raito
76276a8da3
feat: add build01.aarch64.lix.systems
...
This is the first Lix machine we are enrolling in our infrastructure
(!).
It's using all the previous commits to make it cozy with our current
infra style.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-06 11:10:28 +02:00
raito
1e421889e4
feat(monitoring): add static label for tenancy
...
So we can distinguish easily things in the dashboards.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-06 11:10:16 +02:00
raito
6978c1271d
feat: introduce floral and lix common modules
...
This way, we can mark tenancy appropriately in a common expression and
add all machines altogether in the same entrypoint.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-06 11:09:11 +02:00
raito
c0689e6832
feat: add @localboot tags for machine which can be deployed
...
colmena does not support netboot deployment, this is fine. We can fix it
later.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-06 08:09:53 +00:00
raito
b5d412a5ba
feat: adopt new version of Buildbot with incoming ref data
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-06 07:59:56 +00:00
Maxine Aubrey
86e833f52a
chore(tf): drop all gandi resources
2024-10-05 18:46:45 +02:00
raito
6d3e14ec27
feat: finer-grained ACLs for server accesses
...
In the process of adding multi-tenant infrastructure, it seems relevant
to add finer-grained ACLs.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-05 16:20:19 +02:00
Kiara Grouwstra
b291caac46
feat(monitoring): add uptime-kuma for status page, fixes #97
...
Adds a service for a status page using
[`uptime-kuma`](https://uptime.kuma.pet/ ).
2024-10-01 16:13:23 +00:00
Maxine Aubrey
e3b6cb72b4
feat(dns): add dnsimple to terraform configuration
2024-09-23 19:49:21 +02:00
raito
9a04ef909b
feat(nixpkgs): run oxidized channel scripts
...
We don't need weird Perl scripts where we are going. Here's a streaming
channel-scripts deployment with plenty of bells, including OTLP.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 19:32:23 +02:00
raito
d1ffce9336
feat(grafana): jsonnet-based dashboards
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 16:17:52 +02:00
Pierre Bourdon
29babfc5c4
Revert "Partial revert "Add Grapevine Matrix server and matrix-hookshot""
...
This reverts commit 17c342b33e
.
Grapevine's use of IFD was fixed upstream.
2024-08-15 16:22:22 +02:00
Pierre Bourdon
5dd9ad553c
build-coord: add initial config
2024-08-13 22:36:30 +02:00
Pierre Bourdon
90325344a3
Reserve builder-11 for build coordination, rename to build-coord
2024-08-13 19:12:36 +02:00
Pierre Bourdon
8b1ade5580
Revert "update hydra"
...
This reverts commit f7907a2915
.
We develop straight on lix-project/hydra, as discussed a few times on
the Lix development channel.
2024-08-13 01:11:31 +02:00
Pierre Bourdon
42b3977e8f
flake: remove an extra nixpkgs lying around
2024-08-13 00:38:51 +02:00
Pierre Bourdon
17c342b33e
Partial revert "Add Grapevine Matrix server and matrix-hookshot"
...
This partially reverts commit d2f3ca5624
.
Said commit requires IFD to eval, which is generally unwanted, and is
currently forbidden on Hydra (imo: rightfully so, we should try to
properly separate evals from builds).
The services/ file for grapevine is kept but will not work without the
flake.nix change reapplied.
2024-08-13 00:35:10 +02:00
Ilya K
d2f3ca5624
Add Grapevine Matrix server and matrix-hookshot
...
It doesn't want to work.
2024-08-09 14:03:56 +00:00
Yureka
f7907a2915
update hydra
2024-08-03 18:40:25 +02:00
Yureka
1cbf286f18
build netboot files from hydra
2024-08-01 22:47:25 +02:00
Yureka
6dc424dd43
wob01: serve an ipxe over iusb-spoof
2024-08-01 22:16:48 +02:00
raito
22a10e158f
hosts/public01: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-25 20:46:20 +02:00
Luke Granger-Brown
7f29885597
flake: support aarch64-linux
...
...I don't know how to remove the mention of x86_64-linux for colmena,
or if it actually matters, so I'm just leaving that there for now.
2024-07-24 09:37:15 +02:00
hexchen
3ff9d00f7f
Add a wrapper to colmena that stops unintended toe-stepping
...
Taken from lix/web-services, commit hash 6d29ce968e64225faf03450c063d11a0a5c89cac
Co-authored-by: Jade Lovelace <lix@jade.fyi>
2024-07-24 07:25:25 +00:00
raito
e5a3ce2283
buildbot fixes ( #76 )
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Signed-off-by: Yureka <yureka@forkos.org>
Co-authored-by: raito <raito@noreply.git.lix.systems>
Co-committed-by: raito <raito@noreply.git.lix.systems>
2024-07-24 06:44:25 +00:00
raito
cd846260e4
flake: add buildbot jobs entrypoints
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-18 12:18:12 +02:00
raito
c3394264ba
hosts/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
68d956f1ba
flake: add buildbot-nix on the refactor branch
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:57:17 +02:00
Pierre Bourdon
234522cc3b
flake.lock: Update
...
