Daniel Barlow 
							
						 
					 
					
						
						
							
						
						294492a176 
					 
					
						
						
							
							jiggle imports  
						
						
						
						
					 
					
						2024-12-24 13:46:19 +00:00 
						 
				 
			
				
					
						
							
							
								Arnout Engelen 
							
						 
					 
					
						
						
							
						
						f8a275d1a3 
					 
					
						
						
							
							use Linux kernel sources associated with openwrt by default  
						
						
						
						
					 
					
						2024-12-24 12:30:15 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						bc20f4c6b7 
					 
					
						
						
							
							rt3200 test install  
						
						
						
						
					 
					
						2024-12-23 23:59:52 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						848214d104 
					 
					
						
						
							
							add ubivolume output  
						
						
						
						
					 
					
						2024-12-23 22:37:07 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ede8f12d2b 
					 
					
						
						
							
							declare options.hardware.ubi unconditionally  
						
						... 
						
						
						
						this is so it can be defined in device modules even when
ubifs is not included in the configuration 
						
						
					 
					
						2024-12-23 22:37:07 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						6cd5b90678 
					 
					
						
						
							
							outputs.rootubifs -> ubifs  
						
						
						
						
					 
					
						2024-12-23 22:37:07 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						db4f098c02 
					 
					
						
						
							
							add fit bootloader  
						
						... 
						
						
						
						this is for the belkin rt3200, whose uboot doesn't do
extlinux but can load a fit from a ubifs. It adds the
a kernel+dtb as /boot/fit 
						
						
					 
					
						2024-12-23 11:21:58 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1347937345 
					 
					
						
						
							
							rename file  
						
						
						
						
					 
					
						2024-12-23 10:31:22 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						a7b5f80674 
					 
					
						
						
							
							rename extlinux output to bootfiles  
						
						... 
						
						
						
						this is in preparation for introducing other non-extlinux
modules that populate /boot 
						
						
					 
					
						2024-12-23 00:09:31 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						f07a38b0fd 
					 
					
						
						
							
							extract uimage output module into own file  
						
						
						
						
					 
					
						2024-12-22 21:10:07 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ac189f2977 
					 
					
						
						
							
							outputs.zimage -> outputs.kernel.zImage  
						
						... 
						
						
						
						remove config option/derivation in favour of accessing
as output of the kernel derivation (matches what we do
with e.g. modulesupport) 
						
						
					 
					
						2024-12-22 17:27:59 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						f60b74f415 
					 
					
						
						
							
							add a new updater output  
						
						... 
						
						
						
						this is so that we don't have to obfuscate store paths in
systemConfiguration to avoid dragging in build system
deps.
breaking-ish change to workflows, docs updated 
						
						
					 
					
						2024-12-20 00:05:07 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						56c667cfd5 
					 
					
						
						
							
							extract systemConfiguration into its own output module  
						
						
						
						
					 
					
						2024-12-19 20:55:10 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						f9b4f0bc9c 
					 
					
						
						
							
							move modules/squashfs.nix into outputs/  
						
						
						
						
					 
					
						2024-12-19 14:33:50 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ffaca615ba 
					 
					
						
						
							
							copy logs to /dev/pmsg0 when ogging.persistent.enabled  
						
						
						
						
					 
					
						2024-12-18 21:11:58 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						81f5550bf0 
					 
					
						
						
							
							config.logging.persistent enables /dev/pmsg0  
						
						... 
						
						
						
						- whatever's written to /dev/pmsg0 appears as
/sys/fs/pstore/pmsg-ramoops-0 after reboot
- only works on devices with the relevant device tree
support (gl-ar750 and whatever has it by default)
- nothing in the system is actually writing this file yet
- or reading it at boot time, for that matter 
						
						
					 
					
						2024-12-17 23:24:31 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						b52133a28b 
					 
					
						
						
							
							add hardware.dts.includes option  
						
						
						
						
					 
					
						2024-12-17 20:36:14 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						44caefcd3b 
					 
					
						
						
							
							rename config.hardware.dts.includes -> includePaths  
						
						... 
						
						
						
						(1) it's a better name
(2) I want to use `includes` to specify dtsi files 
						
						
					 
					
						2024-12-17 17:41:53 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1f7d6544e3 
					 
					
						
						
							
							provide stdout to ppp callback scripts  
						
						... 
						
						
						
						pppd runs them with 0,1,2 => /dev/null but we actually quite like
seeing errors in the logs 
						
						
					 
					
						2024-10-17 21:37:08 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1bca072509 
					 
					
						
						
							
							fix chrony pidfile error  
						
						
						
						
					 
					
						2024-10-17 21:35:33 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						7b98724643 
					 
					
						
						
							
							turns out we did need usepeerdns  
						
						
						
						
					 
					
						2024-10-17 21:05:16 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						b1625763ee 
					 
					
						
						
							
							ppp service signal readiness only when ip-up has run  
						
						... 
						
						
						
						as downstream services need e.g. ifname which is not written by ipv6-up 
						
						
					 
					
						2024-10-16 22:59:01 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						14bfebc5c3 
					 
					
						
						
							
							enable unloading modules so that scripts work  
						
						... 
						
						
						
						if we can't unload them then the service that loads them will fail
the second time it's run 
						
						
					 
					
						2024-10-16 22:54:19 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						0447ac0ff9 
					 
					
						
						
							
							did we need MODULE_SIG?  
						
						... 
						
