Commit graph

147 commits

Author SHA1 Message Date
Florian Klink
a52ea3675c feat(*): initialize new Snix infrastructure
Co-Authored-By: edef <edef@edef.eu>
Co-Authored-by: Ryan Lahfa <raito@lix.systems>
Change-Id: Ica1cda177a236814de900f50a8a61d288f58f519
2025-03-17 17:15:07 +00:00
sterni
350d60ea8e fix: use localSystem over builtins.currentSystem where appropriate
cl/5832 added a global system parameter to depot which allowed specifying
what `system` should be used for nixpkgs and all depot derivations
(assuming a native compilation case) which was implemented in cl/5846.
This allows instantiating derivations for a different system than
whatever builtins.currentSystem happens to be. This is useful for
debugging, allows you to schedule builds on build servers for
other platforms or build for architectures that are a subset of
the one you are running (e.g. i686-linux).

This change eliminates all remaining uses of builtins.currentSystem
which could lead to an inconsistent combination of `system` values
when passing `localSystem`.

Change-Id: I0f824f4f0afa88ef1ddd9a8cecb24bf94bacde7a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7260
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
2022-11-12 21:54:45 +00:00
Vincent Ambo
65953e0913 refactor(3p): Prepare for restricted-eval
Change-Id: I1e577400717833c3de75bfef38950565716580bb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5684
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
2022-05-26 14:17:32 +00:00
Vincent Ambo
aa122cbae7 style: format entire depot with nixpkgs-fmt
This CL can be used to compare the style of nixpkgs-fmt against other
formatters (nixpkgs, alejandra).

Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: cynthia <cynthia@tvl.fyi>
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: eta <tvl@eta.st>
Reviewed-by: grfn <grfn@gws.fyi>
2022-01-31 16:11:53 +00:00
Griffin Smith
d85c6a1b56 feat(ops/modules): Provide some modules to all nixoses
For modules that are gated behind a mkEnableOption, it's reasonable to
just provide them to all Depot-built nixos systems without requiring
people to explicitly import them. This defines a special module called
`default-imports.nix` which imports these modules (currently just
tvl-cache.nix and automatic-gc.nix, as I'm being rather conservative
adding things here to avoid breaking anyone's system), then provides
that module as one of the `modules` passed at the top-level
nixos/eval-config invocation.

Change-Id: I3be299ab10ae4c451ef11c514edb3c89318a2278
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4345
Tested-by: BuildkiteCI
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2021-12-16 14:17:35 +00:00
Vincent Ambo
4a89bcd6a5 refactor(ops/nixos): Pass depot as a special argument
This changes the evaluation order for the `depot` argument and ensures
it is partially evaluated before the module system starts resolving
imports.

This way we can import modules from `depot.path` without `depot`
having to come from readTree.

Fixes b/129.

Change-Id: Icf4dd2be15011055dac8b27e991a4ff6a12bf827
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3156
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
2021-05-24 21:48:37 +00:00
Vincent Ambo
473604f567 refactor: Move nixpkgs attribute to third_party.nixpkgs
Please read b/108 to make sense of this.

This gets rid of the explicit list of exposed packages from nixpkgs,
and instead makes the entire package set available at
`third_party.nixpkgs`.

To accommodate this, a LOT of things have to be very slightly shuffled
around. Some of this was done in already submitted CLs, but this
change is unfortunately still quite noisy.

Pay extra attention to:

* overlay-like functionality that was partially moved to actual
  overlays (partially as in, the minimum required to get a green
  build)

* modified uses of the package set path, esp. in NixOS systems

Special notes:

* xanthous has been disabled in CI because of issues with the Haskell
  overlay
* //third_party/nix has been disabled because of other unclear
  dependency issues

Both of these will be tackled in a followup CL.

Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2021-04-10 21:18:55 +00:00
Vincent Ambo
6489d94ad6 refactor(3p/dhall): Move easy-dhall-nix import into separate folder
This is part of paving the way for clearly distinguishing between
packages from nixpkgs and //third_party.

