Werner changed the topic of #armbian to: armbian - Linux for ARM development boards | www.armbian.com | Github: github.com/armbian | Commits: #armbian-commits | Forums Feed: #armbian-rss | Type 'help' for help | This channel is logged -> irc.armbian.com
ChriChri_ has joined #armbian
ChriChri has quit [Ping timeout: 264 seconds]
ChriChri_ is now known as ChriChri
dddddd has quit [Ping timeout: 264 seconds]
<ArmbianTwitter> @AgungSuryoPutra (Agung Suryo Putra): Armbian on an Android TV Box https://t.co/ceMUOfrSTE (20s ago)
das_coach has quit [Remote host closed the connection]
sassinak-work has quit [Ping timeout: 256 seconds]
sassinak-work has joined #armbian
<lanefu> do the C. States armbianmontor follows work with RK3399? my opi4 just seems to run until it overheats and i never see any cstates kickin
agrisis has quit [Ping timeout: 272 seconds]
<lanefu> oh well.. i cranked my opi4 to 1412mhz and it seems to be stable with rosetta at 71C
<Werner> Good morning
<lanefu> Hi!
<lanefu> What country are you in Werner?
<Werner> Germany
<Werner> By the way martinayotte Miouyouyou you are free to request a project affiliation cloak if you like. More about that in the IRC documentation :)
<lanefu> Wow you get up early
<Werner> Not just up, at work already :D
<lanefu> Man
MrFixIt has quit [Ping timeout: 260 seconds]
<IgorPec> good morning
MrFixIt has joined #armbian
IgorPec has quit [Remote host closed the connection]
IgorPec has joined #armbian
rdorsch is now known as rdorsch`away
algyz has joined #armbian
algyz has quit [Remote host closed the connection]
mirage335 has quit [Ping timeout: 258 seconds]
<douardda> i'm currently running a quickly written checker script on my inria's station (so the PING critical msg from icinga, I guess)
<douardda> (oops, wrong chan, sorry)
macc24_ has joined #armbian
macc24 has quit [Disconnected by services]
macc24_ is now known as macc24
<wojci> lanefu: Thanks for the link. I got the 3 interfaces working .. now with different MAC addresses as well (using another thread from the forum).
dddddd has joined #armbian
Hokedli has joined #armbian
<lanefu> wojci: awesome!
<ArmbianTwitter> @21isenough (21isenough): @DecentralisedS @tadpoet @GrapheneOS At time of screenshot: - Laptop with Manjaro Linux - Xiaomi with Android (Miui) - RPi with Raspbian - Rock64 with Armbian Now: - Replacing Android with @GrapheneOS (Where a most of the queries came from) (9s ago)
<wojci> lanefu, Somewhat. I have issues with setting static IP addresses on my second board. The config seems to be identical.
<Werner> Identical besides the mac addresses I hope :D
agrisis has joined #armbian
Hokedli has quit [Quit: Konversation terminated!]
plntyk has quit [Quit: Leaving]
<lanefu> man the OPI4 can kiss my ass
<IgorPec> haha
<IgorPec> whats wrong?
<lanefu> it's been like overheating and crashing with boinc Rosetta@home
<lanefu> i cranked the clock back to 1412mhz adn it didnt crash
<lanefu> but got computational errors
<lanefu> just switched kernels from dev to current via armbian config, adn it just like crashed and died in the middle of it lol
<lanefu> and c.state seems to stay at 0 nomatter how much heat
<IgorPec> so thermal throttling doesn't work at all or not fast enough?
<IgorPec> btw. how to properly isolate build runner?
<IgorPec> security concerns ... its more or less operaional now
<lanefu> thermal throttling doesnt seem to work at all
<IgorPec> ok, we didn't address rockchip much in last release
<IgorPec> everything else
<Werner> Ideally the build run includes the complete setup of a container (may it docker or whatever) and when everything is finished destroy it.
<IgorPec> if we put this runner to merge requests it has to be fully bullet proof
MrFixIt has quit [Quit: Leaving]
<lanefu> IgorPec: probably easiest security step is probably to lock down DNS to only resolve github and mirrors
MrFixIt^ has joined #armbian
MrFixIt_ has joined #armbian
<lanefu> then after that probably monitoring for abnormal behavior.... long running processes.. weird outbound conneections etc
MrFixIt_ has quit [Client Quit]
<Werner> Good point about outbound connections. Did not think about that
<IgorPec> i want to cut access to my local network first, then regarding signing packages?
