yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,096 Commits 119 Branches 6 Tags
654e2c8c2cc250f4975db2afedb64ee7b3d1767d
Commit Graph

5096 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Louis Opter
c266ffce6f clan-cli: secrets: treemft 2024-11-27 06:27:53 +00:00
Louis Opter
f4e621af88 clan-cli: secrets.sops: improve age keys detection 
This change allows you to e.g. directly pass `$(age-keygen)` on the
command line.
 2024-11-27 06:27:53 +00:00
Louis Opter
775be88a9c clan-cli: filter any sops recipients set in the environment for encryption 
This forces sops to use our config file, otherwise if any of the
environment variables set to specify recipients is present then
`--config` will be ignored (see [env_check]).

That's simple enough, still I ended up refactoring how we call sops for
correctness, and to align with its behavior. The code now distinguishes
between public and private keys explicitly. `secrets.decrypt_secret`
does not try to lookup for public and private keys anymore.

With this changeset, some people might have to adjust their environment
as public age and PGP keys will be discovered like sops would do. In
particular if multiple public keys are discovered, then the user will
have to specify which one to use for the clan.

This also makes the following changes:

- try to use `/dev/shm` when swapping a secret (it's what [pass] does
  fwiw);
- alias immediate values for readability;
- remove some float comparison that could never succeed, and use sops'
  exit status instead;
- remove unused function `maybe_get_sops_key`.

