git.delta.rocks / jrsonnet / refs/commits / 757475fe4cab

92 "scrypt",92 "scrypt",
93 "sha2",93 "sha2",
94 "subtle",94 "subtle",
95 "which",
96 "wsl",
95 "x25519-dalek",97 "x25519-dalek",
96 "zeroize",98 "zeroize",
97]99]
111 "rand 0.8.5",113 "rand 0.8.5",
112 "secrecy",114 "secrecy",
113 "sha2",115 "sha2",
116 "tempfile",
114]117]
115118
116[[package]]119[[package]]
1285 "digest",1288 "digest",
1286]1289]
1290
1291[[package]]
1292name = "home"
1293version = "0.5.11"
1294source = "registry+https://github.com/rust-lang/crates.io-index"
1295checksum = "589533453244b0995c858700322199b2becb13b627df2851f64a2775d024abcf"
1296dependencies = [
1297 "windows-sys 0.59.0",
1298]
12871299
1288[[package]]1300[[package]]
1289name = "hostname"1301name = "hostname"
3638 "wasm-bindgen",3650 "wasm-bindgen",
3639]3651]
3652
3653[[package]]
3654name = "which"
3655version = "4.4.2"
3656source = "registry+https://github.com/rust-lang/crates.io-index"
3657checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7"
3658dependencies = [
3659 "either",
3660 "home",
3661 "once_cell",
3662 "rustix 0.38.40",
3663]
36403664
3641[[package]]3665[[package]]
3642name = "winapi"3666name = "winapi"
3775 "bitflags",3799 "bitflags",
3776]3800]
3801
3802[[package]]
3803name = "wsl"
3804version = "0.1.0"
3805source = "registry+https://github.com/rust-lang/crates.io-index"
3806checksum = "f8dab7ac864710bdea6594becbea5b5050333cf34fefb0dc319567eb347950d4"
37773807
3778[[package]]3808[[package]]
3779name = "x25519-dalek"3809name = "x25519-dalek"

11nix-eval = { path = "./crates/nix-eval" }11nix-eval = { path = "./crates/nix-eval" }
12nixlike = { path = "./crates/nixlike" }12nixlike = { path = "./crates/nixlike" }
1313
14age = { version = "0.11", features = ["ssh"] }14age = { version = "0.11", features = ["ssh", "plugin"] }
15anyhow = "1.0"15anyhow = "1.0"
16clap = { version = "4.5", features = ["derive", "env", "unicode", "wrap_help"] }16clap = { version = "4.5", features = ["derive", "env", "unicode", "wrap_help"] }
17clap_complete = "4.5"17clap_complete = "4.5"

2323
24#[derive(Parser)]24#[derive(Parser)]
25pub enum Secret {25pub enum Secret {
26	AddManager,
26	/// Force load host keys for all defined hosts27	/// Force load host keys for all defined hosts
27	ForceKeys,28	ForceKeys,
28	/// Add secret, data should be provided in stdin29	/// Add secret, data should be provided in stdin
521impl Secret {522impl Secret {
522	pub async fn run(self, config: &Config, opts: &FleetOpts) -> Result<()> {523	pub async fn run(self, config: &Config, opts: &FleetOpts) -> Result<()> {
523		match self {524		match self {
525			Secret::AddManager => {
526				todo!("part of fleet-pusher")
527			}
524			Secret::ForceKeys => {528			Secret::ForceKeys => {
525				for host in config.list_hosts().await? {529				for host in config.list_hosts().await? {
526					if opts.should_skip(&host).await? {530					if opts.should_skip(&host).await? {

51	format!("fleet-gc-{id}")51	format!("fleet-gc-{id}")
52}52}
53
54#[derive(Serialize, Deserialize)]
55#[serde(rename_all = "camelCase")]
56pub struct ManagerKey {
57	pub name: String,
58	pub key: String,
59}
5360
54#[derive(Serialize, Deserialize)]61#[derive(Serialize, Deserialize)]
55#[serde(rename_all = "camelCase")]62#[serde(rename_all = "camelCase")]
58	#[serde(default = "generate_gc_prefix")]65	#[serde(default = "generate_gc_prefix")]
59	pub gc_root_prefix: String,66	pub gc_root_prefix: String,
67
68	#[serde(default)]
69	pub manager_keys: Vec<ManagerKey>,
6070
61	#[serde(default)]71	#[serde(default)]
62	pub hosts: BTreeMap<String, HostData>,72	pub hosts: BTreeMap<String, HostData>,