<IgorPec> now things works, but things are not secure
<lanefu> yeah i'd treat it like an IOT device
<lanefu> on its own VLAN
MrFixIt^ has quit [Client Quit]
<IgorPec> KVM guest on its own VLAN?
MrFixIt has joined #armbian
<lanefu> yep
<IgorPec> ok, will do that. then ssh/gpg keys
<lanefu> yep
<lanefu> the other recommened practice, whch makes things a little more difficult.. is that CI testing is only ran by trusted users
<lanefu> which is probably the best thing
<IgorPec> that would solve a lot :)
<lanefu> a trusted reviewer could approve a PR for testing
<lanefu> and then trigger that way
<IgorPec> do we know how to do that?
<lanefu> that's probably were we should reeally start
<Werner> Not necessarily if a pr is big and something could be hidden
<lanefu> Werner: then maybe the PR is too big
<IgorPec> ok, lets try to figure out worse case. how to make it fully secure
<IgorPec> the proceess of signing can be elsewhere
<Werner> Limiting network traffic from/to github should be an easy thing. All their ipv4 addresses are listed here: https://api.github.com/meta
<lanefu> security is about layers, so just gotta start with low hanging fruit
<IgorPec> ssh keys are currently on the machine to which anyone can push a code
<IgorPec> which is clearly bad ;)
<lanefu> yeah.....
<lanefu> i need to take a look at yuor runner config
<IgorPec> runner is simple
<lanefu> maybe we should start by having an automated build of the runner
<IgorPec> ./compile
<lanefu> so its easy to add
<lanefu> haha
<Werner> Essential ^^
<lanefu> i have an existing armbian-builder ansible role i could modify to make it into a runner build
<IgorPec> how do you mean?
<lanefu> just having some ansible code to easily make any VM a runner ready for us to use
<IgorPec> not complete, but the idea is to have a docker image - with compilers preloaded - ready for usage
<IgorPec> but i just get an idea
<IgorPec> i need keys only for deb deployment
<IgorPec> that one can run elsewhere
<lanefu> yeah that streamlines a lot for now
martinayotte_ has joined #armbian
<lanefu> so is building full armbian images with docker "supported" now?
<IgorPec> i think yes
<IgorPec> but it has to be in privileged mode
<lanefu> i mean i've definietly done it in the past
<lanefu> i used to have to do funny things with creating the loopack devices, but i think things got better with ubuntu 18.04
martinayotte has quit [Ping timeout: 265 seconds]
sunshavi has quit [Ping timeout: 265 seconds]
<IgorPec> you need root for creating loopback
<lanefu> yeah it was a funny thing beyond priviledged mode i had to do... but that was in the aerly days
<lanefu> so for all the CI stuff, do you want it to be container based? or do you want to start with VM-based
<IgorPec> that i don't remember. i only recently started to use docker since we didn't support debian
<IgorPec> good question
<IgorPec> we certainly need to have our own docker image, build reguraly
<Werner> How likely is it to escape a privileged docker container?
<IgorPec> what do you mean by that?
Fleck has quit [Ping timeout: 264 seconds]
<lanefu> Werner: not enough to be concerned about that
<Werner> Okay
<lanefu> my biggest general concern is just a process staying running and connecting out to the internet to do somethign mallicious
<lanefu> liek a botnet slave... etc
<lanefu> not so concerned about compromising the host and getting secrets
<Werner> Should be solvable by proper firewalling. Limit to github and whatelse is needed
Fleck has joined #armbian
<IgorPec> i only need to cut out local network
<IgorPec> for the rest i don't care
<lanefu> k... so igor just needs a vlan at his house... and we can watch for jobs that run for more than an hour
<lanefu> and that's a sane first step
<IgorPec> i have vlans, just need to do some re-config, no trunk port at the switch where the server is ;)
<IgorPec> lanefu: if you have this environament, you can setup this first part
<IgorPec> anyway it would be nice to have runners - for checking MR part
DaRock has quit [Ping timeout: 258 seconds]
<lanefu> yeah i'll get some runners spun up
drobo_00 has joined #armbian
drobo_00 has quit [Read error: Connection reset by peer]
<lanefu> okay sweet my ansible job automagicall installed and reisered to runers to the CI repo
<lanefu> *automatically installed and registered
<lanefu> just using aws EC2 for now
drobo_00 has joined #armbian
drobo_01 has joined #armbian
drobo_00 has quit [Ping timeout: 256 seconds]
drobo_01 is now known as drobo_00
IgorPec has quit [Read error: Connection reset by peer]
IgorPec has joined #armbian
IgorPec has quit [Changing host]
IgorPec has joined #armbian
IgorPec has quit [Ping timeout: 264 seconds]
IgorPec has joined #armbian
IgorPec has quit [Changing host]
IgorPec has joined #armbian
IgorPec has quit [Read error: Connection reset by peer]
IgorPec has joined #armbian
IgorPec has joined #armbian
IgorPec has quit [Changing host]
IgorPec has quit [Ping timeout: 256 seconds]
IgorPec has joined #armbian
IgorPec has quit [Read error: Connection reset by peer]
omenius has joined #armbian
<omenius> having trouble troubleshooting C2 with armbian having no HDMI output
<omenius> I think it's working otherwise, the alive led is flashing that I have seen only flashing when successfully booted
<omenius> I'm building with ./compile.sh, no arguments
<omenius> the model is Odroid C2
<omenius> hdmi output worked with same C2, with same display and same wire, using Odroid's official ubuntu img
<omenius> and I'm noob so I haven't done any extra configuring, just flashed the img that I got in build/output/images
rdorsch`away is now known as rdorsch
plntyk has joined #armbian
sunshavi has joined #armbian
<omenius> anyone using recent armbian on Odroid C2?