[env_check]: 8c567aa8a7/cmd/sops/main.go (L2229)
[pass]: http://passwordstore.org/
 2024-11-27 06:27:53 +00:00
clan-bot
b71f99fd63 Merge pull request 'Automatic flake update - 2024-11-25T00:00+00:00' (#2484) from flake-update-2024-11-25 into main 2024-11-26 18:58:35 +00:00
Clan Merge Bot
47016d8d40 update flake lock - 2024-11-25T00:00+00:00 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/cb64993826fa7a477490be6ccb38ba1fa1e18fa8?narHash=sha256-f3SSp1axoOk0NAI7oFdRzbxG2XPBSIXC%2B/DaAXnvS1A%3D' (2024-11-16)
  → 'github:nix-community/disko/47bc8dfb6f48d5f66a3cb3a4cece83d8ace1f61a?narHash=sha256-B1MQLiWi4bbeNiRXKxEkpztnKyWae4x0LyK32v3DjLk%3D' (2024-11-24)
• Updated input 'nixos-facter-modules':
    'github:numtide/nixos-facter-modules/5a1c2a28589e34f8a44d46dd1909cfacf928cb1a?narHash=sha256-aIy8m4jjr/BFXzniNzoH16sF7HEFV/01/5b3FhtUHrw%3D' (2024-11-17)
  → 'github:numtide/nixos-facter-modules/862648589993a96480c2255197a28feea712f68f?narHash=sha256-zSQ2cR%2BNRJfHUVfkv%2BO6Wi53wXfzX8KHiO8fRfnvc0M%3D' (2024-11-22)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/85f7e662eda4fa3a995556527c87b2524b691933?narHash=sha256-JwQZIGSYnRNOgDDoIgqKITrPVil%2BRMWHsZH1eE1VGN0%3D' (2024-11-07)
  → 'github:NixOS/nixpkgs/8edf06bea5bcbee082df1b7369ff973b91618b8d?narHash=sha256-sQxuJm8rHY20xq6Ah%2BGwIUkF95tWjGRd1X8xF%2BPkk38%3D' (2024-11-22)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/472741cf3fee089241ac9ea705bb2b9e0bfa2978?narHash=sha256-NVUTFxKrJp/hjehlF1IvkPnlRYg/O9HFVutbxOM8zNM%3D' (2024-11-17)
  → 'github:Mic92/sops-nix/53c853fb1a7e4f25f68805ee25c83d5de18dc699?narHash=sha256-N9JGWe/T8BC0Tss2Cv30plvZUYoiRmykP7ZdY2on2b0%3D' (2024-11-21)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/746901bb8dba96d154b66492a29f5db0693dbfcc?narHash=sha256-vK%2Ba09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/%2BmaI%3D' (2024-10-30)
  → 'github:numtide/treefmt-nix/705df92694af7093dfbb27109ce16d828a79155f?narHash=sha256-5WSng844vXt8uytT5djmqBCkopyle6ciFgteuA9bJpw%3D' (2024-11-22)
 2024-11-26 19:52:15 +01:00
Mic92
50c7e44f5f Merge pull request 'vars: make interface more type-safe' (#2459) from vars into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2459
Reviewed-by: kenji <aks.kenji@protonmail.com>
 2024-11-26 16:15:55 +00:00
Jörg Thalheim
c9e80f38ca vars: make interface more type-safe 2024-11-26 17:08:26 +01:00
Jörg Thalheim
cd2ea0d735 vars: add name to generators 2024-11-26 15:26:16 +01:00
clan-bot
410856ce1a Merge pull request 'pkgs/cli: Add --password flag to machines install' (#2499) from kenji/clan-core:kenji-add-password-flag into main 2024-11-26 14:11:01 +00:00
clan-bot
c0a6c54a4c Merge pull request 'docs: Fix typo in clan module' (#2498) from kenji/clan-core:kenji-docs/fix/typ into main 2024-11-26 14:08:58 +00:00
a-kenji
22af137e17 pkgs/cli: Add --password flag to machines install 
Add `--password` flag to `clan machines install`,
which allows installing through the `nixos-image` installer
manually without extra configuration.
 2024-11-26 15:01:43 +01:00
a-kenji
c011d458b5 docs: Fix typo in clan module 2024-11-26 15:01:00 +01:00
clan-bot
6be9377ecb Merge pull request 'less verbose logging if commands fail' (#2497) from less-logging into main 2024-11-26 13:45:01 +00:00
Jörg Thalheim
f31864368c run tests less verbose in CI 2024-11-26 14:38:59 +01:00
Jörg Thalheim
fc9fcc5aa5 less verbose logging if commands fail 2024-11-26 14:38:59 +01:00
clan-bot
0bda886e23 Merge pull request 'chore: fix prettier formatter. Ignore symlinked asciinema-player' (#2496) from hsjobeki/clan-core:hsjobeki-main into main 2024-11-26 13:03:18 +00:00
Johannes Kirschbauer
5f306a7d75 UI/backButton: use button and icon component 2024-11-26 13:56:05 +01:00
Johannes Kirschbauer
ea98e6d190 UI/button: make children optional, fix layout shift 2024-11-26 13:56:05 +01:00
Johannes Kirschbauer
ce12fbd19b UI/components: init icon 2024-11-26 13:56:05 +01:00
Johannes Kirschbauer
56bcecf6cf chore: fix prettier formatter. Ignore symlinked asciinema-player 2024-11-26 13:56:05 +01:00
Mic92
164dd452f2 Merge pull request 'test_vars: mock ask function instead of sys.stdin' (#2493) from stdin into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2493
 2024-11-26 11:56:38 +00:00
Jörg Thalheim
39db147e48 test_vars: mock ask function instead of sys.stdin 2024-11-26 11:56:38 +00:00
clan-bot
