about summary refs log tree commit diff
path: root/third_party
AgeCommit message (Collapse)AuthorFilesLines
2021-09-01 r/2810 chore(3p/lisp): import sclf source tarballsterni12-0/+3599
Used http://wcp.sdf-eu.org/software/sclf-20150207T213551.tbz (sha256 a231aeecdb9e87c72642292a1e083fffb33e69ec1d34e667326c6c35b8bcc794). There's no upstream repository nor a release since 2015, so importing seems to make a lot of sense. Since we can't subtree making any depot-related changes in a separate CL to make them more discoverable -- this is only the source import. Change-Id: Ia51a7f4029dba3abd1eee4eeebcf99aca5c5ba4c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3376 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-09-01 r/2809 feat(3p/lisp/closure-html): init at 2017-04-19sterni3-0/+166
This one requires a bit of jumping through hoops. Patching the dtd / catalog lookup is quite straightforward and similar to cxml, but the CLOSURE-HTML:*html-dtd* variable gives us a bit of trouble: It is defined quite late in `html-parser.lisp`, but files that need to be built first already reference it. SBCL has apparently decided to be particular about this and emits a `WARNING` (!) condition for this which is also worthy of `failure-p` of `compile-file` being true, so that `buildLisp` will abort compilation. We workaround this issue by injecting an extra source file which `defvar`s the desired symbol. A similar issue exists with `dump-dtd` which references `CL-USER:*HTML-DTD*` for some reason. Since this is a helper intended for development (?) and not exported we just throw it away via a patch. Change-Id: Ic0f92815a21f3793925c49a70a72f4a86791efe4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3263 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-09-01 r/2808 feat(3p/lisp/closure-common): init at 2018-09-09sterni1-0/+38
Change-Id: Ieec5470fe8fd54851b982c7a380185a3faeaa067 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3258 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-09-01 r/2807 fix(3p/overlays): Use notmuch.el from nixpkgsVincent Ambo2-1/+5
... instead of the one from the overlay, which can be out of sync. This requires the TVL overlay to be applied after the Emacs overlay. Change-Id: Idac403ea612e334c14b45759dc216699a506678f Reviewed-on: https://cl.tvl.fyi/c/depot/+/3484 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <mail@tazj.in>
2021-09-01 r/2806 refactor(3p/notmuch): Simplify setupVincent Ambo3-10/+2
The backported fix is no longer required and we can just apply the patch in the overlay, this makes everything a little easier. Change-Id: I654a1bb002eef5c578b8e576e133a159bde3f850 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3483 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-08-31 r/2802 chore(3p/gerrit): Remove avatar padding patchVincent Ambo2-112/+0
In the current config, Gerrit doesn't actually seem to realise that avatars are not enabled (this changed in 3.4 somehow). Either way we don't need to maintain this fix since there's an actual upstream one now: https://gerrit-review.googlesource.com/313982 Change-Id: I7efab7b8fa5e9e38bddae86acd8d8a7852b27bb6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3465 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-08-30 r/2801 chore(3p): update NixOS channels to 2021-08-30sterni1-6/+6
This lets us benefit from the recent OpenSSL security-related update [1]. Since nixos-unstable is still stuck, we temporarily use nixos-unstable-small as our unstable channel. Fixes necessary: * //users/sterni/nix/char: Someone has decided to drop writers.writeC upstream [2], so we reimplement it ad-hoc using runCommandCC [1]: https://www.openssl.org/news/secadv/20210824.txt [2]: https://github.com/nixos/nixpkgs/commit/982f46985e37a6488d8e904b46e0cba2060adc71 Change-Id: Id84756e2e370296b7a27e1a3f1744f58f8fe3c47 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3463 Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2021-08-28 r/2798 feat(3p/gerrit): Upgrade Gerrit and plugins to v3.4.0Vincent Ambo11-252/+31