See also: b/108, cl/2910

Change-Id: I28b5abd1f0f9fa3c4478c9f255b2025f4a4139f1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2917
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
2021-04-10 14:32:02 +00:00
Profpatsch
b89d4c1578 feat(third_party): add dhall packages from easy-dhall-nix
About to do some dhalllll! \o/

Change-Id: Ie58c335d80f4a5abeb8296ece5a24377f07e6369
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2585
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-04-01 11:27:39 +00:00
sterni
3a49e4f4bf chore(3p): bump NixOS channels to 2021-03-25
OpenSSL released an update which fixes two severity high security
issues:

* https://mta.openssl.org/pipermail/openssl-announce/2021-March/000197.html
* https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html

Update to the nixpkgs (currently still master) commits updating OpenSSL.

Other changes:

* Use GHC 8.8.4 for haskell-language-server as GHC 8.8.3 got removed
  from nixpkgs last friday.

Change-Id: Ic1b2f49284e78193a4330da4bb4b718a797f5ab1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2653
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: glittershark <grfn@gws.fyi>
2021-03-26 01:43:32 +00:00
sterni
90fdd7f23d chore(3p): bump NixOS channels to 2021-03-18
Making this a monthly service apparently.

Necessary changes:

* 3p: expose emacs27 instead of emacs26 which got removed
  users/tazjin/{camden, frog}: switch from emacs26 to emacs27

* 3p/lieer: google_api_python_client got renamed to
  google-api-python-client

Change-Id: I1011665d10eebc99990addbef6a8a6b000b93896
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2605
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2021-03-19 14:00:50 +00:00
sterni
e628862e97 chore(3p): Bump NixOS channels to 2021-02-18
Main motivation for this is to get the openldap update that fixes
10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this
issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490

Someone should also redeploy whitby as soon as this lands in canon and
all build failures have been fixed.

Things done to resolve upstream breakages:

* grpc no longer takes abseil-cpp as an input, it has also been removed
  in the override.

* Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9
  attribute has been removed by upstream and the patch used by them is
  available for 5.11 as well.

* The fixed output hash for third_patry.apereo-cas changed for some reason.

* Remove the pin of haskellPackages.vector from the haskell overlay. It
  broke as the most recent version of vector in nixos-unstable no longer
  depends on semigroups. This effectively updates vector from 0.12.1.2
  to 0.12.2.0.

* Align two comments in tvix/libstore/worker-protocol.hh because the
  updated clang-format now demands that.

Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
2021-02-19 14:45:43 +00:00
Vincent Ambo
8f57ca92bd chore(3p|nix): Remove typed Go
Nobody has actually done any experimentation with typed Go, so we're
getting rid of it for now - it's causing annoying IFD during build
graph generation.

Change-Id: Ibac3dea98ebed1b3ee08acda184d24c500cf695d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2458
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-30 08:20:45 +00:00
Vincent Ambo
83465be599 feat(3p/telega): Pin tdlib version used for telega
Recent channel updates have caused some issues for telega.el, mostly
because the version of tdlib (the C++ library for Telegram) and the
Emacs package are out of sync.

This overrides the version used in the Emacs package to a "known good"
commit. It would be useful to change the tdlib derivation in nixpkgs
to make this version mismatch a hard build error.

Change-Id: I9c994f783e1cc17e933432507cd13b65697efd4a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2445
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-26 13:25:43 +00:00
Vincent Ambo
8ab02db6c5 chore(3p): Bump NixOS channels to 2021-01-19
Change-Id: I07b0d4991a07e15b1ab1ec8f371542868874eda5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2421
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: Profpatsch <mail@profpatsch.de>
2021-01-19 12:43:10 +00:00
Vincent Ambo
b4e420d4ff chore(3p): Bump NixOS channels to 2021-01-09
Your regularly scheduled channel update, but slightly more regular
than before.

