raito
6d3e14ec27
feat: finer-grained ACLs for server accesses
...
In the process of adding multi-tenant infrastructure, it seems relevant
to add finer-grained ACLs.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-10-05 16:20:19 +02:00
Kiara Grouwstra
b291caac46
feat(monitoring): add uptime-kuma for status page, fixes #97
...
Adds a service for a status page using
[`uptime-kuma`](https://uptime.kuma.pet/ ).
2024-10-01 16:13:23 +00:00
Maxine Aubrey
e3b6cb72b4
feat(dns): add dnsimple to terraform configuration
2024-09-23 19:49:21 +02:00
raito
9a04ef909b
feat(nixpkgs): run oxidized channel scripts
...
We don't need weird Perl scripts where we are going. Here's a streaming
channel-scripts deployment with plenty of bells, including OTLP.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-31 19:32:23 +02:00
raito
d1ffce9336
feat(grafana): jsonnet-based dashboards
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-08-24 16:17:52 +02:00
Pierre Bourdon
29babfc5c4
Revert "Partial revert "Add Grapevine Matrix server and matrix-hookshot""
...
This reverts commit 17c342b33e
.
Grapevine's use of IFD was fixed upstream.
2024-08-15 16:22:22 +02:00
Pierre Bourdon
5dd9ad553c
build-coord: add initial config
2024-08-13 22:36:30 +02:00
Pierre Bourdon
90325344a3
Reserve builder-11 for build coordination, rename to build-coord
2024-08-13 19:12:36 +02:00
Pierre Bourdon
8b1ade5580
Revert "update hydra"
...
This reverts commit f7907a2915
.
We develop straight on lix-project/hydra, as discussed a few times on
the Lix development channel.
2024-08-13 01:11:31 +02:00
Pierre Bourdon
42b3977e8f
flake: remove an extra nixpkgs lying around
2024-08-13 00:38:51 +02:00
Pierre Bourdon
17c342b33e
Partial revert "Add Grapevine Matrix server and matrix-hookshot"
...
This partially reverts commit d2f3ca5624
.
Said commit requires IFD to eval, which is generally unwanted, and is
currently forbidden on Hydra (imo: rightfully so, we should try to
properly separate evals from builds).
The services/ file for grapevine is kept but will not work without the
flake.nix change reapplied.
2024-08-13 00:35:10 +02:00
Ilya K
d2f3ca5624
Add Grapevine Matrix server and matrix-hookshot
...
It doesn't want to work.
2024-08-09 14:03:56 +00:00
Yureka
f7907a2915
update hydra
2024-08-03 18:40:25 +02:00
Yureka
1cbf286f18
build netboot files from hydra
2024-08-01 22:47:25 +02:00
Yureka
6dc424dd43
wob01: serve an ipxe over iusb-spoof
2024-08-01 22:16:48 +02:00
raito
22a10e158f
hosts/public01: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-25 20:46:20 +02:00
Luke Granger-Brown
7f29885597
flake: support aarch64-linux
...
...I don't know how to remove the mention of x86_64-linux for colmena,
or if it actually matters, so I'm just leaving that there for now.
2024-07-24 09:37:15 +02:00
hexchen
3ff9d00f7f
Add a wrapper to colmena that stops unintended toe-stepping
...
Taken from lix/web-services, commit hash 6d29ce968e64225faf03450c063d11a0a5c89cac
Co-authored-by: Jade Lovelace <lix@jade.fyi>
2024-07-24 07:25:25 +00:00
raito
e5a3ce2283
buildbot fixes ( #76 )
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
Signed-off-by: Yureka <yureka@forkos.org>
Co-authored-by: raito <raito@noreply.git.lix.systems>
Co-committed-by: raito <raito@noreply.git.lix.systems>
2024-07-24 06:44:25 +00:00
raito
cd846260e4
flake: add buildbot jobs entrypoints
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-18 12:18:12 +02:00
raito
c3394264ba
hosts/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
raito
68d956f1ba
flake: add buildbot-nix on the refactor branch
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 14:57:17 +02:00
Pierre Bourdon
234522cc3b
flake.lock: Update
...