Brings us back to a stable version of Gerrit instead of a random commit. Note that Gerrit 3.4.1 is out, but due to a bug it can not be built publicly because it accidentally points at a private submodule (this is being fixed upstream). Change-Id: I0376c63a649498cef999dfa99bfccba511f2c8da Reviewed-on: https://cl.tvl.fyi/c/depot/+/3444 Tested-by: BuildkiteCI Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-08-25 r/2776 chore(3p/nixery): Bump to latest versionVincent Ambo1-2/+2
Change-Id: Idd5b5646cd9c7e6b97c3957f31f7419258e0097c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3411 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2021-08-24 r/2772 feat(nix/buildLisp): add cclsterni10-12/+40
This adds support for Clozure's CL implementation to buildLisp. This is quite trivial in comparison to ECL since SBCL and CCL have very similar in how they work (so much so that CCL also suffers from b/136). Also the similarities in the code actually added here are striking, so I'll try to make an effort to reduce the code duplication in the future. To fix builds with CCL the following changes were made: * //3p/lisp/nibbles: The double inclusion of the types.lisp file was fixed. CCL doesn't like double definitions and refuses to compile otherwise. * //3p/lisp/physical-quantities: Update to a new bug fix release which contains a compilation fix for CCL. * //3p/lisp/routes: apply a patch fixing the build which was previously failing due to a double definition. * //3p/lisp/usocket: only depend on sb-bsd-sockets for SBCL and ECL, the latter of which seems to have a SBCL compatible implementation of the package. * Conditionally include a few CCL-specific source files and add `badImplementation` entries for the remaining failures which are //fun/gemma (to be expected) and //web/panettone which fails with an incredibly vague message. Change-Id: I666efdc39a0f16ee1bb6e23225784c709b04e740 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3350 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-24 r/2771 feat(nix/buildLisp): add eclsterni24-37/+162
Adds ECL as a second supported implementation, specifically a statically linked ECL. This is interesting because we can create statically linked binaries, but has a few drawbacks which doesn't make it generally useful: * Loading things is very slow: The statically linked ECL only has byte compilation available, so when we do load things or use the REPL it is significantly worse than with e. g. SBCL. * We can't load shared objects via the FFI since ECL's dffi is not available when linked statically. This means that as it stands, we can't build a statically linked //web/panettone for example. Since ECL is quite slow anyways, I think these drawbacks are worth it since the biggest reason for using ECL would be to get a statically linked binary. If we change our minds, it shouldn't be too hard to provide ecl-static and ecl-dynamic as separate implementations. ECL is LGPL and some libraries it uses as part of its runtime are as well. I've outlined in the ecl-static overlay why this should be of no concern in the context of depot even though we are statically linking. Currently everything is building except projects that are using cffi to load shared libaries which have gotten an appropriate `badImplementations` entry. To get the rest building the following changes were made: * Anywhere a dependency on UIOP is expressed as `bundled "uiop"` we now use `bundled "asdf"` for all implementations except SBCL. From my testing, SBCL seems to be the only implementation to support using `(require 'uiop)` to only load the UIOP package. Where both a dependency on ASDF and UIOP exists, we just delete the UIOP one. `(require 'asdf)` always causes UIOP to be available. * Where appropriate only conditionally compile SBCL-specific code and if any build the corresponding files for ECL. * //lisp/klatre: Use the standard condition parse-error for all implementations except SBCL in try-parse-integer. * //3p/lisp/ironclad: disable SBCL assembly optimization hack for all other platforms as it may interfere with compilation. * //3p/lisp/trivial-mimes: prevent call to asdf function by substituting it out of the source since it always errors out in ECL and we hardcode the correct path elsewhere anyways. As it stands ECL still suffers from a very weird problem which happens when compiling postmodern and moptilities: https://gitlab.com/embeddable-common-lisp/ecl/-/issues/651 Change-Id: I0285924f92ac154126b4c42145073c3fb33702ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/3297 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: eta <tvl@eta.st>
