| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
| |
Corrected a small typo in "frontend"
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Justify in the center instead of spacing around on small devices, we
don't want to have an odd space between logo and text.
- Use em sizes in the header.
- No longer hard code the header height, instead only fix font size and
image size. The header can (in practice) now be flowed to three lines
on very small screens (logo, flipdot-, gschichtler) without the bottom
border ending up in the wrong place. h1 is still aligned properly in
the middle of its container by setting the containers min-height and
making it a flex box.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
The problem with rootSrc is that it changes whenever something (that
isn't covered by .gitignore) in the tree changes. This means that after
_any_ change all derivations need to be rebuild. By using the
subdirectories we need as a starting point instead of the filtered root
source, we can avoid this.
|
| |
|
|
|
|
|
|
| |
Since we are cross-referencing an FAQ section, we also make this
convenient by adding ids for all headings and highlighting the currently
targeted heading with an underline. This ensurse that it's clear which
section to read when clicking on a link even when the screen may not
jump around on even normal sized screens.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
parcel-bundler is a bit of an annoyance, as it has a million of
dependencies (in typical js fashion) and is not built by NixOS's Hydra.
An alternative to parcel-bundler is esbuild which is written in Go.
It, however, doesn't support transpiling ES6 to ES5 which we'll accept
for the lessened deployment annoyances. All modern browsers support ES6
anyways (especially the subset we are using).
|
| | |
|
| |
|
|
|
| |
This means that a (dynamically) linked service will respect alternative
allocator backends if they are configured, for example.
|
| | |
|
| |
|
|
|
| |
This allows one to restrict permissions on the files even more as only
systemd needs to be able to read them.
|
| |
|
|
|
|
| |
Otherwise ld-linux.so will get SIGSYS-ed, since we create a
TemporaryFileSystem and mount everything readonly anyway, this is not
really too terrible to allow.
|
| | |
|
| |
|
|
| |
This doesn't require the user to specify the cumbersome `_module.args`.
|
| |
|
|
|
| |
We need to add a few file system related syscalls, so the dynamic
linker won't get killed if we use a dynamically linked executable.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Due to a typo, previously the filesystem was accessible. Now we need
can't use `InaccessiblePaths` anymore, since it doesn't allow nesting
with `BindReadOnlyPaths`. Thus we need to switch to
`TemporaryFileSystem` which unfortunately doesn't seem to work with
`DynamicUser`.
With a new warteraum-specific user we can run warteraum in a
filesystem that only contains `/nix/store`, the secret files and vital
things like `/proc`, `/dev` etc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of compiling salt and tokens in, read both from files that are
specified as environment variables WARTERAUM_SALT_FILE and
WARTERAUM_TOKENS_FILE.
hashtoken has also been adjusted to read the salt from a specified salt
file (the first argument). It also now outputs the token in raw form
instead of C syntax. Intended usage is hashtoken
`/path/to/salt token >> /path/to/tokens`. Disadavantage of this is that
deleting tokens is somewhat cumbersome and only really doable with a hex
editor.
The NixOS service now expects saltFile and tokensFile instead of salt and
tokens as a string and a list of strings respectively.
|
| |
|
|
| |
need hashtoken to be able to run it…
|
| | |
|
| |
|
|
|
| |
This avoids checking in millions of lines generated by node2nix which
are already in nixpkgs anyways.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Using the default version since the versioned llvm stdenvs don't have
the static adapters applied: https://github.com/NixOS/nixpkgs/pull/118313
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
make is what people already use and it integrates better with nix, so
lets just use it as well. I haven't yet figured out how to do cleanly
implement a build system with redo without a thousand annoying little
shell scripts.
The downside of this is that GNU make is sometimes too lazy when
incrementally building and doesn't rebuild stuff when it really should.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This *should* contain more codepoints than the truetype font, however
the desired effect hasn't been achieved: we still have no emojis. I
suspect this is an issue with PIL's ImageFont.
However I haven't confirmed that the pcf in fact does contain these
glyphs.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Test:
* response formats
* queue properties
* authentication
in a sanity-check way using our python client library and pytest.
Also we run the warteraum server inside valgrind (which makes the
integration tests really slow unfortunately) in order to sanity check
for memory leaks.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* move auxiliary nix files into nix/
* add nix/version.nix as a global version for this repository
* build flipdots.script as a python package
* move warteraum derivation into its own file
* remove with pkgs; prefix everything from nixpkgs explicitly
* expose own version of python3 with our own pythonPackages added
* build anzeigetafel as a python application
* use subdirectories of rootSrc as source instead of the whole rootSrc
with sourceRoot changed to minimize rebuilds where possible
(bahnhofshalle, anzeigetafel, python packages)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
