Commit graph

12984 commits

Author SHA1 Message Date
Griffin Smith
e38e826862 feat(gs/emacs): Update irc-connect command for new servers
No longer connecting to freenode - but I *am* now connecting to both
hackint and libera, so add a prompt to the command to decide which one I
connect to

Change-Id: Iae315ddab753cf9c365cbee7abd94213af656d4c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3177
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-06-05 15:25:20 +00:00
Griffin Smith
bf9857beff feat(gws.fyi): Use awscli2 to deploy
Use awscli2 rather than awscli to deploy - less because I actually need
any specific functionality from the new version, and more because I
already use awscli2 on my systems and it's nice to always use the same
version of stuff

Change-Id: Id0e5b63dde1857c2e417ac2eeb2f769ebcc0f956
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3175
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-06-02 20:43:31 +00:00
Vincent Ambo
e0708cba8d fix(3p/josh): Temporarily patch instances of master->canon
... until hardcoded references are removed upstream.

This is motivated by HEAD-branch related issues when cloning depot via
josh and a naive search for places where `master` was used directly.

Change-Id: I46709631d6ee5561344fc5f407324bcf69c641e2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3171
Tested-by: BuildkiteCI
Reviewed-by: cschilling <christian.schilling.de@gmail.com>
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-06-02 08:00:07 +00:00
Vincent Ambo
00d2af6d7e chore(3p/josh): Bump to most recent commit
Includes a potentially relevant fix (anonymous authentication with the
correct username).

Change-Id: Iabf2eff43e98cc8b7b998ead3775b1fc8f1dfac6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3173
Tested-by: BuildkiteCI
Reviewed-by: cschilling <christian.schilling.de@gmail.com>
2021-06-02 08:00:07 +00:00
Vincent Ambo
97c87ebc31 chore(3p/naersk): Bump version to latest commit
There have been a few relevant fixes.

Change-Id: I84b6fb645703972b03f1210cb69d03467caefbfa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3172
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-06-02 08:00:07 +00:00
sterni
cf921bd862 fix(fun/🕰️): support prefixed : for indicating a tz file
We still don't support POSIX timezone descriptions and the like,
but I currently don't have the energy to support something just
for POSIX's sake.

Change-Id: Ifbfc798ebe849e886cc31964b7fbc70ff009ef29
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3167
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2021-06-01 22:09:22 +00:00
Vincent Ambo
a69ec33aca fix(tazjin/emacs): Install rust-mode explicitly
... rather than dragging it in as some transitive dep, which actually
stopped happening.

Change-Id: I2331721839d5e53c38236f64487be0e6f1be352e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3170
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-06-01 21:30:07 +00:00
Griffin Smith
f329553763 feat(gs/home): Update discord to 0.0.15
Change-Id: I17b979217360545c52073b67c5ba878e8891a650
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3168
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-06-01 16:23:55 +00:00
Griffin Smith
7b230060a2 revert(grfn/yeren): "Set timezone to Africa/Cairo"
This reverts commit e1c45be3f5. I'm back
in NY now T.T

Change-Id: Iaae2bf778195b9a99ac1a46068703a58e6b69053
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3166
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-05-31 12:56:47 +00:00
Vincent Ambo
44a9a09ecd chore(klatre): add grfn to owners
Change-Id: Ied733a0d88568bc9ac432ea7960fa92f8b59a99a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3165
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-29 19:14:54 +00:00
sterni
8418e01a84 feat(fun/🕰️): get the time as an emoji clock face
This small tool prints the current time rounded to half-hour precision
as an emoji clock face and exists. It can use both the local time zone
and UTC. Additionally it supports a pseudo dot time format.

Via fun.🕰️.lib we reexpose the internal library which allows conversion
from LOCAL-TIME:TIMESTAMP to an emoji clock face — maybe we'll want to
integrate this into //web/panettone?

//fun/🕰️ is the spritual (and actual) successor to
<https://github.com/sternenseemann/unicode_clock>.

It likely only works in SBCL due to its heavy usage of unicode symbol
names.

Change-Id: I44204107a14f99b04b0c5290d88e8659f013f423
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3164
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-29 19:13:55 +00:00
sterni
f60d174591 feat(klatre): expose utility to format dot time offset
Turns out this is an annoying thingy you sometimes to implement
independently from formatting an entire timestamp, so we expose it for
reuse.

Change-Id: I11de2823eb03849ea78fc79e2f546e413882930f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3163
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2021-05-29 19:13:11 +00:00
Vincent Ambo
b36a75a223 fix(wigglydonke.rs): Don't rebuild nginx config unnecessarily
This fix is essentially the same as the one in cl/1263.

Change-Id: I27be280a610914fcfbb6d7fee7aebaa56b993812
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3158
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-05-25 17:10:50 +00:00
Vincent Ambo
65be8f20e0 chore(nixpkgs): Bump channels to 2021-05-25
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides

* ops: make new isSystemUser || isNormalUser assertion happy

* users/grfn/system/system/mugwump: make buildkite agents system users

* users/tazjin/nixos/camden: set isSystemUser = true for git

* users/tazjin/emacs: Remove missing & broken packages

* third_party/openldap: remove, as the argon2 module is now enabled upstream

* third_party/gerrit_plugins: Pinned new unstable hashes

* third_party/nix, third_party/grpc: Disabled CI as these are broken

* third_party/overlays/emacs: Bumped version to stay in sync with channel

* third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib,
  since libclang's default output no longer contains libclang.so

* users/grfn/system/home: Install julia-stable instead of julia (which
  aliases to julia-lts), as the latter depends on an insecure version of
  libgit

Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-25 17:09:28 +00:00
Griffin Smith
fb36bc321b feat(gs/home): Add script to graphviz the clipboard
Add a script (to PATH, so I can launch it from rofi) to take whatever's
in the clipboard, pass it through `dot -Tpng`, and then open the result
with feh.

Change-Id: I1842fca3585a33d902da20dfa6101d1c6d2f2062
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3160
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-05-25 11:19:41 +00:00
Vincent Ambo
878957d2f6 chore(whitby): Add ZNC state to Restic backups
Until we have declarative ZNC config (which requires a solution for
secrets handling in it), make sure we back this up as well.

Change-Id: Idb186327da171eb6d3dbbd83801639f1f9321a40
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3159
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-25 08:15:19 +00:00
Vincent Ambo
46b136c22e fix(tvl-slapd): Replace deprecated OpenLDAP module options
Use the new module settings which apply configuration in cn=config
instead of slapd.conf.

The module performed this update via lib.mkChangedModuleOption, I've
applied the transformations contained therein manually. Note that some
of the settings were already in place, which means that the `suffix`
and `database` options seemingly disappear into the void.

Fixes b/105.

Change-Id: I8a968c1eb8cb7827618cb732cdb46006a5d011f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3157
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-24 22:52:59 +00:00
Vincent Ambo
4a89bcd6a5 refactor(ops/nixos): Pass depot as a special argument
This changes the evaluation order for the `depot` argument and ensures
it is partially evaluated before the module system starts resolving
imports.

This way we can import modules from `depot.path` without `depot`
having to come from readTree.

Fixes b/129.

Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 21:48:37 +00:00
Cynthia Revström
0491fb24bf fix(atward): Update link to use at.tvl.fyi
The link for atward's source code was using atward.tvl.fyi,
this makes the cs cookie (if set) for at.tvl.fyi not work.

Change-Id: I644f0341ecaf2caea0b71a950686579dfd18d092
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3155
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-24 20:34:07 +00:00
Cynthia Revström
ab7c409530 chore(ops/users): Update email address for cynthia
Change-Id: Ieb59d9215c5c1159113375dea0dd96d3d29e1303
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3154
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2021-05-24 20:22:53 +00:00
Klemens Nanni
a26c4a1c77 fix(ops/users): Rehash password for kn
This time using `tools.hash-password` because login did not work with the
initially created hash.

Change-Id: I1eb62a496d2d8497d27573af47bf8bf70dac9bbb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3153
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2021-05-24 18:31:10 +00:00
Vincent Ambo
3c7d4c74be chore(3p/overlays): Remove LLVM11 bump from overlay
* This was mostly for //third_party/nix and its dependencies which now
  have been set to use llvmPackages_11 manually.

* For //users/grfn/achilles we also manually select the newer LLVM version.

* //tools/cheddar doesn't seem to need llvm anymore.

* //third_party/buzz also compiles with clang 7.1.0

* replace clang-tools everywhere with new attribute clang-tools_11

For the future we may want to have something similar again, but it may
not be necessary to invest too much time into it: nixpkgs is set to
upgrade their default llvmPackages to LLVM 11 as well at some point in
the near future.

Co-Authored-By: sterni <sternenseemann@systemli.org>
Change-Id: Id83868dbc476a6c776b59518b856c933f30ea79d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3135
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 18:15:05 +00:00
Klemens Nanni
c420f122f3 feat(ops/users): Add kn
Change-Id: Ib615743fc57357b0de17600c9a3f400c48fd0f70
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3151
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 17:30:36 +00:00
Griffin Smith
4aa8f7d7e3 feat(dns): Add record for deploys.tvl.fyi
This will be used to serve (nix-) diffs for pending deploys of whitby

Change-Id: Ia864993b1fcb3b7ce5fcc21f32a27528a4c31f08
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3149
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-23 21:22:17 +00:00
Vincent Ambo
4b584e5259 fix(whitby): Fix irccat configuration for incorrectly named option
irccat is passing the realname option as the ident of the user, which
doesn't match what is in ZNC.