2021-08-24 r/2766 fix(3p/gerrit): Fix hash mismatch in dependency blobVincent Ambo1-1/+1
Change-Id: I8c3392e6b524b3868013df91fe5a7d3094ee757c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3409 Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-08-24 r/2765 chore(3p): Bump NixOS channels to 2021-08-24sterni1-6/+6
Change-Id: I727660fda72e4274304d56d2d4bd35c3164ae73c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3402 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-08-24 r/2760 fix(tazjin/emacs): Remove temporary override for telegaVincent Ambo1-6/+0
The channel has caught up with this fix. Change-Id: I86287a6808e6936e50e5d43cbafc74b9362e0bd8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3404 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-24 r/2759 chore(3p/overlays): Bump Emacs overlay to 2021-08-24Vincent Ambo1-3/+3
Change-Id: Ief4fb21082011d4056af77b7dae06edf33bd5b2f Reviewed-on: https://cl.tvl.fyi/c/depot/+/3403 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-08-24 r/2754 chore(3p): bump NixOS channels to 2020-08-18sterni1-6/+6
Wanted to port my emacs config to depot, but missing a dependency from the channel. Adjustments: * Downgrade grfn's Kernel to 5.10: The ck1 patch is not yet available for 5.13 unfortunately and the 5.12 set has been removed upstream. Change-Id: Ifaf315427bda2af590549ca0abec02a79f19a3ec Reviewed-on: https://cl.tvl.fyi/c/depot/+/3375 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-08-16 r/2744 chore(3p): bump NixOS channels to 2021-08-16sterni1-6/+6
Change-Id: I29936f5fb66387be5897339a7c9a26a9de9b8582 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3366 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-16 r/2743 feat(3p/lisp/babel): 2019-11-26 -> 2020-07-19sterni1-1/+1
Change-Id: I2e1a4e0fdbe0fd2dec3c2a0d5eb73d2a516ae768 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3354 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-16 r/2742 feat(3p/lisp/closer-mop): 2019-12-29 -> 2021-07-30sterni1-2/+2
Change-Id: I12c8c700db31aee8993d6d3752ea1bb217c30923 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3353 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-16 r/2741 feat(3p/lisp/iterate): 2018-02-07 -> 2021-05-23sterni1-1/+1
Seems to fix weird issues related to CCL I encountered. Change-Id: Id5c34c7c98e22b2bc56d6723af85cac1e031ed72 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3365 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-15 r/2740 feat(3p/lisp/nibbles): 2017-03-07 -> 2021-05-20sterni1-3/+8
Also allows us to enable the SBCL opt modules. Upstream changes as sharplispers has the only maintained nibbles fork atm. Change-Id: I6f0d1b9e4e570169e5f5c584364948e2031063af Reviewed-on: https://cl.tvl.fyi/c/depot/+/3364 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-15 r/2739 fix(3p/lisp/ironclad): add missing dependency on sb-posixsterni1-0/+1
This was previously propagated from somewhere else, but is actually needed here. Change-Id: I921758320ff5567b451291c69c8532d43a5c898c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3358 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-08-15 r/2734 feat(3p/lisp/cl-fad): 2019-07-28 -> 2021-01-10sterni1-2/+2
Change-Id: I695debc8895a347df5aa839b0b03331cacf90039 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3355 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-15 r/2733 fix(3p/lisp/babel): add missing dep on trivial-featuressterni1-1/+4
Change-Id: I0b95f3d6cade04de3f322a3eb209ff21eb9a98c2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3352 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-15 r/2732 refactor(3p/lisp/postmodern): remove unneeded dep on sb-bsd-socketssterni1-1/+0
