mirrors/attic
1
0
Fork 0
mirror of https://github.com/zhaofengli/attic.git synced 2024-12-14 11:57:30 +00:00
Code Activity
361 commits 7 branches 0 tags 3.1 MiB
Commit graph

361 commits

This branch
This branch
All branches
Author SHA1 Message Date
Zhaofeng Li
6eabc3f02f
Merge pull request #111 from jsoo1/restart-atticd-on-failure 
nixos: restart atticd on failure
 2024-02-14 07:47:33 -07:00
John Soo
8f5e3c1035
nixos: restart atticd on failure 2024-02-08 11:39:38 -07:00
Zhaofeng Li
fbe252a5c2
Merge pull request #105 from JRMurr/fix-lint 
Remove un-used import
 2024-01-18 15:31:32 -07:00
Zhaofeng Li
a7c878bffc
Merge pull request #49 from icewind1991/module-readwritepaths 
nixos: add storage path to ReadWritePaths
 2024-01-18 15:30:49 -07:00
John Murray
857c71671c
fix lint 2024-01-14 15:32:42 -05:00
Robin Appelman
c98be70263 nixos: Add non-default storage path to ReadWritePaths 
This prevents "read-only storage" errors when setting a non-default
local storage path. The non-default path must exist beforehand.

Co-authored-by: Zhaofeng Li <hello@zhaofeng.li>
 2024-01-13 14:23:32 -07:00
Zhaofeng Li
e6bedf1869 flake.nix: Remove non-existent overrides 2024-01-01 18:34:19 -07:00
Zhaofeng Li
52f956a864
Merge pull request #60 from cole-h/docker-db-migrations-first 
docker: default to monolithic mode
 2024-01-01 18:28:05 -07:00
Zhaofeng Li
8c8d9d9006
Merge pull request #74 from lheckemann/nixos-module-mode 
nixos: allow setting mode
 2024-01-01 18:25:12 -07:00
Zhaofeng Li
40b869ba2c
Merge pull request #51 from icewind1991/token-file 
client: allow storing the client token in a separate file
 2024-01-01 16:04:56 -07:00
Zhaofeng Li
9a9e2c0ce1
Merge pull request #98 from Mic92/sharding 
implement sharding
 2024-01-01 09:17:18 -07:00
Zhaofeng Li
bdafd64910 Fix build on Darwin 
Working around https://github.com/NixOS/nixpkgs/issues/166205
 2023-12-19 00:04:32 -07:00
Zhaofeng Li
b6f0503a92 flake.lock: Update crane 2023-12-19 00:04:32 -07:00
Zhaofeng Li
75c0482e85 integration-tests/basic: Fix Postgres permissions 
See also https://github.com/NixOS/nixpkgs/pull/266270.
 2023-12-18 14:50:33 -07:00
Zhaofeng Li
e7a5828192 flake: Update deps 2023-12-18 14:50:33 -07:00
Zhaofeng Li
a8cacb0057 .github: Update workflow deps 2023-12-18 14:50:33 -07:00
Zhaofeng Li
b12e485ef7 flake.nix: Add riscv64-linux 2023-12-18 14:50:33 -07:00
Zhaofeng Li
7b133bca83 server: Upgrade sea-orm to 0.12.10 
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
 2023-12-18 09:28:58 -07:00
Zhaofeng Li
4945d00e20 Cargo.lock: Update 
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
 2023-12-18 09:28:54 -07:00
Zhaofeng Li
ab4040a267 Trivial semver-incompatible upgrades 
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
 2023-12-18 09:28:43 -07:00
Zhaofeng Li
9c79f6f5cb server: Upgrade aws-sdk-rust 
Co-authored-by: Francesco Gazzetta <fgaz@fgaz.me>
 2023-12-18 09:28:43 -07:00
Cole Helbling
fdb9d06ff6 Cargo.toml: set resolver = 2 
There are some 2021-edition crates that Cargo was warning about.
 2023-12-18 09:28:43 -07:00
Cole Helbling
26234c294a cargo fmt 2023-12-18 09:28:43 -07:00
Zhaofeng Li
51d5121a5c integration-tests/basic: Dump schema after test 
Not doing anything with the dumped schema yet, but we will
have automated checks to ensure the schema isn't changed
in an incompatible way.
 2023-12-18 09:28:43 -07:00
Cole Helbling
0a9d4938ef Move back to jwt_simple 
This effectively reverts commit 3e0b65a4c3.

