Changes the restic backup service to run as root, rather than git, and
include the PostgreSQL dumps in its scope.
The on-machine credentials have already been placed in the right
location in /var/backup/restic
Fixes: 27
Change-Id: Iae76357442f07596a2297ce7b6d51aae392d2074
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1541
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
The prior use of gc_allocator meant that the btree nodes themselves were being collected. Additionally, have Attr (contains a Value) and Bindings explicitly inherit from gc, even though Bindings is always allocated under `new (GC)`.
Detected by running under GC_ENABLE_INCREMENTAL=1.
Change-Id: Iacf13b34b5aa12e417ea87c9b46e2bf9199fdb26
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1544
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
Implement the RPC client calls for QueryPathFromHashPart,
QuerySubstitutablePaths, and QuerySubstitutablePathInfos, and the
handler for QuerySubstitutablePathInfos.
Refs: #29
Change-Id: Idf383b771f159f267d8f65367bc4af3d239e32b7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1515
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
External values are only useful when using the plugin framework, which we are not interested in carrying forward.
Reverts commit 320659b0cd
Change-Id: Ib4929c349bbb33f16224fc674e94c7b7d5953c6a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1505
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
This eliminates the value-smuggling that would trip up the GC.
Change-Id: I8057df78cf0bf6bea9faf1b44233aa9820ae44f5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1504
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Add two more garbage-collection flags. Annotate how terrible tExternal is. Prepare to fix the smuggle casting in ExprWith. Add a static_cast.
Change-Id: I20f980abc8cb192e094f539185900a6df5457c29
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1503
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
... daily is just the default cron pattern for this, but we might also
want this to happen more frequently. Not sure yet.
Change-Id: I4e433fefebd93488891e765b5842fdb6537e3c6d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1518
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
I don't know what I was smoking.
Change-Id: I650777bbbd24a1922f26967fbbd7da06d14b6781
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1514
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
rather than using nix-shell each time ...
Change-Id: If84a84bca4ed892d0d38c5dcfc23a073cbb89e64
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1512
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Implement the proto handler for AddToStore, which adds a nix path to the
store. This is implemented by adding a new (probably
soon-to-be-generalized) Source concretion that wraps a grpc ServerReader
for the stream of data we're receiving from the client - this is less
than ideal, as it's perpetuating the source/sink thing that's going on
and storing entire nars in memory, but is at the very worst an
incremental step towards a functioning nix that we can refactor in the
future.
Paired-With: Perry Lorier <isomer@tvl.fyi>
Paired-With: Vincent Ambo <mail@tazj.in>
Change-Id: I48db734e7460a47aee4a85dd5137b690980859e3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1441
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
Events - which are interleaved with comments - don't have bodies, so
they can't be converted to markdown.
Change-Id: Iba818b95dab59cae5a08c8b4eca94955e11e584b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1509
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
The use of `unwrap_throw` can be used as a later grep target.
Change-Id: I8c54ed90c4289f07aecb8a1393dd10204c8bce4e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1493
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Fixup for CL 1492 (addcba11b0)
Additionally, add a test to verify functionality of HashSink.
Change-Id: I2a74b925a1b93ed4d3add29021d759c93e813424
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1507
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Use the new cheddar markdown endpoint to render issue bodies and comment
bodies as JSON. I've checked, and this *also* appears to be XSS
safe (yay)
Change-Id: Ib4b19fd581b0cf40ba03f5d13443535d17df6632
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1500
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Display the history of an issue (which currently is just opening and
closing) inline with the issue's comments on the issue show page
Change-Id: Id167bceef765cb4c24e86983d1dcd6624d0e5956
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1497
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Log in the database, in a way that will generalize to tracking edit
history as well, when users change the status of an issue. To facilitate
easily knowing who is currently authenticated (without introducing a
circular dependency) the authentication-relaated code has also been
factored out into its own package, which is nice because we want to
replace that sooner rather than later anyway.
Fixes: #13
Change-Id: I65a544fab660ed1c295ee8f6b293e0d4945a8203
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1496
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Even if the user fails to log in, maintain the original-uri param if
present, so that if they eventually succeed at logging in they still get
where they were originally trying to get.
