dan/liminix
1
0
Fork 5
Code
1,513 Commits 15 Branches 0 Tags 7.1 MiB
main
Commit Graph

18 Commits

Author SHA1 Message Date
Daniel Barlow
d9723aeb87 secrets subscriber: make restart-all work 2025-03-31 23:01:48 +01:00
Daniel Barlow
d4e46dbe28 secrets/subscriber don't depend on the services we're watching 
this means a watched service can stop and start without killing
the subscriber, and that we can watch for services that don't
yet exist
 2025-03-09 20:35:40 +00:00
Daniel Barlow
d1f87a56e0 secrets/subscriber: use correct numbers for signals to s6-svc 2025-03-09 20:34:29 +00:00
Daniel Barlow
6649ebeccd firewall: use watch-outputs to track changes in zone->interface map 
includes a horrible hack to work around (claimed (by me)) deficiencies
in the nftables parser
 2025-02-28 00:43:20 +00:00
Daniel Barlow
7e2b0068e6 nixfmt-rfc-style 
There is nothing in this commit except for the changes made by
nix-shell -p nixfmt-rfc-style --run "nixfmt ."

If this has mucked up your open branches then sorry about that. You
can probably nixfmt them to match before merging
 2025-02-10 21:55:08 +00:00
Daniel Barlow
e0725489ca unbreak pppoe ci job 2024-09-06 00:33:30 +01:00
Daniel Barlow
e590c0ad3f secrets subscriber: add provider as dep to controlled service 2024-09-01 09:56:59 +01:00
Daniel Barlow
14abdd9998 tang: notify on ready 2024-08-31 23:24:50 +01:00
Daniel Barlow
defbfce1fb finish converting outputRef to lambda 2024-08-30 20:46:48 +01:00
Daniel Barlow
a8a19977ca (untested) template service for tang encrypted secrets 2024-08-28 22:32:26 +01:00
Daniel Barlow
7351e143c5 remove redundant sourcing of ${serviceFns} 
this is done by the oneshot and longrun functions
 2024-08-28 21:28:27 +01:00
Daniel Barlow
fe7b092075 (untested) http basic auth for outboard secrets 2024-08-28 20:53:59 +01:00
Daniel Barlow
d5d621f310 rename http-fstree => json-to-fstree 
it works for file urls as well, not just http
 2024-08-28 16:36:49 +01:00
Daniel Barlow
4053ea9481 secrets/subscriber implement different restart types 2024-08-20 22:56:26 +01:00
Daniel Barlow
264d83c98d move some secret-watching stuff from hostapd to secrets 2024-08-20 21:49:11 +01:00
Daniel Barlow
e2c883356c add secrets-subscriber service, make hostapd use it 2024-08-15 23:00:41 +01:00
Daniel Barlow
d2d3af2587 outboard secrets: loop in service 
if we just quit and expect s6 to restart us, the finish script
wipes our outputs and anything with an inotify watch gets confused
 2024-08-14 22:41:56 +01:00
Daniel Barlow
4fb8253e57 first pass at outboard secrets 
- a module to fetch them with http(s)
- a service using templating to consume them
- update an example to use it

needs service restarts
needs other services to use the template mechanism
needs tidying up
 2024-08-12 22:57:21 +01:00