-vibed Hyperland
version coming very soon.
As well as a plasma big screen and enlightenment yeah that.
Is this is becoming a full-time thing it sounds like.
It is he's also working on the server edition,

(01:34:07):
Uh, I mean, wow, really watching them go here. It's really something.
So check it out at Soltros. That's S-O-L-T-R-O-S dot dev.
It's pretty neat to see one of our community members working on something like
that and watching it grow.
Nice looking website too. This is slick.
I echo that.
He's done so good.
Six out of five.
I think, I mean, I think this is ahead of Hypervibe now and I don't mean to

(01:34:27):
be, you know, I mean, I feel a little personally responsible because I've been
helping, but Soltros OS for the lead.
For sure. Definitely. Okay. Now a couple of different picks.
To help you do the same job, depending on the scale that you need.
The first one we're going to mention is Parabolic.
And Parabolic lets you download Vidya and Adya from the web.
And it's a nice graphical front end to the YouTube DLP client.

(01:34:51):
And it gives you some options and features, also helps you support multiple
downloads at the same time, makes it really easy to pick if you want an MP4
or a WebM or an Opus or a Flack or whatever it is that they might have.
And it also will help you grab the metadata and subtitles if you need that for the video as well.
And it's available as a package, and it's also available on Flathub. It's called Parabolic.

(01:35:14):
That's the part that stood out to me, is the sub. Not all of these tools make
the subs and that kind of stuff super easy.
So this seemed like, I mean, you don't have to be like me, who constantly runs
YTDLP from Nix packages on Stable without even caching it locally.
So if you want an easier time, use Parabolic. Plus, isn't that a cute name?
I know it's a little silly, but just like a parabolic dish. It's like receiving

(01:35:36):
all of your content from the internet. I like it.
Good icon too. Makes for a good icon. And it's GPL 3. So nice and easy.
Mostly C++. We don't get too many of those, but there you go. Should be fast.
Interesting. Now, so that's on the desktop scale. Maybe you're a little more
industrial scale on your needs here.
And this is where, and you can tell what they're trying to invoke with this

(01:35:58):
name, YouTube R or UTAR comes in.
It's a self-hosted web app that automates downloading, organizing,
and scheduling YouTube channel content with support for Plex,
Cody, Embi, and Jellyfin info. And, um...
I think what stands out to me is unlike Pinchflat, which I use for a similar
task, you could have a web UI on your network and you could just grab one-off

(01:36:19):
videos or you could do automated stuff.
And it can do channel archiving. There is also, I think, a really nice option
here for parents that are trying to curate the YouTube experience for their kids.
There's some family-friendly curated options in here that I think are a really great option.
And then you just play the videos back through Jellyfin or Plex.

(01:36:41):
And they never go on YouTube.
And it is designed to download all of the extra info you need so that way you
have all of the nice-looking display in your media player of choice.
It's a really, really nice UI, too. I think the UI is top-notch.
Pinchflat's pretty great, but it does work a little better as sort of infrastructure
where it's like, well, I know I have these channels that I always want you to

(01:37:01):
populate, whereas this does seem a little more friendly for ad hoc stuff that maybe you want to grab.
A couple of videos you don't want to follow them, you don't need to download
all the last three weeks, that kind of thing.
Yeah or maybe like one live stream you know is coming up and you want to grab
it yeah this is great for that this will do that so it's U-T-A-R-R Y-O-U-T-A-R-R U-T-A-R,

(01:37:23):
and did I grab the license for that one I made a note of it's.
The I-S-C license.
There you go. I did not make a note of it, but thank you for grabbing that.
Yeah, it looks like it's a lot of JavaScript and TypeScript,
and then a little bit of Docker and a little bit of ShellScript.
Yeah, they do have some Docker Compose example files, so that's probably the
easiest way to get started if you do want to give it a try.

(01:37:45):
Indeed. We'll have links to that in our show notes. Again, linuxunplugged.com slash 640.
Now, if you made it this far, you might already know, but Wes,
we have some pro features for people that maybe they're going to revisit an
episode or maybe there's a topic they want to replay or a topic they want to
skip, we have it already for them,
either in the podcasting 1.0 client or even more so in the two clients. Tell them all about it.

(01:38:08):
Yeah, that's right. We use the Apple-approved podcasting 2.0 tags in our feed,
and that means we have both transcripts and chapters.
So chapters for the high granularity, skip around at the high-level content,
transcripts for when you want to know exactly what we said and when we said it.
So the reference Wes is making there is Apple announced they're adopting yet

(01:38:31):
another podcasting 2.0 feature, which I think this is like the third one that they've onboarded now.
And so the chapters and the transcript standards that we have been using now
for a couple of years are being adopted by one of the largest podcast clients in the world.
And all of our episodes for the last few years are just going to have all of that information.
They'll just be turned on for Apple podcast listeners when they get their app updated.

(01:38:54):
And there's a bunch of great apps, new podcast apps, if you want to switch to
a 2.0 app, so that way you can listen to us live and you get all the stuff Wes
was just talking about and instant updates when we update.
Expect more from your podcasts, from your podcast apps, and from your podcast
feeds. We can do better. And we try every week.
We try. We'd love it if you joined us live next Sunday. We'll do it live.
It's a Tuesday on a Sunday at 10 a.m. Pacific, 1 p.m. Eastern.

(01:39:20):
All right, everything we talked about today, linked at linuxunplugged.com slash 640.
Mumble Room info is over there. Matrix info membership, contact,
all of that. Thanks so much for joining us. See you next week.

All Episodes

Episode Transcript

Popular Podcasts

Dateline NBC

Are You A Charlotte?

Stuff You Should Know

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}640: Duece Configalo: Desktop Gigolo

Episode Transcript

Popular Podcasts

.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;}Dateline NBC

Are You A Charlotte?

Stuff You Should Know

All Episodes

640: Duece Configalo: Desktop Gigolo

Dateline NBC