Commit graph

34 commits

Author SHA1 Message Date
e00d0331ec common/known-ssh-keys: init
Let's ensure that all our servers are aware of all host keys to avoid
host key verification issues when needed.

(example: buildbot → gerrit)

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
c3394264ba hosts/buildbot: init
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
7789e9ce75 services/buildbot: init
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
ab9caaf520
systems: add git.forkos.org 2024-07-16 15:44:08 +02:00
d4caf7b71a
admins: add emilylange 2024-07-16 15:43:58 +02:00
af515792cc admins: add janik 2024-07-13 01:10:39 +00:00
329f267b02 enable nftables on all hosts 2024-07-11 02:05:35 +02:00
58325e30dd
common/nix: use bagel-cache by default 2024-07-10 18:17:30 +02:00
70e608a8f7
common: provide a pinned nixpkgs on all infra machines 2024-07-10 17:17:18 +02:00
3cbdbc45f7 more quality of life improvements... 2024-07-10 15:54:30 +02:00
787b3af638 Add wob-vpn-gw key, rekey metrics push password for it 2024-07-10 15:13:05 +03:00
e608b92e4f Add htop and btop to default machine config 2024-07-10 15:01:09 +03:00
9e7e6d42ab Make nginx/loki/mimir go fast 2024-07-10 14:55:28 +03:00
39d2352bbc general quality of life improvements 2024-07-09 23:26:12 +00:00
a7d21e96a0 add global hardening options 2024-07-09 23:26:12 +00:00
bc8ef7b5fc
ssh-keys: remove raito's key which is too NSA'd for agenix 2024-07-10 01:04:48 +02:00
61e8048445
sysadmin: remove pwru, does not build on latest nixpkgs 2024-07-10 01:01:27 +02:00
f9f955214f ssh-keys: add raito to secrets set
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-10 00:59:22 +02:00
eb21cb6916 add baremetal builders 2024-07-10 00:35:01 +02:00
c0e1d05b3c admins: add yuka 2024-07-09 10:34:30 +02:00
48579e8818 feat: add gdb to sysadmin tooling
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-08 22:10:06 +00:00
d4e9dcc2a6 admins: provision lukegb
hello I can be trusted with your infrastructure
2024-07-08 21:55:41 +00:00
e803c198c1 admins: provision jade
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
578e24e634 systems: add fodwatch.forkos.org
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
3ad481c125 Clean up SSH key dupes, add Maxine 2024-07-05 16:10:31 +00:00
fa1bc1ced9 Merge pull request 'gerrit01: those who finetune even further' (#20) from gerrit-finetuning into main
Reviewed-on: delroth/bagel-infra#20
2024-07-05 12:37:43 +00:00
e27f152f00 common/base-server: use ambiant stable lix by default
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:29:47 +02:00
6fb584109a common/raito-vm: disable useDHCP
We are using networkd by default…

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:12:35 +02:00
0b01e9a99f gerrit01: those who finetune even further
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 12:23:44 +02:00
832b0784d8 common/admins: add K900
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-04 23:57:05 +02:00
bf8fe65f9f
bagel-box: update ssh host key & rekey 2024-07-04 13:59:18 +02:00
98a33e4300 gerrit01: init
With:

- A package hierarchy
- A source-based Gerrit deployment

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 21:22:36 +02:00
e3f3c87c0d meta01: init
Includes:

- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 19:40:37 +02:00
04bd33e32c
infra: add agenix, add s3 credentials 2024-06-24 18:03:20 +02:00