Hoe do you self host a nix package repo & install nix packages from 3rd party repos? Is this even possible.

So, one aspect of this has already been answered by @Klaymore@sh.itjust.works . If you just want to package some stuff yourself, then do it (look at various NUR repositories for inspiration), put it in some git repo (or even a .tar.gz somewhere), and then fetch it from your NixOS config, either with flakes or þe olde way with let myPkgs = import (builtins.fetchGit { url = "https://..."; rev = ""; }) {}; in ....

Another aspect would be providing a substituter/“binary cache” for your repository, so that its users wouldn’t need to build everything from source. This is a tad more complicated, as you have to set up some form of CI+CD, a place to host the cache, and your users would have to configure their systems to trust your build infrastructure.

It’s all quite doable, and if you have some CI system&s3 bucket ready, boils down to nix copy $(nix build --print-out-paths) --to s3://your.hosting/your-cache with some authorization and error handling. There are also some readily available services that do it for you, like https://nixbuild.net, https://garnix.io, and https://cachix.io; however, be prepared to pay for the convenience.

Then, on the user end, you’d have to add extra-substituters = https://your.hosting/your-cache; extra-trusted-public-keys = <...> to ~/.config/nix/nix.conf, and it should all mostly work.

Examples of complex 3rd party repositories with a binary cache would be both aforementioned Chaotic and Nixified AI, and a more unusual haskell.nix.

To add to this, there’s also Nix User Repository

FYI a great way to share your logs (if you have internet on the machine but no GUI) is to use a pastebin like 0x0.st. E.g. do journalctl | curl -F'file=@-' https://0x0.st and post the link here.

I’d try the kernel version used in 23.11 to see if that fixes it. Add boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_1; to your config (make sure to add it before the closing }) and sudo nixos-rebuild switch . You can also try older versions, like linux_5_19. If it doesn’t fix the problem it might be that the ACPI error is a red herring and the problem is something else entirely, in which case it’d be more difficult to diagnose, and I’d recommend just staying on 23.11 for now and only taking the new packages that you need from 24.05. There’s a great post on how to do this here: https://discourse.nixos.org/t/installing-multiple-packages-from-unstable-channel-in-configuration-nix/19271/2 (probably also in the docs somewhere but I couldn’t find it easily).

telegram is not safe enough, but for some reason it is preferred by drug dealers. The lives of these people literally depend on the messenger.

Most people are technically illiterate. On top of that, most criminals are idiots (otherwise they’d have calculated risk/reward ratio rather than only looking at the reward side of things). The reason it is used by drug dealers is (1) Telegram is convenient, (2) Telegram is not moderated so they accumulate there due to “moderation selection”, (3) Law enforcement didn’t care enough to do anything about that. Now that (3) has changed and (2) is on shaky grounds, I expect a lot of them will move elsewhere.

Signal chats can read messenger developers with basic hack (add one more person in chat and collect messages on disk)

How exactly do you think that would work? To add a new recipient the client needs to explicitly encrypt messages with a key available to that recipient. What command in the Signal protocol would trigger that action without first establishing trust in the recipient? (FYI when adding a new device, there is a key-exchange and verification process, which requires access to some other device with keys already on it).

Tell me how Durov, or someone else get access to my one-to-one crypto chat, if I compile mtproto self from github?

As a separate statement: they can’t (probably).

In context of the discussion: they don’t need to, because secret chats are so inconvenient and fussy that they are seldom used. There is a lot of crime happening in public groups/channels, in “private” groups chats that can not be encrypted, or in 1-on-1’s that are not secret. Telegram has the ability to stop all of that with just some moderation, or turn messages over to the authorities, but they don’t. Which is precisely why Durov is in custody right now. If he actually made a messenger with good, convenient end-to-end encryption, he would be in the same situation with Signal authors, who have perfect deniability since they can’t read anything their users have sent up until this point.

Bullshit.

If you want protect yourself for random network administrator on your network line, of course.

Telegram and Signal both use TLS. They are identically secure from transport-level attacks.

If you want protect from anyone (government for example), of course not.

Of course yes. If you want a more private group chat, or an actually useful 1-on-1 encrypted chat that works across multiple devices, Signal is the only option (out of the two, there are way better alternatives like XMPP and Matrix). For 1 device-on-1 device E2E chats, Signal and Telegram are about the same level of security, except Telegram’s protocol sees less scrutiny from the crypto community.

As telegram. If you think that some drug dealers create public chats with sell drugs, so… you are wrong. All work with darknet. In telegram all of them use only private one-by-one crypto chats.

LOL. I see drug ads on the street all the time. The one time I checked, it pointed to a publicly available Telegram bot.

If Signal was to pull a MITM, it would have been noticeable as it requires active intervention in the protocol (it hasn’t been noticed yet), it would destroy all plausible deniability for them going forward, and it wouldn’t be possible on existing chats (once the key exchange between two parties happens, it’s impossible to do MITM). Telegram can just straight up read your messages, past, present and future, do whatever they want with them, with no way for anyone to check if that happens. It’s two different tiers of communication security.

To quote another commenter,

You clearly have no idea what you’re talking about.

There’s user to server encryption, just not e2e.

That’s exactly what the comment said: The only encryption that applies to most chats on that platform should be transport encryption via TLS. It’s about the same level of encryption as Lemmy PMs.

The fact that Telegram doesn’t cooperate with French authorities doesn’t mean that it doesn’t cooperate with other authorities or sell your data to the highest bidder. They have all the technical means for it.

