Age | Commit message (Collapse) | Author | Files | Lines |
|
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides
* ops: make new isSystemUser || isNormalUser assertion happy
* users/grfn/system/system/mugwump: make buildkite agents system users
* users/tazjin/nixos/camden: set isSystemUser = true for git
* users/tazjin/emacs: Remove missing & broken packages
* third_party/openldap: remove, as the argon2 module is now enabled upstream
* third_party/gerrit_plugins: Pinned new unstable hashes
* third_party/nix, third_party/grpc: Disabled CI as these are broken
* third_party/overlays/emacs: Bumped version to stay in sync with channel
* third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib,
since libclang's default output no longer contains libclang.so
* users/grfn/system/home: Install julia-stable instead of julia (which
aliases to julia-lts), as the latter depends on an insecure version of
libgit
Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Add a script (to PATH, so I can launch it from rofi) to take whatever's
in the clipboard, pass it through `dot -Tpng`, and then open the result
with feh.
Change-Id: I1842fca3585a33d902da20dfa6101d1c6d2f2062
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3160
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Until we have declarative ZNC config (which requires a solution for
secrets handling in it), make sure we back this up as well.
Change-Id: Idb186327da171eb6d3dbbd83801639f1f9321a40
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3159
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Use the new module settings which apply configuration in cn=config
instead of slapd.conf.
The module performed this update via lib.mkChangedModuleOption, I've
applied the transformations contained therein manually. Note that some
of the settings were already in place, which means that the `suffix`
and `database` options seemingly disappear into the void.
Fixes b/105.
Change-Id: I8a968c1eb8cb7827618cb732cdb46006a5d011f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3157
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This changes the evaluation order for the `depot` argument and ensures
it is partially evaluated before the module system starts resolving
imports.
This way we can import modules from `depot.path` without `depot`
having to come from readTree.
Fixes b/129.
Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
The link for atward's source code was using atward.tvl.fyi,
this makes the cs cookie (if set) for at.tvl.fyi not work.
Change-Id: I644f0341ecaf2caea0b71a950686579dfd18d092
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3155
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: Ieb59d9215c5c1159113375dea0dd96d3d29e1303
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3154
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
This time using `tools.hash-password` because login did not work with the
initially created hash.
Change-Id: I1eb62a496d2d8497d27573af47bf8bf70dac9bbb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3153
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
* This was mostly for //third_party/nix and its dependencies which now
have been set to use llvmPackages_11 manually.
* For //users/grfn/achilles we also manually select the newer LLVM version.
* //tools/cheddar doesn't seem to need llvm anymore.
* //third_party/buzz also compiles with clang 7.1.0
* replace clang-tools everywhere with new attribute clang-tools_11
For the future we may want to have something similar again, but it may
not be necessary to invest too much time into it: nixpkgs is set to
upgrade their default llvmPackages to LLVM 11 as well at some point in
the near future.
Co-Authored-By: sterni <sternenseemann@systemli.org>
Change-Id: Id83868dbc476a6c776b59518b856c933f30ea79d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3135
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Ib615743fc57357b0de17600c9a3f400c48fd0f70
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3151
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
This will be used to serve (nix-) diffs for pending deploys of whitby
Change-Id: Ia864993b1fcb3b7ce5fcc21f32a27528a4c31f08
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3149
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
irccat is passing the realname option as the ident of the user, which
doesn't match what is in ZNC.
It hasn't seen any upstream commits in a long time, so I'm just
leaving this as is and fixing it locally in our config.
Change-Id: I3bf865f37b8df9c1cd891a94245ca3fad376bbe1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3150
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
... and fix the capitalisation of hackint
Change-Id: I800aef75152d2dc77a33876888e36530143e9d3e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3148
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: Ib4f7dcbdc754d2fc271f501a9ea270e983a3645f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3147
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Ib0c53e8f6bc030cbdfe31020ed9d6764bd732a62
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3146
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
Issue bodies tend to be very long, so displaying the full diff whenever
the issue is updated takes up a lot of visual room and is very hard to
read. Specifically for this field, this changes the display to only show
"updated the body of this issue", hiding the previous and new values.
