Age | Commit message (Collapse) | Author | Files | Lines |
|
This was dropped from whitby itself in cl/8905, but didn't drop the
module because we were worried someone else might still be using it.
However, this relies on the "oauth2-proxy" client ID, which only has the
following supported redirect uris (as per ops/keycloak/clients.tf):
- https://login.tvl.fyi/oauth2/callback
- http://localhost:4774/oauth2/callback
… which means, noone can really run this properly anyways, so let's
drop it.
We can always restore it from git.
Change-Id: I7d700f59a62cce1254ad4ba0792a7d7b3960b769
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8913
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
Change-Id: Icfd79b36c09607b4183e7378cd3c17f6238297b2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8853
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
I want to expand on the C++ Nix behavior, since it seems relevant to
note that a lot of operations in C++ Nix (like select) don't preserve
pointer equality (see
<https://github.com/NixOS/nix/issues/3371#issuecomment-1596167957>).
It is especially so, as Tvix establishes pointer equality in a different
way and thus shows differing behavior. Therefore I want to additionally
document Tvix's current behavior and make it more explicit to what
extent nixpkgs needs pointer equality.
Change-Id: I9b4ba75dacb749c9fcbba4b9646c6b48bb57bbad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8852
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
the ecdsa-cert key is not welcomed by many ssh setups ...
Change-Id: Ic1bc583105226324a9c3ff26924eb2faa38f10fd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8912
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I72b19ee758165f92c1a202781beec4350c728a47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8911
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
The images displayed by telega are usually not displaying correctly,
this is fixed by simply .. not rendering them, and letting emacs do it
through an emoji-supporting font (which I do have installed).
Change-Id: I429ff2865c60633329437687c1c09a1aaf8ae29d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8884
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Iebddca35f0a870799c8a19ae019cecd9803a3e9c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8907
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
this never worked and was never used, but for now the module itself is
still around in case somebody wants it for something
Change-Id: Id8e449e08c8012786bca0ea57d9c7b97056a1f3d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8905
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Id8cb8ace26b6937a64666fdea2001f7224780b97
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8883
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: Ia04778391c198fde21da217bf697aa40157898b0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8846
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: Ic705d05909c59c764d68a730169e9cc2b2538d60
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8847
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I3e27dfb4ce3e52974d7614814abb7b5ae4a37f8c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8782
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I6ae693a66530e1ecca57723a97d56b309fa0651a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8881
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
|
|
This reverts commit f5e291cf8328096d790f5416cf1968cb9164220a.
The offsets are relative to the start of the file, and as long as we
don't have BlobReaders implement seek, this will be very annoying to
deal with.
Change-Id: I05968f7c5c0ec0000597da90f451d6bb650c3e13
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8882
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
buf contains everything written so far, whereas b is the slice passed in
the current write() call. If we copy from &buf, we end up with the wrong
hash, because we keep writing the wrong data to the hash function.
Change-Id: I768d4645934a6a7d75b9c8eeba35f8f3be5edd26
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8880
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
This moves from stateless I/O to actually dealing with file handles,
allowing the filesystem to keep reusing existing blobreaders, instead of
opening a new reader on every read() call.
Change-Id: I3fc35c071e4aee1021c8bbd58749d082b0abd188
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8834
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
|
|
Change-Id: I057c996650a48cfafdcba84e1087663e212eadda
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8879
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
New work machine.
Change-Id: I8085460285149e4dae28af9e166048fed93bdb82
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8878
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ie5005f5485b77bbafcfaf353db0e8f53caed00f8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8877
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I1098e75f8b03dbb1c893fb7c43f0fe9926bb4861
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8876
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
* //3p/sources: switch stable channel from 21.11 (!) to 23.05
* //users: adapt to emacsUnstable to emacs-unstable rename
* //users/grfn: use default Linux kernel version everywhere,
as 5.15 has broken in this version of nixos-unstable.
* //3p/cgit: adapt to git 2.41.0
The committed changes are the same as the [patch1] I've submitted
to cgit-pink which is in turn based on Christian Hesse's [patch2].
patch1: https://causal.agency/list/thread/20230624144033.802270-1-sternenseemann%40systemli.org.html#20230624144033.802270-2-sternenseemann@systemli.org>
patch2: https://lists.zx2c4.com/pipermail/cgit/2023-June/004843.html
Co-authored-by: Christian Hesse <mail@eworm.de>
Change-Id: I549a62e7c85c66d772edda997819a40f2d5835d7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8855
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Iaa74d995f3b2556673095a32ec2b718dcb2d82a4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8849
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I93030146fac9e8463b80f19ee175e96ca9fca75f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8866
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
This isn't necessary (it's all public!) and actually currently breaks
pulling from our public ECR repo
Change-Id: I32f0b92f5ca352f57a26d0e6c10ebf323aa006df
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8865
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I9285ef93e01cf969fbecb1742da643e61e59b9da
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8864
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: I0b79473f0e419424acfad4d917cbd85d31c95ad3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8863
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
|
|
The issue this was working around has long since been fixed, and having
this disabled was preventing the service from working
Change-Id: I9b69f947b8952df786193f8784d0f5cc6b898440
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8862
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Ib7fcabf846a64968112df7d2a6880132a9aa5ab8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8861
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
|
|
Change-Id: Ibc7009327818eb347e76974a2c33a36579a27802
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8860
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
This is known to always fail, per
https://github.com/NixOS/nixpkgs/issues/180175
Change-Id: I7401ba462a7cfe791ab176b48bcb9c86314f9d2e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8859
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
hi hello i'm aspen now
Change-Id: I5e56b44ac9275b44c0eabb658e67e4d98d9178fd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8858
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Change-Id: I8f89f00d3eca5cef23dc7698208b08e0b6826393
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8854
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I2ee6903686fd210755c40eb9555c938e8c1ab52b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8843
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Resolves b/232.