Change-Id: I74ac3573a2181a89b15d7c2d037c423f5f991c7e Reviewed-on: https://cl.tvl.fyi/c/depot/+/3351 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-12 r/2725 feat(3p/lisp/trivial-features): 2019-07-02 -> 2020-02-28sterni1-1/+1
Specifically fixes some features missing with ECL. Change-Id: Ib04a0dc3a6e299b07d405fab7b593d2c1cbda896 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3345 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-08-12 r/2720 feat(3p/nixpkgs): Expose nixpkgs commit hashesVincent Ambo1-0/+9
This makes it possible to use the hashes in things that should, for example, be keyed on the nixpkgs version (such as cache-folders for Nixery). Change-Id: I500d13a4d96b0c28fcf6ca383d2a86515565da36 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3341 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-08-11 r/2718 chore(3p/overlays): Bump Emacs overlay to 2021-08-11Vincent Ambo1-3/+3
Maybe this one will include a fixed telega.el? Change-Id: I0de2dafdc8e5b82ed1174e83023cd96fab5f190e Reviewed-on: https://cl.tvl.fyi/c/depot/+/3300 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-08-11 r/2717 chore(3p): bump NixOS channels to 2021-08-11sterni1-6/+6
This channel version contains a couple of ECL fixes which I'm after. Change-Id: Id9f5dba2da99cfbd673417b72a55c56f9a55d875 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3299 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-08-08 r/2711 fix(tazjin/emacs): Temporary fixes to use unstable telegaVincent Ambo1-0/+6
The latest Emacs versions removed some (private) functions that telega depends on, and this is fixed in HEAD of telega.el. However, without these fixes, the unstable version of telega doesn't build because the patch Nix tries to apply doesn't match the source anymore. The patch itself doesn't seem to do anything relevant for me. Change-Id: Ib9a042c636cb438b2b15d231a07afd5c02be72ee Reviewed-on: https://cl.tvl.fyi/c/depot/+/3294 Reviewed-by: tazjin <mail@tazj.in> Tested-by: BuildkiteCI
2021-08-08 r/2710 chore(3p/nixpkgs): Bump nixpkgs channels to 2021-08-04Vincent Ambo2-6/+14
I used //tools/depot-nixpkgs-update for this - thanks again, sterni! Included fixes: * temporary workaround for building notmuch python package, fixed in upstream already (but channel hasn't advanced there) * Disable fprintd in grfn.system.yeren, as the fprintd-tod package currently has a version mismatch in nixpkgs Co-authored-by: Griffin Smith <grfn@gws.fyi> Change-Id: If6d71b08ace9db57daadfe3b69b9cd4aec6a5a4e Reviewed-on: https://cl.tvl.fyi/c/depot/+/3274 Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org> Tested-by: BuildkiteCI
2021-08-06 r/2709 feat(3p/nixery): Import Nixery repository build targetsVincent Ambo1-0/+18
Change-Id: I214247a25766dd9284ae8676636c594acb0171c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3279 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-08-06 r/2706 chore(3p/overlays): Bump Emacs overlayVincent Ambo1-3/+3
Change-Id: I09dea9c14ff72fde1a66caec48a62976139722b6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3275 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
2021-07-28 r/2696 chore(3p/nixpkgs): update channels to 2021-07-25sterni4-14/+17
* 3p/buzz: bump to latest master (1.6.0) * 3p/emacs/explain-pause-mode: adjust to package-build update MELPA's package build now cares about git revisions, but calling VC commands in a nix build is usually a bad idea. Thus upstream nixpkgs passes `$commit` to the `buildPhase` and otherwise fails with an error message that doesn't really point to the issue. Upstream change: https://github.com/NixOS/nixpkgs/commit/9140d4b06ff09bce8dd8e384eeef832e7811d288 * 3p/overlays/emacs: udpate to 2021-07-25 to support the package-build update. Without this emacsPackages.xelb (for tazjin's exwm) would fail. Change-Id: I7cd782fe7d66ed4ea78c529b79fe761d921f46a8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3253 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-07-16 r/2694 chore(3p): bump unstable channel to 2021-07-03sterni1-3/+3
