diff --git a/flake.nix b/flake.nix index b308408..b1ac6e0 100644 --- a/flake.nix +++ b/flake.nix @@ -246,7 +246,11 @@ firewall = { enable = true; allowPing = true; - allowedTCPPorts = [ 22 2022 ]; + allowedTCPPorts = [ + 22 # ssh + 2022 # et + 6443 # k3s + ]; }; }; i18n.defaultLocale = "en_US.UTF-8"; diff --git a/home/.zshenv-sawyer-dev-vio b/home/.zshenv-sawyer-dev-vio index 26cb8b2..0c84bcd 100644 --- a/home/.zshenv-sawyer-dev-vio +++ b/home/.zshenv-sawyer-dev-vio @@ -342,39 +342,79 @@ vulpixctl() { fi } +rakarctl() { + if [[ ! -v 1 ]]; then + echo >&2 "must specify namespace for RE" + return 1 + fi + local site_ns="$1" + shift + if ! kubectl get ns "$site_ns" >/dev/null 2>&1; then + echo >&2 "error: namespace $site_ns not found" + return 1 + fi + GRPC_PORT=${RAKAR_GRPC_PORT:-$(kubectl -n "$site_ns" get configmap rakar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)} + COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"} + if [[ -n "$GRPC_PORT" ]]; then + rakar_pod=$(kubectl -n "$site_ns" get pods -lname=rakar | tail -1 | awk '{print $1}') + if [[ -n "$rakar_pod" ]]; then + kubectl -n "$site_ns" exec -it "$rakar_pod" -c rakar -- \ + "rakarctl -t -u "localhost:#{GRPC_PORT}" --cookie "${COOKIE}" $@" + else + echo "could not find a running rakar pod" >&2 + fi + else + echo "could not determine rakar's GRPC port" + fi +} + +akarctl() { + COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"} + GRPC_PORT=${AKAR_GRPC_PORT:-$(kubectl -n ves-system get configmap akar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)} + if [[ -n "$GRPC_PORT" ]]; then + akar_pod=$(kubectl -n ves-system get pods -lname=akar | tail -1 | awk '{print $1}') + if [[ -n "$akar_pod" ]]; then + kubectl -n ves-system exec -it "$akar_pod" -c akar -- \ + akarctl -t -u "localhost:${GRPC_PORT}" --cookie "${COOKIE}" \ + $@ + else + echo "could not find a running akar pod" >&2 + fi + else + echo "could not determine akar's GRPC port" + fi +} + griffinctl() { - GRPC_TLS_PORT=${GRIFFIN_GRPC_TLS_PORT:-$(kubectl -n ves-system get configmap griffin-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcTLSPort' -)} - echo "griffin GRPC TLS port: $GRPC_TLS_PORT" >&2 - SERVER_CN=${GRIFFIN_SERVER_CN:-$(kubectl -n ves-system get deployment griffin -o json | jq -r '.spec.template.spec.containers[]|select(.name=="wingman")|.env|from_entries|.serviceNames' | cut -d',' -f1)} - echo "griffin CN: $SERVER_CN" >&2 - if [[ -n "$GRPC_TLS_PORT" ]]; then - griffin_pod=$(kubectl -n ves-system get pods | grep griffin | awk '{print $1}') + COOKIE=${COOKIE:-"ves-io:ongoing-config:admin"} + GRPC_PORT=${GRIFFIN_GRPC_PORT:-$(kubectl -n ves-system get configmap griffin-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)} + if [[ -n "$GRPC_PORT" ]]; then + griffin_pod=$(kubectl -n ves-system get pods -lname=griffin | tail -1 | awk '{print $1}') if [[ -n "$griffin_pod" ]]; then - kubectl -n ves-system -c griffin exec -it "$griffin_pod" -c griffin -- \ - griffinctl -u "localhost:${GRPC_TLS_PORT}" --server-cn "$SERVER_CN" \ + kubectl -n ves-system exec -it "$griffin_pod" -c griffin -- \ + griffinctl -t -u "localhost:${GRPC_PORT}" --cookie "${COOKIE}" \ $@ else echo "could not find a running griffin pod" >&2 fi else - echo "could not determine griffin's GRPC TLS port" + echo "could not determine griffin's GRPC port" fi } -akarctl() { - GRPC_TLS_PORT=${AKAR_GRPC_TLS_PORT:-$(kubectl -n ves-system get configmap akar-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcTLSPort' -)} - SERVER_CN=${AKAR_SERVER_CN:-$(kubectl -n ves-system get deployment akar -o json | jq -r '.spec.template.spec.containers[]|select(.name=="wingman")|.env|from_entries|.serviceNames' | cut -d',' -f1)} - if [[ -n "$GRPC_TLS_PORT" ]]; then - akar_pod=$(kubectl -n ves-system get pods | grep akar | grep -v readonly | awk '{print $1}') - if [[ -n "$akar_pod" ]]; then - kubectl -n ves-system -c akar exec -it "$akar_pod" -c akar -- \ - akarctl -u "localhost:${GRPC_TLS_PORT}" --server-cn "$SERVER_CN" \ +vegactl() { + GRPC_PORT=${VEGA_GRPC_PORT:-$(kubectl -n ves-system get configmap ver-config -o json | jq -r '.data."config.yml"' | yq e '.GrpcPort' -)} + if [[ -n "$GRPC_PORT" ]]; then + vega_pod=$(kubectl -n ves-system get pods -lname=ver | tail -1 | awk '{print $1}') + if [[ -n "$vega_pod" ]]; then + kubectl -n ves-system exec -it "$vega_pod" -c vega -- \ + vegactl -t -u "localhost:${GRPC_PORT}" \ $@ else - echo "could not find a running akar pod" >&2 + echo "could not find a running vega pod" >&2 fi else - echo "could not determine akar's GRPC TLS port" + echo "could not determine vega's GRPC port" fi } @@ -710,6 +750,13 @@ nix-config-update() { && nix flake update) } +podman-login() { + az acr login -n volterra --expose-token \ + | jq -r '.accessToken' \ + | podman login volterra.azurecr.io \ + --username 00000000-0000-0000-0000-000000000000 \ + --password-stdin +} # workaround for https://github.com/containers/skopeo/issues/1534 skopeo-acr-login() { az acr login -n volterra --expose-token \ @@ -719,8 +766,33 @@ skopeo-acr-login() { --password-stdin } +az-login() { + az login --tenant ves.f5.com +} + +# run Docker for Mac Desktop if it's not already running, +# and return once it's up +run-docker() { + if ! systemctl status docker >/dev/null 2>&1; then + echo "docker service is not running, starting it now, which requires root..." + if ! sudo systemctl start docker; then + return 1 + fi + echo -n "waiting for docker to start..." + while ! docker system info >/dev/null 2>&1; do + echo -n '.' + sleep 1 + done + echo + fi +} + acr-login() { - az login --tenant ves.f5.com && az acr login -n volterra && skopeo-acr-login + run-docker \ + && if ! az acr login -n volterra >/dev/null; then + az-login + fi \ + && skopeo-acr-login } # find an image with the given tag name (i.e. name is equal to the git commit hash or branch name) diff --git a/home/doom/default.nix b/home/doom/default.nix index 80ad79c..478fe20 100644 --- a/home/doom/default.nix +++ b/home/doom/default.nix @@ -38,7 +38,10 @@ let in { home.file."${doomDir}" = userConfigDir; - home.packages = [ emacsPackage ]; + home.packages = [ + emacsPackage + pkgs.emacs-lsp-booster + ]; # make packages available to file.onChange and activation scripts home.extraActivationPath = with pkgs; [ sd diff --git a/home/doom/emacs/+editor.el b/home/doom/emacs/+editor.el index 18de6e0..19f6274 100644 --- a/home/doom/emacs/+editor.el +++ b/home/doom/emacs/+editor.el @@ -939,3 +939,6 @@ wheel." (message "could not find emacs-lsp-booster on path, falling back to default (non-boosted) lsp-mode"))) ) ;; end of emacs-lsp-booster + +(after! emacs-eat + (setq eat-term-name "xterm-256color")) diff --git a/home/doom/emacs/+keybindings.el b/home/doom/emacs/+keybindings.el index 1f4fcc2..6cf3880 100644 --- a/home/doom/emacs/+keybindings.el +++ b/home/doom/emacs/+keybindings.el @@ -6,6 +6,7 @@ (map! :map general-override-mode-map :g "C-s" #'basic-save-buffer + :g "" #'eat-project :n "C-," (lambda () (interactive) (dired-other-window "~/workspaces/nix-configuration/home/doom/emacs")) diff --git a/home/doom/emacs/init.el b/home/doom/emacs/init.el index ba93ce7..71dcf4f 100644 --- a/home/doom/emacs/init.el +++ b/home/doom/emacs/init.el @@ -69,7 +69,7 @@ ;; neotree ; a project drawer, like NERDTree for vim ophints ; highlight the region an operation acts on (popup +defaults +all) ; tame sudden yet inevitable temporary windows - ;;tabs ; a tab bar for Emacs + tabs ; a tab bar for Emacs ;;treemacs (treemacs +lsp) ; a project drawer, like neotree but cooler unicode ; extended unicode support for various languages diff --git a/home/doom/emacs/packages.el b/home/doom/emacs/packages.el index 62beaa8..8a15258 100644 --- a/home/doom/emacs/packages.el +++ b/home/doom/emacs/packages.el @@ -56,7 +56,6 @@ (package! info-colors) (package! textsize) (package! org-modern) -(package! centaur-tabs) (package! ewal) (package! git-auto-commit-mode) ;; (package! doom-nano-modeline @@ -85,3 +84,13 @@ :branch "main")) (disable-packages! hl-line) + +(package! just-mode) +(package! emacs-eat + :recipe (:host codeberg + :repo "akib/emacs-eat" + :files ("*.el" ("term" "term/*.el") "*.texi" + "*.ti" ("terminfo/e" "terminfo/e/*") + ("terminfo/65" "terminfo/65/*") + ("integration" "integration/*") + (:exclude ".dir-locals.el" "*-tests.el")))) diff --git a/home/sawyer-dev-vio.nix b/home/sawyer-dev-vio.nix index 1ac761a..701a827 100644 --- a/home/sawyer-dev-vio.nix +++ b/home/sawyer-dev-vio.nix @@ -61,6 +61,7 @@ let scons sd ssm-session-manager-plugin + sysbench valgrind wezterm wireshark @@ -84,6 +85,7 @@ let # not working (causes the terminal to freeze): # SKIM_TMUX_OPTS = "--color=current_bg:24 --height=40%"; VISUAL = "hx"; + KUBECONFIG = "/etc/rancher/k3s/k3s.yaml"; }; extraPaths = [ diff --git a/home/tmux/default.nix b/home/tmux/default.nix index ab8e8bb..1537f8d 100644 --- a/home/tmux/default.nix +++ b/home/tmux/default.nix @@ -219,14 +219,14 @@ in { home.packages = with pkgs; [ tmux - tmuxPlugins.resurrect + # tmuxPlugins.resurrect ]; programs.tmux = { enable = true; package = pkgs.tmux; - plugins = with pkgs.tmuxPlugins; [ - resurrect - ]; + # plugins = with pkgs.tmuxPlugins; [ + # resurrect + # ]; baseIndex = 1; clock24 = true; disableConfirmationPrompt = true; @@ -235,7 +235,7 @@ in prefix = "C-space"; shortcut = "space"; # ?? sensibleOnTop = false; - shell = "${pkgs.zsh}/bin/zsh"; + shell = "/etc/profiles/per-user/sawyer/bin/zsh"; extraConfig = '' ${mapKeyUnbinds unbindKeys} ${mapKeyBinds "bind -n" rootKeys} diff --git a/modules/nixos.nix b/modules/nixos.nix index 8a251b2..a2bf7fa 100644 --- a/modules/nixos.nix +++ b/modules/nixos.nix @@ -9,8 +9,16 @@ with lib; { environment.systemPackages = with pkgs; [ + azure-cli bash + bat + bat-extras.batman + bind curlFull + docker + docker-compose + etcd + eternal-terminal eza fd file @@ -18,14 +26,28 @@ with lib; helix htop jq + just + kluctl less + libsndfile + msgpack + ncurses + netperf + nmap pkg-config readline ripgrep + skim + skopeo starship tmux wget + wireshark zsh + zsh-autosuggestions + zsh-syntax-highlighting + zsh-z + zstd ]; nix = { package = pkgs.nixVersions.stable;