4fdbadc7c5 Merge pull request 'App/fonts: use ArchivoSemiCondensed' (#2494) from hsjobeki/clan-core:hsjobeki-main into main 2024-11-26 11:27:55 +00:00
Johannes Kirschbauer
5ed2925d14 App/fonts: use ArchivoSemiCondensed 2024-11-26 12:21:43 +01:00
hsjobeki
c9ef3b5068 Merge pull request 'Clan App improvements' (#2492) from hsjobeki/clan-core:inventory-modules into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2492
 2024-11-26 10:44:06 +00:00
Johannes Kirschbauer
0811dd8e3e API/serde: add handling for serializing enum classes 2024-11-26 10:44:06 +00:00
Johannes Kirschbauer
7b9f40e224 App: improve exception logging 2024-11-26 10:44:06 +00:00
Johannes Kirschbauer
a6b35f70c6 ClanModules/zerotier: simplify nix code 2024-11-26 10:44:06 +00:00
clan-bot
68fddaec7e Merge pull request 'vars: fix migration - secrets end up in public store' (#2491) from DavHau/clan-core:DavHau-vars into main 2024-11-26 10:08:36 +00:00
DavHau
1881d7f0a5 vars: fix migration - secrets end up in public store 2024-11-26 17:02:11 +07:00
clan-bot
6acd0d0163 Merge pull request 'clan-cli: Remove tty.py' (#2490) from Qubasa/clan-core:Qubasa-main into main 2024-11-25 19:38:31 +00:00
Qubasa
1063ac661a clan-cli: Remove tty.py 2024-11-25 20:32:36 +01:00
clan-bot
a7686265da Merge pull request 'clan-vm-manager: Fix regression' (#2489) from Qubasa/clan-core:Qubasa-main into main 2024-11-25 19:15:03 +00:00
Luis Hebendanz
6d378f69d6 Merge pull request 'fix webirc url' (#2478) from dezren39/clan-core:dezren39-patch-1 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2478
 2024-11-25 19:11:30 +00:00
dezren39
07761a55b3 Update README.md 2024-11-25 19:11:30 +00:00
dezren39
011d6bcff0 Update README.md 2024-11-25 19:11:30 +00:00
dezren39
d3918ae33f fix webirc url 
Signed-off-by: dezren39 <drewrypope@gmail.com>
 2024-11-25 19:11:30 +00:00
Qubasa
aec2fdbf94 clan-vm-manager: Fix regression 2024-11-25 20:08:50 +01:00
clan-bot
f88ceeafed Merge pull request 'clan-cli: Refactor ssh classes to dataclasses' (#2488) from Qubasa/clan-core:Qubasa-main into main 2024-11-25 18:53:13 +00:00
Qubasa
b9154fddd2 clan-cli: Refactor ssh classes to dataclasses 2024-11-25 19:47:17 +01:00
clan-bot
e16990e493 Merge pull request 'docs: Fix nix flake check problem with diskId' (#2487) from Qubasa/clan-core:Qubasa-main into main 2024-11-25 17:45:47 +00:00
Qubasa
4e6051acdc docs: Fix nix flake check problem with diskId 2024-11-25 18:39:16 +01:00
clan-bot
205fbad669 Merge pull request 'core password-store: define fileModule only if file is secret' (#2486) from lassulus/clan-core:pass-fixes3 into main 2024-11-25 12:34:31 +00:00
lassulus
aee27ba441 core password-store: define fileModule only if file is secret 2024-11-25 12:40:51 +01:00
clan-bot
b9ff0b45e4 Merge pull request 'Automatic flake update - nixpkgs - 2024-11-25T00:00+00:00' (#2482) from flake-update-nixpkgs-2024-11-25 into main 2024-11-25 00:36:59 +00:00
clan-bot
df730e5a5e Merge pull request 'Automatic flake update - treefmt-nix - 2024-11-25T00:00+00:00' (#2485) from flake-update-treefmt-nix-2024-11-25 into main 2024-11-25 00:32:15 +00:00
clan-bot
e2496e92f9 Merge pull request 'Automatic flake update - sops-nix - 2024-11-25T00:00+00:00' (#2483) from flake-update-sops-nix-2024-11-25 into main 2024-11-25 00:25:51 +00:00
clan-bot
4d1507a9bb Merge pull request 'Automatic flake update - nixos-facter-modules - 2024-11-25T00:00+00:00' (#2481) from flake-update-nixos-facter-modules-2024-11-25 into main 2024-11-25 00:22:42 +00:00
Clan Merge Bot
533c195f72 update flake lock - treefmt-nix - 2024-11-25T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/746901bb8dba96d154b66492a29f5db0693dbfcc?narHash=sha256-vK%2Ba09qq19QNu2MlLcvN4qcRctJbqWkX7ahgPZ/%2BmaI%3D' (2024-10-30)
  → 'github:numtide/treefmt-nix/705df92694af7093dfbb27109ce16d828a79155f?narHash=sha256-5WSng844vXt8uytT5djmqBCkopyle6ciFgteuA9bJpw%3D' (2024-11-22)
 2024-11-25 00:00:41 +00:00
Clan Merge Bot
3b5b62f799 update flake lock - sops-nix - 2024-11-25T00:00+00:00 
Flake lock file updates:

• Updated input 'sops-nix':
    'github:Mic92/sops-nix/472741cf3fee089241ac9ea705bb2b9e0bfa2978?narHash=sha256-NVUTFxKrJp/hjehlF1IvkPnlRYg/O9HFVutbxOM8zNM%3D' (2024-11-17)
  → 'github:Mic92/sops-nix/53c853fb1a7e4f25f68805ee25c83d5de18dc699?narHash=sha256-N9JGWe/T8BC0Tss2Cv30plvZUYoiRmykP7ZdY2on2b0%3D' (2024-11-21)
 2024-11-25 00:00:37 +00:00