yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
6,625 Commits 120 Branches 6 Tags
28c06bbdc127167e18e45bb86fa69b7d08b4fe3b
Commit Graph

2005 Commits

Author SHA1 Message Date
Jörg Thalheim
28c06bbdc1 update: fix sudo password prompt 2025-05-04 10:51:49 +02:00
Jörg Thalheim
39880f9434 fix upload when sudo prompts are needed 2025-05-04 10:51:49 +02:00
Mic92
b47c25c620 Merge pull request 'Miscellaneous ssh fixes.' (#3487) from misc-fixes into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3487
 2025-05-04 08:51:31 +00:00
Jörg Thalheim
7079e7f538 cmd: don't shadow time module 2025-05-04 10:39:50 +02:00
Jörg Thalheim
fb4421427b Host: always set needs_user_terminal for ssh commands, only override prefix if given by user 2025-05-04 10:39:39 +02:00
Jörg Thalheim
ef07a5b217 run_local: allow stdin to be a file descriptor 2025-05-04 10:39:28 +02:00
Jörg Thalheim
d98c01bc3a update_hardware_config: use host.run rather than adhoc ssh command 2025-05-04 10:30:46 +02:00
Jörg Thalheim
35ee7986d7 rename connect_ssh_shell to interactive_ssh 
better name than secure shell shell
 2025-05-04 10:28:43 +02:00
Jörg Thalheim
75cb031e6e move password/tor_socks into Host attributes 
we set those parameters usually just once.
 2025-05-04 10:28:43 +02:00
Jörg Thalheim
2f32e5bde2 configure ControlMaster and ControlPath for SSH connections 
This should speed up deployments by not having to reconnect to the server on each command
 2025-05-04 09:48:37 +02:00
Jörg Thalheim
f86c874ac8 facts/sops: no longer upload age key 
The vars backend already does this for us.
This avoids duplicated work.
 2025-05-04 09:29:29 +02:00
Mic92
376ab40c4b Merge pull request 'chore(deps): update nixpkgs digest to f21e454' (#3445) from renovate/nixpkgs-digest into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3445
 2025-05-04 07:16:50 +00:00
Mic92
655c7e4eed Merge pull request 'Avoid a few cases of chmod-after-creation' (#3438) from tangential/clan-core:it-s_a_race into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3438
 2025-05-04 07:08:43 +00:00
Jörg Thalheim
ee8921273a disable age-plugin-se for now on aarch64-linuxql 
disable
 2025-05-04 09:07:06 +02:00
Mic92
08a5ad0848 Merge pull request 'clanCore/vars/sops: only copy required secrets to store' (#3457) from vdbe/clan-core:clanCore/vars/sops/only-copy-used into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3457
 2025-05-04 06:41:37 +00:00
vdbe
f3e32ce827 clanCore/vars/sops: only copy required secrets to store 
Create a store path per in repo secret/var to be copied, this prevents
unused secrets from being leaked.

For example the `root-password` generator contains both the hashed and
unhashed password but only the hash is used.
 2025-05-04 08:08:58 +02:00
Mic92
dcb3eb95dc Merge pull request 'Set terminal on nix flake update/archive' (#3468) from fix-shell-on-copy into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3468
 2025-05-04 05:59:58 +00:00
DavHau
71cdbc989c GUI/vars: add endpoints for getting prompts and generating vars 2025-05-03 14:44:51 +07:00
DavHau
6e9382b942 refactor(vars): move migration logic to extra file 2025-05-03 07:33:11 +00:00
DavHau
b9a20ef6a5 GUI: generate sops key when creating clan 2025-05-03 13:00:27 +07:00
pinpox
938dc5b155 Set terminal on nix flake update/archive 
When using resident SSH-keys (-sk), e.g. from a Yubikey that require a
Pin, a terminal is needed to be able to enter it during deployment.
 2025-05-02 15:41:29 +02:00
lassulus
8eeea85a16 clan-cli select: fix returning early on list select 2025-05-02 00:16:21 +09:00
Mic92
76275da3b0 Merge pull request 'correct capitilization for targetHost in error message' (#3461) from target-host into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3461
 2025-05-01 13:21:42 +00:00
Jörg Thalheim
22608dd0c2 correct capitilization for targetHost in error message 2025-05-01 15:11:05 +02:00
lassulus
fc1f563f7a clan_cli flake caching: fix caching of store files 2025-05-01 13:40:12 +09:00
hsjobeki
617b87b29e Merge pull request 'Refactor(inventory): move prio 'introspection' into inventoryClass to minimize the 'clanInternals' api' (#3440) from hsjobeki/clan-core:ui-fixups into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3440
 2025-04-30 10:24:34 +00:00
Johannes Kirschbauer
0d003f5424 Refactor(inventory): move prio 'introspection' into inventoryClass to minimize the 'clanInternals' api 2025-04-30 11:02:58 +02:00
DavHau
02ca5bd870 gui: make update machine work 
Also fix error when age plugins not defined
 2025-04-30 15:28:49 +07:00
DavHau
e6ad61c266 app: open welcome page if clan doesn't exist 
Previously if a user started the app and the last opened clan directory does not exist anymore, it would still show the clan screen but without any machines.

