changes from sawyer-dev-vio

flake.nix

@@ -246,7 +246,11 @@
               firewall = {
                 enable = true;
                 allowPing = true;
-                allowedTCPPorts = [ 22 2022 ];
+                allowedTCPPorts = [
+                  22 # ssh
+                  2022 # et
+                  6443 # k3s
+                ];
               };
             };
             i18n.defaultLocale = "en_US.UTF-8";

home/.zshenv-sawyer-dev-vio

@@ -342,39 +342,79 @@ vulpixctl() {
   fi
 }
 
+rakarctl() {
+  if [[ ! -v 1 ]]; then
+    echo >&2 "must specify namespace for RE"
+    return 1
+  fi
+  local site_ns="$1"
+  shift
+  if ! kubectl get ns "$site_ns" >/dev/null 2>&1; then
+    echo >&2 "error: namespace $site_ns not found"
+    return 1
+  fi
+  GRPC_PORT=${RAKAR_GRPC_PORT:-$(kubectl -n "$site_ns" get configmap rakar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)}
+  COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"}
+  if [[ -n "$GRPC_PORT" ]]; then
+    rakar_pod=$(kubectl -n "$site_ns" get pods -lname=rakar | tail -1 | awk '{print $1}')
+    if [[ -n "$rakar_pod" ]]; then
+      kubectl -n "$site_ns" exec -it "$rakar_pod" -c rakar -- \
+        "rakarctl -t -u "localhost:#{GRPC_PORT}" --cookie "${COOKIE}" $@"
+    else
+      echo "could not find a running rakar pod" >&2
+    fi
+  else
+    echo "could not determine rakar's GRPC port"
+  fi
+}
+
+akarctl() {
+  COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"}
+  GRPC_PORT=${AKAR_GRPC_PORT:-$(kubectl -n ves-system get configmap akar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)}
+  if [[ -n "$GRPC_PORT" ]]; then
+    akar_pod=$(kubectl -n ves-system get pods -lname=akar | tail -1 | awk '{print $1}')
+    if [[ -n "$akar_pod" ]]; then
+      kubectl -n ves-system exec -it "$akar_pod" -c akar -- \
+        akarctl -t -u "localhost:${GRPC_PORT}" --cookie "${COOKIE}" \
+        $@
+    else
+      echo "could not find a running akar pod" >&2
+    fi
+  else
+    echo "could not determine akar's GRPC port"
+  fi
+}
+
 griffinctl() {
-  GRPC_TLS_PORT=${GRIFFIN_GRPC_TLS_PORT:-$(kubectl -n ves-system get configmap griffin-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcTLSPort' -)}
-  echo "griffin GRPC TLS port: $GRPC_TLS_PORT" >&2
-  SERVER_CN=${GRIFFIN_SERVER_CN:-$(kubectl -n ves-system get deployment griffin -o json | jq -r '.spec.template.spec.containers[]|select(.name=="wingman")|.env|from_entries|.serviceNames' | cut -d',' -f1)}
-  echo "griffin CN: $SERVER_CN" >&2
-  if [[ -n "$GRPC_TLS_PORT" ]]; then
-    griffin_pod=$(kubectl -n ves-system get pods | grep griffin | awk '{print $1}')
+  COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"}
+  GRPC_PORT=${GRIFFIN_GRPC_PORT:-$(kubectl -n ves-system get configmap griffin-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)}
+  if [[ -n "$GRPC_PORT" ]]; then
+    griffin_pod=$(kubectl -n ves-system get pods -lname=griffin | tail -1 | awk '{print $1}')
     if [[ -n "$griffin_pod" ]]; then
-      kubectl -n ves-system -c griffin exec -it "$griffin_pod" -c griffin -- \
-        griffinctl -u "localhost:${GRPC_TLS_PORT}" --server-cn "$SERVER_CN" \
+      kubectl -n ves-system exec -it "$griffin_pod" -c griffin -- \
+        griffinctl -t -u "localhost:${GRPC_PORT}" --cookie "${COOKIE}" \
         $@
     else
       echo "could not find a running griffin pod" >&2
     fi
   else
-    echo "could not determine griffin's GRPC TLS port"
+    echo "could not determine griffin's GRPC port"
   fi
 }
 
