Age | Commit message (Collapse) | Author | Files | Lines |
|
This allows setitng the trusted-public-keys URL parameter to a
(whitespace-separated) list of public keys.
NARInfo files retrieved need to contain a valid signature.
Change-Id: Ifd6580b723cbae3182e9cadfa54f1ca2b41d6599
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10153
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Introduce an Option<Vec<narinfo::PubKey>>, configurable with a
`set_public_keys` method.
If set, this configures NixHTTPPathInfoService to validate signatures.
Change-Id: I157c5e13c41fc9bfd40b0655381fb4cf33900868
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10152
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
This makes it easy for each PubKey to check if a given Signature is
correct for a given fingerprint.
Change-Id: I56e6211d133f74f390fd1ae3ae799eef12221904
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10151
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
This represents a ed25519 public key and "name".
These are normally passed in the `trusted-public-keys` Nix config option,
and consist of a name and base64-encoded ed25519 pubkey, separated by a `:`.
Change-Id: I9ab4b3e0e5821805ea6faf2499626630fc5a3f0a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10150
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Just call this Error, we can infer from the package what error this is.
Change-Id: I5df25d2873ec739c49c08804f35562c84c222e06
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10149
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Ensure the initially communicated NarHash/NarSize from the NarInfo
matches what we read, and don't return a PathInfo message if there's
a mismatch.
Also move the buffering layer around a bit.
Change-Id: I68c60ecfaf0f9cd5edacea648437ecb0c9729251
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10148
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
An error in the PathInfoService request can appear in case the
underlying request returns an error.
We shouldn't panic and bork the fuse mount, but instead return an IO
error.
Change-Id: I2daeae629e1627d06adcd7b82ddb76c50c602212
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10154
Tested-by: BuildkiteCI
Reviewed-by: Connor Brewster <cbrewster@hey.com>
|
|
This removes the wonky hack with detecting the bottom right window,
and gives me saner, unified handling of this display in the tab
bar (of which there is only one!)
Change-Id: Id21c6b2472d0c89fc4d000a10a9e90d2ddba86b6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10165
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Enables the new autosubmit bot, albeit without rebase
functionality (this will be a separate change).
Change-Id: Ia42a4f08c0edca5e6cc8bf4770ec24dbf16a5db7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10132
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Adds a small Rust program that connects to the Gerrit API and uses a
simple algorithm to figure out which changes should be submitted, and
submits them:
* it fetches all changes the Gerrit query API considers
submittable (i.e. all requirements fulfilled), and that have the
`Autosubmit` label set
* it filters these changes down to those that are _actually_
submittable (in Gerrit API terms: that have an active Submit button)
* it filters out those that would submit ancestors that are *not*
marked with the `Autosubmit` label
* it submits the longest chain
After that it just loops.
There is no rebasing logic yet for when it "runs out" of submittable
changes, but it will not be difficult to add.
Relates to b/333.
Change-Id: Ib91ecf2c45b178e8c64ff7b2174d617d4c45efe2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10131
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
* picked avrdude from stable channel
* removed override for texlive, as the upstream fix is merged
* picked awscli2 from stable channel
* bump tdlib to 1.8.21 (new minimum for telega.el)
* tvix/turbofetch: switch to nixpkgs-native mechanism for
CARGO_MANIFEST_LINKS (whatever that is)
Change-Id: Ic695721b5ca750b89d21cab7a257e1db682b23c0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10083
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
We should restrict this to alphanumeric mostly, and we definitely don't
want newlines.
Not entirely sure about the exact additionally allowed characters
outside of alphanumeric, but this can always be extended further.
Change-Id: I1357e79e553f2df2fa97792889f63f0f35d50ed5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10147
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
BASE64.decode_mut panics if we're passing data that has the wrong size.
Do the size check first and error out there.
Also update the error, and talk about b64-encoded sizes.
Change-Id: I290f80a37d48526a30bf1df9d1d9fe34865008eb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10146
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
|
|
No need to hardcode magic numbers here, we have a constant for that.
Change-Id: I67b671c0c4bb7c3bfb001e9c36499f31873ee717
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10145
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: I19cab91646241edc38a58bf5546c9dd8161abeb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10130
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
`lib.types.attrs` is deprecated in favor of `lib.types.attrsOf
lib.types.anything` because it doesn't merge attribute sets
/recursively/. `attrsOf` and `anything` do, the former is used to ensure
that the top value is an attribute set as expected by irccat.
