034d6aacc4
tangc handle non-zero exit from jwe dec
...
Sometimes it exits non-zero but decrypts the file *anyway*. It only
does this on the device and I haven't been able to reproduce on build,
so this is a workaround until we find the root cause
2024-09-01 09:57:38 +01:00
6287b92000
fix bugs handling base64 padding
2024-08-31 22:43:25 +01:00
d2215d3e56
tangc popen retry on short read
2024-08-31 22:18:23 +01:00
3cf2308bee
tangc: stop printing unexpected blank lines
2024-08-31 15:29:10 +01:00
3913989be3
provide string to perform-encryption
...
instead of letting it read stdin, which I think may have been read
by a subprocess already sometimes?
2024-08-31 15:27:54 +01:00
43e5e6876e
improve tangc error messages
2024-08-31 15:22:26 +01:00
7d6c80570c
refactor all writeFennelScript calls to use writeFennel directly
2024-08-30 20:57:42 +01:00
0df2c83382
tighten perms on service state directory
2024-08-29 23:56:43 +01:00
283c3154a7
missing file in s6-rc-up-tree test fixture
2024-08-28 21:18:54 +01:00
34f37d60d9
missed adding this
2024-08-28 20:56:52 +01:00
b56f121e04
fetch lua glue: handle missing content-length
2024-08-28 19:52:00 +01:00
d5d621f310
rename http-fstree => json-to-fstree
...
it works for file urls as well, not just http
2024-08-28 16:36:49 +01:00
da95a9fa62
tangc support encryption
2024-08-28 18:55:20 +01:00
85071c88e7
remove argv0 from calls to jose
2024-08-28 11:16:43 +01:00
74093b7ee3
josep! runs jose without json parsing the output
2024-08-28 08:13:50 +01:00
41733e58d6
remove unused code, tidy string parsing
2024-08-28 07:20:07 +01:00
9041d5d63a
add jose! fn to reduce error-checking boilerplate
2024-08-28 07:10:47 +01:00
001ebdc601
remove unused requires
2024-08-28 06:52:04 +01:00
1f97409474
add popen2 to anoia.fs
2024-08-28 06:49:43 +01:00
a41839f3d1
clevis-decrypt-tang in fennel
...
needs a lot of tidying up, but works on my test file
2024-08-28 01:37:44 +01:00
ff76d854fc
extend libfetch lua glue to other HTTP methods
2024-08-28 01:37:02 +01:00
81a6480a4f
anoia add base64 deode
2024-08-27 22:42:03 +01:00
83ca86fe42
keys in service output tree are strings
2024-08-25 15:59:24 +01:00
9828b007ae
watch-ssh-keys turns secrets-service into authorized_keys files
2024-08-24 23:25:32 +01:00
f34abc85ae
add macros param to write-fennel
2024-08-24 23:19:46 +01:00
b475a680fb
define-tests macro, evals body only when inside fennelrepl --test
2024-08-24 22:26:25 +01:00
43612af71a
anoia: %% is alias for string.formt
2024-08-24 13:56:54 +01:00
5695c47496
add dig to anoia
2024-08-23 23:27:29 +01:00
9c30b6f882
change output references from attrset to lambda
...
this is so that we can distinguish a ref from a literal parameter that
might be a attrset
2024-08-23 22:25:57 +01:00
e835473945
patch dropbear to add -U option
2024-08-23 19:58:05 +01:00
ff38bcacbb
improve devout error reporting
2024-08-21 23:24:13 +01:00
4cc82e1502
liminix.types.replacable is a string or ref to an output
2024-08-21 00:16:14 +01:00
e2c883356c
add secrets-subscriber service, make hostapd use it
2024-08-15 23:00:41 +01:00
d79a941504
new package watch-outputs and example of its use
2024-08-14 22:58:17 +01:00
310ac30f24
http-fstree needs to write state and .lock for anoia.svc
2024-08-14 22:39:41 +01:00
45a7f96bd4
anoia table= compares tables
2024-08-14 22:36:28 +01:00
79445fd962
support multi-arg assoc
2024-08-14 22:34:37 +01:00
ff3a1905a5
pass service to output fn in output-template
...
instead of on command line
2024-08-12 22:53:07 +01:00
3c353e4aff
support json quoting in output-template
2024-08-10 23:42:08 +01:00
ba21384fde
new: output-template interpolates output values into config file
2024-08-10 23:06:47 +01:00
2480fdef5b
set up nginx on bordervm for testing outboard secrets
2024-08-10 23:05:50 +01:00
d760c2d27b
http-fstree downloads a json file and converts to service outputs
2024-08-08 15:35:11 +01:00
a1ff07b063
add rxi/json lua module
2024-08-08 15:05:26 +01:00
9550772cec
add lua binding to fetch-freebsd
2024-08-08 15:05:03 +01:00
64cd1626c6
new package fetch-freebsd: small http(s) client library
...
