c2e43a4e65
allow fact-only secrets
2024-03-13 11:08:36 +01:00
5d5f504013
enable: spice-vdagent if xserver is enable
2024-03-12 16:00:54 +00:00
0481746198
drop meshnamed from repository
...
checks / check-links (pull_request) Successful in 21s
checks / checks-impure (pull_request) Successful in 1m55s
checks / checks (pull_request) Successful in 2m47s
It's not super useful and we can always add it back later if we need it.
2024-03-06 10:02:21 +01:00
603893872e
secrets: fix typo
checks / check-links (pull_request) Successful in 22s
checks / checks-impure (pull_request) Successful in 1m52s
checks / checks (pull_request) Successful in 2m22s
2024-03-05 11:59:55 +01:00
a1dcddf9b4
clan-cli: add interactive secrets/fact generation
2024-03-03 04:06:18 +01:00
f500aee786
clanCore secrets: rename toplevel secret to service
2024-03-02 11:43:20 +01:00
4cfd580447
outputs: pass secretsData directly
2024-03-02 11:43:20 +01:00
57e9b27ff8
add option to set defaultGroups for secrets
2024-02-16 17:26:20 +01:00
6871b29d15
vms: use vm fact/secret-store
checks-impure / test (pull_request) Successful in 1m56s
checks / test (pull_request) Successful in 2m17s
2024-02-15 10:41:25 +01:00
98139ac48d
add factsStore modules
2024-02-15 10:41:25 +01:00
7cab50c088
optimize filesystem mount flags
...
checks-impure / test (pull_request) Successful in 2m8s
checks / test (pull_request) Successful in 2m41s
perf!
2024-02-14 13:01:47 +01:00
7a3fcd3deb
vms: enable sysusers
checks-impure / test (pull_request) Successful in 1m49s
checks / test (pull_request) Successful in 2m17s
2024-02-13 14:14:54 +01:00
952f976ea7
fix virtiofsd in CIs
checks-impure / test (pull_request) Successful in 1m41s
checks / test (pull_request) Successful in 2m40s
2024-02-13 13:57:52 +01:00
11ac50c17b
format rootfs in vm itself
2024-02-13 11:45:42 +01:00
07caab537f
drop unused mounts
2024-02-13 11:45:42 +01:00
a56dc3bf8c
simplify vmstate directory
2024-02-13 11:45:42 +01:00
d6b3e03d70
vms: integrate virtiofsd
2024-02-13 11:44:17 +01:00
02dd132e08
vms: init graceful shutdown for GUI
...
checks-impure / test (pull_request) Successful in 1m43s
checks / test (pull_request) Successful in 2m44s
- add python modules for qemu protocols: QMP (hardware interactions) and QGA (guest service interaction)
- refactor state directory: remove name from path (already contains url)
- add impure vm test for basic qmp interaction
- simplify existing vm persistance test (factor out shared code)
- integrate graceful shutdown into GUI
the GUI integration still needs to be improved later:
- add fallback in case system doesn't react to powerdown button
- shutdown GUI switch fails if VM hasn't been started yet, and then remains in a wrong position
2024-02-09 19:55:18 +07:00
67d264263c
nixosModules zerotier: remove unneeded default
checks-impure / test (pull_request) Successful in 1m36s
checks / test (pull_request) Successful in 2m40s
2024-02-07 05:26:01 +01:00
b780754621
clan-cli: add simple flash command
2024-02-07 05:26:01 +01:00
6fe6229498
add requireExplicitUpdate option for mobile devices
checks-impure / test (pull_request) Successful in 1m46s
checks / test (pull_request) Successful in 3m1s
2024-02-06 17:55:34 +01:00
ad1a87fc14
move checks if targetHost/buildHost is set to cli
checks-impure / test (pull_request) Successful in 1m39s
checks / test (pull_request) Successful in 2m45s
2024-02-06 14:51:44 +01:00
4d18ce2366
Merge pull request 'cli,nix: Add machine_icon, machine_description to vm' ( #812 ) from Qubasa-main into main
checks-impure / test (push) Successful in 1m37s
checks / test (push) Successful in 2m16s
2024-02-06 12:29:32 +00:00
21443d0647
cli,nix: Add machine_icon, machine_description
checks-impure / test (pull_request) Successful in 1m48s
checks / test (pull_request) Successful in 3m0s
2024-02-06 19:25:34 +07:00
923696c21c
clanCore: fix deploymentAddress -> targetHost alias
checks-impure / test (pull_request) Successful in 1m46s
checks / test (pull_request) Successful in 2m27s
2024-02-06 10:55:07 +01:00
b3815527a5
Added machineIcon and machineDescription to buildClan
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 2m17s
2024-02-05 14:18:40 +07:00
a2eb6f219d
nixosModules zerotier: fix type of dns
checks-impure / test (pull_request) Successful in 1m38s
checks / test (pull_request) Successful in 2m21s
2024-02-05 02:31:14 +01:00
b39fda8d85
clanCore zerotier: set default values in config for merging
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 2m18s
2024-02-03 09:26:04 +01:00
a52f1e3594
clanCore zerotier: add settings option
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 2m16s
2024-02-03 04:48:54 +01:00
3538cf2e46
rename deployment address to target address
...