Included fixes:

* 3p/emacs: Pick telega.el from stable channel, unstable is broken.
* glittershark/fprintd: Compile with gcc9, since build fails with the
  new default of gcc10
* glittershark/fprintd: Use a global overlay for the fprintd package
  until https://github.com/NixOS/nixpkgs/pull/108962 lands in
  nixos-unstable
* glittershark/home: Don't install rr, as it's not building with gcc10

Co-Author: Griffin Smith <grfn@gws.fyi>
Change-Id: Ia715fef64a405a220049fc540017356fa7370e0b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2341
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2021-01-13 16:53:20 +00:00
Profpatsch
6843016aae chore(third_party): move nixkpgs-exposed to subdir to fix OWNERS
The owners plugin should in theory be able to match on subdirs (at
least according to its documentation, but it doesn’t and nobody has
any idea how to debug it.

We already know that subdirectories work just fine, so let’s go the
path of least resistance because frankly, I couldn’t care any less.

The haskell overlay also moves to the subdir, this way both can be
changed in the same go by the same people.

Change-Id: I7d98f48afa649ad2c58e38e674e1c4df09039c1c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2347
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-01-11 19:44:38 +00:00
Vincent Ambo
88bf43878f chore(3p): Bump NixOS channels to 2020-12-28
Changes:

* ops/nixos/tvl-slapd: The NixOS module for OpenLDAP has removed the
  ability to configure OpenLDAP directly and now forces users to use
  some kind of weird Nix->OLC mapping that is mostly undocumented.

  This moves the config we need to the new format in a way that may or
  may not work and does the other arbitrary dance steps that someone
  decided to impose on us. Note that this now throws lots of warnings,
  but I can't be bothered to fix them.

* 3p: Random package removals accomodated

* users/glittershark: Pin grfn's kernel to 5.9, because the CK patch
  is not yet updated for 5.10

* users/glittershark: Update vendor hash for pg-dump-upsert, I suspect
  this changed because of something in the Go build machinery in
  nixpkgs. The deleteVendor flag also has no effect anymore and has been
  removed.

* users/glittershark: agda build is broken, commenting out development
  home-manager environment until it can be fixed

* third_party/haskell_overlay: updating random needs upper boundarles
  of a few dependencies relaxed (curse them)

* third_party/gerrit_plugins: for some cursed reason the fixed-output
  hash of the gerrit owners plugin fetchgit changed, updated.
  Same for the checks plugin.

Change-Id: Ica37995fe8039d3ba80eab643867f98795c56734
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2295
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2021-01-09 13:21:00 +00:00
Profpatsch
68c4730365 feat(third_party): separate nixpkgs whitelist to allow more owners
The exposed package list has to be changed/amended quite frequently,
every time somebody wants to use a package not yet in that list and
thus has to whitelist it here.

This effectively requires a superowner review every single time, which
is an unreasonable blocker for many CLs.

I thus propose moving the list into a separate file (I called it
`nixpkgs-whitelist.nix` which is more descriptive than `exposed.nix`
and letting anybody add themselves to the OWNERS on that file.

Change-Id: Ied8bac066e4b9a91ddd642db805fe33dc37872c9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2323
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2021-01-08 12:56:26 +00:00
Profpatsch
1261616bff feat(Profpatsch/writers): add rustSimple writers
A bunch of writer functions wrapping the `buildRustCrate`
functionality of nixpkgs. Can be used to write inline rust code, or
rust code read from files with `builtins.readFile`.

Change-Id: I9d74e9381b858b485925e4dc3fbb7fc392877c0a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2318
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2021-01-03 16:29:57 +00:00
Profpatsch
533e365c12 feat(users/Profpatsch): add python3Lib writer
Smol writer to create a python lib directly from a nix string.
The resulting library can be consumed by the writePython3 writer.

Change-Id: Id3d793564d230b38a08f65140bda4287285e1a72
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2310
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2021-01-03 16:12:33 +00:00
Profpatsch
806c281b34 feat(users/Profpatsch): moving around via the tree-sitter parse tree
Has a little setup to get the cursor position and map it onto a tree
sitter node. The current node is saved in a cursor variable, and a
highlight overlay marks the range of the current node in the buffer.

