Commit graph

15238 commits

Author SHA1 Message Date
Vincent Ambo
7114e72d81 feat(whitby): Enable Nix signing for the binary cache
Change-Id: I9047667cc1a40668c0c7da72c070044b91b53014
Reviewed-on: https://cl.tvl.fyi/c/depot/+/852
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-02 20:54:11 +00:00
Vincent Ambo
cabdd4aa51 fix(whitby): Explicitly set an interface for the v6 default gw
systemd gets sad otherwise and it is very difficult to console it

Change-Id: Ic6405489532c407273e5634474185f2947420b37
Reviewed-on: https://cl.tvl.fyi/c/depot/+/851
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 20:54:11 +00:00
Griffin Smith
298060dba9 feat(whitby): Add grfn
it's not glittershark because grfn is the username I have on my laptop
and I want to be able to ssh without an `@`.

Change-Id: Ie1fb6f5e12f3ac52a44680704179bd27a00a7768
Reviewed-on: https://cl.tvl.fyi/c/depot/+/850
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-02 20:28:48 +00:00
Kane York
ba98c3ba49 feat(users/riking/keys): Add expression with my SSH public keys
Change-Id: I018a5e869e5502fd62f8b8b98b2a61e8fee358ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/854
Reviewed-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
2020-07-02 20:15:51 +00:00
Luke Granger-Brown
8ad55c9095 feat(whitby): add lukegb
Change-Id: I26356632b86a64519128bc673178f1cd1b55b99b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/848
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
2020-07-02 19:33:44 +00:00
Griffin Smith
8db06970e9 chore(users/gs): Add SSH public key
I generated a new one for whitby, so it's called whitby because that's
the only thing I'm going to be using it for.

Change-Id: Ie8ebdb1e58c76e447ee3a3ea0b1b244fe000e3e4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/849
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-02 19:31:31 +00:00
Luke Granger-Brown
5822b217df chore(lukegb): add SSH pubkeys
Change-Id: Ie9fdf3e174ac2e051ec5db6f2bd225804920d3ff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/847
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 19:06:44 +00:00
Vincent Ambo
c18b0a7c57 fix(whitby): Set correct IPv6 default gateway for Hetzner env
Change-Id: Ic3d4c6ebf7c40e27a453e08295bb0f2f999c0d88
Reviewed-on: https://cl.tvl.fyi/c/depot/+/845
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 18:59:01 +00:00
Griffin Smith
2ad67392a6 feat(gs/emacs): Set compile-command in nix buffers
When visiting buffers that represent home-manager or nixos modules, set
compile-command to the relevant switch command.

Change-Id: I565e092d1e6b97eb7fee9d88211c0ee6ebb30b53
Reviewed-on: https://cl.tvl.fyi/c/depot/+/846
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-02 18:55:31 +00:00
isomer
2b4abca80f fix(clbot): s/submitted/applied/
By vote of the IRC channel.

Change-Id: I5ea965d45a7d73b0bdcae817d16eaa17e47adcbc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/861
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 18:55:30 +00:00
Vincent Ambo
62dd3fdc3c feat(nixos/whitby): Hello, World!
This adds NixOS configuration for the machine whitby.tvl.fyi.

No interesting services are configured yet, so this configuration is
quite plain.

Change-Id: I67b7c75ebd6e298719b52e6b3bd83cc3be3c45d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/843
Tested-by: BuildkiteCI
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-02 18:32:47 +00:00
Vincent Ambo
3ed1da6b24 feat(tazjin/keys): Add an expression with my SSH public keys
Change-Id: I624ce085ff18360bbd390bc570b6be2a416b9a42
Reviewed-on: https://cl.tvl.fyi/c/depot/+/842
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-02 18:32:47 +00:00
Vincent Ambo
b1f0de3fde chore(nixos/whitby): Bootstrap //ops/nixos/whitby folder
Change-Id: I7d77c3ea48b181d7b9f754ac4807ed44735a8925
Reviewed-on: https://cl.tvl.fyi/c/depot/+/841
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-02 18:32:47 +00:00
William Carroll
eb1af216cf Clear $NIX_PATH
Ensure that $NIX_PATH is empty using a .envrc file. nix.dev considers references
to <nixpkgs>, <briefcase>, <depot>, <unstable> to be an anti-pattern because it
hinders reproducibility by introducing an implicit environment.