Didn't bother to update the stable channel as it is unused currently. Changes required: * tazjin/frog, grfn/modules/obs: Remove obs-v4l2sink as it has been integrated into upstream OBS and the package removed from nixpkgs subsequently (at least according to the `builtins.throw`-message). Change-Id: I4335ed060eef2c4ff8ac55a68d894bcc3d8ef4a3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3243 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi> Reviewed-by: tazjin <mail@tazj.in>
2021-06-14 r/2665 chore(3p/nixpkgs): Bump unstable channel to 2021-06-14Vincent Ambo2-5/+5
Included fixes: * 3p/apereo-cas: Don't use stdenv.lib * grfn/system: Bump Linux to 5.12 (5.11 is gone) Change-Id: Ie32d476e659ba482418d4035333c2797a7dbd106 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3211 Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-06-12 r/2651 refactor(ops): Break out prometheus-fail2ban-exporter moduleGriffin Smith1-0/+17
Break out the configuration for the prometheus fail2ban exporter, which is a simple python script that exports stats from fail2ban as a prometheus-scrapable textfile, from Mugwump into a reusable nixos module in //ops/nixos/modules. Change-Id: I5451c9c5de6c7bc4431150ae596a9c758bf1b693 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3136 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-06-05 r/2648 chore(3p/nixpkgs): Bump channels to 2021-06-05Vincent Ambo2-19/+7
Includes the following depot changes & fixes: * stable moves to NixOS 21.05 * stable isn't used anymore (but we'll keep the mechanism) * haskell overlay's `random` override is removed (YAY!) * grfn/iso: Switch to regular kernel rather than latest kernel, as latest kernel is currently marked as broken due to zfs * grfn/home: Use julia_16-bin temporarily julia 1.5 (current julia-stable, source built release in nixpkgs) doesn't pass its own test suite. Julia 1.6 doesn't have a source built package in nixpkgs yet, so julia_16-bin appears to be the only working julia derivation currently. * tazjin/tverskoy: Use zfs unstable, as stable zfs doesn't work with the latest kernel Co-Authored-By: Griffin Smith <grfn@gws.fyi> Co-Authored-By: sterni <sternenseemann@systemli.org> Change-Id: I6f2e3d9f75077e4755de6bde9104d44b584cbe4c Reviewed-on: https://cl.tvl.fyi/c/depot/+/3174 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>
2021-06-02 r/2641 fix(3p/josh): Temporarily patch instances of master->canonVincent Ambo2-0/+51
... until hardcoded references are removed upstream. This is motivated by HEAD-branch related issues when cloning depot via josh and a naive search for places where `master` was used directly. Change-Id: I46709631d6ee5561344fc5f407324bcf69c641e2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3171 Tested-by: BuildkiteCI Reviewed-by: cschilling <christian.schilling.de@gmail.com> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-06-02 r/2640 chore(3p/josh): Bump to most recent commitVincent Ambo1-2/+2
Includes a potentially relevant fix (anonymous authentication with the correct username). Change-Id: Iabf2eff43e98cc8b7b998ead3775b1fc8f1dfac6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3173 Tested-by: BuildkiteCI Reviewed-by: cschilling <christian.schilling.de@gmail.com>
2021-06-02 r/2639 chore(3p/naersk): Bump version to latest commitVincent Ambo1-5/+3
There have been a few relevant fixes. Change-Id: I84b6fb645703972b03f1210cb69d03467caefbfa Reviewed-on: https://cl.tvl.fyi/c/depot/+/3172 Reviewed-by: grfn <grfn@gws.fyi> Tested-by: BuildkiteCI
2021-05-25 r/2630 chore(nixpkgs): Bump channels to 2021-05-25Vincent Ambo8-41/+20
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides * ops: make new isSystemUser || isNormalUser assertion happy * users/grfn/system/system/mugwump: make buildkite agents system users * users/tazjin/nixos/camden: set isSystemUser = true for git * users/tazjin/emacs: Remove missing & broken packages * third_party/openldap: remove, as the argon2 module is now enabled upstream * third_party/gerrit_plugins: Pinned new unstable hashes * third_party/nix, third_party/grpc: Disabled CI as these are broken * third_party/overlays/emacs: Bumped version to stay in sync with channel * third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib, since libclang's default output no longer contains libclang.so * users/grfn/system/home: Install julia-stable instead of julia (which aliases to julia-lts), as the latter depends on an insecure version of libgit Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 r/2626 refactor(ops/nixos): Pass `depot` as a special argumentVincent Ambo1-3/+32
