mirrors/attic
1
0
Fork 0
mirror of https://github.com/zhaofengli/attic.git synced 2024-12-14 11:57:30 +00:00
Code Activity
174 commits 7 branches 0 tags 3.1 MiB
Commit graph

174 commits

This branch
This branch
All branches
Author SHA1 Message Date
Cole Helbling
17b2ed7538 cargo fmt 2023-11-12 11:19:34 -08:00
Cole Helbling
20e0a2b3a7 server: support configuring the iss, aud claim validation 
The JWT spec [1] basically says that JWTs must validate the `aud` claim
if its specified:

> If the principal
> processing the claim does not identify itself with a value in the
> "aud" claim when this claim is present, then the JWT MUST be
> rejected.

[1]: https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3
 2023-11-12 11:19:34 -08:00
Cole Helbling
7ed3f92d40 token: aud claim is a list-or-string 2023-11-12 11:19:34 -08:00
Cole Helbling
d0dfdde35a server: rename RS256 secret stuff to note that it's base64 encoded 
So it's Base64<PEM bytes>, not just PEM bytes.
 2023-11-11 12:59:03 -08:00
Cole Helbling
936e5c451b Cargo.toml: set resolver = 2 
There are some 2021-edition crates that Cargo was warning about.
 2023-11-11 12:59:01 -08:00
Graham Christensen
d49cd3383b Make the nix flake check tests pass 2023-11-11 12:58:59 -08:00
Graham Christensen
9511afde4b server: HS256 -> RS256 secrets 2023-11-11 12:58:57 -08:00
Graham Christensen
3e0b65a4c3 Migrate to jsonwebtoken 2023-11-11 12:58:55 -08:00
Cole Helbling
9001fa5418 cargo fmt 2023-11-11 12:58:53 -08:00
Graham Christensen
e9918bc6be
Make nix flake show --all-systems work (#91) 
Before this patch we get:

  error: don't yet have a `targetPackages.darwin.LibsystemCross for x86_64-apple-darwin`
 2023-10-25 20:23:59 +02:00
ajs124
b43d12082e
nixos: use configured user in admin wrapper (#79) 2023-08-16 16:30:40 -06:00
Zhaofeng Li
f4cf5704d6 Fix lint 
get_or_insert_permission_mut returns a mut reference.

Fixes #77.
 2023-08-13 18:23:30 -06:00
Zhaofeng Li
4f81255892 Update nixpkgs 2023-08-13 18:23:30 -06:00
Zhaofeng Li
4902d57f5d
Fix chunk deletion bug (#67) 2023-07-15 15:46:40 -06:00
Linus Heckemann
b1e512e022
Open the default store, not auto (#71) 2023-07-15 13:05:22 -06:00
Travis Staton
91d8bd5cdc
fix chunk deletion bug 
fetch all deleted chunks, not just the ones that just transitioned
 2023-06-25 13:51:26 -04:00
Zhaofeng Li
4fedffe6a1 attic: Build binding with C++20 
We follow `-std=c++2a` in upstream Makefile.
 2023-06-12 19:44:39 -06:00
Zhaofeng Li
564b4be0f9 Update sea-orm to 0.11.3 
This commit drops support of Nixpkgs 22.11. Users should upgrade to
23.05 or use the pinned nixpkgs version in the flake.
 2023-06-12 18:52:16 -06:00
Zhaofeng Li
ebb13b6e6f Update nixpkgs 2023-06-12 18:52:16 -06:00
Zhaofeng Li
71a5580d17 Work around https://github.com/NixOS/nix/pull/8484 
Let's work around it downstream while we wait for a release.

Fixes #56.
 2023-06-12 18:52:16 -06:00
Zhaofeng Li
5ca98fbaa8 Drop bindgen and specialize hash handling 
Bindgen cannot handle functional C macros, and now `GENERATE_CMP`
is part of the include chain of `nix/hash.hh`, breaking everything.