Change-Id: I4a32e4fe90c819e3fc98da35d370c84b2f3d3722
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8842
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I40452e0a4f7237eb7352fb3f7342a64bf0e37cd2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8841
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
Change-Id: Ied257b7980319fa3eca5d6588496dd1576d4b19c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8851
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: I52f13c6b508793603bc726353e9bf7d5f12fddf4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8850
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
The change allows applications that use tvix_serde for parsing
nix-based configuration to extend the language with domain-specific
set of features.
Change-Id: Ia86612308a167c456ecf03e93fe0fbae55b876a6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8848
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This runs a headscale server on sanduny which lets users join their
machines to the TVL tailscale network.
This would theoretically let people communicate with each other on the
internal network, but also more notably joined servers can advertise
exit node capability so that we can have our own "VPN network", for
starters with endpoints in Germany, UK and Russia (whitby, sanduny and
koptevo respectively).
This setup isn't fully stable yet, notably:
* The IP range used by tailscale is just the default one right now,
I'm not sure if that should be changed or what.
* The system is stateful (on sanduny), but the state is not (yet)
backed up anywhere. Use with caution.
* Machine joining is a manual process requiring SSH & root access to
sanduny.
The process is to log in to sanduny, then get a headscale shell with
`sudo -u headscale bash`, and to use the `headscale` CLI within
there to administrate access.
I've opted to create a user account `tvl` for TVL-owned machines,
and a personal account for myself and my machines.
Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: I61962297101d35ed02673edf1bca0584b7be37cf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8845
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
I've noticed this behavior when writing the admittedly cursed test case
included in this CL. Alternatively we could use some sort of machinery
using `builtins.trace`, but I don't think we capture stderr anywhere.
I've elected to put this into the eval cache itself while C++ Nix does
it in builtins.import already, namely via `realisePath`. We don't have
an equivalent for this yet, since we don't support any kind of IfD, but
we could revise that later. In any case, it seems good to encapsulate
`ImportCache` in this way, as it'll also allow using file hashes as
identifiers, for example.
C++ Nix also does our equivalent of canon_path in `builtins.import`
which we still don't, but I suspect it hardly makes a difference.
Change-Id: I05004737ca2458a4c67359d9e7d9a2f2154a0a0f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8839
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This machine is now being decomissioned.
Change-Id: Ib7f016c7de84dab2cdf3c071445cf830d2eccf5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8838
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Also sets the `spdx` field which is specific to mkProvider and was
throwing eval warnings.
Change-Id: I37c04feb426b16f552fb0e0e2f188fd8d3bd0f03
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8836
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
This will host a headscale server for TVL.
Change-Id: I8769852aaaf7a02a2d63f48ecf5adfd86747ff72
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8835
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
This is a first implementation of a FUSE filesystem, mounting tvix-store
to a given location.
This is mostly meant as one additional lens into a store, and could be
used for builds. It's not meant to be used as a general-purpose thing.
It still has some rough edges:
- It doesn't implement open/close, so it doesn't use file handles.
Which means, we need to open blobs for partial reads over and over
again.
- It doesn't implement seek, as BlobReader doesn't implement seek yet.
- It doesn't track "lifetimes" of inodes by listening on forget,
meaning it might hold more data in memory than necessary.
- As we don't have store composition (and a caching layer) yet,
operations might be slow.
Change-Id: Ib1812ed761dfaf6aeb548443ae939c87530b7be8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8667
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
When dealing with a formal argument in a function argument pattern that
has a default expression, there are two different things that can happen
at runtime: Either we select its value from the passed attribute
successfully or we need to use the default expression. Both of these may
be thunks and both of these may need finalisers. However, in the former
case this is taken care of elsewhere, the value will always be finalised
already if necessary. In the latter case we may need to finalise the
thunk resulting from the default expression. However, the thunk
corresponding to the expression may never end up in the local's stack
slot. Since finalisation goes by stack slot (and not constants), we need
to prevent a case where we don't fall back to the default expression,
but finalise anyways.
Previously, we worked around this by making `OpFinalise` ignore
non-thunks. Since finalisation of already evaluated thunks still
crashed, the faulty compilation of function pattern arguments could
still cause a crash.
As a new approach, we reinstate the old behavior of `OpFinalise` to
crash whenever encountering something that is either not a thunk or
doesn't need finalisation. This can also help catching (similar)
miscompilations in the future. To then prevent the crash, we need to
track whether we have fallen back or not at runtime. This is done using
an additional phantom on the stack that holds a new `FinaliseRequest`
value. When it comes to finalisation we check this value and
conditionally execute `OpFinalise` based on its value.
Resolves b/261 and b/265 (partially).
Change-Id: Ic04fb80ec671a2ba11fa645090769c335fb7f58b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8705
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I5053e3f7dcea01e75baa933e4986396583ff22e8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8831
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
|
|
Pointed out by @Gaelan on GH in
https://github.com/tazjin/nix-1p/issues/12
As noted there, some Nix syntax highlighters will colour `import`
differently (e.g. the Emacs nix-mode), but it's not technically a
keyword in the language.
Change-Id: I1bbd36261cda31deb9ba47380a2810e64ba03ea1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8832
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ied4bed08e989791f832922da8776d2104035e28a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8812
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: Idf45aaa0f6211ac35a9a41d0f3f60dfbe1009398
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8811
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|