Change-Id: I0af56115f928732e993fbefe978a246ca7c757ee
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2258
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2021-01-01 19:03:30 +00:00
Andreas Rammhold
150b2fa799 chore(3p): move quassel to the right inherit statement
As the comment above the inherit statement says it is supposed to only
contain packages required for //third_party/nix. As much as I like IRC I
can't find a usage of Quassel within Nix itself. Perhaps a plugin to
report build status at some point?

Until that plugin mainfests we might as well move it to the correct
location.

Change-Id: I14fd6b698bb779b80829e7bebd5daa69cacdde78
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2177
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Tested-by: BuildkiteCI
2020-11-30 21:43:15 +00:00
Kane York
844c84a38a chore(3p): upgrade llvm to version 11
Additionally, anchor clang-tools to match the current llvmPackages version.

Change-Id: I27a199cadb55907c3e2deabfd1d14a5b50fc541b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2166
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-11-29 03:02:14 +00:00
Luke Granger-Brown
77be22549a chore(3p/gerrit): update to latest upstream HEAD
Change-Id: Ia7b17ca83ace164881a4dd8b0288741489bc467c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2164
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2020-11-29 02:26:46 +00:00
Vincent Ambo
5a00e58904 chore(3p): Bump nixpkgs to nixos-unstable from 2020-11-21
Included fixes for random breakage:

* 3p/awscli: pick from the stable channel; it is broken on unstable
* 3p/googletest: bumped version & removed patches that nixpkgs applies
* 3p/lisp/cffi: bumped library version for SBCL compat
* 3p/nix: fix libsystemd attribute
* 3p/nix: reformatted (clang-format handling of ternaries changed)
* glittershark/home: Use home-manager from nixkpgs
* glittershark/kernel: bumped linux-ck patch hash
* glittershark/kernel: removed "patch patch"
* multi/whitby: Use home-manager from nixpkgs
* tazjin/frog: drop Sourcetrail (it doesn't build currently)

Note that in addition to these changes, some previous CLs updated the
versions of git and cgit which was necessary for this channel bump,
but which could not be done in the same commit due to the nature of
the subtree merges.

Change-Id: If2563e8a68e2750c4b913a976ff7b93b42e8b7f3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2110
Tested-by: BuildkiteCI
Reviewed-by: multi <depot@in-addr.xyz>
Reviewed-by: glittershark <grfn@gws.fyi>
2020-11-21 23:18:27 +00:00
Vincent Ambo
f4609b896f merge(3p/git): Merge git subtree at v2.29.2
This also bumps the stable nixpkgs to 20.09 as of 2020-11-21, because
there is some breakage in the git build related to the netrc
credentials helper which someone has taken care of in nixpkgs.

The stable channel is not used for anything other than git, so this
should be fine.

Change-Id: I3575a19dab09e1e9556cf8231d717de9890484fb
2020-11-21 19:45:56 +01:00
Kane York
92d4554b62 feat(tools/tvlc): init project
tvlc is a tool for managing sparse git worktrees of the TVL depot.
It is still in development; near-term tasks include a setup script,
Nix dependency resolution, worktree removal, and the dispatch
script.

See cs.tvl.fyi/depot/docs/designs/SPARSE_CHECKOUTS.md for more info.

Change-Id: Iad96656f0206178980fe7dcadd3dffe70d690f8f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1760
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-08-19 01:23:54 +00:00
Vincent Ambo
4ed096b7d7 chore(3p/emacs): Enable cairo for Emacs 27.1
... this in turn enables support for Harfbuzz, which enables support
for ligatures - maybe this will make grfn happy!

Change-Id: I331c5171a829800fe532ca0b0d4910478e63ef1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1783
Reviewed-by: glittershark <grfn@gws.fyi>
Tested-by: BuildkiteCI
2020-08-18 22:06:16 +00:00
Vincent Ambo
c344e03705 chore(3p): Provide Emacs 27.1
This is now available in the upstream channel, and I need it on one
machine for $reasons.

Normally the Emacs attribute is versioned to make it clear which
version we're dealing with, but not in this case. I've added an assert
to check that it is indeed 27.

