yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
4,345 Commits 119 Branches 6 Tags
b1d88e5ac35ccc5f113509daaf63852fd1034b80
Commit Graph

4345 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
clan-bot
b1d88e5ac3 Merge pull request 'Automatic flake update - nixos-facter-modules - 2024-10-07T00:00+00:00' (#2211) from flake-update-nixos-facter-modules-2024-10-07 into main 2024-10-07 00:57:48 +00:00
clan-bot
c09b2e5903 Merge pull request 'Automatic flake update - 2024-10-07T00:00+00:00' (#2213) from flake-update-2024-10-07 into main 2024-10-07 00:48:57 +00:00
clan-bot
9f6cfd44da Merge pull request 'Automatic flake update - treefmt-nix - 2024-10-07T00:00+00:00' (#2216) from flake-update-treefmt-nix-2024-10-07 into main 2024-10-07 00:47:32 +00:00
clan-bot
f00997fc1b Merge pull request 'Automatic flake update - sops-nix - 2024-10-07T00:00+00:00' (#2215) from flake-update-sops-nix-2024-10-07 into main 2024-10-07 00:45:13 +00:00
clan-bot
c60bf9825f Merge pull request 'Automatic flake update - nixos-images - 2024-10-07T00:00+00:00' (#2212) from flake-update-nixos-images-2024-10-07 into main 2024-10-07 00:43:34 +00:00
clan-bot
f3783bc2b5 Merge pull request 'Automatic flake update - disko - 2024-10-07T00:00+00:00' (#2209) from flake-update-disko-2024-10-07 into main 2024-10-07 00:39:29 +00:00
clan-bot
9d1114a05d Merge pull request 'Automatic flake update - flake-parts - 2024-10-07T00:00+00:00' (#2210) from flake-update-flake-parts-2024-10-07 into main 2024-10-07 00:39:16 +00:00
clan-bot
dbdcf42a54 Merge pull request 'Automatic flake update - nixpkgs - 2024-10-07T00:00+00:00' (#2214) from flake-update-nixpkgs-2024-10-07 into main 2024-10-07 00:39:15 +00:00
Clan Merge Bot
017d0da9a4 update flake lock - treefmt-nix - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/879b29ae9a0378904fbbefe0dadaed43c8905754' (2024-09-27)
  → 'github:numtide/treefmt-nix/4446c7a6fc0775df028c5a3f6727945ba8400e64' (2024-10-03)
 2024-10-07 00:00:33 +00:00
Clan Merge Bot
6f7456e0b6 update flake lock - sops-nix - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'sops-nix':
    'github:Mic92/sops-nix/127a96f49ddc377be6ba76964411bab11ae27803' (2024-09-27)
  → 'github:Mic92/sops-nix/2750ed784e93e745a33fb55be7c2657adfb57c00' (2024-10-06)
 2024-10-07 00:00:31 +00:00
Clan Merge Bot
bad9d27134 update flake lock - nixpkgs - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7eee17a8a5868ecf596bbb8c8beb527253ea8f4d' (2024-09-29)
  → 'github:NixOS/nixpkgs/50b3bd3fed0442bcbf7f58355e990da84af1749d' (2024-10-06)
 2024-10-07 00:00:29 +00:00
Clan Merge Bot
79b6595c5f update flake lock - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/b709e1cc33fcde71c7db43850a55ebe6449d0959' (2024-09-28)
  → 'github:nix-community/disko/48ebb577855fb2398653f033b3b2208a9249203d' (2024-10-05)
• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a' (2024-09-12)
  → 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01)
• Updated input 'nixos-facter-modules':
    'github:numtide/nixos-facter-modules/e1ac6a83a5733788833fdff12aa074b5bdfdc965' (2024-09-29)
  → 'github:numtide/nixos-facter-modules/ec6ef7d5495bb5db1b6991791625eb22d108e954' (2024-09-30)
• Updated input 'nixos-images':
    'github:nix-community/nixos-images/acd37edb645a00b051f2ac88e02a2eb0ed459db6' (2024-09-26)
  → 'github:nix-community/nixos-images/c6d733b5cb6c07b5650298d3d6b685dc5dece7f8' (2024-10-03)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/7eee17a8a5868ecf596bbb8c8beb527253ea8f4d' (2024-09-29)
  → 'github:NixOS/nixpkgs/50b3bd3fed0442bcbf7f58355e990da84af1749d' (2024-10-06)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/127a96f49ddc377be6ba76964411bab11ae27803' (2024-09-27)