<HerculeP> not "using" but tested
<HerculeP> two issues: no HDMI sound, SD: no reboot
<HerculeP> emmc reboots OK
<omenius> uh I flashed my usb stick instead of sd. Fixed that and got picture :)
<omenius> it seems that building with "CRYPTROOTENABLE=yes CRYPTROOTPASSWORD=foo" is what produces images that I can't get HDMI output with
<omenius> I mean, CRYPTROOT_ENABLE=yes CRYPTROOT_PASSPHRASE=123456
mirage335 has joined #armbian
<omenius> I mean, maybe it's writing urandom or zero to the disk before displaying picture, but that takes like multiple hours
rdorsch is now known as rdorsch`away
<omenius> yeah, cryptroot_enable is what causes no video output :(
psydruid has quit [*.net *.split]
kolla has quit [Ping timeout: 256 seconds]
kolla_ has joined #armbian
willmore has quit [Ping timeout: 258 seconds]
willmore has joined #armbian
das_coach has joined #armbian
Triffid_Hunter has quit [Ping timeout: 246 seconds]
Triffid_Hunter has joined #armbian
drobo_00 has quit [Ping timeout: 264 seconds]
ArmbianTwitter has quit [*.net *.split]
kolla_ has quit [*.net *.split]
buZz has quit [*.net *.split]
[TheBug] has quit [*.net *.split]
robogoat has quit [*.net *.split]
PipeItToDevNull has quit [*.net *.split]
hyperreal has quit [*.net *.split]
wi has quit [*.net *.split]
agrisis has quit [*.net *.split]
das_coach has quit [*.net *.split]
willmore has quit [*.net *.split]
solderfumes[m] has quit [*.net *.split]
JuniorJPDJ has quit [*.net *.split]
sdoran has quit [*.net *.split]
sunshavi has quit [*.net *.split]
wojci has quit [*.net *.split]
gnom has quit [*.net *.split]
HerculeP has quit [*.net *.split]
silven_ has quit [*.net *.split]
silver_hook_ has quit [*.net *.split]
Dr{Wh0} has quit [*.net *.split]
MyyMatrix has quit [*.net *.split]
macc24 has quit [*.net *.split]
azend_ has quit [*.net *.split]
toketin has quit [*.net *.split]
soltys has quit [*.net *.split]
Mony has quit [*.net *.split]
Nakaori has quit [*.net *.split]
douardda has quit [*.net *.split]
thomassgn has quit [*.net *.split]
Net147 has quit [*.net *.split]
Elpaulo has quit [*.net *.split]
phipli has quit [*.net *.split]
ced117 has quit [*.net *.split]
probono has quit [*.net *.split]
stefano79 has quit [*.net *.split]
NeuroScr has quit [*.net *.split]
Triffid_Hunter has quit [*.net *.split]
omenius has quit [*.net *.split]
martinayotte_ has quit [*.net *.split]
jwb_ has quit [*.net *.split]
TheNumb has quit [*.net *.split]
thefinn93 has quit [*.net *.split]
xperia64 has quit [*.net *.split]
wysiwtf has quit [*.net *.split]
agates[m] has quit [*.net *.split]
RzR has quit [*.net *.split]
plntyk has quit [*.net *.split]
MrFixIt has quit [*.net *.split]
ddurst has quit [*.net *.split]
dirbaio has quit [*.net *.split]
mik_ has quit [*.net *.split]
Laodikea has quit [*.net *.split]
mrueg has quit [*.net *.split]
lanefu has quit [*.net *.split]
wooster has quit [*.net *.split]
Kamilion has quit [*.net *.split]
Unit193 has quit [*.net *.split]
ornxka has quit [*.net *.split]
ChanServ has quit [*.net *.split]
torv has quit [*.net *.split]
oida has quit [*.net *.split]
mirage335 has quit [*.net *.split]
nekomancer[m] has quit [*.net *.split]
Fleck has quit [*.net *.split]
Miouyouyou has quit [*.net *.split]
indy has quit [*.net *.split]