Change-Id: I2faa5eced002ab899c803cf19095cea76897d92d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1499
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Add an original-uri query param to the target of the Log In link
pointing at the current URL, so that when the user eventually
successfully logs in they are redirected to the page they were
originally on
Fixes: #21
Change-Id: I75ed7b75fa00b1b09c8b26bf4dcf5bc6b6d7f53a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1498
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Now that we've migrated over all the data to postgresql, we can get rid
of cl-prevalence as a dependency from Panettone along with all code that
mentions it.
Change-Id: I945f50a88fea5770aac5b4a058342b8269c0bea2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1495
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Additionally, add IsValidBase16() to restore the behavior of rejecting invalid base16, which absl's HexStringToBytes does not do.
Change-Id: I777a36f5dc787aa54a2aa316d6728f68da129768
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1484
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
It appears this didn't even *work* without a password, so we've been
forced into being more secure.
Change-Id: I4ff9d04961a703a85299dafb79e8447b0a933fc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1491
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
I have been. Very tired.
Change-Id: Iab9d21e53630be092080cc73196da90534b06553
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1490
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This is how panettone is currently connecting, so this needs to be here
in order for it to work. Shortly I'll update all of this to use
passwords, but for now this gets things up and running again
Change-Id: If87f4dbce0800dcbc4f7bf10e88f3e591410b416
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1488
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Switch from cl-prevalence to postgres (via postmodern) as the storage
backend for panettone. The first time the application starts up after
this commit, it will (idempotently) initialize the db schema and migrate
over all data from the prevalence snapshot to the database - the plan is
then to get rid of the prevalence classes and dependency once that's
deployed.
Change-Id: I4f35707efead67d8854f1c224ef67f8471620453
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1467
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
Say ~my~ its name!
Change-Id: I7890318aef984af0f6bc011de32282f16e01cbb3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1483
Tested-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
Create a running Postgres database server along with a user and database
for Panettone, and pass configuration for it to the panettone module
Change-Id: I333994288131be328e62069382d6d40f8034c400
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1466
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Add support for explicitly specifying tests as part of a buildLisp
program or library.
Change-Id: I733213c1618f0fa60f645465560bce0522641efd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1481
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
The Gerrit Checks plugin adds a new tab to the Gerrit UI, which is
intended for display of status of automated checks which are being run.
We can use this for e.g. reporting the run status of our CI builds/other
stuff.
Change-Id: Ib0d9a8ae68061a76191a56d467d915100b766e1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1462
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
This looks particularly obnoxious for the owners plugin, because it's
actually two plugins with a common library in the same repo. Other
plugins are much cleaner to deal with (hence the default for
overlayPluginCmd).
Change-Id: Ibb9588c8a29b63e8509436fcbb70054e89349712
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1461
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
This was already happening for libraries, but not for programs - as a
result, programs built with libraries that contained unicode (eg
cl-unicode, uax-15, ...) would fail to build due to character encoding
issues when loading the FASLs.
Change-Id: I66149b585e85b213d0c026153140a1925536bd29
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1469
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Add a docker-compose file and lorri-based direnv for aiding in
running and connecting to a postgres database during development of
panettone.
Change-Id: I319eee52b52cd48e1f3d2e32c558989768dc19d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1465
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
The default hunchentoot behavior is to log all local variables when
logging lisp backtraces - this is nice for debugging, but means that if
we hit an error when checking for auth with the ldap server we log the
password provided by the user. No good! Let's just turn off logging of
backtraces for now.
Change-Id: Ibc4242e3e0f974ac53fffc482d3724b0547425ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1471
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
Add ironclad, a common lisp library for cryptography. This is a huge
library with a lot of moving parts - probably most notable here is that
I've had to turn off compiling with `:ironclad-assembly`, as it was
causing an infinite loop in the compiler due to
https://github.com/sharplispers/ironclad/blob/master/src/opt/sbcl/cpu-features.lisp#L9-L10,
a mutually self-recursive function that looks like:
(defun aes-ni-support-p ()
(aes-ni-support-p))
Without knowing much about how sbcl handles native-compiled assembly, it
seems like this definition should actually be skipped entirely, due to
it being defined as a `defknown` in `fndb.lisp`:
(defknown ironclad::aes-ni-support-p
()
(boolean)
(any)
:overwrite-fndb-silently t)
But something about how we're compiling things was causing that not to
happen, and the infinite recursion caused the compiler to hang. This
should be fixed at some point, but given I only need this library as a
transitive dependency down a level I'm not going to attempt to do so now.
Change-Id: Id768717991404f959b003c7e2f28f1f4d532b94b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1333
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>