Flake lock file updates:
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=fb9e29d4d0f2f591cd1d706fd3b7334af7d34b84 ' (2024-07-13)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=b0e9b4b2f99f9d8f5c4e780e89f955c394b5ced4 ' (2024-07-17)
• Added input 'hydra/lix':
'git+https://git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=6b4d46e9e0e1dd80e0977684ab20d14bcd1a6bc3 ' (2024-07-16)
• Added input 'hydra/lix/flake-compat':
'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Added input 'hydra/lix/nix2container':
'github:nlewo/nix2container/20aad300c925639d5d6cbe30013c8357ce9f2a2e' (2024-04-13)
• Added input 'hydra/lix/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/lix/nixpkgs-regression':
'github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2' (2022-01-24)
• Added input 'hydra/lix/pre-commit-hooks':
'github:cachix/git-hooks.nix/e35aed5fda3cc79f88ed7f1795021e559582093a' (2024-04-02)
• Removed input 'hydra/nix'
• Removed input 'hydra/nix/flake-compat'
• Removed input 'hydra/nix/nix2container'
• Removed input 'hydra/nix/nixpkgs'
• Removed input 'hydra/nix/nixpkgs-regression'
• Removed input 'hydra/nix/pre-commit-hooks'
• Added input 'hydra/nix-eval-jobs':
'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=c057494450f2d1420726ddb0bab145a5ff4ddfdd ' (2024-07-17)
• Added input 'hydra/nix-eval-jobs/flake-parts':
'github:hercules-ci/flake-parts/9227223f6d922fee3c7b190b2cc238a99527bbb7' (2024-07-03)
• Added input 'hydra/nix-eval-jobs/flake-parts/nixpkgs-lib':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/lix':
follows 'hydra/lix'
• Added input 'hydra/nix-eval-jobs/nix-github-actions':
'github:nix-community/nix-github-actions/622f829f5fe69310a866c8a6cd07e747c44ef820' (2024-07-04)
• Added input 'hydra/nix-eval-jobs/nix-github-actions/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/nix-eval-jobs/treefmt-nix':
'github:numtide/treefmt-nix/0fb28f237f83295b4dd05e342f333b447c097398' (2024-07-15)
• Added input 'hydra/nix-eval-jobs/treefmt-nix/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Updated input 'lix':
follows 'hydra/nix'
→ follows 'hydra/lix'
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/6794d064edc69918bb0fc0e0eda33ece324be17a' (2024-07-12)
→ 'github:NixOS/nixpkgs/9355fa86e6f27422963132c2c9aeedb0fb963d93' (2024-07-16)
2024-07-17 13:11:07 +02:00
emily
ab9caaf520
systems: add git.forkos.org
2024-07-16 15:44:08 +02:00
Janik Haag
9189b73a5f
devShell: change colmena to the nixpkgs version
...
this is done to avoid unnecessarily recompiling colmena
2024-07-13 01:10:59 +00:00
Pierre Bourdon
c8208f42ef
flake: attempt to fix the hydraJobs definition
2024-07-10 19:03:18 +02:00
Pierre Bourdon
f35cfbd567
flake: configure some hydra jobs (all machine configurations)
2024-07-10 18:43:54 +02:00
Ilya K
a9f45daac8
Rename machine folders, clean up flake
2024-07-10 15:24:47 +03:00
Yureka
eb21cb6916
add baremetal builders
2024-07-10 00:35:01 +02:00
Yureka
62af42fc97
init wob-vpn-gw host
2024-07-09 23:42:20 +02:00
Yureka
7396107bf4
add a shim to provide nixosConfigurations from colmena hive
2024-07-09 10:49:29 +02:00
Luke Granger-Brown
8a9ff8c40d
services/gerrit: migrate to Gerrit from the-distro/nix-gerrit flake
2024-07-08 23:30:59 +01:00
Pierre Bourdon
4b0a2cd7e5
tf: add DNS management via Gandi
2024-07-07 20:43:05 +02:00
Pierre Bourdon
dd72904bf1
flake: replace tf wrappers with a single '.#tf' command
2024-07-07 19:18:30 +02:00
Pierre Bourdon
0c68a23275
flake: fix 'nix flake check'
2024-07-07 18:02:55 +02:00
raito
8dc7ee9864
hydra: add declarative controls via terranix
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 17:59:56 +02:00
raito
578e24e634
systems: add fodwatch.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
Ilya K
99f715caca
Add devShell with agenix and colmena
2024-07-05 16:10:31 +00:00
raito
6b7ddbcd29
bagel-box: reuse common/ module
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:29:56 +02:00
raito
0a747f2f3a
Merge pull request 'terranix: init' ( #14 ) from terranix-init into main
...
Reviewed-on: delroth/bagel-infra#14
2024-07-04 11:42:17 +00:00
raito
e422da8f83
terranix: init
...
Adds simple `nix run .#apply` & `nix run .#destroy` which renders the
configuration file and let Terraform drive it.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-04 13:41:52 +02:00
raito
182e55c35f
gerrit01: rename to cl.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-03 10:58:49 +02:00
raito
98a33e4300
gerrit01: init
...
With:
- A package hierarchy
- A source-based Gerrit deployment
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 21:22:36 +02:00
raito
e3f3c87c0d
meta01: init
...
Includes:
- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 19:40:37 +02:00