yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
7,964 Commits 119 Branches 6 Tags
f70f6d6d8066f07bf07fee8d535dcf14db7a85b3
Commit Graph

47 Commits

Author SHA1 Message Date
Michael Hoang
49bec8536b vars: don't use sops.secrets.*.restartUnits on macOS 2025-06-10 13:27:15 +07:00
Jörg Thalheim
7314f6b2ff vars: add restartUnits option 
For secrets not part of the nix store there is no other way in NixOS to
restart a service after the secret is updated. One example is changing
password in userborn, which doesn't run as a activation script but as a
systemd service.
 2025-05-28 16:44:19 +02:00
DavHau
aa557f3a96 vars: cleanup sops file module 2025-05-12 15:30:23 +07:00
vdbe
d445a353d5 clanCore/vars/sops: add sops & switch to builtins.path 2025-05-04 08:08:58 +02:00
Raymond Barbiero
222915a9ed clanCore/vars: allow mode to be set 
fmt
 2025-04-25 11:29:43 +02:00
Michael Hoang
a575894a83 nixosModules/clanCore: support nix-darwin 2025-04-22 23:14:03 +10:00
Pablo Ovelleiro Corral
42b58910a9 data-mesher: init module 
Co-authored-by: Brian McGee <brian@bmcgee.ie>
 2025-03-29 13:49:41 +00:00
Michael Hoang
160bbfcb37 cli: add morph command 2025-02-16 21:31:28 +07:00
Michael Hoang
0ec38c7919 vars: support secrets for partitioning the disk 2025-01-21 11:13:51 +00:00
clan-bot
72ca99e2c7 Merge pull request 'Migrate borgbackup module to vars' (#2741) from pinpox/clan-core:migrate-borgbackup-vars into main 2025-01-16 12:16:37 +00:00
Pablo Ovelleiro Corral
7a17a04698 Migrate borgbackup module to vars 2025-01-16 13:14:24 +01:00
Jörg Thalheim
f55b02e1c9 remove flip functions from sops code 2025-01-15 13:59:49 +00:00
Jörg Thalheim
41ceb40d13 matrix-synapse: migrate to vars 2025-01-14 14:16:19 +00:00
lassulus
3eaffe1ac6 pass move-mount-beneath: add more debug info 2025-01-12 11:17:22 +01:00
Johannes Kirschbauer
2c41e9f0c6 Chore:_migrate 'machineName' to 'settings.machine.name' 2024-12-31 14:55:50 +01:00
Johannes Kirschbauer
318a4f2d86 Chore: init settings submdule, move clanDir into settings submodule 2024-12-31 14:18:09 +01:00
lassulus
bffd0005be vars password-store: fix usage with newer vars 2024-12-25 22:09:52 +01:00
lassulus
d91f653a65 vars: allow setting files as needed for activation 2024-12-19 13:05:05 +01:00
lassulus
c888f01823 vars: eval finalScript lazy 2024-12-14 13:38:51 +01:00
lassulus
4b63296d5f vars sops: passthrough neededForUsers 2024-12-03 23:54:21 +01:00
lassulus
d89ee46d7f vars password-store: add neededForUsers option 2024-12-03 22:28:39 +01:00
Jörg Thalheim
e250332f4b fix sops deprecation warning 2024-12-03 11:13:17 +01:00
lassulus
5372066e04 vars password-store: fix secretLocation again :) 2024-11-30 18:01:23 +01:00
lassulus
893892aff4 vars password-store: fix secretLocation 2024-11-30 17:24:17 +01:00
lassulus
c00ac4a246 vars: remove secretsUploadDirectory from common module 2024-11-28 16:38:06 +01:00
lassulus
70a5910946 core password-store: define fileModule only if file is secret 2024-11-25 12:40:51 +01:00
lassulus
35cafe141b core password-store: set default location to not conflict with facts 2024-11-23 10:38:14 +01:00
lassulus
8ec33eb8cf core password-store: fix secret location 2024-11-22 22:34:09 +01:00
lassulus
0ef31a42df clan-cli password-store: silence move-mount output 2024-11-22 22:34:09 +01:00
lassulus
8e1697a089 password-store owner & group support 2024-11-16 01:18:59 +01:00
lassulus
7ae7ac8bd1 cli vars password-store: fix file locations 2024-11-14 12:07:52 +01:00
Jörg Thalheim
56bb9c4c5a vars: move owner/group to a sops namespace 
we want to allow users to use this feature but do not want to use this
option in our own module because it's not supported by password store.
 2024-10-31 12:10:57 +01:00
Louis Opter
f540ab91a1 vars: add the user and group options on files 
This changeset forwards the ownership control options from sops-nix.
 2024-10-23 09:05:53 +00:00
DavHau
53592837a9 vars: get rid of meta.json 2024-09-12 16:52:44 +02:00
DavHau
3c27cc31e9 vars/sops: load sops info from nix instead of filesystem 2024-09-12 16:30:21 +02:00
DavHau
8efcd65bed vars: global metadata paths for all store backends 
This also changes the paths where sops stores teh secret -> all sops secrets will have to be re-generated
 2024-09-03 16:30:01 +02:00
DavHau
ec055f7606 vars: introduce deploy=true/false for generated files 2024-09-01 14:32:46 +02:00
DavHau
1a27bfa8a8 Reapply + Fix "vars: fix - upload machines own secrets only" 
This reverts commit 0cd29daf88.
 2024-08-23 15:42:46 +02:00
DavHau
0cd29daf88 Revert "vars: fix - upload machines own secrets only" 
This reverts commit 2a8958f494.
 2024-08-21 14:59:05 +02:00
DavHau
2a8958f494 vars: fix - upload machines own secrets only 2024-08-21 14:47:41 +02:00
a-kenji
6130505177 vars: fix using vars module with multiple machines 
This filters the secrets to only include the secrets managed under `per-machine` and `shared`,
otherwise new deployments will fail, when using the vars module for multiple machines:

```
[vyr] /nix/store/[…]sops-install-secrets: failed to decrypt '/nix/store/[…]/sops/vars/per-machine/draper/garage/admin_token/secret': Error getting data key: 0 successful groups required, got 0
```

This doesn't fix all the edge cases with this approach.
We get a similar error if we deploy shared vars that are not
encrypted for our machine key. This needs to be addressed when
implementing the shared vars functionality.
 2024-08-17 14:00:56 +00:00
DavHau
b2646aa0fe tests: improve testing framework for impure vm tests 
Also fix computet sops secret paths for vars
 2024-08-04 13:40:12 +07:00
DavHau
2155675fc6 vars: fix bug when computing taarget path for sops 2024-07-29 12:09:59 +00:00
DavHau
a5065a1936 vars/sops: fix loading of vars from directory structure 2024-07-29 18:01:26 +07:00
DavHau
5bd20fcf2c vars: add support for password-store 2024-07-23 14:54:18 +07:00
DavHau
d21926db47 vars: implement secret generation 2024-07-11 11:37:17 +07:00
DavHau
3447a98bee vars: implement generating public variables via in_repo 2024-07-09 14:26:56 +07:00