Change-Id: I2a9d943a06c8f99f7d6d20c9944288e854924bff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10129
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and
move it into //ops/modules. I originally wanted to have additionally
disk health related services in that module, but the btrfs scrub
functionality is nicely self-contained and reusable, so I think it makes
sense to have this in a more central location.
Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
Network configuration and initrd setup is basically the same as with
edwin, but we are using md for Software RAID this time as well as LVM
over two partitions with LUKS:
- sda2 <-- RAID1 --> sdb2 (boot-raid)
└ boot partition, ext4 (encrypted-container-raid)
- sda3 <-- RAID1 --> sdb3
└ LUKS container
└ Volume Group vgmain
├ Logical Volume vgmain/swap
│ └ swap
└ Logical Volume vgmain/root
└ btrfs
So we no longer rely on btrfs raid1 due to question marks over its
reliability (I personally did not have any problems though). This also
means that we have less LUKS containers we need to unlock when
booting (kind of neglible improvement). The biggest improvement is that
we have redundancy for the swap, so a disk failure shouldn't cause
memory corruption/loss.
Change-Id: I14f065b659857415917d9a60a7ec019e687f8d1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10127
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I576107047d8213e718e720d3a7a1dcc1dff39122
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10126
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
These settings would also be applied to a machine that'd replace edwin,
so it's useful to have them outside edwin's default.nix.
Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
This introduces a new structure, as activities are moved to a separate
AWS Account for reasons (tm).
Change-Id: Ic310eca2dc0d4ee81bae8944238b26910067336a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10124
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
This fixes a future clippy lint.
Change-Id: Ic830e94ef23595580c1037f10878c76bbb546dd9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10110
Tested-by: BuildkiteCI
Reviewed-by: Adam Joseph <adam@westernsemico.com>
|
|
This fixes a *future* clippy lint:
https://rust-lang.github.io/rust-clippy/master/index.html#/incorrect_partial_ord_impl_on_ord_type
In essence, because the implementation of *both* Ord and PartialOrd
implies that ordering is not partial, all results of PartialOrd should
simply be those of Ord. This is to avoid subtle bugs in future
refactorings.
Change-Id: I8fc6694010208752dd47746a2aaaeca0c788d574
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10109
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: I53084dcf033b8e7b2b7188fbef0a8d1ce15ceb83
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10123
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This removes everything related to workspaces, as well as the current
RandR configuration, creating a (cleaner) slate for switching to tabs.
This was supposed to be committed earlier, but got broken by
clbot (see b/333).
Change-Id: I2d110bca0d6629a505699210f0aba12882f83d48
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10115
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Sets up tab-bar-mode for EXWM, and adds simple initial configuration
and shortcuts to make it behave sanely. I had to assign tab switching
shortcuts myself, as the EXWM input key stuff doesn't work correctly
with the built-in way of setting these shortcuts in tab-bar-mode.
Change-Id: Icd96f03ae7bd2bd5f7c2d59f9aca7a1ca2e7f788
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10116
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Adds an `exwm-assign-workspaces` function that automatically creates
and assigns workspaces to each currently connected monitor. The first
workspace (index 0) is always on the primary monitor.
This function should be idempotent and can be called at any point to
synchronise X outputs and what EXWM is displaying on them.
This works because tabs are disconnected from workspaces completely,
so I don't have to care about what's going on on other workspaces
anymore.
Still missing:
* functions to connect/disconnect outputs
* switching to other outputs from within emacs commands (i.e. without
the mouse)
Change-Id: I7c24aa1b45218fe35de6939e799852b5d11d1272
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10119
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This seems to actually sort of work with tab-bar-mode.
Change-Id: I7b12b69ec7413ce9b9e1650d8629db8aca8a1796
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10117
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This one is a bit stupid because I couldn't figure out a way to
determine the active workspace. It's definitely possible (either
through some XCB calls, or through state management in screen change
hooks), but for now this is fine.
Change-Id: I5e4c531b248caa0021664bad9dc196bef60cfbac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10122
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
By default, this will be the (only) remaining monitor. In N>2
situations, ask the user.
Change-Id: Id68fcf60d56d0414d1072b8ffeef72c608678f52
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10121
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Uses a bunch of weird xrandr invocations and completing reads to
configure screens the way I want.
Note that this has a known bug where disconnecting a primary screen
will *not* make one of the remaining screens primary.
Change-Id: Ide5322df446685cc4740d4ddd7b6ca8682375050
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10120
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: I4eab5c81fb82337da06327248845cd2f3a4490d3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10038
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: Adam Joseph <adam@westernsemico.com>
|
|
This commit adds Thunk::unwrap_or_clone(), which uses
Rc::try_unwrap() to avoid cloning the Value out of a an Rc which has
only one strong reference.