It hasn't seen any upstream commits in a long time, so I'm just
leaving this as is and fixing it locally in our config.

Change-Id: I3bf865f37b8df9c1cd891a94245ca3fad376bbe1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3150
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
2021-05-23 20:34:10 +00:00
Vincent Ambo
224c9ca0bb chore: Replace remaining mentions of ##tvl[-dev] with #tvl
... and fix the capitalisation of hackint

Change-Id: I800aef75152d2dc77a33876888e36530143e9d3e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3148
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-23 19:46:46 +00:00
Vincent Ambo
9bb8736a45 feat(whitby): Let sterni bear the wheel
Change-Id: Ib4f7dcbdc754d2fc271f501a9ea270e983a3645f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3147
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-23 19:06:15 +00:00
Vincent Ambo
6c243d40a3 fix(ops/users): Fix hash format for cschilling
Change-Id: Ib0c53e8f6bc030cbdfe31020ed9d6764bd732a62
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3146
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2021-05-23 17:53:47 +00:00
Griffin Smith
43e3355eae fix(panettone): Don't display the full before/after of issue bodies
Issue bodies tend to be very long, so displaying the full diff whenever
the issue is updated takes up a lot of visual room and is very hard to
read. Specifically for this field, this changes the display to only show
"updated the body of this issue", hiding the previous and new values.

At some point in the future, I'd love to have some CSS fun with active
anchor links to have an "expanded" view that *does* display the previous
and new value, but for now this should be fine - the data isn't gone,
after all!

Fixes: b/111
Change-Id: I0188540188729142e0b9205ff5cc9ea576c4edb6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3142
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-23 14:46:03 +00:00
Griffin Smith
a7d07e1a8a fix(panettone): Fix username display on issue events
7aebba7, which added anchor links to comments, also incorrectly added
only the *key* for the `:id` attribute to the `li` element for
issue *events*, swallowing up the next form (which happened to be the
username) as the value. this adds a *proper* value for the `:id`
attribute, bringing back the actual display of the username.

Fixes: b/97
Change-Id: I33ee628ddfd4a291e069980512fcc5f74014aac4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3141
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-23 14:41:15 +00:00
Griffin Smith
ba6bee80fb fix(panettone): Fix handling of issue-not-found
The accessor function to get the ID of the `model:issue-not-found`
condition is `not-found-id`, not `id`! Also, add a missing space to the
title.

Fixes: b/127
Change-Id: I91c71feaf1fe877e6a14453a9e75cf27d56fee31
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3140
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2021-05-23 14:16:58 +00:00
Vincent Ambo
797212077d fix(hash-password): Ensure OpenLDAP with correct module is used
This is fixed in upstream nixpkgs, but we're not yet at a commit where
it's used, so it's important to use the OpenLDAP from //third_party

Change-Id: I7c033cd23f45a95c4a4af864ffe561c496833a0d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3143
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-23 13:58:10 +00:00
sterni
c8dff5fc5f feat(ops/users): Add cschilling to users
Change-Id: I8afc23c749a5318d7c2ce893903980112ff13c12
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3137
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2021-05-23 12:41:09 +00:00
Griffin Smith
75f19a05a1 feat(whitby): Enable fail2ban
I like running fail2ban on any machine that has stuff like ssh
world-open, to limit the potential for password brute-force attacks etc.

Change-Id: I0c60811ae5a2fddb44f04679fb455e646b8e39c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3138
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-23 12:40:00 +00:00
Vincent Ambo
780bb86eff chore: Replace Freenode mentions with HackInt
This doesn't replace all of them in the repo, but at least the ones
that are relevant to our move.

Change-Id: I842e7594b4c16af30d880272417874f6b29afd22
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3134
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 21:37:13 +00:00
Vincent Ambo
1fa76e7719 feat(tverskoy): Add mail fetching timer for lieer
Change-Id: I60b09d2c81c3c69f744a12adc41fbdc43d0fb488
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3133
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-22 20:58:47 +00:00
Vincent Ambo
4a807040a2 refactor(tazjin/emacs): Switch to sending mail via lieer
This drops the msmtp requirement from my configuration; there's still
some cleanup to be done but I need to double-check this in a few
environments first.

Change-Id: I298f4ff77b45cb214fbccee84e9bbd861508d11a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3132
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-22 20:58:47 +00:00
Vincent Ambo
687f978b1c feat(ops/owothia): Add owothia module and deploy on whitby
This configures owothia to use her new bouncer to HackInt.

