yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,661 Commits 120 Branches 6 Tags
1d1b7c73b5fb8b373d914f0cdf94603082137907
Commit Graph

1623 Commits

Author SHA1 Message Date
Mic92
1d1b7c73b5 Merge pull request 'fix incorrect target host when build host is set' (#3511) from ssh-foo into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3511
 2025-05-06 07:54:40 +00:00
Jörg Thalheim
19947c6d6b fix incorrect target host when build host is set 2025-05-06 09:26:59 +02:00
Luis Hebendanz
a887e26fef Merge pull request 'clan-cli: fix bubblewrap not finding bash when IN_NIX_SANDBOX=1 if prev environment doesn't have it in PATH' (#3503) from Qubasa/clan-core:fix_bubblewrap_bash_path into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3503
 2025-05-05 21:07:22 +00:00
Luis Hebendanz
d55e70506d Merge pull request 'clan-cli: add test_create in clan_lib test folder' (#3501) from Qubasa/clan-core:api_vm_test into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3501
 2025-05-05 20:29:57 +00:00
Qubasa
073304ec6b clan-cli: fix bubblewrap not finding bash when IN_NIX_SANDBOX=1 if prev environment doesn't have it in PATH 2025-05-05 22:19:17 +02:00
hsjobeki
f6b0b5ada5 Merge pull request 'API(cli): add method to Flake class to allow calling nix functions' (#3502) from hsjobeki/clan-core:improvements-2 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3502
 2025-05-05 20:16:28 +00:00
Qubasa
b90812ecce clan-cli: add test_create in clan_lib test folder 2025-05-05 22:16:02 +02:00
Johannes Kirschbauer
dfa5a228e8 feat(clanLib): init evalServiceSchema 2025-05-05 21:55:29 +02:00
Johannes Kirschbauer
750cca1991 API(cli): add method to Flake class to allow calling nix functions 2025-05-05 21:46:20 +02:00
DavHau
23d19f1a52 vars: improve API of generate_vars_for_machine 
receive list of generator names as an argument instead of generator objects
 2025-05-05 15:55:04 +07:00
Jörg Thalheim
be79d75c08 bind ssh controlmaster to live time of CLI 2025-05-04 16:28:14 +02:00
Jörg Thalheim
dc4268dbf2 fix ssh control master check (#3488) 
Co-authored-by: pinpox <git@pablo.tools>
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3488
Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
Co-committed-by: Jörg Thalheim <joerg@thalheim.io>
 2025-05-04 12:49:53 +00:00
Jörg Thalheim
9af16037a2 Revert "Merge pull request 'Fix deploying with sudo + password' (#3470) from target-host into main" 
This reverts commit fbc0f9cde5, reversing
changes made to b47c25c620.
 2025-05-04 13:37:39 +02:00
Jörg Thalheim
f640beaec5 tests_secrets_cli: improve assertion message for pgp key 2025-05-04 10:51:49 +02:00
Jörg Thalheim
bd53342e50 fix terminal output when terminal is put into interactive mode 2025-05-04 10:51:49 +02:00
Jörg Thalheim
28c06bbdc1 update: fix sudo password prompt 2025-05-04 10:51:49 +02:00
Jörg Thalheim
39880f9434 fix upload when sudo prompts are needed 2025-05-04 10:51:49 +02:00
Mic92
b47c25c620 Merge pull request 'Miscellaneous ssh fixes.' (#3487) from misc-fixes into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3487
 2025-05-04 08:51:31 +00:00
Jörg Thalheim
7079e7f538 cmd: don't shadow time module 2025-05-04 10:39:50 +02:00
Jörg Thalheim
fb4421427b Host: always set needs_user_terminal for ssh commands, only override prefix if given by user 2025-05-04 10:39:39 +02:00
Jörg Thalheim
ef07a5b217 run_local: allow stdin to be a file descriptor 2025-05-04 10:39:28 +02:00
Jörg Thalheim
d98c01bc3a update_hardware_config: use host.run rather than adhoc ssh command 2025-05-04 10:30:46 +02:00
Jörg Thalheim
35ee7986d7 rename connect_ssh_shell to interactive_ssh 
better name than secure shell shell
 2025-05-04 10:28:43 +02:00
Jörg Thalheim
75cb031e6e move password/tor_socks into Host attributes 
we set those parameters usually just once.
 2025-05-04 10:28:43 +02:00
Jörg Thalheim
2f32e5bde2 configure ControlMaster and ControlPath for SSH connections 
This should speed up deployments by not having to reconnect to the server on each command
 2025-05-04 09:48:37 +02:00
Jörg Thalheim
f86c874ac8 facts/sops: no longer upload age key 
The vars backend already does this for us.
This avoids duplicated work.
 2025-05-04 09:29:29 +02:00
Mic92
655c7e4eed Merge pull request 'Avoid a few cases of chmod-after-creation' (#3438) from tangential/clan-core:it-s_a_race into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3438
 2025-05-04 07:08:43 +00:00
Mic92
08a5ad0848 Merge pull request 'clanCore/vars/sops: only copy required secrets to store' (#3457) from vdbe/clan-core:clanCore/vars/sops/only-copy-used into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3457
 2025-05-04 06:41:37 +00:00
vdbe
f3e32ce827 clanCore/vars/sops: only copy required secrets to store 
Create a store path per in repo secret/var to be copied, this prevents
unused secrets from being leaked.

