e00d0331ec
common/known-ssh-keys: init
...
Let's ensure that all our servers are aware of all host keys to avoid
host key verification issues when needed.
(example: buildbot → gerrit)
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
c3394264ba
hosts/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
7789e9ce75
services/buildbot: init
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-17 18:00:51 +02:00
ab9caaf520
systems: add git.forkos.org
2024-07-16 15:44:08 +02:00
d4caf7b71a
admins: add emilylange
2024-07-16 15:43:58 +02:00
af515792cc
admins: add janik
2024-07-13 01:10:39 +00:00
329f267b02
enable nftables on all hosts
2024-07-11 02:05:35 +02:00
58325e30dd
common/nix: use bagel-cache by default
2024-07-10 18:17:30 +02:00
70e608a8f7
common: provide a pinned nixpkgs on all infra machines
2024-07-10 17:17:18 +02:00
3cbdbc45f7
more quality of life improvements...
2024-07-10 15:54:30 +02:00
787b3af638
Add wob-vpn-gw key, rekey metrics push password for it
2024-07-10 15:13:05 +03:00
e608b92e4f
Add htop and btop to default machine config
2024-07-10 15:01:09 +03:00
9e7e6d42ab
Make nginx/loki/mimir go fast
2024-07-10 14:55:28 +03:00
39d2352bbc
general quality of life improvements
2024-07-09 23:26:12 +00:00
a7d21e96a0
add global hardening options
2024-07-09 23:26:12 +00:00
bc8ef7b5fc
ssh-keys: remove raito's key which is too NSA'd for agenix
2024-07-10 01:04:48 +02:00
61e8048445
sysadmin: remove pwru, does not build on latest nixpkgs
2024-07-10 01:01:27 +02:00
f9f955214f
ssh-keys: add raito to secrets set
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-10 00:59:22 +02:00
eb21cb6916
add baremetal builders
2024-07-10 00:35:01 +02:00
c0e1d05b3c
admins: add yuka
2024-07-09 10:34:30 +02:00
48579e8818
feat: add gdb
to sysadmin tooling
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-08 22:10:06 +00:00
d4e9dcc2a6
admins: provision lukegb
...
hello I can be trusted with your infrastructure
2024-07-08 21:55:41 +00:00
e803c198c1
admins: provision jade
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
578e24e634
systems: add fodwatch.forkos.org
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-07 13:15:27 +00:00
3ad481c125
Clean up SSH key dupes, add Maxine
2024-07-05 16:10:31 +00:00
fa1bc1ced9
Merge pull request 'gerrit01: those who finetune even further' ( #20 ) from gerrit-finetuning into main
...
Reviewed-on: delroth/bagel-infra#20
2024-07-05 12:37:43 +00:00
e27f152f00
common/base-server: use ambiant stable lix by default
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:29:47 +02:00
6fb584109a
common/raito-vm: disable useDHCP
...
We are using networkd by default…
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 13:12:35 +02:00
0b01e9a99f
gerrit01: those who finetune even further
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-05 12:23:44 +02:00
832b0784d8
common/admins: add K900
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-04 23:57:05 +02:00
bf8fe65f9f
bagel-box: update ssh host key & rekey
2024-07-04 13:59:18 +02:00
98a33e4300
gerrit01: init
...
With:
- A package hierarchy
- A source-based Gerrit deployment
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 21:22:36 +02:00
e3f3c87c0d
meta01: init
...
Includes:
- Raito VM module
- Raito proxy aware NGINX module
- Base server module
- Sysadmin module
- New SSH keys
- Netbox module
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-07-01 19:40:37 +02:00
04bd33e32c
infra: add agenix, add s3 credentials
2024-06-24 18:03:20 +02:00