888688ce28
buuld ppp with path to /run
2024-10-16 18:57:26 +01:00
72171021e3
support finish script in longrun
2024-10-10 18:26:14 +01:00
e383f1b3d3
obfuscate store path for min-copy-closure
...
otherwise the systemconfig closure drags in a bunch of build system
things (bash, etc) which we don't want or need to copy to the device
2024-10-10 16:25:00 +01:00
541b1c61c2
ensure $toplevel is path in /nix/store
2024-10-09 18:59:33 +01:00
55c7410a55
add result/install.sh to systemConfiguration output
...
this makes it possible to install a systemconfig instead of
having to use nix-shell (which is very slow)
2024-10-09 13:35:02 +01:00
0f50648157
don't put hostname in levitate logs
...
there might not be one
2024-10-08 22:55:39 +01:00
b9999857cb
longrun: don't add logger if producer-for is already set
2024-10-06 13:13:04 +01:00
1a915e91ff
add altname to CSR
2024-10-06 10:13:28 +01:00
197e2eb5b1
new package certifix-client uses certifix to sign ssl client cert
...
this is initially for TLS-enabled logging but would be useful for
anything on a liminix box that wants to talk to a network service in a
"zero trust" setup
2024-10-03 23:00:08 +01:00
17630f2678
rename logtee->logtap
2024-09-18 20:58:02 +01:00
d3fce5edd4
implement error() for musl
2024-09-16 20:35:23 +01:00
5771108fed
improve logtee socket connection warning
...
* print it less often
* to the correct stream (stdout not stderr)
2024-09-16 20:34:26 +01:00
9e5f2d663d
close socket fd if we can't connect it
2024-09-15 22:09:31 +01:00
21eeb1671e
print diagnostic when eof on stderr
2024-09-15 21:59:24 +01:00
44762d38fc
write start cookie when socket connect succeeds
2024-09-15 21:54:21 +01:00
1f6cfc3679
extract method is_connected
2024-09-15 21:40:05 +01:00
8ec00f1710
improve error message
2024-09-15 21:37:04 +01:00
6a6dd32dea
make pollfd array global
2024-09-15 21:32:48 +01:00
9b1fc11a59
logshipper/logtee :copy stdin to stdout & to a unix socket if present
...
first draft
2024-09-15 19:33:21 +01:00
aaa6e353db
incz is a very rudimentary log shipper for zinc search
...
although it probably would work with elasticsearch as well
as zinc is alleged to be ES-compatible
this is just the package and needs hooking into the service/log
infrastructure somehow
2024-09-08 16:38:37 +01:00
69bf6cb5fb
write-fennel quote PATH properly
...
escapeShellArg only quotes if the string contains special
characters, but for a Lua string we must quote unconditionally
2024-09-07 22:31:44 +01:00
9f58e7b926
maybe fix nixpkgs-unstable lua
2024-09-07 00:58:11 +01:00
277c91acdf
Revert "remove luaposix ref in write-fennel"
...
This reverts commit a60c2539a6
2024-09-06 00:33:30 +01:00
cc47515cf8
watch-outputs remove debug code
2024-09-06 00:13:54 +01:00
464913cc8f
tangc use spawn to invoke jose
...
hopefully we are now deadlock-free
2024-09-06 00:12:45 +01:00
e604d628e3
fennel anoia.process.spawn
...
runs a subprocess and invokes a callback whenever its io
descriptors are ready
2024-09-06 00:11:33 +01:00
e2a597589b
anoia.fs.find-executable looks for bin in colon-sep list of directories
2024-09-06 00:08:40 +01:00
Raito Bezarius
a139a262c1
seedrng: init at 2022.04
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-09-05 14:18:00 +01:00
6a5fed83dd
conditional fetch in json-to-fstree
2024-09-05 11:14:47 +01:00
bcf5ab24e8
tidy watch-outputs startup message
2024-09-05 10:11:16 +01:00
32bf80c6fa
devout: unlink socket pathname before binding
2024-09-05 10:05:13 +01:00
12275f6896
add more test for table=
2024-09-04 21:21:30 +01:00
a60c2539a6
remove luaposix ref in write-fennel
2024-09-04 21:21:02 +01:00
146a2d9ac0
fix startup race/fencepost in watch-ssh-keys
...
if it starts _after_ the outputs are populated, it should
write the first lot of outputs without waiting for a change
2024-09-04 21:19:51 +01:00
0c0d0eed8a
make watch-ssh-keys robust against missing key
2024-09-03 22:51:29 +01:00
699cf97206
improve tangc http error messages
2024-09-03 22:50:55 +01:00
034d6aacc4
tangc handle non-zero exit from jwe dec
...
Sometimes it exits non-zero but decrypts the file *anyway*. It only
does this on the device and I haven't been able to reproduce on build,
so this is a workaround until we find the root cause
2024-09-01 09:57:38 +01:00
6287b92000
fix bugs handling base64 padding
2024-08-31 22:43:25 +01:00
d2215d3e56
tangc popen retry on short read
2024-08-31 22:18:23 +01:00
3cf2308bee
tangc: stop printing unexpected blank lines
2024-08-31 15:29:10 +01:00
3913989be3
provide string to perform-encryption
...
instead of letting it read stdin, which I think may have been read
by a subprocess already sometimes?
2024-08-31 15:27:54 +01:00
43e5e6876e
improve tangc error messages
2024-08-31 15:22:26 +01:00
7d6c80570c
refactor all writeFennelScript calls to use writeFennel directly
2024-08-30 20:57:42 +01:00
0df2c83382
tighten perms on service state directory
2024-08-29 23:56:43 +01:00
283c3154a7
missing file in s6-rc-up-tree test fixture
2024-08-28 21:18:54 +01:00
34f37d60d9
missed adding this
2024-08-28 20:56:52 +01:00
b56f121e04
fetch lua glue: handle missing content-length
2024-08-28 19:52:00 +01:00
d5d621f310
rename http-fstree => json-to-fstree
...
it works for file urls as well, not just http
2024-08-28 16:36:49 +01:00
da95a9fa62
tangc support encryption
2024-08-28 18:55:20 +01:00
85071c88e7
remove argv0 from calls to jose
2024-08-28 11:16:43 +01:00