This changes catches this case and throws the user back to the clan selection page
 2025-04-30 14:48:05 +07:00
DavHau
1e8864b9ec ci performance: add check to ensure nothing depends on the whole repo 
Since this project is an ever growing monorepo, having derivations depending on the whole repo leads to bad CI performance, as the cache is busted on every commit.

-> We never want any derivations depend on the whole repo

...except: the test that tests that nothing depends on the whole repo, which is added by this commit.

For now only add this check to packages to allow contributors to build it locally.
We might want to add it to the CI later once all occurrences are fixed.
 2025-04-30 13:17:33 +07:00
Brian McGee
651b277bb9 feat: configure age plugins for SOPS in buildClan 2025-04-29 16:02:32 +10:00
Brian McGee
e281b689df fix: multiple user keys in secrets 
We were not loading all the user keys, only the first one.
 2025-04-29 15:47:54 +10:00
Brian McGee
1bfe318865 feat: support age plugins 
Extends how we parse the contents of `SOPS_AGE_KEY` / `SOPS_AGE_KEY_FILE` / `keys.txt`, allowing a user to prepend a comment before any `AGE-PLUGIN-` secret key entry to indicate its corresponding public key.

For example:

```
AGE-PLUGIN-FIDO2-HMAC-xxxxxxxxxxxxx
```

The comment can use any prefix (e.g. `# public key: age1xxxx`, `# recipient: age1xxx`) as we are looking directly for `age1xxxx` within the line.

This change is necessary to support `age` plugins as there is no unified mechanism to recover the public key from a plugin's secret key.

If a plugin secret key does not have a preceding public key comment, an error will be thrown when attempting to set a secret.
 2025-04-29 15:47:54 +10:00
Jonathan Thiessen
9f745ff637 Avoid a few cases of chmod-after-creation 2025-04-28 17:11:21 -07:00
Michael Hoang
87e3e59ba0 cli: don't depend on the entire clan-core 2025-04-28 13:20:07 +10:00
Michael Hoang
2f95d2edf2 cli: fallback to bundled Nixpkgs 2025-04-28 13:10:00 +10:00
Michael Hoang
c3842902ac cli: don't use select from clanLib 2025-04-28 12:52:00 +10:00
Johannes Kirschbauer
fbd291ba11 chore: remove unused moduleSchemas and related API endpoint for legacy modules 
We didn't reach the state where we would display these schemas in the
UI.
We might need to wire this up in a similar way for the newer
clan.services
 2025-04-27 13:14:09 +02:00
Johannes Kirschbauer
f67bf3c940 Fix(clan_lib.api): fix cyclic import problem for api schema export 2025-04-26 20:19:23 +02:00
Johannes Kirschbauer
f6628ec1a9 Refactor(clan_lib): move clan_cli.api into clan_lib.api 2025-04-26 19:51:35 +02:00
Johannes Kirschbauer
35c280ffa7 Refactor(clan_cli): init clan_lib folder 2025-04-26 19:50:11 +02:00
Mic92
d1041e400f Merge pull request 'nixpkgs source: delete existing symlink' (#3411) from nixpkgs-build into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3411
 2025-04-25 14:41:23 +00:00
Jörg Thalheim
d57c1ec7d7 nixpkgs source: delete existing symlink 2025-04-25 16:31:35 +02:00
Luis Hebendanz
107170804b Merge pull request 'clan-cli: Expose private_key to Machine class, in the future we should merge Machine and Host class' (#3407) from Qubasa/clan-core:vpb-patches2 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3407
 2025-04-25 12:26:00 +00:00
Qubasa
3214d27f0b clan-cli: Improve remote destination depth validation with detailed error messaging 2025-04-25 14:00:40 +02:00
Qubasa
f1a7f2aa69 clan-cli: Expose private_key to Machine class, in the future we should merge Machine and Host class 2025-04-25 13:38:03 +02:00
Mic92
0ceea4c8bf Merge pull request 'clanCore/vars: allow mode to be set' (#3404) from visualphoenix/clan-core:mode_fix into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/3404
 2025-04-25 09:44:25 +00:00
Raymond Barbiero
4117eb2f37 clanCore/vars: allow mode to be set 
fmt
 2025-04-25 11:29:43 +02:00
Michael Hoang
4c2584e246 lib: move select.select -> select for backwards compat with old CLIs 2025-04-25 17:30:06 +10:00
Michael Hoang
a2124b4ded cli: fix restoring backups 
There was a bug in `select` that made it output attrsets instead of
lists so we fix the broken refactor done in
300aaa48e7.
 2025-04-25 16:52:13 +10:00