Flake lock file updates:
• Updated input 'hydra':
'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=fb9e29d4d0f2f591cd1d706fd3b7334af7d34b84 ' (2024-07-13)
→ 'git+https://git.lix.systems/lix-project/hydra.git?ref=refs/heads/main&rev=b0e9b4b2f99f9d8f5c4e780e89f955c394b5ced4 ' (2024-07-17)
• Added input 'hydra/lix':
'git+https://git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=6b4d46e9e0e1dd80e0977684ab20d14bcd1a6bc3 ' (2024-07-16)
• Added input 'hydra/lix/flake-compat':
'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
• Added input 'hydra/lix/nix2container':
'github:nlewo/nix2container/20aad300c925639d5d6cbe30013c8357ce9f2a2e' (2024-04-13)
• Added input 'hydra/lix/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/lix/nixpkgs-regression':
'github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2' (2022-01-24)
• Added input 'hydra/lix/pre-commit-hooks':
'github:cachix/git-hooks.nix/e35aed5fda3cc79f88ed7f1795021e559582093a' (2024-04-02)
• Removed input 'hydra/nix'
• Removed input 'hydra/nix/flake-compat'
• Removed input 'hydra/nix/nix2container'
• Removed input 'hydra/nix/nixpkgs'
• Removed input 'hydra/nix/nixpkgs-regression'
• Removed input 'hydra/nix/pre-commit-hooks'
• Added input 'hydra/nix-eval-jobs':
'git+https://git.lix.systems/lix-project/nix-eval-jobs?ref=refs/heads/main&rev=c057494450f2d1420726ddb0bab145a5ff4ddfdd ' (2024-07-17)
• Added input 'hydra/nix-eval-jobs/flake-parts':
'github:hercules-ci/flake-parts/9227223f6d922fee3c7b190b2cc238a99527bbb7' (2024-07-03)
• Added input 'hydra/nix-eval-jobs/flake-parts/nixpkgs-lib':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/lix':
follows 'hydra/lix'
• Added input 'hydra/nix-eval-jobs/nix-github-actions':
'github:nix-community/nix-github-actions/622f829f5fe69310a866c8a6cd07e747c44ef820' (2024-07-04)
• Added input 'hydra/nix-eval-jobs/nix-github-actions/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Added input 'hydra/nix-eval-jobs/nixpkgs':
follows 'hydra/nixpkgs'
• Added input 'hydra/nix-eval-jobs/treefmt-nix':
'github:numtide/treefmt-nix/0fb28f237f83295b4dd05e342f333b447c097398' (2024-07-15)
• Added input 'hydra/nix-eval-jobs/treefmt-nix/nixpkgs':
follows 'hydra/nix-eval-jobs/nixpkgs'
• Updated input 'lix':
follows 'hydra/nix'
→ follows 'hydra/lix'
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/6794d064edc69918bb0fc0e0eda33ece324be17a' (2024-07-12)
→ 'github:NixOS/nixpkgs/9355fa86e6f27422963132c2c9aeedb0fb963d93' (2024-07-16)
2024-07-17 13:11:07 +02:00
emily
ab9caaf520
systems: add git.forkos.org
2024-07-16 15:44:08 +02:00
Janik Haag
9189b73a5f
devShell: change colmena to the nixpkgs version
...
this is done to avoid unnecessarily recompiling colmena
2024-07-13 01:10:59 +00:00
Pierre Bourdon
c8208f42ef
flake: attempt to fix the hydraJobs definition
2024-07-10 19:03:18 +02:00
Pierre Bourdon
f35cfbd567
flake: configure some hydra jobs (all machine configurations)
2024-07-10 18:43:54 +02:00
Ilya K
a9f45daac8
Rename machine folders, clean up flake
2024-07-10 15:24:47 +03:00
Yureka
eb21cb6916
add baremetal builders
2024-07-10 00:35:01 +02:00
Yureka
62af42fc97
init wob-vpn-gw host
2024-07-09 23:42:20 +02:00
Yureka
7396107bf4
add a shim to provide nixosConfigurations from colmena hive
2024-07-09 10:49:29 +02:00
Luke Granger-Brown
8a9ff8c40d
services/gerrit: migrate to Gerrit from the-distro/nix-gerrit flake
2024-07-08 23:30:59 +01:00
Pierre Bourdon
4b0a2cd7e5
tf: add DNS management via Gandi
2024-07-07 20:43:05 +02:00
Pierre Bourdon
dd72904bf1
flake: replace tf wrappers with a single '.#tf' command
2024-07-07 19:18:30 +02:00
Pierre Bourdon
0c68a23275
flake: fix 'nix flake check'
2024-07-07 18:02:55 +02:00
raito
8dc7ee9864
hydra: add declarative controls via terranix
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 17:59:56 +02:00
raito
578e24e634
systems: add fodwatch.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
Ilya K
99f715caca
Add devShell with agenix and colmena
2024-07-05 16:10:31 +00:00
raito
6b7ddbcd29
bagel-box: reuse common/ module
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:29:56 +02:00
raito
0a747f2f3a
Merge pull request 'terranix: init' ( #14 ) from terranix-init into main
...
Reviewed-on: delroth/bagel-infra#14
2024-07-04 11:42:17 +00:00
raito
e422da8f83
terranix: init
...
Adds simple `nix run .#apply` & `nix run .#destroy` which renders the
configuration file and let Terraform drive it.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-04 13:41:52 +02:00
raito
182e55c35f
gerrit01: rename to cl.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-03 10:58:49 +02:00
raito
98a33e4300
gerrit01: init
...
With:
- A package hierarchy
- A source-based Gerrit deployment
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 21:22:36 +02:00
raito
e3f3c87c0d
meta01: init
...
Includes:
- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 19:40:37 +02:00
Pierre Bourdon
cb6e5b1652
hydra: actually use version from flake
2024-06-24 21:45:17 +02:00
Pierre Bourdon
04bd33e32c
infra: add agenix, add s3 credentials
2024-06-24 18:03:20 +02:00
Pierre Bourdon
91beb0eddc
bagel-box: add postgres+hydra
2024-06-24 18:03:20 +02:00
Pierre Bourdon
5ed984e7b3
Initial commit
2024-06-23 06:41:53 +02:00