  → 'github:Mic92/sops-nix/2750ed784e93e745a33fb55be7c2657adfb57c00' (2024-10-06)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/879b29ae9a0378904fbbefe0dadaed43c8905754' (2024-09-27)
  → 'github:numtide/treefmt-nix/4446c7a6fc0775df028c5a3f6727945ba8400e64' (2024-10-03)
 2024-10-07 00:00:25 +00:00
Clan Merge Bot
a7943f4341 update flake lock - nixos-images - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'nixos-images':
    'github:nix-community/nixos-images/acd37edb645a00b051f2ac88e02a2eb0ed459db6' (2024-09-26)
  → 'github:nix-community/nixos-images/c6d733b5cb6c07b5650298d3d6b685dc5dece7f8' (2024-10-03)
 2024-10-07 00:00:08 +00:00
Clan Merge Bot
cfc1568f62 update flake lock - nixos-facter-modules - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'nixos-facter-modules':
    'github:numtide/nixos-facter-modules/e1ac6a83a5733788833fdff12aa074b5bdfdc965' (2024-09-29)
  → 'github:numtide/nixos-facter-modules/ec6ef7d5495bb5db1b6991791625eb22d108e954' (2024-09-30)
 2024-10-07 00:00:05 +00:00
Clan Merge Bot
7a8b285d2c update flake lock - flake-parts - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a' (2024-09-12)
  → 'github:hercules-ci/flake-parts/3d04084d54bedc3d6b8b736c70ef449225c361b1' (2024-10-01)
 2024-10-07 00:00:03 +00:00
Clan Merge Bot
c48718990c update flake lock - disko - 2024-10-07T00:00+00:00 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/b709e1cc33fcde71c7db43850a55ebe6449d0959' (2024-09-28)
  → 'github:nix-community/disko/48ebb577855fb2398653f033b3b2208a9249203d' (2024-10-05)
 2024-10-07 00:00:01 +00:00
clan-bot
f65f94556b Merge pull request 'clan-cli: Improve CmdOut output' (#2207) from Qubasa/clan-core:Qubasa-main into main 2024-10-06 23:44:12 +00:00
Qubasa
a80d7cc3f0 clan-cli: Improve CmdOut output 2024-10-07 01:36:40 +02:00
clan-bot
c4506d47d7 Merge pull request 'clan-cli: Add --host-key-check to machine update' (#2206) from Qubasa/clan-core:Qubasa-main into main 2024-10-05 21:40:03 +00:00
Qubasa
99c5bd2b50 clan-cli: Add --host-key-check to machine update 2024-10-05 23:33:44 +02:00
clan-bot
1e6bc9cfd3 Merge pull request 'clan-cli: Fix bug where --target_host is getting ignored' (#2205) from Qubasa/clan-core:Qubasa-main into main 2024-10-05 16:59:17 +00:00
Qubasa
5967bb347c clan-cli: Fix bug where --target_host is getting ignored 2024-10-05 18:51:44 +02:00
Mic92
9530d6aee7 Merge pull request 'vars/keygen: adapt to new sops api' (#2204) from gpg-take-2 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2204
 2024-10-04 16:36:35 +00:00
Jörg Thalheim
558fa436e8 vars/keygen: adept to new sops api 2024-10-04 16:36:35 +00:00
Jörg Thalheim
1666513e91 Revert "Merge pull request 'Revert "Merge pull request 'clan-cli: secrets: Add support for PGP keys with sops-nix' (#2186) from lopter/clan-core:lo-sops-nix-pgp-support into main"' (#2202) from revert into main" 
This reverts commit a5496e8db0, reversing
changes made to 9bb1aef245.
 2024-10-04 16:36:35 +00:00
clan-bot
3d3324155b Merge pull request 'Revert "vars: refactor - copy logic to sops secret module"' (#2203) from DavHau/clan-core:DavHau-vars-migration into main 2024-10-04 16:27:24 +00:00
DavHau
8f16cf0282 Revert "vars: refactor - copy logic to sops secret module" 
This reverts commit ae53ea7399.
 2024-10-04 18:20:53 +02:00
Mic92
a5496e8db0 Merge pull request 'Revert "Merge pull request 'clan-cli: secrets: Add support for PGP keys with sops-nix' (#2186) from lopter/clan-core:lo-sops-nix-pgp-support into main"' (#2202) from revert into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2202
 2024-10-04 16:12:27 +00:00
Jörg Thalheim
084ebf9edc Revert "Merge pull request 'clan-cli: secrets: Add support for PGP keys with sops-nix' (#2186) from lopter/clan-core:lo-sops-nix-pgp-support into main" 
This reverts commit 5668fd05a0, reversing
changes made to dd17fbdc6d.