This repository is chock-full of references to
<{nixpkgs,unstable,briefcase,depot}>, so right now everything is broken.
2020-07-02 14:39:08 +01:00
William Carroll
e4ddc3ba75 Prefer builtins.path
Thanks to the Nix anti-patterns documented here...

https://nix.dev/anti-patterns/language.html#reproducability-referencing-top-level-directory-with

...I'm cleaning up some of my Nix expressions. Read the article for more
context.
2020-07-02 13:28:59 +01:00
Kane York
2215ae98b9 chore(tvl-slapd): rotate password for riking
Change-Id: I3ec53d5223a4ff0871eed7615f11f534ed74653b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/839
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-02 06:20:04 +00:00
Kane York
a2e8615240 chore(users/riking/dotfiles): add .mybashrc
Change-Id: Ib33a0a6819b7a3285fe1130657a7b1644a84f493
Reviewed-on: https://cl.tvl.fyi/c/depot/+/837
Reviewed-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
Tested-by: BuildkiteCI
2020-07-02 06:19:56 +00:00
Kane York
66f5e9f6c3 chore(bin): fix shellcheck SC2086
Change-Id: I441c03e033289da3dcec18daf9a565ec75b7ef75
Reviewed-on: https://cl.tvl.fyi/c/depot/+/835
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-01 20:58:01 +00:00
Griffin Smith
48cb38706b fix(gs/emacs): Sometimes GH returns PRs without an author
I don't know why-- but I don't want it breaking this command.

Change-Id: I90c28cd21f3a5bc9f0155a88b50b13434fda4c5d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/838
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-01 20:56:56 +00:00
Vincent Ambo
6cedd8354a docs(REVIEWS): Update registration instructions for password hashes
Change-Id: Idb8e5259f7b2a7105219fd3a21dc4b5774c44460
Reviewed-on: https://cl.tvl.fyi/c/depot/+/836
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-07-01 20:55:48 +00:00
Vincent Ambo
7dbdd2d13e chore(tvl-slapd): Remove old password generation script
This does not work for ARGON2 hashes.

Change-Id: I1e070fa0ff17ef21632e94e6777da637deb6f54f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/834
Reviewed-by: Kane York <rikingcoding@gmail.com>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-01 20:55:48 +00:00
Vincent Ambo
29984bb6f9 feat(tools/hash-password): Add a wrapper script for slappasswd
This wrapper script correctly invokes slappasswd for generating ARGON2
hashes.

People without Nix will need to figure this out on their own.

Change-Id: I264715ba4932855b868bef70cc9102515b3d129e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/833
Tested-by: BuildkiteCI
Reviewed-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
2020-07-01 20:39:07 +00:00
Vincent Ambo
a1556d71e6 chore(tvl-slapd): Rotate my LDAP passwords and use ARGON2 hashes
Change-Id: Id1a60121e4254e7ccff77ac17fd39d0955aedc8f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/832
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Vincent Ambo
5b4ff0c393 feat(tvl-slapd): Load Argon2 password module in OpenLDAP
This makes it possible to use {ARGON2} hashes instead of the current
salted SHA hashes, which is a much better idea.

Unfortunately the nixpkgs module does not have an option for
overridding the package used, so it is overlaid into the system
package set - this causes widespread rebuilds.

This is fine for us for now, but I have opened a PR upstream to add a
package option: https://github.com/NixOS/nixpkgs/pull/91963

Change-Id: Ib4be931d88e74b91566639f8656742cf096f6cc3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/831
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Vincent Ambo
d2aaf030bd feat(3p/openldap): Enable slapd-passwd-argon2 module
This enables support for the Argon2 password hashing mechanism in
OpenLDAP. Note that we also need to configure the LDAP module to load
this, so this change is not yet sufficient for actually using Argon2
hashes.

