althaea.zone / wire
ALPHA: wire is a tool to deploy nixos systems wire.althaea.zone/
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+57 -30
CHANGELOG.md
Cargo.lock
Cargo.toml
crates
core
src
commands
mod.rs
hive
steps
activate.rs
build.rs
keys.rs
key_agent
Cargo.toml
src
keys.proto
main.rs
doc
guides
installation.md
package.json
snippets
guides
installation
flake.nix
garnix.yaml
+12
CHANGELOG.md
··· 7 7 8 8 ## [Unreleased] - yyyy-mm-dd 9 9 10 + ### Fixed 11 + 12 + - Fix a bug where key permissions where being printed in decimal format instead 13 + of octal. 14 + 15 + ## [v1.1.1] - 2025-01-05 16 + 17 + ### Fixed 18 + 19 + - Fix a bug where wire was attempting to SSH to the local machine when `buildOnTarget` & 20 + `allowLocalDeployment` where true. 21 + 10 22 ## [v1.1.0] - 2025-12-31 11 23 12 24 ### Added
+3 -3
Cargo.lock
··· 3157 3157 3158 3158 [[package]] 3159 3159 name = "wire" 3160 - version = "1.1.0" 3160 + version = "1.1.1" 3161 3161 dependencies = [ 3162 3162 "clap", 3163 3163 "clap-markdown", ··· 3183 3183 3184 3184 [[package]] 3185 3185 name = "wire-core" 3186 - version = "1.1.0" 3186 + version = "1.1.1" 3187 3187 dependencies = [ 3188 3188 "aho-corasick", 3189 3189 "anyhow", ··· 3222 3222 3223 3223 [[package]] 3224 3224 name = "wire-key-agent" 3225 - version = "1.1.0" 3225 + version = "1.1.1" 3226 3226 dependencies = [ 3227 3227 "anyhow", 3228 3228 "base64",
+1 -1
Cargo.toml
··· 2 2 members = ["crates/key_agent", "crates/core", "crates/cli"] 3 3 resolver = "2" 4 4 package.edition = "2024" 5 - package.version = "1.1.0" 5 + package.version = "1.1.1" 6 6 7 7 [workspace.metadata.crane] 8 8 name = "wire"
+1 -1
crates/core/src/commands/mod.rs
··· 68 68 } 69 69 } 70 70 71 - pub(crate) const fn on_target(mut self, target: Option<&'a Target>) -> Self { 71 + pub(crate) const fn execute_on_remote(mut self, target: Option<&'a Target>) -> Self { 72 72 self.target = target; 73 73 self 74 74 }
+3 -3
crates/core/src/hive/steps/activate.rs
··· 58 58 let child = run_command( 59 59 &CommandArguments::new(command_string, ctx.modifiers) 60 60 .mode(crate::commands::ChildOutputMode::Nix) 61 - .on_target(if apply_objective.should_apply_locally { 61 + .execute_on_remote(if apply_objective.should_apply_locally { 62 62 None 63 63 } else { 64 64 Some(&ctx.node.target) ··· 121 121 122 122 let child = run_command( 123 123 &CommandArguments::new(command_string, ctx.modifiers) 124 - .on_target(if apply_objective.should_apply_locally { 124 + .execute_on_remote(if apply_objective.should_apply_locally { 125 125 None 126 126 } else { 127 127 Some(&ctx.node.target) ··· 150 150 let reboot = run_command( 151 151 &CommandArguments::new("reboot now", ctx.modifiers) 152 152 .log_stdout() 153 - .on_target(Some(&ctx.node.target)) 153 + .execute_on_remote(Some(&ctx.node.target)) 154 154 .elevated(ctx.node), 155 155 ) 156 156 .await?;
+2 -5
crates/core/src/hive/steps/build.rs
··· 51 51 let status = run_command_with_env( 52 52 &CommandArguments::new(command_string, ctx.modifiers) 53 53 // build remotely if asked for AND we arent applying locally 54 - // 55 - // (building remotely but applying locally does not logically 56 - // make any sense) 57 - .on_target( 54 + .execute_on_remote( 58 55 if ctx.node.build_remotely 59 56 && let Objective::Apply(apply_objective) = ctx.objective 60 - && apply_objective.should_apply_locally 57 + && !apply_objective.should_apply_locally 61 58 { 62 59 Some(&ctx.node.target) 63 60 } else {
+3 -3
crates/core/src/hive/steps/keys.rs
