newedge/liminix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,570 Commits 4 Branches 0 Tags
be26df4e95a60704b7918951d35387d8ea58bcab
Commit Graph

528 Commits

Author SHA1 Message Date
Daniel Barlow be26df4e95 don't send 9 digits of nanosecond to victorialogs 
It fails to parse. I havent investigated how many digits it will
parse, but let's try 3
 2025-10-08 20:10:11 +01:00
Daniel Barlow 71aed767f2 switch logtap to use fifo unstead of af_unix 2025-10-08 20:10:11 +01:00
Daniel Barlow af6e41db7a logshippers: add victorialogsend script 
it's only very lightly tested but it seems to work.  the _stream
may be quite wrong, or perhaps that's a local admin decision anyway
 2025-10-08 20:10:11 +01:00
Daniel Barlow 947a1c1373 return utc as (values seconds nanos) 
fractional seconds is just inviting too much fun with floating point
error
 2025-10-08 20:10:11 +01:00
Daniel Barlow 59eea64985 add tai64 module to anoia 2025-10-08 20:10:11 +01:00
Daniel Barlow a343e63231 rename logshipper -> logtap 
- it matches the executable name
- it doesn't ship anything anyway, it's just plumbing
 2025-10-08 20:10:11 +01:00
Daniel Barlow 9f64eabeb4 rename incz package to logshippers 2025-10-08 20:10:11 +01:00
Daniel Barlow e55043a5a9 update uboot malta virtio support patch 
compiler warnings are fatal, so add the header file that declares virtio_init
 2025-04-15 12:57:28 +01:00
Daniel Barlow 6a89b5b4d4 qemu 9.2 won't start network devices without romfile option 2025-04-14 21:27:44 +01:00
Daniel Barlow d749538e9e remove qemu vga adapter 
it doesn't work with qemu 9.2 (coming soon) but we don't need it
anyway
 2025-04-14 21:27:44 +01:00
Daniel Barlow e04724d7fc upgrade rp-pppoe 2025-04-14 21:27:44 +01:00
Daniel Barlow b3bdb5a9c4 output-template add lua type() function 
I hope you never need it, but (1) I did; (2) it's harmless
 2025-04-12 23:40:23 +01:00
Daniel Barlow 8e5f3e29a7 don't write service properties with null values 
because serialisation causes them to become empty strings
which are not null
 2025-04-12 23:39:13 +01:00
Daniel Barlow d9723aeb87 secrets subscriber: make restart-all work 2025-03-31 23:01:48 +01:00
Daniel Barlow 1a6160bcab firewall: show how to ratelimit icmp6 to 5% of available bandwidth 
it's a little klunky as yet, requires setting properties.bandwidth on
the interface service
 2025-03-25 23:53:02 +00:00
Daniel Barlow b1bf13bb01 add svc:directory, mostly for use in debugging messages 2025-03-25 23:47:01 +00:00
Daniel Barlow c3f550698d watch-outputs fix update logic 
it was only working by accident, when it worked, which was by no
means all of the time

note that we unconditionally perform the action (restart or whatever)
once we've started and got the initial state of the outputs. That's
because we have no idea whether the outputs changed in the interval
between the controlled service initially starting and watch-outputs
starting, so updates in that interval could be lost
 2025-03-25 23:44:21 +00:00
Daniel Barlow 05991225de anoia.svc allow open of a service that is not yet running 
we change the inotify watcher so that it attempts to monitor
/run/service as well as /run/service/foo. If foo doesn't yet exist
then that call to addwatch fails, so we need to be looking at the
parent if we are to be told when foo gets created
 2025-03-25 23:37:58 +00:00
Daniel Barlow 7ce1c6bb7d add realpath to lualinux 2025-03-24 22:39:59 +00:00
Daniel Barlow 8440378a39 anoia: make dirname handle tralning / like posix 2025-03-24 22:37:24 +00:00
Daniel Barlow 0ae5689a40 support maps in firewallgen 2025-03-21 21:19:18 +00:00
Daniel Barlow 45047dc023 squahs falls back 2025-03-21 21:09:05 +00:00
Daniel Barlow be03e9e8c8 service outputs falls back to properties (untested) 2025-03-18 18:38:04 +00:00
Daniel Barlow 4e51977ae0 provide properties attr to services 
properties are similar to outputs, but are different in that they are
fixed values (do not change) and are present even when the service is
down