Change-Id: I151b854b777daa924b22224a43851432a88a2760
Reviewed-on: https://cl.tvl.fyi/c/depot/+/830
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Vincent Ambo
6f5211bba8 chore(ci-builds): Move third_party builds to their own package group
... and remove a package that doesn't exist anymore (at this location)
from the nixpkgs allowlist.

Change-Id: I663c84c387fb04bb3b47448132ad768ed5352474
Reviewed-on: https://cl.tvl.fyi/c/depot/+/829
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Vincent Ambo
ff4918b343 feat(ci-builds): Include //fun/tvlbot and //fun/clbot in CI builds
Change-Id: I95daac993808ac9c3de06d20890cca108d8fa961
Reviewed-on: https://cl.tvl.fyi/c/depot/+/828
Reviewed-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
Tested-by: BuildkiteCI
2020-07-01 17:32:42 +00:00
Vincent Ambo
78bfb66a95 style(tvldb): Add blank lines between items
This makes the code slightly more readable. For users that use editors
without semantic navigation, this also makes it easier to jump around
between items in the files.

I looked into whether a rustfmt setting exists for this, but
unfortunately the answer is currently no.

Change-Id: I37b19fa6ab038c71b924c45dbc12b298e660e8cf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/827
Reviewed-by: BuildkiteCI
Reviewed-by: eta <eta@theta.eu.org>
Tested-by: BuildkiteCI
2020-07-01 17:32:42 +00:00
Vincent Ambo
03076c3977 fix(besadii): Do not pass on update values for meta refs
Before this change, besadii would skip further processing of meta refs (which happen for every CL metadata change), but it would still schedule a build by returning an update - which would then inevitably fail.

This change makes besadii skip meta refs the same way it skips non-depot builds, i.e. completely.

Move *on* from meta refs, do *not* collect $100.

Change-Id: I269d2299f4d3cb1f9c041da8c92fa00ae7794b38
Reviewed-on: https://cl.tvl.fyi/c/depot/+/825
Reviewed-by: eta <eta@theta.eu.org>
Reviewed-by: BuildkiteCI
Tested-by: BuildkiteCI
2020-07-01 16:51:50 +00:00
William Carroll
155dff562a Impl part 3/3 for Memo
Refactor the caching policy for the Memo by evicting the elements that have been
the least-recently-accessed.

Python's heapq module default to a min-heap. By storing our heap elements
as (UnixTime, a), we can guarantee that when we call heappop, we will get the
element with the lowest UnixTime value in heap (i.e. the oldest). When we call
heappush, we use (time.time(), key) and these values -- by having the largest
UnixTime, will propogate to the bottom of the min-heap.
2020-07-01 15:13:56 +01:00
William Carroll
a8b3a2d3c0 Support part 2/3 for the Memo problem
Bound the size of the memo by creating a BoundedQueue. Whenever we add elements
to the BoundedQueue, we remove the oldest elements. We use the BoundedQueue to
control the size of our dictionary that we're using to store our key-value pairs.
2020-07-01 14:59:49 +01:00
William Carroll
ec7c8516f7 Implement part 1/3 for "Memo"
After hearing from a Jane Street recruiter, I decided to dust off some of the
DS&As knowledge. I found this article online, which outlines an example problem
called "Memo":

https://blog.janestreet.com/what-a-jane-street-dev-interview-is-like/

Here's part 1 of the solution in Python.
2020-07-01 14:40:40 +01:00
Vincent Ambo
c0f07e142e chore(tazjin): Remove nugget system definition
This host is deprecated.

