This will be useful for things like panettone, pending a NixOS module
for oauth2-proxy (the upstream one is too complicated and doesn't
support what we need).
Change-Id: I4ca193e10a94a29b1fb9003e945896ff8eb61116
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4662
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: tazjin <mail@tazj.in>
Verified emails are required for some things, like e.g. oauth2_proxy
Change-Id: Ifb124be40d6d2863cd1b7ed5fbdfcf4827e8808c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4661
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
This is still missing most of the client configuration etc., in part
due to bugs in the provider which are preventing resource imports.
Change-Id: Ic224ffc001f8e1fe6dcd47b7d002580fdf7b0774
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4628
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
`terraform fmt` can only handle a single path, but treefmt expects
formatters to be able to handle multiple paths at once.
this wraps it in a small shell script that calls `terraform fmt` with
at most one path at a time.
Change-Id: I2b9c1b89b5a276f3d4915b95608ce36b2509e334
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4639
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
WIP: currently just a simple setup that creates an empty git repo if
it doesn’t exist yet, and writes a commit to it.
A simple database backed by a bare git repository.
WIP: Will speak a simple interactive protocol to query files and
update them atomically.
It could be made atomic on the git repo level, if a lock is taken
between reading the current commit ref and creating the commit.
Change-Id: I1fd30a046ac977063c3e08c36d96e835b35ff07d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3046
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Also make rust-crates into a rec argument for now, which is simpler.
Change-Id: Ie443f72d9633614f0ffa0c43aac1785e8577b0ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3045
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
It's difficult to know whether or not I need this. When I run the following
commands...
```
wpcarro@diogenes> nmap localhost
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
wpcarro@diogenes> nmap wpcarro.dev
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
3389/tcp closed ms-wbt-server
```
...neither localhost nor wpcarro.dev reports 6698 being open even though 6698 is
configured to be open in both:
- diogenes/default.nix
- GCP console
Right now, quasselcore is WAI, so I don't want to invest more time into closing
this loop.
Change-Id: I3d68fd901314aa7d364abf9381dff101411e6d15
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4629
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
Note that the login.tvl.fyi WWW configuration is still kind of hanging
around until we've settled where Keycloak lives.
Change-Id: Iaca4e394a7371cafa3716ca66ef09c4eca5b1520
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4626
Autosubmit: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Rather than loading as the user types for the signup form, start the
page with the full list of attendees already loaded and filter that list
as the user types. There are never going to be more than 50 attendees,
so there's no perf cost here, and it's nice to have the list to scroll
through in the frontend.
Change-Id: Iba69b101856756801183979b9384503520b6701f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4624
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
* 3p/lisp/closer-mop: closer-mop no longer builds with ECL (see linked
issue), so let's mark it as broken for now.
Change-Id: I97c29d718682cec4ecc682ff1593d0ce9aca0010
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4607
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Gerrit has OAuth2 and email related secrets which now live in agenix
instead of a random file on disk.
Change-Id: I6220fbb7a2e2ec0102a900b4bcf6150b8b4d32ef
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4612
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Trialing this as an alternative to CAS that is a little easier to
configure and can help us delegate authentication to other OIDC
services.
Change-Id: Iad63724d349334910af8fed0b148e4ba428f796b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4608
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
...so that they can be properly tracked 🤓
Change-Id: I1e33bd5f0e0a114ef441a5f3f61f387b7afd8708
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4611
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
1. This is spamming my Emacs's *Warnings* buffer on init.
2. I recall this being buggy.
3. I'm not doing active Haskell development at the moment.
4. I'd prefer code-intelligence efforts be put into SourceGraph.
Change-Id: I57ba28ec0b2fa3607cd67261a90d134107166c47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4610
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
I couldn't get services.localtime to behave, but services.tzupdate WAIs. As long
as I have internet, my timezone on this laptop should synchronize with my
location.
Change-Id: Ie2fd0e742e080fb7d6dd1adcc87c9fd22eae032d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4609
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
DRY things up with this mixin.
Change-Id: I5791a50b01902734dff91d391e1aa90a21ce4fbb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4600
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
I should be doing most of my remote file editing using Emacs and Tramp, but
sometimes a CLI command triggers the EDITOR, which is `nano` by default. I can
control `vim` better than I can control `nano` within a vterm session, so I'm
trying this configuration for now.
Change-Id: I2023beadfe05a957bc5ddd6e6793a891521f301d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4599
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
previously, depot-scanner swallowed/ignored all non-processed
stderr output of nix-instantiate, which makes diagnosing
failures of nix-instantiate (e.g. failed with exit status 1)
difficult. This commit fixes that by always forwarding
the remaining stderr messages.
Example previous error message:
panic: nix-instantiate failed: exit status 1
goroutine 1 [running]:
main.main()
/nix/store/8vb2j13bd7j5ipl7dhsnwvgr7nrrsqsi-main.go:160 +0xeb4
Example new error message:
nix-inst> error: unrecognised flag '--trace-file-access'
nix-inst> Try '/run/current-system/sw/bin/nix-instantiate --help' for more information.
panic: nix-instantiate failed: exit status 1
goroutine 1 [running]:
main.main()
/nix/store/qy7v79a3harddirzmc0432vbzqhyf91i-main.go:165 +0xeb4
Change-Id: I666f3490fc648f77a5384b95edd74f6115f7920d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4553
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
This also changes the fuzzing infrastructure from proptest to cargo-fuzz,
and this lead to the discovery of two mishandlings of edge-cases:
* when a "path_to_store" is at the end of the input, it tried to access
the input slice out-of-bounds (the `just_store` test covers that now)
* non-ASCII characters lead to an out-of-bounds access in HalfBytesMask
(the `non_ascii` test covers that now)
Change-Id: Icaa2518dcd93e1789a2c0da4cf0fec46016d3bad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4604
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
This crate implements the scanner for finding references to store
paths in uncompressed binary blobs and text files.
It is currently a minimally working prototype and
it is probably a good idea to polish the interface further.
Change-Id: I8406f9d52d254fc3d660ea2b9bc9b7841cc815ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4596
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
This is the result of `evil-indent` going wrong.
Change-Id: I8d68bcb790da03b974d478760bf1224b38d56249
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4594
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
Hopefully this installs the KBDs for fzf, which is already installed.
Change-Id: Ice7555c45d38e2e07f9fb16d3ddfc5b971c93cf6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4593
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
DRYing up some of my configuration.
Change-Id: I137692789426efc6a6c6880029e605813674fdbe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4592
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
I use `python3` REPL as a calculator most often.
Side note: I don't have a clear model of which binaries belong in NixOS
configurations and which belong in my Emacs configuration. Here's a sketch of
what I'm thinking:
- shared (wpcarro's coreutils for fzf, ripgrep, git, etc)
- marcus
- diogenes
- wpcarros-emacs (see footnote)
Footnote: It might be redundant to install wpcarro's coreutils in Emacs on NixOS
environments, but I install wpcarros-emacs in non-NixOS environments, so I
depend on them there.
Change-Id: Ib2b87c8e4e04d167ccbf837e0f85606cbf272828
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4591
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI