Commit graph

19348 commits

Author SHA1 Message Date
Florian Klink
6af67af76e feat(nix-compat/narinfo): add PubKey
This represents a ed25519 public key and "name".
These are normally passed in the `trusted-public-keys` Nix config option,
and consist of a name and base64-encoded ed25519 pubkey, separated by a `:`.

Change-Id: I9ab4b3e0e5821805ea6faf2499626630fc5a3f0a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10150
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
e7a86273b1 refactor(nix-compat/narinfo/signature): rename Error type
Just call this Error, we can infer from the package what error this is.

Change-Id: I5df25d2873ec739c49c08804f35562c84c222e06
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10149
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
7e8719be91 feat(tvix/store/pathinfosvc/nix_http): check Nar{Size,Hash} matches
Ensure the initially communicated NarHash/NarSize from the NarInfo
matches what we read, and don't return a PathInfo message if there's
a mismatch.

Also move the buffering layer around a bit.

Change-Id: I68c60ecfaf0f9cd5edacea648437ecb0c9729251
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10148
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 16:08:59 +00:00
Florian Klink
fce9c0e99e fix(tvix/store/fs): don't panic on PathInfoService error
An error in the PathInfoService request can appear in case the
underlying request returns an error.

We shouldn't panic and bork the fuse mount, but instead return an IO
error.

Change-Id: I2daeae629e1627d06adcd7b82ddb76c50c602212
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10154
Tested-by: BuildkiteCI
Reviewed-by: Connor Brewster <cbrewster@hey.com>
2023-11-28 14:54:56 +00:00
Vincent Ambo
84a846a3a2 refactor(tazjin/emacs): move global-mode-line info into tab-bar
This removes the wonky hack with detecting the bottom right window,
and gives me saner, unified handling of this display in the tab
bar (of which there is only one!)

Change-Id: Id21c6b2472d0c89fc4d000a10a9e90d2ddba86b6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10165
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-28 12:34:48 +00:00
Vincent Ambo
a554531e28 chore(ops): move from gerrit-queue to gerrit-autosubmit
Enables the new autosubmit bot, albeit without rebase
functionality (this will be a separate change).

Change-Id: Ia42a4f08c0edca5e6cc8bf4770ec24dbf16a5db7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10132
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:51:08 +00:00
Vincent Ambo
623805cecd feat(ops/gerrit-autosubmit): init simple gerrit autosubmitter
Adds a small Rust program that connects to the Gerrit API and uses a
simple algorithm to figure out which changes should be submitted, and
submits them:

* it fetches all changes the Gerrit query API considers
  submittable (i.e. all requirements fulfilled), and that have the
  `Autosubmit` label set

* it filters these changes down to those that are _actually_
  submittable (in Gerrit API terms: that have an active Submit button)

* it filters out those that would submit ancestors that are *not*
  marked with the `Autosubmit` label

* it submits the longest chain

After that it just loops.

There is no rebasing logic yet for when it "runs out" of submittable
changes, but it will not be difficult to add.

Relates to b/333.

Change-Id: Ib91ecf2c45b178e8c64ff7b2174d617d4c45efe2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10131
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:50:37 +00:00
Vincent Ambo
360c98ce38 chore(3p/sources): bump channels & overlays (2023-11-27)
* picked avrdude from stable channel
* removed override for texlive, as the upstream fix is merged
* picked awscli2 from stable channel
* bump tdlib to 1.8.21 (new minimum for telega.el)
* tvix/turbofetch: switch to nixpkgs-native mechanism for
  CARGO_MANIFEST_LINKS (whatever that is)

Change-Id: Ic695721b5ca750b89d21cab7a257e1db682b23c0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10083
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-27 21:16:46 +00:00
Florian Klink
0415bc6fd2 fix(nix-compat/narinfo/signature): validate name field
We should restrict this to alphanumeric mostly, and we definitely don't
want newlines.

Not entirely sure about the exact additionally allowed characters
outside of alphanumeric, but this can always be extended further.

Change-Id: I1357e79e553f2df2fa97792889f63f0f35d50ed5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10147
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
2023-11-27 15:12:13 +00:00
Florian Klink
b7de931cc6 fix(nix-compat/narinfo): don't panic trying to parse signatures
BASE64.decode_mut panics if we're passing data that has the wrong size.
Do the size check first and error out there.