Because jwt_simple doesn't have a unified type / trait that allows
signature and verification, I had to add a SignatureType enum to
approximate that.
 2023-11-12 12:19:22 -08:00
Cole Helbling
32e6d858fa server: fixup oobe random secret generation 2023-11-12 11:19:34 -08:00
Cole Helbling
d0c726dc22 book: update nixos config example 2023-11-12 11:19:34 -08:00
Cole Helbling
bd30211ac5 attic-token: use Not trait instead of is_false function for skipping serializing false permissions 2023-11-12 11:19:34 -08:00
Cole Helbling
427ae4550b server: support HS256, RS256 JWT secrets 2023-11-12 11:19:34 -08:00
Cole Helbling
dcd7d7fe87 attic: nix_store tests: original_file -> _original_file 2023-11-12 11:19:34 -08:00
Cole Helbling
ba9f3f55b7 book: fixup docs 2023-11-12 11:19:34 -08:00
Cole Helbling
9e23916e02 token: fixup JWT creation 
Since we now validate the `sub` and `nbf` claims, they need to be set
when atticadm generates them.
 2023-11-12 11:19:34 -08:00
Cole Helbling
fcc049495e integration tests: fixup config 2023-11-12 11:19:34 -08:00
Cole Helbling
17b2ed7538 cargo fmt 2023-11-12 11:19:34 -08:00
Cole Helbling
20e0a2b3a7 server: support configuring the iss, aud claim validation 
The JWT spec [1] basically says that JWTs must validate the `aud` claim
if its specified:

> If the principal
> processing the claim does not identify itself with a value in the
> "aud" claim when this claim is present, then the JWT MUST be
> rejected.

[1]: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3
 2023-11-12 11:19:34 -08:00
Cole Helbling
7ed3f92d40 token: aud claim is a list-or-string 2023-11-12 11:19:34 -08:00
Cole Helbling
d0dfdde35a server: rename RS256 secret stuff to note that it's base64 encoded 
So it's Base64<PEM bytes>, not just PEM bytes.
 2023-11-11 12:59:03 -08:00
Cole Helbling
936e5c451b Cargo.toml: set resolver = 2 
There are some 2021-edition crates that Cargo was warning about.
 2023-11-11 12:59:01 -08:00
Graham Christensen
d49cd3383b Make the nix flake check tests pass 2023-11-11 12:58:59 -08:00
Graham Christensen
9511afde4b server: HS256 -> RS256 secrets 2023-11-11 12:58:57 -08:00
Graham Christensen
3e0b65a4c3 Migrate to jsonwebtoken 2023-11-11 12:58:55 -08:00
Cole Helbling
9001fa5418 cargo fmt 2023-11-11 12:58:53 -08:00
Jörg Thalheim
484e38094c implement sharding 
didn't actually tested the code
 2023-11-11 07:37:17 +01:00
Graham Christensen
e9918bc6be
Make nix flake show --all-systems work (#91) 
Before this patch we get:

  error: don't yet have a `targetPackages.darwin.LibsystemCross for x86_64-apple-darwin`
 2023-10-25 20:23:59 +02:00
ajs124
b43d12082e
nixos: use configured user in admin wrapper (#79) 2023-08-16 16:30:40 -06:00
Zhaofeng Li
f4cf5704d6 Fix lint 
get_or_insert_permission_mut returns a mut reference.

Fixes #77.
 2023-08-13 18:23:30 -06:00
Zhaofeng Li
4f81255892 Update nixpkgs 2023-08-13 18:23:30 -06:00
Linus Heckemann
9f742b497f nixos: allow setting mode 2023-07-22 17:45:06 +02:00
Zhaofeng Li
4902d57f5d
Fix chunk deletion bug (#67) 2023-07-15 15:46:40 -06:00
Linus Heckemann
b1e512e022
Open the default store, not auto (#71) 2023-07-15 13:05:22 -06:00