Change-Id: I827df0d36350066bf4e177150d32af0c8d123b9b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1764
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-17 18:14:40 +00:00
Vincent Ambo
6f5659c88b chore(3p): Bump nixos-unstable channel
This bumps the channel to a commit that includes fixes for an nginx
issue we have been seeing:

https://github.com/NixOS/nixpkgs/pull/95264

Includes the following compatibility fixes:

- tests disabled in third_party.bufbuild: These were enabled
  unexpectedly by the update, but don't run in the sandbox because
  they want to download things from github

Change-Id: I98a3b5de57f62f1fd3a37701fa1896eddeedff85
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1759
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
2020-08-17 09:54:18 +00:00
Vincent Ambo
d44565d17e chore(3p): Pick Emacs & friends from the default channel
I had previously pinned Emacs to the (older) stable channel, because
of a heretofore undiagnosed issue in newer versions.

It turns out that the older Emacs is linking against X11-related
libraries, namely <unintelligible>, which cause even *weirder*
undiagnosed issues if paired with the rest of the recent packages.

This commit removes the exception for Emacs and just picks it from the
same channel as everything else.

Change-Id: Ifce21c99f0204d4cf131bacb366dd9617fc301b8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1751
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-08-15 00:26:42 +00:00
Vincent Ambo
d42c3dd72f chore(3p): Bump nixpkgs channels
Bumps both nixos-unstable and nixos-20.03 to today's versions, as per
status.nixos.org

Contains minor fixes to things that broke because of the update:

* tazjin/frog: hardware.u2f is a deprecated setting
* glittershark/system: modSha256 in Go modules is now vendorSha256
* glittershark/owothia: removed version constraint on relude

Change-Id: Ib3e9612b1b06ed547b90e4f8b0ffe5ed7fe0a5c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1642
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-08-06 00:15:33 +00:00
Griffin Smith
09cb41b7ac fix(3p/nix): Properly configure SANDBOX_SHELL
point the SANDBOX_SHELL macro at the actual path to busybox on the build
machine, or allow it to be configured at build-time with a cmake option.

Change-Id: I044a1315ba9baa3bc9ceddf29f36d14f9f9ccd96
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1632
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-08-04 02:15:10 +00:00
edef
8862f3fbaf feat(3p): Whitelist unzip
Change-Id: Iae7e661dc45f8bc8668c1aa4fe82b88e8868c22f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1585
Tested-by: BuildkiteCI
Reviewed-by: ericvolp12 <ericvolp12@gmail.com>
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-08-03 08:17:51 +00:00
Griffin Smith
696924b5ef feat(web/panettone): Add dev helpers for postgres db
Add a docker-compose file and lorri-based direnv for aiding in
running and connecting to a postgres database during development of
panettone.

Change-Id: I319eee52b52cd48e1f3d2e32c558989768dc19d8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1465
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: eta <eta@theta.eu.org>
2020-07-26 21:55:41 +00:00
Vincent Ambo
02066a4bab chore(3p/nix): Enable clang-format check in derivation build
This is the easiest way to get the checks up and running for now, but
we will probably want to separate out things like this into a separate
build step in the future.

Change-Id: I8e1a1095aef09b1eee97abad5b6240bc64d14b8c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1287
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-19 16:54:52 +00:00
Vincent Ambo
a2870d05a3 feat(3p/gtest): Bump version & override stdenv to libcxx
Change-Id: I19a34e80f51add5a7c6cde2650aae60c1919ad43
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1238
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
2020-07-17 02:59:42 +00:00
Griffin Smith
04ae293360 feat(tools): Add script to flamegraph a command
Add tools.perf-flamegraph, which collects the base case execution of
perf piped through stackcollapse-perf and flamegraph to flamegraph the
execution of an external command via perf.

