yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,708 Commits 120 Branches 6 Tags
aa98c33d407e6cc6e105048fb5de4b6e78bd6654
Commit Graph

1793 Commits

Author SHA1 Message Date
Jörg Thalheim
638710818b fix mypy 2025-02-04 04:02:42 +00:00
Louis Opter
48268f7960 clan-cli: do not skip secrets.update_secrets when a group is removed 
We need to remove all keys that were in the group from affected secrets.

With this change we now take `group_name` as an argument in
`{add,remove}_member`, which is a little bit more readable than
`group_folder.parent.name`, and helps DRY the code a bit.
 2025-02-04 03:13:20 +00:00
Louis Opter
ef442ef316 clan-cli: secrets users add: make sure only one key argument was passed 
This is slightly better input validation FWIW.
 2025-02-04 03:13:20 +00:00
Louis Opter
81cf521d8c clan-cli: secrets: properly update secrets when an user is removed 
Fixes #2659.
 2025-02-04 03:13:20 +00:00
Louis Opter
36a54ead12 clan-cli: improve tests on clan secrets … 
When users or groups are updated :

- Check that keys are properly updated on sops secrets;
- Check that no dangling symlinks are left behind in sops secrets.

And when an user is removed from the clan, check that it is removed from
the groups it belonged to.

This doesn't check this works for vars explicitly, since they share the
same logic, see `secret_paths.extend(list_vars_secrets(flake_dir))` in
commit f2856cb773.

Those improvements allow us to validate that #2659 is indeed fixed, and
tell us that we need to make the same kind of fixes for machines and
groups. For groups this is straightforward, and for machines, when one
is deleted, I wanna discuss first whether we want to delete all its
secrets as well.
 2025-02-04 03:13:20 +00:00
Louis Opter
5fc9440a1e clan-cli: secrets: truly catch broken symlinks in collect_keys_for_type 2025-02-04 03:13:20 +00:00
Louis Opter
e2c6b7bffc clan-cli: secrets key generate: fix call to action message 
So that it makes sense when an already existing PGP key is specified.
 2025-02-04 03:13:20 +00:00
Louis Opter
26d07cf1f5 clan-cli: secrets: commit changes when group members are added or removed 2025-02-04 03:13:20 +00:00
Louis Opter
7be310062f clan-cli: honor clan.core.sops.defaultGroups option in vars fix 2025-02-04 03:13:20 +00:00
Louis Opter
66a9b22d66 clan-cli: secrets/sops: fix error message in maybe_get_admin_public_key 2025-02-04 03:13:20 +00:00
a-kenji
94362c1ff5 pkgs/clan: Fix typos 2025-02-02 23:20:39 +07:00
lassulus
18d7167fb3 test_api_dataclass_compat: exlcude flake.py 2025-02-02 11:52:36 +00:00
lassulus
02d450b905 clan-cli: add a Flake class with caching 2025-02-02 11:52:36 +00:00
lassulus
8e81cd08c8 clan-cli: add ipython to dev dependencies 2025-02-02 11:52:36 +00:00
lassulus
db417ecd13 clan-cli vars upload: add optional --directory 2025-02-02 11:52:36 +00:00
Qubasa
3acf8bbb4b clan-cli: Fix clan flakes create not working in nix shell 2025-02-01 12:16:20 +07:00
Qubasa
825b4abd37 clan-cli: Make clan machines create use templating.py 2025-01-31 18:07:48 +07:00
Qubasa
caaafdf5f9 clan-cli: Add test_clan_nix_attrset.py and minor fixups 2025-01-31 16:36:20 +07:00
Qubasa
61762fdea3 clan-cli: Expand type_to_dict to support NewType and tuple types in dataclasses 2025-01-30 17:19:31 +07:00
Qubasa
0db5abf56a clan-cli: Make clan flakes create discover templates from inputs. Add clan flakes list command 2025-01-30 16:24:50 +07:00
Qubasa
5ceec3844a clan-cli: Add from_host function to Host class 2025-01-29 19:18:02 +07:00
Qubasa
84b8838084 clan-cli: Add ruff to devShell again. Add missing type annotations 2025-01-29 19:16:34 +07:00
Qubasa
ed6aaf5f0c clan: Add autoloaded clanModules from flake inputs. Rename 'directory' to 'self' in buildClan 2025-01-24 12:32:04 +07:00
a-kenji
fa54c0f1b5 Fix various typos 2025-01-22 13:19:28 +01:00
Johannes Kirschbauer
f0d5cad992 Vars/tests: secrets dont raise backend error depending on the previous backend 2025-01-22 09:02:55 +00:00
Johannes Kirschbauer
119e161c6c Facts/api: export method for getting the public store 2025-01-22 09:02:55 +00:00
Johannes Kirschbauer
6bcd41d143 Vars/secrets-store: omit folder exists errors for secrets 2025-01-22 09:02:55 +00:00
Jörg Thalheim
6203b4f14f clan/update: deploy_machine -> deploy_machines 2025-01-21 15:20:38 +01:00
Michael Hoang
f0a07bbfae flash: don't allow partitioning time secrets 2025-01-21 11:13:51 +00:00
Michael Hoang
7ee0e2afbf vars: support secrets for partitioning the disk 2025-01-21 11:13:51 +00:00
Jörg Thalheim
8c667a162a use nix flake archive in clan machines update for git+file flake inputs 2025-01-20 10:49:25 +01:00
Michael Hoang
f199030119 install: support -i flag for specifying SSH private key 2025-01-19 18:53:18 +11:00
Jörg Thalheim
58e3dc9df2 fix getting-started deploy link4 2025-01-17 14:08:58 +00:00
lassulus
86d449c8d1 clan-cli: exit with errorcode also in debug mode 2025-01-17 11:37:03 +00:00
DavHau
5ce72dd261 tests: reduce unnecessary rebuilds of several tests 
Some test were referring to the whole source code via ${self} which amde them rebuild on every single commit.

