profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/gdamjan/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Дамјан Георгиевски gdamjan Skopje, Macedonia https://damjan.softver.org.mk/

gdamjan/erlang-irc-bot 81

A simple extendable irc bot in Erlang

gdamjan/ansible-gitlab 18

OBSOLETE :/ -- A role that downloads and install gitlab, in a format for ansible galaxy

gdamjan/ansible-uwsgi 16

An ansible role that compiles and installs uWSGI, in a format for ansible galaxy

gdamjan/Bus_Pirate 4

Community driven firmware and hardware for Bus Pirate version 3 and 4

gdamjan/convertor 3

Intelligent yuscii to unicode convertor for ODT files

gdamjan/ansible-wordpress 2

An ansible role that downloads and installs wordpress, in a format for ansible galaxy

gdamjan/async-db 2

async-db test with python, gevent, postgresql and sqlalchemy

azder/unframe 1

Removes the top bars of some .mk sites by replacing the page with the IFRAME contents

gdamjan/arm-playground 1

ARM Cortex-M3/M4 on Linux, gcc and freesoftware

gdamjan/dumdum 1

DumDum - a Music Player

push eventgdamjan/tt-rss-service

Дамјан Георгиевски

commit sha cd5b2a0c3e9eb08b0735731fa00b6a5dcd53a06c

test build on main branch and on pull requests

view details

push time in 15 days

created taggdamjan/tt-rss-service

tagv2021-09-08

tt-rss systemd portable service built on Nix

created time in 15 days

push eventgdamjan/tt-rss-service

Дамјан Георгиевски

commit sha f9b3fded26308faf185292943401dcc3ef7ec1b0

bump tt-rss to 2021-09-08 8ed927dbd2

view details

push time in 15 days

startedastro/microvm.nix

started time in 21 days

created taggdamjan/tt-rss-service

tagv2021-09-02

tt-rss systemd portable service built on Nix

created time in 22 days

push eventgdamjan/tt-rss-service

Дамјан Георгиевски

commit sha 8dc16241edc0a363d7df52a0fc6801aa8211a544

bump tt-rss to 2021-09-02 36e174750e

view details

Дамјан Георгиевски

commit sha f940e26b9e28e1b3eee77fb504c777fc82be2fa7

make test images available for 5 days

view details

push time in 22 days

pull request commentvouch/vouch-proxy

introduce explicit cfg.StateDir

this is the service I now use :

[Unit]
Description=Vouch Proxy
After=network.target

[Service]
Type=exec
DynamicUser=yes
StateDirectory=vouch-proxy
Environment=VOUCH_ROOT=/var/lib/vouch-proxy
ExecStartPre=/usr/bin/mkdir -p /var/lib/vouch-proxy/config
ExecStart=/usr/bin/vouch-proxy -config /etc/vouch-proxy/config.yaml
Restart=on-failure
RestartSec=5
StartLimitInterval=60s
StartLimitBurst=3

[Install]
WantedBy=multi-user.target
gdamjan

comment created time in 24 days

pull request commentvouch/vouch-proxy

introduce explicit cfg.StateDir

And how about if you do create the director /var/lib/vouch-proxy/config?

sure. that way it works.

ExecStartPre=/usr/bin/mkdir -p /var/lib/vouch-proxy/config

gdamjan

comment created time in 25 days

pull request commentvouch/vouch-proxy

introduce explicit cfg.StateDir

The VOUCH_ROOT environment variable is set, Environment=VOUCH_ROOT=/var/lib/vouch-proxy, /var/lib/vouch-proxy is dynamically created so is empty, vouch-proxy complains:

Sep 03 19:09:44 archless systemd[1]: Starting Vouch Proxy...
Sep 03 19:09:44 archless systemd[1]: Started Vouch Proxy.
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"warn","ts":1630688984.2638984,"msg":"set cfg.RootDir from VOUCH_ROOT env var: /var/lib/vouch-proxy"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"info","ts":1630688984.2641325,"msg":"config file set on commandline: /etc/vouch-proxy/config.yaml"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"debug","ts":1630688984.2644746,"msg":"open /var/lib/vouch-proxy/config/secret: no such file or directory"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"info","ts":1630688984.2644792,"msg":"jwt.secret not found in /var/lib/vouch-proxy/config/secret"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"warn","ts":1630688984.264481,"msg":"generating random jwt.secret and storing it in /var/lib/vouch-proxy/config/secret"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"debug","ts":1630688984.2645035,"msg":"open /var/lib/vouch-proxy/config/secret: no such file or directory"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"warn","ts":1630688984.2645097,"msg":"generating random session.key"}
Sep 03 19:09:44 archless vouch-proxy[109687]: {"level":"info","ts":1630688984.2645211,"msg":"setting LogLevel to info"}

gdamjan

comment created time in 25 days

pull request commentvouch/vouch-proxy

introduce explicit cfg.StateDir

Indeed that would be a solution.

Unfortunately that does not currently work with an empty VOUCH_ROOT directory.

I still think, internally in the code it would make sense to have StateDir and ConfigDir (instead of just RootDir).

gdamjan

comment created time in 25 days

push eventgdamjan/tt-rss-service

Дамјан Георгиевски

commit sha 2fa1d7ff7c466900f0590f13848d3f87b943b623

bump tt-rss to 2021-08-18 0808123179

view details

Дамјан Георгиевски

commit sha 1319ffdd8867c7b647fd4be54751987950cdc41e

test build with systemd, use pkgs.systemdMinimal for uwsgi and a typo in the README when systemd is used for uwsgi, it's compiled with the journal plugin for logging, which makes the logs a bit nicer on systemd distros (will not double the timestamps for ex.)

view details

push time in a month

startedsergiotapia/torrentinim

started time in 2 months

pull request commentvouch/vouch-proxy

introduce explicit cfg.StateDir

Could you articulate the problem you're trying to solve in a bit clearer terms?

yes sure, should've been more elaborate.

The idea behind the change is that a program needs to have a separate Config file/directory (which typically is deployed with some deployment/orchestration system: kuberenetes configmaps, ansible for full systems, parameter store Et Al. for cloud systems, or baking vm/docker images). The config file/directory will typically be read-only and immutable. This file/directory is typically not backuped either, since you have it in your config repo.

On another hand, the directory where the program writes it's own stuff, the state directory, should be writable to the program and also should be part of the backup procedures.

The change that I implemented introduces a cfg.StateDir variable, that can be used whenever vouch-proxy needs to store some state. It defaults to the RootDir/config to keep backward compatibility, but can be set to the STATE_DIRECTORY environment variable, which incidentally is the same one that systemd will set when you use the StateDirectory= service directive. (a service can have multiple StateDirectory directives, and they'd be separated by : in the env var - but I only use the first one).

ps. sorry for the late reply, I had an issue with my laptop had to get it up to speed

gdamjan

comment created time in 2 months

delete branch gdamjan/vouch-proxy

delete branch : embed-templates

delete time in 2 months

push eventgdamjan/vouch-proxy

herbrant

commit sha f78e1257e01a70f90aa444a8e52b30b72c6e4875

Added support for a custom 'relying party identifier' in a ADFS configuration

view details

Herbrant

commit sha cf960f98d2b6cc9a2db28c50012812a8cb2d3306

Updated adfs examples

view details

herbrant

commit sha 9830da1069141b74fc797fda6390bd4a6957e434

Added relying_party_id env in tests for env vars

view details

Benjamin Foote

commit sha 930fb8e38ed67098e39308133cd09dab193c781c

#189 adfs relying_party_id minor adjustments

view details

Benjamin Foote

commit sha 2eca9f11986e70bd27293d183a71e979ea53b223

#406 migrate Docker builds to quay.io

view details

Benjamin Foote

commit sha dc6261cf53de960966092c34ced5f757c1d4cf0b

use github.com/golang-jwt/jwt

view details

Benjamin Foote

commit sha 8ba0c5526ff9eefc9cb637ed2c26852217ef1f0d

#398 hold embeded templates in cfg.Templates

view details

Benjamin Foote

commit sha 33847ed9b120f4f7525d9195f42368b84c7390cb

#398 embed .defaults.yml

view details

Benjamin Foote

commit sha 9d66192073fd9f065255927ce18218b6c0fd9636

Merge branch 'master' into pr/gdamjan/398

view details

Benjamin Foote

commit sha 4d39cb1f36165f2ebd34df91e507860a0545a8d0

adjust testing environment for go:embed

view details

push time in 2 months

pull request commentvouch/vouch-proxy

embed the templates and static files into the vouch binary

thanks for merging. I see you improved the code substantially :)

gdamjan

comment created time in 2 months

PR opened vouch/vouch-proxy

introduce explicit cfg.StateDir

introduce an explicit cfg.StateDir, which, for now, is only used by the cfg.secretFile, which is $StateDir/secret

cfg.StateDir is initialized by the environment variable STATE_DIRECTORY compatible with what's provided by systemd (ie. the string is split on ":" and the first item is used).

when STATE_DIRECTORY is not provided, cfg.StateDir is set to $RootDir/config to preserve the previous behavior (secretFile was $RootDir/config/secret)

+14 -1

0 comment

1 changed file

pr created time in 2 months

push eventgdamjan/vouch-proxy

herbrant

commit sha f78e1257e01a70f90aa444a8e52b30b72c6e4875

Added support for a custom 'relying party identifier' in a ADFS configuration

view details

Herbrant

commit sha cf960f98d2b6cc9a2db28c50012812a8cb2d3306

Updated adfs examples

view details

herbrant

commit sha 9830da1069141b74fc797fda6390bd4a6957e434

Added relying_party_id env in tests for env vars

view details

Дамјан Георгиевски

commit sha 06331fbc4f48a679c2fa520e7c70ce1da3c5f626

embed the static files into the vouch binary the embed package is new to Go 1.6 https://golang.org/pkg/embed/ with this change it's no longer neccesseary to distribute the static files with vouch. all urls under the /static/ path are served from the embeded static filesystem. the static filesystem has all the files with the /static/ subdirectory so no stripping is needed. also removed the copy of static files to the Docker image

view details

Дамјан Георгиевски

commit sha a4d64cc0a6e1c6ceeb6a768b31cd8aa36db357a7

embed the template files into the vouch binary the embed package is new to Go 1.6 https://golang.org/pkg/embed/ with this change it's no longer necessary to distribute the template files with vouch. also removed the copy of template files to the Docker image

view details

Benjamin Foote

commit sha 930fb8e38ed67098e39308133cd09dab193c781c

#189 adfs relying_party_id minor adjustments

view details

Benjamin Foote

commit sha 2eca9f11986e70bd27293d183a71e979ea53b223

#406 migrate Docker builds to quay.io

view details

Benjamin Foote

commit sha dc6261cf53de960966092c34ced5f757c1d4cf0b

use github.com/golang-jwt/jwt

view details

Дамјан Георгиевски

commit sha 8ca24f1ecde44f18416ee874a8966e5273c71b6b

introduce responses.LoadTemplates, responses.Configure() is back

view details

Дамјан Георгиевски

commit sha ad7d1e60710b4ce293097ef20fa8ed85be85d330

fix responses.Configure() test too

view details

Benjamin Foote

commit sha 8ba0c5526ff9eefc9cb637ed2c26852217ef1f0d

#398 hold embeded templates in cfg.Templates

view details

Benjamin Foote

commit sha 33847ed9b120f4f7525d9195f42368b84c7390cb

#398 embed .defaults.yml

view details

Benjamin Foote

commit sha 9d66192073fd9f065255927ce18218b6c0fd9636

Merge branch 'master' into pr/gdamjan/398

view details

Benjamin Foote

commit sha 4d39cb1f36165f2ebd34df91e507860a0545a8d0

adjust testing environment for go:embed

view details

Дамјан Георгиевски

commit sha ff171b59c4abe40604c659c0f39c211aa9885870

introduce explicit cfg.StateDir for now, only used by the cfg.secretFile, which is $StateDir/secret cfg.StateDir is initialised by the environment variable STATE_DIRECTORY compatible with what's provided by systemd (ie. the string is split on ":" and the first item is used). when STATE_DIRECTORY is not provided, cfg.StateDir is set to $RootDir/config to preserve the previous behavior (secretFile was $RootDir/config/secret)

view details

push time in 2 months

pull request commentvouch/vouch-proxy

embed the templates and static files into the vouch binary

I'd suggest we revisit the defaults in another PR. If you're ok with the embedding of the static files and templates, let's merge this PR. Do you want the branch rebased, or perhaps the commits squashed into two?

gdamjan

comment created time in 2 months

push eventgdamjan/vouch-proxy

Дамјан Георгиевски

commit sha ad7d1e60710b4ce293097ef20fa8ed85be85d330

fix responses.Configure() test too

view details

push time in 2 months

Pull request review commentvouch/vouch-proxy

embed the templates and static files into the vouch binary

 func configure() { 	domains.Configure() 	jwtmanager.Configure() 	cookie.Configure()-	responses.Configure()+	responses.Configure(templatesFs)

here's one approach 8ca24f1ecde44f18416ee874a8966e5273c71b6b

gdamjan

comment created time in 2 months

PullRequestReviewEvent

push eventgdamjan/vouch-proxy

Дамјан Георгиевски

commit sha 8ca24f1ecde44f18416ee874a8966e5273c71b6b

introduce responses.LoadTemplates, responses.Configure() is back

view details

push time in 2 months

Pull request review commentvouch/vouch-proxy

embed the templates and static files into the vouch binary

 func configure() { 	domains.Configure() 	jwtmanager.Configure() 	cookie.Configure()-	responses.Configure()+	responses.Configure(templatesFs)

one of the issues is that I can't go:embed files from a parent directory, so that's why //go:embed templates is in main.go. if it needs to go in responses.go, the template files would need to be moved there.

an alternative approach would be to have both init() AND configure(templateFS)

What do you think?

gdamjan

comment created time in 2 months

PullRequestReviewEvent

pull request commentvouch/vouch-proxy

embed the templates and static files into the vouch binary

Could you also look at including .defaults.yml as an embedded asset? This file is also currently a runtime dependency.

hmm, isn't it better to use viper.SetDefault in the code, and make the .defaults.yml file optional? This kind of defaults file looks more like a development feature than a production one.

gdamjan

comment created time in 2 months

startedlentinj/tp-compact-keyboard

started time in 2 months

delete branch gdamjan/vouch-proxy

delete branch : fix/354_aud

delete time in 2 months

delete branch gdamjan/vouch-proxy

delete branch : feature/coveralls

delete time in 2 months

delete branch gdamjan/vouch-proxy

delete branch : bug/289_rd_login_param

delete time in 2 months