··· 108 108 } 109 109 } 110 110 111 - fn get_u32_permission(key: &Key) -> Result<u32, KeyError> { 111 + fn get_u32_unix_mode(key: &Key) -> Result<u32, KeyError> { 112 112 u32::from_str_radix(&key.permissions, 8).map_err(KeyError::ParseKeyPermissions) 113 113 } 114 114 ··· 170 170 .expect("Failed to convert usize buf length to i32"), 171 171 user: key.user.clone(), 172 172 group: key.group.clone(), 173 - permissions: get_u32_permission(key)?, 173 + unix_mode: get_u32_unix_mode(key)?, 174 174 destination: destination.into_os_string().into_string().unwrap(), 175 175 digest: Sha256::digest(&buf).to_vec(), 176 176 last: false, ··· 266 266 267 267 let mut child = run_command( 268 268 &CommandArguments::new(command_string, ctx.modifiers) 269 - .on_target(if apply_objective.should_apply_locally { 269 + .execute_on_remote(if apply_objective.should_apply_locally { 270 270 None 271 271 } else { 272 272 Some(&ctx.node.target)
+3
crates/key_agent/Cargo.toml
··· 15 15 16 16 [build-dependencies] 17 17 prost-build = "0.14" 18 + 19 + [lints] 20 + workspace = true
+1 -1
crates/key_agent/src/keys.proto
··· 9 9 string destination = 1; 10 10 string user = 2; 11 11 string group = 3; 12 - uint32 permissions = 4; 12 + uint32 unix_mode = 4; 13 13 uint32 length = 5; 14 14 bool last = 6; 15 15 /// Sha256 digest
+3 -3
crates/key_agent/src/main.rs
··· 26 26 27 27 fn pretty_keyspec(spec: &KeySpec) -> String { 28 28 format!( 29 - "{} {}:{} {}", 30 - spec.destination, spec.user, spec.group, spec.permissions 29 + "{} {}:{} {:o}", 30 + spec.destination, spec.user, spec.group, spec.unix_mode 31 31 ) 32 32 } 33 33 ··· 68 68 let mut file = File::create(path).await?; 69 69 let mut permissions = file.metadata().await?.permissions(); 70 70 71 - permissions.set_mode(spec.permissions); 71 + permissions.set_mode(spec.unix_mode); 72 72 file.set_permissions(permissions).await?; 73 73 74 74 let user = User::from_name(&spec.user)?;
+1 -1
doc/guides/installation.md
··· 51 51 Alternatively, you can use a tag instead: 52 52 53 53 ```sh 54 - $ npins add github forallsys wire --at v1.1.0 54 + $ npins add github forallsys wire --at v1.1.1 55 55 ``` 56 56 57 57 Then, use this pinned version of wire for both your `hive.nix` and `shell.nix`:
+1 -1
doc/package.json
··· 1 1 { 2 2 "name": "wire-docs", 3 - "version": "1.1.0-dev", 3 + "version": "1.1.1", 4 4 "type": "module", 5 5 "devDependencies": { 6 6 "vitepress": "^1.6.4",
+1 -1
doc/snippets/guides/installation/flake.nix
··· 4 4 wire.url = "github:forallsys/wire/stable"; 5 5 6 6 # alternatively, you can use a tag instead: 7 - # wire.url = "github:forallsys/wire/v1.1.0"; 7 + # wire.url = "github:forallsys/wire/v1.1.1"; 8 8 9 9 systems.url = "github:nix-systems/default"; 10 10 };
+22 -7
garnix.yaml
··· 1 1 builds: 2 - exclude: [] 3 - include: 4 - - packages.x86_64-linux.docs 5 - - packages.x86_64-linux.docs-unstable 6 - - packages.*.wire 7 - - packages.*.wire-small 8 - branch: trunk 2 + - exclude: [] 3 + include: 4 + - packages.x86_64-linux.docs 5 + - packages.x86_64-linux.docs-unstable 6 + - packages.*.wire 7 + - packages.*.wire-small 8 + branch: trunk 9 + - exclude: [] 10 + include: 11 + - packages.x86_64-linux.docs 12 + - packages.x86_64-linux.docs-unstable 13 + - packages.*.wire 14 + - packages.*.wire-small 15 + branch: stable 16 + # used to run garnix on an arbitrary commit in a throwaway branch 17 + - exclude: [] 18 + include: 19 + - packages.x86_64-linux.docs 20 + - packages.x86_64-linux.docs-unstable 21 + - packages.*.wire 22 + - packages.*.wire-small 23 + branch: arbitrary