Don’t use a regular Telegram chat if your life depends on the messages being private. Use XMPP, Matrix with E2EE, or at the very least Signal. Heck, even WhatsApp is (reportedly) better, as it claims to provide E2EE and that’s been checked by some security professionals who have been given access to the source code. If you absolutely must use Telegram for something like that, only use secret chats.

Telegram is categorically less encrypted than Signal for most chats. It’s mostly the same level of security as Facebook Messenger, Instagram DMs, even Email (SMTP/IMAP over TLS) or SMS: it only encrypts communications between the client and the server. Telegram can read everything you send in regular chats. The only way to get end-to-end encryption (such that Telegram technically can’t access your communication) is by starting a fussy and inconvenient “secret chat”. It can only be done between two people (so no E2E group chats at all), only when both are online at the same time, and it only works on the devices on which the secret chat was initiated and accepted; in other words, as a frequent user I’ve only used it once for some really sensitive personal information. Even then Telegram still has access to a lot of metadata about messages: phone numbers of both parties, when the messages are sent, how big they are, etc.

I’m not saying that cooperating with intelligence/LE agencies is always an ethical, or even a good choice, but Telegram demonstrably had the ability to do so.

Some of them genuinely wanted to go to Russia (I expect it was a significant percentage), some of them didn’t care and it would be easier to go there, some literally didn’t have a choice, some were moved to Russia forcibly. However, consider that of the remaining ~35 million Ukrainians ~5 million went to Europe, and of those who remain in Ukraine support for Russia is in low one-digit percentage. Simply put, not that many Ukrainians (outside Crimea) wanted to be part of Russia, and of those who did a lot are dead now as a result of the invasion, and more now hate Russia.

It’s delayed civil war, cause ukraine couldn’t live like civilized bilingual euro countries

Sure. However, Russia turned a skirmish into a bloodbath, for the benefit of its elites.

I concede that elections before then were not really fair either, but definitely not as blatant as 96.

Russia is famously lacking for land and raw materials

Strategically important and tourist-attracting Crimea with a land bridge to it would be pretty useful by itself, couple that with prime agricultural land (Ukraine is a massive producer of grain), lots of coal, some oil and gas.

I joke of course. You can tell Putin’s a dictator, because he was popularly elected multiple times by the Russian people

There was not a fair presidential election in Russia since (arguably) 1996, when communists were defeated with significant use of administrative resource by Eltsin administration. Any serious political opposition began to be silenced in 2012. 2020 constitutional changes were actually unconstitutional, and as such were a soft coup. Both 2018 and 2024 elections had massive electoral fraud too.

Sure man, it’s Russian propaganda in which they’re interchangeable. I mean, I’m sure you’d know what with all the Russian media you’re busy avoiding.

I’m actually reading official and independent Russian news weekly due to Russia being my home country.

You really like to dance around admitting the fact that the war was started because NATO tried to set up its weapons on the Russian border and use the threat to either coerce or openly attack Russia.

NATO has had weapons on the Russian border for 20 years now. There were obviously no plans to “openly attack Russia”, as they would have been realized after Russia actually invaded Ukraine. As for coercion, yeah, imperialism sucks, I wish US didn’t do it, but it does not justify starting a war with a smaller country with intent to invade it.

On that note, mind telling us how you think Russia should have reacted to the NATO-backed coup in Ukraine in 2014?

I’m not one to give complex geopolitical advice, but definitely not by invading it. Perhaps a good start would be exercising its immense soft power inside the country to help pro-Russian powers (which has been attempted, but extremely unsuccessfully).

All the reasons I’ve provided are grounded in actual Russian reality as it was before the invasion. I had been following russian news, from both official and independent outlets, due to actually living there. I don’t think I need to look up the obviously made up reasons of “denazification” and “demilitarisation”.

The people of Kherson don’t want to be part of Russia. Why is Russia trying to annex it? Why is the russian military leveling towns, sometimes still with civilians living there, in the very regions they are purportedly trying to liberate? Let’s be clear here, neither US nor Russia actually cares about people living there, they just want territory, resources and influence.

All the same can be said about current Russian invasion. US-backed coup wasn’t great, Ukrainian attitude to its eastern regions was atrocious, but Russia invading with full force didn’t help anyone but wealthy Russian elites (and perhaps corrupt ukranian elites too, not 100% sure on internal ukranian politics): it destroyed yet more regions of Ukraine, killed yet more people, and there’s no resolution in sight except for a slightly different frontline.

Russia literally intends to annex (as in, turn into own territory) 4 Ukranian oblasts, banning ukranian language there, turning over capital to its own oligarchs (or their cronies), all via a means of war. I would like to remind you that Russia is an authoritarian capitalist oligarchy, with overt ambitions of turning itself into an empire. This definitely fits at least multiple definitions of imperialism.

I despise the shit that Ukraine did to its eastern regions for many years. What Russia is doing now is worse on multiple accounts (human suffering, death count, material damage), though.

It is not easy to gauge what the war is motivated by, as it is waged mostly by one dictator’s wishes, but my bets are on territorial gains, resource gains (as eastern Ukraine notably contains quite a lot of resources), cultural expansion (see: banning of ukranian language in schools and government services), and perhaps delusions of grandeur and desire to bring back USSR/Russian Empire (which appear to be entirely interchangeable in Russian propaganda lately), all of which fit the definition of imperialism quite well. It could also just be an internal political game, attempting to repeat the “Crimean consensus” and get Putin’s waning ratings back up. That didn’t quite work out, so the governance model descended from authocratic capitalism into near-fascism. In the latter case it would indeed not exactly be an imperialist war, but I’m not sure if that helps Russia’s case here.