Also update the error, and talk about b64-encoded sizes.

Change-Id: I290f80a37d48526a30bf1df9d1d9fe34865008eb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10146
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
2023-11-27 15:12:13 +00:00
Florian Klink
dfaaf41cef refactor(nix-compat): use ed25519_dalek::SIGNATURE_LENGTH
No need to hardcode magic numbers here, we have a constant for that.

Change-Id: I67b671c0c4bb7c3bfb001e9c36499f31873ee717
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10145
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-27 15:11:41 +00:00
Vincent Ambo
5730742bdf feat(tazjin/emacs): i3-style jumping back&forth for tab-bar-mode
Change-Id: I19cab91646241edc38a58bf5546c9dd8161abeb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10130
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-26 22:16:19 +00:00
sterni
79c38dbf2a fix(ops/modules/irccat): recursively merge config attribute set
`lib.types.attrs` is deprecated in favor of `lib.types.attrsOf
lib.types.anything` because it doesn't merge attribute sets
/recursively/. `attrsOf` and `anything` do, the former is used to ensure
that the top value is an attribute set as expected by irccat.

Change-Id: I2a9d943a06c8f99f7d6d20c9944288e854924bff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10129
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00
sterni
03d5ffd2de feat(sterni/ingeborg): enable btrfs auto scrub
While we are at it, rename disk-checkup.nix to btrfs-auto-scrub.nix and
move it into //ops/modules. I originally wanted to have additionally
disk health related services in that module, but the btrfs scrub
functionality is nicely self-contained and reusable, so I think it makes
sense to have this in a more central location.

Change-Id: Iabdd62838eef009540ca71abafd921afda2a9b47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10128
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-26 22:16:16 +00:00
sterni
825b6ac65f feat(sterni/machines/ingeborg): boot-strap
Network configuration and initrd setup is basically the same as with
edwin, but we are using md for Software RAID this time as well as LVM
over two partitions with LUKS:

- sda2 <-- RAID1 --> sdb2 (boot-raid)
  └ boot partition, ext4 (encrypted-container-raid)
- sda3 <-- RAID1 --> sdb3
  └ LUKS container
    └ Volume Group vgmain
      ├ Logical Volume vgmain/swap
      │ └ swap
      └ Logical Volume vgmain/root
        └ btrfs

So we no longer rely on btrfs raid1 due to question marks over its
reliability (I personally did not have any problems though). This also
means that we have less LUKS containers we need to unlock when
booting (kind of neglible improvement). The biggest improvement is that
we have redundancy for the swap, so a disk failure shouldn't cause
memory corruption/loss.

Change-Id: I14f065b659857415917d9a60a7ec019e687f8d1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10127
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
2023-11-25 22:55:32 +00:00
sterni
b91f4e89ab chore(sterni/edwin): allow 10G of logs (there's enough space)
Change-Id: I576107047d8213e718e720d3a7a1dcc1dff39122
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10126
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-25 22:55:32 +00:00
sterni
897ee4ad26 refactor(sterni/edwin): move generic settings into module
These settings would also be applied to a machine that'd replace edwin,
so it's useful to have them outside edwin's default.nix.

Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2023-11-25 22:55:32 +00:00
Florian Klink
5161c3c072 feat(users/flokli/archivist): init
This introduces a new structure, as activities are moved to a separate
AWS Account for reasons (tm).

Change-Id: Ic310eca2dc0d4ee81bae8944238b26910067336a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10124
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-25 16:17:46 +00:00
Vincent Ambo
e65fa82d74 refactor(tvix/eval): use or_default helper in entry API
This fixes a future clippy lint.

Change-Id: Ic830e94ef23595580c1037f10878c76bbb546dd9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10110
Tested-by: BuildkiteCI
Reviewed-by: Adam Joseph <adam@westernsemico.com>
2023-11-25 15:48:46 +00:00
Vincent Ambo
5ffb997864 fix(tvix): ensure PartialOrd/Ord agree for StorePath & NixString
This fixes a *future* clippy lint:
https://rust-lang.github.io/rust-clippy/master/index.html#/incorrect_partial_ord_impl_on_ord_type

In essence, because the implementation of *both* Ord and PartialOrd
implies that ordering is not partial, all results of PartialOrd should
simply be those of Ord. This is to avoid subtle bugs in future
refactorings.

