feat(build-coord): enable first Vault instance on it
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
parent
2c4e60760f
commit
a4d4ff8041
|
@ -10,6 +10,13 @@
|
||||||
bagel.services = {
|
bagel.services = {
|
||||||
hydra.enable = true;
|
hydra.enable = true;
|
||||||
hydra.builders = map (i: "builder-${builtins.toString i}") [4 5 10];
|
hydra.builders = map (i: "builder-${builtins.toString i}") [4 5 10];
|
||||||
|
|
||||||
|
# Arguably, the build-coordinator is the most sensitive piece of our own infrastructure.
|
||||||
|
# Henceforth, it can run as well another sensitive piece of the system: the Vault.
|
||||||
|
vault = {
|
||||||
|
enable = true;
|
||||||
|
domain = "vault.forkos.org";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
bagel.monitoring.exporters.hydra.enable = true;
|
bagel.monitoring.exporters.hydra.enable = true;
|
||||||
|
|
|
@ -104,6 +104,7 @@ in
|
||||||
(record "amqp" 300 "CNAME" "bagel-box.infra.p.forkos.org")
|
(record "amqp" 300 "CNAME" "bagel-box.infra.p.forkos.org")
|
||||||
(record "grafana" 300 "CNAME" "meta01.infra.p.forkos.org")
|
(record "grafana" 300 "CNAME" "meta01.infra.p.forkos.org")
|
||||||
(record "hydra" 300 "CNAME" "build-coord.wob01.infra.p.forkos.org")
|
(record "hydra" 300 "CNAME" "build-coord.wob01.infra.p.forkos.org")
|
||||||
|
(record "vault" 300 "CNAME" "build-coord.wob01.infra.p.forkos.org")
|
||||||
(record "loki" 300 "CNAME" "meta01.infra.p.forkos.org")
|
(record "loki" 300 "CNAME" "meta01.infra.p.forkos.org")
|
||||||
(record "mimir" 300 "CNAME" "meta01.infra.p.forkos.org")
|
(record "mimir" 300 "CNAME" "meta01.infra.p.forkos.org")
|
||||||
(record "pyroscope" 300 "CNAME" "meta01.infra.p.forkos.org")
|
(record "pyroscope" 300 "CNAME" "meta01.infra.p.forkos.org")
|
||||||
|
|
Loading…
Reference in a new issue