At some point in the future, I'd love to have some CSS fun with active
anchor links to have an "expanded" view that *does* display the previous
and new value, but for now this should be fine - the data isn't gone,
after all!
Fixes: b/111
Change-Id: I0188540188729142e0b9205ff5cc9ea576c4edb6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3142
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
7aebba7, which added anchor links to comments, also incorrectly added
only the *key* for the `:id` attribute to the `li` element for
issue *events*, swallowing up the next form (which happened to be the
username) as the value. this adds a *proper* value for the `:id`
attribute, bringing back the actual display of the username.
Fixes: b/97
Change-Id: I33ee628ddfd4a291e069980512fcc5f74014aac4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3141
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
The accessor function to get the ID of the `model:issue-not-found`
condition is `not-found-id`, not `id`! Also, add a missing space to the
title.
Fixes: b/127
Change-Id: I91c71feaf1fe877e6a14453a9e75cf27d56fee31
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3140
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
This is fixed in upstream nixpkgs, but we're not yet at a commit where
it's used, so it's important to use the OpenLDAP from //third_party
Change-Id: I7c033cd23f45a95c4a4af864ffe561c496833a0d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3143
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I8afc23c749a5318d7c2ce893903980112ff13c12
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3137
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
|
|
I like running fail2ban on any machine that has stuff like ssh
world-open, to limit the potential for password brute-force attacks etc.
Change-Id: I0c60811ae5a2fddb44f04679fb455e646b8e39c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3138
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
This doesn't replace all of them in the repo, but at least the ones
that are relevant to our move.
Change-Id: I842e7594b4c16af30d880272417874f6b29afd22
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3134
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: I60b09d2c81c3c69f744a12adc41fbdc43d0fb488
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3133
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
This drops the msmtp requirement from my configuration; there's still
some cleanup to be done but I need to double-check this in a few
environments first.
Change-Id: I298f4ff77b45cb214fbccee84e9bbd861508d11a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3132
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
This configures owothia to use her new bouncer to HackInt.
Change-Id: I80eb8191c2b0f2a6f8a31d19b60250ade27c1913
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3129
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
This is a simple Go module build for https://litestream.io/
If this ends up being useful, we should upstream this to nixpkgs.
Change-Id: I3beb64c9adb3b57fcef4e1dfb27f293a15f90a76
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3085
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Points clbot at the new local ZNC instead. This will make it part of
the things happening through the `tvlbot` account.
Relates to b/101
Change-Id: I1c15ffa5720d3af34475c15bee3fdaa537ac659b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3127
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
The local bouncer on whitby does not use TLS.
Change-Id: Idf9c56f94129b0ddce620eb559082a8f2f088078
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3128
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: I6bd5c183d2c1c28b8c6b0201bdf22a66333d4aea
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3131
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
owothia is hardcoded to join ##tvl, which is a remnant of when TVL was on
freenode, and on hackint the IRC channel is single-hash #tvl instead. Instead
of hardcoding another channel name, let's make this configurable, so we don't
need to recompile owothia for every different channel we want her in.
It's now possible to set IRC_CHANNELS in owothia's environment to '["#foo",
"#bar"]' to make her join both #foo and #bar automatically.
Additionally IRC_IDENT can now be set to configure owothia's ident,
which is required for ZNC compatibility.
Change-Id: I0fc0856f4ea35f59255b76ae0e594325f18ef993
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3130
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This adds a shadowsocks service, running on port 8443, tcp and udp.
The password is read from /etc/secrets/shadowsocks-secret.sec, and needs
to be populated externally.
Change-Id: I6797150db108ba14459502dee43d8e4ed6cfa910
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3125
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
The following commit itends to bind on port 8443 on all interfaces,
so let's move this to something else.
