cluster/services/storage: register existing keys and buckets in incandescence

cluster/services/incandescence: add base layout for ascensions
cluster/services/consul: implement runConsul incantation
2024-08-12 03:04:03 +02:00 · 2024-08-12 03:04:03 +02:00 · 2024-08-12 03:04:03 +02:00 · 2024-08-12 03:04:03 +02:00 · 2024-08-12 03:04:03 +02:00 · 2024-08-12 03:04:03 +02:00
7 changed files with 13 additions and 41 deletions
--- a/cluster/services/consul/test.nix
+++ b/cluster/services/consul/test.nix
@ -5,16 +5,15 @@
    start_all()

    with subtest("should form cluster"):
-      nodes = [ n for n in machines if n != nowhere ]
-      for machine in nodes:
+      for machine in machines:
        machine.succeed("systemctl start consul-ready.service")
-      for machine in nodes:
+      for machine in machines:
        consulConfig = json.loads(machine.succeed("cat /etc/consul.json"))
        addr = consulConfig["addresses"]["http"]
        port = consulConfig["ports"]["http"]
        setEnv = f"CONSUL_HTTP_ADDR={addr}:{port}"
        memberList = machine.succeed(f"{setEnv} consul members --status=alive")
-        for machine2 in nodes:
+        for machine2 in machines:
          assert machine2.name in memberList
  '';
 }
--- a/cluster/services/wireguard/default.nix
+++ b/cluster/services/wireguard/default.nix
@ -93,9 +93,5 @@ in
      nodes = config.services.wireguard.nodes.mesh;
      shared = false;
    };
-    simulacrum = {
-      enable = true;
-      settings = ./test.nix;
-    };
  };
 }
--- a/cluster/services/wireguard/test.nix
+++ b/cluster/services/wireguard/test.nix
@ -1,26 +0,0 @@
-{ cluster, lib, ... }:
-
-{
-  testScript = ''
-    start_all()
-    ${lib.pipe cluster.config.services.wireguard.nodes.mesh [
-      (map (node: /*python*/ ''
-        ${node}.wait_for_unit("wireguard-wgmesh.target")
-      ''))
-      (lib.concatStringsSep "\n")
-    ]}
-
-    ${lib.pipe cluster.config.services.wireguard.nodes.mesh [
-      (map (node: /*python*/ ''
-        with subtest("${node} can reach all other nodes"):
-          ${lib.pipe (cluster.config.services.wireguard.otherNodes.mesh node) [
-            (map (peer: /*python*/ ''
-              ${node}.succeed("ping -c3 ${cluster.config.hostLinks.${peer}.mesh.extra.meshIp}")
-            ''))
-            (lib.concatStringsSep "\n  ")
-          ]}
-      ''))
-      (lib.concatStringsSep "\n")
-    ]}
-  '';
-}
--- a/modules/motd/default.nix
+++ b/modules/motd/default.nix
@ -1,4 +1,4 @@
-{ cluster, config, depot, pkgs, ... }:
+{ config, depot, pkgs, ... }:
 {
  users.motd = builtins.readFile ./motd.txt;
  environment.interactiveShellInit = let
@ -8,11 +8,6 @@
    grep = exec pkgs.gnugrep "grep";
    countUsers = '' ${util "who"} -q | ${util "head"} -n1 | ${util "tr"} ' ' \\n | ${util "uniq"} | ${util "wc"} -l'';
    countSessions = '' ${util "who"} -q | ${util "head"} -n1 | ${util "wc"} -w'';
-
-    rev = if cluster.config.simulacrum then
-      "simulacrum"
-    else
-      depot.rev or "\${BRED}(✘)\${CO}\${BWHITE} Dirty";
  in ''
    (
    # Reset colors
@ -45,7 +40,7 @@
    echo -e " █ ''${BGREEN}(✓)''${CO} ''${BWHITE}You are using a genuine Private Void™ system.''${CO}"
    echo    " █"
    echo -e " █ ''${BWHITE}OS Version....:''${CO} NixOS ''${CAB}${config.system.nixos.version}''${CO}" 
-    echo -e " █ ''${BWHITE}Configuration.:''${CO} ''${CAB}${rev}''${CO}" 
+    echo -e " █ ''${BWHITE}Configuration.:''${CO} ''${CAB}${depot.rev or "\${BRED}(✘)\${CO}\${BWHITE} Dirty"}''${CO}" 
    echo -e " █ ''${BWHITE}Uptime........:''${CO} $(${uptime} -p | ${util "cut"} -d ' ' -f2- | GREP_COLORS='mt=01;35' ${grep} --color=always '[0-9]*')"
    echo -e " █ ''${BWHITE}SSH Logins....:''${CO} There are currently ''${CAB}$(${countUsers})''${CO} users logged in on ''${CAB}$(${countSessions})''${CO} sessions"
    )
--- a/modules/part.nix
+++ b/modules/part.nix
@ -29,6 +29,7 @@ in
    reflection = ./reflection;
    shell-config = ./shell-config;
    ssh = ./ssh;
+    system-info = ./system-info;
    system-recovery = ./system-recovery;
    systemd-extras = ./systemd-extras;
    tested = ./tested;
@ -55,6 +56,7 @@ in
      motd
      networking
      nix-config-server
+      system-info
      system-recovery
      tested
    ];
--- a/modules/system-info/default.nix
+++ b/modules/system-info/default.nix
@ -0,0 +1,5 @@
+{ depot, ... }:
+
+{
+  system.configurationRevision = depot.rev or null;
+}
--- a/packages/checks/default.nix
+++ b/packages/checks/default.nix
@ -7,6 +7,7 @@ let
 in

