newedge/liminix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,341 Commits 4 Branches 0 Tags
e6b7d86381ba458c8ce83620faa90163608b42d3
Commit Graph

1341 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Barlow
e590c0ad3f secrets subscriber: add provider as dep to controlled service 2024-09-01 09:56:59 +01:00
Daniel Barlow
14abdd9998 tang: notify on ready 2024-08-31 23:24:50 +01:00
Daniel Barlow
6287b92000 fix bugs handling base64 padding 2024-08-31 22:43:25 +01:00
Daniel Barlow
d2215d3e56 tangc popen retry on short read 2024-08-31 22:18:23 +01:00
Daniel Barlow
3cf2308bee tangc: stop printing unexpected blank lines 2024-08-31 15:29:10 +01:00
Daniel Barlow
3913989be3 provide string to perform-encryption 
instead of letting it read stdin, which I think may have been read
by a subprocess already sometimes?
 2024-08-31 15:27:54 +01:00
Daniel Barlow
43e5e6876e improve tangc error messages 2024-08-31 15:22:26 +01:00
Daniel Barlow
7d6c80570c refactor all writeFennelScript calls to use writeFennel directly 2024-08-30 20:57:42 +01:00
Daniel Barlow
e745991b9d restart pppoe/l2tp in secrets changes 2024-08-30 20:49:27 +01:00
Daniel Barlow
defbfce1fb finish converting outputRef to lambda 2024-08-30 20:46:48 +01:00
Daniel Barlow
0df2c83382 tighten perms on service state directory 2024-08-29 23:56:43 +01:00
Daniel Barlow
01c28de88d think 2024-08-29 23:56:20 +01:00
Daniel Barlow
2bf197cad8 document outputs and secrets 2024-08-29 23:55:32 +01:00
Daniel Barlow
a8a19977ca (untested) template service for tang encrypted secrets 2024-08-28 22:32:26 +01:00
Daniel Barlow
8a9284af1e think 2024-08-28 22:23:00 +01:00
Daniel Barlow
7351e143c5 remove redundant sourcing of ${serviceFns} 
this is done by the oneshot and longrun functions
 2024-08-28 21:28:27 +01:00
Daniel Barlow
283c3154a7 missing file in s6-rc-up-tree test fixture 2024-08-28 21:18:54 +01:00
Daniel Barlow
34f37d60d9 missed adding this 2024-08-28 20:56:52 +01:00
Daniel Barlow
fe7b092075 (untested) http basic auth for outboard secrets 2024-08-28 20:53:59 +01:00
Daniel Barlow
b56f121e04 fetch lua glue: handle missing content-length 2024-08-28 19:52:00 +01:00
Daniel Barlow
d5d621f310 rename http-fstree => json-to-fstree 
it works for file urls as well, not just http
 2024-08-28 16:36:49 +01:00
Daniel Barlow
da95a9fa62 tangc support encryption 2024-08-28 18:55:20 +01:00
Daniel Barlow
85071c88e7 remove argv0 from calls to jose 2024-08-28 11:16:43 +01:00
Daniel Barlow
74093b7ee3 josep! runs jose without json parsing the output 2024-08-28 08:13:50 +01:00
Daniel Barlow
41733e58d6 remove unused code, tidy string parsing 2024-08-28 07:20:07 +01:00
Daniel Barlow
9041d5d63a add jose! fn to reduce error-checking boilerplate 2024-08-28 07:10:47 +01:00
Daniel Barlow
001ebdc601 remove unused requires 2024-08-28 06:52:04 +01:00
Daniel Barlow
1f97409474 add popen2 to anoia.fs 2024-08-28 06:49:43 +01:00
Daniel Barlow
a41839f3d1 clevis-decrypt-tang in fennel 
needs a lot of tidying up, but works on my test file
 2024-08-28 01:37:44 +01:00
Daniel Barlow
ff76d854fc extend libfetch lua glue to other HTTP methods 2024-08-28 01:37:02 +01:00
Daniel Barlow
81a6480a4f anoia add base64 deode 2024-08-27 22:42:03 +01:00
Daniel Barlow
c7164a6f4a sshd can use outputRef for authorized_keys 2024-08-25 16:35:50 +01:00
Daniel Barlow
83ca86fe42 keys in service output tree are strings 2024-08-25 15:59:24 +01:00
Daniel Barlow
1b4106e2a3 ssh-keys service, draft 2024-08-25 15:09:31 +01:00
Daniel Barlow
89912c766b nixpkgs 24.11 qemu does not expect texinfo 2024-08-25 14:23:29 +01:00
Daniel Barlow
9828b007ae watch-ssh-keys turns secrets-service into authorized_keys files 2024-08-24 23:25:32 +01:00
Daniel Barlow
f34abc85ae add macros param to write-fennel 2024-08-24 23:19:46 +01:00
Daniel Barlow
b475a680fb define-tests macro, evals body only when inside fennelrepl --test 2024-08-24 22:26:25 +01:00
Daniel Barlow
43612af71a anoia: %% is alias for string.formt 2024-08-24 13:56:54 +01:00
Daniel Barlow
5695c47496 add dig to anoia 2024-08-23 23:27:29 +01:00
Daniel Barlow
e3ec514710 think 2024-08-23 23:27:17 +01:00
Daniel Barlow
99f68e5421 destructure params in ssh service 2024-08-23 23:13:49 +01:00
Daniel Barlow
9c30b6f882 change output references from attrset to lambda 
this is so that we can distinguish a ref from a literal parameter that
might be a attrset
 2024-08-23 22:25:57 +01:00
Daniel Barlow
dd75322c10 think 2024-08-23 21:45:18 +01:00
Daniel Barlow
869a508c0a add authorizedKeys option to ssh service 
this has no apparent use as it stands, but opens the door to
having the keys managed by an external secrets service
 2024-08-23 20:35:07 +01:00
Daniel Barlow
e835473945 patch dropbear to add -U option 2024-08-23 19:58:05 +01:00
Daniel Barlow
055268d5d2 upgrade dropbear 2024-08-23 19:57:10 +01:00
Daniel Barlow
ff38bcacbb improve devout error reporting 2024-08-21 23:24:13 +01:00
Daniel Barlow
a6128955e7 ppp modules: permit (mostly) same params for l2tp as pppoe 
this also means that l2tp can use secrets for username/password
 2024-08-21 23:10:28 +01:00
Daniel Barlow
531cb113be devout needs a longer startup timeout 
seems to be taking around 40 seconds now, would be worth digging in to
find out why
 2024-08-21 23:09:11 +01:00