yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
5,593 Commits 119 Branches 6 Tags
f85fd9ccc1fd8171de2a9c08f99dfd626caac9b1
Commit Graph

5593 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mic92
f85fd9ccc1 Merge pull request 'clan-cli: fix keys and symlinks updates when users, machines, or groups are updated' (#2781) from lopter/clan-core:lo-fix-secrets-user-remove into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2781
 2025-02-04 03:13:20 +00:00
Louis Opter
e88c8a8f2d clan-cli: do not skip secrets.update_secrets when a group is removed 
We need to remove all keys that were in the group from affected secrets.

With this change we now take `group_name` as an argument in
`{add,remove}_member`, which is a little bit more readable than
`group_folder.parent.name`, and helps DRY the code a bit.
 2025-02-04 03:13:20 +00:00
Louis Opter
509a1bcb94 clan-cli: secrets users add: make sure only one key argument was passed 
This is slightly better input validation FWIW.
 2025-02-04 03:13:20 +00:00
Louis Opter
23d759219f clan-cli: secrets: properly update secrets when an user is removed 
Fixes #2659.
 2025-02-04 03:13:20 +00:00
Louis Opter
c99296aae8 clan-cli: improve tests on clan secrets … 
When users or groups are updated :

- Check that keys are properly updated on sops secrets;
- Check that no dangling symlinks are left behind in sops secrets.

And when an user is removed from the clan, check that it is removed from
the groups it belonged to.

This doesn't check this works for vars explicitly, since they share the
same logic, see `secret_paths.extend(list_vars_secrets(flake_dir))` in
commit 7466445653.

Those improvements allow us to validate that #2659 is indeed fixed, and
tell us that we need to make the same kind of fixes for machines and
groups. For groups this is straightforward, and for machines, when one
is deleted, I wanna discuss first whether we want to delete all its
secrets as well.
 2025-02-04 03:13:20 +00:00
Louis Opter
947095ad13 clan-cli: secrets: truly catch broken symlinks in collect_keys_for_type 2025-02-04 03:13:20 +00:00
Louis Opter
34b36fa309 clan-cli: secrets key generate: fix call to action message 
So that it makes sense when an already existing PGP key is specified.
 2025-02-04 03:13:20 +00:00
Louis Opter
67f26a3abe clan-cli: secrets: commit changes when group members are added or removed 2025-02-04 03:13:20 +00:00
Louis Opter
30c7e32a3d clan-cli: honor clan.core.sops.defaultGroups option in vars fix 2025-02-04 03:13:20 +00:00
Louis Opter
9387d64619 clan-cli: secrets/sops: fix error message in maybe_get_admin_public_key 2025-02-04 03:13:20 +00:00
Johannes Kirschbauer
dc02296243 buildClan: add more eager tests 2025-02-03 12:00:47 +01:00
Johannes Kirschbauer
0a27576021 flake.nix: remove unused self reference 2025-02-03 12:00:47 +01:00
Johannes Kirschbauer
2341b0e673 buildClan: add depercation warnings for directory=self 2025-02-03 12:00:47 +01:00
Jörg Thalheim
6f1ab30881 fix infinite recursion 2025-02-03 12:00:47 +01:00
Clan Merge Bot
45058ff818 update flake lock - treefmt-nix - 2025-02-03T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/f2cc121df15418d028a59c9737d38e3a90fbaf8f?narHash=sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo%3D' (2025-01-21)
  → 'github:numtide/treefmt-nix/bebf27d00f7d10ba75332a0541ac43676985dea3?narHash=sha256-j6jC12vCFsTGDmY2u1H12lMr62fnclNjuCtAdF1a4Nk%3D' (2025-01-28)
 2025-02-03 00:20:56 +00:00
Clan Merge Bot
ffbf2ff801 update flake lock - flake-parts - 2025-02-03T00:00+00:00 
Flake lock file updates:

