about summary refs log tree commit diff
path: root/users/fcuny/resume (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-08-08fix(tahoe/secrets): configuration for rclone-sync to GCPFranck Cuny1-0/+0
The configuration needs to be updated, we set the value for `bucket_policy_only` to true now that we've set the bucket to use uniform bucket level access (https://cloud.google.com/storage/docs/uniform-bucket-level-access). Change-Id: I7e9516709af4be35a3964937c1dbd728bcfe1f01 Reviewed-on: https://cl.fcuny.net/c/world/+/709 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-08feat(home/terraform): install terraform when neededFranck Cuny3-0/+12
Change-Id: Ie87672629ff23eeb93f5308898014cc737490b7c Reviewed-on: https://cl.fcuny.net/c/world/+/708 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-07feat(ops/buildkite): use terraform to manage buildkiteFranck Cuny7-1/+74
Change-Id: I63fc8fd81679457f7dbeafc2bd10c0eded0de991 Reviewed-on: https://cl.fcuny.net/c/world/+/707 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-07ci(pipeline): the pipeline to be executed with a new buildFranck Cuny3-3/+28
This is the pipeline that is executed when a new build starts. It wait for all the steps to be completed, and if one of them fail, the build is marked as failed. Change-Id: I1eb22b27749944de78d44e49586a1db1fe07b460 Reviewed-on: https://cl.fcuny.net/c/world/+/706 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06feat(hosts/tahoe): add a token for graphql for buildkite agentsFranck Cuny2-0/+16
Change-Id: I17ea0baab0d74888ed1b21342c583495d3f52643 Reviewed-on: https://cl.fcuny.net/c/world/+/705 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06fix(modules/buildkite): rename a shell scriptFranck Cuny1-1/+1
Change-Id: I2b495c55191f3192b871cfb9d06445817c16e0de Reviewed-on: https://cl.fcuny.net/c/world/+/704 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06ref(flake): tools and users packages are managed the same wayFranck Cuny2-5/+10
Configure the way we import these packages the same way, that way it's consistent and easy to use. Change-Id: I0e218f8fe9dd4cd2045bfee11c80de84ff769fe1 Reviewed-on: https://cl.fcuny.net/c/world/+/703 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06fix(tools): add gerrit-hook to the list of toolsFranck Cuny1-0/+2
Change-Id: I9bf0524ec12c4d554fc4c7ded458aab8a9cf5ef6 Reviewed-on: https://cl.fcuny.net/c/world/+/702 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06fix(modules/secrets): call correct function for groupFranck Cuny1-2/+3
The function `groupExists` returns a boolean, what we want is `groupIfExists` which returns the actual name of the group. Change-Id: I7db50066e13932dd617ffccb9dae40ecb1d383a5 Reviewed-on: https://cl.fcuny.net/c/world/+/701 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06ref(tools): simplify the import of toolsFranck Cuny6-17/+14
In the `mkSystem` function, instead of defining each tools, let's import all of them at once. This works both with installing a tool from a module or running them from the CLI. Change-Id: Ia44ff9a45b54a1ecea6f6b02b4cad2956799f627 Reviewed-on: https://cl.fcuny.net/c/world/+/682 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-08-06ref(ci): delete custom scripts for formattingFranck Cuny4-61/+1
Since I have configured the pre-commit hooks, I can use them instead of my custom scripts: less things to maintain and easier to read output. Change-Id: Ic833ec88ed9fbcbe52b1b1680f978da3a5a08b31 Reviewed-on: https://cl.fcuny.net/c/world/+/681 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-20meta(flake): bump dependenciesFranck Cuny1-3/+3
``` fcuny@aptos ~/w/world (main)> nix flake lock --update-input nixpkgs warning: updating lock file '/home/fcuny/workspace/world/flake.lock': • Updated input 'nixpkgs': 'github:nixos/nixpkgs/f961520b1f163beb178ad2af448832985c7f8417' (2022-06-09) → 'github:nixos/nixpkgs/d2ff0167ce734340e745ca1f53b11a0996ff17a4' (2022-07-20) ``` Change-Id: I8e5efd490cf7f15e84c99ccb27d75660080813a4 Reviewed-on: https://cl.fcuny.net/c/world/+/663 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-20fix(modules/secrets): call correct function for group validationFranck Cuny1-1/+1
Change-Id: I84deb43c422668719157a5027e8dbea9a1ec92cf Reviewed-on: https://cl.fcuny.net/c/world/+/662 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-20docs(gerrit): how to edit the secretsFranck Cuny1-1/+3
Change-Id: Ibc81727971cfbd7b05c383a1c58ca02b907683f7 Reviewed-on: https://cl.fcuny.net/c/world/+/661 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-20fix(modules/secrets): set correctly all possible attributesFranck Cuny1-5/+10
