5726067315
tumblrandom: some fixups
2024-09-09 01:02:48 +00:00
93efb988cb
tumblrandom: do some redirect-based stuff to avoid timeouts while fetching
2024-09-09 00:28:21 +00:00
93d5a104da
add hackyplayer/hacky-vouchproxy/emfminiserv bits
2024-06-21 22:34:53 +01:00
d666e85223
experiment with buildGo2, a potential replacement for buildGo
2024-02-11 04:23:47 +00:00
2c3bb4797c
bnixbuild: reenable whitby
2024-01-06 22:54:47 +00:00
b3008a51c7
tumblrandom: use better random
2024-01-01 14:16:20 +00:00
678b7c66ed
go/nix: some more features for nixbuild
2023-08-27 22:45:46 +00:00
3ab9b43f72
go/nix: implement more of nixbuild
2023-08-23 23:00:44 +00:00
6addc90a6e
go/nix: unfinished 'copy' implementation
2023-08-19 21:14:04 +00:00
0563c19125
go/nix: teach bnix how to talk to a remote store over SSH
2023-08-17 23:48:07 +00:00
b11cc9d3c8
go/nix: start working on making it possible to build derivations
2023-08-17 02:51:18 +00:00
07350a1d42
secretsmgr: fix up host header
2023-08-06 18:23:33 +01:00
ca8f808647
tokend: make sure Host is set to something sensible
2023-07-19 16:28:02 +01:00
86f193d44a
secretsmgr: add bare hostnames everywhere
2023-05-26 17:39:01 +01:00
429b4ce984
secretsmgr: sign also for bare hostname
2023-05-26 02:53:52 +01:00
a6974aebcc
tumblrandom: init
2023-04-18 19:39:11 +00:00
de8756c4e6
bcacheup: use a limited channel rather than a sync.Cond
2023-04-16 00:36:34 +00:00
642ad1c6b7
bcacheup: limit upload concurrency to avoid OOMing
2023-04-15 15:10:06 +00:00
8fcb964bcd
tokend: fix debugging line...
2023-03-12 15:30:04 +00:00
fa17ca41c9
tokend: add some logging about token issuance
2023-03-12 15:21:38 +00:00
60ae56053f
go: add vault/vaultgcsblob to create vaultgs:// scheme which uses vault
2023-02-25 23:46:40 +00:00
35a9ec6bf5
nhsenglandtests: delete
2023-01-15 16:26:50 +00:00
cf74005139
nixstore: no . Derivers
2023-01-15 02:06:51 +00:00
aae1c8bea0
bcacheup: port to jamespfennell/xz, which is a wrapper around the C LZMA library rather than a Go reimplementation
2023-01-14 22:07:14 +00:00
78d3689dfe
bcacheup: add --deep_check_galactic flag for ensuring that all references are properly uploaded
2022-11-08 15:25:48 +00:00
c157d8f91e
remotestore: only the deriver's filename, not the full path
2022-11-08 12:33:17 +00:00
20617e22f1
nixstore/remotestore: add a mutex around the connection
2022-10-10 01:28:26 +01:00
75b39cfbf7
bcacheup: use nixstore.Open
2022-10-10 00:49:44 +01:00
d6118944fa
nixstore: add remotestore
2022-10-09 23:48:18 +01:00
ad393eb647
go/nix: split Nix encoding stuff into nixwire package
2022-10-09 21:27:14 +01:00
4fc89a6c5d
bcacheup: oops, flag.Interval should be flag.Duration
2022-10-09 18:15:14 +01:00
955b899bca
bcacheup: slow down rate of output
2022-10-09 18:10:46 +01:00
9d16934db3
nix/gitlab-ci: attempt to hack around us wanting to read the nix store DB
2022-10-09 17:35:43 +01:00
98f53c5cd6
go/nix/bcacheup: init utility for uploading things to a binary cache
2022-10-09 16:46:55 +01:00
d03cc487f5
go/nix/bcachegc: init
2021-07-27 22:10:47 +01:00
e44e0f128e
go/nix/nar: move narinfo to go/nix/nar/narinfo
2021-07-27 22:06:59 +01:00
50520f0230
go/nix/nar: init
2021-07-25 13:57:19 +01:00
e9a2ac4980
go/secretsmgr: set group after deleting files
2022-06-25 17:35:23 +00:00
a4c6ad17dc
go/access: detect WSL differently
2022-05-17 01:36:33 +01:00
f5d66318a3
go/access: set principal name, set presence required by host
2022-03-25 01:47:18 +00:00
3a32590571
go/access: init
2022-03-25 01:24:21 +00:00
7592e76a31
tokend: init
...
tokend is responsible for issuing service-scoped tokens based on the token held
and generated by the Vault Agent.
It can also generate "server-user" scoped tokens, which exist for convenience's
sake: they are not a strong attestation of the user on the machine, and have
limited privileges compared to a Vault token issued using e.g. `vault login
-method=oidc`.
2022-03-20 17:47:52 +00:00
b719181dfe
nixos: migrate to secretsmgr for sshd and ACME
2022-03-17 23:31:55 +00:00
037c6f0fd8
go/secretsmgr: add support for ACME certificate issuance
2022-03-17 01:26:18 +00:00
165fc4559c
go/secretsmgr: init
...
Currently this only handles signing SSH certificates, but let's see where we go from here.
2022-03-15 03:07:34 +00:00
Luke Hanley (LukeHandle)
516ee3e20a
go/minotarproxy: clean up Prometheus metrics
2022-01-22 15:28:31 +00:00
086f5fe597
journal2clickhouse: coerce things that look like strings back to strings
...
There's binary data sometimes, but on the whole I don't care about preserving
it properly (sorry), so let's just coerce it to a string if it is supposed to
go into a "proper" field.
2022-01-01 16:30:38 +00:00
7e848a2622
go/journal2clickhouse: fix the Classic Bug
2022-01-01 15:31:47 +00:00
c91a42948d
journal2clickhouse: init
2022-01-01 15:08:52 +00:00
060f2cf96b
nhsenglandtests: init
2021-12-31 07:00:32 +00:00