about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2023-06-30 r/6365 feat(tazjin/emacs): add screen layouts for khamovnikVincent Ambo1-1/+21
Change-Id: I057c996650a48cfafdcba84e1087663e212eadda Reviewed-on: https://cl.tvl.fyi/c/depot/+/8879 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-30 r/6364 feat(tazjin/nixos): bootstrap khamovnikVincent Ambo3-0/+130
New work machine. Change-Id: I8085460285149e4dae28af9e166048fed93bdb82 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8878 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-30 r/6363 chore(tazjin/nixos): disable mullvad-vpn serviceVincent Ambo1-4/+1
Change-Id: Ie5005f5485b77bbafcfaf353db0e8f53caed00f8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8877 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-30 r/6362 refactor(tazjin/home): move persistence config into separate moduleVincent Ambo4-36/+44
Change-Id: I1098e75f8b03dbb1c893fb7c43f0fe9926bb4861 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8876 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-29 r/6361 chore(3p/sources): Bump channels & overlayssterni24-91/+100
* //3p/sources: switch stable channel from 21.11 (!) to 23.05 * //users: adapt to emacsUnstable to emacs-unstable rename * //users/grfn: use default Linux kernel version everywhere, as 5.15 has broken in this version of nixos-unstable. * //3p/cgit: adapt to git 2.41.0 The committed changes are the same as the [patch1] I've submitted to cgit-pink which is in turn based on Christian Hesse's [patch2]. patch1: https://causal.agency/list/thread/20230624144033.802270-1-sternenseemann%40systemli.org.html#20230624144033.802270-2-sternenseemann@systemli.org> patch2: https://lists.zx2c4.com/pipermail/cgit/2023-June/004843.html Co-authored-by: Christian Hesse <mail@eworm.de> Change-Id: I549a62e7c85c66d772edda997819a40f2d5835d7 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8855 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: grfn <grfn@gws.fyi>
2023-06-29 r/6360 feat(tazjin/nixos): deploy monica on koptevoVincent Ambo5-0/+41
Change-Id: Iaa74d995f3b2556673095a32ec2b718dcb2d82a4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8849 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-28 r/6359 chore(grfn/home): Update email address and realName for name changeAspen Smith1-2/+2
Change-Id: I93030146fac9e8463b80f19ee175e96ca9fca75f Reviewed-on: https://cl.tvl.fyi/c/depot/+/8866 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-06-27 r/6358 fix(grfn/home): Don't use ecr-login for public.ecr.awsAspen Smith1-1/+0
This isn't necessary (it's all public!) and actually currently breaks pulling from our public ECR repo Change-Id: I32f0b92f5ca352f57a26d0e6c10ebf323aa006df Reviewed-on: https://cl.tvl.fyi/c/depot/+/8865 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-06-27 r/6357 feat(grfn/system): Install sysbenchAspen Smith1-0/+6
Change-Id: I9285ef93e01cf969fbecb1742da643e61e59b9da Reviewed-on: https://cl.tvl.fyi/c/depot/+/8864 Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2023-06-27 r/6356 chore(grfn/home): Upgrade to postgresql 15Aspen Smith1-1/+1
Change-Id: I0b79473f0e419424acfad4d917cbd85d31c95ad3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8863 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi>
2023-06-27 r/6355 fix(grfn/mugwump): re-enable DynamicUser for ddclientAspen Smith1-2/+0
The issue this was working around has long since been fixed, and having this disabled was preventing the service from working Change-Id: I9b69f947b8952df786193f8784d0f5cc6b898440 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8862 Tested-by: BuildkiteCI Autosubmit: grfn <grfn@gws.fyi> Reviewed-by: grfn <grfn@gws.fyi>
2023-06-27 r/6354 feat(grfn/ogopogo): Run a postgresql serverAspen Smith1-0/+12
Change-Id: Ib7fcabf846a64968112df7d2a6880132a9aa5ab8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8861 Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI Autosubmit: grfn <grfn@gws.fyi>
2023-06-27 r/6353 feat(grfn/ogopogo): Add fstab entry for new diskAspen Smith1-0/+5
Change-Id: Ibc7009327818eb347e76974a2c33a36579a27802 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8860 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-06-27 r/6352 fix(grfn/system): Disable NetworkManager-wait-onlineAspen Smith1-0/+2
This is known to always fail, per https://github.com/NixOS/nixpkgs/issues/180175 Change-Id: I7401ba462a7cfe791ab176b48bcb9c86314f9d2e Reviewed-on: https://cl.tvl.fyi/c/depot/+/8859 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-06-27 r/6351 chore(grfn/system): Change git author nameAspen Smith1-1/+1