-akarctl() {
-  GRPC_TLS_PORT=${AKAR_GRPC_TLS_PORT:-$(kubectl -n ves-system get configmap akar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcTLSPort' -)}
-  SERVER_CN=${AKAR_SERVER_CN:-$(kubectl -n ves-system get deployment akar -o json | jq -r '.spec.template.spec.containers[]|select(.name=="wingman")|.env|from_entries|.serviceNames' | cut -d',' -f1)}
-  if [[ -n "$GRPC_TLS_PORT" ]]; then
-    akar_pod=$(kubectl -n ves-system get pods | grep akar | grep -v readonly | awk '{print $1}')
-    if [[ -n "$akar_pod" ]]; then
-      kubectl -n ves-system -c akar exec -it "$akar_pod" -c akar -- \
-        akarctl -u "localhost:${GRPC_TLS_PORT}" --server-cn "$SERVER_CN" \
+vegactl() {
+  GRPC_PORT=${VEGA_GRPC_PORT:-$(kubectl -n ves-system get configmap ver-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)}
+  if [[ -n "$GRPC_PORT" ]]; then
+    vega_pod=$(kubectl -n ves-system get pods -lname=ver | tail -1 | awk '{print $1}')
+    if [[ -n "$vega_pod" ]]; then
+      kubectl -n ves-system exec -it "$vega_pod" -c vega -- \
+        vegactl -t -u "localhost:${GRPC_PORT}" \
         $@
     else
-      echo "could not find a running akar pod" >&2
+      echo "could not find a running vega pod" >&2
     fi
   else
-    echo "could not determine akar's GRPC TLS port"
+    echo "could not determine vega's GRPC port"
   fi
 }
 
@@ -710,6 +750,13 @@ nix-config-update() {
     && nix flake update)
 }
 
+podman-login() {
+  az acr login -n volterra --expose-token \
+    | jq -r '.accessToken' \
+    | podman login volterra.azurecr.io \
+      --username 00000000-0000-0000-0000-000000000000 \
+      --password-stdin
+}
 # workaround for https://github.com/containers/skopeo/issues/1534
 skopeo-acr-login() {
   az acr login -n volterra --expose-token \
@@ -719,8 +766,33 @@ skopeo-acr-login() {
       --password-stdin
 }
 
+az-login() {
+  az login --tenant ves.f5.com
+}
+
+# run Docker for Mac Desktop if it's not already running,
+# and return once it's up
+run-docker() {
+  if ! systemctl status docker >/dev/null 2>&1; then
+    echo "docker service is not running, starting it now, which requires root..."
+    if ! sudo systemctl start docker; then
+      return 1
+    fi
+    echo -n "waiting for docker to start..."
+    while ! docker system info >/dev/null 2>&1; do
+      echo -n '.'
+      sleep 1
+    done
+    echo
+  fi
+}
+
 acr-login() {
-  az login --tenant ves.f5.com && az acr login -n volterra && skopeo-acr-login
+  run-docker \
+    && if ! az acr login -n volterra >/dev/null; then
+        az-login
+      fi \
+    && skopeo-acr-login
 }
 
 # find an image with the given tag name (i.e. name is equal to the git commit hash or branch name)

home/doom/default.nix

@@ -38,7 +38,10 @@ let
 in
 {
   home.file."${doomDir}" = userConfigDir;
-  home.packages = [ emacsPackage ];
+  home.packages = [
+    emacsPackage
+    pkgs.emacs-lsp-booster
+  ];
   # make packages available to file.onChange and activation scripts
   home.extraActivationPath = with pkgs; [
     sd

home/doom/emacs/+editor.el

@@ -939,3 +939,6 @@ wheel."
       (message "could not find emacs-lsp-booster on path, falling back to default (non-boosted) lsp-mode")))
   )
 ;; end of emacs-lsp-booster
+
+(after! emacs-eat
+  (setq eat-term-name "xterm-256color"))

home/doom/emacs/+keybindings.el

@@ -6,6 +6,7 @@
 (map!
  :map general-override-mode-map
  :g "C-s" #'basic-save-buffer
+ :g "<f8>" #'eat-project
  :n "C-," (lambda ()
             (interactive)
             (dired-other-window "~/workspaces/nix-configuration/home/doom/emacs"))

home/doom/emacs/init.el

@@ -69,7 +69,7 @@
        ;; neotree           ; a project drawer, like NERDTree for vim
        ophints           ; highlight the region an operation acts on
        (popup +defaults +all)   ; tame sudden yet inevitable temporary windows
-       ;;tabs              ; a tab bar for Emacs
+       tabs              ; a tab bar for Emacs
        ;;treemacs
        (treemacs +lsp)          ; a project drawer, like neotree but cooler
        unicode           ; extended unicode support for various languages

home/doom/emacs/packages.el

@@ -56,7 +56,6 @@
 (package! info-colors)
 (package! textsize)
 (package! org-modern)
-(package! centaur-tabs)
 (package! ewal)
 (package! git-auto-commit-mode)
 ;; (package! doom-nano-modeline
@@ -85,3 +84,13 @@
            :branch "main"))
 
 (disable-packages! hl-line)
+
+(package! just-mode)
+(package! emacs-eat
+  :recipe (:host codeberg
+           :repo "akib/emacs-eat"
+           :files ("*.el" ("term" "term/*.el") "*.texi"
+                   "*.ti" ("terminfo/e" "terminfo/e/*")
+                   ("terminfo/65" "terminfo/65/*")
+                   ("integration" "integration/*")
+                   (:exclude ".dir-locals.el" "*-tests.el"))))

home/sawyer-dev-vio.nix

@@ -61,6 +61,7 @@ let
     scons
     sd
     ssm-session-manager-plugin
+    sysbench
     valgrind
     wezterm
     wireshark
@@ -84,6 +85,7 @@ let
     # not working (causes the terminal to freeze):
     # SKIM_TMUX_OPTS = "--color=current_bg:24 --height=40%";
     VISUAL = "hx";
+    KUBECONFIG = "/etc/rancher/k3s/k3s.yaml";
   };
 
   extraPaths = [

home/tmux/default.nix

@@ -219,14 +219,14 @@ in
 {
   home.packages = with pkgs; [
     tmux
-    tmuxPlugins.resurrect
+    # tmuxPlugins.resurrect
   ];
   programs.tmux = {
     enable = true;
     package = pkgs.tmux;
-    plugins = with pkgs.tmuxPlugins; [
-      resurrect
-    ];
+    # plugins = with pkgs.tmuxPlugins; [
+    #   resurrect
+    # ];
     baseIndex = 1;
     clock24 = true;
     disableConfirmationPrompt = true;
@@ -235,7 +235,7 @@ in
     prefix = "C-space";
     shortcut = "space"; # ??
     sensibleOnTop = false;
-    shell = "${pkgs.zsh}/bin/zsh";
+    shell = "/etc/profiles/per-user/sawyer/bin/zsh";
     extraConfig = ''
       ${mapKeyUnbinds unbindKeys}
       ${mapKeyBinds "bind -n" rootKeys}

modules/nixos.nix

@@ -9,23 +9,45 @@ with lib;
 
 {
   environment.systemPackages = with pkgs; [
+    azure-cli
     bash
+    bat
+    bat-extras.batman
+    bind
     curlFull
+    docker
+    docker-compose
+    etcd
+    eternal-terminal
     eza
     fd
     file
     git
     helix
     htop
     jq
+    just
+    kluctl
     less
+    libsndfile
+    msgpack
+    ncurses
+    netperf
+    nmap
     pkg-config
     readline
     ripgrep
+    skim
+    skopeo
     starship
     tmux
     wget
+    wireshark
     zsh
+    zsh-autosuggestions
+    zsh-syntax-highlighting
+    zsh-z
+    zstd
   ];
   nix = {
     package = pkgs.nixVersions.stable;