Change-Id: Ibb94a0f4e6892b6e543b542b89bcdaaefb617f23
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3126
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Bouncer to be used for TVL's IRC bots, see b/101
Change-Id: Ic9f71ecd94365d3baa31e0552b1ce16362f94557
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3124
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: Ic29b219ca1c536f8a99860ecdf2957a62ba95889
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3123
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
* update some of the project listings
* remove an invalid link to my previous Twitter account (this is from
back before TVL was a multi-person project)
Change-Id: I049c05704d5feecc8c40718665fe98315008423f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3122
Tested-by: BuildkiteCI
Reviewed-by: cynthia <cynthia@tvl.fyi>
|
|
We have a bunch of crates in `third_party/rust-crates`; it would be
great if we could check them for existing CVEs.
This tool does that, it takes the rust security advisory database,
parses the applicable CVEs, and cross-checks them against the actual
crate versions we list in our package database.
The dumb parser we wrote is tested against all entries in the
database, so we will notice when upstream breaks their shit.
Checking the semver stuff is easy enough with the semver crate.
If an advisory matches, it prints the whole thing and fails the build.
Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
We can be closed world, so let’s restrict the arguments to the subset
we need for now.
The existing override was wrong, in that `// args` would use the
arguments we already added, again. So instead of deliberating about
how to make this work right in all cases, we don’t need it, we trim
it.
Change-Id: I6443a0808b8bfd5e4db939b669c6afc741954db8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3057
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This service performes automatic power tuning and has effectively
replaced powertop's tuning functionality in modern systems.
Change-Id: I63c6999beed64d96c77b8b9287ed0d5fa6ddd9fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3121
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
This might help with the issue of devices being stuck in a slow
power-saving mode after hibernation. Dell enables this on laptops
shipping with Linux by default according to some forum posts.
Change-Id: I3d7fdb5c2ed5e24289a6c20f21d027e11b7826e5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3120
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Id323b4a187b3837d60ac6b8917f3e8571954b8e6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3119
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
Ideally this means everyone gets to use their preferred code viewer.
Change-Id: I11005023c33eb111afd6c19b36d05dc581494ceb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3118
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: I147f1f2eee4f6b8f7ecea1b341d192477182d61c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3116
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: I03ccbec1dd8ba58d80bd97eb40148dd395e500b2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3115
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Since the template already was a derivation we can just reimplement a
specialized writeText which runs cheddar on parts of its input to avoid
import from derivation.
Change-Id: I0cffd0e86fd23a749599174260d04269379f4b5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3114
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: I929b8344251ceaba5a22c735c599407a0ec162a6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3113
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Use simple string interpolation based approach to templating and allow
changing the main body, the title and to inject extra HTML into the head
element. Additionally we can use `https://tvl.fyi/` instead of `/` when
referring to assets.
One limitation currently is that the template only works for index pages
(it link to self using `href="/"`), but this should be easy to fix.
For atward, instead of using the `onload` attribute of `body`, we now
register an event listener in JavaScript which makes the template code
less complicated. When building the derivation the template is rendered
to HTML and injected into the source.
Change-Id: I2ea0c5bf5f6286e781285ade7751a348bab3bdc8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3112
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
telega actually supports this for group chats, too, which is very
pleasant.
https://zevlg.github.io/telega.el/#client-side-messages-ignoring
Change-Id: I510207c2de19f748359168d460a25aa9c4e45975
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3111
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Adds support for reading configuration (currently only the `cs`
parameter) from cookies and from URL query parameters. The latter take
precedence if set explicitly.
This is useful for users which can not edit their search query
parameters.
To make this easier to use the atward landing page has been updated
with a simple form where settings can be toggled. This requires
Javascript, but the script is small, embedded and MIT licensed (as is
the rest of this project). Users without Javascript will be shown a
notice about this.
It is of course possible to set the cookies manually, too.
Change-Id: Ie9a9dbeab4d9a97a349d7988e21f1b46037e1f72
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3110
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I897f3efae7920dee678f6ca03d743b12212b766c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3109
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
next-error and prev-error are weirdly broken in ways I don't entirely
understand, but I only really use flycheck so I can just use the
flycheck ones instead
Change-Id: Icdb25950f6fdcca163c68db30366af0f6fa28d7d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3108
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|