[*] smaller than curl, maybe not maximally small
2024-08-08 11:38:38 +01:00
eb79928b37
anoia.svc allow writing outputs
2024-08-08 11:37:50 +01:00
0a629df48d
anoia.fs: improve error messages
2024-08-08 11:36:47 +01:00
64afd18e2a
why does this fail on hydra?
2024-08-06 23:18:39 +01:00
8fa3443923
Revert "anoia.svc use timeout for inotify"
...
This reverts commit eca8e37e7a
2024-07-30 17:37:38 +01:00
eca8e37e7a
anoia.svc use timeout for inotify
...
in case we miss a message, check the directory every 5s
anyway
2024-07-26 23:40:40 +01:00
d300373b96
anoia fs.dir use case not match
...
match was accidentally pinning the return from readdir against the
function parameter. Which didn't work.
2024-07-26 23:37:40 +01:00
135a445672
restore param removed by deadnix
...
dochain is called with `family` even if it never uses it
2024-07-16 20:41:21 +01:00
3899daee56
create a module for round-robin
2024-07-15 22:37:37 +01:00
534a49e827
s6-rc-round-robin
...
runs services in order, starting the next one when the previous one
dies or fails to start
2024-07-08 21:53:51 +01:00
159bfa3057
make xl2tpd quit when the connections close
2024-07-08 21:44:15 +01:00
7f9971512d
a6-rc-up-tree: handle blocked deps, exit 1 if nothing started
2024-07-08 21:28:31 +01:00
f0f6cc80d7
remove dead code
2024-07-08 21:28:11 +01:00
afcc6a6436
s6-rc-up-tree pass -b to s6-rc command
2024-07-08 21:27:54 +01:00
2e8e05f31a
wip: rewrite s6-rc-up-tree in an actual procgramming language
...
and write some tests for it, too
2024-07-08 21:27:42 +01:00
5ac7e1e9b2
write-fennel: set $PATH if lualinux is available
2024-07-08 21:18:02 +01:00
3df1ec76ff
cleanup whitespace and commas
...
* [] is now [ ]
* {} is now { }
* commas in arglists go at end of line not beginning
In short, I ran the whole thing through nixfmt-rfc-style but only
accepted about 30% of its changes. I might grow accustomed to more
of it over time
2024-06-30 17:16:28 +01:00
0d3218127f
remove unused makeWrapper input
2024-06-30 10:46:37 +01:00
e94bf62ec1
remove dead code (run deadnix)
2024-06-29 22:59:27 +01:00
16a2499d74
avoid makeWrapper on host, it requires bash
2024-06-29 22:36:05 +01:00
d4d8093f97
working l2tp-over-wwan stick example
2024-06-20 10:15:54 +01:00
7c9c801afc
rename isTrigger to restart-on-upgrade
...
we're moving away from "trigger" services to "controller" services,
and "restart-on-upgrade" is the name used by s6-rc
2024-06-16 12:58:06 +01:00
c4185617c0
a6-rc-up-tree wait for lock if needed
2024-06-15 15:36:07 +01:00
9540fc2641
add writeAshScriptBin (forgot to add file)
2024-06-15 15:04:56 +01:00
49d1703428
add s6-rc-up-tree: start reverse deps of controlled service
...
When s6-rc stops a service, it also stops everything that
depends on it. but when it starts a service it starts only
that service, so we have to go through the other services
depending on it and figure out if they should be started too.
2024-06-15 14:59:34 +01:00
e6ca5ea064
store derivations not just names for service deps
...
.. also controllers, contents. This is to make it possible (easier)
to work out transitive dependencies at build time
2024-06-11 14:01:06 +01:00
e6e4665a18
flip dependencies for triggered/controlled services
...