jrullo has quit [*.net *.split]
sassinak-work has quit [*.net *.split]
midnight has quit [*.net *.split]
Strykar has quit [*.net *.split]
rdorsch`away has quit [*.net *.split]
Werner has quit [*.net *.split]
steev has quit [*.net *.split]
veremitz has quit [*.net *.split]
urluck has quit [*.net *.split]
no_maam has quit [*.net *.split]
epsilonKNOT has quit [*.net *.split]
Janhouse has quit [*.net *.split]
lvrp16 has quit [*.net *.split]
pinkieval has quit [*.net *.split]
marvs has quit [*.net *.split]
dddddd has quit [*.net *.split]
ChriChri has quit [*.net *.split]
mpmc has quit [*.net *.split]
chewitt has quit [*.net *.split]
ArmbianHelper has quit [*.net *.split]
wojci has joined #armbian
chewitt has joined #armbian
dddddd has joined #armbian
sunshavi has joined #armbian
NeuroScr has joined #armbian
stefano79 has joined #armbian
probono has joined #armbian
ced117 has joined #armbian
phipli has joined #armbian
Net147 has joined #armbian
Fleck has joined #armbian
sdoran has joined #armbian
macc24 has joined #armbian
azend_ has joined #armbian
Triffid_Hunter has joined #armbian
solderfumes[m] has joined #armbian
willmore has joined #armbian
no_maam has joined #armbian
urluck has joined #armbian
rdorsch`away has joined #armbian
midnight has joined #armbian
sassinak-work has joined #armbian
Strykar has joined #armbian
Laodikea has joined #armbian
dirbaio has joined #armbian
mik_ has joined #armbian
ddurst has joined #armbian
MrFixIt has joined #armbian
plntyk has joined #armbian
RzR has joined #armbian
wysiwtf has joined #armbian
MyyMatrix has joined #armbian
Dr{Wh0} has joined #armbian
silver_hook_ has joined #armbian
silven_ has joined #armbian
TheNumb has joined #armbian
douardda has joined #armbian
soltys has joined #armbian
toketin has joined #armbian
indy has joined #armbian
Miouyouyou has joined #armbian
jrullo has joined #armbian
kolla_ has joined #armbian
jwb_ has joined #armbian
Elpaulo has joined #armbian
martinayotte_ has joined #armbian
Werner has joined #armbian
omenius has joined #armbian
ArmbianTwitter has joined #armbian
thefinn93 has joined #armbian
wi has joined #armbian
xperia64 has joined #armbian
HerculeP has joined #armbian
gnom has joined #armbian
ArmbianHelper has joined #armbian
mpmc has joined #armbian
ChriChri has joined #armbian
agrisis has joined #armbian
ChanServ has joined #armbian
[TheBug] has joined #armbian
buZz has joined #armbian
robogoat has joined #armbian
PipeItToDevNull has joined #armbian
Nakaori has joined #armbian
thomassgn has joined #armbian
Mony has joined #armbian
_whitelogger has joined #armbian
agates[m] has joined #armbian
veremitz has joined #armbian
solderfumes[m] has joined #armbian
JuniorJPDJ has joined #armbian
sunshavi has quit [Ping timeout: 265 seconds]
<omenius> I wonder if it's just C2 that loses video output when you do CRYPTROOT_ENABLE=yes or is other model having this issue also
drobo_00 has joined #armbian
drobo_00 has quit [Remote host closed the connection]
DaRock has joined #armbian
sunshavi has joined #armbian
<[TheBug]> hhmm
<[TheBug]> why would having crypto initialized break video output?
<[TheBug]> not sure I follow in what your issue is
<[TheBug]> maybe you can provide more details
sunshavi has quit [Remote host closed the connection]