Change-Id: I8fc6694010208752dd47746a2aaaeca0c788d574
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10109
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-25 15:48:46 +00:00
Vincent Ambo
ac3025e883 fix(whitby): disable gerrit-queue due to b/333
Change-Id: I53084dcf033b8e7b2b7188fbef0a8d1ce15ceb83
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10123
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:45:46 +00:00
Vincent Ambo
49bba33de1 chore(tazjin/emacs): remove all workspace related functionality
This removes everything related to workspaces, as well as the current
RandR configuration, creating a (cleaner) slate for switching to tabs.

This was supposed to be committed earlier, but got broken by
clbot (see b/333).

Change-Id: I2d110bca0d6629a505699210f0aba12882f83d48
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10115
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:45:46 +00:00
Vincent Ambo
e8fb39c36d feat(tazjin/emacs): initial tab-bar-mode configuration
Sets up tab-bar-mode for EXWM, and adds simple initial configuration
and shortcuts to make it behave sanely. I had to assign tab switching
shortcuts myself, as the EXWM input key stuff doesn't work correctly
with the built-in way of setting these shortcuts in tab-bar-mode.

Change-Id: Icd96f03ae7bd2bd5f7c2d59f9aca7a1ca2e7f788
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10116
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-25 15:45:46 +00:00
Vincent Ambo
683c8bade3 feat(tazjin/emacs): dynamically assign EXWM workspaces to monitors
Adds an `exwm-assign-workspaces` function that automatically creates
and assigns workspaces to each currently connected monitor. The first
workspace (index 0) is always on the primary monitor.

This function should be idempotent and can be called at any point to
synchronise X outputs and what EXWM is displaying on them.

This works because tabs are disconnected from workspaces completely,
so I don't have to care about what's going on on other workspaces
anymore.

Still missing:

* functions to connect/disconnect outputs
* switching to other outputs from within emacs commands (i.e. without
  the mouse)

Change-Id: I7c24aa1b45218fe35de6939e799852b5d11d1272
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10119
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:31:13 +00:00
Vincent Ambo
b457217844 fix(3p/exwm): re-enable chromium focus workaround
This seems to actually sort of work with tab-bar-mode.

Change-Id: I7b12b69ec7413ce9b9e1650d8629db8aca8a1796
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10117
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:31:13 +00:00
Vincent Ambo
e400a9b027 feat(tazjin/emacs): add a monitor focus switch shortcut
This one is a bit stupid because I couldn't figure out a way to
determine the active workspace. It's definitely possible (either
through some XCB calls, or through state management in screen change
hooks), but for now this is fine.

Change-Id: I5e4c531b248caa0021664bad9dc196bef60cfbac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10122
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
2023-11-25 15:24:04 +00:00
Vincent Ambo
53008771ae fix(tazjin/emacs): pick new primary monitor when disabling current
By default, this will be the (only) remaining monitor. In N>2
situations, ask the user.

Change-Id: Id68fcf60d56d0414d1072b8ffeef72c608678f52
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10121
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:24:03 +00:00
Vincent Ambo
dedcfc3d71 feat(tazjin/emacs): add interactive commands for configuring screens
Uses a bunch of weird xrandr invocations and completing reads to
configure screens the way I want.

Note that this has a known bug where disconnecting a primary screen
will *not* make one of the remaining screens primary.

Change-Id: Ide5322df446685cc4740d4ddd7b6ca8682375050
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10120
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-25 15:24:03 +00:00
Adam Joseph
512346ba0b refactor(tvix/eval): add ThunkRepr::is_forced()
Change-Id: I4eab5c81fb82337da06327248845cd2f3a4490d3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10038
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: Adam Joseph <adam@westernsemico.com>
2023-11-25 02:55:57 +00:00
Adam Joseph
b5a15989cd feat(tvix/eval): add Thunk::unwrap_or_clone()
This commit adds Thunk::unwrap_or_clone(), which uses
Rc::try_unwrap() to avoid cloning the Value out of a an Rc which has
only one strong reference.

