Qubasa
3cc7511764
clan-cli: Replace HostGroup and MachineGroup with generic AsyncRuntime class. Propagate cmd prefix over thread local. Close threads on CTRL+C
2024-12-09 18:07:23 +01:00
lassulus
ceaeb2f1f6
vars migration: raise error on incomplete migration, commit migrated files
2024-12-06 11:25:17 +01:00
lassulus
9572a73fe8
vars password-store: create tarball dir if not for users
2024-12-04 23:30:39 +01:00
lassulus
19a251d6fc
vars: add file mode
2024-12-04 23:30:39 +01:00
clan-bot
1511b14b3c
Merge pull request 'fix vars migration prompts. add secretsForUsers to vars interface and implement that for pass' ( #2551 ) from lassulus/clan-core:vars-stuff into main
2024-12-04 09:03:24 +00:00
DavHau
37ad4eaad5
vars: print() -> log.info()
2024-12-04 14:08:50 +07:00
DavHau
f5226ec7ff
vars: Improve logging for migration
2024-12-04 12:42:03 +07:00
lassulus
c6a713d393
cli vars generate: log in global context what is global
2024-12-03 22:29:25 +01:00
lassulus
d89ee46d7f
vars password-store: add neededForUsers option
2024-12-03 22:28:39 +01:00
lassulus
2916798e84
vars generate: show prompts only if not migrating
2024-12-03 22:25:16 +01:00
Qubasa
164c621dc0
clan-cli: Fix ignored debug flag in clan vms run, refactor Host.run to use RunOpts
2024-12-03 16:01:51 +01:00
lassulus
1b83fd27a8
cli vars: remove get_all from baseclass
2024-12-02 11:30:09 +01:00
DavHau
681c671391
vars/migration: remove useless check
2024-11-29 17:23:31 +07:00
DavHau
66ce80c096
vars: rename: invalidation -> validation
2024-11-29 17:23:31 +07:00
DavHau
03bcf6bba3
vars: generate docs for cli and module
2024-11-29 17:23:31 +07:00
lassulus
513431148e
vars: make upload actually upload
2024-11-28 21:00:12 +01:00
lassulus
d4fb4efd1f
cli vars upload: fix sops
2024-11-28 17:52:04 +01:00
clan-bot
a97d719a52
Merge pull request 'remove secretsUploadDirectory from common module' ( #2509 ) from lassulus/clan-core:no-secrets-upload-dir into main
2024-11-28 15:46:51 +00:00
lassulus
c00ac4a246
vars: remove secretsUploadDirectory from common module
2024-11-28 16:38:06 +01:00
Qubasa
d2719f3179
clan-cli: cmd.run now has its options extracted to a dataclass
2024-11-28 15:26:37 +01:00
Louis Opter
1ba27196d8
clan-cli: rebase sops changes on top of vars changes
...
vars changes in question are from commit: 54b8f5904e
2024-11-27 06:27:53 +00:00
Jörg Thalheim
45dfbf54db
vars: make interface more type-safe
2024-11-26 17:08:26 +01:00
Jörg Thalheim
8eb37903e0
test_vars: mock ask function instead of sys.stdin
2024-11-26 11:56:38 +00:00
DavHau
173436632d
vars: fix migration - secrets end up in public store
2024-11-26 17:02:11 +07:00
Qubasa
27b40849d1
clan-cli: Refactor ssh classes to dataclasses
2024-11-25 19:47:17 +01:00
Qubasa
41a84f5970
docs: Fix nix flake check problem with diskId
2024-11-25 18:39:16 +01:00
lassulus
19dce7694f
cli password-store: upload generators folder only if it has secrets
2024-11-22 22:34:09 +01:00
lassulus
045c9119f3
password-store: include filenames in manifest for upload check
2024-11-22 22:34:09 +01:00
lassulus
13b7d3c7ec
cli password-store: skip uploading non secret files
2024-11-22 22:34:09 +01:00
Qubasa
8866a85765
clan-cli: Refactor ssh part 2, Refactor custom_logger
2024-11-22 22:08:50 +01:00
Jörg Thalheim
5bf2afdf0e
vars: add VarStatus dataclass to make return type more readable
2024-11-20 10:20:06 +00:00
DavHau
3f62e143ec
vars: implement invalidation mechanism
...
This adds options `invalidationData` to generators.
`invalidationData` can be used by an author of a generator to signal if a re-generation is required after updating the logic.
Whenever a generator with invalidation data is executed, a hash of that data is stored by the respective public and/or secret backends.
The stored hashes will be checked on future deployments, and a re-generation is triggered whenever a hash doesn't match what's defined in nix.
2024-11-20 16:27:22 +07:00
Jörg Thalheim
a4e03a85eb
vars: don't print stack trace if generator fails
2024-11-19 09:46:14 +00:00
Jörg Thalheim
9c6e04fa3f
vars: introduce ensure_machine_has_access method for sops
...
this should help avoiding overriding existing shared secrets by not
triggering vars regeneration if a machine has no access.
wip
2024-11-19 09:46:14 +00:00
lassulus
8e1697a089
password-store owner & group support
2024-11-16 01:18:59 +01:00
Qubasa
250eed0798
clan-cli: upload.py -> Replace rsync with native ssh command
2024-11-15 22:03:47 +07:00
Jörg Thalheim
c98055c781
vars: introduce ensure_machine_has_access method for sops
...
this should help avoiding overriding existing shared secrets by not
triggering vars regeneration if a machine has no access.
wip
2024-11-14 15:37:55 +00:00
Jörg Thalheim
8f1e5ed1eb
vars/get: use machine_name as variable name
2024-11-14 15:37:55 +00:00
Jörg Thalheim
4a389b0fb3
vars/sops: simplify conditional in exists
2024-11-14 15:37:55 +00:00
lassulus
7ae7ac8bd1
cli vars password-store: fix file locations
2024-11-14 12:07:52 +01:00
lassulus
11ce774820
clan_cli vars: actually upload
2024-11-13 13:23:42 +01:00
DavHau
54b8f5904e
vars: allow re-encrypting secrets when recipient keys were added.
...
When the users of a secret change, when for example a new admin user is added, an error will be thrown when generating vars, prompting the user to pass --fix to re-encrypt the secrets
2024-11-13 18:49:30 +07:00
DavHau
236d9eaec3
vars,facts: update_check -> needs_upload
2024-11-13 13:34:15 +07:00
Jörg Thalheim
8e4067ee03
vars: fix case if we have two vars with where one is the prefix of another one
2024-11-12 16:11:39 +00:00
Jörg Thalheim
34410c6e17
vars: update message if vars are up-to-date
2024-11-08 15:43:10 +01:00
DavHau
7208c6dc82
vars: fix shared dependency was not resolved correctly
2024-10-23 20:43:33 +07:00
DavHau
db0fdba384
cli: set needs_user_terminal for all ssh commands
2024-10-23 19:40:50 +07:00
Jörg Thalheim
4230ae6750
ruff: enable warning lints
2024-10-23 09:06:02 +00:00
DavHau
cc43a46c53
vars: show full var_id when prompting
2024-10-16 13:13:41 +07:00
Jörg Thalheim
d97bda9c0d
{vars,facts}/upload: fix ipv6 support
2024-10-10 17:03:32 +02:00