For example the `root-password` generator contains both the hashed and
unhashed password but only the hash is used.
 2025-05-04 08:08:58 +02:00
Mic92
dcb3eb95dc Merge pull request 'Set terminal on nix flake update/archive' (#3468) from fix-shell-on-copy into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3468
 2025-05-04 05:59:58 +00:00
DavHau
71cdbc989c GUI/vars: add endpoints for getting prompts and generating vars 2025-05-03 14:44:51 +07:00
DavHau
6e9382b942 refactor(vars): move migration logic to extra file 2025-05-03 07:33:11 +00:00
DavHau
b9a20ef6a5 GUI: generate sops key when creating clan 2025-05-03 13:00:27 +07:00
pinpox
938dc5b155 Set terminal on nix flake update/archive 
When using resident SSH-keys (-sk), e.g. from a Yubikey that require a
Pin, a terminal is needed to be able to enter it during deployment.
 2025-05-02 15:41:29 +02:00
lassulus
8eeea85a16 clan-cli select: fix returning early on list select 2025-05-02 00:16:21 +09:00
Mic92
76275da3b0 Merge pull request 'correct capitilization for targetHost in error message' (#3461) from target-host into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3461
 2025-05-01 13:21:42 +00:00
Jörg Thalheim
22608dd0c2 correct capitilization for targetHost in error message 2025-05-01 15:11:05 +02:00
lassulus
fc1f563f7a clan_cli flake caching: fix caching of store files 2025-05-01 13:40:12 +09:00
hsjobeki
617b87b29e Merge pull request 'Refactor(inventory): move prio 'introspection' into inventoryClass to minimize the 'clanInternals' api' (#3440) from hsjobeki/clan-core:ui-fixups into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3440
 2025-04-30 10:24:34 +00:00
Johannes Kirschbauer
0d003f5424 Refactor(inventory): move prio 'introspection' into inventoryClass to minimize the 'clanInternals' api 2025-04-30 11:02:58 +02:00
DavHau
02ca5bd870 gui: make update machine work 
Also fix error when age plugins not defined
 2025-04-30 15:28:49 +07:00
DavHau
e6ad61c266 app: open welcome page if clan doesn't exist 
Previously if a user started the app and the last opened clan directory does not exist anymore, it would still show the clan screen but without any machines.

This changes catches this case and throws the user back to the clan selection page
 2025-04-30 14:48:05 +07:00
Brian McGee
651b277bb9 feat: configure age plugins for SOPS in buildClan 2025-04-29 16:02:32 +10:00
Brian McGee
e281b689df fix: multiple user keys in secrets 
We were not loading all the user keys, only the first one.
 2025-04-29 15:47:54 +10:00
Brian McGee
1bfe318865 feat: support age plugins 
Extends how we parse the contents of `SOPS_AGE_KEY` / `SOPS_AGE_KEY_FILE` / `keys.txt`, allowing a user to prepend a comment before any `AGE-PLUGIN-` secret key entry to indicate its corresponding public key.

For example:

```
AGE-PLUGIN-FIDO2-HMAC-xxxxxxxxxxxxx
```

The comment can use any prefix (e.g. `# public key: age1xxxx`, `# recipient: age1xxx`) as we are looking directly for `age1xxxx` within the line.

This change is necessary to support `age` plugins as there is no unified mechanism to recover the public key from a plugin's secret key.

If a plugin secret key does not have a preceding public key comment, an error will be thrown when attempting to set a secret.
 2025-04-29 15:47:54 +10:00
Jonathan Thiessen
9f745ff637 Avoid a few cases of chmod-after-creation 2025-04-28 17:11:21 -07:00
Michael Hoang
87e3e59ba0 cli: don't depend on the entire clan-core 2025-04-28 13:20:07 +10:00
Michael Hoang
2f95d2edf2 cli: fallback to bundled Nixpkgs 2025-04-28 13:10:00 +10:00
Michael Hoang
c3842902ac cli: don't use select from clanLib 2025-04-28 12:52:00 +10:00
Johannes Kirschbauer
f67bf3c940 Fix(clan_lib.api): fix cyclic import problem for api schema export 2025-04-26 20:19:23 +02:00