This is not mitigated by introduceing `self.filter { include = [...]; }` allowin to a content addressed subset of the source code in tests.
 2025-01-17 17:00:18 +07:00
clan-bot
4c284bb86b Merge pull request 'Migrate borgbackup module to vars' (#2741) from pinpox/clan-core:migrate-borgbackup-vars into main 2025-01-16 12:16:37 +00:00
Pablo Ovelleiro Corral
038083bece Migrate borgbackup module to vars 2025-01-16 13:14:24 +01:00
Jörg Thalheim
cb8ca601e2 switch to nixos-facter for hardware-config 2025-01-15 13:59:49 +00:00
Johannes Kirschbauer
f16f68c77b Fix: remove password from facts store tests 2025-01-14 17:19:51 +01:00
Johannes Kirschbauer
14261b8a8c Fix: secret facts store test 2025-01-14 17:19:50 +01:00
Jörg Thalheim
3bcbc8fa3d reformat after update 2025-01-14 15:30:29 +01:00
Pablo Ovelleiro Corral
e4d3c03392 Implement clan ssh <hostname> 
Fixes #2317
 2025-01-11 23:15:39 +01:00
DavHau
4a9ae3a45f vars: rename createFile -> persist 2025-01-11 04:19:46 +00:00
Qubasa
06a85faca6 clan-app: Add gpg to allowed-programs.json 2025-01-11 10:52:22 +07:00
Qubasa
c6d5eb5037 clan-app: Fix default.nix 2025-01-11 10:52:22 +07:00
clan-bot
e3b54e62de Merge pull request 'Fix clan state list command' (#2716) from pinpox/clan-core:fix-state-list-command into main 2025-01-11 00:45:39 +00:00
Pablo Ovelleiro Corral
fd13e14c15 Fix clan state list command 2025-01-11 01:39:41 +01:00
Johannes Kirschbauer
fbaf9065bf Disk Templates: Fix invalid toml frontmatter 2025-01-10 12:06:41 +00:00
Johannes Kirschbauer
06869a4d27 API/vars: use string based interfaces to get and set vars to avoid state mutations 2025-01-10 12:06:01 +00:00
Qubasa
3d0b2948f3 docs: Add debugging.md and repo-layout.md guides 2025-01-09 13:01:49 +00:00