Change-Id: Icacefe0c823dcddf046d90c0c5cd5ed59fe976d4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10037
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: Adam Joseph <adam@westernsemico.com>
Tested-by: BuildkiteCI
2023-11-25 02:55:56 +00:00
sterni
875bb26fc3 fix(tvix/castore): correctly flag unreachable code
Change-Id: Id09afa4b77c3c70fb5695f253f6df4aa88b61e19
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10113
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-24 23:36:15 +00:00
sterni
c5961e7774 docs(tvix/eval): optimization potential for inherit (from) exprs
Change-Id: Ibddaa111a5b7a86c42dbe153ae8e53f9a5601a54
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10112
Tested-by: BuildkiteCI
Reviewed-by: Adam Joseph <adam@westernsemico.com>
2023-11-24 23:36:15 +00:00
Florian Klink
6b685ec4a5 feat(tvix/store): add as_narinfo() for PathInfo
This allows seeing a PathInfo as a nix_compat::narinfo::NarInfo<'_>.

It doesn't allocate any new data, but the NarInfo<'_> view allows us to
access things like signature verification, or rendering out
(alternations of this) as strings.

Change-Id: Id0d8d7feeb626ee02c3d8a4932f24ace77022619
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10108
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-22 20:37:10 +00:00
Florian Klink
639cca3e22 feat(nix-compat/narinfo/signature): add new() constructor
This is useful when creating a new Signature struct where the individual
elements are already parsed.

Change-Id: Ie33c66287641951e7a030aaa1e7ff0a86b2628ac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10111
Reviewed-by: edef <edef@edef.eu>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-22 20:37:10 +00:00
Florian Klink
c44cbc852a refactor(tvix/store): impl From<&nar_info::Ca> for nixhash::CAHash
Change-Id: I637a4cff5a5ca29c4d86e0b76a2f20f8741f5628
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10107
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
2023-11-22 20:37:10 +00:00
Florian Klink
1e04f60800 refactor(tvix/store): impl From<nixhash::CAHash> for nar_info::Ca
Change-Id: Iaa68044d3b469f15a932aa3b59548505eaa6b8bb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10106
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
2023-11-22 20:11:49 +00:00
Florian Klink
671206a63f refactor(tvix/nix-compat): move from_name_and_digest to StorePathRef
We can simply use .to_owned() on that thing afterwards if we want to
construct an owned StorePath.

Change-Id: I0f3e2e4434b99ee522f2a7dbfa391e13a987479c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10105
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
2023-11-22 20:11:49 +00:00
Florian Klink
eb84898c17 feat(nix-compat/narinfo): drop .drv from Narinfo.deriver field
We always know this needs to end with a .drv, and fail parsing if it
doesn't, so there's no need to hang onto these 4 bytes.

This will make it much easier to synthesize a NarInfo<'_> later on from
a PathInfo proto, because we don't have to make this ".drv" appear out
of thin air.

Change-Id: Id95e7fd937d7c9a420a39b5a4bab73985640ca3b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10084
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Autosubmit: flokli <flokli@flokli.de>
2023-11-22 18:24:04 +00:00
Florian Klink
ef8a8af0bf refactor(tvix/nix-compat): cleanup parse_{ca,hash} and fmt structs
These were used to format to and parse from strings.

Move this to the CAHash and NixHash structs directly, and be explicit in
the name about which encoding for digests is used.

For output path calculation, nix encodes the nixpaths in hex, but for
writing out NARInfos, it's using nixbase32.

Change-Id: Ia585a76a3811b2609e7ce259fda66a29403b7e07
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10079
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
2023-11-22 17:54:59 +00:00
Vincent Ambo
a8d48d4d9c fix(3p/exwm): fix EXWM build with depot sources
Something changed in the machinery and broke the overriding. I didn't
notice this, as a I was temporarily using an unpatched EXWM.

Change-Id: I1a4e8ea63bd116d86a430e680c2b631474e9a0fe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10047
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
2023-11-22 07:39:26 +00:00
Florian Klink
a834966efd feat(tvix/nix-compat/narinfo): add fingerprint
This adds support to compute the fingerprint string, which is what's
ed25519-signed in binary caches.