Instead of treating the trigger as the "main" service and the
triggered service as subsidary, now we treat the triggered
service as the service and the trigger as "subsidary". This
needs some special handling when we work out which services
go in the default bundle, but it works better for declaring
dependencies on triggered services because it means the
dependency runs after the triggered service comes up, not
just when the watcher-for-events starts
2024-06-09 22:37:45 +01:00
571adf84c0
inherit builtins.map
2024-06-07 16:55:45 +01:00
f091bbd706
devout: recognise attr,attrs when parsing search term string
2024-06-01 23:48:05 +01:00
04b068f7a3
delete unused code
2024-06-01 22:43:48 +01:00
53f57c1a8c
devout: support sysfs attributes for (grand*)parent device
2024-06-01 22:43:27 +01:00
19aba0d873
devout: support search for sysfs attributes
2024-06-01 21:20:41 +01:00
7d00b39249
rename attributes->properties when referring to uevent fields
...
properties: key-value pairs in the uevent message
attributes: file contents in sysfs
2024-06-01 12:17:49 +01:00
a3fca5bf05
devout: add functions to read sysfs attributes
2024-05-26 18:03:32 +01:00
af9200a136
skip symlink handing unless linkname was provided
2024-05-26 18:00:31 +01:00
58cd007ccc
barebones usb_modeswitch package
2024-05-22 18:54:49 +01:00
c0ef6ce282
list pkgs we need in bordervm build
...
it's a bit silly trying to build it with the whole liminix overlay
when it's a nixos system not a liminix system
2024-05-22 18:45:35 +01:00
471c63b399
s6-rc do cleanup in "finish", don't append to "run" script
...
s6-supervise sends signals (e.g. SIGTERM) to the pid of the process
running "run", so how do we know if the ceanup commands are even
getting executed if the shell interpreter that is supposed to do that
got killed already?
2024-05-13 17:53:02 +01:00
8b69dcc209
pass entire config fragment to levitate, not just services
...
to make it useful we need to be able to set packages, passwords, ssh
keys etc
2024-04-29 20:07:01 +01:00
3d4e782929
devout: run tests in postBuild
...
because checkPhase is not executed when cross-compiling, and this
package is always only cross-compiled
2024-04-27 21:07:25 +01:00
1b6a05aec5
make uevent-watch use devout instead of direct netlink
2024-04-27 21:07:25 +01:00
80628a3d90
move event matching tests to devout
...
in preparation for future uevent-watch not needing to do
event matching
2024-04-27 21:07:25 +01:00
bf0cafffed
start devout alongside mdevd
...
ensure it starts before mdevd-coldplug so it can populate
its database
2024-04-26 20:52:12 +01:00
e49aba127c
devout: improve socket error handling
2024-04-26 20:49:23 +01:00
324465bc18
devout: write uevent KEY=value format to clients
2024-04-26 17:37:28 +01:00
b33249a050
devout: add readiness notification
2024-04-26 17:23:29 +01:00
b9c084415e
devout: handle readiness on netlink socket but no event
2024-04-26 17:20:33 +01:00
cf9cadd212
devout: replay relevant events to new subscriber
2024-04-26 17:20:33 +01:00
a116fe084a
devout: use socket constants from anoia.net.constants
2024-04-26 16:48:51 +01:00
74cf3e0711
add anoia.net.constants for SOCK_{STREAM,DGRAM} etc
...
we use an ugly bit of C preprocessor to get the values from
header files, because certain constants are different on MIPS
than on other architectures
2024-04-26 16:43:09 +01:00
cdb23b147c
convert anoia.fs to use lualinux
2024-04-25 21:14:37 +01:00
dbd1264352
convert anoia.fs to use lualinux instead of lfs
2024-04-24 20:44:32 +01:00
18335b95e3
devout: strip newlines from client terms
...
this is just to make testing with socat easier
2024-04-24 18:33:02 +01:00
6bee2f67ac
devout: add incoming netlink messages to database
2024-04-24 18:32:27 +01:00
b4ba3eea21
fix revents in unpack-pollfds
2024-04-24 18:31:26 +01:00
16af3984c9
add lualinux to fennelrepl
2024-04-24 18:30:34 +01:00