Change-Id: I671fe254dc374b6cd7deca2d3bdea266164de025
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1176
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
2020-07-15 20:21:34 +00:00
Vincent Ambo
f70afe61a4 feat(3p/rr): Add ThreadRipper compatibility patch
Change-Id: Ia73883075e11bccaa234d3b1212f3ab9363f234c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/1129
Tested-by: BuildkiteCI
Reviewed-by: lukegb <lukegb@tvl.fyi>
2020-07-13 17:56:22 +00:00
Vincent Ambo
d6bf3207b0 feat(tazjin/frog): Install Quassel client on frog
Change-Id: I5abcf0768a84b2010acefef595d05d4f24f6d622
Reviewed-on: https://cl.tvl.fyi/c/depot/+/956
Tested-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
2020-07-08 22:10:08 +00:00
Griffin Smith
9ec0f4d0c8 feat(gs/keyboard): Integrate my layout with the depot
Integrate the keyboard layout for my Ergodox EZ, which is a layout for
QMK, with the depot, including exposing several cross-compilation
packages necessary to compile qmk for avr in third_party.

Change-Id: Idd43169a0a3cf0be2bd1a578fdaff70388a58bfc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/947
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-06 22:52:02 +00:00
Luke Granger-Brown
1915fbccd6 feat(3p/apereo-cas): initial Nix derivation (no TVL-specific config yet)
Change-Id: Ie7d52370dd554b110bbfa041b943fcf246373b94
Reviewed-on: https://cl.tvl.fyi/c/depot/+/933
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
2020-07-05 22:42:39 +00:00
Vincent Ambo
d2aaf030bd feat(3p/openldap): Enable slapd-passwd-argon2 module
This enables support for the Argon2 password hashing mechanism in
OpenLDAP. Note that we also need to configure the LDAP module to load
this, so this change is not yet sufficient for actually using Argon2
hashes.

Change-Id: I151b854b777daa924b22224a43851432a88a2760
Reviewed-on: https://cl.tvl.fyi/c/depot/+/830
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Vincent Ambo
6f5211bba8 chore(ci-builds): Move third_party builds to their own package group
... and remove a package that doesn't exist anymore (at this location)
from the nixpkgs allowlist.

Change-Id: I663c84c387fb04bb3b47448132ad768ed5352474
Reviewed-on: https://cl.tvl.fyi/c/depot/+/829
Reviewed-by: BuildkiteCI
Reviewed-by: isomer <isomer@tvl.fyi>
Tested-by: BuildkiteCI
2020-07-01 19:10:13 +00:00
Profpatsch
7f8184c6b7 refactor(overrides/writeElispBin): use writeScriptBin
Change-Id: Ib9793da985128b4a8f64b04086ea89ce81118188
Reviewed-on: https://cl.tvl.fyi/c/depot/+/705
Tested-by: BuildkiteCI
Reviewed-by: Kane York <rikingcoding@gmail.com>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
2020-06-30 00:19:27 +00:00
Profpatsch
2f21e0c8c0 refactor(nix): use our own writeScript(Bin)
We have this nice `runExecline` now, so we don’t need to use
`runCommand` (which spawns bash) just to write a simple script.

Change-Id: I2941ed8c1448fa1d7cc02dc18b24a8a945b2c38b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/704
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: BuildkiteCI
2020-06-30 00:19:27 +00:00
Griffin Smith
8091da8f0f feat(3p/haskellPackages): port in patches from xanthous
Add a few relatively uncontroversial patches to fix some broken packages
that I had developed for xanthous to the top-level third_party tree, so
they can be reused by other people in the monorepo

Change-Id: I68740477bda278c5dcc123080029ee4bd2cae37a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/740
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
2020-06-29 01:56:24 +00:00
Griffin Smith
6cd8b8e7e8 feat(3p): Add haskellPackages from nixpkgs
Change-Id: Ic59e86ec2a36f5ee4eaf48592346a084fdef63ea
Reviewed-on: https://cl.tvl.fyi/c/depot/+/735
Reviewed-by: glittershark <grfn@gws.fyi>
2020-06-29 00:38:32 +00:00
Profpatsch
cdfae7de48 feat(nix/emptyDerivation) add emptyDerivation
The most trivial of all derivations. It is more useful than it looks.

Can be used to bind nix expressions (e.g. test suites) to a
derivation, so that `nix-build` does not crap itself.

Change-Id: I61c24d8c129c9505733161207f3c30e820f5b15e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/665
Reviewed-by: tazjin <mail@tazj.in>
2020-06-28 17:59:46 +00:00