Daniel Barlow 
							
						 
					 
					
						
						
							
						
						81f5550bf0 
					 
					
						
						
							
							config.logging.persistent enables /dev/pmsg0  
						
						... 
						
						
						
						- whatever's written to /dev/pmsg0 appears as
/sys/fs/pstore/pmsg-ramoops-0 after reboot
- only works on devices with the relevant device tree
support (gl-ar750 and whatever has it by default)
- nothing in the system is actually writing this file yet
- or reading it at boot time, for that matter 
						
						
					 
					
						2024-12-17 23:24:31 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						b52133a28b 
					 
					
						
						
							
							add hardware.dts.includes option  
						
						
						
						
					 
					
						2024-12-17 20:36:14 +00:00 
						 
				 
			
				
					
						
							
							
								Arnout Engelen 
							
						 
					 
					
						
						
							
						
						1ff779c1a9 
					 
					
						
						
							
							use Linux kernel sources associated with openwrt by default  
						
						
						
						
					 
					
						2024-12-17 20:24:14 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						44caefcd3b 
					 
					
						
						
							
							rename config.hardware.dts.includes -> includePaths  
						
						... 
						
						
						
						(1) it's a better name
(2) I want to use `includes` to specify dtsi files 
						
						
					 
					
						2024-12-17 17:41:53 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						6e6b8790eb 
					 
					
						
						
							
							think  
						
						
						
						
					 
					
						2024-12-17 17:24:52 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						2e5a8a572e 
					 
					
						
						
							
							tufted: more robust merge-pathname impl  
						
						
						
						
					 
					
						2024-12-17 17:24:40 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						464d046b5a 
					 
					
						
						
							
							append-path spec behaviour for repeated /  
						
						
						
						
					 
					
						2024-12-17 17:24:16 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ac8b971cc0 
					 
					
						
						
							
							new fn append-path in anoia  
						
						... 
						
						
						
						complains if you try to ../../../ 
						
						
					 
					
						2024-12-11 17:26:44 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						13087d17e3 
					 
					
						
						
							
							use assert macros in anoia/init.fnl  
						
						... 
						
						
						
						there is no circularity (maybe there was once?) 
						
						
					 
					
						2024-12-11 17:25:39 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						5572c0ecb0 
					 
					
						
						
							
							rewrite parts of inout test to be differently wrong  
						
						
						
						
					 
					
						2024-12-09 23:36:22 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						4cbe3ba683 
					 
					
						
						
							
							add some debug output in inout test  
						
						
						
						
					 
					
						2024-12-09 21:00:11 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						20f4a12689 
					 
					
						
						
							
							inout: improve robustness, maybe?  
						
						
						
						
					 
					
						2024-12-07 16:02:42 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						33e5c436d5 
					 
					
						
						
							
							add environment variables that scapy now needs (24.11)  
						
						
						
						
					 
					
						2024-12-04 21:16:36 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						cde30bcd54 
					 
					
						
						
							
							in nixos 24.11 chrony no longer expects nss/nspr/readline  
						
						
						
						
					 
					
						2024-12-03 21:39:54 +00:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1f7d6544e3 
					 
					
						
						
							
							provide stdout to ppp callback scripts  
						
						... 
						
						
						
						pppd runs them with 0,1,2 => /dev/null but we actually quite like
seeing errors in the logs 
						
						
					 
					
						2024-10-17 21:37:08 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1bca072509 
					 
					
						
						
							
							fix chrony pidfile error  
						
						
						
						
					 
					
						2024-10-17 21:35:33 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						7b98724643 
					 
					
						
						
							
							turns out we did need usepeerdns  
						
						
						
						
					 
					
						2024-10-17 21:05:16 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						b1625763ee 
					 
					
						
						
							
							ppp service signal readiness only when ip-up has run  
						
						... 
						
						
						
						as downstream services need e.g. ifname which is not written by ipv6-up 
						
						
					 
					
						2024-10-16 22:59:01 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						91bdfc2766 
					 
					
						
						
							
							remove apparently obsolete rp-pppoe configure setting  
						
						... 
						
						
						
						this were copied from nixpkgs but perhaps is for an older version of
rp-pppoe because it builds just fine without 
						
						
					 
					
						2024-10-16 22:56:05 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						14bfebc5c3 
					 
					
						
						
							
							enable unloading modules so that scripts work  
						
						... 
						
						
						
						if we can't unload them then the service that loads them will fail
the second time it's run 
						
						
					 
					
						2024-10-16 22:54:19 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						0447ac0ff9 
					 
					
						
						
							
							did we need MODULE_SIG?  
						
						... 
						
						
						
						I think this may be a hangover from using backports modules for wlan 
						
						
					 
					
						2024-10-16 22:53:16 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e35a1514ab 
					 
					
						
						
							
							send kernel logs to s6  
						
						
						
						
					 
					
						2024-10-16 18:59:42 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						4a0120487c 
					 
					
						
						
							
							remove usepeerdns - it causes only errors  
						
						... 
						
						
						
						we handle dns with service outputs anyway 
						
						
					 
					
						2024-10-16 18:58:34 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						888688ce28 
					 
					
						
						
							
							buuld ppp with path to /run  
						
						
						
						
					 
					
						2024-10-16 18:57:26 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						9e3f48768e 
					 
					
						
						
							
							think  
						
						
						
						
					 
					
						2024-10-14 18:49:10 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						72171021e3 
					 
					
						
						
							
							support finish script in longrun  
						
						
						
						
					 
					
						2024-10-10 18:26:14 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						17517dd34f 
					 
					
						
						
							
							remove KEXEC from base kernel config  
						
						... 
						
