yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,742 Commits 119 Branches 6 Tags
a0aaa5fc69673f05ea550c8435d1790280337aca
Commit Graph

5742 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Louis Opter
48268f7960 clan-cli: do not skip secrets.update_secrets when a group is removed 
We need to remove all keys that were in the group from affected secrets.

With this change we now take `group_name` as an argument in
`{add,remove}_member`, which is a little bit more readable than
`group_folder.parent.name`, and helps DRY the code a bit.
 2025-02-04 03:13:20 +00:00
Louis Opter
ef442ef316 clan-cli: secrets users add: make sure only one key argument was passed 
This is slightly better input validation FWIW.
 2025-02-04 03:13:20 +00:00
Louis Opter
81cf521d8c clan-cli: secrets: properly update secrets when an user is removed 
Fixes #2659.
 2025-02-04 03:13:20 +00:00
Louis Opter
36a54ead12 clan-cli: improve tests on clan secrets … 
When users or groups are updated :

- Check that keys are properly updated on sops secrets;
- Check that no dangling symlinks are left behind in sops secrets.

And when an user is removed from the clan, check that it is removed from
the groups it belonged to.

This doesn't check this works for vars explicitly, since they share the
same logic, see `secret_paths.extend(list_vars_secrets(flake_dir))` in
commit f2856cb773.