checks-impure / test (pull_request) Successful in 1m35s
checks / test (pull_request) Successful in 2m43s
This is a prepares having a build server for deployment
2024-02-02 16:39:29 +07:00
86b248d457
zerotier generate: retry if port allocation fails
checks-impure / test (pull_request) Successful in 1m35s
checks / test (pull_request) Successful in 2m17s
2024-02-01 10:11:30 +01:00
93874705fe
zerotier generate: kill process group
checks-impure / test (pull_request) Successful in 1m35s
checks / test (pull_request) Successful in 2m16s
2024-02-01 10:01:28 +01:00
533012af7d
vms: rename wayland attrs to waypipe
...
checks / test (pull_request) Successful in 1m2s
checks-impure / test (pull_request) Successful in 1m34s
And remove the options from the cli interface.
2024-02-01 10:14:36 +07:00
f89c9b00dd
vms: wayland attr specified in configuration
checks-impure / test (pull_request) Successful in 1m32s
checks / test (pull_request) Successful in 2m43s
2024-02-01 09:00:43 +07:00
59fa63eba9
Reapply "vm-state: fix and improve testing"
...
checks-impure / test (pull_request) Successful in 1m39s
checks / test (pull_request) Successful in 2m40s
This reverts commit 99092f6e76
2024-01-31 11:02:16 +07:00
0dbfe52d62
secrets: add sandbox user
2024-01-30 12:11:05 +01:00
99092f6e76
Revert "vm-state: fix and improve testing"
...
checks-impure / test (pull_request) Successful in 1m37s
checks / test (pull_request) Successful in 3m23s
This reverts commit 6adc68a354
2024-01-29 15:16:10 +07:00
6adc68a354
vm-state: fix and improve testing
...
checks-impure / test (pull_request) Successful in 1m34s
checks / test (pull_request) Successful in 3m6s
checks / test (push) Successful in 30s
checks-impure / test (push) Successful in 1m27s
Also adds qemu qga protocol implementation to execute commands
2024-01-26 19:41:05 +07:00
a3ef8ce832
Merge pull request 'clan-cli secrets: add secret_store as python class' ( #733 ) from lassulus-HEAD into main
checks-impure / test (push) Successful in 1m20s
checks / test (push) Successful in 2m14s
2024-01-24 14:52:14 +00:00
ce5e6bfd10
secret generators: run with set -efu -o pipefail
2024-01-24 15:49:12 +01:00
aee0ee4d5e
move secret stores into clan_cli codebase
2024-01-24 15:49:12 +01:00
f0895d5e3e
fix zerotier in vms
checks-impure / test (pull_request) Successful in 1m14s
checks / test (pull_request) Successful in 2m18s
2024-01-23 19:43:42 +01:00
8338944062
move python code in nixos Module to external file
2024-01-23 15:04:40 +01:00
09887037f5
WIP: clan-cli secrets: add secret_store as python class
2024-01-23 15:04:40 +01:00
bd5ad0dc31
Merge pull request 'disable state home for now' ( #740 ) from Mic92-main into main
checks-impure / test (push) Successful in 1m21s
checks / test (push) Successful in 2m39s
2024-01-17 10:03:48 +00:00
776b238d9c
disable state home for now
checks-impure / test (pull_request) Successful in 1m31s
checks / test (pull_request) Successful in 2m42s
2024-01-17 10:59:01 +01:00
0b291c656f
Merge pull request 'state.nix: improve docs' ( #732 ) from DavHau-main into main
checks / test (push) Successful in 29s
checks-impure / test (push) Successful in 1m18s
2024-01-17 06:51:55 +00:00
98e1c629c3
clanModules: disable nixos manual by default
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 2m30s
2024-01-16 15:14:16 +01:00
c944fe8b48
state.nix: improve docs
checks-impure / test (pull_request) Successful in 1m26s
checks / test (pull_request) Successful in 2m9s
2024-01-15 16:03:47 +07:00
876ffab3b1
add option to orbit moons
checks / test (pull_request) Successful in 28s
checks-impure / test (pull_request) Successful in 1m16s
2024-01-12 18:31:18 +01:00
b1bb887dbf
zerotier: add support for moons
checks-impure / test (pull_request) Successful in 1m20s
checks / test (pull_request) Successful in 2m15s
2024-01-12 18:26:00 +01:00
e941334ecf
zerotier: configure alternative tcp fallback relay
checks / test (pull_request) Successful in 40s
checks-impure / test (pull_request) Successful in 1m25s
2024-01-12 15:13:20 +01:00
cedd1d7492
zerotier: set interface altname
checks-impure / test (pull_request) Successful in 1m17s
checks / test (pull_request) Failing after 2m29s
2024-01-11 15:51:34 +01:00
7bf76eea06