For now, let's just drop bindgen and simplify things.
 2023-06-12 18:52:16 -06:00
Manuel
552120a68a
fix: writing config does not truncate (#55) 
Co-authored-by: Manu [tennox] <tennox+git@txlab.io>
 2023-06-12 18:35:28 -06:00
Lin Yinfeng
2568e6df7a
crane.nix: Suppress warning of missing version attribute in Cargo.toml (#53) 2023-06-12 18:20:11 -06:00
Zhaofeng Li
b1fb790b5f integration-tests: Strip tokens return from atticadm 2023-05-28 15:23:45 -06:00
Zhaofeng Li
a71582a952 client/watch_store: Ignore sources when watching 
They will still be pushed as part of other paths' closures.
 2023-05-28 15:23:45 -06:00
Zhaofeng Li
2d0aeefd2f Trivial semver-incompatible upgrades 2023-05-28 15:23:45 -06:00
Zhaofeng Li
1b980a9640 server: Upgrade async-compression 2023-05-28 15:23:45 -06:00
Zhaofeng Li
1a0116fee8 server: Upgrade aws-sdk-rust 2023-05-28 15:23:45 -06:00
Zhaofeng Li
6489d775ae Update deps 2023-05-28 15:23:45 -06:00
Zhaofeng Li
b0fd84299c Update nixpkgs 2023-05-28 15:23:45 -06:00
Zhaofeng Li
7115778c8c Cargo.lock: Update 2023-05-28 15:23:45 -06:00
Andrey Snow
5f85e35a25
feat: Build & Push images as part of CI (#44) 2023-05-06 22:25:01 -06:00
Zhaofeng Li
171c89fbe0 flake.nix: Add /etc/passwd to attic-server-image 
It's now required by the sshd embedded in fly.io's init.
 2023-04-12 15:39:38 -06:00
Zhaofeng Li
6a064f904e client/watch_store: Refactor main loop 2023-04-12 15:39:27 -06:00
Zhaofeng Li
d918f68c29
Merge pull request #42 from DarkKirb/increase-nar-info-size-limit 
Increase narinfo size limit to 1MiB
 2023-04-12 15:39:11 -06:00
Charlotte 🦝 Delenk
c686b2c1ea
Increase narinfo size limit to 1MiB 
I was still encountering failures due to narinfo files being too large,
even with the increased 64kiB limit. This commit increases it to 1MiB
which is hopefully larger than any “reasonable” derivation, while also
not being too large for the server to keep in memory at once.
 2023-04-06 10:03:00 +01:00
Zhaofeng Li
efa15b9788
Merge pull request #40 from Shawn8901/main 
add sleep to keep alive loop of watch-store
 2023-04-04 16:09:06 -06:00
Shawn8901
d48e920f12 add sleep to keep alive loop of watch-store 2023-04-04 21:32:04 +02:00
Zhaofeng Li
4d92e69fc1 .github/install-attic-ci.sh: Update 
Built against f658c7e1fe.
 2023-03-21 18:45:45 -06:00
Zhaofeng Li
f658c7e1fe flake.nix: Minimize the closure size of attic-static 2023-03-21 18:45:34 -06:00
Zhaofeng Li
3c58b2d2ce ci-installer.nix: Only install the client 2023-03-21 18:45:34 -06:00
Zhaofeng Li
a8a30288fa flake.nix: Add attic-client-static package 2023-03-21 18:45:34 -06:00
Zhaofeng Li
cb493f2982 crane.nix: Make attic-client actually contain the client only 2023-03-21 18:45:34 -06:00
Zhaofeng Li
94a1d44a10 server: Only read PUT payload up to the claimed size 2023-03-21 18:45:34 -06:00
Zhaofeng Li
ba8bd5d66c Thanks clippy 2023-03-21 18:45:34 -06:00
Zhaofeng Li
2e68228fee token: Enforce the same lint configs 2023-03-21 18:45:34 -06:00
Zhaofeng Li
63f64ee8c4 Revert bindgenHook workarounds 
Fixed in https://github.com/NixOS/nixpkgs/pull/215060.

This reverts commit 365d739bca.
This reverts commit db443f1932.
This reverts commit 9869ab4a85.
 2023-03-21 18:45:34 -06:00
Zhaofeng Li
1a3b6513b0
Merge pull request #32 from poscat0x04/nixos-module-user-group-name 
nixos: Make the group and user name under which attic runs configurable
 2023-03-05 11:37:47 -07:00
Zhaofeng Li
fb1db7511c
Merge pull request #33 from poscat0x04/suppress-systemd-run 
nixos: Suppress systemd-run's output in atticadm wrapper
 2023-03-05 11:37:10 -07:00
Zhaofeng Li
944b14abdd .github/install-attic-ci.sh: Update 
Built against f36f01d431.
 2023-03-05 11:35:04 -07:00