newedge/liminix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,423 Commits 4 Branches 0 Tags
f2e4e77d731ce3e132662487797d2e5fdcf09c77
Commit Graph

1423 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Barlow
fe7b092075 (untested) http basic auth for outboard secrets 2024-08-28 20:53:59 +01:00
Daniel Barlow
b56f121e04 fetch lua glue: handle missing content-length 2024-08-28 19:52:00 +01:00
Daniel Barlow
d5d621f310 rename http-fstree => json-to-fstree 
it works for file urls as well, not just http
 2024-08-28 16:36:49 +01:00
Daniel Barlow
da95a9fa62 tangc support encryption 2024-08-28 18:55:20 +01:00
Daniel Barlow
85071c88e7 remove argv0 from calls to jose 2024-08-28 11:16:43 +01:00
Daniel Barlow
74093b7ee3 josep! runs jose without json parsing the output 2024-08-28 08:13:50 +01:00
Daniel Barlow
41733e58d6 remove unused code, tidy string parsing 2024-08-28 07:20:07 +01:00
Daniel Barlow
9041d5d63a add jose! fn to reduce error-checking boilerplate 2024-08-28 07:10:47 +01:00
Daniel Barlow
001ebdc601 remove unused requires 2024-08-28 06:52:04 +01:00
Daniel Barlow
1f97409474 add popen2 to anoia.fs 2024-08-28 06:49:43 +01:00
Daniel Barlow
a41839f3d1 clevis-decrypt-tang in fennel 
needs a lot of tidying up, but works on my test file
 2024-08-28 01:37:44 +01:00
Daniel Barlow
ff76d854fc extend libfetch lua glue to other HTTP methods 2024-08-28 01:37:02 +01:00
Daniel Barlow
81a6480a4f anoia add base64 deode 2024-08-27 22:42:03 +01:00
Daniel Barlow
c7164a6f4a sshd can use outputRef for authorized_keys 2024-08-25 16:35:50 +01:00
Daniel Barlow
83ca86fe42 keys in service output tree are strings 2024-08-25 15:59:24 +01:00
Daniel Barlow
1b4106e2a3 ssh-keys service, draft 2024-08-25 15:09:31 +01:00
Daniel Barlow
89912c766b nixpkgs 24.11 qemu does not expect texinfo 2024-08-25 14:23:29 +01:00
Daniel Barlow
9828b007ae watch-ssh-keys turns secrets-service into authorized_keys files 2024-08-24 23:25:32 +01:00
Daniel Barlow
f34abc85ae add macros param to write-fennel 2024-08-24 23:19:46 +01:00
Daniel Barlow
b475a680fb define-tests macro, evals body only when inside fennelrepl --test 2024-08-24 22:26:25 +01:00
Daniel Barlow
43612af71a anoia: %% is alias for string.formt 2024-08-24 13:56:54 +01:00
Daniel Barlow
5695c47496 add dig to anoia 2024-08-23 23:27:29 +01:00
Daniel Barlow
e3ec514710 think 2024-08-23 23:27:17 +01:00
Daniel Barlow
99f68e5421 destructure params in ssh service 2024-08-23 23:13:49 +01:00
Daniel Barlow
9c30b6f882 change output references from attrset to lambda 
this is so that we can distinguish a ref from a literal parameter that
might be a attrset
 2024-08-23 22:25:57 +01:00
Daniel Barlow
dd75322c10 think 2024-08-23 21:45:18 +01:00
Daniel Barlow
869a508c0a add authorizedKeys option to ssh service 
this has no apparent use as it stands, but opens the door to
having the keys managed by an external secrets service
 2024-08-23 20:35:07 +01:00
Daniel Barlow
e835473945 patch dropbear to add -U option 2024-08-23 19:58:05 +01:00
Daniel Barlow
055268d5d2 upgrade dropbear 2024-08-23 19:57:10 +01:00
Daniel Barlow
ff38bcacbb improve devout error reporting 2024-08-21 23:24:13 +01:00
Daniel Barlow
a6128955e7 ppp modules: permit (mostly) same params for l2tp as pppoe 
this also means that l2tp can use secrets for username/password
 2024-08-21 23:10:28 +01:00
Daniel Barlow
531cb113be devout needs a longer startup timeout 
seems to be taking around 40 seconds now, would be worth digging in to
find out why
 2024-08-21 23:09:11 +01:00
Daniel Barlow
daede666cb in router-with-l2tp use secrets for ppp username/password 2024-08-21 00:17:53 +01:00
Daniel Barlow
2992771c7e pppoe allow secrets for username/password 2024-08-21 00:17:22 +01:00
Daniel Barlow
4cc82e1502 liminix.types.replacable is a string or ref to an output 2024-08-21 00:16:14 +01:00
Daniel Barlow
21f2320d86 inline method 2024-08-20 23:26:11 +01:00
Daniel Barlow
d40ada4251 use structured ppp params in ppp test 2024-08-20 23:25:31 +01:00
Daniel Barlow
4053ea9481 secrets/subscriber implement different restart types 2024-08-20 22:56:26 +01:00
Daniel Barlow
54d3415885 pppoe convert to using a config file 
mostly for ease of implementation but does mean we don't
have username/password secrets on the command line
 2024-08-20 22:55:30 +01:00
Daniel Barlow
264d83c98d move some secret-watching stuff from hostapd to secrets 2024-08-20 21:49:11 +01:00
Daniel Barlow
97defc2076 hostapd: get secrets service/path from attrs 2024-08-17 22:25:30 +01:00
Daniel Barlow
ddaa5476d3 override clevis derivation (experimental) 2024-08-15 23:02:54 +01:00
Daniel Barlow
bcd9d56624 start devout after mdevd 
not 100% sure that there's a dependency but it's plausible, and
would explain the observed occasional failure to start at boot
 2024-08-15 23:01:29 +01:00
Daniel Barlow
e2c883356c add secrets-subscriber service, make hostapd use it 2024-08-15 23:00:41 +01:00
Daniel Barlow
d79a941504 new package watch-outputs and example of its use 2024-08-14 22:58:17 +01:00
Daniel Barlow
2f82e0dab8 hostapd set permissions on dir in /run/ 2024-08-14 22:57:02 +01:00
Daniel Barlow
fc03965915 hostapd literal_or_output use an attrset for dispatch 2024-08-14 22:56:01 +01:00
Daniel Barlow
d2d3af2587 outboard secrets: loop in service 
if we just quit and expect s6 to restart us, the finish script
wipes our outputs and anything with an inotify watch gets confused
 2024-08-14 22:41:56 +01:00
Daniel Barlow
310ac30f24 http-fstree needs to write state and .lock for anoia.svc 2024-08-14 22:39:41 +01:00
Daniel Barlow
45a7f96bd4 anoia table= compares tables 2024-08-14 22:36:28 +01:00