Change-Id: I80eb8191c2b0f2a6f8a31d19b60250ade27c1913
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3129
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 19:40:45 +00:00
Vincent Ambo
7fec80cb58 feat(3p/litestream): Add derivation for litestream
This is a simple Go module build for https://litestream.io/

If this ends up being useful, we should upstream this to nixpkgs.

Change-Id: I3beb64c9adb3b57fcef4e1dfb27f293a15f90a76
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3085
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 17:58:31 +00:00
Vincent Ambo
814feed0ce chore(whitby): Move clbot to HackInt
Points clbot at the new local ZNC instead. This will make it part of
the things happening through the `tvlbot` account.

Relates to b/101

Change-Id: I1c15ffa5720d3af34475c15bee3fdaa537ac659b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3127
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 17:57:32 +00:00
Vincent Ambo
a7b168ec9a feat(clbot): Add a flag to disable TLS connections
The local bouncer on whitby does not use TLS.

Change-Id: Idf9c56f94129b0ddce620eb559082a8f2f088078
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3128
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 17:54:31 +00:00
Vincent Ambo
1aad1d9beb chore(whitby): Move irccat & panettone notifications to HackInt
Change-Id: I6bd5c183d2c1c28b8c6b0201bdf22a66333d4aea
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3131
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-22 17:52:01 +00:00
multi
fd6ce088ba feat(fun/owothia): add configurable join channels.
owothia is hardcoded to join ##tvl, which is a remnant of when TVL was on
freenode, and on hackint the IRC channel is single-hash #tvl instead. Instead
of hardcoding another channel name, let's make this configurable, so we don't
need to recompile owothia for every different channel we want her in.

It's now possible to set IRC_CHANNELS in owothia's environment to '["#foo",
"#bar"]' to make her join both #foo and #bar automatically.

Additionally IRC_IDENT can now be set to configure owothia's ident,
which is required for ZNC compatibility.

Change-Id: I0fc0856f4ea35f59255b76ae0e594325f18ef993
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3130
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-22 15:10:17 +00:00
Florian Klink
48b052c1e4 feat(whitby): Add shadowsocks server
This adds a shadowsocks service, running on port 8443, tcp and udp.

The password is read from /etc/secrets/shadowsocks-secret.sec, and needs
to be populated externally.

Change-Id: I6797150db108ba14459502dee43d8e4ed6cfa910
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3125
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-22 13:28:36 +00:00
Florian Klink
cd2e889f41 feat(apereo-cas): move away from 127.0.0.1:8443
The following commit itends to bind on port 8443 on all interfaces,
so let's move this to something else.

Change-Id: Ibb94a0f4e6892b6e543b542b89bcdaaefb617f23
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3126
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-05-21 11:33:13 +00:00
Vincent Ambo
5036ae4376 feat(whitby): Initial ZNC configuration
Bouncer to be used for TVL's IRC bots, see b/101

Change-Id: Ic9f71ecd94365d3baa31e0552b1ce16362f94557
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3124
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2021-05-21 11:30:42 +00:00
Vincent Ambo
dbb011850a fix(ops/nixos): Fix typo in NIX_PATH name
Change-Id: Ic29b219ca1c536f8a99860ecdf2957a62ba95889
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3123
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2021-05-20 23:11:02 +00:00
Vincent Ambo
f748f40d0a docs: Minor updates & fixes for depot README
* update some of the project listings
* remove an invalid link to my previous Twitter account (this is from
  back before TVL was a multi-person project)

Change-Id: I049c05704d5feecc8c40718665fe98315008423f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3122
Tested-by: BuildkiteCI
Reviewed-by: cynthia <cynthia@tvl.fyi>
2021-05-19 00:10:04 +00:00
Profpatsch
952afb7da9 feat(tools): add rust-crates-advisory
We have a bunch of crates in `third_party/rust-crates`; it would be
great if we could check them for existing CVEs.

This tool does that, it takes the rust security advisory database,
parses the applicable CVEs, and cross-checks them against the actual
crate versions we list in our package database.

The dumb parser we wrote is tested against all entries in the
database, so we will notice when upstream breaks their shit.
Checking the semver stuff is easy enough with the semver crate.

If an advisory matches, it prints the whole thing and fails the build.

Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-17 23:00:57 +00:00
Profpatsch
72924facae fix(nix/writers/rust): remove args override
We can be closed world, so let’s restrict the arguments to the subset
we need for now.

The existing override was wrong, in that `// args` would use the
arguments we already added, again. So instead of deliberating about
how to make this work right in all cases, we don’t need it, we trim
it.

Change-Id: I6443a0808b8bfd5e4db939b669c6afc741954db8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3057
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-05-17 23:00:57 +00:00