zerotier: use configuration file instead to set the network name
2024-01-11 14:57:00 +01:00
0e62348d72
make zerotier name configureable
2024-01-11 14:57:00 +01:00
3563b6eaa4
zerotier: delete old networks
checks-impure / test (pull_request) Successful in 1m30s
checks / test (pull_request) Successful in 2m9s
2024-01-11 13:24:00 +01:00
a5132a4f81
meshnamed: mark networkmanager interfaces as unmanaged
checks-impure / test (pull_request) Successful in 1m18s
checks / test (pull_request) Successful in 2m24s
2024-01-11 12:17:44 +01:00
7a4b176248
open up zerotier ports
2024-01-10 17:24:41 +00:00
414f475802
state: declare /home as state by default
checks-impure / test (pull_request) Successful in 1m17s
checks / test (pull_request) Successful in 2m22s
2024-01-10 17:37:40 +07:00
9f8e719b48
state: move options clanCore.state to a separate file
checks-impure / test (pull_request) Successful in 1m18s
checks / test (pull_request) Successful in 2m12s
2024-01-10 17:10:10 +07:00
c29e0086a4
VMs: persist state folders on host
...
checks-impure / test (pull_request) Successful in 1m24s
checks / test (pull_request) Successful in 2m40s
Done:
- move vm inspect attrs from system.clan.vm.config to clanCore.vm.inspect. This gives us proper name and type checking. everything in `system` is basically freeform, so the previous option definitions were never enforced
- when running VMs, mount state directory from ~/.config/clan/vmstate/{...} from the host to /var/vmstate inside the vm
- create bind mount inside the VM from /var/vmstate/{folder} to / for all folders defined in clanCore.state.<name>.folders
TODOs:
- make sure directories in ~/.config/clan/vmstate never collide (include hash of clan-url, etc.)
- port impure test to python
2024-01-08 18:38:07 +07:00
0922856fa5
switch to xwayland display :1
...
no conflict with Xorg
2024-01-04 16:18:27 +01:00
9dfc3f9613
add wayland-proxy-virtwl module
checks / test (pull_request) Successful in 58s
checks-impure / test (pull_request) Successful in 1m13s
2023-12-15 14:14:20 +01:00
8ee72ba5fa
clanCore: refactor flake-module.nix into smaller files
2023-12-15 14:14:20 +01:00
9f4ab67fc2
Merge pull request 'clanCore: Fixed missing type null for clanIcon' ( #634 ) from Qubasa-main into main
assets1 / test (push) Successful in 22s
checks-impure / test (push) Successful in 1m8s
checks / test (push) Successful in 2m0s
2023-12-08 18:33:58 +00:00
4a5e5feb73
clanCore: Fixed missing type null for clanIcon
checks-impure / test (pull_request) Successful in 1m9s
checks / test (pull_request) Successful in 1m56s
2023-12-08 19:30:04 +01:00
d6052c3497
clanCore: Fixed missing type null for clanIcon
2023-12-08 19:27:58 +01:00
28a6613bde
Merge pull request 'backups: support services for restore' ( #631 ) from lassulus-HEAD into main
assets1 / test (push) Successful in 18s
checks-impure / test (push) Successful in 1m11s
checks / test (push) Successful in 1m37s
2023-12-08 18:16:08 +00:00
dec431e69f
backups: support services for restore
2023-12-08 19:09:29 +01:00
eba34bf2f7
Changed clanIcon to be included into clanCore
checks-impure / test (pull_request) Successful in 1m35s
checks / test (pull_request) Successful in 2m18s
2023-12-08 19:08:57 +01:00
57bded996b
Merge pull request 'move clanName into nixos machine configuration' ( #630 ) from Mic92-main into main
assets1 / test (push) Successful in 18s
checks-impure / test (push) Successful in 1m11s
checks / test (push) Successful in 2m0s
2023-12-08 15:21:59 +00:00
2a0a50fb5e
switch to initrd.systemd by default
2023-12-08 16:17:58 +01:00
4aa60317fa
move clanName into nixos machine configuration
2023-12-08 15:05:56 +00:00
4b9635c706
move clanName into nixos machine configuration
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 2m11s
2023-12-08 16:03:29 +01:00
76c3c77886
Merge pull request 'add serial module to vms' ( #621 ) from Mic92-main into main
assets1 / test (push) Successful in 18s
checks-impure / test (push) Successful in 1m6s
checks / test (push) Successful in 1m36s
2023-12-08 11:37:50 +00:00
64944f896a
add serial module to vms
...
checks-impure / test (pull_request) Successful in 1m23s
checks / test (pull_request) Successful in 1m56s
This is useful for debugging in the cli.