• Updated input 'flake-parts':
    'github:hercules-ci/flake-parts/b905f6fc23a9051a6e1b741e1438dbfc0634c6de?narHash=sha256-%2Bhu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU%3D' (2025-01-06)
  → 'github:hercules-ci/flake-parts/32ea77a06711b758da0ad9bd6a844c5740a87abd?narHash=sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm%2BzmZ7vxbJdo%3D' (2025-02-01)
 2025-02-03 00:00:03 +00:00
a-kenji
1694f8b3a8 pkgs/clan: Fix typos 2025-02-02 23:20:39 +07:00
lassulus
c746b84a6f test_api_dataclass_compat: exlcude flake.py 2025-02-02 11:52:36 +00:00
lassulus
fe2cfd3b37 clan-cli: add a Flake class with caching 2025-02-02 11:52:36 +00:00
lassulus
26143b4b5b clan-cli: add ipython to dev dependencies 2025-02-02 11:52:36 +00:00
lassulus
90fbe807d6 clan-cli vars upload: add optional --directory 2025-02-02 11:52:36 +00:00
Jörg Thalheim
3ab497afa9 buildClan/tests: make test_only_required minimal again 2025-02-02 10:40:50 +00:00
kenji
e03ee4407c Merge pull request 'clanModules/user-password: Add inventory feature' (#2796) from kenji/clan-core:feat-inventory/user-password into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2796
 2025-02-02 10:35:48 +00:00
a-kenji
c7e9bfbefe clanModules/root-password: Add inventory feature 2025-02-02 10:35:48 +00:00
kenji
83169dc93e Merge pull request 'clanModules/root-password: Add inventory feature' (#2795) from kenji/clan-core:feat-inventory/root-password into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2795
 2025-02-02 10:32:58 +00:00
a-kenji
23360377cf clanModules/root-password: Add inventory feature 2025-02-02 10:32:58 +00:00
Jörg Thalheim
07bd686850 legacyPackages.evalTests-build-clan: fix comment to run tests 2025-02-02 10:30:26 +00:00
Jörg Thalheim
8634087309 Do not deprecate directory argument 2025-02-02 10:30:26 +00:00
a-kenji
fe6cca3c47 clanModules/root-password: Fix root-password persistence 2025-02-02 16:36:19 +07:00
Qubasa
1fb676affb clan-cli: Fix clan flakes create not working in nix shell 2025-02-01 12:16:20 +07:00
Mic92
1248adfd45 Merge pull request 'container test with writeable nix store' (#2655) from container-test into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2655
 2025-01-31 11:51:00 +00:00
Jörg Thalheim
5d2e3b2b21 container test: with writeable nix store 2025-01-31 11:51:00 +00:00
Qubasa
0f4cdd31cd clan-cli: Make clan machines create use templating.py 2025-01-31 18:07:48 +07:00
Jörg Thalheim
0e3e6c29c7 remove createFile legacy alias from vars/interface 
it's hard to filter this out in nix. So instead we just drop this
option.
 2025-01-31 10:29:35 +00:00
Qubasa
d770830c03 clan-cli: Add test_clan_nix_attrset.py and minor fixups 2025-01-31 16:36:20 +07:00
Qubasa
57d82c9315 webview-ui: Fix create_clan js call 2025-01-30 17:26:41 +07:00
Qubasa
e96bd0816f clan-cli: Expand type_to_dict to support NewType and tuple types in dataclasses 2025-01-30 17:19:31 +07:00
Qubasa
7545a9a883 clan-cli: Make clan flakes create discover templates from inputs. Add clan flakes list command 2025-01-30 16:24:50 +07:00
Qubasa
c212538ac7 clan: Remove unecessary templates and modules interface 2025-01-29 19:24:15 +07:00
Qubasa
839bb17284 clan-cli: Add from_host function to Host class 2025-01-29 19:18:02 +07:00
Qubasa
4a144e77a4 clan-cli: Add ruff to devShell again. Add missing type annotations 2025-01-29 19:16:34 +07:00
Qubasa
6e47f1ee96 Add importable clan.modules and clan.template interfaces without implementation 2025-01-27 17:35:42 +07:00
Clan Merge Bot
1ba8090188 update flake lock - treefmt-nix - 2025-01-27T00:00+00:00 
Flake lock file updates:

• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/d1ed3b385f8130e392870cfb1dbfaff8a63a1899?narHash=sha256-uPNWcYbhY2fjY3HOfRCR5jsfzdzemhfxLSxwjXYXqNc%3D' (2025-01-17)
  → 'github:numtide/treefmt-nix/f2cc121df15418d028a59c9737d38e3a90fbaf8f?narHash=sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo%3D' (2025-01-21)
 2025-01-27 00:00:24 +00:00
Luis Hebendanz
974279eddd Merge pull request 'clan: Add autoloaded clanModules from flake inputs. Rename 'directory' to 'self' in buildClan' (#2782) from Qubasa/clan-core:dynamic_clanModulesv2 into main 
Reviewed-on: https://git.clan.lol/clan/clan-core/pulls/2782
Reviewed-by: lassulus <clanlol@lassul.us>
 2025-01-24 07:29:14 +00:00
Qubasa
e36654daa1 clan: Add autoloaded clanModules from flake inputs. Rename 'directory' to 'self' in buildClan 2025-01-24 12:32:04 +07:00
Johannes Kirschbauer
559a95cdde Docs: change navigation to use tabs again 2025-01-23 13:49:55 +01:00
lassulus
cabd848fb7 vars: set persist to true if the script is empty 2025-01-22 19:36:19 +00:00
a-kenji
dfdcad7fc5 Fix various typos 2025-01-22 13:26:58 +01:00
a-kenji
ce148c23a5 Fix various typos 2025-01-22 13:19:28 +01:00
a-kenji
7308eb8dc7 clanModules/mycelium: init mycelium 
This adds a clanModule for `mycelium`.
`Mycelium` is an IPv6 overlay network written in Rust.
Each node that joins the overlay network will receive an overlay network IP in the 400::/7 range.

An example configuration might look like this in the inventory:

```nix
mycelium.default = {
  roles.peer.machines = [
    "berlin"
    "munich"
  ];
  config = {
    topLevelDomain = "m";
    openFirewall = true;
    addHostedPublicNodes = true;
  };
};
```

This will add the machines named `berlin` and `munich` to the `mycelium` vpn.
And will also set the toplevel domain of the mycelium vpn to `m`, meaning the
machines are now reachable via `berlin.m` and `munich.m`.
 2025-01-22 11:56:10 +00:00