						
						
						we're not using it any more 
						
						
					 
					
						2024-10-10 18:23:50 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						5112eab4da 
					 
					
						
						
							
							apply incoming-allowed-ip[46] rules to input as well as forward pkts  
						
						... 
						
						
						
						this makes it possible to open ports on the router itself 
						
						
					 
					
						2024-10-10 18:18:23 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e383f1b3d3 
					 
					
						
						
							
							obfuscate store path for min-copy-closure  
						
						... 
						
						
						
						otherwise the systemconfig closure drags in a bunch of build system
things (bash, etc) which we don't want or need to copy to the device 
						
						
					 
					
						2024-10-10 16:25:00 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						da1245432e 
					 
					
						
						
							
							no more iminix-rebuild  
						
						
						
						
					 
					
						2024-10-09 19:34:55 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						541b1c61c2 
					 
					
						
						
							
							ensure $toplevel is path in /nix/store  
						
						
						
						
					 
					
						2024-10-09 18:59:33 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						55c7410a55 
					 
					
						
						
							
							add result/install.sh to systemConfiguration output  
						
						... 
						
						
						
						this makes it possible to install a systemconfig instead of
having to use nix-shell (which is very slow) 
						
						
					 
					
						2024-10-09 13:35:02 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						0f50648157 
					 
					
						
						
							
							don't put hostname in levitate logs  
						
						... 
						
						
						
						there might not be one 
						
						
					 
					
						2024-10-08 22:55:39 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						f1c260d4f7 
					 
					
						
						
							
							make ci.ni "all" a derivation  
						
						... 
						
						
						
						this is to stop hydra complaining 
						
						
					 
					
						2024-10-06 18:04:56 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						3d611d3ba2 
					 
					
						
						
							
							fix unstable qemu build?  
						
						... 
						
						
						
						nix-repl> (lib.versionOlder "24.11pre-git" "24.11")
true
nix-repl> (lib.versionOlder "24.11pre-git" "24.10")
false
n 
						
						
					 
					
						2024-10-06 18:04:48 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e6b7d86381 
					 
					
						
						
							
							sort lines  
						
						
						
						
					 
					
						2024-10-06 17:53:34 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						83fbffb39b 
					 
					
						
						
							
							catch another uncaught-logs  
						
						
						
						
					 
					
						2024-10-06 17:53:09 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						f8c579b41e 
					 
					
						
						
							
							add CI "all" target  
						
						
						
						
					 
					
						2024-10-06 17:52:59 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ca9efc4b26 
					 
					
						
						
							
							simplify CI  
						
						... 
						
						
						
						* I didn't know what I was doing when I set up Hydra
* it's not certain that I do now either, but hey ho 
						
						
					 
					
						2024-10-06 15:55:01 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						336fc7e495 
					 
					
						
						
							
							think  
						
						
						
						
					 
					
						2024-10-06 14:27:45 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						4cc0add2ad 
					 
					
						
						
							
							update refs to uncaught-logs in docs/tests  
						
						
						
						
					 
					
						2024-10-06 13:46:14 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						2d7e6188ac 
					 
					
						
						
							
							log shipping service now gets logs on stdin  
						
						... 
						
						
						
						instead of having to open the unix socket 
						
						
					 
					
						2024-10-06 13:26:58 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						b9999857cb 
					 
					
						
						
							
							longrun: don't add logger if producer-for is already set  
						
						
						
						
					 
					
						2024-10-06 13:13:04 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						ba03ddeb38 
					 
					
						
						
							
							border-vm: add tang service  
						
						
						
						
					 
					
						2024-10-06 12:38:06 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						493c5f69d7 
					 
					
						
						
							
							add module for certifix-client  
						
						
						
						
					 
					
						2024-10-06 11:27:39 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						1a915e91ff 
					 
					
						
						
							
							add altname to CSR  
						
						
						
						
					 
					
						2024-10-06 10:13:28 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						197e2eb5b1 
					 
					
						
						
							
							new package certifix-client uses certifix to sign ssl client cert  
						
						... 
						
						
						
						this is initially for TLS-enabled logging but would be useful for
anything on a liminix box that wants to talk to a network service in a
"zero trust" setup 
						
						
					 
					
						2024-10-03 23:00:08 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						7ca822c826 
					 
					
						
						
							
							more messing around with lua derivation  
						
						
						
						
					 
					
						2024-10-03 23:00:08 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						e5631783e1 
					 
					
						
						
							
							add luaossl package with patch for CSR attributes  
						
						
						
						
					 
					
						2024-10-03 23:00:08 +01:00 
						 
				 
			
				
					
						
							
							
								Daniel Barlow 
							
						 
					 
					
						
						
							
						
						635590d37a 
					 
					
						
						
							
							implement log shipping config  
						
						... 
						
						
						
						to use this, you need config like for example
+  logging.shipping = {
+    enable = true;
+    service = longrun {
+      name = "ship-logs";
+      run = let path = lib.makeBinPath (with pkgs; [ s6 s6-networking s6 execline ]);
+            in ''
+        PATH=${path}:$PATH
+        s6-ipcserver -1 ${config.logging.shipping.socket} \
+        s6-tcpclient 10.0.2.2 19612 \
+        fdmove -c 1 7 cat
+      '';
+    };
+  };
but I think we can reduce the noise a bit if we use an s6-rc pipeline
with an s6-ipcserver on one side and and a (whatever the user wants)
on the other 
						
						
					 
					
						2024-09-18 22:14:34 +01:00