So in my template, I have created the VMs with two disks: first one is for NixOS and is built from an image, and it is read-only. The second is mounted to /var and is used for all system configuration as well as application state. If I have multiple VMs, they can all share the same base image (thin provisioned). That's the mode that I want for my deployments of services, immutable and as stateless as possible. For agent use, its different, you actually want a mutable NixOS root so that the agent can do what it wants.

I built three modes: immutable, semi-mutable, and mutable. mutable removes the read-only lock on the root, and just lets you manage the VM as a pet. semi-mutable adds an ephemeral overlayfs that gets wiped the next time you upgrade the base image. So that gives you kind of the best of both worlds: an immutable read-only base image and the ability to "nix profile add" whatever you (or your agent) wants, but with the contract that these imperatively installed things will disappear the next time you upgrade. Are you planning on adding a LICENSE to your machine0-nixos repo?

[1] https://github.com/EnigmaCurry/nixos-vm-template

I just learned about basilisp from the parent comment, so I asked Claude to add Python support to the same .cljc files I have, and we finished the port in about 30mins, and then fixed Python specific test cases for another 30 mins, but now all of the existing tests are passing. That's impressive in several ways.

Portability is achieved by testing. You have to put the platforms you want to support into your test harness, and the earlier the better. A calculator is purely functional, so this is a fairly straight forward port and really easy to test for. I'm not sure about larger projects, but it seems like there is something seriously right about Clojure's design that makes this easy to do.

[1] https://github.com/EnigmaCurry/calc

[1] https://github.com/EnigmaCurry/nixos-vm-template

It is precisely this point that has flummoxed me when connecting my p2p wireguard config[1] with a friend that uses a pfsense router, no matter what we tried, pfsense always chooses a random source port.

But in the simple case this blog outlines, if both ends use the same source port, this method punches through 2 firewalls effortlessly:

[1] https://blog.rymcg.tech/blog/linux/wireguard_p2p/

Use CLI for exploration, coding, and learning. Greenfield.

In general, Declarative > Imperative.

I wrote this to publish Org docs to S3 - https://github.com/EnigmaCurry/s3-publish.el - I wanted something extremely lightweight, not even wanting to commit things to git like I normally would and waiting for CI to build something. Uploading html directly to S3 means it gets published in <1s from push.

https://developer.android.com/reference/android/net/VpnServi...

"There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created."

Note this is not about routing some traffic to the VPN and other traffic to the clear net. This is about running two VPN connections simultaneously.

I really like the Rust tooling and I like exhaustive pattern matching. Python post-dev debugging time is probably 10x vs Rust. That's why I choose Rust.

[1] https://github.com/EndeavourOS-Community-Editions/sway

[2] https://github.com/enigmacurry/sway-home

[3] https://discovery.endeavouros.com/hardware/envy-control/2023...