 {
+  debug = lib.warn "debug mode is enabled" true;
  perSystem = { filters, pkgs, self', system, ... }: {
    checks = lib.mkIf (system == "x86_64-linux") {
      ascensions = pkgs.callPackage ./ascensions.nix {
Author	SHA1	Message	Date
Max	6eee030b7a	cluster/services/storage: register existing keys and buckets in incandescence	2024-08-12 03:04:03 +02:00
Max	75cebf4ed6	cluster/services/incandescence: add base layout for ascensions	2024-08-12 03:04:03 +02:00
Max	bc3cd82731	cluster/services/consul: implement runConsul incantation	2024-08-12 03:04:03 +02:00
Max	9cdf964c6c	cluster/services/forge: define db	2024-08-12 03:04:03 +02:00
Max	bb22fe0176	cluster/services/patroni: implement raw format for locksmith provider	2024-08-12 03:04:03 +02:00
Max	d1f2bc1227	cluster/services/storage: define snakeoil passphrase for heresy, ensure encryption	2024-08-12 03:04:03 +02:00
Max	a48ee00f3d	cluster/services/ways: add simulacrum deps	2024-08-12 03:04:03 +02:00
Max	9ed3655ccf	cluster/services/storage: use recursive simulacrum deps	2024-08-12 03:04:03 +02:00
Max	945698a3ea	cluster/services/patroni: add simulacrum deps	2024-08-12 03:04:03 +02:00
Max	f75c7b8522	cluster/services/locksmith: add simulacrum deps	2024-08-12 03:04:03 +02:00
Max	b258bab23e	cluster/services/incandescence: add simulacrum deps	2024-08-12 03:04:03 +02:00
Max	e2296eace7	cluster/services/chant: add simulacrum deps	2024-08-12 03:04:03 +02:00
Max	304ae6e53c	cluster/simulacrum: recursive service deps	2024-08-12 03:04:03 +02:00
Max	f322208f66	cluster/services/acme-client: implement augment for external ACME services	2024-08-12 03:04:03 +02:00
Max	7c4615ecfb	cluster/simulacrum: implement nowhere, fix networking	2024-08-12 03:04:03 +02:00
Max	ec38e10fa9	cluster/services/forge: use forService	2024-08-12 03:04:03 +02:00
Max	5d9ff62afe	cluster/services/dns: use patroni incandescence	2024-08-12 03:04:03 +02:00
Max	6d78b69601	cluster/services/patroni: implement incandescence provider for databases and users	2024-08-12 03:04:03 +02:00
Max	7129d44078	cluster/services/locksmith: only run secret generation command once	2024-08-12 03:04:03 +02:00
Max	76d205d114	cluster/services/locksmith: support skipping secret updates	2024-08-12 03:04:03 +02:00
Max	c8c9a6fbce	modules/external-storage: implement detectFs for s3c4	2024-08-12 03:04:03 +02:00
Max	a1cad2efcd	cluster/services/storage: use locksmith secrets for external storage	2024-08-12 03:04:03 +02:00
Max	c7f4e59908	cluster/services/storage: adjust test	2024-08-12 03:04:03 +02:00
Max	baed1ce871	cluster/services/storage: use incandescence	2024-08-12 03:04:03 +02:00
Max	014c1f9cd2	cluster/services/incandescence: init	2024-08-12 03:04:03 +02:00
Max	34704c8f08	modules/external-storage: support locksmith secrets	2024-08-12 03:04:03 +02:00
Max	ccc2a47880	cluster/services/storage: implement s3ql key format	2024-08-12 03:04:03 +02:00
Max	05cd729e90	cluster/services/hercules-ci-multi-agent: use forService	2024-08-12 03:04:03 +02:00
Max	8d0a2f00cc	cluster/services/monitoring: use forService	2024-08-12 03:04:03 +02:00
Max	ff26e1ebc1	checks/garage: drop	2024-08-12 03:04:03 +02:00
Max	b848084dd8	packages/catalog: expose simulacrum checks differently	2024-08-12 03:04:03 +02:00
Max	fe8ddd4094	cluster/simulacrum: expose checks	2024-08-12 03:04:03 +02:00
Max	030b680b33	cluster/services/forge: use forService	2024-08-12 03:04:03 +02:00
Max	b453b0bb21	cluster/services/attic: use forService	2024-08-12 03:04:03 +02:00
Max	b6e0390555	cluster/lib: implement config.lib.forService for better option filtering	2024-08-12 03:04:03 +02:00
Max	bbe3373c2e	cluster/simulacrum: set testConfig	2024-08-12 03:04:03 +02:00
Max	0ed4870b65	cluster/lib: introduce testConfig	2024-08-12 03:04:03 +02:00
Max	8ec13f5c87	cluster/services/storage: test in simulacrum	2024-08-12 03:04:03 +02:00
Max	5d52f72940	cluster/services/consul: test in simulacrum	2024-08-12 03:04:03 +02:00
Max	1af67b80ed	cluster/services/wireguard: make simulacrum compatible	2024-08-12 03:04:03 +02:00
Max	a810717843	cluster/catalog: support snakeoil secrets	2024-08-12 03:04:03 +02:00
Max	bd39fc5d07	cluster/simulacrum: init	2024-08-12 03:04:03 +02:00
Max	25c001c182	cluster/lib: implement simulacrum options	2024-08-12 03:04:03 +02:00
Max	d944dee3bc	WIP ENABLE DEBUG MODE	2024-08-12 02:56:57 +02:00
Max	aac5163a8b	cluster/lib: implement injectNixosConfigForServices to select individual services	2024-08-12 02:56:57 +02:00
Max	01c74f62cf	checks: add fake external storage module	2024-08-12 02:56:57 +02:00
Max	0110a4a0c3	checks: add a bunch of snakeoil keys	2024-08-12 02:56:57 +02:00