So here is what has been keeping me up at night: At some point I
realized that nix actually made a somewhat passable language for CGI
programming:
* That `builtins.getEnv` exists as one of the impurities of Nix is
perfect as environment variables are the main way of communication
from the web server to the CGI application.
* We can actually read from the filesystem via builtins.readDir and
builtins.readFile with bearable overhead if we avoid importing the
used paths into the nix store.
* Templating and routing are convenient to implement via indented strings
and attribute sets respectively.
Of course there are obvious limitation:
* The overhead of derivations is probably much to great for them to be
useful via IfD.
* Even without derivations, nix evaluation is very slow to the point
were a trivial application takes between 100ms and 400ms to produce a
response.
* We can't really cause effects other than producing a response which
makes it not viable for a lot of applications. There are some ways
around this:
* With a custom interpreter we could have streaming and multiplexed
I/O (using lazy lists emulated via attrsets) to cause such effects,
but it would probably perform terribly.
* We can use builtins.fetchurl to call other HTTP-based microservices,
but only in very limited constraints, i. e. only GET, no headers,
and only if the tarball ttl is set to 0 in the global nix.conf.
* Terrible error handling capabilities because builtins.tryEval actually
doesn't catch a lot of errors.
To prove that it actually works, there are some demo applications,
which I invite you to run and potentially break horribly:
nix-build -A web.bubblegum.examples && ./result
# navigate to http://localhost:9000
The setup uses thttpd and executes the nix CGI scripts using
users.sterni.nint which automatically passed `depot`, so they can
import the cgi library.
Change-Id: I3a22a749612211627e5f8301c31ec2e7a872812c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2746
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This also looks much cleaner than before.
Change-Id: I767b881c73699151afc03746c04e413e74f30387
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2750
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
This modifies the capture regex executed by `jq` to capture the TODO
text itself as a separate capture group, which is then used for the
content of the TODO listing.
The web listing looks much cleaner this way.
Change-Id: I00a14da57b315a353f700c112ba33f38e16f1f85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2749
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
These were actually just copy&pasted from the layout of my
blog (//users/tazjin/blog), even including a dead link.
This commit adds more relevant links instead.
Change-Id: Ib55aac492f1f9bff650edfa43b52d3d5d611410c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2713
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This was originally done when "the purge" happened, and I don't think
it's quite accurate anymore.
This reverts commit 94846503c5.
Change-Id: I4be2bccfa68505a2f663ab1695e547321d2dd0b8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2709
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
When sending irc notifications, insert a zero-width space after the
first character of the username of the author of issues, to prevent that
user from receiving a ping.
Fixes: b/95
Change-Id: Ibcacb45129b2cb99b587744eb61f4f1dbc0060d6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2693
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Sterni has been doing a lot of good mainenance work, and I'd like to
enable that in as unblocked a fashion as possible.
Change-Id: I5bbd2459864c3d4b7e6b9927fc5d4824efc854e6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2692
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
* Fix find-user-by-dn raising an error condition if the search returns
no results, return nil instead.
* Adopt strategy of defaulting to “someone” as displayname if lookup
fails for all usage of displaynames in panettone.
I've tested this change for issues and comments created by missing
users. Adjusting the displayname seems to fix all 500 being created
by missing users both logged out and logged in.
Change-Id: I0a84eb0631c4a49f1664bed6d03afa60dce6eb47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2448
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
This is achieved by implementing a simple markdown renderer in CL which
has the following limitations:
* Only supports inline `code`, *emphasize 1*, _emphasize 2_ and
~~strikethrough~~.
* Does not support nested markup.
This allows for a relatively simple renderer which doesn't need to parse
markdown into a in-memory data structure first. The rendered result is
directly written to a stream to integrate well with cl-who which is also
reused for rendering tags and xml-escaping strings.
Fixes#90.
Change-Id: Ice88ed770b1fab6365f3b93e8663e25077befa0b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2389
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
I checked all :value attributes in panettone.lisp and wrapped them with
who:escape-string if its value comes from user-influenced places. Static
values or values from panettone internals are left as is.