Those improvements allow us to validate that #2659 is indeed fixed, and
tell us that we need to make the same kind of fixes for machines and
groups. For groups this is straightforward, and for machines, when one
is deleted, I wanna discuss first whether we want to delete all its
secrets as well.
 2025-02-04 03:13:20 +00:00
Louis Opter
5fc9440a1e clan-cli: secrets: truly catch broken symlinks in collect_keys_for_type 2025-02-04 03:13:20 +00:00
Louis Opter
e2c6b7bffc clan-cli: secrets key generate: fix call to action message 
So that it makes sense when an already existing PGP key is specified.
 2025-02-04 03:13:20 +00:00
Louis Opter
26d07cf1f5 clan-cli: secrets: commit changes when group members are added or removed 2025-02-04 03:13:20 +00:00
Louis Opter
7be310062f clan-cli: honor clan.core.sops.defaultGroups option in vars fix 2025-02-04 03:13:20 +00:00
Louis Opter
66a9b22d66 clan-cli: secrets/sops: fix error message in maybe_get_admin_public_key 2025-02-04 03:13:20 +00:00
Johannes Kirschbauer
64812cd66b buildClan: add more eager tests 2025-02-03 12:00:47 +01:00
Johannes Kirschbauer
3cb3259c0f flake.nix: remove unused self reference 2025-02-03 12:00:47 +01:00
Johannes Kirschbauer
ba8ae04e5b buildClan: add depercation warnings for directory=self 2025-02-03 12:00:47 +01:00
Jörg Thalheim
eee6415261 fix infinite recursion 2025-02-03 12:00:47 +01:00
Clan Merge Bot
b013b9d6e7 update flake lock - treefmt-nix - 2025-02-03T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/f2cc121df15418d028a59c9737d38e3a90fbaf8f?narHash=sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo%3D' (2025-01-21)
  → 'github:numtide/treefmt-nix/bebf27d00f7d10ba75332a0541ac43676985dea3?narHash=sha256-j6jC12vCFsTGDmY2u1H12lMr62fnclNjuCtAdF1a4Nk%3D' (2025-01-28)
 2025-02-03 00:20:56 +00:00
Clan Merge Bot
da3608f348 update flake lock - flake-parts - 2025-02-03T00:00+00:00 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/b905f6fc23a9051a6e1b741e1438dbfc0634c6de?narHash=sha256-%2Bhu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU%3D' (2025-01-06)
  → 'github:hercules-ci/flake-parts/32ea77a06711b758da0ad9bd6a844c5740a87abd?narHash=sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm%2BzmZ7vxbJdo%3D' (2025-02-01)
 2025-02-03 00:00:03 +00:00
a-kenji
94362c1ff5 pkgs/clan: Fix typos 2025-02-02 23:20:39 +07:00
lassulus
18d7167fb3 test_api_dataclass_compat: exlcude flake.py 2025-02-02 11:52:36 +00:00
lassulus
02d450b905 clan-cli: add a Flake class with caching 2025-02-02 11:52:36 +00:00
lassulus
8e81cd08c8 clan-cli: add ipython to dev dependencies 2025-02-02 11:52:36 +00:00
lassulus
db417ecd13 clan-cli vars upload: add optional --directory 2025-02-02 11:52:36 +00:00
Jörg Thalheim
eb9055c813 buildClan/tests: make test_only_required minimal again 2025-02-02 10:40:50 +00:00
kenji
18d890aa98 Merge pull request 'clanModules/user-password: Add inventory feature' (#2796) from kenji/clan-core:feat-inventory/user-password into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2796
 2025-02-02 10:35:48 +00:00
a-kenji
f6466ead04 clanModules/root-password: Add inventory feature 2025-02-02 10:35:48 +00:00
kenji
72e1184cbd Merge pull request 'clanModules/root-password: Add inventory feature' (#2795) from kenji/clan-core:feat-inventory/root-password into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2795
 2025-02-02 10:32:58 +00:00
a-kenji
2fb312ccc1 clanModules/root-password: Add inventory feature 2025-02-02 10:32:58 +00:00
Jörg Thalheim
17fd387829 legacyPackages.evalTests-build-clan: fix comment to run tests 2025-02-02 10:30:26 +00:00
Jörg Thalheim
522156efc8 Do not deprecate directory argument 2025-02-02 10:30:26 +00:00
a-kenji
51113eb656 clanModules/root-password: Fix root-password persistence 2025-02-02 16:36:19 +07:00
Qubasa
3acf8bbb4b clan-cli: Fix clan flakes create not working in nix shell 2025-02-01 12:16:20 +07:00
Mic92
6f2cae4a53 Merge pull request 'container test with writeable nix store' (#2655) from container-test into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2655
 2025-01-31 11:51:00 +00:00
Jörg Thalheim
f579e62f2e container test: with writeable nix store 2025-01-31 11:51:00 +00:00
Qubasa
825b4abd37 clan-cli: Make clan machines create use templating.py 2025-01-31 18:07:48 +07:00
Jörg Thalheim
50e30a750d remove createFile legacy alias from vars/interface 
it's hard to filter this out in nix. So instead we just drop this
option.
 2025-01-31 10:29:35 +00:00
Qubasa
caaafdf5f9 clan-cli: Add test_clan_nix_attrset.py and minor fixups 2025-01-31 16:36:20 +07:00
Qubasa
8dd4b92a10 webview-ui: Fix create_clan js call 2025-01-30 17:26:41 +07:00
Qubasa
61762fdea3 clan-cli: Expand type_to_dict to support NewType and tuple types in dataclasses 2025-01-30 17:19:31 +07:00
Qubasa
0db5abf56a clan-cli: Make clan flakes create discover templates from inputs. Add clan flakes list command 2025-01-30 16:24:50 +07:00
Qubasa
9a79ea8e1d clan: Remove unecessary templates and modules interface 2025-01-29 19:24:15 +07:00
Qubasa
5ceec3844a clan-cli: Add from_host function to Host class 2025-01-29 19:18:02 +07:00
Qubasa
84b8838084 clan-cli: Add ruff to devShell again. Add missing type annotations 2025-01-29 19:16:34 +07:00
Qubasa
e7e96f3f95 Add importable clan.modules and clan.template interfaces without implementation 2025-01-27 17:35:42 +07:00
Clan Merge Bot
9e62135304 update flake lock - treefmt-nix - 2025-01-27T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/d1ed3b385f8130e392870cfb1dbfaff8a63a1899?narHash=sha256-uPNWcYbhY2fjY3HOfRCR5jsfzdzemhfxLSxwjXYXqNc%3D' (2025-01-17)
  → 'github:numtide/treefmt-nix/f2cc121df15418d028a59c9737d38e3a90fbaf8f?narHash=sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo%3D' (2025-01-21)
 2025-01-27 00:00:24 +00:00
Luis Hebendanz
f89042be79 Merge pull request 'clan: Add autoloaded clanModules from flake inputs. Rename 'directory' to 'self' in buildClan' (#2782) from Qubasa/clan-core:dynamic_clanModulesv2 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2782
Reviewed-by: lassulus <clanlol@lassul.us>
 2025-01-24 07:29:14 +00:00
Qubasa
ed6aaf5f0c clan: Add autoloaded clanModules from flake inputs. Rename 'directory' to 'self' in buildClan 2025-01-24 12:32:04 +07:00
Johannes Kirschbauer
83c6ad19eb Docs: change navigation to use tabs again 2025-01-23 13:49:55 +01:00
lassulus
e4826b5c53 vars: set persist to true if the script is empty 2025-01-22 19:36:19 +00:00
a-kenji
673935785d Fix various typos 2025-01-22 13:26:58 +01:00
a-kenji
fa54c0f1b5 Fix various typos 2025-01-22 13:19:28 +01:00
a-kenji
42e0928b55 clanModules/mycelium: init mycelium 
This adds a clanModule for `mycelium`.
`Mycelium` is an IPv6 overlay network written in Rust.
Each node that joins the overlay network will receive an overlay network IP in the 400::/7 range.

An example configuration might look like this in the inventory:

```nix
mycelium.default = {
  roles.peer.machines = [
    "berlin"
    "munich"
  ];
  config = {
    topLevelDomain = "m";
    openFirewall = true;
    addHostedPublicNodes = true;
  };
};
```

This will add the machines named `berlin` and `munich` to the `mycelium` vpn.
And will also set the toplevel domain of the mycelium vpn to `m`, meaning the
machines are now reachable via `berlin.m` and `munich.m`.
 2025-01-22 11:56:10 +00:00
hsjobeki
7ff0058bd6 Merge pull request 'Vars/Facts: improve api, fix some errors' (#2712) from hsjobeki/clan-core:zerotier into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2712
 2025-01-22 09:02:55 +00:00