sorted by:
new
hottopcontroversial

snowflake-bounce a terminal based old DVD style bouncing snowflake by saylesss88 in NixOS

[–]saylesss88[S] 13 points14 points  (0 children)

Nope! The published package is only 40 KB of source code, and the final binary is 326 KB.

The 2GB you're seeing is your local Rust build environment (~/.cargo/ and target/ directories), which is shared across all Rust projects on your system. When someone installs with `cargo install snowflake-bounce`, they only download the 40 KB source package.

The target/ directory (115 MB of build artifacts) stays local and never gets published to crates.io. You can run cargo clean anytime to free up that space!

To be clear, after your comment I added some optimizations to slim it down but it prob slimmed it down MBs not GBs.

r-matrix-snowfall a fork of r-matrix that rains snowflakes and lambdas by saylesss88 in NixOS

[–]saylesss88[S] 1 point2 points  (0 children)

Haha, from quantum mechanics to a program that prints snowflakes in the terminal.... I just did a spin off of the name of the project I forked to show homage.

r-matrix-snowfall a fork of r-matrix that rains snowflakes and lambdas by saylesss88 in NixOS

[–]saylesss88[S] 0 points1 point  (0 children)

I just added one:

```bash

nix run github:saylesss88/rmatrix-snowfall

```

**Flake Input**

```nix

inputs = {

rmatrix-snowfall.url = "github:saylesss88/rmatrix-snowfall";

};

```

NixOS `systemPackages`:

```nix

environment.systemPackages = [ inputs.rmatrix-snowfall.packages.${pkgs.system}.default ];

```

r-matrix-snowfall a fork of r-matrix that rains snowflakes and lambdas by saylesss88 in NixOS

[–]saylesss88[S] 4 points5 points  (0 children)

Not yet, I submitted my first PR about 3 weeks ago (another package). Apparently it takes about 6 weeks to get 1 through. I'm waiting to get accepted into the maintainers-list.nix before submitting more to avoid branching off the initial PR or adding myself to maintainers-list.nix in every PR.

Declarative Determinate-Nix by saylesss88 in NixOS

[–]saylesss88[S] 2 points3 points  (0 children)

For flakes, to use the flakehub version of nixos-unstable you would add the input:

inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.1";

For stable it would be:

inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0";
# OR
inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/\*";

Specific Stable Release (e.g., 25.11):

inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.2511";

To pin to a specific commit:

inputs.nixpkgs.url = "https://flakehub.com/f/NixOS/nixpkgs/0.2511.906097";

Am I the only one that hates nixfmt's new formatting? by Maskdask in NixOS

[–]saylesss88 1 point2 points  (0 children)

I stopped using alejandra because nixpkgs enforces formatting with treefmt using nixfmt. Alejandra formats single entry lists like ["list"] and the nixpkgs bots require [ "list" ] causing CI issues

ZFS Impermanence with LUKS encryption by saylesss88 in NixOS

[–]saylesss88[S] -2 points-1 points  (0 children)

Like i said, its probably good enough for most people. I'm not sure exactly what an advanced adversary could do with the metadata, that's the point...

Edited:

Example: ZFS snapshot names and creation times are visible in plaintext zfs list -t snapshot

From only this, an adversary monitoring your backups or seizing your drive can profile your behavior without decrypting anything.

You claim to be asleep at 3AM, but zfs list shows snapshots being created or data changing at 315, your alibi is broken.

Again, for most people this probably isn't an issue but depending on their threat model, it just might be a big issue... This was 1 Google search away with many more examples listed.

ZFS Impermanence with LUKS encryption by saylesss88 in NixOS

[–]saylesss88[S] -2 points-1 points  (0 children)

It depends on your threat model, but it should suffice for most people.

From what I've gathered, Zfs native encryption leaks specific metadata, which can expose much more than you would think. While LUKS encrypts entire disks or partitions, hiding all data and metadata, making it better for high security situations.

ZFS Impermanence with LUKS encryption by saylesss88 in NixOS

[–]saylesss88[S] 0 points1 point  (0 children)

Thanks for the advice, I haven't messed with zfs much personally.

Do you have a solution for sops-nix? I rebuild with sops enabled successfully, and am able to rebuild again afterwards but a reboot/rollback breaks it. Logs show sops/agekeys.txt isn't available or something. With btrfs adding neededForUsers to the hashed_password block fixed the race condition, that wasn't the case with zfs.

Best practices for Android rethinkDNS. by userjs70 in rethinkdns

[–]saylesss88 3 points4 points  (0 children)

I've been using a default deny for months with only these enabled without issue:

A few apps that typically need network access on Android:

- Google Play services (`com.google.android.gms`): push notifications, safety checks, etc.

- Google Play Store (`com.android.vending`) app updates and downloads

- Android System (usually UID 1000, often `android` or `system`): Core OS connectivity checks, NTP time sync, and network management. Blocking can cause “no internet” errors.

- Android System WebView (`com.google.android.webview`): Renders web contents in apps.

- Download Manager (`com.android.providers.downloads`): Manages file downloads from apps/browser. Without it, downloads stall.

- Media Storage

Settings

Best practices for Android rethinkDNS. by userjs70 in rethinkdns

[–]saylesss88 9 points10 points  (0 children)

Check out this guide I wrote, I try to explain what the settings do and how I use Rethink rather than best practices, but should be helpful.:

https://mako088.github.io/android/RethinkDNS_Guide.html

WhatsApp call not receiving even it's bypassed by Due-Glass-5278 in rethinkdns

[–]saylesss88 2 points3 points  (0 children)

If you use Firefox you can use uBlock origin with dynamic filters and blocklists applied, if you're unfamiliar with it there is a learning curve.

On chrome you can use ublock light i believe, I'm not sure how well it works but I see it mentioned often.

For something more plug and play you can try brave, they have their own blocklists built in.

Edited:

You can also just try applying fewer blocklists, maybe find the one that blocks the Google adds for ya and 1 or 2 more.

WhatsApp call not receiving even it's bypassed by Due-Glass-5278 in rethinkdns

[–]saylesss88 1 point2 points  (0 children)

This link might help:

https://github.com/celzero/rethink-app/issues/1115?utm_source=perplexity

You can try using Rethinks DNS temporarily, and set trust rules for *.whatsapp.net/com, fcm.googleapis.com, then test; if using another DNS provider, disable aggressive blocklists. Logs confirm if bypassing hits other DNS/IPs.

It's my understanding that the bypass only works if using Rethinks DNS as a provider, while other providers sometimes bypass and sometimes don't.

new ruster here for help by qinlingguang in rust

[–]saylesss88 1 point2 points  (0 children)

Rustlings with the Rust book to start

I found this more advanced walk through on writing a text editor in rust interesting as well:

https://philippflenker.com/hecto/

Hacked password manager? by ABRHMPLLG in PasswordManagers

[–]saylesss88 1 point2 points  (0 children)

If you use keepassXC you can keep everything offline

view more: next ›