2023-12-08 12:35:33 +01:00
cf68bd41d6
backups: implement list/create and dry-run restore
checks-impure / test (pull_request) Successful in 1m7s
checks / test (pull_request) Successful in 2m0s
2023-12-07 18:23:22 +01:00
45e9ab45f7
backups: implement list the easy way
checks-impure / test (pull_request) Successful in 1m6s
checks / test (pull_request) Successful in 1m57s
2023-12-07 13:22:41 +01:00
0b772668a8
Merge pull request 'backups: add clanCore backup & clan borgbackup module' ( #605 ) from lassulus-backups into main
assets1 / test (push) Successful in 21s
checks-impure / test (push) Successful in 1m8s
checks / test (push) Successful in 2m0s
2023-12-04 16:51:33 +00:00
e772d29f44
implement backup cli for borgbackup
checks-impure / test (pull_request) Successful in 1m4s
checks / test (pull_request) Successful in 2m33s
2023-12-04 17:47:23 +01:00
4fd84d1c48
disallow variable shadowing
2023-11-30 14:31:37 +01:00
780ffb9c8f
make type checking more strict
2023-11-30 14:31:37 +01:00
373fc83160
add option to extend path for generator
checks-impure / test (pull_request) Successful in 1m9s
checks / test (pull_request) Successful in 2m6s
2023-11-30 14:15:40 +01:00
41afc65f34
clan-core/secrets: escape facts trailing newline
checks-impure / test (pull_request) Successful in 1m21s
checks / test (pull_request) Successful in 1m35s
2023-11-29 13:29:20 +01:00
640430075a
backups: add clanCore backup & clan borgbackup module
checks-impure / test (pull_request) Successful in 1m10s
checks / test (pull_request) Successful in 1m49s
2023-11-23 18:12:49 +01:00
1f03a9b7ec
Fix typo
checks-impure / test (pull_request) Successful in 1m28s
checks / test (pull_request) Successful in 1m40s
2023-11-16 14:39:15 +01:00
0604d5a83d
Configure nix inside the machines
...
checks-impure / test (pull_request) Successful in 1m56s
checks / test (pull_request) Successful in 2m16s
Add sane nix defaults for debugging and usability reasons
2023-11-16 14:08:50 +01:00
d2fecd0a94
clanCore: install essential tools for debugging
2023-11-16 13:46:13 +01:00
2bda2293cb
meshnamed: fix container
checks-impure / test (pull_request) Successful in 1m33s
checks / test (pull_request) Successful in 1m47s
2023-11-15 11:20:56 +01:00
df1e166afb
clanCore/networking: allow ping unconditionally
2023-11-15 11:07:03 +01:00
1e49bf3378
zerotier: also install identity secrets for non-controllers
2023-11-15 11:07:03 +01:00
fcb22f254c
move resolved configuration to a dummy interface
2023-11-15 11:07:03 +01:00
dca61fa5fa
explicitly set networkd as the default
2023-11-15 07:21:26 +01:00
8cda86d34c
integrated meshnamed with systemd-resolved
2023-11-15 07:21:26 +01:00
75f1815f98
move clan-imports into clanCore
2023-11-15 07:21:26 +01:00
2306b2ec50
zerotier: fix eval if meshname is not known yet
2023-11-15 07:21:26 +01:00
fdfe02fb77
zerotier: also enable meshnamed for non-controllers
checks-impure / test (pull_request) Successful in 1m35s
checks / test (pull_request) Successful in 1m46s
2023-11-14 17:45:30 +01:00
b2422f9c74
zerotier: write hostname to file
2023-11-14 17:45:30 +01:00
d2303df18b
enable meshnamed in zerotier module
checks-impure / test (pull_request) Successful in 1m54s
checks / test (pull_request) Successful in 2m1s
2023-11-14 14:40:26 +01:00
cf9f24a3b2
zerotier: add leading zeros at subnet
checks-impure / test (pull_request) Successful in 1m55s
checks / test (pull_request) Successful in 1m59s
2023-11-14 14:25:58 +01:00