if the attribute is present and an attrset, this will write the
equivalent recursive directory structure to $out/.properties/
 2025-03-12 23:35:56 +00:00
Daniel Barlow 2b0972ed73 svc.open accepts a /nix/store folder not an outputs folder 
this mostly makes things simpler
 2025-03-11 00:21:44 +00:00
Daniel Barlow d4e46dbe28 secrets/subscriber don't depend on the services we're watching 
this means a watched service can stop and start without killing
the subscriber, and that we can watch for services that don't
yet exist
 2025-03-09 20:35:40 +00:00
Daniel Barlow d1f87a56e0 secrets/subscriber: use correct numbers for signals to s6-svc 2025-03-09 20:34:29 +00:00
Daniel Barlow 8c39b47cae output-template: allow splicing statements instead of expression 
if the text inside the delimiters begins with ; (a semicolon) then
the rest of it is expected to be one or more Lua statements. It needs
to say `return "foo"` to interpolate anything, as there is no
implicit return of the value of the last statement
 2025-03-05 22:38:48 +00:00
Daniel Barlow 2c7a16d792 firewallgen: add extraText param to set 
anything in here is added verbatim to the set definition
 2025-03-05 22:36:35 +00:00
Daniel Barlow d6b06abb63 delet second copy of output-template 2025-03-02 21:34:02 +00:00
Daniel Barlow 234d1bd87e basic unit tests for output-template 2025-03-02 21:14:46 +00:00
Daniel Barlow c38f180fb7 output-template expose table module 2025-03-02 21:14:16 +00:00
Daniel Barlow 9a8b22997c output-template: pass the tests 2025-03-02 21:09:32 +00:00
Daniel Barlow c32d09bd83 output-template: run the tests 2025-03-02 21:09:11 +00:00
Daniel Barlow 6649ebeccd firewall: use watch-outputs to track changes in zone->interface map 
includes a horrible hack to work around (claimed (by me)) deficiencies
in the nftables parser
 2025-02-28 00:43:20 +00:00
Daniel Barlow 929226ed9e delete commented code 2025-02-27 20:55:30 +00:00
Daniel Barlow 024c018262 run the output-template test 2025-02-22 00:10:19 +00:00
Daniel Barlow 7e2b0068e6 nixfmt-rfc-style 
There is nothing in this commit except for the changes made by
nix-shell -p nixfmt-rfc-style --run "nixfmt ."

If this has mucked up your open branches then sorry about that. You
can probably nixfmt them to match before merging
 2025-02-10 21:55:08 +00:00
Daniel Barlow 4bb081ffcf export anoia.svc:fileno so it can be used with event loops 2025-02-10 21:21:08 +00:00
Daniel Barlow 1d780de0f1 add (very basic) set support in firewallgen 
and add sets for lan/wan/dmz/guest interface names to default
firewall rules
 2025-02-10 21:17:43 +00:00
Arnout Engelen e71d92eb3d OpenWrt One support 
https://openwrt.org/toh/openwrt/one
 2025-01-07 16:10:04 +01:00
Daniel Barlow 350ddde260 add pkgs.openwrt_24_10 
is needed by Belkin RT3200 and might also be handy for OpenWrt One?

this is very copy-pastey, will tidy it up after it
stops being a moving target
 2025-01-03 23:52:08 +00:00
Daniel Barlow aa2160dd05 logtap: fix indentation 
spaces not tabs
 2025-01-02 22:45:00 +00:00
Daniel Barlow 788169586f /boot is a directory, copy files instead of replacing it with symlink 
for the record, u-boot doesn't like having /boot/fit -> ../nix/store/..../fit
symlinks so we don't use symlinks inside /boot either
 2025-01-01 12:29:25 +00:00
Daniel Barlow 9dd169d500 add "config" output to kernel derivation 2025-01-01 11:54:46 +00:00
Daniel Barlow 48dfbe0c01 add nginx-small : nginx with finegrained configure options 2024-12-29 20:47:03 +00:00
Daniel Barlow fe1ee12e3d swap strchr for strchrnul in dropbear authkeyfile patch 
The strchrnul version was giving weird crashes on aarch64
belkin-rt3200. I haven't figured out why but this one doesn't
 2024-12-29 13:30:21 +00:00
Arnout Engelen a89f866bf0 use Linux kernel sources associated with openwrt by default 2024-12-24 12:21:28 +00:00
Daniel Barlow f60b74f415 add a new updater output 
this is so that we don't have to obfuscate store paths in
systemConfiguration to avoid dragging in build system
deps.

breaking-ish change to workflows, docs updated
 2024-12-20 00:05:07 +00:00
Daniel Barlow 812e35b7b9 systemconfig: improve filenames/pathnames 
no more make-stuff
 2024-12-19 22:28:30 +00:00