Reverting for now as Dave's recent change conflicts with this change.
 2024-10-04 17:54:29 +02:00
Mic92
9bb1aef245 Merge pull request 'iwd: add AutoConnect option' (#2194) from nim65s/clan-core:autoconnect into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2194
 2024-10-04 15:39:13 +00:00
Guilhem Saurel
5046bfef10 iwd: add AutoConnect option 2024-10-04 15:39:13 +00:00
Mic92
5668fd05a0 Merge pull request 'clan-cli: secrets: Add support for PGP keys with sops-nix' (#2186) from lopter/clan-core:lo-sops-nix-pgp-support into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2186
 2024-10-04 15:36:30 +00:00
Louis Opter
81f162d4e6 Update tests for clan secrets 2024-10-04 15:36:30 +00:00
Louis Opter
ab46e3c1e2 Improvements for clan secrets key generate. 
I am not sure to understand what `extract_public_key` was for. It seems
like `age-keygen -y` will just work fine for a file like
`extract_public_key` is looking for. Unless someone intentionally made a
file with a comment like that without the private key in it.

Messages are moved to stdout rather being logged. It feels like the
output is meaningful in the first step users are going to take. Also
makes testing easier, as log messages are captured differently than
stdout. The call to add an user is changed to be easier to copy paste
and work whether PGP or age is in use.

A description for the command is added instead of help which does not
seem to be displayed.
 2024-10-04 15:36:30 +00:00
Louis Opter
611d8b40f3 Make clan_cli.secrets.sops.SopsKey immutable and remove its __eq__ method 
Immutability seems sensible for this type.

There is some ambiguity on how to compare keys, in particular when `user.name == ""`, but the rest matches.
 2024-10-04 15:36:30 +00:00
Louis Opter
69b9f1ae23 fix: clan secrets user get dump the user identity correctly 2024-10-04 15:36:30 +00:00
Louis Opter
cf492b15aa Fix key dump in clan secrets key show 
```
In [4]: str(Type.AGE)
Out[4]: Type.AGE

In [5]: Type.AGE.name.lower()
Out[5]: age
```
 2024-10-04 15:36:30 +00:00
Jörg Thalheim
5d87bc2435 secrets/show: pretty print json 2024-10-04 15:36:30 +00:00
Jörg Thalheim
105e6bd86a secrets: replace Key, key type tuple with SopsKey class 2024-10-04 15:36:30 +00:00
Jörg Thalheim
160fe82576 fix serialisation of SopsKey type 2024-10-04 15:36:30 +00:00
Jörg Thalheim
9c25b4d61c error if we cannot load a dataclass from file 2024-10-04 15:36:30 +00:00
Jörg Thalheim
ca4ff0611c default key type to age and rename to age-key/pgp-key 2024-10-04 15:36:30 +00:00
Jörg Thalheim
4cd4334b1c secrets: do not shadow python builtins 2024-10-04 15:36:30 +00:00
Louis Opter
d18c0fa3ae Fix: do not assume users use age keys in vars/sops 
With added support for PGP for users keys, do not assume an age key is
going to be present in secrets files.
 2024-10-04 15:36:30 +00:00
Louis Opter
b2e796145a Fix: use new sops api in clan secrets machines 2024-10-04 15:36:30 +00:00
Louis Opter
7a673ea95f Draft: clan-cli: secrets: Add support for PGP keys with sops-nix 
To use a PGP key instead of an age key you can set `SOPS_PGP_FP`. (You
can use `gpg -k --fingerprint --fingerprint` to get your PGP encryption
key fingerprint, remove spaces from it).

The internal manifest file already supported a type field, and so I built
from there.

With those changes, I was able to add my PGP key, and update all my
secrets with it, instead of the age key originally generated:

```
% clan secrets key show | jq
{
  "key": "ADB6276965590A096004F6D1E114CBAE8FA29165",
  "type": "pgp"
}
% clan secrets key update
% for s in $(clan secrets list) ; do clan secrets users add-secret kal-pgp-from-2022-12-to-2024-12 "$s"; done
% for s in $(clan secrets list) ; do clan secrets users remove-secret --debug kal "$s" ; done
```
 2024-10-04 15:36:30 +00:00
clan-bot
dd17fbdc6d Merge pull request 'vars/keygen: fix + cleanup tests' (#2201) from DavHau/clan-core:DavHau-vars-migration into main 2024-10-04 15:32:31 +00:00
DavHau
11c37ebeba vars/keygen: fix + cleanup tests 
- generate keys in ./sops instead of ./sops/vars for now
- don't initialize all flakes with sops keys, only generate when needed
- use the new 'clan vars keygen' in tests
 2024-10-04 17:25:17 +02:00
clan-bot
73daa2ecc1 Merge pull request 'vars: add 'clan vars keygen'' (#2200) from DavHau/clan-core:DavHau-vars-migration into main 2024-10-04 14:21:10 +00:00
DavHau
2a9ced1e26 vars: add 'clan vars keygen' 2024-10-04 16:13:49 +02:00