Secrets can have multiple attributes: the owner, group, mode and path. So far, we were setting the file (path where it should be read from), the owner (if it exists), the group (if it exists) and the mode. The attribute 'path' was not propagated correctly. We now check for all these attributes (as optional) and if they exists we set them. We still validate that the user and group exist before setting them. Change-Id: Ifeccf2ee9d0acd17a3cd05de8d08968cea49550b Reviewed-on: https://cl.fcuny.net/c/world/+/641 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-18feat(modules/gerrit): manage secure configuration with nixFranck Cuny4-1/+8
Currently the secure configuration for gerrit is not managed by nix. This is likely going to break in the future and I'll hate myself for that. Let's move it into nix and encrypt it with age, like we do for other secrets. Change-Id: Ia7a006748a3ad64fa4b97ca9e8cbd98c99433982 Reviewed-on: https://cl.fcuny.net/c/world/+/622 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-08fix(modules/backup): reduce verbosity for resticFranck Cuny1-1/+1
It's spamming journald, and I don't need that level of details. Change-Id: If6bd8338cf3ed5d7981500e0f3001a3dc4c14870 Reviewed-on: https://cl.fcuny.net/c/world/+/621 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-08fix(tahoe/backups): don't backup some directoriesFranck Cuny1-0/+1
I don't need to backup these directories in my home. Change-Id: Ia2302f2ebe74033090b86b52864787d2a63ecb4b Reviewed-on: https://cl.fcuny.net/c/world/+/620 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-07fix(home/email): correct rule to move emails with afewFranck Cuny1-1/+1
If an email has the tag 'archive' while in the Inbox folder, it needs to be moved to the archive directory. Change-Id: I44efc9e51fe0e749a5a2ffa15fe32b8b945d12f0 Reviewed-on: https://cl.fcuny.net/c/world/+/609 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-07fix(home/email): remove a filter from afewFranck Cuny1-6/+0
I do not need this filter anymore, it was a one time thing to make sure all emails in the archive directory are tagged properly. Running this every 5 minutes is not needed, but it also trigger the fans on the XPS, so let's remove this. Change-Id: I6ab3669b5708997e4e3681a5d7b0416efe8a1dd9 Reviewed-on: https://cl.fcuny.net/c/world/+/608 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-07feat(home/mail): enable smtp to send emailsFranck Cuny1-0/+3
Change-Id: Ia651a1821c44ec45a2dae033e44c91c9eab8459e Reviewed-on: https://cl.fcuny.net/c/world/+/607 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02feat(home/mail): run afew before mbsyncFranck Cuny1-0/+1
Move the mails based on some rules, then we can synchronize local and remote stores. Change-Id: Iae46d94b14606c54a05efa0aa7eb5ca1eb1deb90 Reviewed-on: https://cl.fcuny.net/c/world/+/603 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02feat(home/mail): add more rules for afewFranck Cuny1-0/+18
Change-Id: Ieaa3163db8f73bb6e299304099e3325bba99cc10 Reviewed-on: https://cl.fcuny.net/c/world/+/602 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02fix(home/email): remove the environment variable NOTMUCH_CONFIGFranck Cuny1-1/+0
The path is incorrect, and it's not needed. Instead of fixing the path let's drop the variable. Change-Id: I0b86add1739769810ec8369aac8da60ba38fa0bd Reviewed-on: https://cl.fcuny.net/c/world/+/601 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02feat(flake): add more pre-commit hooksFranck Cuny1-0/+12
Add pre-commit hooks for: - trailing white spaces - new lines at the end of files Change-Id: I02b5c125064b1cc43e3dfcd7504f60df50846c36 Reviewed-on: https://cl.fcuny.net/c/world/+/593 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02fix(new-lines): add or remove new lines where neededFranck Cuny13-13/+2
The pre-commit hook for new lines reported and correct a number of issues, so let's commit them now and after that we ca enable the hook for the repository. Change-Id: I5bb882d3c2cca870ef94301303f029acfb308740 Reviewed-on: https://cl.fcuny.net/c/world/+/592 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-07-02fix(home/git): install pre-commit toolFranck Cuny1-1/+1
The tool `pre-commit' is installed as part of the nix shell for this repository, but not on the host (or in my profile). It means that if I try to make a commit via Emacs/magit, it fails, since it's not in my path. By installing it with home-manager, it's in the path, and it can be used by magit when creating a commit. Change-Id: Ifa61d0be1027043eecaf11dd40fbba1ed2f5a9a6 Reviewed-on: https://cl.fcuny.net/c/world/+/591 Tested-by: CI Reviewed-by: Franck Cuny <franck@fcuny.net>
2022-06-28feat(flake): add pre-commit hooksFranck Cuny3-1/+56
And configure them to run nixpkgs-fmt and shellcheck. Change-Id: I0aa2025e368b80c5e7d90a4dc05448494525e31e Reviewed-on: https://cl.fcuny.net/c/world/+/590 Reviewed-by: Franck Cuny <franck@fcuny.net> Tested-by: CI