2  "nodes": {2  "nodes": {
3    "crane": {3    "crane": {
4      "locked": {4      "locked": {
5        "lastModified": 1750266157,5        "lastModified": 1753316655,
6        "narHash": "sha256-tL42YoNg9y30u7zAqtoGDNdTyXTi8EALDeCB13FtbQA=",6        "narHash": "sha256-tzWa2kmTEN69OEMhxFy+J2oWSvZP5QhEgXp3TROOzl0=",
7        "owner": "ipetkov",7        "owner": "ipetkov",
8        "repo": "crane",8        "repo": "crane",
9        "rev": "e37c943371b73ed87faf33f7583860f81f1d5a48",9        "rev": "f35a3372d070c9e9ccb63ba7ce347f0634ddf3d2",
10        "type": "github"10        "type": "github"
11      },11      },
12      "original": {12      "original": {
22        ]22        ]
23      },23      },
24      "locked": {24      "locked": {
25        "lastModified": 1749398372,25        "lastModified": 1753121425,
26        "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",26        "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=",
27        "owner": "hercules-ci",27        "owner": "hercules-ci",
28        "repo": "flake-parts",28        "repo": "flake-parts",
29        "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",29        "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e",
30        "type": "github"30        "type": "github"
31      },31      },
32      "original": {32      "original": {
37    },37    },
38    "nixpkgs": {38    "nixpkgs": {
39      "locked": {39      "locked": {
40        "lastModified": 1750895632,40        "lastModified": 1753320130,
41        "narHash": "sha256-EPZWiRmaSTxoBArK5dQyRlSNVLXiBt2hmsYIPgMf3zk=",41        "narHash": "sha256-KCuv6iYQ0XTVAEJvDLIsk99CJm7fuqIE0/KknyeYPtM=",
42        "owner": "nixos",42        "owner": "nixos",
43        "repo": "nixpkgs",43        "repo": "nixpkgs",
44        "rev": "6ac57ce7fee0d80226095a57ccb7519855ad7c5e",44        "rev": "788cc7374af486168b8aab6ca49e316c03508a86",
45        "type": "github"45        "type": "github"
46      },46      },
47      "original": {47      "original": {
68        ]68        ]
69      },69      },
70      "locked": {70      "locked": {
71        "lastModified": 1750819193,71        "lastModified": 1753238793,
72        "narHash": "sha256-XvkupGPZqD54HuKhN/2WhbKjAHeTl1UEnWspzUzRFfA=",72        "narHash": "sha256-jmQeEpgX+++MEgrcikcwoSiI7vDZWLP0gci7XiWb9uQ=",
73        "owner": "oxalica",73        "owner": "oxalica",
74        "repo": "rust-overlay",74        "repo": "rust-overlay",
75        "rev": "1ba3b9c59b68a4b00156827ad46393127b51b808",75        "rev": "0ad7ab4ca8e83febf147197e65c006dff60623ab",
76        "type": "github"76        "type": "github"
77      },77      },
78      "original": {78      "original": {
103        ]103        ]
104      },104      },
105      "locked": {105      "locked": {
106        "lastModified": 1749194973,106        "lastModified": 1753006367,
107        "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",107        "narHash": "sha256-tzbhc4XttkyEhswByk5R38l+ztN9UDbnj0cTcP6Hp9A=",
108        "owner": "numtide",108        "owner": "numtide",
109        "repo": "treefmt-nix",109        "repo": "treefmt-nix",
110        "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",110        "rev": "421b56313c65a0815a52b424777f55acf0b56ddf",
111        "type": "github"111        "type": "github"
112      },112      },
113      "original": {113      "original": {

94    };94    };
95    config = { };95    config = { };
96  };96  };
97  managerKey = {
98    options = {
99      name = mkOption {
100        type = str;
101        description = "Who does this manager key belongs to.";
102      };
103      key = mkOption {
104        type = str;
105        description = "Age-compatible key";
106      };
107    };
108    config = {};
109  };
97in110in
98{111{
99  options.data = mkDataOption (112  options.data = mkDataOption (
100    { config, ... }:113    { config, ... }:
101    {114    {
102      options = {115      options = {
116        managerKeys = mkOption {
117          type = listOf (submodule managerKey);
118        };
103        sharedSecrets = mkOption {119        sharedSecrets = mkOption {
104          type = attrsOf (submodule sharedSecretData);120          type = attrsOf (submodule sharedSecretData);
105          default = { };121          default = { };

1[toolchain]1[toolchain]
2channel = "1.86.0"2channel = "nightly-2025-06-10"
3components = ["rustfmt", "clippy", "rust-analyzer", "rust-src"]3components = ["rustfmt", "clippy", "rust-analyzer", "rust-src"]
44