~tomleb

https://blog.tomlebreux.com

I develop random projects to experiment and for fun.

Mastodon: @tomleb@hachyderm.io

~tomleb/public-inbox

Last active 1 year, 5 months ago

~tomleb/mpdnotify

Last active 5 years ago
View more

Recent activity

[PATCH tlstunnel] Remove file limit bump 2 months ago

From Tom Lebreux to ~emersion/public-inbox

Starting with Go 1.19[0] the file limit is increased by default.

[0]: https://github.com/golang/go/commit/8427429c592588af8c49522c76b3e0e0e335d270
---
As discussed on the mailing list, we might as well just get rid of this
since upstream Go increases the limit by default at startup.
 cmd/tlstunnel/main.go | 16 ----------------
 1 file changed, 16 deletions(-)

diff --git a/cmd/tlstunnel/main.go b/cmd/tlstunnel/main.go
index 1adcac317619..be113e062237 100644
--- a/cmd/tlstunnel/main.go
+++ b/cmd/tlstunnel/main.go
@@ -51,27 +51,11 @@ func newServer() (*tlstunnel.Server, error) {
[message trimmed]

Re: [PATCH tlstunnel] Only bump fd limits on unix OSes 2 months ago

From Tom Lebreux to ~emersion/public-inbox

> Maybe we should just drop it?

Good point, I can send a patch that removes it. You mention it was added 
in Go 1.19. tlstunnel sets Go 1.18 as the minimum version, should we 
increase it as part of this change? Though I think before 1.21 it was 
still possible to compile a program with a older Go version than the Go 
defined in go.mod.

[0]: 
https://git.sr.ht/~emersion/tlstunnel/tree/109d44b113fcd907490e4a53b89b98a9830582a3/item/go.mod#L3

[PATCH tlstunnel] Only bump fd limits on unix OSes 2 months ago

From Tom Lebreux to ~emersion/public-inbox

---
Full disclosure, this is to make it work on Windows. I understand if
you're not willing to accept this patch for that reason.

My use case is running Ollama which listens to localhost with tlstunnel in
front. I then have caddy in a separate VLAN that connects to the
tlstunnel with client auth (from the other patch).

	[user] ---> [caddy] <---mtls---> [tlstunnel] <---localhost---> [ollama]

 cmd/tlstunnel/main.go       | 12 ------------
 cmd/tlstunnel/tune_other.go |  8 ++++++++
 cmd/tlstunnel/tune_unix.go  | 21 +++++++++++++++++++++
 3 files changed, 29 insertions(+), 12 deletions(-)
[message trimmed]

[PATCH tlstunnel] Add client_auth directive 2 months ago

From Tom Lebreux to ~emersion/public-inbox

---
As mentioned in IRC, I'm making use of client certificates to
authenticate an application that doesn't have any kind of authentication
built-in. This works great.

Here's an example where I'm requiring the certificate (meaning the
client MUST send one) and I'm also verifying it against the provided
cert (cert2.pem).

	frontend localhost:5443 {
		backend localhost:8000
		protocol http/1.1
		tls {
			load cert.pem key.pem
[message trimmed]

[PATCH tlstunnel] Remove unused function 2 months ago

From Tom Lebreux to ~emersion/public-inbox

---
 config.go | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/config.go b/config.go
index cc2fb4487f65..00e8d6ea24e6 100644
--- a/config.go
+++ b/config.go
@@ -253,17 +253,6 @@ func parseBackend(backend *Backend, cfg *backendConfig) error {
	return nil
}

func parseFrontendTLS(srv *Server, d *scfg.Directive) (unmanaged bool, err error) {
	for _, child := range d.Children {
[message trimmed]

[PATCH kanshi] Attempt switching all profiles with the same name 2 months ago

From Tom Lebreux to ~emersion/public-inbox

---
For example, if I have the following profiles:

profile "lid-opened" {
	output eDP-1 enable mode 1920x1080 position 0,0 scale 1
	output "screen2" enable
}

profile "lid-opened" {
	output eDP-1 enable mode 1920x1080 position 0,0 scale 1.6
	output "screen3" enable
}

with a sway bindswitch on lid-opened whenever the lid open, we should try all
[message trimmed]

[PATCH hare] linux::keyctl: Add chown and setperm 8 months ago

From Tom Lebreux to ~sircmpwn/hare-dev

Signed-off-by: Tom Lebreux <me@tomlebreux.com>
---
 linux/keyctl/+linux/keyctl.ha | 10 ++++++++++
 linux/keyctl/+linux/types.ha  | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/linux/keyctl/+linux/keyctl.ha b/linux/keyctl/+linux/keyctl.ha
index 3ef65397db59..71a7aab56e36 100644
--- a/linux/keyctl/+linux/keyctl.ha
+++ b/linux/keyctl/+linux/keyctl.ha
@@ -95,3 +95,13 @@ export fn read(id: serial, buf: []u8) (size | error) = {
	return keyctl(command::READ, id: u64,
		buf: uintptr: u64, bufln: u64, 0)?: size;
};
[message trimmed]

[PATCH hare] bufio: allow borrowedread up to last byte 1 year, 2 months ago

From Tom Lebreux to ~sircmpwn/hare-dev

Signed-off-by: Tom Lebreux <me@tomlebreux.com>
---
Assuming borrowedread([1,2,3], 3) should return [1,2,3] and not io::EOF
 bufio/memstream.ha | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/bufio/memstream.ha b/bufio/memstream.ha
index 9b34c5bb7be7..0a53a3e9bb04 100644
--- a/bufio/memstream.ha
@@ -141,7 +141,7 @@ export fn truncate(in: *memstream) (void | errors::unsupported) = {
// Reads data from a [[dynamic]] or [[fixed]] stream and returns a slice
// borrowed from the internal buffer.
export fn borrowedread(st: *memstream, amt: size) ([]u8 | io::EOF) = {
[message trimmed]

[PATCH mercury] bufio: allow to borrowread up to last byte 1 year, 2 months ago

From Tom Lebreux to ~sircmpwn/helios-devel

Signed-off-by: Tom Lebreux <me@tomlebreux.com>
---
I think that's the intended behavior.
 bufio/memstream.ha | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/bufio/memstream.ha b/bufio/memstream.ha
index e65acac5a0b1..06db61bd6f8e 100644
--- a/bufio/memstream.ha
@@ -141,7 +141,7 @@ export fn truncate(in: *memstream) (void | errors::unsupported) = {
// Reads data from a [[dynamic]] or [[fixed]] stream and returns a slice
// borrowed from the internal buffer.
export fn borrowedread(st: *memstream, amt: size) ([]u8 | io::EOF) = {
[message trimmed]

[PATCH mercury] Don't error when reading from end of tar file 1 year, 2 months ago

From Tom Lebreux to ~sircmpwn/helios-devel

Signed-off-by: Tom Lebreux <me@tomlebreux.com>
---
That seems to fix it for me. One issue was that when we were at the end of
the tar file and we attempted to read again (to get an io::EOF), it
would return an error instead of io::EOF.
 format/tar/reader.ha | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/format/tar/reader.ha b/format/tar/reader.ha
index cb67a8dbb8df..db4e6c73dd39 100644
--- a/format/tar/reader.ha
+++ b/format/tar/reader.ha
@@ -55,7 +55,7 @@ export fn next(rd: *reader) (entry | error | io::EOF) = {
			return truncated;
[message trimmed]