Change-Id: Icacefe0c823dcddf046d90c0c5cd5ed59fe976d4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10037
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: Adam Joseph <adam@westernsemico.com>
Tested-by: BuildkiteCI
|
|
Change-Id: Id09afa4b77c3c70fb5695f253f6df4aa88b61e19
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10113
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: Ibddaa111a5b7a86c42dbe153ae8e53f9a5601a54
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10112
Tested-by: BuildkiteCI
Reviewed-by: Adam Joseph <adam@westernsemico.com>
|
|
This allows seeing a PathInfo as a nix_compat::narinfo::NarInfo<'_>.
It doesn't allocate any new data, but the NarInfo<'_> view allows us to
access things like signature verification, or rendering out
(alternations of this) as strings.
Change-Id: Id0d8d7feeb626ee02c3d8a4932f24ace77022619
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10108
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
This is useful when creating a new Signature struct where the individual
elements are already parsed.
Change-Id: Ie33c66287641951e7a030aaa1e7ff0a86b2628ac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10111
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
Change-Id: I637a4cff5a5ca29c4d86e0b76a2f20f8741f5628
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10107
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
|
|
Change-Id: Iaa68044d3b469f15a932aa3b59548505eaa6b8bb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10106
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
|
|
We can simply use .to_owned() on that thing afterwards if we want to
construct an owned StorePath.
Change-Id: I0f3e2e4434b99ee522f2a7dbfa391e13a987479c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10105
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
|
|
We always know this needs to end with a .drv, and fail parsing if it
doesn't, so there's no need to hang onto these 4 bytes.
This will make it much easier to synthesize a NarInfo<'_> later on from
a PathInfo proto, because we don't have to make this ".drv" appear out
of thin air.
Change-Id: Id95e7fd937d7c9a420a39b5a4bab73985640ca3b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10084
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Autosubmit: flokli <flokli@flokli.de>
|
|
These were used to format to and parse from strings.
Move this to the CAHash and NixHash structs directly, and be explicit in
the name about which encoding for digests is used.
For output path calculation, nix encodes the nixpaths in hex, but for
writing out NARInfos, it's using nixbase32.
Change-Id: Ia585a76a3811b2609e7ce259fda66a29403b7e07
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10079
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
|
|
Something changed in the machinery and broke the overriding. I didn't
notice this, as a I was temporarily using an unpatched EXWM.
Change-Id: I1a4e8ea63bd116d86a430e680c2b631474e9a0fe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10047
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This adds support to compute the fingerprint string, which is what's
ed25519-signed in binary caches.
Change-Id: I8947239c609896acfd7261f110450014bedf465a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10080
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
|
|
This adds support for verifying signatures found in NARInfo files.
This still needs to be hooked together with the nix+http[s] backend.
Change-Id: Ic1c8ddbdecfb05cefca2492808388b0f7f3f2637
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10081
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
|
|
Change-Id: I2c2c3d4722a69a1ce5a4f144d0c450d88f40856a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10082
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
|
|
Change-Id: Ic257475e2afebf059c5317c1cc5b04ba63d5d318
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10078
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
|
|
Change-Id: Id85f979e46946da0345483cbbc6de3dd29c94c63
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10077
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
|
|
NixHTTPPathInfoService acts as a bridge in between the Nix HTTP Binary
cache protocol provided by Nix binary caches such as cache.nixos.org,
and the Tvix Store Model.
It implements the [PathInfoService] trait in an interesting way: Every
[PathInfoService::get] fetches the .narinfo and referred NAR file,
inserting components into a [BlobService] and [DirectoryService], then
returning a [PathInfo] struct with the root.
Due to this being quite a costly operation, clients are expected to
layer this service with store composition, so they're only ingested
once.
The client is expected to be (indirectly) using the same [BlobService]
and [DirectoryService], so able to fetch referred Directories and Blobs.
[PathInfoService::put] and [PathInfoService::nar] are not implemented
and return an error if called.
This behaves very similar to the nar-bridge-pathinfo code in nar-bridge,
except it's now in Rust.
Change-Id: Ia03d4fed9d0657965d100299af97cd917a03f2f0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10069
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
|
|
There's no need to already require this to be buffered here.
Change-Id: Ib9a11b194e0754d87ab8d2ef0b8cb0f4edc01229
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10074
Tested-by: BuildkiteCI
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
|