12275f6896
add more test for table=
2024-09-04 21:21:30 +01:00
a60c2539a6
remove luaposix ref in write-fennel
2024-09-04 21:21:02 +01:00
146a2d9ac0
fix startup race/fencepost in watch-ssh-keys
...
if it starts _after_ the outputs are populated, it should
write the first lot of outputs without waiting for a change
2024-09-04 21:19:51 +01:00
091d863710
extract pppoe/l2tp common code
2024-09-04 12:02:00 +01:00
c7bcfbfa34
make pppoe/l2tp more consistent
2024-09-03 22:57:45 +01:00
500a3c1025
make nodefaultroute explicit in ppp
2024-09-03 22:53:13 +01:00
0c0d0eed8a
make watch-ssh-keys robust against missing key
2024-09-03 22:51:29 +01:00
699cf97206
improve tangc http error messages
2024-09-03 22:50:55 +01:00
cd0093279c
think
2024-09-01 10:14:31 +01:00
034d6aacc4
tangc handle non-zero exit from jwe dec
...
Sometimes it exits non-zero but decrypts the file *anyway*. It only
does this on the device and I haven't been able to reproduce on build,
so this is a workaround until we find the root cause
2024-09-01 09:57:38 +01:00
e590c0ad3f
secrets subscriber: add provider as dep to controlled service
2024-09-01 09:56:59 +01:00
14abdd9998
tang: notify on ready
2024-08-31 23:24:50 +01:00
6287b92000
fix bugs handling base64 padding
2024-08-31 22:43:25 +01:00
d2215d3e56
tangc popen retry on short read
2024-08-31 22:18:23 +01:00
3cf2308bee
tangc: stop printing unexpected blank lines
2024-08-31 15:29:10 +01:00
3913989be3
provide string to perform-encryption
...
instead of letting it read stdin, which I think may have been read
by a subprocess already sometimes?
2024-08-31 15:27:54 +01:00
43e5e6876e
improve tangc error messages
2024-08-31 15:22:26 +01:00
7d6c80570c
refactor all writeFennelScript calls to use writeFennel directly
2024-08-30 20:57:42 +01:00
e745991b9d
restart pppoe/l2tp in secrets changes
2024-08-30 20:49:27 +01:00
defbfce1fb
finish converting outputRef to lambda
2024-08-30 20:46:48 +01:00
0df2c83382
tighten perms on service state directory
2024-08-29 23:56:43 +01:00
01c28de88d
think
2024-08-29 23:56:20 +01:00
2bf197cad8
document outputs and secrets
2024-08-29 23:55:32 +01:00
a8a19977ca
(untested) template service for tang encrypted secrets
2024-08-28 22:32:26 +01:00
8a9284af1e
think
2024-08-28 22:23:00 +01:00
7351e143c5
remove redundant sourcing of ${serviceFns}
...
this is done by the oneshot and longrun functions
2024-08-28 21:28:27 +01:00
283c3154a7
missing file in s6-rc-up-tree test fixture
2024-08-28 21:18:54 +01:00
34f37d60d9
missed adding this
2024-08-28 20:56:52 +01:00
fe7b092075
(untested) http basic auth for outboard secrets
2024-08-28 20:53:59 +01:00
b56f121e04
fetch lua glue: handle missing content-length
2024-08-28 19:52:00 +01:00
d5d621f310
rename http-fstree => json-to-fstree
...
it works for file urls as well, not just http
2024-08-28 16:36:49 +01:00
da95a9fa62
tangc support encryption
2024-08-28 18:55:20 +01:00
85071c88e7
remove argv0 from calls to jose
2024-08-28 11:16:43 +01:00
74093b7ee3
josep! runs jose without json parsing the output
2024-08-28 08:13:50 +01:00
41733e58d6
remove unused code, tidy string parsing
2024-08-28 07:20:07 +01:00
9041d5d63a
add jose! fn to reduce error-checking boilerplate
2024-08-28 07:10:47 +01:00
001ebdc601
remove unused requires
2024-08-28 06:52:04 +01:00
1f97409474
add popen2 to anoia.fs
2024-08-28 06:49:43 +01:00
a41839f3d1
clevis-decrypt-tang in fennel
...
needs a lot of tidying up, but works on my test file
2024-08-28 01:37:44 +01:00
ff76d854fc
extend libfetch lua glue to other HTTP methods
2024-08-28 01:37:02 +01:00
81a6480a4f
anoia add base64 deode
2024-08-27 22:42:03 +01:00
c7164a6f4a
sshd can use outputRef for authorized_keys
2024-08-25 16:35:50 +01:00
83ca86fe42
keys in service output tree are strings
2024-08-25 15:59:24 +01:00
1b4106e2a3
ssh-keys service, draft
2024-08-25 15:09:31 +01:00
89912c766b
nixpkgs 24.11 qemu does not expect texinfo
2024-08-25 14:23:29 +01:00
9828b007ae
watch-ssh-keys turns secrets-service into authorized_keys files
2024-08-24 23:25:32 +01:00
f34abc85ae
add macros param to write-fennel
2024-08-24 23:19:46 +01:00
b475a680fb
define-tests macro, evals body only when inside fennelrepl --test
2024-08-24 22:26:25 +01:00
43612af71a
anoia: %% is alias for string.formt
2024-08-24 13:56:54 +01:00
5695c47496
add dig to anoia
2024-08-23 23:27:29 +01:00