I did not do a comprehensive check for other places where something
similar could happen though.
Fixes#92.
Change-Id: I134acc0d2f025f173588b37c19a93589365e879b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2401
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
This commit removes my user directory in the depot, my user account on whitby,
my entry in the LDAP database, and my entry in the website graph. I've had my
fun with TVL, but I want to move on to spending time on some other things.
This additionally removes aranea from the website graph, which they have
requested in private.
Change-Id: I2d098c8fe239f20d9f6c6cbf66a3dfb4a955a4cf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2436
Tested-by: BuildkiteCI
Reviewed-by: multi <depot@in-addr.xyz>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Since the slapd data is static and generated using nix, we can simply
move the user list into ops/users, so it's recognized by readTree and we
can use it as ops.users both in ops/nixos/tvl-slapd and web/todolist as
a general purpose user registry for depot.
Update docs/REVIEWS.md as well.
Change-Id: I35caaaab70a5578c47cedc7f33077dd513766290
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2419
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Prefix all IRC notifications from panettone with a unicode
zero-width-space so that they don't get picked up by other IRC
bots (notably bslsk05).
Change-Id: I350fd1b6d2145e496c22a8f56ba3530fc9f1a978
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2127
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Send an irc notification when issues are marked closed, in a similar
format to the notifications sent when new issues are created.
Change-Id: I2fdde33f0dedc223a5c2265eed778161938f8e9a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2126
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This reverts commit e1067b1497.
The original issue here was misusing ISSUE-ID instead of ID, but also
the associated username for the message should've been CN instead of DN
Change-Id: I1629c0cb7597ff2ee2867f27870378eecdafe126
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2125
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
This reverts commit 2e2bdf9c6c.
Reason for revert: this is not working, and is resulting in newly created issues just showing a blank page (b/74)
Change-Id: I3f06afc52d6c5289269402fc75bb32ad9c376bf4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2082
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
- The new PANETTONE.IRC package contains the SEND-IRC-NOTIFICATION function,
which opens a new TCP socket to irccat (if it's running and configured) in
order to announce the creation of new issues.
- The IRCCATHOST and IRCCATPORT environment variables must be set for this to
work.
- Additionally, the ISSUECHANNEL environment variable may be used to direct
announcements at a given channel (otherwise it'll just use the first one).
Change-Id: I429a66f24d0f80ed10db173d6af7105fb1d3d023
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2077
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Considered adding hswaw, but after q3k left it'd be a single edge, so
perhaps no point.
Change-Id: Ifd8609a5227e5c3bee1d5726bb5cf70ebb2cefdf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2053
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Some overdue updates: People leaving, people joining. Not all new
people are in here yet either, but you have to start somewhere.
Change-Id: I66dfae443f60d090c02c619d09c12599b936b2dc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2051
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Wrap all ldap access in a macro that automatically reconnects and
retries operations that fail due to a connection error, to handle the
case where the ldap server restarts while we still have an open
connection.
Fixes: #44
Change-Id: I4859cf509106e480f97fed17e7f08e0eea909352
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1871
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
The absence of the navbar containing the "all issues" and "log out"
links from the top of the page has been a common complaint - initially I
disagreed, but after some time thinking about it I've come around. This
adds the same nav - with the "All Issues" link and the "Log Out" link -
to the top of every page, and also fixes a bug where query params would
prevent the "All Issues" link from being hidden on the "All Issues"
page, which looked especially weird when they were right next to each other.
Change-Id: I1d07175fa07aee057ddd140a6864d01342fbb7ef
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1868
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
Style blockquotes (which show up in rendered markdown) similarly to how
github does, by rendering a 5px-wide margin to the left with some
padding.
Fixes: #48
Change-Id: I79aa3b6cda5d928885c2cc36f504009232252c17
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1869
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
The default was really annoyingly short - 90 days feels perfectly fine
for what we want, though we may want to increase even further.
Fixes: #19
Change-Id: I917abd95c4925f8491cd2be7cd87d91bb6621153
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1867
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Load a SESSION_SECRET env var and set it as the hunchentoot session
secret if present, so that restarting panettone doesn't destroy all
sessions due to the secret getting regenerated.
