Qubasa
b9091beff9
clan-cli: Replace log.info to machine.info if applicable
2024-12-12 15:36:17 +01:00
Jörg Thalheim
9ad4e4d041
fix clan vars for public vars
2024-12-11 16:39:54 +01:00
Jörg Thalheim
e52e7ef3a0
improve error message if sops secret contains unknown key
2024-12-11 16:18:18 +01:00
lassulus
998ff92b51
vars: remove intermediate classes
2024-12-10 14:04:31 +01:00
lassulus
9129790e5c
vars: move ensure_consistent_state into health_check, move into store classes
2024-12-10 11:54:52 +00:00
Qubasa
65a5789c5b
clan-cli: Replace HostGroup and MachineGroup with generic AsyncRuntime class. Propagate cmd prefix over thread local. Close threads on CTRL+C
2024-12-09 18:07:23 +01:00
lassulus
c3f2a1e588
vars migration: raise error on incomplete migration, commit migrated files
2024-12-06 11:25:17 +01:00
lassulus
cfda7d6557
vars password-store: create tarball dir if not for users
2024-12-04 23:30:39 +01:00
lassulus
82fb1edc37
vars: add file mode
2024-12-04 23:30:39 +01:00
clan-bot
2b763152fb
Merge pull request 'fix vars migration prompts. add secretsForUsers to vars interface and implement that for pass' ( #2551 ) from lassulus/clan-core:vars-stuff into main
2024-12-04 09:03:24 +00:00
DavHau
439cde691f
vars: print() -> log.info()
2024-12-04 14:08:50 +07:00
DavHau
a11820b1d6
vars: Improve logging for migration
2024-12-04 12:42:03 +07:00
lassulus
996c5bdda1
cli vars generate: log in global context what is global
2024-12-03 22:29:25 +01:00
lassulus
e6eaa3cc03
vars password-store: add neededForUsers option
2024-12-03 22:28:39 +01:00
lassulus
9f5cd917de
vars generate: show prompts only if not migrating
2024-12-03 22:25:16 +01:00
Qubasa
570bceff4e
clan-cli: Fix ignored debug flag in clan vms run, refactor Host.run to use RunOpts
2024-12-03 16:01:51 +01:00
lassulus
c9f0e88164
cli vars: remove get_all from baseclass
2024-12-02 11:30:09 +01:00
DavHau
8d007867b3
vars/migration: remove useless check
2024-11-29 17:23:31 +07:00
DavHau
5c5a87d416
vars: rename: invalidation -> validation
2024-11-29 17:23:31 +07:00
DavHau
fbbfcc0aa5
vars: generate docs for cli and module
2024-11-29 17:23:31 +07:00
lassulus
936a9f555b
vars: make upload actually upload
2024-11-28 21:00:12 +01:00
lassulus
b746f393a6
cli vars upload: fix sops
2024-11-28 17:52:04 +01:00
clan-bot
894e31f983
Merge pull request 'remove secretsUploadDirectory from common module' ( #2509 ) from lassulus/clan-core:no-secrets-upload-dir into main
2024-11-28 15:46:51 +00:00
lassulus
8337a3ec41
vars: remove secretsUploadDirectory from common module
2024-11-28 16:38:06 +01:00
Qubasa
1f98df96e3
clan-cli: cmd.run now has its options extracted to a dataclass
2024-11-28 15:26:37 +01:00
Louis Opter
07cd22393a
clan-cli: rebase sops changes on top of vars changes
...
vars changes in question are from commit: 8b94bc71bc
2024-11-27 06:27:53 +00:00
Jörg Thalheim
c9e80f38ca
vars: make interface more type-safe
2024-11-26 17:08:26 +01:00
Jörg Thalheim
39db147e48
test_vars: mock ask function instead of sys.stdin
2024-11-26 11:56:38 +00:00
DavHau
1881d7f0a5
vars: fix migration - secrets end up in public store
2024-11-26 17:02:11 +07:00
Qubasa
b9154fddd2
clan-cli: Refactor ssh classes to dataclasses
2024-11-25 19:47:17 +01:00
Qubasa
4e6051acdc
docs: Fix nix flake check problem with diskId
2024-11-25 18:39:16 +01:00
lassulus
22c5e8ca8b
cli password-store: upload generators folder only if it has secrets
2024-11-22 22:34:09 +01:00
lassulus
52b2b1c350
password-store: include filenames in manifest for upload check
2024-11-22 22:34:09 +01:00
lassulus
2c839ae768
cli password-store: skip uploading non secret files
2024-11-22 22:34:09 +01:00
Qubasa
979e5e839d
clan-cli: Refactor ssh part 2, Refactor custom_logger
2024-11-22 22:08:50 +01:00
Jörg Thalheim
952a5f3ee7
vars: add VarStatus dataclass to make return type more readable
2024-11-20 10:20:06 +00:00
DavHau
d4c8b2e4ed
vars: implement invalidation mechanism
...
This adds options `invalidationData` to generators.
`invalidationData` can be used by an author of a generator to signal if a re-generation is required after updating the logic.
Whenever a generator with invalidation data is executed, a hash of that data is stored by the respective public and/or secret backends.
The stored hashes will be checked on future deployments, and a re-generation is triggered whenever a hash doesn't match what's defined in nix.
2024-11-20 16:27:22 +07:00
Jörg Thalheim
68a5d072b2
vars: don't print stack trace if generator fails
2024-11-19 09:46:14 +00:00
Jörg Thalheim
2b270a8951
vars: introduce ensure_machine_has_access method for sops
...
this should help avoiding overriding existing shared secrets by not
triggering vars regeneration if a machine has no access.
wip
2024-11-19 09:46:14 +00:00
lassulus
8f0c575425
password-store owner & group support
2024-11-16 01:18:59 +01:00
Qubasa
26730cd662
clan-cli: upload.py -> Replace rsync with native ssh command
2024-11-15 22:03:47 +07:00
Jörg Thalheim
4de97616bc
vars: introduce ensure_machine_has_access method for sops
...
this should help avoiding overriding existing shared secrets by not
triggering vars regeneration if a machine has no access.
wip
2024-11-14 15:37:55 +00:00
Jörg Thalheim
673717fe8c
vars/get: use machine_name as variable name
2024-11-14 15:37:55 +00:00
Jörg Thalheim
91d2018bb7
vars/sops: simplify conditional in exists
2024-11-14 15:37:55 +00:00
lassulus
faf0946c99
cli vars password-store: fix file locations
2024-11-14 12:07:52 +01:00
lassulus
ddc7afd67d
clan_cli vars: actually upload
2024-11-13 13:23:42 +01:00
DavHau
8b94bc71bc
vars: allow re-encrypting secrets when recipient keys were added.
...
When the users of a secret change, when for example a new admin user is added, an error will be thrown when generating vars, prompting the user to pass --fix to re-encrypt the secrets
2024-11-13 18:49:30 +07:00
DavHau
4ec218a200
vars,facts: update_check -> needs_upload
2024-11-13 13:34:15 +07:00
Jörg Thalheim
b67919b94d
vars: fix case if we have two vars with where one is the prefix of another one
2024-11-12 16:11:39 +00:00
Jörg Thalheim
eb1daad08d
vars: update message if vars are up-to-date
2024-11-08 15:43:10 +01:00