Change-Id: Ibbf1e300ae8b136bb3ce3669864045e6ea7eff23
Reviewed-on: https://cl.tvl.fyi/c/depot/+/826
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-01 13:16:32 +00:00
William Carroll
011f7aeaec Convert grocery list to an .org file
Ensure that the export.hs script refers to the .org file.
2020-07-01 10:45:28 +01:00
William Carroll
ee1aeee5f8 Complete exercises for Reader and State chapters
It's beautiful how State is just Reader that returns a tuple of (a, r) instead
of just a, allowing you to modify the environment (i.e. state).

```haskell
newtype Reader r a = Reader { runReader :: r -> a }
newtype State s a = State { runState :: s -> (a, s) }
```
2020-07-01 10:42:57 +01:00
William Carroll
c4fe3c92c7 Create a .ghci for this directory
I would've created on at $HOME/.ghci, but I don't need that yet, and I didn't
want to bother with home-manager.
2020-07-01 10:38:56 +01:00
William Carroll
d820898de5 Complete exercises from Traversable chapter
I feel much more comfortable using `traverse` and `sequenceA`. I even used both
of them in the Haskell program that I wrote at work to export a trix.
2020-07-01 10:37:54 +01:00
Vincent Ambo
feb3f1a374 feat(nixos/clbot): Add a module for running clbot
Change-Id: I9c10906441c3222b74bcc820a67f11d96462fcfa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/821
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: BuildkiteCI
2020-06-30 23:39:48 +00:00
Cameron Kingsbury
7839b7b7a3 feat(tvl-slapd): update camsbury in slapd
Change-Id: Idce92352ad01f85bd7fbb102decdd1df26dda5f4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/823
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-06-30 23:34:04 +00:00
Vincent Ambo
1eb8067bb0 fix(nixos/smtprelay): Only enable if the user asks for it
Change-Id: Ifbdf9bf9e89a1da68e8c823f61a33275183afcb1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/822
Reviewed-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2020-06-30 23:32:45 +00:00
William Carroll
82b40e8d37 Now removing "Closed"
At this point, I'm starting to lose interest.
2020-06-30 23:22:13 +01:00
William Carroll
7e6daaf21a Prefer "Closed" authMode
Setting `authMode = "Registered"` prevents me from running the `register
<password>` command from inside of `bitlbee`, which I *believe* I need to
run...
2020-06-30 23:12:18 +01:00
Griffin Smith
46d4a73e34 feat(gs/emacs): Bind M m to notmuch/compose
Change-Id: Ic6945b0508134904fbe435ac3049dbb40b8f7d21
Reviewed-on: https://cl.tvl.fyi/c/depot/+/805
Reviewed-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-06-30 22:09:35 +00:00
William Carroll
fa4eb2c61b Remove auth from Bitlbee
I'm having trouble getting PAM auth to work, so I'm temporarily disabling it.

TIL that I can use the following to verify that PAM is properly setup for a
program (e.g. `bitlbee`).

```
pamtester -v bitlbee $(whoami) authenticate
```

...but despite this succeeding, I still cannot use the `identify` command in
`bitlbee` to successfully authenticate. It just tells me "Incorrect password"
even though I'm providing it the same password that I type when doing the
`pamtester` command from above.

Computers!
2020-06-30 23:02:57 +01:00
Vincent Ambo
ec8e5c304b chore(ci-builds): Build users.tazjin.finito in CI
Change-Id: I96bb33e76b373795d8cc5a4a2c7a1f9f49179a36
Reviewed-on: https://cl.tvl.fyi/c/depot/+/804
Reviewed-by: BuildkiteCI
Reviewed-by: ericvolp12 <ericvolp12@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-06-30 21:36:57 +00:00
William Carroll
a276eddf54 Add auth to bitlbee
Use Linux's PAM for Bitlbee's auth.
2020-06-30 20:01:01 +01:00
William Carroll
6cb921739d Support bitlbee + stunnel
TLS support for bitlbee...
2020-06-30 19:53:10 +01:00
William Carroll
58dc543a7b Open :6667
Attempt to access Bitlbee from IRCCloud.com client...
2020-06-30 18:59:43 +01:00
William Carroll
4d577bd8a9 Support bitlbee
I'm still not entirely sure what bitlbee does, but I know this: I want as many
messengers in the same place as possible: IRC, Slack, Telegram. @tazjin tells me
that Bitlbee will help me get to the promised land. This is hopefully one step
of many in that direction.
2020-06-30 17:55:11 +01:00
Vincent Ambo
37fdd5ae8b chore(tazjin/finito): Add build configuration
Adds a Naersk-based build to check that this compiles, with a Lockfile
based on the ~2018 crate versions.

Change-Id: I0460a476d3b983fcf71e35e6b480f4a526118b58
Reviewed-on: https://cl.tvl.fyi/c/depot/+/803
Reviewed-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-06-30 04:14:27 +00:00