hi hello i'm aspen now Change-Id: I5e56b44ac9275b44c0eabb658e67e4d98d9178fd Reviewed-on: https://cl.tvl.fyi/c/depot/+/8858 Reviewed-by: grfn <grfn@gws.fyi> Autosubmit: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2023-06-23 r/6350 chore(ops/whitby): drop obsolete grub version optionsterni1-1/+0
Change-Id: I8f89f00d3eca5cef23dc7698208b08e0b6826393 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8854 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-23 r/6349 refactor(tools/magrathea): introduce read-chomping helper functionsterni1-8/+8
Change-Id: I2ee6903686fd210755c40eb9555c938e8c1ab52b Reviewed-on: https://cl.tvl.fyi/c/depot/+/8843 Autosubmit: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-23 r/6348 fix(tools/magrathea): allow specifying just a target for mg runsterni1-0/+1
Resolves b/232. Change-Id: I4a32e4fe90c819e3fc98da35d370c84b2f3d3722 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8842 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-23 r/6347 chore(sterni/machines/edwin): drop obsolete grub version optionsterni1-1/+0
Change-Id: I40452e0a4f7237eb7352fb3f7342a64bf0e37cd2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8841 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-06-22 r/6346 feat(tazjin/tverskoy): enable adb for some android hackingVincent Ambo1-1/+4
Change-Id: Ied257b7980319fa3eca5d6588496dd1576d4b19c Reviewed-on: https://cl.tvl.fyi/c/depot/+/8851 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su>
2023-06-22 r/6345 fix(tvix/serde): remove unnecessary dependency on genawaiterEvgeny Zemtsov4-14/+2
Change-Id: I52f13c6b508793603bc726353e9bf7d5f12fddf4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8850 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-22 r/6344 feat(tvix/eval): allow extending builtins outside of tvix_evalEvgeny Zemtsov9-9/+55
The change allows applications that use tvix_serde for parsing nix-based configuration to extend the language with domain-specific set of features. Change-Id: Ia86612308a167c456ecf03e93fe0fbae55b876a6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8848 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-22 r/6343 feat(ops): introduce (head|tail)scale server at net.tvl.fyiVincent Ambo4-0/+81
This runs a headscale server on sanduny which lets users join their machines to the TVL tailscale network. This would theoretically let people communicate with each other on the internal network, but also more notably joined servers can advertise exit node capability so that we can have our own "VPN network", for starters with endpoints in Germany, UK and Russia (whitby, sanduny and koptevo respectively). This setup isn't fully stable yet, notably: * The IP range used by tailscale is just the default one right now, I'm not sure if that should be changed or what. * The system is stateful (on sanduny), but the state is not (yet) backed up anywhere. Use with caution. * Machine joining is a manual process requiring SSH & root access to sanduny. The process is to log in to sanduny, then get a headscale shell with `sudo -u headscale bash`, and to use the `headscale` CLI within there to administrate access. I've opted to create a user account `tvl` for TVL-owned machines, and a personal account for myself and my machines. Change-Id: I4f1be1fe8062a6c2e77203ff72fe8709f4e4dec8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8837 Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-06-22 r/6342 feat(tvix/serde): make from_str_with_config publicEvgeny Zemtsov1-0/+1
Change-Id: I61962297101d35ed02673edf1bca0584b7be37cf Reviewed-on: https://cl.tvl.fyi/c/depot/+/8845 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-21 r/6341 fix(tvix/eval): use realpaths for import cachesterni8-3/+51
I've noticed this behavior when writing the admittedly cursed test case included in this CL. Alternatively we could use some sort of machinery using `builtins.trace`, but I don't think we capture stderr anywhere. I've elected to put this into the eval cache itself while C++ Nix does it in builtins.import already, namely via `realisePath`. We don't have an equivalent for this yet, since we don't support any kind of IfD, but we could revise that later. In any case, it seems good to encapsulate `ImportCache` in this way, as it'll also allow using file hashes as identifiers, for example. C++ Nix also does our equivalent of canon_path in `builtins.import` which we still don't, but I suspect it hardly makes a difference. Change-Id: I05004737ca2458a4c67359d9e7d9a2f2154a0a0f Reviewed-on: https://cl.tvl.fyi/c/depot/+/8839 Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-20 r/6340 chore(tazjin/polyanka): goodbyeVincent Ambo2-135/+0
This machine is now being decomissioned. Change-Id: Ib7f016c7de84dab2cdf3c071445cf830d2eccf5f Reviewed-on: https://cl.tvl.fyi/c/depot/+/8838 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-20 r/6339 chore(3p/terraform-provider-glesys): 0.3.2 -> 0.9.0Vincent Ambo1-3/+4
Also sets the `spdx` field which is specific to mkProvider and was throwing eval warnings. Change-Id: I37c04feb426b16f552fb0e0e2f188fd8d3bd0f03 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8836 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-06-20 r/6338 feat(ops/glesys): add `net.tvl.fyi` CNAME for sandunyVincent Ambo1-0/+7
This will host a headscale server for TVL. Change-Id: I8769852aaaf7a02a2d63f48ecf5adfd86747ff72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8835 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2023-06-20 r/6337 feat(tvix/store/fuse): initial implementationFlorian Klink5-2/+1804
This is a first implementation of a FUSE filesystem, mounting tvix-store to a given location. This is mostly meant as one additional lens into a store, and could be used for builds. It's not meant to be used as a general-purpose thing. It still has some rough edges: - It doesn't implement open/close, so it doesn't use file handles. Which means, we need to open blobs for partial reads over and over again. - It doesn't implement seek, as BlobReader doesn't implement seek yet. - It doesn't track "lifetimes" of inodes by listening on forget, meaning it might hold more data in memory than necessary. - As we don't have store composition (and a caching layer) yet, operations might be slow. Change-Id: Ib1812ed761dfaf6aeb548443ae939c87530b7be8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8667 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-20 r/6336 fix(tvix/eval): only finalise formal arguments if defaultingsterni11-56/+235
When dealing with a formal argument in a function argument pattern that has a default expression, there are two different things that can happen at runtime: Either we select its value from the passed attribute successfully or we need to use the default expression. Both of these may be thunks and both of these may need finalisers. However, in the former case this is taken care of elsewhere, the value will always be finalised already if necessary. In the latter case we may need to finalise the thunk resulting from the default expression. However, the thunk corresponding to the expression may never end up in the local's stack slot. Since finalisation goes by stack slot (and not constants), we need to prevent a case where we don't fall back to the default expression, but finalise anyways. Previously, we worked around this by making `OpFinalise` ignore non-thunks. Since finalisation of already evaluated thunks still crashed, the faulty compilation of function pattern arguments could still cause a crash. As a new approach, we reinstate the old behavior of `OpFinalise` to crash whenever encountering something that is either not a thunk or doesn't need finalisation. This can also help catching (similar) miscompilations in the future. To then prevent the crash, we need to track whether we have fallen back or not at runtime. This is done using an additional phantom on the stack that holds a new `FinaliseRequest` value. When it comes to finalisation we check this value and conditionally execute `OpFinalise` based on its value. Resolves b/261 and b/265 (partially). Change-Id: Ic04fb80ec671a2ba11fa645090769c335fb7f58b Reviewed-on: https://cl.tvl.fyi/c/depot/+/8705 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2023-06-19 r/6335 docs(tvix/store): correct some cargo doc warningsFlorian Klink5-5/+5
Change-Id: I5053e3f7dcea01e75baa933e4986396583ff22e8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8831 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de>
2023-06-19 r/6334 docs(nix-1p): import is a builtin, not a keywordVincent Ambo1-2/+4
Pointed out by @Gaelan on GH in https://github.com/tazjin/nix-1p/issues/12 As noted there, some Nix syntax highlighters will colour `import` differently (e.g. the Emacs nix-mode), but it's not technically a keyword in the language. Change-Id: I1bbd36261cda31deb9ba47380a2810e64ba03ea1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8832 Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-19 r/6333 chore(tvix/store/pathinfosvc): clippyFlorian Klink2-11/+8
Change-Id: Ied4bed08e989791f832922da8776d2104035e28a Reviewed-on: https://cl.tvl.fyi/c/depot/+/8812 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-06-19 r/6332 chore(tvix/store/directorysvc): clippyFlorian Klink2-10/+7
Change-Id: Idf45aaa0f6211ac35a9a41d0f3f60dfbe1009398 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8811 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-19 r/6331 chore(tvix/store/blobsvc): clippyFlorian Klink2-10/+7
Change-Id: Ie384bdd27e1e9282ceda83edc74ffaad387f352b Reviewed-on: https://cl.tvl.fyi/c/depot/+/8810 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de>