Refs: #19
Change-Id: Ia2c633fa998e128ecece66e824df01c430da8235
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1866
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
This reverts commit 3115113854.
Reason for revert: this is causing all issues to return a 404 - reverting until we can get it working.
Change-Id: I5f3c5ec3b24f245a1f7ef12645200d16ed0f1b35
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1721
Tested-by: BuildkiteCI
Reviewed-by: edef <edef@edef.eu>
Passing a nil issue to this was breaking because you can't get the id of
nil. I am too used to clojure.
Change-Id: Icf76cbb23d902ec59fa97c21b134936fa40eb43e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1593
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Allow editing both the subject and the body of issues, recording events
indicating the edit and displaying those events in the issue history.
Fixes: #14
Change-Id: I9ed05271ce9bf6bda4e56f15e249c0f28c862b27
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1517
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Events - which are interleaved with comments - don't have bodies, so
they can't be converted to markdown.
Change-Id: Iba818b95dab59cae5a08c8b4eca94955e11e584b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1509
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Use the new cheddar markdown endpoint to render issue bodies and comment
bodies as JSON. I've checked, and this *also* appears to be XSS
safe (yay)
Change-Id: Ib4b19fd581b0cf40ba03f5d13443535d17df6632
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1500
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Display the history of an issue (which currently is just opening and
closing) inline with the issue's comments on the issue show page
Change-Id: Id167bceef765cb4c24e86983d1dcd6624d0e5956
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1497
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Log in the database, in a way that will generalize to tracking edit
history as well, when users change the status of an issue. To facilitate
easily knowing who is currently authenticated (without introducing a
circular dependency) the authentication-relaated code has also been
factored out into its own package, which is nice because we want to
replace that sooner rather than later anyway.
Fixes: #13
Change-Id: I65a544fab660ed1c295ee8f6b293e0d4945a8203
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1496
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Even if the user fails to log in, maintain the original-uri param if
present, so that if they eventually succeed at logging in they still get
where they were originally trying to get.
Change-Id: I2faa5eced002ab899c803cf19095cea76897d92d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1499
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Add an original-uri query param to the target of the Log In link
pointing at the current URL, so that when the user eventually
successfully logs in they are redirected to the page they were
originally on
Fixes: #21
Change-Id: I75ed7b75fa00b1b09c8b26bf4dcf5bc6b6d7f53a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1498
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Now that we've migrated over all the data to postgresql, we can get rid
of cl-prevalence as a dependency from Panettone along with all code that
mentions it.
Change-Id: I945f50a88fea5770aac5b4a058342b8269c0bea2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1495
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
I have been. Very tired.
Change-Id: Iab9d21e53630be092080cc73196da90534b06553
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1490
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Switch from cl-prevalence to postgres (via postmodern) as the storage
backend for panettone. The first time the application starts up after
this commit, it will (idempotently) initialize the db schema and migrate
over all data from the prevalence snapshot to the database - the plan is
then to get rid of the prevalence classes and dependency once that's
deployed.
Change-Id: I4f35707efead67d8854f1c224ef67f8471620453
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1467
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
Add a docker-compose file and lorri-based direnv for aiding in
running and connecting to a postgres database during development of
panettone.
Change-Id: I319eee52b52cd48e1f3d2e32c558989768dc19d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1465
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
The default hunchentoot behavior is to log all local variables when
logging lisp backtraces - this is nice for debugging, but means that if
we hit an error when checking for auth with the ldap server we log the
password provided by the user. No good! Let's just turn off logging of
backtraces for now.
Change-Id: Ibc4242e3e0f974ac53fffc482d3724b0547425ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1471
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
Sly spits these out as a result of the various compile commands, but we
don't want them committed.
Change-Id: I6f45b6de6dc978667a0575d0ed361c573045ef92
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1464
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
Make the site responsive, by making all the hard :widths we were using
into :max-widths, and adding a viewport meta tag.
Change-Id: I02f054f81ff57fbd1c4603b179b2104367f03e3b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1415
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>