This started because it was possible, not because it was very useful.
The overhead of using the full function API, is lessened by the function
API helpers, and the upcoming improvements in the function API.
It's much easier to have one fewer API's to manage and so on.
It's also a stark reminder of how weak tools like "puppet" are which
only really have data collection systems that don't take arguments.
If the user is logged in, and we try to change from /home/james to
/home/james/ we'll get the error:
usermod: user james is currently used by process ????
and furthermore, it makes no sense to try and make this change since the
usermod function won't do anything if you run:
usermod --gid james --groups wheel --home /home/james/ james
when /etc/passwd has /home/james as the string.
The provisioner should be able to encrypt things. We should use an empty
passphrase so that the choosing of the actual passphrase can be done at
first boot.
Could be used for any tool, but mgmt is an obvious possibility.
I should check this code more, but it's roughly right and I'm sure it
will get refactored more when I build opt-in provisioning and so on.
This was rather tricky, but I think I've learned a lot more about how
SSH actually works. We now only offer up to the server what we can
actually support, which lets us actually get back a host key we have a
chance of actually authenticating against.
Needed a new version of the ssh code and had to mess with go mod
garbage.
We should really be doing the math to find out how far along the string
each token really is, but that's complicated and tedious, especially
with the simplification passes, so let's skip that for now and just show
the whole thing.
This ports things to the new textarea. We need to plumb through things a
lot more, especially the string interpolation math to get the right
offsets everywhere, but that's coming.
Most things don't support this yet, but let's get in some initial
plumbing. It's always difficult to know which function failed, so we
need to start telling the users more precisely.
I can't get NetworkManager working properly in parallel to wireguard. I
get an extra route added and it breaks the tunnel. No idea why. The
networkd equivalent seems to just work.