Change-Id: I8947239c609896acfd7261f110450014bedf465a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10080
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-19 22:34:59 +00:00
Florian Klink
bb18556bf3 feat(tvix/nix-compat): add narinfo::Signature::verify
This adds support for verifying signatures found in NARInfo files.

This still needs to be hooked together with the nix+http[s] backend.

Change-Id: Ic1c8ddbdecfb05cefca2492808388b0f7f3f2637
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10081
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
2023-11-19 22:06:07 +00:00
Florian Klink
9322d29ea9 chore(third_party/nixpkgs): add more patches to crate2nix
Change-Id: I2c2c3d4722a69a1ce5a4f144d0c450d88f40856a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10082
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
2023-11-19 22:06:06 +00:00
Florian Klink
a5749fada5 refactor(nix-compat/narinfo): move signature into separate file
Change-Id: Ic257475e2afebf059c5317c1cc5b04ba63d5d318
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10078
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 21:58:02 +00:00
Florian Klink
6039b97b55 refactor(tvix/nix-compat): move narinfo into separate mod
Change-Id: Id85f979e46946da0345483cbbc6de3dd29c94c63
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10077
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 21:58:02 +00:00
Florian Klink
be48ba75ab feat(tvix/store/pathinfoservice): implement NixHTTPPathInfoService
NixHTTPPathInfoService acts as a bridge in between the Nix HTTP Binary
cache protocol provided by Nix binary caches such as cache.nixos.org,
and the Tvix Store Model.
It implements the [PathInfoService] trait in an interesting way: Every
[PathInfoService::get] fetches the .narinfo and referred NAR file,
inserting components into a [BlobService] and [DirectoryService], then
returning a [PathInfo] struct with the root.
Due to this being quite a costly operation, clients are expected to
layer this service with store composition, so they're only ingested
once.
The client is expected to be (indirectly) using the same [BlobService]
and [DirectoryService], so able to fetch referred Directories and Blobs.
[PathInfoService::put] and [PathInfoService::nar] are not implemented
and return an error if called.

This behaves very similar to the nar-bridge-pathinfo code in nar-bridge,
except it's now in Rust.

Change-Id: Ia03d4fed9d0657965d100299af97cd917a03f2f0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10069
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 13:19:24 +00:00
Florian Klink
4e9e4b19ef refactor(tvix/castore/blobservice): rm AsyncBufRead from BlobReader
There's no need to already require this to be buffered here.

Change-Id: Ib9a11b194e0754d87ab8d2ef0b8cb0f4edc01229
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10074
Tested-by: BuildkiteCI
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2023-11-19 12:54:19 +00:00
Florian Klink
9c0586e3a7 feat(users/flokli/keyboard): align 3rd layer with thinkpad
Make these keys behave a bit more like the Fn+F* keys on the thinkpad
keyboards.

Seems there's currently no trivial way to get mic mute, keyboard mute
and wifi toggle sent out, but considering the thinkpad usb keyboard is
able to, this should be possible somehow here too - but not today, left
for a followup.

Change-Id: I529a958c78116dd9f7250c938e2e7989b296d6c6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10076
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-19 12:24:32 +00:00
edef
a11abc02e2 feat(nix-compat/nar/reader): provide passthrough buffered I/O
Allow taking advantage of the buffer of the underlying reader to avoid
unnecessary copies of file data.

We can't easily implement the methods of BufRead directly, since we
have some extra I/O to perform in the final consume() invocation.

That could be resolved at the cost of additional bookkeeping, but this
will suffice for now.

Change-Id: I8100cf0abd79e7469670b8596bd989be5db44a91
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10089
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
2023-11-19 09:53:10 +00:00
edef
785ff80c8b fix(nix-compat/nar/reader): require BufRead
We rely on being able to make small reads cheaply, so this was already
an implicit practical requirement. Requiring it explicitly removes a
performance footgun, and makes further optimisations possible.

Change-Id: I7f65880a41b1d6b5e6bf2e52dfe47d4c49b34bcd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10088
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-11-19 09:53:10 +00:00