This changes the evaluation order for the `depot` argument and ensures it is partially evaluated before the module system starts resolving imports. This way we can import modules from `depot.path` without `depot` having to come from readTree. Fixes b/129. Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 r/2622 chore(3p/overlays): Remove LLVM11 bump from overlayVincent Ambo10-20/+16
* This was mostly for //third_party/nix and its dependencies which now have been set to use llvmPackages_11 manually. * For //users/grfn/achilles we also manually select the newer LLVM version. * //tools/cheddar doesn't seem to need llvm anymore. * //third_party/buzz also compiles with clang 7.1.0 * replace clang-tools everywhere with new attribute clang-tools_11 For the future we may want to have something similar again, but it may not be necessary to invest too much time into it: nixpkgs is set to upgrade their default llvmPackages to LLVM 11 as well at some point in the near future. Co-Authored-By: sterni <sternenseemann@systemli.org> Change-Id: Id83868dbc476a6c776b59518b856c933f30ea79d Reviewed-on: https://cl.tvl.fyi/c/depot/+/3135 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 r/2607 refactor(tazjin/emacs): Switch to sending mail via lieerVincent Ambo2-54/+0
This drops the msmtp requirement from my configuration; there's still some cleanup to be done but I need to double-check this in a few environments first. Change-Id: I298f4ff77b45cb214fbccee84e9bbd861508d11a Reviewed-on: https://cl.tvl.fyi/c/depot/+/3132 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-05-22 r/2605 feat(3p/litestream): Add derivation for litestreamVincent Ambo1-0/+23
This is a simple Go module build for https://litestream.io/ If this ends up being useful, we should upstream this to nixpkgs. Change-Id: I3beb64c9adb3b57fcef4e1dfb27f293a15f90a76 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3085 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
2021-05-21 r/2599 feat(apereo-cas): move away from 127.0.0.1:8443Florian Klink1-1/+1
The following commit itends to bind on port 8443 on all interfaces, so let's move this to something else. Change-Id: Ibb94a0f4e6892b6e543b542b89bcdaaefb617f23 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3126 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in>
2021-05-17 r/2595 feat(tools): add rust-crates-advisoryProfpatsch1-0/+27
We have a bunch of crates in `third_party/rust-crates`; it would be great if we could check them for existing CVEs. This tool does that, it takes the rust security advisory database, parses the applicable CVEs, and cross-checks them against the actual crate versions we list in our package database. The dumb parser we wrote is tested against all entries in the database, so we will notice when upstream breaks their shit. Checking the semver stuff is easy enough with the semver crate. If an advisory matches, it prints the whole thing and fails the build. Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-04 r/2563 chore(3p/josh): Bump version to latest HEADVincent Ambo2-73/+3
This lets us drop the patch for pinning the git library, as this one is now pinned to something upstream. Change-Id: Ib8026f5f22e2e49371a2bad83aa726c2951570e4 Reviewed-on: https://cl.tvl.fyi/c/depot/+/3086 Tested-by: BuildkiteCI Reviewed-by: eta <eta@theta.eu.org>
2021-04-23 r/2537 feat(third_party/gopkgs): add charmbracelet/{bubbletea,bubbles}Profpatsch10-0/+171
A small go TUI framework based on the Elm Architecture. Change-Id: I0c400a7b25af682735bfc5061db179e5d1dd75ab Reviewed-on: https://cl.tvl.fyi/c/depot/+/2853 Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: lukegb <lukegb@tvl.fyi> Tested-by: BuildkiteCI