						
						
						I think this may be a hangover from using backports modules for wlan 
						
						
					 
					
						2024-10-16 22:53:16 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e35a1514ab 
					 
					
						
						
							
							send kernel logs to s6  
						
						
						
						
					 
					
						2024-10-16 18:59:42 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						4a0120487c 
					 
					
						
						
							
							remove usepeerdns - it causes only errors  
						
						... 
						
						
						
						we handle dns with service outputs anyway 
						
						
					 
					
						2024-10-16 18:58:34 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						17517dd34f 
					 
					
						
						
							
							remove KEXEC from base kernel config  
						
						... 
						
						
						
						we're not using it any more 
						
						
					 
					
						2024-10-10 18:23:50 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						5112eab4da 
					 
					
						
						
							
							apply incoming-allowed-ip[46] rules to input as well as forward pkts  
						
						... 
						
						
						
						this makes it possible to open ports on the router itself 
						
						
					 
					
						2024-10-10 18:18:23 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						2d7e6188ac 
					 
					
						
						
							
							log shipping service now gets logs on stdin  
						
						... 
						
						
						
						instead of having to open the unix socket 
						
						
					 
					
						2024-10-06 13:26:58 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						493c5f69d7 
					 
					
						
						
							
							add module for certifix-client  
						
						
						
						
					 
					
						2024-10-06 11:27:39 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						635590d37a 
					 
					
						
						
							
							implement log shipping config  
						
						... 
						
						
						
						to use this, you need config like for example
+  logging.shipping = {
+    enable = true;
+    service = longrun {
+      name = "ship-logs";
+      run = let path = lib.makeBinPath (with pkgs; [ s6 s6-networking s6 execline ]);
+            in ''
+        PATH=${path}:$PATH
+        s6-ipcserver -1 ${config.logging.shipping.socket} \
+        s6-tcpclient 10.0.2.2 19612 \
+        fdmove -c 1 7 cat
+      '';
+    };
+  };
but I think we can reduce the noise a bit if we use an s6-rc pipeline
with an s6-ipcserver on one side and and a (whatever the user wants)
on the other 
						
						
					 
					
						2024-09-18 22:14:34 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						707a471bc2 
					 
					
						
						
							
							add logtee to catchall logger  
						
						
						
						
					 
					
						2024-09-16 21:30:06 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e0725489ca 
					 
					
						
						
							
							unbreak pppoe ci job  
						
						
						
						
					 
					
						2024-09-06 00:33:30 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						091d863710 
					 
					
						
						
							
							extract pppoe/l2tp common code  
						
						
						
						
					 
					
						2024-09-04 12:02:00 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						c7bcfbfa34 
					 
					
						
						
							
							make pppoe/l2tp more consistent  
						
						
						
						
					 
					
						2024-09-03 22:57:45 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						500a3c1025 
					 
					
						
						
							
							make nodefaultroute explicit in ppp  
						
						
						
						
					 
					
						2024-09-03 22:53:13 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e590c0ad3f 
					 
					
						
						
							
							secrets subscriber: add provider as dep to controlled service  
						
						
						
						
					 
					
						2024-09-01 09:56:59 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						14abdd9998 
					 
					
						
						
							
							tang: notify on ready  
						
						
						
						
					 
					
						2024-08-31 23:24:50 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e745991b9d 
					 
					
						
						
							
							restart pppoe/l2tp in secrets changes  
						
						
						
						
					 
					
						2024-08-30 20:49:27 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						defbfce1fb 
					 
					
						
						
							
							finish converting outputRef to lambda  
						
						
						
						
					 
					
						2024-08-30 20:46:48 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						a8a19977ca 
					 
					
						
						
							
							(untested) template service for tang encrypted secrets  
						
						
						
						
					 
					
						2024-08-28 22:32:26 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						7351e143c5 
					 
					
						
						
							
							remove redundant sourcing of ${serviceFns}  
						
						... 
						
						
						
						this is done by the oneshot and longrun functions 
						
						
					 
					
						2024-08-28 21:28:27 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						fe7b092075 
					 
					
						
						
							
							(untested) http basic auth for outboard secrets  
						
						
						
						
					 
					
						2024-08-28 20:53:59 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						d5d621f310 
					 
					
						
						
							
							rename http-fstree => json-to-fstree  
						
						... 
						
						
						
						it works for file urls as well, not just http 
						
						
					 
					
						2024-08-28 16:36:49 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						c7164a6f4a 
					 
					
						
						
							
							sshd can use outputRef for authorized_keys  
						
						
						
						
					 
					
						2024-08-25 16:35:50 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						99f68e5421 
					 
					
						
						
							
							destructure params in ssh service  
						
						
						
						
					 
					
						2024-08-23 23:13:49 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						9c30b6f882 
					 
					
						
						
							
							change output references from attrset to lambda  
						
						... 
						
						
						
						this is so that we can distinguish a ref from a literal parameter that
might be a attrset 
						
						
					 
					
						2024-08-23 22:25:57 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						869a508c0a 
					 
					
						
						
							
							add authorizedKeys option to ssh service  
						
						... 
						
						
						
						this has no apparent use as it stands, but opens the door to
having the keys managed by an external secrets service 
						
						
					 
					
						2024-08-23 20:35:07 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						a6128955e7 
					 
					
						
						
							
							ppp modules: permit (mostly) same params for l2tp as pppoe  
						
						... 
						
						
						
						this also means that l2tp can use secrets for username/password 
						
						
					 
					
						2024-08-21 23:10:28 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						531cb113be 
					 
					
						
						
							
							devout needs a longer startup timeout  
						
						... 
						
						
						
						seems to be taking around 40 seconds now, would be worth digging in to
find out why 
						
						
					 
					
						2024-08-21 23:09:11 +01:00