2023-06-19 r/6330 refactor(tazjin/tgsa): automatic clippy lint fixesVincent Ambo1-9/+9
Change-Id: I30c380bd538dd5c697e529e7e18fe87b8bfea371 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8829 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-18 r/6329 style(tazjin/homepage): remove side margins of entriesVincent Ambo1-1/+2
Change-Id: Ia4a6a93ee1149c7d4a3e1d4b2266335660f1839d Reviewed-on: https://cl.tvl.fyi/c/depot/+/8828 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-18 r/6328 feat(tazjin/koptevo): deploy tgsaVincent Ambo2-2/+16
The main instance is still running on polyanka, but things are moving in this direction. Change-Id: Idfa9e508023c05148003ac4621ae01dceb284c66 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8827 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-18 r/6327 feat(tazjin/tgsa): replace translation backendVincent Ambo4-62/+327
The GPT backend is cool, but it's also very slow, prone to request errors and quite expensive. This switches to Yandex Translate instead which for all posts that I tested seems to be totally fine. Change-Id: I5217113995b701508a83e7782eb1325957996719 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8826 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-18 r/6326 feat(tazjin/secrets): initialise secrets management for my machinesVincent Ambo3-0/+16
Change-Id: I93ad61f3e6e4a4a2185448ad128fa6836c81ab26 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8825 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-16 r/6325 test(tvix/serde): add a test for from_str_with_configVincent Ambo1-1/+12
Change-Id: I451851f4e01cb6dd0005e55bb852823b618f2ee6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8809 Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-06-16 r/6324 feat(tvix/serde): add a function to with custom configurationVincent Ambo1-1/+16
This adds a `from_str_with_config` function which takes a user-supplied closure that sets additional settings on the `tvix_eval::Evaluation`. Note that users can not set `strict = false`, but other settings are not restricted. This solves b/262. Change-Id: Ice184400b843cfbcaa5b6fe251ced12b6815e085 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8808 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2023-06-16 r/6323 refactor(tazjin/homepage): use a separate CSS file for homepageVincent Ambo1-0/+56
Change-Id: Idf5682d67ae863b9cb982dd5efcdf1621b6895aa Reviewed-on: https://cl.tvl.fyi/c/depot/+/8807 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-15 r/6322 refactor(tazjin/homepage): long overdue entry list reworkVincent Ambo6-116/+113
The entry list is now much more condensed. It's maybe a little *too* condensed, but already closer to what I'm looking for. Note: A new "note" post type has snuck in and can now be used for random musings or comments on previous entries. Notes do not show up in the Atom feed. Change-Id: I920c0c7650937474b8a5f30cba78416554d523ce Reviewed-on: https://cl.tvl.fyi/c/depot/+/8806 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-15 r/6321 fix(tazjin/blog): don't cross-reference static assets from tvl.fyiVincent Ambo1-0/+1
Change-Id: I2315da278acf9e8af48c4e606a7aaee950283b0f Reviewed-on: https://cl.tvl.fyi/c/depot/+/8805 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su>
2023-06-15 r/6320 feat(tazjin/koptevo): move some of my sites hereVincent Ambo1-0/+2
Change-Id: Ie7c55ee286d2a1ebcc623374fb02775ed8dfbb58 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8789 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: tazjin <tazjin@tvl.su>
2023-06-15 r/6319 feat(tazjin/koptevo): provision certificate (for quassel)Vincent Ambo1-2/+11
With this commit, Quassel becomes operative on koptevo. Change-Id: Ic877c5bb1525cf5288b0091cb0cd1328b5276264 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8788 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-15 r/6318 chore(tazjin/polyanka): disable quassel serviceVincent Ambo1-1/+1
Change-Id: I38420686467dad7429dae981ab2f7b446d540b75 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8787 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-06-15 r/6317 fix(ops/modules/quassel): use systemd LoadCredential to read certsVincent Ambo1-1/+5
This avoids permission issues with nginx vs. quassel Change-Id: I770f8284d8fd8fc6d38add93c1681f9daebe8749 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8786 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-06-15 r/6316 chore(tazjin/koptevo): fix some initial growing painsVincent Ambo1-3/+6
Change-Id: I614bba9e28ca789d2e641391ccf3bdbc6ff95dd5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8785 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI