| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This removal is part of a process to decomission Distribution channel.
---
The ultimate goal is to move useful code from Distribution channel to either Sovereign or Deployment channel.
Everything else will be deleted and ultimately will be removed from network.
---
Module (deployment systems aisaka) has a dangling import of (suweren update).
Module (deployment users id1000) uses update-commands from (suweren update).
Guix-channel file includes dependency on Distribution channel.
---
The dangling import of (suweren update) is deleted from (deployment systems aisaka).
The update-commands binding is replaced with a definition from Sovereign channel.
The dependency on Distribution channel is removed from the list.
---
With this change Deployment channel is completely independent of Distribution, which can be deleted now.
|
|
This removal is part of a process to decomission Distribution channel.
---
The ultimate goal is to move useful code from Distribution channel to either Sovereign or Deployment channels.
Everything else will be deleted and ultimately will be removed from network.
---
The (suweren system) module was imported in aisaka, akashi and ayase systems.
---
All these imports are deleted.
---
After this (suweren system) module can be deleted from Distribution channel.
|
|
This removal is part of a process to decommission Deployment channel.
---
The ultimate goal is to move useful code from Deployment channel to either Sovereign or Deployment channels.
Everything else will be deleted and ultimately the entire channel will be removed from the net.
---
The deleted reference contains in its definition variables from both upstream Guix and another Distribution module.
Record uid1000-home-environment is the only user of the deleted reference.
This definition is in outdated style.
The (suweren home) module, defining the deleted reference, is also still imported by (deployment systems aisaka).
---
The variables listed in the deleted reference are used directly in the modified record.
This record is also restructured to match the current style.
The imports of of (suweren home) module are deleted from all affected modules.
Appropriate imports are added in (deployment users id1000).
---
Nothing else depends on the deleted reference, so its definition can be safely deleted from Distribution channel.
As it is the last definition in the module, the entire file can be deleted from the channel.
|
|
All operating-system records are configured to prepend default labels with respective host names.
-----
Some minor adaptations had to performed.
|
|
The purpose of the test subdomain is to try out changes in nginx configuration.
As such, directories should not be created for the sake of the test subdomain.
Instead, the test subdomain should point to a subdomain currently needing testing.
|
|
|
|
|
|
|
|
The root user need access to openssl command in order to manipulate ca secrets.
|
|
No functional changes are introduced.
This is purely visual improvement.
|
|
|
|
The current system configuration of aisaka uses an old custom home environment from before a unified one was developed.
As it is no longer useful, the (home-services) procedure definition is removed from the module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The prototype of the client certificate authentication is suboptimal.
The use of a private certificate authority for server authentication causes unnecessary security warnings when loading the subdomain with an unauthenticated browser.
Any browser in its default configuration has no right to understand the private certificate authority used for the client and server certificates.
It is possible to mix Let’s Encrypt certificates with a private certificate authority to implement the authentication.
None of the previously found client authentication guides mentioned that server authentication can use an authority chain different to client authentication.
This change takes advantage of this separation of concerns by using a Let’s Encrypt certificate for the test subdomain server, while keeping the private certificate for client authentication.
|
|
|
|
|
|
This reverts commit ba64ebfe587f05c734f24ace507d22629d350cd8.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The indirect bindings force the Sovereign channel to unnecessarily depend on Nonguix.
|
|
The indirect bindings force the Sovereign channel to unnecessarily depend on Nonguix.
|
|
|
